Back to skill
Skillv0.6.0
ClawScan security
ical · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewFeb 28, 2026, 12:58 PM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions broadly match a macOS Calendar CLI, but several metadata/instruction inconsistencies and the expectation that you build/run code from a remote repo mean you should verify the upstream source and contents before installing.
- Guidance
- This appears to be a legitimate macOS Calendar CLI, but there are red flags you should check before installing: 1) Verify the upstream repository and author — SKILL.md, registry metadata, and the example repo disagree. 2) Inspect the source code (or GitHub releases) before running 'go install' or 'make' because those commands fetch and compile remote code. 3) Review what 'ical skills install' actually does (it may modify agent/skill configuration). 4) Expect macOS Calendar privacy prompts; confirm the binary only requests Calendar access. If you don't trust the upstream repo or cannot inspect the source, avoid running the install commands and prefer a vetted release or an alternative tool.
Review Dimensions
- Purpose & Capability
- noteThe described functionality (manage macOS Calendar via EventKit/cgo) matches the instructions (build a Go binary that uses EventKit). However there are inconsistencies in metadata: SKILL.md lists name 'cal-cli' and author 'sidv' while registry metadata is 'ical' v0.6.0 with a different owner id; the install example points to github.com/BRO3886/ical but the git clone uses a placeholder <repo-url>. These mismatches are not definitive proof of harm but are surprising and worth verifying.
- Instruction Scope
- okSKILL.md stays within the calendar-management domain: commands reference only Calendar operations, caching to ~/.ical-last-list, and building/using a single binary. It does not ask the agent to read unrelated system files or exfiltrate data. One note: the CLI exposes an 'ical skills install' command to 'install ical agent skill for Claude Code / Codex' — that could modify agent/skill config when actually executed, so inspect what that command does before running.
- Install Mechanism
- noteThere is no built-in install spec in the registry (instruction-only). The README recommends 'go install github.com/BRO3886/ical/cmd/ical@latest' or git-clone+make. Fetching and building remote Go code is normal for this type of tool but inherently risky: it downloads and compiles code from the network. Because the SKILL.md contains a placeholder <repo-url> and the registry provides no verified homepage/release, you should confirm the correct upstream repository and inspect the source before running 'go install' or 'make'.
- Credentials
- okThe skill requests no environment variables, no credentials, and no config paths beyond caching row numbers to ~/.ical-last-list. That is proportionate to a local calendar CLI. It will likely require macOS Calendar privacy permissions at runtime (normal) — expect macOS permission prompts for Calendar access.
- Persistence & Privilege
- noteThe skill is not marked always:true and does not request persistent elevated privileges. The only persistence behavior documented is caching row numbers to ~/.ical-last-list (reasonable). However, the presence of an 'ical skills install' subcommand that claims to install an 'agent skill' could alter agent configurations; inspect that command's implementation before running it. Autonomous invocation by the agent is allowed by platform defaults (not a specific red flag here).