Skillv1.0.5

ClawScan security

Tripit Calendar · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 16, 2026, 12:53 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with its stated purpose (reading a TripIt iCal feed); it only needs the TRIPIT_ICAL_URL and Python packages to function.
Guidance: This skill appears to do exactly what it says: fetch and parse a TripIt iCal feed. Before installing, consider: 1) TRIPIT_ICAL_URL is a sensitive, private feed URL — only provide it if you trust the skill and do not expose it to untrusted environments. 2) The script will read .env in the current working directory and ~/.openclaw/.env when looking for TRIPIT_ICAL_URL — ensure those files do not contain other secrets you don't want read by the skill's process. 3) The skill requires the Python packages requests and icalendar (from PyPI) — install them in a controlled environment. 4) If you are concerned about network access, run the skill in a sandbox so it can only reach the intended TripIt feed. Otherwise this skill is internally consistent and proportionate to its described purpose.

Review Dimensions

Purpose & Capability: okName and description match the actual behavior: the script fetches a TripIt iCal URL, parses events, groups trips, and emits JSON. The declared requirement (TRIPIT_ICAL_URL) and python tools (requests, icalendar) are appropriate. Minor note: SKILL.md mentions ~/.openclaw/.env as a fallback, but the script also checks a .env file in the current working directory; this is a small discrepancy but not a functional mismatch.
Instruction Scope: okSKILL.md instructs running the included Python script and to avoid inventing itinerary data. The runtime instructions and code remain scoped to reading the iCal URL and local .env files for the TRIPIT_ICAL_URL; they do not instruct reading unrelated system files or contacting external endpoints other than the provided feed URL.
Install Mechanism: okThere is no automated install spec (instruction-only plus included script and requirements.txt). Requiring requests and icalendar is proportional and expected. Because there is no download-from-URL installer, there is no high-risk arbitrary code fetch during install.
Credentials: okOnly TRIPIT_ICAL_URL is required. The script will look at process env and two .env candidate files (cwd/.env and ~/.openclaw/.env) to find that variable. This is reasonable for a feed-based calendar skill, but the TRIPIT_ICAL_URL is a sensitive private feed token and should be treated as a secret.
Persistence & Privilege: okThe skill is not always-on and does not request elevated platform privileges or modify other skills. It only reads local .env files for configuration and performs a single HTTP GET to the user-provided feed URL.