ClawHub

ical

Security checks across malware telemetry and agentic risk

Overview

This is a documented macOS Calendar CLI helper with powerful but disclosed calendar and agent-skill management commands that should be used deliberately.

Install only if you trust the upstream ical CLI and are comfortable granting it Calendar access. Keep agent actions scoped to specific calendars and date ranges, use exact event IDs where possible, review exported files as sensitive data, and require explicit user approval before deletes, imports, calendar deletion, --force, or any ical skills install/uninstall command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The command reference includes `ical skills install/uninstall/status`, which expands the skill from calendar management into modifying agent skill directories under the user's home directory. That creates an additional file-system modification capability not reflected in the stated calendar-focused scope, increasing the chance an agent or user invokes it without understanding it can write or remove files outside Calendar data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documents `ical calendars delete` as deleting a calendar and all its events, but does not prominently warn users or agents about the irreversible destructive scope. In an agent context, this increases the chance of accidental mass deletion if a model maps a vague cleanup request to this command without explicit confirmation safeguards.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill describes importing and exporting calendar data in JSON/CSV/ICS formats without warning that calendar contents may contain sensitive personal, workplace, location, and schedule information. In agent-driven workflows, this can lead to inadvertent exfiltration to local files, repos, shared directories, or downstream tools.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The uninstall documentation says the skill can be removed from agent directories but does not warn that it deletes files from `~/.claude/skills/ical-cli/` or `~/.agents/skills/ical-cli/`. In an agent context, omission of a filesystem-deletion warning can lead to unintended removal of installed tooling or user customizations under those paths.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal