iCalendar Sync
v2.4.1Secure iCloud Calendar operations for OpenClaw with CalDAV and macOS native bridge providers. Use when tasks require calendar listing, event retrieval, event...
⭐ 3· 2.3k·4 current·4 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description, CLI instructions, code, and dependencies align: the package implements CalDAV and a macOS native bridge and depends on caldav, icalendar, requests and keyring which are appropriate. Minor inconsistency: the top-level registry 'Requirements' block reported no required env vars, but the code, README, skill.yaml and SKILL.md clearly document ICLOUD_USERNAME/ICLOUD_APP_PASSWORD (or keyring/config alternatives) as the credential inputs needed for CalDAV mode. Also the registry metadata claimed 'instruction-only' yet multiple source files and an install.sh are present (no automated install spec, but substantive code exists).
Instruction Scope
SKILL.md instructs only calendar-related actions (list/get/create/update/delete) and credential setup via keyring/env/config file. It documents input validation, file size limits, and safety rules. It does permit reading JSON payload files and an explicit YAML credential file (both bounded by size checks). Nothing in SKILL.md instructs reading unrelated system secrets or contacting unknown external endpoints; debug options allow additional HTTP output but the docs say credentials will be redacted.
Install Mechanism
There is no platform install spec in the registry, but an included install.sh copies files to ~/.openclaw/skills and installs Python dependencies from PyPI (requirements.txt). Installing via the provided script will run pip to fetch public packages (caldav, requests, keyring, etc.) — a normal approach but it executes network installs and writes to the user's home directory. The install source URLs are standard (PyPI) and not remote arbitrary binaries; no suspicious download URLs were observed.
Credentials
The skill legitimately needs iCloud credentials (App-Specific Password and username) for CalDAV. It does not request unrelated third‑party credentials. However, registry metadata at the top reported 'required env vars: none' while docfiles and skill.yaml enumerate ICLOUD_USERNAME, ICLOUD_APP_PASSWORD and several ICALENDAR_SYNC_* variables — this mismatch could lead to silent misconfiguration if a user relies solely on registry summaries. File-based credential storage is supported (and documented) with recommended 0600 permissions; that increases attack surface if not used carefully.
Persistence & Privilege
always:false (default) and there is no evidence the skill tries to force-enable itself across agents or modify other skills. The install script writes files into a user-controlled ~/.openclaw/skills directory and creates a CLI wrapper in ~/.local/bin, which are expected behaviors for a user-installed skill. No privileged system changes or cross-skill config modifications were observed.
Assessment
This skill is coherent with its stated purpose, but review these points before installing:
- Credentials: The skill requires an iCloud username and an App‑Specific Password for CalDAV. Prefer keyring storage as documented; if you use file-based config, ensure the file is created with strict permissions (0600) and store it on a secure path. Note the registry summary omitted required env vars — don't rely only on the brief metadata.
- Source & provenance: The skill's source/homepage is unknown in the registry summary. If you plan to install, prefer obtaining the package from a trusted repository or verify the included source files (especially calendar.py and install.sh) locally before running the installer.
- Installer behavior: install.sh will run pip install -r requirements.txt and copy code into ~/.openclaw/skills and create a CLI in ~/.local/bin. Review the script and ensure your environment is the intended one (e.g., a virtualenv or isolated container) before running it.
- Subprocess usage / macOS bridge: The implementation imports subprocess and implements a macOS-native provider. That justifies subprocess usage (e.g., osascript/AppleScript) but also means careful input sanitization is important. If you rely on the macOS provider, validate that inputs you provide (calendar names, recurrence IDs, JSON fields) cannot be used to inject commands; the project documents input validation, but you may want to spot-check the code paths that call subprocess.
- Logging & debug: The tool supports debug HTTP output and a custom User-Agent. Avoid enabling verbose debug in production environments where logs may be forwarded to third parties; verify that logs are indeed redacting sensitive fields as claimed.
- Sandbox & least privilege: If you want an extra safety margin, install and run the skill in an isolated environment (container or dedicated VM) or under a user account with minimal privileges.
If you want, I can scan the rest of calendar.py (the truncated part) for any direct subprocess.invoke or network calls that use user-provided strings, and point to the exact lines to review.Like a lobster shell, security has layers — review code before you run it.
latestvk977jwpa3d3zvp22m9eewycsyd82cz98
License
MIT-0
Free to use, modify, and redistribute. No attribution required.