by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's purpose (mirroring Google Calendar events via the gog CLI) is coherent, but the package metadata omits the declared gog dependency and there are configurable custom-command escape points that require careful review before enabling.
评估建议
Before installing or enabling this skill: 1) Recognize you must install and configure the gog CLI and perform Google OAuth account setup (client_secret.json and 'gog auth add') — the registry metadata does not reflect this dependency, so verify it yourself. 2) Keep 'gog.allowCustomCommands' false unless you fully trust and have audited the config file; custom command templates are a possible attack surface even though the skill claims commands are executed without shell interpolation. 3) Protect...详细分析 ▾
⚠ 用途与能力
The SKILL.md clearly requires the 'gog' CLI and user OAuth credentials to operate, but the registry metadata lists no required binaries or primary credentials. This mismatch is an incoherence: a legitimate calendar sync skill would reasonably require 'gog' (or other Google API access). The absence of that dependency in the declared metadata suggests sloppy packaging or missing metadata and should be fixed or clarified.
ℹ 指令范围
Instructions are scoped to calendar-sync tasks and describe a config-driven, idempotent reconcile/backfill/watch workflow using gog commands. They instruct the operator to run gog auth flows and to provide a client_secret.json; those are normal for Google API CLI usage. One area to watch: the skill supports configurable 'gog.*Cmd' template overrides. While the skill says rendered commands are executed as argv tokens (no shell interpolation) and requires 'gog.allowCustomCommands=true' to enable overrides, custom commands in a user-provided config can still be a source of risk if the config is untrusted or edited by an attacker.
✓ 安装机制
This is an instruction-only skill with no install spec or bundled code; nothing is written to disk by the skill package itself. That reduces installation risk. The README suggests installing gog (e.g., Homebrew) but the skill does not install any binaries itself.
ℹ 凭证需求
The skill does not declare required environment variables in the registry, and its runtime notes indicate only optional conveniences (e.g., setting GOG_ACCOUNT). The real credential requirement is user OAuth via gog (client_secret.json and authenticated accounts). That is proportional to the task, but sensitive artifacts (client_secret.json, OAuth tokens) are necessary and must be handled securely. The earlier metadata omission of the gog dependency is the main proportionality inconsistency.
✓ 持久化与权限
The skill does not request always:true or other elevated platform privileges. It is user-invocable and allows autonomous model invocation by default (platform default) but does not request permanent inclusion or to modify other skills' configurations.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/2/17
- Updated dependency instructions to clarify only required Google services should be added in `gog` setup. - Added new section "Custom Command Template Safety" describing how custom `gog` command templates are handled and their execution safety. - Introduced a "Working Model" section to explain polling-based watch mode and expected update behavior. - Added "Known Limits" section to highlight lack of webhook support and importance of scheduled reconcile as fallback. - Minor clarifications and improved command guidance in dependency setup for clarity and safety.
● 可疑
安装命令 点击复制
官方npx clawhub@latest install calendar-hold-sync
镜像加速npx clawhub@latest install calendar-hold-sync --registry https://cn.clawhub-mirror.com
技能文档
Implement hold mirroring from source Google calendars into target calendars to prevent double-booking.
Dependency
- Require
gogCLI inPATH. - Require user OAuth already configured for each account used in
mappings. - Do not hardcode account emails, calendar IDs, or event IDs in code.
If gog is not configured, use this setup flow:
- Run
gog auth credentials /path/to/client_secret.json. - Run
gog auth add you@gmail.com --services calendar. - Verify with
gog auth list.
Only add additional Google services if you explicitly need them for another workflow.
Official gog references:
- Homepage: https://gogcli.sh/
- Source: https://github.com/steipete/gogcli
Config Contract
Use a user-provided JSON config file with this shape:
mappings[]mappings[].namemappings[].targetAccountmappings[].targetCalendarId(defaultprimary)mappings[].sources[]with{ account, calendarId }mappings[].lookaheadDays(default30)mappings[].allDayMode:ignore|mirrormappings[].overlapPolicy:skip|allowhold.summary(defaultBusy)hold.visibility(private)hold.transparency(busy)hold.notifications(none)hold.reminders(none)metadata.format(SYNCV1)metadata.encoding(base64url(json))metadata.fields:srcAccount,srcCalendar,eventId,start,end,titlescheduling.reconcileCronscheduling.daytimeCron(optional)scheduling.driftWindowDays(optional)scheduling.watchIntervalSeconds(optional, default20)safety.dryRunsafety.maxChangesPerRunsafety.excludeIfSummaryMatches[]safety.excludeIfDescriptionPrefix[]gog.listEventsCmd|createEventCmd|updateEventCmd|deleteEventCmd(optional template overrides)gog.allowCustomCommands(must betrueto enable anygog.*Cmdoverride)
Custom Command Template Safety
When custom commands are enabled:
- Only
gogcommand templates are accepted. - Templates are rendered by replacing placeholders like
{account}and{calendarId}. - Rendered commands are executed as argv tokens (no shell interpolation).
- Keep
gog.allowCustomCommands=falseunless you fully trust and audit the config file.
Metadata Encoding
Store source linkage in hold description as:
SYNCV1:
JSON fields:
srcAccountsrcCalendareventIdstartendtitle
Behavior
For each mapping:
- Read source events in the active window.
- Build desired hold events (
private,busy, no reminders). - Detect existing managed holds by
SYNCV1:prefix. - Reconcile idempotently:
- Create missing holds.
- Update drifted holds.
- Delete stale holds.
- If overlap policy is
skip, do not create a hold when a non-managed target event overlaps. - Enforce
maxChangesPerRun. - Respect
dryRun.
Backfill
Backfill mode upgrades legacy hold events (matching expected hold signature but lacking SYNCV1) by attaching encoded metadata when a unique source match exists.
Command Surface
hold-sync validate-confighold-sync reconcile --mapping|--all [--dry-run] hold-sync backfill --mapping|--all [--dry-run] hold-sync status --mapping|--all hold-sync install-cron --mapping|--all hold-sync watch --mapping|--all [--dry-run] [--interval-seconds ]
Watch Cadence
Require watch cadence to be configurable from user config:
scheduling.watchIntervalSecondscontrols watch poll frequency.mappings[].lookaheadDayscontrols rolling watch/reconcile window.
Recommend baseline values:
watchIntervalSeconds: 900(15 minutes)lookaheadDays: 1(24 hours)
Working Model
- Use polling-based watch mode (
hold-sync watch) for fast updates. - Expect update latency approximately equal to
watchIntervalSeconds. - Treat this as self-hosted/operator-run automation.
Known Limits
- Do not assume webhook/push subscriptions are present; current fast sync path is polling.
- Keep periodic scheduled reconcile as fallback even when watch mode is enabled.
Required Tests
- metadata encode/decode round-trip
- overlap detection correctness
- idempotent reconcile upsert/delete behavior
Attribution: gog setup flow adapted from:
- https://clawhub.ai/steipete/gog
- https://github.com/steipete/gogcli
- https://gogcli.sh/
Provider Notes (openclaw)
Use this variant when publishing to ClawHub/OpenClaw.
- Keep instructions implementation-focused and command-oriented.
- Keep dependency explicit:
gogmust be preconfigured by user. - Prefer deterministic script execution over speculative edits.
- Avoid provider-specific APIs; treat the CLI as the boundary.
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制