Skillv0.1.0

ClawScan security

Prayer Times - Automated Salat Reminders · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 9:41 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill largely does what it says (fetch prayer times and schedule reminders) but includes instructions that give the agent broad, persistent control (auto-creating/recreating cron jobs at session start) and encourages pushing code to a third-party GitHub account — behaviors that don't clearly belong to a simple query/reminder skill and merit caution.
Guidance: This skill's core functionality (calling the AlAdhan API and computing reminders) is coherent and the code is readable. However, before installing: 1) Review the scripts yourself and run them in a safe/test environment first — don't blindly allow the agent to edit cron jobs. 2) Do not run push-to-github.sh or follow the GitHub setup steps unless you intend to publish the code to the listed external account; change the remote to your own repository if you want to push. 3) If you want automated reminders, configure cron jobs yourself (copy the provided job definitions) and avoid granting the agent unconditional permission to recreate system cron entries at session start. 4) Be cautious about running the VPN install commands (they require sudo). If you are not comfortable with the agent modifying cron or system settings, use the scripts manually or run them under user control rather than enabling automatic session-start recovery.

Review Dimensions

Purpose & Capability: noteCode and docs align with the stated purpose (fetching prayer times from api.aladhan.com and scheduling reminders). However, ancillary instructions to push the repo to a specific external GitHub account (diepox) and pre-baked git remotes are not necessary for runtime reminders and look unrelated to core functionality.
Instruction Scope: concernSKILL.md and CRITICAL_SETUP.md instruct the agent to perform system-level actions: verify cron jobs at every session start, recreate missing cron jobs automatically ("don't wait, don't ask"), and run commands in system paths (/root/.openclaw/workspace). That grants broad discretion to modify system configuration and run commands beyond simply fetching times and sending reminders.
Install Mechanism: noteThere is no formal install spec (instruction-only behavior) which limits automatic code installation risk. The docs do include optional instructions to install Cloudflare WARP (system-level VPN install requiring sudo) — plausible for connectivity issues but carries elevated privileges if executed.
Credentials: okThe skill declares no environment variables, no credentials, and does not request unrelated secrets. Network access to api.aladhan.com is expected and the scripts only contact that API (no hidden remote endpoints in the code itself).
Persistence & Privilege: concernThe skill expects persistent cron jobs and explicitly directs agents to verify and recreate them at session startup without prompting. While persistent scheduling is required for reminders, the explicit requirement to auto-recreate system cron jobs and to run checks "before doing ANYTHING else" increases the skill's control over the host/agent environment and could be abused if the skill or its instructions are malicious.