Meeting Assistant

What to consider before installing: - Storage path mismatch: SKILL.md says data will be stored under ~/.openclaw/workspace/meeting-assistant/meetings.json, but the code writes to the skill's directory (Path(__file__).parent). Ask the author to confirm the intended storage location and prefer a user-controlled workspace path (or an explicit prompt) so personal data isn't kept in an unexpected place. - Reminders / calendar integration: SKILL.md mentions reminders/timed tasks and calendar integration, but the visible code doesn't implement external calendar APIs or notification delivery. If you need calendar sync or notifications, request details about which APIs/endpoints will be used and what credentials (if any) are required. - Data persistence: The code will create or update local JSON files (meetings.json and tasks.json) in the package directory. If you install in a shared or system-controlled location, data may be stored there. Consider running the skill in a sandbox or checking file writes first. - Verify full source: The repository file was truncated in the provided bundle; review the remaining code to ensure there are no network calls, hidden endpoints, or subprocess calls. Ask for a complete listing or run a static check locally. - Author and provenance: The skill has no homepage and the source is unknown. That reduces trust; prefer skills with identifiable authors or official repos. If you proceed, test with non-sensitive dummy data first. - Security posture: Because no external credentials or network access are declared, immediate exfiltration risk appears low from the visible code, but the storage-path inconsistency and incomplete feature implementation are red flags for sloppy or unfinished code. If you need calendar/notification features, require explicit permission prompts and clear documentation of endpoints before granting credentials.