ClawHub

Todo Planner

v2.0.0

Organize todos with priorities, deadlines, and weekly views. Use when adding tasks, planning agendas, tracking progress, reviewing overdue items.

0· 89·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the behavior: the script implements commands for add/plan/track/review/etc. and stores data under ~/.local/share/todo-planner. No unrelated services, binaries, or credentials are requested.
Instruction Scope
SKILL.md instructs running scripts/script.sh and describes only local logging and exports. The script logs every operation to history.log and writes one log file per command — expect all inputs to be recorded in plain text. No network endpoints are referenced in the visible portion of the script.
Install Mechanism
Instruction-only skill with no install specification. The provided script is run directly; nothing is downloaded or installed by the skill.
Credentials
The skill requires no environment variables, credentials, or unusual config paths. It only creates/uses ~/ .local/share/todo-planner, which is proportionate to its stated purpose.
Persistence & Privilege
The script creates and persists data under the user's home directory (~/.local/share/todo-planner) and appends to history.log for every operation. The skill is not always-enabled and does not request system-wide privileges, but it will create persistent files in your user profile.
Assessment
This skill appears to be a simple local todo logger and is coherent with its description: it stores plain-text logs under ~/.local/share/todo-planner and needs no network or secrets. Before installing or running: (1) review the full scripts/script.sh file (ensure there are no hidden network calls like curl/wget/nc or unexpected execs later in the truncated portion), (2) be aware that all inputs are saved in plain text (history.log and per-command .log files) so avoid entering passwords or sensitive data, (3) consider setting directory permissions or using a secure directory if you store sensitive tasks, and (4) run first in a sandbox/container if you want to be extra cautious. If you need me to, provide the remainder of scripts/script.sh and I will re-check for any network or sensitive operations.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cnn7hat8p48pqx4b07cmqax837qh1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments