Sleep
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: sleep Version: 1.0.1 The skill bundle is benign. It focuses on auto-adaptive sleep tracking, collecting data from various sources (wearables, conversations) and storing it locally in `~/sleep/memory.md`. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts. The `patterns.md` file explicitly includes 'Privacy Notes' stating 'Never share with others', reinforcing a benign intent. All instructions are aligned with the stated purpose of sleep tracking and data management within the user's local environment.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private sleep, health, routine, and lifestyle details mentioned casually in conversation or obtained from connected devices could be saved and reused later without the user realizing exactly what was recorded.
This directs the agent to collect sensitive sleep-related information from broad sources and store it persistently, without clear per-source consent, retention limits, deletion controls, or scoping.
- Absorb sleep mentions from ANY source (wearables, conversations, spontaneous comments) ... User-specific sleep data persists in: `~/sleep/memory.md` ... *Empty sections = no data yet. Observe conversations and fill.*
Require explicit opt-in before recording sleep data, limit approved sources, store data in a skill-scoped location, document retention and deletion controls, and avoid saving incidental observations unless the user confirms.