ClawHub

Google Calendar (via gcalcli)

v2.0.1

Google Calendar via gcalcli: today-only agenda by default, bounded meaning-first lookup via agenda scans, and fast create/delete with verification--optimized...

0· 20·0 current·0 all-time
by@stavc
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the runtime instructions: the skill is an instruction-only adapter around the gcalcli CLI and only requires the gcalcli binary. No unrelated environment variables, binaries, or network endpoints are requested. NOTE: repository metadata files show a minor inconsistency (registry metadata lists version 2.0.1 while _meta.json shows version 3.0.0 and a different ownerId) — this is a packaging/metadata mismatch but does not change the runtime behavior described in SKILL.md.
Instruction Scope
SKILL.md confines actions to running gcalcli commands (agenda, search, add, import, delete) and to verifying deletes via subsequent agenda calls. It does not instruct reading arbitrary files or environment variables. It explicitly delegates network access to gcalcli and warns that OAuth tokens are stored locally. The only notable behavioral choice is the UX policy to skip confirmation for "unambiguous" destructive actions; the skill documents verification and disambiguation guards around that policy.
Install Mechanism
There is no install spec (instruction-only), so nothing is downloaded or written by the skill itself. This is the lowest-risk install model and is appropriate for a CLI-wrapper skill.
Credentials
The skill declares no environment variables or credentials and only requires the gcalcli binary. It relies on gcalcli's local OAuth tokens (e.g., ~/.gcalcli_oauth) but does not request direct access to credentials. That reliance is proportionate to a CLI wrapper for Google Calendar; users should be aware that gcalcli must already be authenticated on the host.
Persistence & Privilege
The skill is not forced-always and allows normal model invocation controls. It does not request persistent installation, modify other skills, or claim system-wide privileges. It instructs using non-interactive flags and verification but does not alter agent/system configuration.
Assessment
This skill is an instruction-only adapter for the gcalcli CLI and appears coherent with that purpose. Before installing: (1) ensure gcalcli is installed and authenticated on the host (gcalcli stores OAuth tokens locally); (2) be aware of the documented UX choice to auto-execute destructive actions when an event match is "unambiguous" — if you prefer explicit confirmations, modify the Actions policy in SKILL.md to always ask; (3) verify the metadata mismatch (version/owner in _meta.json vs. registry) if provenance matters; and (4) test on a non-critical calendar or with a dry-run to confirm the skill's behavior matches your expectations.

Like a lobster shell, security has layers — review code before you run it.

latestvk972a7dvxp6ad6hp9abwx1r6w185143m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📅 Clawdis
Binsgcalcli

Comments