Task Automation Workflows
PassAudited by ClawScan on May 1, 2026.
Overview
The visible artifacts show a coherent instruction-only automation guide, but its examples can change files, call APIs, and create recurring jobs, so users should scope and approve automations carefully.
This skill appears safe to install as an instruction-only automation guide. Use it carefully for tasks that modify files, send API requests, or create schedules: specify exact paths and endpoints, ask for previews, keep backups, and review any recurring job before enabling it.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A poorly scoped automation could rename or move many local files, or send data to an unintended API endpoint.
The skill provides templates for batch file changes and batched API posts. These are expected for automation, but they can affect many files or send batches of data if used with broad inputs.
os.rename(...); shutil.move(filepath, os.path.join(target, filename)); response = requests.post(endpoint, json={'items': batch})Before running generated automation, require explicit paths and endpoints, use a dry run or preview where possible, keep backups, and approve any bulk file or API operation.
A scheduled automation may keep running later and continue changing files, calling services, or processing data.
The skill includes cron and continuously running scheduler examples. Recurring and long-running jobs are expected for scheduling automation, but they create persistence that should remain under user control.
0 * * * * /path/to/script.sh ... while True:
schedule.run_pending()
time.sleep(60)Only create scheduled jobs with explicit user approval, document how to view and disable them, and prefer narrow schedules and scoped scripts.