Cron Setup
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only cron skill is mostly aligned with scheduling tasks, but it embeds a specific Telegram destination and encourages persistent autonomous jobs without clear user confirmation or cleanup boundaries.
Use this only if you intentionally want persistent OpenClaw cron jobs. Before creating any job, change the Telegram target to your own confirmed destination, review every command and schedule, and make sure you know how to list, pause, and delete the job.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Scheduled jobs could send summaries, alerts, workspace data, or other results to an external Telegram group instead of the user's intended destination.
The skill provides a hardcoded Telegram target for cron job notifications, so job outputs could be sent to a destination the installing user may not control or recognize.
Post to Telegram using the message tool: ... target: -1003856094222 ... threadId: TOPIC_ID
Replace hardcoded Telegram IDs with user-provided, confirmed recipients and require the user to approve what data each job will send.
A scheduled agent could keep running after setup and continue taking actions or sending messages unless the user actively reviews and removes it.
The template creates recurring autonomous agent turns. That is expected for a cron skill, but the artifact does not define user approval, scope limits, disable/cleanup steps, or safeguards for persistent jobs.
"schedule": { "kind": "cron", "expr": "*/30 * * * *" } ... "payload": { "kind": "agentTurn", "message": "TASK INSTRUCTIONS HERE" }Require explicit user approval for each job's schedule, task, tools, output destination, and retention; document how to list, pause, and delete created cron jobs.
If a cron task is created with unsafe commands, those commands may run repeatedly on the user's environment.
The skill expects scheduled agents to run explicit shell commands. This is purpose-aligned for automation, but it increases the need for command review before a persistent job is created.
Be explicit with commands — Give the cron agent exact bash commands to run. It doesn't have our context.
Review all commands before scheduling them, prefer least-privilege commands, and avoid destructive or broad filesystem operations unless explicitly intended.