Queue
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a benign local queue-tracking tool, with user data stored in local log files and only minor packaging/metadata disclosure gaps.
This skill looks safe for ordinary local queue tracking. Review the local storage path and avoid entering secrets or highly sensitive information, since queue entries are saved in log files under your home directory.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may need Bash and standard command-line tools even though the registry metadata does not declare them.
SKILL.md documents command-line requirements while the registry metadata declares no required binaries and no install spec. This is a metadata/disclosure inconsistency, but the dependencies are expected for the included local Bash queue tool.
- bash 4+ - Standard coreutils (grep, wc, du, sort, head, tail)
Before installing, verify how the queue command is installed and that the bundled script is the intended implementation.
Queue entries and history can remain on disk and may be visible to anyone or any process with access to the user's local files.
The skill intentionally persists user-entered queue items and operation history in local files. This is purpose-aligned, but those files may contain sensitive task details if users enter them.
All data stored locally in `~/.local/share/queue/`: - `add.log` — added items - `plan.log` — planned tasks - `track.log` — tracking events - `history.log` — full operation history
Avoid putting secrets or sensitive personal/business details into queue items unless local file storage is acceptable.