meeting-prep
v1.0.0Automated meeting preparation and daily commit summaries. Use when checking Google Calendar for upcoming meetings, generating standup updates from GitHub commits, or sending daily development summaries. Pulls meeting schedules and commit history, then formats verbose developer-friendly updates.
⭐ 1· 4.1k·32 current·32 all-time
byWayne@hougangdev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill claims to check Google Calendar and gather GitHub commits; the SKILL.md explicitly describes Google OAuth client_secret.json, calendar token files, and a GitHub PAT with repo scope. Those requirements are coherent with the stated purpose. However, the skill metadata declares no required environment variables or config paths, which is inconsistent with the runtime instructions.
Instruction Scope
The runtime instructions tell the agent to read credentials/calendar_tokens.json, credentials/client_secret.json, and credentials/github_token and to track state in data/meeting-prep-state.json. They also include shell calls using curl, jq, and GNU date semantics and instruct cron triggers. The instructions do not attempt to exfiltrate data to unexpected endpoints (only Google and GitHub APIs), but they assume local credential files and command-line tools that the metadata did not enumerate.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. That minimizes supply-chain risk. (Risk comes from how credentials are used at runtime, not from an installer.)
Credentials
The SKILL.md requires Google OAuth client secrets and tokens plus a GitHub classic Personal Access Token with 'repo' scope. Those are powerful credentials (especially a PAT with full repo scope). The skill metadata does not declare these as required env vars or config paths, so the skill is asking for broad access without documenting it. The SKILL.md also lacks guidance to prefer least-privilege scopes or to restrict file permissions.
Persistence & Privilege
The skill will read and store tokens in credentials/ and keep state in data/meeting-prep-state.json; it also expects to be run on a schedule (cron every 15 minutes or end-of-day cron). The skill is not marked 'always:true' and does not request system-wide changes, but an autonomously-invoking agent with these tokens could poll calendars and repos frequently. This behavior is consistent with the feature set but should be acceptable only if you are comfortable granting and storing the tokens.
What to consider before installing
This skill appears to do what it says (pull calendar events and GitHub commits), but the SKILL.md requires local credential files (Google OAuth client_secret.json and calendar_tokens.json, and a GitHub personal access token) and uses command-line tools (curl, jq, date). The skill metadata incorrectly lists no required credentials or config paths — that's the main red flag. Before installing: 1) Confirm you trust the skill source (owner ID present but no homepage or repository). 2) Prefer least-privilege credentials: use a Google service account or minimal OAuth scopes, and a GitHub token with read-only scopes if possible (avoid a full 'repo' PAT unless necessary). 3) Store tokens with strict file permissions and consider using a secrets manager rather than plaintext files. 4) Ensure curl/jq are available and that the date command semantics match your OS. 5) Be aware the agent (if allowed) can poll calendars and repos on a schedule using those tokens — only grant that if you accept ongoing access. If you need to proceed, ask the publisher to update the package metadata to declare required config paths/binaries and to document exact minimal scopes and storage guidance; if they cannot or will not, treat the skill as higher-risk.Like a lobster shell, security has layers — review code before you run it.
latestvk97d2wph8cbg7twkcw2rfnac7s7zwxjq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.