Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ical
v0.6.0Manages macOS Calendar events and calendars from the terminal using the ical CLI. Full CRUD for both events and calendars. Supports natural language dates, r...
⭐ 0· 327·1 current·1 all-time
bySiddhartha Varma@bro3886
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The described functionality (manage macOS Calendar via EventKit/cgo) matches the instructions (build a Go binary that uses EventKit). However there are inconsistencies in metadata: SKILL.md lists name 'cal-cli' and author 'sidv' while registry metadata is 'ical' v0.6.0 with a different owner id; the install example points to github.com/BRO3886/ical but the git clone uses a placeholder <repo-url>. These mismatches are not definitive proof of harm but are surprising and worth verifying.
Instruction Scope
SKILL.md stays within the calendar-management domain: commands reference only Calendar operations, caching to ~/.ical-last-list, and building/using a single binary. It does not ask the agent to read unrelated system files or exfiltrate data. One note: the CLI exposes an 'ical skills install' command to 'install ical agent skill for Claude Code / Codex' — that could modify agent/skill config when actually executed, so inspect what that command does before running.
Install Mechanism
There is no built-in install spec in the registry (instruction-only). The README recommends 'go install github.com/BRO3886/ical/cmd/ical@latest' or git-clone+make. Fetching and building remote Go code is normal for this type of tool but inherently risky: it downloads and compiles code from the network. Because the SKILL.md contains a placeholder <repo-url> and the registry provides no verified homepage/release, you should confirm the correct upstream repository and inspect the source before running 'go install' or 'make'.
Credentials
The skill requests no environment variables, no credentials, and no config paths beyond caching row numbers to ~/.ical-last-list. That is proportionate to a local calendar CLI. It will likely require macOS Calendar privacy permissions at runtime (normal) — expect macOS permission prompts for Calendar access.
Persistence & Privilege
The skill is not marked always:true and does not request persistent elevated privileges. The only persistence behavior documented is caching row numbers to ~/.ical-last-list (reasonable). However, the presence of an 'ical skills install' subcommand that claims to install an 'agent skill' could alter agent configurations; inspect that command's implementation before running it. Autonomous invocation by the agent is allowed by platform defaults (not a specific red flag here).
What to consider before installing
This appears to be a legitimate macOS Calendar CLI, but there are red flags you should check before installing: 1) Verify the upstream repository and author — SKILL.md, registry metadata, and the example repo disagree. 2) Inspect the source code (or GitHub releases) before running 'go install' or 'make' because those commands fetch and compile remote code. 3) Review what 'ical skills install' actually does (it may modify agent/skill configuration). 4) Expect macOS Calendar privacy prompts; confirm the binary only requests Calendar access. If you don't trust the upstream repo or cannot inspect the source, avoid running the install commands and prefer a vetted release or an alternative tool.Like a lobster shell, security has layers — review code before you run it.
latestvk9713nc7qyjwdzb88ywaj5s221820hcb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.