Skillv1.0.2

ClawScan security

Sleep Snooze · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 5, 2026, 2:00 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly implements the advertised snooze/digest functionality, but some runtime instructions and behaviors don’t fully align (notably which status check to use) and the installer will modify your crontab and write persistent local data — you should review those actions before installing.
Guidance: This skill appears to implement the advertised snooze/digest features and stores everything locally, but review these points before installing: 1) The installer (sleep-init.js) will modify your crontab to schedule sleep/wake jobs — check the exact cron lines it will add and prefer a manual crontab install if you want control. 2) The skill writes persistent files under ~/.openclaw/skills/sleep-snooze/data/ (including the SQLite queue containing message text); ensure you are comfortable with queued messages being stored locally and review file permissions. 3) There is an inconsistency: SKILL.md recommends using scripts/status.js to check isSleeping, but the code paths that actually gate sends use lib/sleep-check.loadSleepState() (which computes sleep from current time). status.js reads the stored flag and can be stale — rely on gate.js/loadSleepState for accurate checks. 4) The setup suggests detecting timezone with `date +%Z` but the code expects an IANA zone (e.g., America/New_York) — pick a proper IANA timezone when configuring. 5) If you accept, inspect the code (present in the package) and consider running sleep-init with cron registration disabled or manually add cron entries. If you need lower risk, consider asking for a build/install log or running the skill in a sandboxed account first.

Review Dimensions

Purpose & Capability: okName/description match the code: hooks intercept incoming messages, messages are queued in a local SQLite DB, and a morning digest is generated. Declared dependencies (node, better-sqlite3, node-cron) are appropriate for the functionality.
Instruction Scope: concernSKILL.md tells callers to use status.js to check isSleeping before sending, but the runtime hooks and gate.js call lib/sleep-check.loadSleepState() (which computes state from current time). status.js returns the stored state.isSleeping value from state.json (which can be stale). This is an inconsistency that could cause incorrect behavior. The docs also suggest using `date +%Z` to detect timezone (which yields an abbreviation, not an IANA name the code expects). Aside from these mismatches, the instructions direct only local reads/writes under ~/.openclaw/skills/sleep-snooze/, which is within scope.
Install Mechanism: okInstall uses npm packages (better-sqlite3 and node-cron) — no remote arbitrary downloads or unknown hosts. Note: better-sqlite3 is a native module that may require build tools; the install spec is proportionate to the task.
Credentials: noteThe skill declares no required credentials and stores data locally. SKILL.md and references mention optional environment variables (SLEEP_START, WAKE_TIME, TIMEZONE) as alternative config — those are optional, which explains their absence from requires.env. No unrelated credentials are requested.
Persistence & Privilege: concernsleep-init.js will register cron jobs by editing the user's crontab and writes files under ~/.openclaw/skills/sleep-snooze/data/ (state.json, queue.db, vip-contacts.json). Modifying the user's crontab is a persistent system change and should be made explicit to the user; hooks also inject bootstrap files into agent contexts, affecting other agents' behavior. These privileges are coherent with scheduling, but are significant and warrant user review.