Ops Skills Pack
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only pack is transparent about enabling autonomous overnight work, but its default scheduled execution and persistent memory workflows are broad enough that users should review and constrain them carefully.
Install this only if you intentionally want unattended autonomous OpenClaw operation. Before enabling cron, define allowed projects and directories, actions requiring approval, maximum cost/time limits, provider routing rules, and stop conditions. Review MEMORY.md, USER.md, Todo.md, and progress logs regularly, and inspect any external repository scripts before running package commands.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may continue taking actions while you are away, based on whatever is in Todo.md and any tasks it adds or interprets later.
The quick start creates scheduled wake-ups that let the agent keep working unattended from a task file.
openclaw cron add ... --message "Continue working through Todo.md. Update progress-log."
Start without cron or use dry-runs first; add explicit limits such as allowed directories, prohibited actions, approval-required actions, cost caps, and stop conditions in every scheduled prompt.
Automatic fix commands may change local OpenClaw configuration or environment state in ways the user has not reviewed.
The documentation recommends a user-directed command that can automatically apply fixes without confirmation.
openclaw doctor --deep --fix --yes
Run diagnostic commands without --fix/--yes first, inspect proposed changes, then apply fixes selectively.
Incorrect, stale, or malicious content written into memory/task files could influence later work across sessions.
The workspace template makes persistent files part of future agent context and decision-making.
Before Starting Work ... Review lessons learned (LESSONS.md) ... Understand context (MEMORY.md)
Keep memory files small and auditable, avoid storing secrets, periodically review them, and mark which files are trusted instructions versus ordinary notes.
Project context, user profile details, or code may be processed by alternate providers if routing/fallbacks are enabled.
The recommended model routing can send task context to different model providers.
"fallbacks": ["anthropic/claude-opus-4-6", "openrouter/moonshotai/kimi-k2.5"]
Confirm provider privacy terms, disable providers you do not want, and avoid placing sensitive data in prompts or persistent memory.
If a user installs from an external repository rather than the reviewed artifact set, unreviewed install scripts may be present or the package may fail unexpectedly.
package.json references install/verify/test scripts, but the supplied manifest contains no scripts directory and the registry says there is no install spec.
"install": "node scripts/install.js"
Use the manual copy-based setup from the reviewed files, and inspect any external repository scripts before running npm install or package lifecycle commands.
Copying weak example credentials into real systems would create an avoidable security weakness.
The static scan reported a password-like literal; the visible value appears to be a test password example, not a live credential.
password = [REDACTED]('set_password', 'testpass123')Treat any example passwords as placeholders only and ensure production tests use generated or secret-managed credentials.