Clawwork Learning Checkin
Security checks across static analysis, malware telemetry, and agentic risk
Overview
No malicious behavior is evident; the skill runs a local check-in helper, stores limited local personalization data, and discloses that it may ask to install a required dependency.
Before installing, confirm you are comfortable with a local Python helper saving nickname, language, and greeting history under the skill directory, and review the separate learning-checkin dependency before approving its installation.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Approving installation would add another skill whose code and permissions may affect the overall safety of the check-in workflow.
The skill depends on a separate skill and may prompt the user to install it, so the dependency becomes part of the trusted behavior.
This skill requires the **learning-checkin** skill to be installed... If approved, install from: https://clawhub.ai/daizongyu/learning-checkin
Review the learning-checkin dependency before approving installation, especially its data storage and any commands it runs.
Using the skill will run a local script that can create or update the skill's local data files.
The skill is implemented through local Python CLI commands that the agent is instructed to run for check-ins and profile updates.
python <skill_path>/clawwork_checkin.py checkin
Use it only if you are comfortable with the agent running the included helper script for the disclosed check-in actions.
Nickname, language preference, and recent generated messages may be reused in later check-ins.
The skill persists user profile and recent greeting history, then reuses that context to personalize future messages.
All data is stored locally in a `data` subfolder next to the skill: profile.json - User profile (nickname, language); greetings.json - Message history
Avoid putting sensitive information into nicknames or generated greeting text, and delete the local data folder if you want to reset the stored context.