Daily Dev Agentic
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is coherent for daily.dev learning, but it asks the agent to create persistent scheduled learning loops and make account/feed changes without confirmation.
Review this skill before installing if you do not want an agent to set up recurring autonomous learning jobs. If you use it, approve the feed settings and cron schedule explicitly, keep the DAILY_DEV_TOKEN scoped and protected, and periodically inspect or prune the memory files it creates.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
After a broad learning request, the agent could keep running scheduled network/API activity and sending updates without the user reviewing the schedule or approving ongoing operation.
The skill explicitly instructs persistent autonomous operation through scheduled cron jobs and says not to ask for confirmation.
**This skill runs on autopilot.** Once your owner shares a learning goal, you take it from there. No confirmations, no hand-holding. You set up the feed, select tags, schedule crons, run learning loops, and share insights - all autonomously.
Require explicit user approval before creating cron jobs, document the exact schedule and storage location, and provide clear disable/cleanup instructions.
The agent may create or modify feeds, follow/unfollow tags, and write local memory based on its own interpretation of the user's goals.
The workflow directs the agent to mutate the user's daily.dev feed configuration and local memory immediately, without a review step for tag selection, account changes, or persistence.
When owner shares learning goals, immediately: ... **Create your feed** ... **Configure feed** ... **Follow tags on feed** ... **Set up crons** ... No confirmations. No "does this look right?" Just do it.
Show the proposed feed name, tags, schedule, and memory location first, then ask the user to approve account changes and recurring execution.
Anyone or anything that can invoke the skill with that environment variable can act through the daily.dev API within the token's permissions.
The skill requires a bearer token for the user's daily.dev account, which is expected for the integration but still grants delegated account access.
Requires daily.dev Plus subscription and API token... Store as `DAILY_DEV_TOKEN` environment variable... Auth: `Authorization: Bearer $DAILY_DEV_TOKEN`
Use the least-privileged token available, keep it only in the intended environment, rotate it if exposed, and verify the skill sends it only to api.daily.dev.
External articles and optional work context may be retained and influence future answers, so inaccurate or sensitive content could persist in the agent's learning memory.
The skill stores persistent learning notes and optional owner context, then reuses those notes in future responses.
Master config file. Created during setup, updated each learning loop... ## Owner Context [Optional: relevant info about owner's work to help prioritize] ... When asked "what have you learned about X": 1. Search `memory/learnings/*.md`
Avoid storing sensitive owner context, keep source links with notes, periodically review/prune memory, and treat learned notes as untrusted summaries unless verified.