v1.0.0

Plan My Day

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:50 AM.

Analysis

This is an instruction-only daily planning skill with no code or install-time behavior, but it may use personal calendar, task, and reflection details to make better plans.

GuidanceThis skill appears safe for normal use as a planning prompt. Before installing, be aware that good plans may require sharing calendar events, task lists, and reflections about your productivity; provide only the details you are comfortable sharing or storing.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown
Homepage: none
Version: 1.0.0

The registry metadata has limited provenance information and lists version 1.0.0, while SKILL.md declares version 2.0.0. Because there is no code or install script, this is a provenance notice rather than a behavioral concern.

User impactThe package identity and versioning are not perfectly clear, though no executable behavior is present in the artifacts.

RecommendationIf provenance matters to you, verify the package source and expected version before installing.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

README.md

- Check calendar for fixed commitments
- Review yesterday's incomplete tasks
- Identify current project priorities

The skill may rely on calendar, task, and work-priority information. That access is purpose-aligned for making a daily plan, and the artifacts do not request credentials or account mutation.

User impactThe agent may see personal or work scheduling details if you provide them or if your environment exposes them.

RecommendationShare only the calendar and task details needed for the plan, and avoid including private event details unless they are necessary.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceMediumStatusNote

SKILL.md

**Learning memory** - Can track what scheduling patterns work best for you over time

The skill contemplates tracking planning outcomes over time. This is useful and purpose-aligned, but could involve retaining personal productivity patterns or reflections if persistent memory is enabled.

User impactFuture plans may be influenced by stored reflections, energy ratings, or completion history.

RecommendationUse persistent memory only if you want this history retained, and periodically review or clear stored planning notes if they include sensitive details.