← Back to Skills Marketplace
364
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install apple-cal-anywhere
Description
Your Apple Calendar, on any platform. iCloud Calendar skill via CalDAV (RFC 4791) — works on macOS/Linux, and Windows with env/keyring auth. Supports event C...
README (SKILL.md)
apple-cal-anywhere
Advanced Apple Calendar integration using CalDAV (RFC 4791) and Managed Attachments (RFC 8607).
Primary CLI
scripts/applecal.py
Capabilities
- Event CRUD: List, Create, Update, Delete.
- Multi-Calendar Support: Query multiple calendars in a single command.
- True Attachments: RFC 8607 compatible (works on iPhone/iPad).
- Free/Busy: CalDAV scheduling lookup with event-derived fallback.
Common Commands
List Events (Combined)
Check multiple calendars at once:
python3 scripts/applecal.py events list \
--apple-id [email protected] \
--calendar Family \
--calendar Work \
--from "2026-02-26T00:00:00Z" \
--to "2026-02-26T23:59:59Z"
Create All-Day Event
python3 scripts/applecal.py events create \
--apple-id [email protected] \
--calendar Family \
--summary "Birthday" \
--start "2026-02-26" \
--end "2026-02-26" \
--all-day
Attach a File (iPhone Safe)
python3 scripts/applecal.py attach add \
--apple-id [email protected] \
--calendar Family \
--uid \x3CUID> \
--file /path/to/document.pdf
Free/Busy Check
python3 scripts/applecal.py freebusy \
--apple-id [email protected] \
--calendar Family \
--from "2026-02-26T00:00:00Z" \
--to "2026-02-26T23:59:59Z"
Notes
- Birthdays: The virtual "Birthdays" calendar is not searchable via CalDAV. Key birthdays should be added as physical recurring events in the Family calendar for agent visibility.
- Auth: Resolution order is
APPLECAL_PASSWORD→ Pythonkeyring(if installed/configured) → macOS Keychain fallback. Rundoctorto verify connectivity. - Event update clearing: Use
events update --clear-location/--clear-descriptionto explicitly remove optional fields. - Attachment safety:
attach addblocks sensitive paths/names, allowlists file extensions, and supports optional directory scoping viaAPPLECAL_ATTACH_DIR. - Apple ID: Always pass
--apple-id [email protected](the iCloud account email, not necessarily your Apple ID login).
Usage Guidance
This skill appears to do what it says: connect to iCloud CalDAV and manage events and attachments. Before installing, consider: 1) You must provide an app-specific Apple password (APPLECAL_PASSWORD) or store it in your keyring/Keychain — prefer keyring or macOS Keychain over putting secrets in shell profiles if you are on a shared machine or CI. 2) The attach/add command uploads files from your machine to iCloud; by default the script enforces an extension allowlist and blocks common sensitive paths/names, and you can further restrict uploads by setting APPLECAL_ATTACH_DIR to a specific folder. Review the attachment allowlist and sensitive-path patterns in scripts/applecal.py to ensure they match your expectations. 3) The tool invokes the macOS 'security' command when falling back to Keychain — this is expected for macOS credential retrieval. 4) The code is bundled in the skill; if you distrust the source, inspect scripts/applecal.py in full before running. 5) Run the provided 'doctor' and tests in an isolated environment (or sandbox) first, and avoid placing the app-specific password in shared CI environments. Overall the skill is coherent with its purpose; the remaining risks are operational (credential handling and file uploads), not indicators of misdirection.
Capability Analysis
Type: OpenClaw Skill
Name: apple-cal-anywhere
Version: 1.3.1
The apple-cal-anywhere skill is a legitimate tool for managing iCloud calendars via CalDAV. The primary script, scripts/applecal.py, implements significant security guardrails for its file attachment feature, including an extension allowlist and blocklists for sensitive directories (e.g., .ssh, .aws) and filenames (e.g., .env, id_rsa). Authentication is handled through standard, secure methods such as environment variables, the Python keyring library, or the macOS Keychain.
Capability Assessment
Purpose & Capability
Name/description, CLI, and code all implement CalDAV calendar operations and managed attachments. Requested binary (python3) and required environment variable (APPLECAL_PASSWORD) are expected and necessary for iCloud CalDAV access.
Instruction Scope
Runtime instructions and code read APPLECAL_PASSWORD (or keyring/macOS Keychain) and connect to caldav.icloud.com; they also allow uploading local files as RFC-8607 managed attachments. Attachment handling includes extension allowlist and sensitive-path/name blocking, and an optional APPLECAL_ATTACH_DIR scoping feature. Note: the skill will read local files only when you explicitly use attach commands; otherwise it performs normal calendar API operations. There is a minor code-quality oddity in the truncated source (a likely erroneous 'return r' near keychain handling) — this looks like a bug, not malicious behavior, but you may want to inspect the full file.
Install Mechanism
No install spec is provided (instruction-only install), and the code expects only standard Python plus the 'requests' library (and optional 'keyring'). This is low-risk compared with arbitrary remote downloads. The README instructs pip install requests (and optional keyring).
Credentials
Only APPLECAL_PASSWORD is declared and used as the primary credential. The skill optionally consults local keyring or macOS Keychain as documented. No unrelated credentials, cloud provider keys, or broad system config paths are requested.
Persistence & Privilege
The skill is not always-enabled, does not request persistent system-level privileges in metadata, and does not declare writes to other skills or system configuration. It uses local keyring/keychain only for credential retrieval, which is appropriate for its purpose.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install apple-cal-anywhere - After installation, invoke the skill by name or use
/apple-cal-anywhere - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.1
Fix recurring event expansion in event listing; fix TZID parsing for recurring event instances; add regression tests for recurrence listing behavior.
v1.3.0
apple-cal-anywhere 1.3.0
- Adds support for managed attachments (RFC 8607), compatible with iPhone and iPad.
- Enables querying multiple calendars in a single command for event listing.
- Introduces free/busy lookup with event-derived fallback.
- Enhances event update with options to explicitly clear location or description fields.
- Improves attachment safety with allowlisted file extensions, sensitive path blocking, and optional directory scoping via APPLECAL_ATTACH_DIR.
- Expands authentication fallback order and clarifies use of the APPLECAL_PASSWORD environment variable.
Metadata
Frequently Asked Questions
What is Apple Cal Anywhere?
Your Apple Calendar, on any platform. iCloud Calendar skill via CalDAV (RFC 4791) — works on macOS/Linux, and Windows with env/keyring auth. Supports event C... It is an AI Agent Skill for Claude Code / OpenClaw, with 364 downloads so far.
How do I install Apple Cal Anywhere?
Run "/install apple-cal-anywhere" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Apple Cal Anywhere free?
Yes, Apple Cal Anywhere is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Apple Cal Anywhere support?
Apple Cal Anywhere is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Apple Cal Anywhere?
It is built and maintained by Xushen (@xushen-ma); the current version is v1.3.1.
More Skills