Proactive Agent Skill 1.0.0
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill has no code, but it encourages persistent memory and scheduled autonomous checks with limited scoping or consent guidance.
Install only if you intentionally want an agent to maintain persistent memory and scheduled autonomous routines. Before using it, define exactly what it may remember, which accounts or files it may inspect, what actions require confirmation, and how to stop or delete the scheduled tasks and memory files.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or sensitive conversation details could be written into workspace memory files and later reused across sessions.
The skill instructs the agent to persist broad conversation content and reuse it after compaction, but it does not define sensitive-data exclusions, explicit consent, deletion controls, or task boundaries.
Captures every exchange in the "danger zone" ... Automatically compacts and archives important information
Only store user-approved memory, exclude secrets and sensitive account data, define retention/deletion rules, and make memory review visible to the user.
An agent configured this way could keep running periodic tasks in the background and change files or agent behavior unexpectedly.
The skill promotes recurring autonomous OpenClaw tasks that may continue beyond the immediate user request, without clear stop conditions, approval gates, or allowed-action limits.
Autonomous Crons: Scheduled, context-aware automation ... 0 8 * * * openclaw run --task "daily-maintenance"
Require explicit opt-in for every scheduled task, show the full schedule, provide an easy disable path, and require confirmation before any high-impact action.
If implemented broadly, the agent may access private inbox or calendar data more often or more widely than the user expects.
Email and calendar checks imply access to sensitive user accounts, but the artifacts do not describe credential scope, authorization method, account boundaries, or what data may be read or stored.
Check every 30 minutes - Email inbox for urgent messages - Calendar for upcoming events
Use explicit, least-privilege account authorization and clearly state which accounts, folders, calendar ranges, and message contents the agent may inspect.