Skillv1.3.0

ClawScan security

calmly · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 16, 2026, 5:53 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally consistent with its stated purpose (a macOS CLI for Calendar) and only requires installing a brew formula and granting Calendar access; the main residual risk is installing a third‑party Homebrew tap you may not recognize.
Guidance: This skill appears to do what it says: a macOS CLI that manages Calendar events using EventKit and requires the normal Calendar privacy permission. The primary practical risk is installing from a third‑party Homebrew tap (halbotley/tap). Before installing: (1) review the tap/formula or its GitHub repo to confirm source code and maintainership, (2) prefer well-known sources or official upstream if available, (3) confirm the brew package contents (brew edit or inspect formula and binaries), and (4) be prepared to revoke Calendar access in System Settings if you no longer want the tool to access your calendars. If you cannot verify the tap, consider running in a controlled environment (VM) or using an alternative from a trusted source.

Purpose & Capability: okName/description match the runtime instructions: the skill requires a 'calmly' CLI binary and shows how to list and create Calendar events via EventKit. Requested resources (a brew formula to install the binary and macOS Calendar permission) are proportional to the stated purpose.
Instruction Scope: okSKILL.md contains only install instructions (brew tap/install) and CLI usage examples. It explicitly notes the one-time macOS Calendar permission prompt. There are no instructions to read unrelated files, environment variables, or to transmit data to external endpoints.
Install Mechanism: noteInstall uses a Homebrew formula from halbotley/tap (third‑party tap). Homebrew formulas are traceable, but third‑party taps carry more risk than official taps because they can deliver arbitrary code/binaries. This is not a red flag by itself, but you should inspect the tap/formula or source if you don't trust the maintainer.
Credentials: okNo environment variables, secrets, or config paths are requested. The skill does require calendar access (system privacy grant), which is appropriate for creating/listing events.
Persistence & Privilege: okalways is false and the skill does not request persistent system-wide privileges or modify other skills. The only persistent effect is that created events will be present in the user's calendars (expected behavior).