Skillv1.0.3

ClawScan security

gcal-oauth-bridge · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 18, 2026, 5:35 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and instructions are coherent with its stated purpose: it needs Google OAuth client credentials to perform an initial OAuth setup for a locally hosted Calendar Bridge service and otherwise operates via localhost API calls.
Guidance: This skill appears to do what it says, but take these precautions before installing: 1) Verify the GitHub repository and author (https://github.com/DanielKillenberger/gcal-oauth-bridge) and review app.js yourself before running npm install/node. 2) Treat GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET as sensitive: do not paste them into chat; store them on the host where the bridge runs. 3) Protect tokens.json and, if used, set a strong CALENDAR_BRIDGE_API_KEY to avoid unauthenticated local access. 4) If deploying on a remote VPS, use SSH tunnel as instructed (or secure the service behind a firewall) so the OAuth redirect is safe. 5) Understand that following the SKILL.md will create a persistent service (systemd user unit) on your machine — only proceed on a host you control. 6) If you want to avoid running third-party code, consider using an officially supported Google Calendar integration instead.

Review Dimensions

Purpose & Capability: okThe skill is a bridge for Google Calendar and legitimately requires GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET for the OAuth setup; CALENDAR_BRIDGE_API_KEY as an optional API protection header is also appropriate.
Instruction Scope: okSKILL.md stays on-topic: it instructs cloning the GitHub repo, running the Node service, performing the OAuth browser flow, and calling local endpoints. It does not ask the agent to read unrelated system files or to exfiltrate data to external endpoints. It does recommend SSH port forwarding for remote servers and using systemd to keep the service running (both reasonable for this purpose).
Install Mechanism: noteThis is an instruction-only skill (no install spec), so nothing is automatically downloaded/installed by the platform. The instructions ask the user to git clone and run npm install on the upstream GitHub repo — a normal but potentially risky manual action (running third-party Node code).
Credentials: okRequested env vars (GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET) are directly required for OAuth setup; the optional CALENDAR_BRIDGE_API_KEY is sensible for protecting the local API. There are no unrelated or excessive secret requests.
Persistence & Privilege: noteThe skill does not request special platform privileges (always is false). It recommends running the service as a user systemd unit to keep it persistent, which is reasonable for a local service but does create persistent presence on the host if you follow the instructions.