Farm Task Manager
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to be a local farm chore tracker with no evidence of network access, credentials, or hidden behavior, though it persists task data locally and can delete/export user task records.
This skill looks safe for ordinary local farm task tracking. Before installing, be aware that it saves task details locally and supports deleting/exporting task records, so avoid putting sensitive information in notes and use export/delete commands carefully.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user or agent could remove farm task records or export them to an unintended local file if the command is invoked incorrectly.
The skill exposes commands that delete task records and write exported task data to a user-selected file. This is normal for a task manager, but it can affect local records or overwrite a chosen export path if used carelessly.
farm-task delete 1 ... farm-task export --file tasks.md
Use delete and export commands deliberately, choose safe export filenames, and keep backups if the task list is important.
Farm schedules, names, notes, and operational details can remain on disk after use.
The skill keeps persistent local task data, including task names, descriptions, assignees, and notes, so that information may be reused across future task-management sessions.
Tasks are stored in JSON format at: ~/.openclaw/workspace/farm-task-manager/tasks.json
Avoid storing sensitive personal or business information in task notes unless you are comfortable with it being saved locally, and delete the task file if you uninstall or no longer need it.
Users have less external context for verifying the publisher, maintenance history, or upstream code.
The registry information does not provide an external source repository or homepage, which limits provenance checks even though the included artifacts do not show remote installation or suspicious dependencies.
Source: unknown; Homepage: none
Review the included files before installing and prefer trusted publishers or repositories when provenance matters.