Self-Prompt
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is transparent about its goal, but it is designed to turn automated messages into real agent turns and auto-post the results, so it needs careful review before use.
Install only if you intentionally want trusted cron jobs or monitoring scripts to trigger real agent responses. Before using it, restrict which agents and group IDs can be targeted, avoid sending sensitive prompts or outputs to shared chats, verify the OpenClaw executable path, and consider disabling or redacting the local log.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Automated scripts can cause an agent to respond as if it received a direct task, which may bypass the user's expectation that automation messages are only informational.
The skill's main instruction is to convert automated/system-sent messages into mandatory agent turns, overriding the normal behavior where those messages may be treated as background notifications.
`openclaw agent` → Triggers actual agent turn → Agent MUST process and respond
Use this only for trusted automation. Add allowlists for agent IDs and target groups, and require human approval for high-impact or sensitive tasks.
An incorrect target, unsafe automated prompt, or unexpected CLI error/output could be published into a chat group automatically.
The helper runs an agent task from supplied arguments, captures both stdout and stderr, and automatically posts the resulting text to the configured group without a confirmation, allowlist, or success/error distinction.
RESPONSE=$("$OPENCLAW" agent ... --message "$MESSAGE" ... 2>&1)
...
"$OPENCLAW" message send ... --target "$GROUP_ID" --message "📊 **Agent Response:**\n\n$RESPONSE"Add dry-run or confirmation modes, restrict allowed targets, check command exit status before posting, and avoid forwarding stderr or sensitive output to chat.
Sensitive task results or private chat context may remain on disk in `~/agent_task.log`.
The shell helper stores a preview of agent responses in a persistent log file in the user's home directory.
echo "[$(date)] Response (${#RESPONSE} chars): ${RESPONSE:0:100}..." >> ~/agent_task.logMake logging opt-in, redact response contents, protect file permissions, and rotate or delete logs when no longer needed.
The script may fail on other systems or run an unexpected local binary if `OPENCLAW_PATH` is misconfigured.
The helper executes a local binary selected by environment variable or an author-specific default path, while the provided requirements declare no required binaries.
OPENCLAW_PATH = os.environ.get('OPENCLAW_PATH', '/home/eliran/.nvm/current/bin/openclaw')Declare the OpenClaw CLI requirement, resolve it from a trusted PATH, and validate the executable path before running it.