Google Calendar (via gcalcli)
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: gcalcli-calendar Version: 3.0.0 The skill bundle is benign. It provides instructions for an AI agent to manage Google Calendar using the `gcalcli` command-line tool. All files clearly document the skill's purpose, usage, and underlying commands. The `SKILL.md` details a specific 'Actions policy' that skips confirmation for unambiguous actions, but this is explicitly stated as a deliberate UX choice with multiple safety guards (e.g., explicit user request, single unambiguous match, post-action verification, overlap checks for creates). There is no evidence of data exfiltration, malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts designed to subvert the agent for harmful purposes. The `README.md` further clarifies network access (only Google Calendar API via gcalcli) and lists all used commands, reinforcing transparency.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent misunderstands which event you meant, it could delete or edit an event without asking one more confirmation question.
The skill intentionally allows no-extra-prompt calendar mutations and non-interactive deletion when it judges the user request and target event to be unambiguous. This is disclosed and bounded, but a wrong match could still change or delete a real calendar event.
For cancel/delete/edit actions, skip confirmation when ALL of these hold ... Use non-interactive delete with `--iamaexpert` ... Always verify via agenda
Install only if you want low-friction calendar management. If you prefer confirmation before every destructive action, edit the Actions policy to always ask first.
The agent can act on the Google Calendar account already authenticated in gcalcli.
The skill relies on gcalcli's locally stored Google OAuth credentials to access the user's calendar. This is expected for the integration, but it grants account-level calendar access through the configured gcalcli profile.
It authenticates via OAuth2 and stores credentials locally. This skill does not handle authentication — gcalcli must be set up and authenticated before use.
Verify which Google account and calendars gcalcli is configured to use, and protect or revoke the local OAuth token if needed.
The security of calendar access depends partly on the locally installed gcalcli package.
The skill depends on an external CLI installed outside the skill package. This is central to the stated purpose and not auto-installed by the skill, but users should install it from a trusted source.
`gcalcli` — install via `pip install gcalcli` or `brew install gcalcli`
Install gcalcli from a trusted package source, keep it updated, and review its OAuth permissions.