Schedule
PassAudited by ClawScan on May 1, 2026.
Overview
This scheduling skill is coherent and transparent, but it persists jobs and can run user-authorized tasks later, so users should review recurring jobs and permissions.
This skill appears safe for its stated purpose, but treat scheduled jobs like standing instructions to your agent. Review what each job will do, when it will run, which skills it can use, and whether it should have an end date.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A task you schedule may run later and use any permissions you granted for that job.
The skill intentionally causes future autonomous execution of scheduled tasks. This is core to the scheduler purpose and is disclosed, but it is still important because actions may occur later without the user being present.
When scheduled time arrives: - Agent executes the user-defined task - Uses only permissions user explicitly granted - Logs result to history/
Use clear job descriptions, set end dates or review periods for recurring tasks, and periodically inspect or cancel active jobs you no longer want.
If a job requires another skill, it may act through that skill at the scheduled time.
Scheduled jobs can depend on other skills or permissions, such as mail access. The artifact frames this as explicit user-granted access, which is appropriate, but it expands the impact of a scheduled job.
User grants any permissions needed for the job ... The `requires` field explicitly lists any skills/access the job needs.
Before confirming a job, check the listed required skills or permissions and avoid granting broad access for recurring tasks unless necessary.
Your scheduled task descriptions and related execution history may remain on disk.
The scheduler persists user task text for later use. This is expected for scheduling, but the stored text may contain private details and later becomes context for agent action.
Jobs are stored in ~/schedule/jobs.json. Each job captures what the USER requested.
Do not put unnecessary secrets in job descriptions, protect the ~/schedule/ directory, and delete old jobs or history when no longer needed.