← Back to Skills Marketplace

nostrcalendar

Name: nostrcalendar
Author: vveerrgg

by vveerrgg · GitHub ↗ · v0.2.3 · MIT-0

cross-platform ⚠ suspicious

321

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install nostrcalendar

Description

Time awareness for sovereign entities — manage availability, book meetings, negotiate schedules over Nostr relays

Usage Guidance

This skill implements a Nostr-based calendar and legitimately needs a Nostr private key (NOSTR_NSEC) to sign events. Before installing: (1) confirm the package source — metadata suggests pip, but the install spec shows an unexpected "uv" kind; prefer installing from a trusted index or inspect the package contents first; (2) understand that providing NOSTR_NSEC gives the skill the ability to sign events as that entity (use an entity-specific key, not your personal/high-privilege key); (3) review the nostrcalendar package and its dependency nostrkey on the linked repository or PyPI for unexpected network endpoints or code that stores/transmits your private key; (4) consider using a dedicated entity key or a test identity first, and limit autonomous invocation if you do not want the agent to act with that key without confirmation. The main issues are metadata/install inconsistencies and the runtime pip install instruction — these are not necessarily malicious, but verify before proceeding.

Capability Analysis

Type: OpenClaw Skill Name: nostrcalendar Version: 0.2.3 The nostrcalendar skill provides a legitimate implementation of Nostr-based scheduling and availability management following NIP-52. While it handles the sensitive NOSTR_NSEC environment variable, this is required for its stated purpose of signing Nostr events. The code in SKILL.md and the provided examples (agent_negotiation.py, book_meeting.py) demonstrate standard usage of the nostrcalendar and nostrkey libraries without any signs of malicious intent, data exfiltration, or unauthorized execution.

Capability Assessment

ℹ Purpose & Capability

The declared purpose (calendar over Nostr) aligns with needing a private Nostr key (NOSTR_NSEC) to sign events and a relay URL. However the registry header said "Required env vars: none" while the SKILL.md and metadata.json both require NOSTR_NSEC — this metadata mismatch is inconsistent and should be resolved.

✓ Instruction Scope

SKILL.md and examples stay within the calendar scheduling domain: publishing availability, querying free slots, creating bookings, and negotiating proposals via Nostr relays. The skill explicitly instructs reading NOSTR_NSEC and using a relay; no instructions request unrelated system files or unrelated credentials. It does include an instruction-level example to run subprocess.run(["pip","install","nostrcalendar"]), which would perform a network install at runtime.

⚠ Install Mechanism

The package is installed from a Python package (metadata.json lists pip: nostrcalendar) but the registry/install spec shows kind: "uv" with package: nostrcalendar — this mismatch is unusual. The SKILL.md also suggests running pip at runtime. Verify the actual install source (PyPI or GitHub release). Running pip at runtime will download and execute third-party code; confirm the package origin and inspect the package before installing.

ℹ Credentials

Requesting a single sensitive env var (NOSTR_NSEC) is proportionate for a calendar that must sign events. But the registry summary initially claimed no required env vars while both SKILL.md and metadata.json mark NOSTR_NSEC as required and sensitive — this inconsistency should be fixed. Ensure the key you provide is the intended entity's key (not your personal or high-privilege key).

✓ Persistence & Privilege

always is false and the skill does not request system-wide config changes; it does not appear to modify other skills or system settings. The agent may invoke the skill autonomously (default), which is normal — combine this with sensitive-key access only if you want the agent to act without explicit user prompts.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install nostrcalendar
After installation, invoke the skill by name or use /nostrcalendar
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.2.3

Security hardening: SecretStr, sanitized exceptions, input validation

v0.2.2

Entity-aware SKILL.md — time as a dimension of existence

v0.2.1

Standardized SKILL.md template

v0.2.0

BREAKING: import renamed from nostrcal to nostrcalendar. Added CalendarEnclave for NSE integration. Security hardened — pubkey validation, time ordering, relay event cap. 29 tests.

v0.1.1

Security hardening: d-tag collision resistance, timestamp validation, timezone sanitization, JSON error handling, slot bounds checking

v0.1.0

Initial release — availability, booking, negotiation modules with NIP-44 encrypted content

Metadata

Slug nostrcalendar

Version 0.2.3

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 6

Frequently Asked Questions

What is nostrcalendar?

Time awareness for sovereign entities — manage availability, book meetings, negotiate schedules over Nostr relays. It is an AI Agent Skill for Claude Code / OpenClaw, with 321 downloads so far.

How do I install nostrcalendar?

Run "/install nostrcalendar" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is nostrcalendar free?

Yes, nostrcalendar is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does nostrcalendar support?

nostrcalendar is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created nostrcalendar?

It is built and maintained by vveerrgg (@vveerrgg); the current version is v0.2.3.

More Skills