← 返回 Skills 市场
h8kxrfp68z-lgtm

iCalendar Sync

作者 h8kxrfp68z-lgtm · GitHub ↗ · v2.4.1
cross-platform ✓ 安全检测通过
2401
总下载
3
收藏
4
当前安装
40
版本数
在 OpenClaw 中安装
/install icalendar-sync
功能描述
Secure iCloud Calendar operations for OpenClaw with CalDAV and macOS native bridge providers. Use when tasks require calendar listing, event retrieval, event...
使用说明 (SKILL.md)

iCalendar Sync

Use this skill to perform iCloud calendar CRUD operations from OpenClaw agents.

1. Prepare Credentials Securely

Use App-Specific Passwords only (never the primary Apple ID password).

Prefer keyring storage:

python -m icalendar_sync setup --username [email protected]

Use non-interactive setup for automation:

export ICLOUD_USERNAME="[email protected]"
export ICLOUD_APP_PASSWORD="xxxx-xxxx-xxxx-xxxx"
python -m icalendar_sync setup --non-interactive

Use file storage only when keyring is unavailable (headless or GUI-restricted runtime):

python -m icalendar_sync setup --non-interactive --storage file --config ~/.openclaw/icalendar-sync.yaml

2. Choose Provider Deliberately

  • --provider auto: macOS uses native bridge, non-macOS uses CalDAV.
  • --provider caldav: force direct iCloud CalDAV.
  • --provider macos-native: force Calendar.app bridge (macOS only).

For CalDAV diagnostics, add:

--debug-http --user-agent "your-agent/1.0"

3. Execute Calendar Operations

List calendars:

python -m icalendar_sync list

Get events:

python -m icalendar_sync get --calendar "Personal" --days 7

Create event:

python -m icalendar_sync create --calendar "Personal" --json '{
  "summary": "Meeting",
  "dtstart": "2026-02-15T14:00:00+03:00",
  "dtend": "2026-02-15T15:00:00+03:00"
}'

Update event (simple):

python -m icalendar_sync update --calendar "Personal" --uid "event-uid" --json '{"summary":"Updated title"}'

Update recurring event instance:

python -m icalendar_sync update \
  --calendar "Work" \
  --uid "series-uid" \
  --recurrence-id "2026-03-01T09:00:00+03:00" \
  --mode single \
  --json '{"summary":"One-off change"}'

Modes for recurring updates:

  • single: update one instance (use --recurrence-id)
  • all: update whole series
  • future: split series and update this+future (use --recurrence-id)

Delete event:

python -m icalendar_sync delete --calendar "Personal" --uid "event-uid"

4. Input Contract

For create, require at least:

  • summary (string)
  • dtstart (ISO datetime)
  • dtend (ISO datetime, must be later than dtstart)

Optional fields:

  • description
  • location
  • status
  • priority (0-9)
  • alarms
  • rrule

5. Safety Rules

  • Validate calendar names; reject path-like payloads.
  • Keep credential material out of logs/output.
  • Prefer keyring over file storage.
  • If file storage is used, enforce strict file permissions (0600).

6. Failure Handling

If CalDAV auth/network fails on macOS and provider is auto/caldav, switch to macos-native and retry the same operation.

If JSON payload is supplied as file path, ensure file size stays within safe limits before parsing.

安全使用建议
This skill is coherent with its stated purpose, but review these points before installing: - Credentials: The skill requires an iCloud username and an App‑Specific Password for CalDAV. Prefer keyring storage as documented; if you use file-based config, ensure the file is created with strict permissions (0600) and store it on a secure path. Note the registry summary omitted required env vars — don't rely only on the brief metadata. - Source & provenance: The skill's source/homepage is unknown in the registry summary. If you plan to install, prefer obtaining the package from a trusted repository or verify the included source files (especially calendar.py and install.sh) locally before running the installer. - Installer behavior: install.sh will run pip install -r requirements.txt and copy code into ~/.openclaw/skills and create a CLI in ~/.local/bin. Review the script and ensure your environment is the intended one (e.g., a virtualenv or isolated container) before running it. - Subprocess usage / macOS bridge: The implementation imports subprocess and implements a macOS-native provider. That justifies subprocess usage (e.g., osascript/AppleScript) but also means careful input sanitization is important. If you rely on the macOS provider, validate that inputs you provide (calendar names, recurrence IDs, JSON fields) cannot be used to inject commands; the project documents input validation, but you may want to spot-check the code paths that call subprocess. - Logging & debug: The tool supports debug HTTP output and a custom User-Agent. Avoid enabling verbose debug in production environments where logs may be forwarded to third parties; verify that logs are indeed redacting sensitive fields as claimed. - Sandbox & least privilege: If you want an extra safety margin, install and run the skill in an isolated environment (container or dedicated VM) or under a user account with minimal privileges. If you want, I can scan the rest of calendar.py (the truncated part) for any direct subprocess.invoke or network calls that use user-provided strings, and point to the exact lines to review.
功能分析
Type: OpenClaw Skill Name: icalendar-sync Version: 2.4.1 The icalendar-sync skill bundle is a well-architected and professional tool for managing iCloud calendars via CalDAV or macOS AppleScript. It demonstrates strong security posture through features like sensitive data redaction in logs (SensitiveDataFilter), strict input validation for calendar names and UIDs, rate limiting, and secure credential handling using the system keyring or 0600-permissioned YAML files. Analysis of src/icalendar_sync/calendar.py and install.sh reveals no evidence of malicious intent, data exfiltration, or unauthorized execution; all capabilities are strictly aligned with the stated purpose of calendar synchronization.
能力评估
Purpose & Capability
Name/description, CLI instructions, code, and dependencies align: the package implements CalDAV and a macOS native bridge and depends on caldav, icalendar, requests and keyring which are appropriate. Minor inconsistency: the top-level registry 'Requirements' block reported no required env vars, but the code, README, skill.yaml and SKILL.md clearly document ICLOUD_USERNAME/ICLOUD_APP_PASSWORD (or keyring/config alternatives) as the credential inputs needed for CalDAV mode. Also the registry metadata claimed 'instruction-only' yet multiple source files and an install.sh are present (no automated install spec, but substantive code exists).
Instruction Scope
SKILL.md instructs only calendar-related actions (list/get/create/update/delete) and credential setup via keyring/env/config file. It documents input validation, file size limits, and safety rules. It does permit reading JSON payload files and an explicit YAML credential file (both bounded by size checks). Nothing in SKILL.md instructs reading unrelated system secrets or contacting unknown external endpoints; debug options allow additional HTTP output but the docs say credentials will be redacted.
Install Mechanism
There is no platform install spec in the registry, but an included install.sh copies files to ~/.openclaw/skills and installs Python dependencies from PyPI (requirements.txt). Installing via the provided script will run pip to fetch public packages (caldav, requests, keyring, etc.) — a normal approach but it executes network installs and writes to the user's home directory. The install source URLs are standard (PyPI) and not remote arbitrary binaries; no suspicious download URLs were observed.
Credentials
The skill legitimately needs iCloud credentials (App-Specific Password and username) for CalDAV. It does not request unrelated third‑party credentials. However, registry metadata at the top reported 'required env vars: none' while docfiles and skill.yaml enumerate ICLOUD_USERNAME, ICLOUD_APP_PASSWORD and several ICALENDAR_SYNC_* variables — this mismatch could lead to silent misconfiguration if a user relies solely on registry summaries. File-based credential storage is supported (and documented) with recommended 0600 permissions; that increases attack surface if not used carefully.
Persistence & Privilege
always:false (default) and there is no evidence the skill tries to force-enable itself across agents or modify other skills. The install script writes files into a user-controlled ~/.openclaw/skills directory and creates a CLI wrapper in ~/.local/bin, which are expected behaviors for a user-installed skill. No privileged system changes or cross-skill config modifications were observed.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install icalendar-sync
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /icalendar-sync 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.4.1
- Improved documentation in SKILL.md and README.md for clearer usage instructions. - Enhanced test coverage with updates to test_calendar.py and test_security.py. - Internal refinements in calendar.py for better maintainability. - Updated changelog with recent changes.
v2.4.0
Version 2.4.0 - Major refactor with 19 new files, including modularized source, tests, and documentation. - Added CI/CD and security workflow files (.github, SECURITY.md). - Introduced extensive input validation, recurring event modes, and robust credential handling. - Streamlined documentation for setup, provider selection, and secure usage. - Now defaults to safer storage and fallback mechanisms for headless/automated environments. - Initial comprehensive tests included for calendar and security logic.
v2.3.6
Version 2.3.6 - No code changes detected in this release. - Documentation and usage instructions remain unchanged.
v2.3.5
Version 2.3.5 of icalendar-sync - No code or documentation changes detected. - Content and usage instructions remain unchanged from the previous version.
v2.3.4
Version 2.3.4 of iCalendar Sync has no code or documentation changes. - No file or documentation changes detected in this release. - Functionality and content remain identical to the previous version. - Safe to update with no impact on current usage or setup.
v2.3.3
Version 2.3.3 - Added documentation for macOS native bridge mode using `--provider macos-native`, allowing commands to interact with Calendar.app via AppleScript when direct iCloud access is unavailable. - Updated usage examples to include the new provider flag for listing calendars. - No changes to code or core functionality; update is SKILL.md documentation only.
v2.3.2
- Adds explicit file storage option for credentials via YAML config with strict permissions (mode 0600). - Documents new credential lookup order: OS keyring, then environment variables, then YAML config file. - Adds instructions for using new `--storage file` and `--config` flags for non-GUI environments. - Mentions `--debug-http` and custom `--user-agent` options for troubleshooting. - Clarifies fallback file handling: setup no longer writes plaintext `.env` files when keyring is unavailable.
v2.3.1
**Major update – removed nearly all source and config files, changed credential fallback behavior.** - All source code, configuration, and documentation files removed except SKILL.md. - SKILL.md updated: fallback plaintext storage (`~/.openclaw/.env`) when keyring is unavailable is no longer used; only OS keyring and environment variables are supported for credentials. - Usage, setup, and security instructions adjusted to reflect the removal of plaintext fallback files.
v2.3.0
- Added support for updating calendar events, including single events and recurring event instances. - New command-line examples for event update operations, covering single, all, and future instances of recurring events. - Event creation now uses a JSON object for specifying details like start and end times. - No changes to requirements or security features.
v2.2.31
- Removed legacy configuration and metadata files, including Clawhub integration and documentation files. - Cleaned up project files and metadata for better maintainability. - No changes to user-facing functionality or usage.
v2.2.30
- Added support for setting iCloud credentials via environment variables for headless/automated environments. - Updated documentation to clarify credential lookup order: OS keyring, then environment variables, then interactive prompt. - Expanded security guidance to cover CI/CD and container deployments. - No changes to core functionality or requirements.
v2.2.29
- Added README_FOR_CLAWHUB_SCANNER.md for enhanced scanner compatibility. - Updated configuration and metadata files: .clawhub.yaml, CLAWHUB_METADATA.yaml, REGISTRY.yaml, _meta.json, clawhub.json, metadata.yaml, pyproject.toml, setup.py, skill.yaml. - No functional user-facing changes to main skill features or documentation.
v2.2.28
- Updated metadata and configuration files for compatibility and registry alignment. - No changes to core functionality or documentation content.
v2.2.27
- Updated metadata and configuration files for compatibility and maintenance. - Documentation files refreshed; no user-facing feature or security changes. - No changes detected to skill commands, features, or workflow.
v2.2.26
- Updated configuration and metadata files: .clawhub.yaml, CLAWHUB_METADATA.yaml, REGISTRY.yaml, _meta.json, clawhub.json, metadata.yaml, pyproject.toml, setup.py, and skill.yaml. - Removed SECURITY_SCAN_NOTICE.md file. - No user-facing changes to documentation or features.
v2.2.25
- Updated configuration and metadata files: .clawhub.yaml, CLAWHUB_METADATA.yaml, REGISTRY.yaml, _meta.json, clawhub.json, metadata.yaml, pyproject.toml, requirements.txt, setup.py, skill.yaml. - No functional or documentation changes in SKILL.md. - Version bump to 2.2.25.
v2.2.24
- Major documentation update: SKILL.md now provides clearer security instructions and usage examples. - Security guidance expanded, emphasizing app-specific passwords and keyring usage. - Added Docker and Kubernetes secrets recommendations for container deployments. - Updated requirements to Python 3.9+ and clarified CalDAV access details. - Security features (keyring, SSL, rate limiting, log redaction) are now explicitly documented.
v2.2.23
Version 2.2.23 - Updated and reorganized metadata files (.clawhub.yaml, metadata.yaml, etc.). - Cleaned up repository by removing legacy and warning documents. - No changes to usage or public documentation content. - Internal configuration and packaging files refined for improved repository maintenance.
v2.2.22
- Maintenance release with repository and metadata updates. - Added CLAWHUB_SCANNER_NOTICE.md for compliance or scanner support. - Updated project and registry metadata files for improved integration. - No changes to core functionality or user-facing features.
v2.2.21
- Added skill.json metadata file for improved registry compatibility. - Updated configuration files (.clawhub.yaml, metadata, registry, etc.) for ecosystem alignment. - No changes to core functionality or user-facing behavior.
元数据
Slug icalendar-sync
版本 2.4.1
许可证
累计安装 4
当前安装数 4
历史版本数 40
常见问题

iCalendar Sync 是什么?

Secure iCloud Calendar operations for OpenClaw with CalDAV and macOS native bridge providers. Use when tasks require calendar listing, event retrieval, event... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2401 次。

如何安装 iCalendar Sync?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install icalendar-sync」即可一键安装,无需额外配置。

iCalendar Sync 是免费的吗?

是的,iCalendar Sync 完全免费(开源免费),可自由下载、安装和使用。

iCalendar Sync 支持哪些平台?

iCalendar Sync 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 iCalendar Sync?

由 h8kxrfp68z-lgtm(@h8kxrfp68z-lgtm)开发并维护,当前版本 v2.4.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论