Smart Wake
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: smart-wake Version: 1.0.0 The 'smart-wake' skill is designed to manage long-running AI agent tasks by implementing checkpointing, scheduled cron wakes, and session resumption. The `SKILL.md` provides clear, structured instructions for the agent, focusing on state persistence, idempotency, and resource management within the OpenClaw platform. It explicitly limits tool usage to built-in mechanisms and includes operational rules to prevent infinite loops and ensure cleanup. There is no evidence of malicious intent, data exfiltration, unauthorized command execution, or prompt injection attempts to subvert the agent's core functions. The instructions are aligned with a legitimate operational goal for an AI agent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may continue work later or off-hours without the user actively supervising that resumed session.
The skill instructs the agent to schedule future wakeups and spawn resumed sessions, which creates autonomous activity beyond the current interaction.
Cron wake to re-invoke agent at scheduled time... At wake time, call `sessions_spawn` (or `session_spawn`) with `wakeMode` enabling auto-resume via cron.
Require explicit user approval before creating cron wakes or spawned resume sessions, set a clear maximum runtime/wake count, and provide an easy way to view and cancel pending wakes.
A long-running task with sensitive or high-impact actions could be resumed automatically when the user did not explicitly approve continued execution.
The instruction encourages automatic activation of a scheduling and session-spawning workflow based on an estimate, without requiring user confirmation or limiting what kinds of tasks may be resumed.
If `estimated_duration > 70% timeout`: enable `smart-wake` immediately.
Add a consent gate and scope restrictions, especially before resuming tasks that write files, call external services, change accounts, publish content, or perform other irreversible actions.
If a checkpoint contains private information or is modified incorrectly, a future resumed session may expose that context or follow the wrong next step.
Persistent checkpoints are central to the skill, but later sessions rely on stored state and next actions, so checkpoint contents need to be trusted and should avoid unnecessary sensitive data.
Memory/slot for state persistence (state checkpoint)... Resume always reads latest checkpoint; never re-run blindly.
Store only the minimum necessary checkpoint data, avoid secrets, validate checkpoint origin and integrity before resuming, and show the checkpoint to the user when resuming important tasks.