Cron Job Guardian
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: cron-job-guardian Version: 1.0.0 The 'cron-job-guardian' skill bundle is a legitimate security auditing tool designed to perform static analysis on cron configurations and scripts. The primary logic in `scripts/run.py` includes a pattern scanner that identifies high-risk commands (e.g., `curl|bash`, `rm -rf /`) and potential secrets, but it masks sensitive data and does not execute the discovered strings. The instructions in `SKILL.md` explicitly enforce safety boundaries, such as avoiding direct system changes and focusing on dry-run reports, aligning perfectly with the stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The helper may inspect local files supplied as input and create a local report file.
The skill documents an optional local Python helper invocation. This is expected for its stated audit purpose and is not hidden, but it means the agent may run local code if the environment allows it.
如运行环境允许 shell / exec,可使用:`python3 "{baseDir}/scripts/run.py" --input <输入文件> --output <输出文件>`Run it only on intended cron files or script directories, and choose an output path you are comfortable writing to.
If the scanned input contains secrets or private operational details, the generated report may contain filenames and partial/redacted snippets from those files.
The script scans user-supplied text files for secret-like patterns and includes redacted snippets in the generated report. This is purpose-aligned auditing behavior, but report contents can still reflect sensitive local file material.
"secret_like": r"(api[_-]?key|token|secret|password)\s*[:=]..." ... findings.append((str(target), name, snippet[:160]))
Avoid scanning unrelated private directories, sanitize sensitive inputs when possible, and review generated reports before sharing them.