Morning Briefing
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is coherent and purpose-aligned, but it relies on an external npm CLI and optional daily scheduling plus Calendar/Reminders access that users should enable deliberately.
Before installing, decide whether you trust the npm CLI package, whether you want Terminal to access Calendar and Reminders, and whether you want to enable the optional daily cron or HEARTBEAT schedule.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill will add and use a third-party CLI package on the local machine.
The skill depends on installing an external npm package to provide its CLI binary. This is central to the stated purpose, but users must trust that package source.
node | package: @openclaw-tools/morning-briefing | creates binaries: briefing
Install only if you trust the npm package and publisher; review package provenance when possible.
Briefings may include private schedule and reminder information from the local Mac.
The skill asks for macOS privacy permission that can expose personal calendar and reminder data to the CLI.
Calendar/Reminders: System Settings → Privacy & Security → allow Terminal
Grant Calendar/Reminders permission only if you want those details included, and revoke the permission if you stop using the skill.
If configured, the briefing can run and send output every morning without a fresh manual request.
The skill documents a persistent daily schedule. It is user-directed and purpose-aligned, but it causes recurring automated runs if enabled.
Cron: `openclaw cron add --name "morning-briefing" --schedule "0 7 * * *" --prompt "Run \`briefing\` and relay the output to me."`
Use the schedule only if you want recurring briefings, and keep track of how to remove the cron or HEARTBEAT entry.