中文

google-calendar

Medium
by AdrianMiller99 | Audited: 2026-02-26T09:59:20.936Z | Ruleset: 0.2.0

Quick Install

Add this skill to your agent

clawhub install google-calendar
GitHub ClawHub

About This Skill

Interact with Google Calendar via the Google Calendar API – list upcoming events, create new events, update or delete them. Use this skill when you need programmatic access to your calendar from Open…

Event creation
Schedule management
Recurring events
Availability checking

Use Cases

1 Schedule meetings
2 Set reminders
3 Manage appointments

Documentation (Original)

Source: SKILL.md
The following is the author's original documentation (often English). For installation, follow “Quick Install” above.

name: google-calendar
description: Interact with Google Calendar via the Google Calendar API – list upcoming events, create new events, update or delete them. Use this skill when you need programmatic access to your calendar from OpenClaw.

Google Calendar Skill

Overview

This skill provides a thin wrapper around the Google Calendar REST API. It lets you:

  • list upcoming events (optionally filtered by time range or query)
  • add a new event with title, start/end time, description, location, and attendees
  • update an existing event by its ID
  • delete an event by its ID

The skill is implemented in Python (scripts/google_calendar.py). It expects the following environment variables to be set (you can store them securely with openclaw secret set):

GOOGLE_CLIENT_ID=…
GOOGLE_CLIENT_SECRET=…
GOOGLE_REFRESH_TOKEN=…   # obtained after OAuth consent
GOOGLE_CALENDAR_ID=primary   # or the ID of a specific calendar

The first time you run the skill you may need to perform an OAuth flow to obtain a refresh token – see the Setup section below.

Commands

google-calendar list [--from <ISO> --to <ISO> --max <N>]
google-calendar add   --title <title> [--start <ISO> --end <ISO>]
                     [--desc <description> --location <loc> --attendees <email1,email2>]
google-calendar update --event-id <id> [--title <title> ... other fields]
google-calendar delete --event-id <id>

All commands return a JSON payload printed to stdout. Errors are printed to stderr and cause a non‑zero exit code.

Setup

  1. Create a Google Cloud project and enable the Google Calendar API.
  2. Create OAuth credentials (type Desktop app). Note the client_id and client_secret.
  3. Run the helper script to obtain a refresh token:
    GOOGLE_CLIENT_ID=… GOOGLE_CLIENT_SECRET=… python3 -m google_calendar.auth
    It will open a browser (or print a URL you can open elsewhere) and ask you to grant access. After you approve, copy the refresh_token it prints.
  4. Store the credentials securely:
    openclaw secret set GOOGLE_CLIENT_ID <value>
openclaw secret set GOOGLE_CLIENT_SECRET <value>
openclaw secret set GOOGLE_REFRESH_TOKEN <value>
openclaw secret set GOOGLE_CALENDAR_ID primary   # optional
  5. Install the required Python packages (once):
    pip install --user google-auth google-auth-oauthlib google-api-python-client

How it works (brief)

The script loads the credentials from the environment, refreshes the access token using the refresh token, builds a service = build('calendar', 'v3', credentials=creds), and then calls the appropriate API method.

References

Note: This skill does not require a GUI; it works entirely via HTTP calls, so it is suitable for headless servers.

Security Audit

Medium

Summary

Interact with Google Calendar via the Google Calendar API – list upcoming events, create new events, update or delete them. Use this skill when you need programmatic access to your calendar from OpenClaw.

Risk Profile Toxicity Privacy Scope Reputation Quality
Open on GitHub Repo Root ClawHub Report / Appeal

ToxicSkills Analysis

Blocklist
Not matched
Prompt Injection
Not detected

Toxic Flags

exfiltration

No Toxic signals detected by current static checks.

Key Risks 0 items

No LLM risk bullets (LLM disabled or not cached).

Deterministic Findings (Evidence)

Rule Severity File Snippet
NET_HTTP_REQUEST medium skills/AdrianMiller99/google-calendar/scripts/google_calendar.py Line 2
import os, sys, json, urllib.request, urllib.parse, argparse
NET_HTTP_REQUEST medium skills/AdrianMiller99/google-calendar/scripts/google_calendar.py Line 23
req = urllib.request.Request(url, data=data, method=method)
NET_HTTP_REQUEST medium skills/AdrianMiller99/google-calendar/scripts/google_calendar.py Line 29
with urllib.request.urlopen(req) as resp:
NET_HTTP_REQUEST medium skills/AdrianMiller99/google-calendar/scripts/refresh_token.py Line 2
import os, sys, json, urllib.request, urllib.parse
NET_HTTP_REQUEST medium skills/AdrianMiller99/google-calendar/scripts/refresh_token.py Line 17
req = urllib.request.Request('https://oauth2.googleapis.com/token', data=data, method='POST')
NET_HTTP_REQUEST medium skills/AdrianMiller99/google-calendar/scripts/refresh_token.py Line 20
with urllib.request.urlopen(req) as resp:

Scoring Criteria

Each skill is scored across 5 dimensions. The weighted total determines the star rating.

Code Toxicity 100/100 (weight 30%)
Privacy Risk 28/100 (weight 25%)
Permission Scope 90/100 (weight 20%)
Author Reputation 75/100 (weight 15%)
Code Quality 70/100 (weight 10%)

Star Rating Scale

5★ Safe — Score ≥ 80
4★ Good — Score 70–79
3★ Caution — Score 60–69
2★ Risky — Score 40–59
1★ Dangerous — Score < 40

Why This Score?

The following dimensions scored below 60, dragging the overall rating down:

  • Privacy Risk: 28/100

Explore More Skills

self-improving-agent Low
by pskoett
Agent Browser Low
by TheSethRose
Sonoscli Low
by steipete

VettedSkillsHub

We curate the top 100 most downloaded skills from ClawHub — the official ClawdBot (OpenClaw) marketplace — then run independent 5-dimension security audits. Transparent evidence, reproducible scores, 1-click install.

About

Best-effort static analysis. Scores are reproducible and evidence-based. Always review code and run in isolated environments for sensitive use.

© 2026 VettedSkillsHub. ClawdBot & OpenClaw are community projects.