Calendar reminder

PassAudited by ClawScan on May 10, 2026.

Overview

The skill appears to do what it says: manage calendar reminders through a configured API, but it needs an API token and can create, delete, and rotate reminder feed data.

This skill looks coherent and purpose-aligned. Before installing, make sure REMINDER_API_BASE_URL points to a reminder service you trust, keep REMINDER_API_TOKEN private, and review delete or feed-token rotation requests carefully because they change existing reminder/calendar behavior.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI02: Tool Misuse and Exploitation

What this means

If invoked on the wrong reminder or feed, the user could cancel a reminder or invalidate an existing subscribed calendar feed token.

Why it was flagged

The helper can perform mutating API actions: deleting/canceling reminders and rotating the ICS feed token. This matches the stated reminder-management purpose, but these actions should be user-directed.

Skill content

case "delete":
      await handleDelete(args);
      break;
    case "rotate":
      await requestJson("/v1/feeds/rotate", { method: "POST" });

Recommendation

Confirm the target reminder ID and get clear user intent before delete or rotate operations.

Low

#ASI03: Identity and Privilege Abuse

What this means

Anyone with access to the token may be able to manage the user’s reminders through the configured reminder service.

Why it was flagged

The skill uses a bearer token from the environment to authenticate to the reminder API. This is expected for the service integration and the code does not show hardcoded tokens or unrelated credential use.

Skill content

const token = process.env.REMINDER_API_TOKEN?.trim();
...
authorization: `Bearer ${token}`

Recommendation

Store the token securely, scope it to this reminder service if possible, and rotate it if it is exposed.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Reminder details will be shared with the configured reminder worker/API endpoint.

Why it was flagged

Reminder creation sends the provided reminder body to the configured REMINDER_API_BASE_URL. This is the core function of the skill, but reminder text, notes, URLs, or locations may contain private information.

Skill content

await requestJson("/v1/reminders", {
    method: "POST",
    headers: {
      "content-type": "application/json; charset=utf-8"
    },
    body: JSON.stringify(body)

Recommendation

Use a trusted HTTPS REMINDER_API_BASE_URL and avoid placing unrelated secrets or highly sensitive information in reminder fields.