← 返回 Skills 市场

Openclaw With Apple

Name: Openclaw With Apple
Author: gzww

作者 Pygmalion · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

109

总下载

当前安装

版本数

在 OpenClaw 中安装

/install openclaw-with-apple

功能描述

Apple iCloud 全功能访问 + Apple Health 深度健康分析 + 双向待办同步

安全使用建议

What to consider before installing: - Do NOT paste your Apple ID main password or one‑time 2FA codes into chat history. The SKILL.md explicitly encourages that — it's unsafe because chat logs may persist. Prefer local interactive login on a machine you control. - Prefer using an Apple app‑specific password whenever possible (the docs say calendar can work with that alone). If you only need calendar/CalDAV, avoid giving the main password. - Inspect scripts before running: review setup_tasks_cron.py, icloud_auth.py, tasks_tool.py and any code that writes cron entries, uploads files, or calls external endpoints. Only run on a personal, non‑shared machine. - The skill will cache session tokens under ~/.pyicloud/ — protect that directory (permissions) and delete/revoke sessions when you stop using the skill. Revoke app‑specific passwords on appleid.apple.com after testing. - The SKILL.md forces immediate command execution when the user mentions actions; consider disabling or modifying that behavior (require explicit confirmation) before using the skill broadly. - If you must use it: run the code locally (not on a cloud/shared server), create a separate Apple account for testing if possible, and audit the files the skill creates (tasks_latest.json, notes_latest.json) and scheduled cron jobs. Why I'm suspicious: the code matches the claimed capabilities but the runtime instructions ask for sensitive secrets via chat, enforce autonomous immediate execution, and the registry metadata fails to declare those credential requirements — this combination raises significant safety and coherence concerns. If you want, I can highlight the exact lines in scripts that persist sessions or add concrete steps to run the skill safely in a sandboxed/local environment.

功能分析

Type: OpenClaw Skill Name: openclaw-with-apple Version: 1.0.0 The skill bundle provides a comprehensive suite for integrating Apple iCloud services, including Photos, Drive, Calendar, and Find My, as well as Apple Health analysis. It is classified as suspicious due to several high-risk behaviors: it explicitly instructs the AI agent to collect the user's Apple ID and Main Password (storing them in environment variables), establishes persistence on macOS via a LaunchAgent (setup_tasks_cron.py), and includes capabilities to track device locations and enable 'Lost Mode' (icloud_tool.py). Furthermore, the SKILL.md contains aggressive 'Iron Rules' that command the AI to execute tools immediately without user confirmation upon detecting specific keywords, which increases the risk of unintended actions via prompt injection. While these features are aligned with the stated purpose and documented in SECURITY.md, the combination of credential collection, persistence, and automated device control represents a significant security surface.

能力评估

ℹ Purpose & Capability

The name/description (iCloud, Health, two‑way tasks) match the included scripts (pyicloud, caldav, health_tool, tasks_tool). Requiring an app‑specific password for CalDAV and a full login/session for broader iCloud access is coherent with the stated functionality. HOWEVER the registry metadata declared no required environment variables or primary credential while SKILL.md and multiple scripts explicitly instruct users to provide ICLOUD_APP_PASSWORD, ICLOUD_USERNAME, and the Apple ID main password — this metadata mismatch is a red flag (incoherent packaging).

⚠ Instruction Scope

SKILL.md contains an 'iron law' that forces the agent to immediately execute local Python commands whenever a user mentions an action or note, without asking confirmation. It also instructs the agent to solicit Apple ID main password and 2FA codes in chat and to set environment variables and cron jobs automatically. These instructions grant broad file/system interaction (writing JSON, installing cron jobs, reading home iCloud Drive paths) and direct secret handling via chat — far beyond a passive helper. The requirement that users paste main passwords / 2FA into the conversation is especially problematic because chat logs persist.

ℹ Install Mechanism

No automated installer is declared in the registry, but SKILL.md instructs pip install pyicloud caldav icalendar. Pulling dependencies from PyPI is common and expected for this Python toolset (moderate risk). There is no remote arbitrary binary download in the metadata. Still, the skill will write cron entries and create files (setup_tasks_cron.py / tasks_latest.json / session cache), so disk writes and scheduled persistence are expected and should be reviewed before running on shared systems.

⚠ Credentials

The skill asks for very sensitive credentials (Apple ID main password and 2FA) even though some features can operate with only an application‑specific password. Requesting the main password is explainable for full iCloud access, but SKILL.md explicitly instructs users to send those secrets in chat (and to set them as environment variables), which is disproportionate and unsafe. The skill also claims passwords 'won't be written to disk' but will create session tokens in ~/.pyicloud/ — accurate but still a persistence of authentication state that must be protected. The registry metadata claiming 'none' for required env vars conflicts with the real credential needs declared in documentation and code.

⚠ Persistence & Privilege

The skill will persist iCloud session tokens/cookies to ~/.pyicloud/ (normal for pyicloud) and instructs installation of a nightly cron job to push JSON files to iCloud Drive. It is not marked always:true, but the SKILL.md 'iron law' plus automatic cron installation increases the blast radius: the agent is expected to autonomously run commands and keep scheduled tasks on the host. That level of persistence combined with secret handling and automated execution is sensitive and should be limited to a trusted, single‑user machine.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install openclaw-with-apple
安装完成后，直接呼叫该 Skill 的名称或使用 /openclaw-with-apple 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

OpenClaw with Apple 1.0.0 - Initial release with full Apple iCloud access on Linux/Mac. - Supports deep Apple Health data analysis, including heart rate, sleep, and activity. - Enables bidirectional reminder (tasks) and notes sync: AI can write directly to iPhone Reminders/Notes. - Automatic, strict action/note capturing: all user-stated tasks/notes are immediately synced (no confirmation required). - Detailed setup workflows and enforcement rules for reminders, notes, and Health data are provided. - Service includes easy iPhone automation/integration using Shortcut links and server-side scheduled task management.

元数据

Slug openclaw-with-apple

版本 1.0.0

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 1

常见问题

Openclaw With Apple 是什么？

Apple iCloud 全功能访问 + Apple Health 深度健康分析 + 双向待办同步. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 109 次。

如何安装 Openclaw With Apple？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-with-apple」即可一键安装，无需额外配置。

Openclaw With Apple 是免费的吗？

是的，Openclaw With Apple 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Openclaw With Apple 支持哪些平台？

Openclaw With Apple 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Openclaw With Apple？

由 Pygmalion（@gzww）开发并维护，当前版本 v1.0.0。