← 返回 Skills 市场
377
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install ews-skill
功能描述
Extract calendar events from Microsoft Exchange via EWS API
使用说明 (SKILL.md)
Purpose
Fetch calendar events from Microsoft Exchange Web Services (EWS) and return them as structured JSON.
When to Use
- User asks about their calendar events ("What's on my calendar today?")
- Need to retrieve meetings for today, tomorrow, or a specific date
- Extracting meeting details: subject, time, location, organizer, body text, links
Security Model
Credentials are stored in OS keyring, NOT in config files:
- macOS: Keychain Access (encrypted, OS-managed)
- Linux: libsecret / gnome-keyring (encrypted, OS-managed)
Only EWS_URL and EWS_USER are stored in OpenClaw config (non-secret). The password is retrieved securely at runtime.
Setup
1. Install keyring tools (Linux only)
# Debian/Ubuntu
sudo apt install libsecret-tools gnome-keyring
# Fedora
sudo dnf install libsecret gnome-keyring
# Arch
sudo pacman -S libsecret gnome-keyring
macOS has Keychain built-in.
2. Store credentials in keyring
{baseDir}/ews-calendar-setup.sh --user "DOMAIN\\username"
You will be prompted for your password. This stores it securely in the OS keyring.
3. Configure OpenClaw
Add to ~/.openclaw/openclaw.json:
{
skills: {
entries: {
"ews-calendar": {
enabled: true,
env: {
EWS_URL: "https://outlook.company.com/EWS/Exchange.asmx",
EWS_USER: "DOMAIN\\username"
}
}
}
}
}
Replace with your actual Exchange URL and username.
Usage
The skill runs {baseDir}/ews-calendar-secure.sh which:
- Retrieves
EWS_PASSfrom OS keyring - Calls the main script with all credentials in environment
- Returns JSON output
Command Syntax
{baseDir}/ews-calendar-secure.sh --date \x3CDATE> [--output \x3CFILE>] [--verbose]
Parameters
--date(required): Date filterYYYY-MM-DD— specific date (e.g.,2026-03-03)today— today's datetomorrow— tomorrow's date
--output \x3CFILE>: Write JSON to file instead of stdout--verbose: Enable debug logging--debug-xml \x3CFILE>: Save raw XML response for debugging
Output Format
Returns JSON array of calendar events:
[
{
"subject": "Team Standup",
"start": "2026-03-03T10:00:00Z",
"end": "2026-03-03T10:30:00Z",
"location": "Conference Room A",
"organizer": "[email protected]",
"body": "Weekly sync meeting to discuss sprint progress...",
"links": ["https://zoom.us/j/12345", "https://confluence.example.com/doc"]
}
]
Returns empty array [] if no events found.
Example Invocations
Get today's events:
{baseDir}/ews-calendar-secure.sh --date today
Get tomorrow's events to file:
{baseDir}/ews-calendar-secure.sh --date tomorrow --output /tmp/tomorrow.json
Get specific date with debug:
{baseDir}/ews-calendar-secure.sh --date 2026-03-03 --verbose --debug-xml /tmp/debug.xml
Troubleshooting
Password not found in keyring
[ERROR] Password not found in keyring for user: DOMAIN\username
[HINT] Run: ./ews-calendar-setup.sh to store credentials
Solution: Run the setup script to store your password:
{baseDir}/ews-calendar-setup.sh --user "DOMAIN\\username"
Linux: secret-tool not found
[ERROR] 'secret-tool' not found. Install: apt install libsecret-tools
Solution: Install libsecret tools:
sudo apt install libsecret-tools gnome-keyring
Linux: Keyring locked
On Linux, the keyring may be locked after login.
Solution: Unlock your keyring (usually happens automatically on desktop login). For headless servers, you may need to set up a keyring daemon.
HTTP request failed
[ERROR] HTTP request failed with status: 401
Possible causes:
- Incorrect username or password
- Password changed — re-run setup script
- Account locked or expired
SOAP Fault
[ERROR] SOAP Fault detected
Fault code: a:ErrorInvalidRequest
Fault string: The request is invalid.
Possible causes:
- Invalid EWS URL (check
EWS_URLin config) - Date format issue (use
YYYY-MM-DD) - Exchange server configuration issue
Credential Management
Update password (after password change)
{baseDir}/ews-calendar-setup.sh --user "DOMAIN\\username"
The script will overwrite the existing entry.
Remove credentials
{baseDir}/ews-calendar-setup.sh --user "DOMAIN\\username" --delete
Or manually:
macOS:
security delete-generic-password -a "DOMAIN\\username" -s "ews-calendar"
Linux:
secret-tool clear service "ews-calendar" user "DOMAIN\\username"
View stored credentials (macOS only)
security find-generic-password -a "DOMAIN\\username" -s "ews-calendar" -w
Files in This Skill
{baseDir}/
├── SKILL.md # This file
├── ews-calendar.sh # Main script (reads from env or .env)
├── ews-calendar-secure.sh # Wrapper that gets password from keyring
├── ews-calendar-setup.sh # Store credentials in keyring
├── templates/
│ ├── find-items.xml # SOAP template for finding calendar items
│ └── get-item.xml # SOAP template for getting item details
└── .env.example # Example config for standalone usage
Alternative: Standalone Usage (without keyring)
For development or testing, you can run ews-calendar.sh directly with a .env file:
- Copy
.env.exampleto.env - Fill in your credentials
- Run:
./ews-calendar.sh --date today
Warning: This stores password in plaintext. Use keyring for production.
安全使用建议
This skill appears to do exactly what it says: read your EWS calendar via NTLM and return JSON. Before installing, verify the skill's source/trust (it has no homepage), review the included scripts yourself, and ensure you configure it to use the OS keyring rather than the .env fallback. If you enable debug XML or use --output files, ensure the output files have strict permissions (chmod 600) or avoid writing them to shared locations. Confirm EWS_URL points to your organization's Exchange server (HTTPS) and remove any plaintext .env files after testing. If you have concerns about third-party code, run the scripts in an isolated environment or inspect them line-by-line (they are small shell scripts).
功能分析
Type: OpenClaw Skill
Name: ews-skill
Version: 1.0.0
The skill primarily uses OS keyrings for secure credential storage, which is a good practice. However, the `ews-calendar.sh` script includes an alternative 'standalone usage' mode that allows loading credentials, including the password, from a plaintext `.env` file. Although `SKILL.md` and `README.md` explicitly warn against using this for production, the presence of this capability (a documented vulnerability) constitutes a significant security risk if users disregard the warnings, leading to potential plaintext password exposure. There is no evidence of malicious intent, prompt injection, or other harmful behaviors.
能力评估
Purpose & Capability
Name/description (EWS calendar extraction) match the files and runtime requirements. Requested binaries (curl, xmllint) and optional keyring tools (security/secret-tool) are appropriate. Required env vars (EWS_URL, EWS_USER) are exactly what an EWS client needs.
Instruction Scope
Runtime instructions and scripts stay within scope: they retrieve the password from the OS keyring, call the configured EWS_URL via curl/NTLM, parse SOAP XML, and return JSON. Notes: (1) there is a fallback path to load credentials from a .env file (plaintext EWS_PASS) for standalone use — the README warns about this; (2) the tool can write raw XML to disk via --debug-xml and may print full HTTP responses on error, which could expose sensitive calendar contents if files/outputs are not protected.
Install Mechanism
No install spec is present (instruction-only skill plus included scripts). That is low-risk; the repository provides shell scripts to run directly. Nothing is downloaded from untrusted URLs or auto-installed by the skill.
Credentials
The skill only requires EWS_URL and EWS_USER in config; the secret (EWS password) is stored in the OS keyring rather than requested as an environment variable, which is proportionate. Caveats: the scripts support a .env fallback (EWS_PASS in plaintext) which increases risk if used; the skill does not request unrelated credentials or broad environment access.
Persistence & Privilege
Skill is not forced-always. It requires the user to enable it in ~/.openclaw/openclaw.json per instructions. It does not modify other skills or system-wide agent settings and does not request permanent elevated privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ews-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/ews-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Secure calendar event extraction from Microsoft Exchange via EWS API.
- Fetches Exchange calendar events and returns them as structured JSON.
- Secure credential storage using OS keyring (no plaintext passwords).
- Includes setup, configuration, and troubleshooting instructions for Linux and macOS.
- Provides shell scripts for setup, secure execution, and credential management.
- Supports date filtering (today, tomorrow, specific date) and output to file.
- Output includes subject, time, location, organizer, body, and links for each event.
元数据
常见问题
EWS Skill 是什么?
Extract calendar events from Microsoft Exchange via EWS API. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 377 次。
如何安装 EWS Skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ews-skill」即可一键安装,无需额外配置。
EWS Skill 是免费的吗?
是的,EWS Skill 完全免费(开源免费),可自由下载、安装和使用。
EWS Skill 支持哪些平台?
EWS Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 EWS Skill?
由 basuev(@basuev)开发并维护,当前版本 v1.0.0。
推荐 Skills