Natural Language Planner
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is coherent for a local task planner, but users should notice that it persistently stores conversation-derived tasks and can optionally expose the dashboard through unauthenticated network/tunnel access.
This appears suitable as a local-first planner if you are comfortable with the assistant saving task and project details into Markdown files. Keep the dashboard localhost-only by default, avoid tunnels or `--network` unless you need remote access, and remember that exported or tunneled dashboards can reveal your task data.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Things the user casually says about work, deadlines, or projects may be converted into persistent local task records.
The skill is designed to persist task-relevant conversation details into a local planner, so conversation context can be reused across future interactions.
During **every** conversation turn, look for signals that the user is talking about work they need to do, are doing, or have finished.
Use a dedicated planner workspace and tell the assistant when something should not be captured or should be archived.
If the user enables a tunnel, anyone with the generated link can view their tasks and project information.
The optional tunnel feature intentionally exposes the dashboard outside the local machine, and the artifacts clearly state that it has no authentication.
The planner can create a secure tunnel to expose your local dashboard. ... **Security note:** The dashboard has no authentication. Anyone with the tunnel URL can view your tasks.
Only enable tunnels when needed, avoid sharing the URL broadly, and stop the tunnel when finished.
A local dashboard server may run while the assistant session is active, making task data available through the local browser interface.
The dashboard can be started automatically as part of normal planner use, creating a background local service for the dashboard.
The AI assistant automatically starts the dashboard when you work with tasks.
Keep the default localhost-only setting unless network access is intentionally needed.
If the user follows these optional instructions, the unauthenticated dashboard can keep running after reboot and be reachable from the local network.
The README documents an optional persistent systemd service that can restart the dashboard automatically and bind it to the network.
sudo systemctl enable nlplanner-dashboard.service ... ExecStart=/usr/bin/python3 -m scripts dashboard --network /path/to/workspace ... Restart=always
Use the persistent service only on trusted machines and omit `--network` unless LAN access is required.
Users may need to install packages or tunnel tools that are not captured in the registry requirements.
The README documents dependency and optional external tool setup, while the registry section declares no required binaries or environment variables.
pip install pyyaml ... For remote access: `cloudflared`, `ngrok`, or `localtunnel` (optional)
Install only the core dependency needed for local use, and install optional tunnel tools only from official sources when remote access is necessary.