Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Task Dispatch
v1.1.0Task scheduling and dispatching for task boards. Use when setting up periodic task dispatch, checking for dispatchable tasks, creating subagents to execute t...
⭐ 0· 104·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description (task scheduling/dispatch) align with the files and instructions. However, the package metadata declares no required environment variables or credentials while SKILL.md and README repeatedly require TASKBOARD_API_URL and TASKBOARD_ACCESS_TOKEN and tell the agent to write/read .env files. That mismatch (declared requirements = none vs instructions requiring tokens) is an incoherence a user should be aware of.
Instruction Scope
SKILL.md instructs running commands that clone and run a third‑party project (git clone https://github.com/CCCaptain0129/ClawBoard.git and ./clawboard install/start/token), reading ~/ClawBoard/.env, writing a .env into the agent workspace (~/.openclaw/workspace-<name>/.env), and spawning subagents in a continuous dispatch loop. These actions include filesystem reads/writes and execution of external code beyond simple API calls — broader scope than a purely declarative dispatcher and potentially dangerous if the cloned code is untrusted.
Install Mechanism
There is no formal install spec (instruction-only), which is low-risk by itself, but the instructions explicitly direct cloning and executing a third‑party GitHub repository. That is a moderate risk because it causes arbitrary remote code (the ClawBoard repo) to be installed/run on the host; the skill itself does not bundle that code but relies on it.
Credentials
The skill uses and instructs creation of TASKBOARD_API_URL and TASKBOARD_ACCESS_TOKEN and expects tokens to be stored in filesystem .env files. Yet the declared required env vars list is empty. The token handling (writing token into agent workspace .env, reading token from ~/ClawBoard/.env) involves sensitive credentials and file paths; requesting/storing these credentials without declaring them is disproportionate and inconsistent.
Persistence & Privilege
The skill does not set always:true and does not claim to modify other skills or system settings. However it encourages continuous dispatch loops and spawning subagents until no tasks remain — combined with autonomous invocation (platform default) this can create a long‑running process and many subagent executions. This is not automatically disallowed, but it increases blast radius if the deployed ClawBoard or subagents are untrusted.
What to consider before installing
Before installing or following these instructions: (1) review the ClawBoard GitHub repository being cloned — do not run unreviewed code as root; (2) confirm why TASKBOARD_API_URL and TASKBOARD_ACCESS_TOKEN are needed (they are required at runtime) and store tokens securely (avoid placing secrets in world‑readable files); (3) run the deployment in an isolated test environment (container/VM) first so any third‑party code cannot access sensitive host data; (4) limit subagent permissions and concurrency (maxConcurrentTasks=1) and set sensible timeouts to avoid runaway continuous dispatch; (5) if you expect the skill to declare required env vars, ask the author to update metadata so required credentials are explicit. If you cannot audit the cloned repo, do not run the install/start/token commands on a production machine.Like a lobster shell, security has layers — review code before you run it.
latestvk97efvnfmzzq17yb0djte0axxd83nkk7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.