Oven
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: oven Version: 2.0.1 The Oven skill is a straightforward local logging utility for tracking household tasks and schedules. The bash script (scripts/script.sh) manages simple text-based logs in a local directory (~/.local/share/oven/) and provides basic export and search functionality without any network access, credential harvesting, or suspicious execution logic. The SKILL.md documentation contains repetitive command definitions but lacks any malicious prompt-injection attempts or instructions to perform unauthorized actions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You may need to understand how the bundled script becomes the `oven` command before relying on it.
The package includes a shell script and the documentation expects an `oven` command, but the registry does not describe how that command is installed or wired up.
No install spec — this is an instruction-only skill. Code file presence: scripts/script.sh
Prefer a clear install specification or explicit documentation showing whether `scripts/script.sh` is installed as the `oven` command.
Cooking schedules or household routines entered into the tool may remain on disk and be visible to anyone with access to that local account or exported files.
The skill persistently stores user-provided oven usage, schedule, inventory, reminder, and activity data for later search, stats, recent activity, and export.
All data is stored locally at `~/.local/share/oven/`. Each action is logged with timestamps. Use `export` to back up your data anytime.
Avoid entering sensitive household details unless you are comfortable with them being stored locally, and periodically review or delete the data directory if needed.