Skillv1.1.0

ClawScan security

Elephantastic · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 30, 2026, 8:42 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: Elephantastic is internally consistent: it implements a local Taskwarrior-based agent GTD stack and only requires local CLIs/files (task, timew, optional time tracking); nothing in the package asks for unrelated credentials or external endpoints.
Guidance: This package appears to do what it says: manage agent tasks locally with Taskwarrior and health-check with Timewarrior. Before installing: (1) ensure you want the agent to have the ability to read and modify your Taskwarrior data (~/.task and ~/.taskrc) and any heartbeat file (e.g., ~/.agent/last_active); (2) install and inspect the required host tools (task, timew, optional pueue) and back up ~/.taskrc and your Taskwarrior data; (3) review scripts (task_manager.py, vitality_check.py, sleep.sh) to confirm behavior and any cron scheduling you add; (4) if you do not want the agent to autonomously modify tasks, limit the skill's invocation or disable autonomous invocation in your agent configuration. No network endpoints or secret exfiltration patterns were found in the skill files, but granting the agent access to local CLIs and files is still a privilege — enable only if you trust the agent's behavior and have audited these files.

Review Dimensions

Purpose & Capability: okThe files and instructions align with the stated purpose (agent GTD using Taskwarrior / Timewarrior / optional Pueue). The scripts call task/timew and reference Taskwarrior UDAs and reports as expected. There are no unexplained requests for cloud credentials, unrelated binaries, or config paths outside the agent/task domain.
Instruction Scope: noteSKILL.md itself is a deprecation/redirect. The README and reference files instruct installing and configuring Taskwarrior, copying UDAs into ~/.taskrc, running the provided scripts, and optionally scheduling vitality_check via cron. The runtime scripts read/write local files (~/.agent/last_active, ~/.taskrc, ops/session_state.md) and invoke local CLIs (task, timew). This is coherent with the skill's purpose but does grant the agent the ability to modify your local Taskwarrior DB and to read local heartbeat files — review those file locations and task content before enabling autonomous use.
Install Mechanism: okNo install spec; this is instruction-and-scripts-only. Nothing is downloaded from external URLs or installed automatically. Risk is limited to running the included local scripts and ensuring required host binaries (task, timew, optionally pueue) are present.
Credentials: noteThe skill requires no declared environment variables or credentials. The vitality_check.py supports optional env overrides (AGENT_GTD_MISSION_START, AGENT_GTD_MISSION_END, AGENT_GTD_MAX_SILENCE) — these are reasonable and non-sensitive. The scripts do access user-local files (~/.taskrc, ~/.agent/last_active, ops/session_state.md) and expect task/timew installed; this is proportional to a Taskwarrior-based agent manager.
Persistence & Privilege: okalways:false and no code attempts to modify other skills or system-wide agent settings. The skill will persist state in local Taskwarrior data and optional local heartbeat file, which is expected behavior for a local-first GTD stack.