ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Remind Me 2.1.0

v1.0.0

Set reminders using natural language. Automatically creates one-time cron jobs and logs to markdown.

0· 1.8k·16 current·17 all-time
byLougazi@loui1979
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The description says it creates cron jobs and logs to markdown, which aligns with some files, but the scripts depend on a local project (cd /home/julian/clawdbot) and run 'npx tsx src/index.ts cron add' to create jobs and deliver messages via Telegram to a hardcoded recipient. The manifest declared only 'bash' and 'date' as required binaries; 'npx', 'tsx', and 'jq' are required by the scripts but not declared. Requiring a local Clawdbot repo and an external delivery channel is beyond the simple "cron + markdown" description and is not justified in the metadata.
!
Instruction Scope
SKILL.md instructs the agent to run the included scripts which read/write /home/julian/clawd/reminders.md and invoke the Clawdbot CLI (via npx) to deliver messages over Telegram to a fixed id (6636746252). The check-reminders.sh script expects unchecked items formatted as '- [ ] ...' and marks them '[x]', but create-reminder.sh and create-recurring.sh log entries as '- [scheduled]' and '- [recurring]', so the check script will not detect or mark those entries—an operational inconsistency. The scripts thus (a) modify user files in a hardcoded home path, (b) invoke a local JS tool with network/external-delivery side effects, and (c) will likely not work as intended due to inconsistent log formats.
Install Mechanism
There is no declared install spec (instruction-only), which is lower risk in isolation. However, the bundled scripts assume a node/npm environment ('npx', 'tsx') and 'jq' are available and that a local project exists at /home/julian/clawdbot. Those implicit dependencies increase runtime risk because arbitrary JavaScript code will be executed via npx from that repo (or will fail if absent).
!
Credentials
The skill declares no required environment variables or credentials but calls into a local Clawdbot command that delivers messages to Telegram (--channel telegram --to 6636746252). That implies the Clawdbot project must have credentials/config for delivery; those secrets are not declared. The hardcoded recipient ID means reminder content will be sent to a fixed external target (possible data leakage). No justification is provided for these credentials/targets in the SKILL.md.
Persistence & Privilege
always:false (normal) and the skill does not request system-wide privileges or modify other skills. It does, however, write to and edit a hardcoded file path (/home/julian/clawd/reminders.md) and assumes a particular user's directory layout; this limit of scope reduces broad privilege but makes the skill brittle and user-specific.
What to consider before installing
Do not install blindly. Key concerns: (1) The scripts call 'npx tsx' in /home/julian/clawdbot and will execute code from that repo (or fail) — ensure you control and inspect that project. (2) Reminders are delivered via Telegram to a hardcoded recipient (6636746252) — this will send reminder text externally and could leak sensitive info; confirm the recipient is intended. (3) The code requires undeclared tools ('npx', 'tsx', 'jq') and uses a hardcoded home path (/home/julian) making it user-specific. (4) There is an inconsistency: check-reminders.sh looks for '- [ ]' items, but create-* scripts log '- [scheduled]'/'- [recurring]', so automatic delivery may not work as written. Actions to consider before proceeding: ask the publisher to explain the Telegram target and provide required environment/dependency documentation; run the scripts in a safe isolated test user account after installing and inspect the local /home/julian/clawdbot code; or reject the skill until these inconsistencies and undeclared external deliveries are resolved.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bt85c5gxdszctxxca13rnnx821x2t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Clawdis
Binsbash, date

Comments