Daily Life Autopilot
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This life-management skill is coherent, but it asks the agent to proactively read and remember broad email, calendar, task, message, and billing information without clear permission or retention limits.
Review this skill carefully before installing. It is not obviously malicious and its behavior fits a proactive life-assistant purpose, but it should only be used if you are comfortable giving an agent broad access to email, calendar, tasks, billing messages, and persistent personal reminders. Configure exact accounts and data sources, keep sending and mutation actions approval-only, and make sure you can review and delete anything it stores.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could inspect a wide range of personal or work data proactively, not just items the user explicitly asks about in the moment.
The skill instructs automatic, broad access across calendar, email, messages, and task tools. This is purpose-aligned, but the scope of accounts, folders, and approvals for reading or processing data is not clearly bounded.
Any first message of the day | Morning briefing activates ... All events and meetings for today ... Unread emails ... Tasks due today from any connected task manager
Require explicit user opt-in for each connected service, define read-only defaults, and require confirmation before any archive, unsubscribe, file movement, or other mutation.
The skill may rely on already-connected account access in ways users may not realize, including historical private messages.
Reading sent-mail history implies delegated access to a user's email account and private communication history. The provided metadata declares no primary credential, environment variables, or required config paths, so the permission boundary is unclear.
The agent reads your sent mail history to learn your tone and style.
Declare the required integrations and permission scopes, limit access to the minimum needed data, and let users choose which mailboxes or histories may be used.
Sensitive personal or work context could persist across sessions, and mistaken inferred commitments could keep influencing future reminders and priorities.
The skill creates persistent records from personal context and inferred commitments, then reuses them in future briefings. The artifact does not define review, correction, deletion, retention, or source-verification controls.
Every follow-up is stored with the person's name, context, and the date you created it ... Anything you said yesterday that sounded like a commitment ... Patterns are noticed
Add a visible stored-items list with source links, require confirmation before saving inferred commitments, and provide retention limits plus easy edit/delete controls.
Users may receive ongoing automated checks or briefings that use connected personal data unless they have a clear way to turn them off.
The skill's proactive scheduling is disclosed and central to its purpose, but it describes recurring autonomous behavior without defining how users pause, disable, or constrain those routines.
The agent checks status every morning ... Every Monday morning ... automatically 30 minutes before any calendar event
Provide explicit controls for enabling, pausing, scheduling, and disabling each proactive module.