Cron Job Guardian
PassAudited by ClawScan on May 1, 2026.
Overview
Cron Job Guardian appears to be a local, read-only cron/timer audit helper with no artifact-backed evidence of hidden network use, credential access, or production-control behavior.
This skill looks safe for local, review-only cron/timer auditing. Before installing or using it, make sure you only provide the cron files or script directories you intend to review, avoid unrelated sensitive folders, and inspect any generated report before sharing or acting on it.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The helper may inspect local files supplied as input and create a local report file.
The skill documents an optional local Python helper invocation. This is expected for its stated audit purpose and is not hidden, but it means the agent may run local code if the environment allows it.
如运行环境允许 shell / exec,可使用:`python3 "{baseDir}/scripts/run.py" --input <输入文件> --output <输出文件>`Run it only on intended cron files or script directories, and choose an output path you are comfortable writing to.
If the scanned input contains secrets or private operational details, the generated report may contain filenames and partial/redacted snippets from those files.
The script scans user-supplied text files for secret-like patterns and includes redacted snippets in the generated report. This is purpose-aligned auditing behavior, but report contents can still reflect sensitive local file material.
"secret_like": r"(api[_-]?key|token|secret|password)\s*[:=]..." ... findings.append((str(target), name, snippet[:160]))
Avoid scanning unrelated private directories, sanitize sensitive inputs when possible, and review generated reports before sharing them.