Manage Notes, Tasks, Calendar, Files, and Contacts in your Nextcloud instance via CalDAV, WebDAV, and Notes API. Use for creating notes, managing todos and calendar events, uploading/downloading files, and managing contacts.
Security Analysis
medium confidenceThe skill appears to implement a legitimate Nextcloud client, but there are multiple inconsistencies between its manifest/registry and its runtime instructions (missing declared env vars and missing declared required binary), and it includes a large bundled JS script that will be executed; those mismatches warrant caution before installing.
The SKILL.md and bundled script implement Nextcloud integration (Notes, CalDAV, WebDAV, CardDAV) which explains the need for NEXTCLOUD_URL/USER/TOKEN and Node.js. However the registry metadata lists no required environment variables and no required binaries, which is inconsistent with the stated purpose. Requesting Nextcloud credentials is proportionate to the functionality, but the manifest not declaring them is a mismatch that could hide unexpected behavior.
The runtime instructions explicitly tell the agent to run the bundled node script (node scripts/nextcloud.js) and to read environment variables NEXTCLOUD_URL, NEXTCLOUD_USER, NEXTCLOUD_TOKEN. That scope is within the Nextcloud use case. However the skill's declared allowed-tools and registry fields do not reflect the requirement to run Node.js or to provide credentials. The instructions do not (in the visible SKILL.md) ask for unrelated system files or other credentials, and they indicate outputs are JSON.
There is no install spec (no downloads or package installs), which reduces install-time risk. Instead the skill includes a large bundled JavaScript file (scripts/nextcloud.js, ~647 KB) that will be executed directly by Node. Bundling many dependencies in a single script is common but increases audit surface — the file should be inspected for hidden endpoints or telemetry. The SKILL.md requires Node.js 20+ but the registry does not list Node as a required binary.
The SKILL.md legitimately requires NEXTCLOUD_URL, NEXTCLOUD_USER, and NEXTCLOUD_TOKEN (an app password or password) to access a Nextcloud instance — these are proportionate to the skill's purpose. The problem: the registry metadata claims no required env vars and no primary credential. That mismatch is suspicious because a consumer might not realize they need to provide a secret. Also NEXTCLOUD_TOKEN is sensitive (can permit full account access if it's a password), so the user should prefer an app-specific token and limit scope where possible.
The skill does not request always: true and is user-invocable; it does not declare modifications to other skills or system-wide settings. The SKILL.md describes storing default calendar/addressbook choices in agent memory (local agent memory keys), which is reasonable for UX and not a privileged operation.
Guidance
This skill is plausibly a genuine Nextcloud client, but there are inconsistencies you should resolve before installing: - The SKILL.md requires NEXTCLOUD_URL, NEXTCLOUD_USER, and NEXTCLOUD_TOKEN and Node.js 20+, but the registry metadata lists none of these. Treat the SKILL.md as authoritative and assume the script will read those env vars. - NEXTCLOUD_TOKEN is sensitive: use an app password with minimal scope on your Nextcloud instance rather than your main password. - The skill includes a large bundled JavaScript (scripts/nextcloud.js) that will run locally. Ask the publisher for the full source or inspect the file yourself for any hard-coded external endpoints, telemetry, or unrelated network calls before running it. - Ensure you run the script in a constrained environment (no more privileges than necessary). If possible, test it against a throwaway Nextcloud account first. - If you need assurance, request that the publisher: (1) update the registry metadata to declare Node.js and the required env vars, (2) provide a link to source or a checksum for the bundled script, and (3) confirm that the script only communicates with the configured NEXTCLOUD_URL and does not exfiltrate other data. Given the manifest mismatches and the bundled executable code, proceed cautiously — these issues make the package suspicious even though no explicit malicious indicators were found.
Latest Release
v0.1.3
- Migrated main script to scripts/nextcloud.js; removed old files (README.md, index.js, package.json, package-lock.json). - Updated documentation: clarified usage with the new script path and removed npm install instructions. - Added license and compatibility information (MIT, Node.js 20+ required). - Changed presentation guidelines: outputs now avoid markdown formatting for better compatibility with messaging apps. - Kept all commands, features, and output formats unchanged.
Popular Skills
Published by @keithvassallomt on ClawHub
