ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Doro Email To Calendar

v1.0.0

Extract calendar events and deadlines from emails, present them for user review, and create or update calendar entries with duplicate detection and undo supp...

0· 530·0 current·0 all-time
byMus Titou@a2mus
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared purpose (extract events from email and manage calendar entries) matches the included scripts and Python utilities which implement searching emails, extracting events, duplicate detection, creating/updating/deleting events, tracking, and undo support. Minor incoherences: package/metadata fields show different slugs/versions/ownerIds (SKILL.md shows multiple version lines; _meta.json/package.json owner/slug/version do not fully match the registry metadata), and package.json declares read/create/update capabilities but the code also implements delete and email-sending flows. These metadata mismatches don't prove maliciousness but reduce trust and should be resolved.
!
Instruction Scope
SKILL.md instructs agents to run wrapper scripts under ~/.openclaw/workspace/skills/email-to-calendar/scripts and to read/write various files outside the skill (e.g., ~/.config/email-to-calendar/config.json, ~/.openclaw/workspace/HEARTBEAT.md, and memory/index.json). The instructions mandate scanning ALL unread emails (direct mode) and ALWAYS extracting/including URLs from email bodies. The skill also documents automatic disposition (mark as read/archive) and auto-processing of calendar reply emails. Those behaviors are coherent with the feature set but are high-impact: they modify inbox state, can create/delete calendar events, write persistent audit/heartbeat files, and may send notification emails. The SKILL.md also enforces use of wrapper scripts (not calling 'gog' directly) — sensible for bookkeeping but worth auditing because it centralizes all provider interactions in the scripts.
Install Mechanism
There is no external install/download step in the registry entry (instruction-only), and all code is included in the bundle. No remote URLs or extract/install steps were observed. That lowers supply-chain risk compared with remote installers.
Credentials
The registry lists no required environment variables; package.json lists required binaries (python3, bash, jq) and the SKILL.md/SETUP.md expect an email/calendar provider (example 'gog' CLI). The skill accesses local config and memory files under the user's home/workspace rather than requesting unrelated cloud credentials. However, the skill can send email (gog gmail send) and delete calendar events — capabilities that require sensitive permissions. Ensure the agent is granted only the minimal provider capabilities needed and confirm deadline_notifications and auto-disposition defaults before enabling.
!
Persistence & Privilege
The skill writes persistent state to ~/.openclaw/workspace/memory/email-to-calendar/* and ~/.config/email-to-calendar/config.json and suggests adding sections to HEARTBEAT.md. It auto-disposes calendar notifications and (by default config examples) may auto-mark emails as read/archive and send notification emails. While 'always' is false and the skill doesn't request platform-wide always-on privilege, the persistent read/write behaviour and inbox/calendar modification are significant and should be authorized explicitly by the user.
What to consider before installing
What to check before installing and enabling this skill: - Review the included scripts (scripts/*.sh and scripts/utils/*.py) yourself or with a trusted dev: they implement all provider interactions, vote tracking, and undo — that's where the real behavior lives. - Be aware this skill will read your unread emails, extract URLs and deadlines, and by default may mark processed messages as read and archive them and may send deadline notification emails. If you don’t want automatic changes, set email_handling.auto_dispose_calendar_replies=false, email_handling.mark_read=false and email_handling.archive=false in ~/.config/email-to-calendar/config.json before first run. - Confirm provider permissions: the skill assumes an email/calendar provider (example 'gog' CLI). Grant only the minimal permissions required (read messages, create/update events) and verify whether you want to allow delete/send privileges. - Metadata mismatches (ownerId/slug/version inconsistencies and duplicate frontmatter versions) reduce provenance assurances. Prefer a skill with consistent metadata or ask the maintainer for clarification. - Test in a safe environment first (non-critical mailbox/calendar). Create a temporary account/calendar and run the skill to observe actions and logs before pointing it at your primary account. - If you want finer control, search for code paths that call 'gog' (or other provider functions) and ensure wrapper scripts behave as documented; the wrappers are intentionally required by SKILL.md, so validate they do not silently exfiltrate data or send unexpected emails. If you are not comfortable auditing the code, do not enable this skill on primary accounts; run it only on test accounts or ask the publisher for an attestation and clean metadata.

Like a lobster shell, security has layers — review code before you run it.

latestvk976mq0d3ndqv6zhkzr4beetn181ve1z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments