Task Runner
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: task-runner Version: 1.0.1 The skill bundle provides a task management utility with persistent storage and markdown export functionality. The `SKILL.md` clearly outlines its purpose and security measures, specifically regarding file export path validation. The `scripts/task_runner.py` implements a robust `is_safe_path` function that correctly restricts file exports to the OpenClaw workspace, user's home directory, or `/tmp`, while explicitly blocking system paths and sensitive dotfiles (e.g., `~/.ssh`, `~/.bashrc`). There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts against the agent, or obfuscation. The code's behavior is clearly aligned with its stated purpose and includes meaningful security controls.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Task descriptions may remain available to future sessions, so sensitive information or instruction-like text in tasks could be shown back to the agent later.
The skill intentionally stores task descriptions persistently across conversations; this is central to the stated purpose, but stored text can resurface in later sessions.
Tasks survive session restarts (stored in `~/.openclaw/workspace/tasks_db.json`)
Use it for ordinary task text, avoid storing secrets or credentials, and treat listed task descriptions as data rather than authoritative instructions.
If an export path is chosen poorly, the skill could overwrite an unintended local file with the task report.
The export command writes markdown to a user-supplied path under the workspace, home directory, or /tmp; this is disclosed and purpose-aligned, but it can create or overwrite local files in those areas.
allowed = (in_workspace or in_tmp or in_home) and not blocked ... output_path.write_text(md)
Export to clear workspace or project filenames, avoid dotfiles and configuration directories, and confirm before overwriting existing files.