← 返回 Skills 市场
438
总下载
0
收藏
1
当前安装
9
版本数
在 OpenClaw 中安装
/install apple-calendar-pro
功能描述
iCloud Calendar skill via CalDAV (RFC 4791) — works on macOS/Linux, and Windows with env/keyring auth. Supports event CRUD, multi-calendar queries, managed a...
使用说明 (SKILL.md)
apple-calendar-pro
Advanced Apple Calendar integration using CalDAV (RFC 4791) and Managed Attachments (RFC 8607).
Primary CLI
scripts/applecal.py
Capabilities
- Event CRUD: List, Create, Update, Delete.
- Multi-Calendar Support: Query multiple calendars in a single command.
- True Attachments: RFC 8607 compatible (works on iPhone/iPad).
- Free/Busy: CalDAV scheduling lookup with event-derived fallback.
Common Commands
List Events (Combined)
Check multiple calendars at once:
python3 scripts/applecal.py events list \
--apple-id [email protected] \
--calendar Family \
--calendar Work \
--from "2026-02-26T00:00:00Z" \
--to "2026-02-26T23:59:59Z"
Create All-Day Event
python3 scripts/applecal.py events create \
--apple-id [email protected] \
--calendar Family \
--summary "Birthday" \
--start "2026-02-26" \
--end "2026-02-26" \
--all-day
Attach a File (iPhone Safe)
python3 scripts/applecal.py attach add \
--apple-id [email protected] \
--calendar Family \
--uid \x3CUID> \
--file /path/to/document.pdf
Free/Busy Check
python3 scripts/applecal.py freebusy \
--apple-id [email protected] \
--calendar Family \
--from "2026-02-26T00:00:00Z" \
--to "2026-02-26T23:59:59Z"
Notes
- Birthdays: The virtual "Birthdays" calendar is not searchable via CalDAV. Key birthdays should be added as physical recurring events in the Family calendar for agent visibility.
- Auth: Resolution order is
APPLECAL_PASSWORD→ Pythonkeyring(if installed/configured) → macOS Keychain fallback. Rundoctorto verify connectivity. - Event update clearing: Use
events update --clear-location/--clear-descriptionto explicitly remove optional fields. - Attachment safety:
attach addblocks sensitive paths/names, allowlists file extensions, and supports optional directory scoping viaAPPLECAL_ATTACH_DIR. - Apple ID: Always pass
--apple-id [email protected](the iCloud account email, not necessarily your Apple ID login).
安全使用建议
This skill appears to do what it says: manage iCloud calendars via CalDAV and upload attachments using an app-specific password. Before installing, consider the following:
- You must provide an app-specific password (APPLECAL_PASSWORD). Keep this confined to a user account (avoid setting it globally on shared machines).
- Attachments selected for upload are read from disk and sent to Apple's CalDAV servers. The script includes allowlists and blocks common sensitive directories/names, but you should still verify the files you attach. Use APPLECAL_ATTACH_DIR to restrict allowed attachment locations (the SKILL metadata does not list this optional env var — it's documented in SKILL.md/code).
- The script may retrieve credentials from Python keyring or run macOS's 'security' CLI to read the Keychain; this is expected for credential resolution but means the script will invoke local credential helpers when APPLECAL_PASSWORD is not set.
- There is no automatic installer; you must ensure python3 and the 'requests' package (and optionally 'keyring') are installed.
- If you want higher assurance, review the rest of scripts/applecal.py (the file is included) to confirm no additional network endpoints or unexpected behaviors before granting the APPLECAL_PASSWORD env var or running attachment uploads.
功能分析
Type: OpenClaw Skill
Name: apple-calendar-pro
Version: 1.3.0
The skill is classified as benign. The `scripts/applecal.py` code demonstrates strong security practices, particularly in the `resolve_attachment_path` function, which explicitly blocks sensitive file extensions, directory segments (e.g., '.ssh', '.aws'), and file name patterns (e.g., 'credentials', 'secret', 'id_rsa'). Credential handling uses secure methods like environment variables, Python keyring, or macOS Keychain via `subprocess.run` with hardcoded arguments, preventing shell injection. All network communication is directed to `caldav.icloud.com`, and there is no evidence of data exfiltration, unauthorized command execution, persistence mechanisms, or prompt injection attempts in the documentation.
能力评估
Purpose & Capability
Name/description (iCloud CalDAV calendar with attachments) align with required binary (python3), the single required env var (APPLECAL_PASSWORD), and the included script. Network activity is targeted at the iCloud CalDAV endpoint (ICLOUD_WELL_KNOWN). Requiring a password for iCloud access is expected.
Instruction Scope
SKILL.md and the script instruct the agent to read local files when uploading attachments and to consult credentials via APPLECAL_PASSWORD, python keyring, or macOS Keychain. Reading local attachment files and invoking the macOS 'security' tool is in-scope for an attachment-capable CalDAV client, but users should be aware that attachment contents will be uploaded to iCloud. The instructions include an optional APPLECAL_ATTACH_DIR feature (directory scoping) that governs which files can be attached.
Install Mechanism
There is no automatic install spec; this is instruction-only with a bundled script. Dependencies are minimal (requests, optional keyring) and the README documents pip installation. No remote download or archive extraction is used by the skill itself.
Credentials
Only APPLECAL_PASSWORD is declared as required (and used as the primary credential), which is proportional to CalDAV access. The code also optionally reads APPLECAL_ATTACH_DIR (not listed in the declared required env vars) and may call into system keyring/keychain tools. Access to local keyrings/keychain via keyring or macOS 'security' is justified for credential resolution, but the undeclared optional env var (APPLECAL_ATTACH_DIR) is a minor metadata inconsistency and should be documented in the registry metadata if considered part of configuration.
Persistence & Privilege
The skill does not request 'always: true' or other elevated platform privileges. It does run subprocesses (macOS 'security') and network calls as part of expected behaviour but does not attempt to modify other skills or system-wide agent config.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install apple-calendar-pro - 安装完成后,直接呼叫该 Skill 的名称或使用
/apple-calendar-pro触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.0
Security: attachment path hardening — extension allowlist, sensitive path/name blocking, optional APPLECAL_ATTACH_DIR directory scoping
v1.2.6
Scope platform claim to macOS and Linux only; remove unverified Windows support
v1.2.5
Add GitHub homepage; address ClawHub provenance flag
v1.2.4
Add GitHub homepage; address ClawHub provenance flag
v1.2.3
Declare APPLECAL_PASSWORD as required env var in metadata; fixes credential transparency flag
v1.2.2
Declare APPLECAL_PASSWORD as required env var in metadata; fixes credential transparency flag
v1.2.1
Fix description; remove macOS-only claim; update auth notes to include cross-platform env var
v1.2.0
Cross-platform auth via APPLECAL_PASSWORD env var; improved setup docs; cleaner README
v1.1.0
Cross-platform auth via APPLECAL_PASSWORD env var; improved setup docs
元数据
常见问题
apple-calendar-pro 是什么?
iCloud Calendar skill via CalDAV (RFC 4791) — works on macOS/Linux, and Windows with env/keyring auth. Supports event CRUD, multi-calendar queries, managed a... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 438 次。
如何安装 apple-calendar-pro?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install apple-calendar-pro」即可一键安装,无需额外配置。
apple-calendar-pro 是免费的吗?
是的,apple-calendar-pro 完全免费(开源免费),可自由下载、安装和使用。
apple-calendar-pro 支持哪些平台?
apple-calendar-pro 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 apple-calendar-pro?
由 Xushen(@xushen-ma)开发并维护,当前版本 v1.3.0。
推荐 Skills