Task Panner Validator for Agents
PassAudited by ClawScan on May 10, 2026.
Overview
The provided artifacts describe a coherent Python task-planning library, but users should remember it can orchestrate powerful actions through user-provided executors and is installed from an unpinned GitHub source.
This skill appears reasonable for task planning and validation. Before installing, verify the GitHub source or pin a commit. When using it, keep approval manual for sensitive workflows, run dry runs first, review saved plans before loading them, and only connect it to executor functions that perform the specific actions you intend.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent connects this planner to powerful file, shell, API, database, or deployment actions, a plan could make meaningful changes, especially when auto-approval is enabled.
The library intentionally delegates real-world action execution to a caller-provided function and can auto-approve plans. This is purpose-aligned, but the safety of execution depends on how narrowly that executor is implemented.
TaskPlanner(auto_approve: bool = False) ... If True, automatically approve plans before execution ... execute_plan(... executor_func: Callable ...)
Keep auto_approve disabled for sensitive workflows, use dry_run first, require human review for destructive or account-changing steps, and expose only narrowly scoped executor actions.
A future change to the remote repository could differ from the reviewed artifacts if users install by cloning the default branch.
The documented install path clones a mutable GitHub repository rather than a pinned release or commit, while the registry metadata lists the source as unknown.
git clone https://github.com/cerbug45/task-planner-validator.git
Verify the repository owner and pin a trusted commit or release before using it in sensitive automation.
If a saved plan file is modified or comes from an untrusted source, it could change what actions an agent later executes.
Saved task plans are persistent instructions and parameters that may later be loaded and executed. This is disclosed and purpose-aligned, but users should treat saved plans as trusted inputs.
Plan Persistence: Save and load plans in JSON format
Only load plans from trusted locations, review loaded plans before execution, and avoid storing secrets directly in plan parameters or results.