ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

PulseFlow

v1.2.1

Maintain a Markdown task dashboard with append-only AI work logs, syncing daily AI DONE TODAY and weekly usage panels via heartbeat or on-demand refresh.

0· 69·0 current·0 all-time
by@ayao99315
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's code implements a Markdown dashboard + append-only logs and heartbeat sync as described. However, the runtime calls an external CLI ('openclaw gateway usage-cost') to obtain usage summaries but the skill metadata declares no required binaries; Node.js is also assumed but not declared. The ability to modify agent AGENTS.md files (installAgentLogRules) and to create cron job templates (install_summary_crons) is coherent with the feature set, but these side-effects should be expected and reviewed.
Instruction Scope
SKILL.md and the scripts keep to the stated scope: reading config and sync-state, parsing per-agent JSONL logs, querying usage, rebuilding AI-derived Markdown sections, writing sync/rollover state, and archiving to month files. The runtime will write and rewrite the dashboard, create history files, and can inject managed rule blocks into AGENTS.md; those write actions are part of the intended scope.
Install Mechanism
There is no install spec (instruction-only in registry) but the bundle contains many executable Node.js scripts that will be run by callers. No external downloads are performed by the skill itself. Risk factor: scripts spawn a child process to run the 'openclaw' CLI (execFileSync), so the environment must provide that binary and its behavior/credentials are outside the skill's control.
!
Credentials
Registry lists no required environment variables or credentials, yet the code uses multiple optional env overrides (AI_WORKLOG_CONFIG, AI_WORKLOG_ROOT, AI_WORKLOG_USAGE_JSON, AI_WORKLOG_SKILL_DIR, AI_WORKLOG_TIMEZONE, AI_WORKLOG_*_REPORTS, AI_WORKLOG_ROLLOVER_STATE). Critically, usage data is obtained by invoking the local 'openclaw' CLI which will rely on local/OpenClaw credentials or environment to return usage — the skill does not request or document these credentials, creating a mismatch between declared and actual runtime needs. The skill will write to configured report directories and agent AGENTS.md files; those paths must be set in config and can point to sensitive locations if misconfigured.
Persistence & Privilege
The skill is not force-installed (always: false) and does not require elevated platform privilege flags. It does, however, write to workspace files: todo/NOW.md, todo/history/*.md, todo/system/*.json, reports/*.jsonl and it can upsert managed blocks in external AGENTS.md files and optionally install summary cron jobs. These persistent modifications are expected for this type of tool but are impactful and should be validated in a safe environment before enabling in production.
What to consider before installing
What to check before installing PulseFlow: - Review the code locally. The bundle includes many Node.js scripts that will read and write workspace files; inspect install_agent_log_rules.js, install_summary_crons.js, sync_ai_done.js, and rollover_now.js before running them. - Confirm runtime dependencies: Node.js is required and the scripts expect an 'openclaw' CLI available on PATH (scripts call 'openclaw gateway usage-cost'). The registry metadata did not declare this binary — provide and test the CLI in a sandboxed environment first. - Review and set config carefully: todo/system/config.json controls dashboardPath, historyDir, reportsDir and agentsFilePath. Ensure agentsFilePath does not point to any sensitive or system-level files because the skill will modify AGENTS.md to insert managed blocks. - Cron installation: install_summary_crons.js can create template-driven cron jobs or other delivery hooks; use --dry-run and inspect generated output before enabling. Prefer manual scheduling until you confirm behavior. - Credentials/usage access: querying usage via the 'openclaw' CLI will use whatever credentials that CLI is configured to use on the machine. If you don't want the skill to access live usage data, use AI_WORKLOG_USAGE_JSON to supply a local JSON file for testing. - Test in an isolated workspace first: run scripts/validate_system.js and try init_system.js / sync_ai_done.js against a temporary directory to observe what files are created/changed. Given the undeclared external CLI dependency and the script-driven file modifications, treat this bundle as functional but requiring careful review and controlled deployment.
scripts/_usage_panel.js:84
Shell command execution detected (child_process).
scripts/install_summary_crons.js:120
Shell command execution detected (child_process).
scripts/validate_system.js:12
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk974rpt8g7c55azd6r42xxfd61848b1a

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments