← Back to Skills Marketplace
blucaru

ics to exchange-blocker

by Blucaru · GitHub ↗ · v1.0.0 · MIT-0
darwin ✓ Security Clean
146
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install block-on-exchange
Description
Sync any ICS/iCal calendar to Microsoft Exchange as blocked time slots — supports recurring events, change detection, and privacy-preserving sync
README (SKILL.md)

CalIn — ICS Calendar to Exchange Sync

Sync busy time from any ICS/iCal calendar to Microsoft Exchange as "Blocked" slots. Works with Google Calendar, iCloud, Outlook.com, Nextcloud, Fastmail, Proton Calendar, or any CalDAV server that publishes an ICS feed.

When to Use This Skill

  • User asks to sync calendars, block time, or mirror busy slots
  • User wants personal calendar events to block time on their work calendar
  • User asks to check sync status or clear synced events
  • Scheduled background sync via Heartbeat (recommended: every 5-30 minutes)

What It Does

  • Fetches events (including recurring) from any HTTPS ICS feed
  • Creates/updates/deletes corresponding "Blocked" events on Exchange via Microsoft Graph API
  • Tracks synced events with a local mapping file — only touches what changed
  • Privacy-preserving: only syncs time slots, never event titles, descriptions, or attendees

Setup

1. Install dependencies

Requires Python 3.12+.

cd ~/.openclaw/skills/calin
bash install.sh

This creates a Python venv and installs icalendar, msal, recurring-ical-events, and requests.

2. Configure credentials

Add to ~/.calintegration/.env (created by installer with chmod 600):

CALINT_ICS_URL=\x3Cyour-ics-feed-url>
CALINT_MS_CLIENT_ID=\x3Cazure-app-client-id>
CALINT_MS_TENANT_ID=\x3Cazure-app-tenant-id>
# Optional: sync to a specific Exchange calendar (defaults to primary)
# CALINT_MS_CALENDAR_ID=\x3Ccalendar-id>

Where to find your ICS URL:

Provider Location
Google Calendar Settings > your calendar > Integrate > "Secret address in iCal format"
iCloud Calendar app > right-click calendar > Share > Public Calendar > copy URL
Outlook.com Settings > Calendar > Shared calendars > Publish > ICS link
Nextcloud Calendar > three-dot menu > Copy subscription link
Fastmail Settings > Calendars > Share/export > ICS URL

Azure AD app (free, no client secret needed):

  1. Go to https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade
  2. New registration > Name: "CalIn" > Redirect URI: Public client > http://localhost:8400
  3. API permissions > Add > Microsoft Graph > Delegated > Calendars.ReadWrite
  4. Copy Application (client) ID and Directory (tenant) ID

3. Authenticate Microsoft

cd ~/.openclaw/skills/calin
venv/bin/python main.py setup

This opens a browser for one-time Microsoft login. Tokens are cached locally.

Commands

Run these from the skill directory:

Command What it does
venv/bin/python main.py sync Run one sync cycle
venv/bin/python main.py status Show last sync time and event count
venv/bin/python main.py clear Remove all synced events from Exchange
venv/bin/python main.py setup Re-run authentication setup

Automated Sync (macOS)

The installer generates a launchd plist for automatic sync every 5 minutes:

cd ~/.openclaw/skills/calin
bash install.sh
cp com.calintegration.sync.plist ~/Library/LaunchAgents/
launchctl load ~/Library/LaunchAgents/com.calintegration.sync.plist

How It Works

  1. Fetches the ICS feed and expands all recurring events within a 14-day window
  2. Compares against the local event map (previous sync state)
  3. For each event:
    • New: Creates a "Blocked" event on Exchange
    • Changed (time moved): Updates the Exchange event
    • Deleted from source: Deletes the Exchange event
  4. Saves updated event map and last sync timestamp

Change detection uses a hash of start time + end time + all-day flag. Only changed events trigger API calls.

Security and Privacy

  • Credentials stored in ~/.calintegration/.env with chmod 600 permissions
  • Tokens stored in ~/.calintegration/ms_token.json with chmod 600 permissions
  • All files in ~/.calintegration/ directory with chmod 700
  • No event details synced — only time slots are transmitted. Event titles, descriptions, attendees, and locations are never sent to Exchange
  • HTTPS only — ICS URLs must use HTTPS; Graph API calls use TLS with certificate verification
  • No client secret — uses PKCE (Proof Key for Code Exchange) for Microsoft auth
  • ICS URL validated — rejects non-HTTPS schemes to prevent SSRF
  • API path IDs validated — prevents injection in Graph API endpoint construction
  • All HTTP requests have 30-second timeouts to prevent hanging

External endpoints called

Endpoint Purpose Auth
Your ICS URL (HTTPS) Read calendar events URL contains secret token
login.microsoftonline.com Microsoft OAuth token exchange PKCE flow
graph.microsoft.com/v1.0 Create/update/delete Exchange events Bearer token

Data flow

ICS Feed (read-only) --> [CalIn on your machine] --> Microsoft Graph API (write)
                              |
                     ~/.calintegration/ (local state)

No data is sent to any third party. All processing happens locally.

Usage Guidance
This skill appears to do what it says, but check the following before installing: - Only add ICS feed URLs you trust: the feed may contain private information or a secret token in the URL. The tool reads that URL and will push 'busy' events to your Exchange account. - The Azure app needs Calendars.ReadWrite delegated permission; you must register it and sign in interactively (the tool opens a browser and runs a local HTTP listener for the OAuth redirect). - Install creates ~/.calintegration and stores .env and ms_token.json there with chmod 600; verify you’re comfortable with local storage and the path. - The installer proposes creating a launchd job to run every 5 minutes — do not install the plist if you do not want periodic background sync. - Note: the code also checks CALINT_GOOGLE_ICS_URL as a fallback for the ICS feed (this env var is not listed in the registry metadata) — if you use environment variables, be aware of this extra name. If you want extra assurance, review the included Python files locally (they are bundled) and run setup manually rather than enabling the launchd job immediately.
Capability Analysis
Type: OpenClaw Skill Name: block-on-exchange Version: 1.0.0 The CalIn skill is a legitimate utility for syncing ICS calendar feeds to Microsoft Exchange as anonymous 'Blocked' time slots. It follows security best practices by using PKCE for OAuth (ms_auth.py), enforcing restricted file permissions (0600/0700) for sensitive credentials in ~/.calintegration/ (config.py), and validating API input and URL schemes (sync.py, ics_source.py). The code explicitly avoids syncing sensitive event details like titles or descriptions, and the persistence mechanism via launchd (install.sh) is transparently documented for its intended background sync purpose.
Capability Assessment
Purpose & Capability
Name/description, required binaries (python3), required env vars (ICS URL + Azure client/tenant IDs), and the files (Python code + installer) are all consistent with a macOS tool that reads an ICS feed and writes events to Microsoft Graph.
Instruction Scope
SKILL.md and the code limit behavior to fetching an HTTPS ICS feed, computing time slots, and creating/updating/deleting 'Blocked' events on Microsoft Graph. It runs a local browser-based OAuth flow (opens browser and listens on 127.0.0.1:8400) and writes local state under ~/.calintegration. Minor mismatches: the code reads an additional env var CALINT_GOOGLE_ICS_URL as a fallback (not declared in metadata), and the installer suggests installing a launchd job for periodic sync — both are reasonable but worth noting to users.
Install Mechanism
There is no packaged installer declared to the registry, but the included install.sh creates a Python venv and runs pip install -r requirements.txt (public PyPI packages). This is a standard, low-to-moderate-risk install mechanism (no downloads from unknown servers, no extracted archives from arbitrary URLs).
Credentials
Requested environment variables (CALINT_ICS_URL, CALINT_MS_CLIENT_ID, CALINT_MS_TENANT_ID) are appropriate for this functionality. The code also accepts CALINT_GOOGLE_ICS_URL as an undocumented fallback, which is minor but should be documented. Tokens and state are stored locally under ~/.calintegration with restrictive permissions as advertised.
Persistence & Privilege
The skill does not request elevated or global agent privileges. It can optionally install a macOS launchd plist to run every 5 minutes (installer gives instructions) — this is a user action and not forced by the skill metadata (always:false). Files and tokens are stored only in the user's home directory.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install block-on-exchange
  3. After installation, invoke the skill by name or use /block-on-exchange
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of calin: sync any ICS/iCal calendar to Microsoft Exchange as privacy-preserving blocked time slots. - Syncs events—including recurring—from any HTTPS ICS feed to Microsoft Exchange as blocked slots, supporting Google Calendar, iCloud, Outlook.com, and more. - Only time slots (start/end/all-day) are synced; event titles, descriptions, and attendees remain private. - Detects and applies changes efficiently: only adds, updates, or removes events that changed in source. - Requires Python 3.12+, minimal configuration, and a one-time Microsoft login (no client secret needed). - Supports automated sync (macOS launchd), manual commands (sync, status, clear), and local event tracking.
Metadata
Slug block-on-exchange
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is ics to exchange-blocker?

Sync any ICS/iCal calendar to Microsoft Exchange as blocked time slots — supports recurring events, change detection, and privacy-preserving sync. It is an AI Agent Skill for Claude Code / OpenClaw, with 146 downloads so far.

How do I install ics to exchange-blocker?

Run "/install block-on-exchange" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ics to exchange-blocker free?

Yes, ics to exchange-blocker is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does ics to exchange-blocker support?

ics to exchange-blocker is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin).

Who created ics to exchange-blocker?

It is built and maintained by Blucaru (@blucaru); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments