ClawHub
Back to skill
v1.0.0

Daily Rhythm

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:14 AM.

Analysis

Daily Rhythm is mostly aligned with daily planning, but it uses persistent automation and live account credentials while its scripts rely on hard-coded /Users/tom paths and store sensitive task/billing data.

GuidanceReview and edit the scripts before installing. Replace all /Users/tom paths with your own workspace, remove the hard-coded Python site-packages path, use least-privilege credentials, and only enable cron jobs you understand and want running persistently.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceHighStatusConcern
scripts/sync-google-tasks.py
sys.path.insert(0, '/Users/tom/Library/Python/3.9/lib/python/site-packages')

The script forces Python imports to prefer an author-specific local site-packages directory before loading Google libraries, creating an unexpected dependency/provenance boundary outside the skill and the user's install environment.

User impactThe skill could load code from an unrelated local Python package directory if that path exists, rather than only using dependencies the user installed for this skill.
RecommendationRemove the hard-coded sys.path entry and use a documented virtual environment or pinned dependency installation instead.
Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
scripts/sync-stripe-arr.py
env_paths = [
        '/Users/tom/.openclaw/workspace/.env.stripe',
        os.path.expanduser('~/.openclaw/workspace/.env.stripe'),
        '.env.stripe'
    ]

The script searches a fixed /Users/tom workspace for Stripe credentials before the current workspace, which is not proportionate for a portable user-installed skill.

User impactOn a shared or misconfigured system, the skill may read credentials from or write results to an unexpected local workspace.
RecommendationParameterize workspace paths, use the current user's configured OpenClaw workspace, and avoid absolute creator-specific paths.
Rogue Agents
SeverityLowConfidenceHighStatusNote
SKILL.md
Set Up Cron Jobs

Option A: System Cron (Traditional)
```bash
crontab -e

# Add these lines:
0 7 * * * cd /path/to/workspace && python3 skills/daily-rhythm/scripts/sync-stripe-arr.py
30 8 * * * cd /path/to/workspace && python3 skills/daily-rhythm/scripts/morning-brief.sh

The skill asks the user to create scheduled jobs that continue running outside the immediate chat session; this is disclosed and purpose-aligned for daily automation.

User impactOnce installed, the routine can keep syncing account data and generating prompts on a schedule until the cron jobs are removed.
RecommendationOnly add the cron jobs you want, keep a record of them, and remove or disable them if you stop using the skill.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
Create `.env.stripe` in workspace root:
   ```
   STRIPE_API_KEY=sk_live_...
   ```

The skill instructs users to store a live Stripe secret key for ARR tracking, but the registry declares no credentials and the docs do not advise a restricted read-only key.

User impactA live Stripe secret key can be high-impact account access; if mishandled, it could expose billing/customer data or enable broader Stripe operations than ARR reading.
RecommendationUse a least-privilege restricted Stripe key where possible, document the exact permissions needed, and declare the credential requirement in metadata.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceHighStatusNote
scripts/sync-google-tasks.py
'title': task['title'],
                    'notes': task.get('notes', ''),
                    'due': task.get('due'),
                    'links': task.get('links', [])

The Google Tasks sync persists task titles, notes, due dates, and links into a local memory JSON file for reuse in morning briefs.

User impactPrivate task details and planning context may be stored locally and reused in future briefs.
RecommendationReview what task data will be synced, protect the memory directory, and delete stored memory files when they are no longer needed.