ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Google Workspace BYOK

v1.0.0

Google Calendar and Gmail integration using your own GCP project credentials (BYoK — Bring Your Own Key). Direct OAuth2 auth against your own Google Cloud pr...

0· 722·0 current·0 all-time
by@kyesh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description describe BYoK Gmail/Calendar access and the code implements exactly that: setup, OAuth flow, token storage, Gmail and Calendar read/list/attachment operations, and account management. The files and required npm packages (googleapis, PDF extraction libs) are appropriate for the claimed functionality.
Instruction Scope
SKILL.md instructs a local npm install and running included Node scripts. Runtime instructions operate on the user's Google OAuth credentials and tokens stored in a dedicated ~/.openclaw/google-workspace-byok directory. The auth flow is manual (paste-a-url/code). The instructions do not ask the agent to read unrelated system files or exfiltrate data to external endpoints other than Google APIs.
Install Mechanism
There is no automated install spec in the registry (instruction-only), but the bundle includes a package.json/package-lock and expects the user to run npm install in the scripts directory. npm pulling many dependencies (including native/optional packages and PDF libs like mupdf/pdf-parse) is normal for PDF extraction but increases surface area; verify packages before installing and be aware native components may compile or download binaries.
Credentials
The skill requests no environment variables or external credentials beyond the user's own Google OAuth client JSON and the account authorization. Tokens and credentials are stored locally under ~/.openclaw/google-workspace-byok. Persisting refresh tokens is expected behavior for offline access; treat these files as sensitive.
Persistence & Privilege
Skill is not always-enabled and does not request elevated platform privileges. It persists its own credentials/tokens under a dedicated per-skill config directory and does not modify other skills or system configs. Autonomous invocation is allowed by default (platform behavior) but not combined with other red flags.
Assessment
This skill appears to do what it claims: run locally with your own Google OAuth client and save tokens under ~/.openclaw/google-workspace-byok. Before installing, consider: 1) review package.json and package-lock and audit the npm packages (mupdf and pdf libraries can include native code); 2) run npm install in a controlled environment (container/VM) if you want to avoid native builds or supply-chain risk; 3) keep the downloaded credentials.json and tokens private (they grant access to your accounts); 4) prefer --readonly scopes if you only need read access; and 5) be aware that apps in Google 'Testing' mode may issue short-lived tokens (the README notes a 7-day expiry) — publish to production only if you understand verification implications. If you need higher assurance, request a reproducible build or a minimal package list from the author.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f1vr6bhwzj8en2f60qg9qwx819fn1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments