Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Calendar Hold Sync
v1.0.1Sync one or more source Google calendars into private Busy hold events in one or more target calendars using gog. Use when users need idempotent double-booki...
⭐ 2· 715·0 current·0 all-time
bymisfit.dev@tdewitt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md clearly requires the 'gog' CLI and user OAuth credentials to operate, but the registry metadata lists no required binaries or primary credentials. This mismatch is an incoherence: a legitimate calendar sync skill would reasonably require 'gog' (or other Google API access). The absence of that dependency in the declared metadata suggests sloppy packaging or missing metadata and should be fixed or clarified.
Instruction Scope
Instructions are scoped to calendar-sync tasks and describe a config-driven, idempotent reconcile/backfill/watch workflow using gog commands. They instruct the operator to run gog auth flows and to provide a client_secret.json; those are normal for Google API CLI usage. One area to watch: the skill supports configurable 'gog.*Cmd' template overrides. While the skill says rendered commands are executed as argv tokens (no shell interpolation) and requires 'gog.allowCustomCommands=true' to enable overrides, custom commands in a user-provided config can still be a source of risk if the config is untrusted or edited by an attacker.
Install Mechanism
This is an instruction-only skill with no install spec or bundled code; nothing is written to disk by the skill package itself. That reduces installation risk. The README suggests installing gog (e.g., Homebrew) but the skill does not install any binaries itself.
Credentials
The skill does not declare required environment variables in the registry, and its runtime notes indicate only optional conveniences (e.g., setting GOG_ACCOUNT). The real credential requirement is user OAuth via gog (client_secret.json and authenticated accounts). That is proportional to the task, but sensitive artifacts (client_secret.json, OAuth tokens) are necessary and must be handled securely. The earlier metadata omission of the gog dependency is the main proportionality inconsistency.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges. It is user-invocable and allows autonomous model invocation by default (platform default) but does not request permanent inclusion or to modify other skills' configurations.
What to consider before installing
Before installing or enabling this skill: 1) Recognize you must install and configure the gog CLI and perform Google OAuth account setup (client_secret.json and 'gog auth add') — the registry metadata does not reflect this dependency, so verify it yourself. 2) Keep 'gog.allowCustomCommands' false unless you fully trust and have audited the config file; custom command templates are a possible attack surface even though the skill claims commands are executed without shell interpolation. 3) Protect client_secret.json and any OAuth tokens; only use dedicated test calendars and dryRun=true when first testing (sample config sets dryRun:true). 4) Validate the mapping config and limits (maxChangesPerRun, exclude rules) to avoid unintended mass changes. 5) If you need higher assurance, ask the publisher to correct the package metadata to list 'gog' as a required binary and to provide a signed homepage/source link; absence of that information lowers confidence in packaging quality.Like a lobster shell, security has layers — review code before you run it.
calendarvk97515p7tdwgyrdkpyhs4x41ws81ac0kgogvk97515p7tdwgyrdkpyhs4x41ws81ac0klatestvk977y0rckneskkjtzee8tav9cs81bd5hsyncvk97515p7tdwgyrdkpyhs4x41ws81ac0k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.