TaskOps
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: taskops Version: 0.5.0 The TaskOps skill bundle provides a structured protocol for AI agents to manage complex tasks using a markdown-canonical execution graph. The core logic is handled by a Python CLI script (graph_task.py) and an external npm-based CLI, facilitating task decomposition, status tracking, and git-backed synchronization. While the system possesses high-privilege capabilities such as file system modification and git repository interaction (clone/pull/push), these behaviors are explicitly documented and strictly aligned with the stated purpose of maintaining a 'work-truth protocol.' No evidence of data exfiltration, intentional backdoors, or malicious prompt injection was found; the instructions in SKILL.md focus on enforcing 'honest-loop' behaviors to prevent agents from misrepresenting task progress.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with the real executor, TaskOps may change local TaskOps files and perform work based on the graph rather than only summarize it.
The documented workflow can dispatch a real agent executor and mutate TaskOps state. This is disclosed and central to the skill, with scoping options such as work-dir, max steps, time limits, and dry-run.
`taskops run <work-dir> ... [--executor dry-run|openclaw-agent] ...`; `the runner is the layer that actually mutates state`
Start with dry-run, set `--max-steps` and timeouts, inspect `taskops next`/`taskops explain`, and only use `--executor openclaw-agent` when you intend real agent execution.
A user or agent could end up running whatever `taskops` binary is present on the system, which may not be the reviewed implementation.
The primary operational CLI is referenced outside the provided skill package, while the supplied install metadata does not define how that CLI is installed or pinned.
`../cli/` — installable `taskops` CLI for `init / validate / summary / show / decompose / refactor / run` plus git-backed vault setup/sync
Verify the installed `taskops` CLI source and version before use, and avoid installing or running an untrusted similarly named package.
Task files, execution logs, and summaries in the selected vault could be pushed to a configured Git remote and shared with others.
The skill documents user-directed Git sync and watch-sync workflows that can propagate local TaskOps vault changes to a remote repository.
`taskops vault-init <vault-dir> --repo-url <url> --branch <branch> --auto-sync true`; `taskops git-sync <vault-dir> --message <message>`; `taskops watch-sync <vault-dir> --debounce-ms 5000`
Use a private/intended repository, review changes before syncing, and avoid enabling auto-sync or watch-sync for vaults containing secrets or unrelated private notes.
Old, incorrect, sensitive, or maliciously edited task files could influence later agent decisions or expose work details inside the workspace.
TaskOps intentionally stores durable task state, execution history, and summaries that future agent work may read and treat as project context.
Canonical state lives in markdown files arranged around `task-groups/`, `snapshots/`, `runs/<run-id>/`; `Task graph = decomposition truth`; `Run graph = execution truth`
Keep TaskOps work directories trusted and scoped, review task/run files before reuse, and avoid storing secrets in task logs or summaries.