ClawHub

Task Runner

v1.0.1

Manage and track tasks and projects persistently with priorities, completion status, filtering, and secure markdown export across sessions.

1· 1.4k·5 current·5 all-time
by@johstracke
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The SKILL.md and the included Python script both implement a local task manager: adding/listing/completing tasks and exporting projects to Markdown. There are no unrelated dependencies, environment variables, or external endpoints requested.
Instruction Scope
Runtime instructions only invoke the local script and describe local file exports/storage. The code does not access environment variables, network, or arbitrary system state. However, exports are allowed to the entire home directory (with a small list of blocked filename patterns), which is broader than the 'workspace-only' expectation some users might have.
Install Mechanism
No install spec is provided (instruction-only skill plus a script). Nothing is downloaded or written during install, so there is minimal install-time risk.
Credentials
The skill requires no environment variables or credentials. The only filesystem access is to a single JSON DB under ~/.openclaw/workspace and to user-provided export paths.
Persistence & Privilege
The skill does not request permanent/always-on inclusion and does not modify other skills or global agent configuration. It persists only its own tasks DB at ~/.openclaw/workspace/tasks_db.json.
Assessment
This skill appears to do exactly what it claims: a local task tracker with a JSON DB and Markdown export. Before installing/using it, consider: (1) the export function allows writing anywhere in your home directory except for a short blacklist of filename patterns — if you want stronger safety, restrict exports to the workspace directory only; (2) review the blacklist (it omits some dotfiles and config locations like general .config or .bash_history) if you are concerned about accidental overwrites; (3) back up any important files you might overwrite and inspect ~/.openclaw/workspace/tasks_db.json if you care about what data the skill stores; (4) because the skill can be invoked autonomously by an agent (normal default), ensure you trust the agent prompts that would call export with user-supplied paths. If you want maximum safety, only export to files inside ~/.openclaw/workspace or /tmp.

Like a lobster shell, security has layers — review code before you run it.

latestvk9713am1w22yj46xw1nmbvr08h80pze7productivityvk9713am1w22yj46xw1nmbvr08h80pze7project-managementvk9713am1w22yj46xw1nmbvr08h80pze7securityvk9713am1w22yj46xw1nmbvr08h80pze7tasksvk9713am1w22yj46xw1nmbvr08h80pze7todovk9713am1w22yj46xw1nmbvr08h80pze7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments