Meeting Agenda
ReviewAudited by ClawScan on May 10, 2026.
Overview
The agenda templates look benign, but the package also contains an under-documented task-management script that stores local user data.
Review the included scripts before installing. The meeting-agenda template script appears harmless, but the package also includes a local task tracker that saves data under a meeting-agenda data directory. Avoid entering sensitive meeting content unless you are comfortable with that local persistence, and prefer a version that documents or removes the extra script.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user expecting only agenda templates could also receive or run an unrelated local task-management tool.
This included script implements task-management commands, while the main SKILL.md documents meeting-agenda commands such as create, standup, retro, oneonone, decision, and minutes. The mismatch creates ambiguity about what code a user or agent would actually run.
Productivity and task management tool Commands: add list done priority today week remind stats clear export
Clarify the intended entrypoint, remove unused scripts, or document all included commands and why they are needed for meeting agendas.
Private meeting notes, action items, or task text entered into this script may remain on disk after the session.
The script stores user-supplied items and command history in persistent local files. This is not mentioned in the main skill instructions or registry requirements.
DATA_DIR="${MEETING_AGENDA_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/meeting-agenda}"
DB="$DATA_DIR/data.log"
mkdir -p "$DATA_DIR"
...
cmd_add() {
echo "$(date +%Y-%m-%d) $*" >> "$DB"Make storage opt-in or clearly disclose it, document the storage location, provide a real cleanup/delete command, and ask before saving sensitive meeting content.