ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Meeting Scheduler

v1.0.1

Schedule meetings between your owner and another person by coordinating with their PA, finding available slots in both calendars, and sending a calendar invi...

0· 53·1 current·1 all-time
byNetanel Abergel@netanel-abergel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims to schedule meetings but does not declare any required calendar credentials, account env vars, or required binaries. The SKILL.md repeatedly calls a 'gog' calendar CLI and hardcodes OWNER_EMAIL (owner@company.com), implying the need for an authenticated calendar client; those requirements are not declared in the manifest.
!
Instruction Scope
Runtime instructions read a local file (data/pa-directory.json) and run local commands to fetch and create calendar events. The manifest never mentions access to local files or the 'data/' path. The scripts include templated substitutions (owner email, person name, slot times) — if those substitutions are performed unsafely they could lead to unintended command arguments or data handling. The skill also instructs contacting PAs but gives no concrete safe sending mechanism (mail client or API) or which credentials to use.
Install Mechanism
No install spec and no third-party downloads — instruction-only skills have minimal install risk. However, the skill assumes presence of external tooling (gog) which is not declared; the absence of an install step reduces installation risk but increases hidden dependency risk.
!
Credentials
The skill requires access to the owner's calendar and uses GOG_ACCOUNT and OWNER_EMAIL in examples, but the manifest declares no required environment variables or primary credential. That mismatch means the skill will silently rely on pre-configured credentials on the host (or fail) — neither of which is transparent or proportional.
Persistence & Privilege
The skill does not request persistent presence (always:false) and has no install hooks. It does not modify other skills or system-wide settings in the provided instructions.
What to consider before installing
This skill's instructions will try to read data/pa-directory.json and call a 'gog' calendar CLI as owner@company.com, but the registry metadata does not declare those requirements. Before installing or using it: (1) verify whether you have an authenticated 'gog' CLI configured for the owner account — granting such credentials would let the skill read and write calendar events; (2) confirm the location and contents of data/pa-directory.json and whether you want the skill to read it; (3) replace hardcoded placeholders (owner@company.com, PERSON_NAME) with real, limited values and test in a safe environment; (4) prefer explicit credential declarations and least-privilege accounts (a dedicated scheduling account or scoped API key) rather than relying on an already-authenticated local CLI; and (5) if you need stronger guarantees, ask the skill author to declare required env vars/binaries and to avoid reading arbitrary local files or to provide a safer mechanism for contacting other PAs. Proceed only after addressing these transparency and credential issues.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e0hxw75ntah783pr9cyhkdn842kpn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments