Back to skill
Skillv1.0.1
ClawScan security
Clawflow Free · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 24, 2026, 12:49 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are coherent with a personal morning-brief / daily-summary assistant: it reads/writes files in ~/.openclaw/workspace, optionally calls calendar and todo CLIs, and has no installs or credential requests.
- Guidance
- This skill is coherent with its claimed purpose, but review these practical points before installing: - The skill will read and write files under ~/.openclaw/workspace (USER.md, IDENTITY.md, HEARTBEAT.md, memory/). Avoid placing secrets in that directory if you don't want them accessible to the skill. - It may read today's chat session context — if your chat history contains sensitive info, consider whether you want the skill to access it. - Calendar and Todoist integrations are optional and only used if you install/configure the gog and todoist CLIs. If you don't want calendar/tasks read, don't configure those CLIs. - Installation is manual (git clone or clawhub). The registry lists the source as unknown; INSTALL.md references github.com/drdata/clawflow.git. If provenance matters, inspect that repository and SKILL.md yourself before installing to ensure it matches the package you received. - Because this is instruction-only (no packaged code), the runtime behavior depends on the agent interpreting SKILL.md. If you are uncomfortable with the file and chat access, either edit SKILL.md to restrict what it reads or don't install/enable the skill.
Review Dimensions
- Purpose & Capability
- okThe name/description (morning brief / daily summary) align with the actions in SKILL.md: reading USER.md, IDENTITY.md, HEARTBEAT.md, optional Todoist and Google Calendar CLIs, scanning workspace files for today's modifications, and writing daily-summary files. None of the requested resources (local workspace files, optional CLIs) appear unrelated to the stated purpose.
- Instruction Scope
- noteInstructions explicitly read user files in ~/.openclaw/workspace (USER.md, IDENTITY.md, HEARTBEAT.md, memory/<date>.md) and may scan the workspace for files modified today. It also reads 'today's chat session context' and writes daily summary files to ~/.openclaw/workspace/memory/<date>.md. These file reads/writes are proportionate to the feature, but you should be aware the skill accesses that workspace area and chat context (so any sensitive secrets placed there would be readable by the skill).
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no bundled code to write to disk. That is lower risk: nothing is downloaded or executed by an installer. INSTALL.md suggests manual git clone or clawhub install, which is standard user-initiated installation guidance, not an automatic installer in the skill package.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no config paths beyond the ~/.openclaw/workspace files it documents. Optional integrations (Todoist, gog) require their own CLIs/configuration only if you choose to enable them, which is proportional to calendar/task features.
- Persistence & Privilege
- okThe skill is not marked always:true and is user-invocable. It writes its own summary files under the workspace memory directory (expected behavior). The skill can be invoked autonomously by the model (platform default) but that is normal; there is no indication it modifies other skills or system-wide settings.