ClawHub

taskwarrior

PassAudited by VirusTotal on May 12, 2026.

Overview

Type: OpenClaw Skill Name: taskwarrior Version: 0.1.3 The OpenClaw AgentSkill for Taskwarrior is designed with strong security principles. It explicitly confines all Taskwarrior data and configuration to a workspace-local directory (`<workspace>/.openclaw/taskwarrior/`), preventing any interaction with global user configurations. The `SKILL.md` and `references/safe_command_policy.md` files contain clear instructions for the AI agent to avoid dangerous operations like `delete` or `purge` without explicit user request, and to preview bulk changes. The skill does not perform system-level installations at runtime and only uses standard Taskwarrior commands. There is no evidence of data exfiltration, unauthorized execution, persistence mechanisms, or prompt injection attempts designed to subvert the agent for malicious purposes.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Note
ASI02: Tool Misuse and Exploitation
What this means

The agent can create, edit, start, stop, annotate, or complete tasks in the workspace Taskwarrior database; mistakes could change local task records.

Why it was flagged

The skill documents that it can make local task-database changes, while also placing explicit limits on destructive and broad bulk operations.

Skill content
Write (safe):
- `task add ...`
- `task <id> modify ...`
- `task <id> done`
...
## Not allowed unless explicitly requested
- `task delete`
- `task purge`
- bulk changes without preview
Recommendation

Use clear task IDs or filters for changes, ask for previews before bulk edits, and only request delete or purge actions when you intend them.

Note
ASI04: Agentic Supply Chain Vulnerabilities
What this means

The skill's behavior depends on the installed `task` program in the environment.

Why it was flagged

The skill relies on an external Taskwarrior binary rather than bundled code; this is purpose-aligned, but users should ensure the binary comes from a trusted package source.

Skill content
This skill **requires Taskwarrior to already be available** in the runtime environment ... This skill **does not perform system-level installs**
Recommendation

Install Taskwarrior from a trusted OS package manager or base image and verify `task --version` before use.