ClawHub
Code Pluginsource linked

Apple PIMv3.8.0

OpenClaw plugin for macOS Calendar, Reminders, Contacts, and Mail. macOS-only; depends on four native Swift CLIs (calendar-cli, reminder-cli, contacts-cli, mail-cli) you build locally from source via ./setup.sh. The registry does not download or install binaries.

apple-pim-cli·runtime apple-pim-cli·by @omarshahine
Community code plugin. Review compatibility and verification before install.
openclaw plugins install clawhub:apple-pim-cli
Latest release: v3.8.0Download zip

Capabilities

Tags
executes-codehost:darwin-arm64host-os:darwinhost-arch:arm64host:darwin-x64host-arch:x64environment:declaredrequires:binarybinary:calendar-clibinary:reminder-clibinary:contacts-clibinary:mail-clirequires:os-permissionos-permission:macos-calendarsos-permission:macos-remindersos-permission:macos-contactsos-permission:macos-mail-automationartifact:npm-packnpm-mirror:available
configSchema
Yes
Executes code
Yes
Host targets
darwin-arm64darwin-x64
HTTP routes
0
Runtime ID
apple-pim-cli

Compatibility

Built With Open Claw Version
2026.3.28
Plugin Api Range
>=2026.3.23
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared purpose is coherent: it exposes macOS PIM tools for calendars, reminders, contacts, and Mail.app, including expected read/write actions such as create, update, delete, send, reply, and move.
!
Instruction Scope
Most sensitive capabilities are disclosed, but the mail save_attachment schema says destDir must stay within home or system temp while the JavaScript handler passes caller-supplied destDir directly to mail-cli without visible enforcement in the package.
Install Mechanism
The package has no install or postinstall script that downloads binaries; metadata and docs say users build the required Swift CLIs locally, and static scan plus VirusTotal telemetry are clean.
Credentials
macOS Calendar, Reminders, Contacts, and Mail.app permissions are proportionate to the plugin purpose, but they expose highly sensitive local personal data and externally impactful mail actions.
!
Persistence & Privilege
Once macOS TCC and Automation permissions are granted, the agent can continue using broad read/write PIM access, including Mail.app send/delete and batch delete, until the user revokes those permissions.
Scan Findings in Context
[SQP-2] expected: Saving mail attachments is an expected mail-management feature, but the package-level handler does not enforce the path restriction promised by the tool schema before invoking the underlying CLI.
[RA2] expected: Broad read/write access to Apple PIM stores is disclosed and purpose-aligned, so this is not evidence of malicious behavior by itself; it remains a user-review issue because the permission is durable and high impact.
What to consider before installing
Install only if you are comfortable giving an agent ongoing access to read and change your Apple Calendar, Reminders, Contacts, and Mail, including sending and deleting email. Use dedicated macOS profiles or plugin config scopes where possible, review mail actions before execution, avoid saving attachments to sensitive directories, and know how to revoke the macOS Privacy & Security permissions if you no longer need the plugin.

Verification

Tier
source linked
Scope
artifact only
Summary
Validated package structure and linked the release to source metadata.
Source
github.com/omarshahine/Apple-PIM-Agent-Plugin
Commit
dd7d33f1c88e
Tag
v3.8.0
Provenance
No
Scan status
suspicious

Tags

latest
3.8.0