← Back to Skills Marketplace
109
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-with-apple
Description
Apple iCloud 全功能访问 + Apple Health 深度健康分析 + 双向待办同步
Usage Guidance
What to consider before installing:
- Do NOT paste your Apple ID main password or one‑time 2FA codes into chat history. The SKILL.md explicitly encourages that — it's unsafe because chat logs may persist. Prefer local interactive login on a machine you control.
- Prefer using an Apple app‑specific password whenever possible (the docs say calendar can work with that alone). If you only need calendar/CalDAV, avoid giving the main password.
- Inspect scripts before running: review setup_tasks_cron.py, icloud_auth.py, tasks_tool.py and any code that writes cron entries, uploads files, or calls external endpoints. Only run on a personal, non‑shared machine.
- The skill will cache session tokens under ~/.pyicloud/ — protect that directory (permissions) and delete/revoke sessions when you stop using the skill. Revoke app‑specific passwords on appleid.apple.com after testing.
- The SKILL.md forces immediate command execution when the user mentions actions; consider disabling or modifying that behavior (require explicit confirmation) before using the skill broadly.
- If you must use it: run the code locally (not on a cloud/shared server), create a separate Apple account for testing if possible, and audit the files the skill creates (tasks_latest.json, notes_latest.json) and scheduled cron jobs.
Why I'm suspicious: the code matches the claimed capabilities but the runtime instructions ask for sensitive secrets via chat, enforce autonomous immediate execution, and the registry metadata fails to declare those credential requirements — this combination raises significant safety and coherence concerns. If you want, I can highlight the exact lines in scripts that persist sessions or add concrete steps to run the skill safely in a sandboxed/local environment.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-with-apple
Version: 1.0.0
The skill bundle provides a comprehensive suite for integrating Apple iCloud services, including Photos, Drive, Calendar, and Find My, as well as Apple Health analysis. It is classified as suspicious due to several high-risk behaviors: it explicitly instructs the AI agent to collect the user's Apple ID and Main Password (storing them in environment variables), establishes persistence on macOS via a LaunchAgent (setup_tasks_cron.py), and includes capabilities to track device locations and enable 'Lost Mode' (icloud_tool.py). Furthermore, the SKILL.md contains aggressive 'Iron Rules' that command the AI to execute tools immediately without user confirmation upon detecting specific keywords, which increases the risk of unintended actions via prompt injection. While these features are aligned with the stated purpose and documented in SECURITY.md, the combination of credential collection, persistence, and automated device control represents a significant security surface.
Capability Assessment
Purpose & Capability
The name/description (iCloud, Health, two‑way tasks) match the included scripts (pyicloud, caldav, health_tool, tasks_tool). Requiring an app‑specific password for CalDAV and a full login/session for broader iCloud access is coherent with the stated functionality. HOWEVER the registry metadata declared no required environment variables or primary credential while SKILL.md and multiple scripts explicitly instruct users to provide ICLOUD_APP_PASSWORD, ICLOUD_USERNAME, and the Apple ID main password — this metadata mismatch is a red flag (incoherent packaging).
Instruction Scope
SKILL.md contains an 'iron law' that forces the agent to immediately execute local Python commands whenever a user mentions an action or note, without asking confirmation. It also instructs the agent to solicit Apple ID main password and 2FA codes in chat and to set environment variables and cron jobs automatically. These instructions grant broad file/system interaction (writing JSON, installing cron jobs, reading home iCloud Drive paths) and direct secret handling via chat — far beyond a passive helper. The requirement that users paste main passwords / 2FA into the conversation is especially problematic because chat logs persist.
Install Mechanism
No automated installer is declared in the registry, but SKILL.md instructs pip install pyicloud caldav icalendar. Pulling dependencies from PyPI is common and expected for this Python toolset (moderate risk). There is no remote arbitrary binary download in the metadata. Still, the skill will write cron entries and create files (setup_tasks_cron.py / tasks_latest.json / session cache), so disk writes and scheduled persistence are expected and should be reviewed before running on shared systems.
Credentials
The skill asks for very sensitive credentials (Apple ID main password and 2FA) even though some features can operate with only an application‑specific password. Requesting the main password is explainable for full iCloud access, but SKILL.md explicitly instructs users to send those secrets in chat (and to set them as environment variables), which is disproportionate and unsafe. The skill also claims passwords 'won't be written to disk' but will create session tokens in ~/.pyicloud/ — accurate but still a persistence of authentication state that must be protected. The registry metadata claiming 'none' for required env vars conflicts with the real credential needs declared in documentation and code.
Persistence & Privilege
The skill will persist iCloud session tokens/cookies to ~/.pyicloud/ (normal for pyicloud) and instructs installation of a nightly cron job to push JSON files to iCloud Drive. It is not marked always:true, but the SKILL.md 'iron law' plus automatic cron installation increases the blast radius: the agent is expected to autonomously run commands and keep scheduled tasks on the host. That level of persistence combined with secret handling and automated execution is sensitive and should be limited to a trusted, single‑user machine.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-with-apple - After installation, invoke the skill by name or use
/openclaw-with-apple - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
OpenClaw with Apple 1.0.0
- Initial release with full Apple iCloud access on Linux/Mac.
- Supports deep Apple Health data analysis, including heart rate, sleep, and activity.
- Enables bidirectional reminder (tasks) and notes sync: AI can write directly to iPhone Reminders/Notes.
- Automatic, strict action/note capturing: all user-stated tasks/notes are immediately synced (no confirmation required).
- Detailed setup workflows and enforcement rules for reminders, notes, and Health data are provided.
- Service includes easy iPhone automation/integration using Shortcut links and server-side scheduled task management.
Metadata
Frequently Asked Questions
What is Openclaw With Apple?
Apple iCloud 全功能访问 + Apple Health 深度健康分析 + 双向待办同步. It is an AI Agent Skill for Claude Code / OpenClaw, with 109 downloads so far.
How do I install Openclaw With Apple?
Run "/install openclaw-with-apple" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw With Apple free?
Yes, Openclaw With Apple is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Openclaw With Apple support?
Openclaw With Apple is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Openclaw With Apple?
It is built and maintained by Pygmalion (@gzww); the current version is v1.0.0.
More Skills