ClawHub
Back to skill

Security audit

Google Calendar

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Google Calendar integration that can read and change calendar data through ClawLink, including some high-impact actions that require confirmation.

Install only if you are comfortable connecting your Google Calendar through ClawLink. Review prompts carefully before approving actions that delete calendars, clear events, move or delete events with attendees, or change calendar sharing permissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill is presented as a meeting scheduling and event management integration, but it also exposes high-impact calendar administration capabilities such as ACL changes, calendar deletion, and calendar clearing. This scope expansion increases the chance that an agent or user invokes destructive or privacy-impacting actions under the assumption the skill is limited to scheduling, enabling unauthorized sharing or mass data loss if confirmation or understanding is weak.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill description emphasizes routine meeting and event workflows, yet the documented calendar tools include destructive administrative actions such as deleting a secondary calendar and clearing all events from a calendar. This mismatch can mislead downstream agents, reviewers, or users about the true authority of the skill, making accidental or prompt-induced destructive actions more likely.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.