Feishu calendar sync, local ics to json data for AI agent
Security checks across malware telemetry and agentic risk
Overview
This skill appears to be a straightforward local calendar-file converter, but users should be aware it reads calendar contents and writes JSON files locally.
This skill looks safe for its stated local ICS-to-JSON conversion purpose. Before installing or using it, install dependencies only from trusted sources, use a narrow calendar input folder, and review the generated JSON because it may contain private meeting details.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may need to install and configure external calendar tooling themselves, which could involve account setup or sync behavior not reviewed here.
The skill asks the user to install and configure an external calendar-sync tool, but no install specification, version pinning, or configuration guidance is provided in the artifacts.
install vdirsyncer and setup calendar sync
Install dependencies from trusted sources, review vdirsyncer configuration carefully, and limit any calendar sync to the calendars and accounts you intend to use.
Users may install an unpinned package version, which can create reproducibility or supply-chain uncertainty.
The script depends on the third-party Python icalendar package, but the provided artifacts do not include an install spec, requirements file, or pinned dependency version.
from icalendar import Calendar
Use a trusted Python environment and pin the icalendar package version before running the script.
Calendar files can contain private meeting titles, attendees, organizers, and schedules; the generated JSON may make that information easier to reuse or share.
The converter extracts calendar event details such as titles, organizers, times, and alarms into JSON, which may later be imported into or used by an AI agent.
"summary": str(component.get("SUMMARY")), "organizer": str(component.get("ORGANIZER")), "start": component.get("DTSTART").dt.isoformat()Run the converter only on intended calendar folders, review the JSON before importing it elsewhere, and avoid processing calendars with sensitive events unless needed.
If pointed at a broad directory, the tool may process more calendar files than the user intended.
The script recursively processes every .ics file under the user-provided input directory.
for root, _, files in os.walk(input_dir): ... if file.lower().endswith(".ics")Provide a narrow input directory containing only the ICS files you want converted.
Using split mode can create JSON files throughout the selected calendar directory tree.
When --split is used, the script writes JSON files next to each source ICS file rather than only to a single chosen output path.
out_path = os.path.splitext(path)[0] + ".json"
Use --split only in folders where adjacent JSON output is acceptable, or use the single-output mode with -o for more control.