Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Task Supervisor
v1.0.0Manage complex tasks with 5+ steps or duration >20 min, tracking progress via task files and sending periodic status reports until completion or pause.
⭐ 0· 424·1 current·1 all-time
byPeng Shu@mashirops
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description (long-running task manager with progress files and periodic reports) aligns with the SKILL.md: it instructs creating .tasks files, decomposing steps, logging progress, and sending periodic reports. However, the skill expects to send messages via external platforms (mentions WhatsApp and Feishu interchangeably) and to spawn system crons via an 'openclaw' CLI, yet the registry metadata declares no required binaries or credentials. Requesting no environment variables or primary credential is inconsistent with sending messages to external services.
Instruction Scope
Instructions tell the agent to create and repeatedly update files under .tasks/, spawn a reporter cron using an 'openclaw cron add' exec, and have that cron read task files and send progress messages. That scope is consistent with a supervisor but includes autonomous background scheduling and automated messaging. The doc mixes messaging targets (WhatsApp vs Feishu) and tells the cron to 'send a Feishu message to the user' without specifying how authentication/recipient mapping occurs. The instructions do not read or transmit unrelated system files, but they do perform autonomous I/O and networked messaging which require explicit credentials and user consent.
Install Mechanism
This is instruction-only with no install spec and no code files, so there is nothing being downloaded or written at install time. That reduces risk from supply-chain install mechanics. The runtime behavior (spawning crons and writing .tasks files) is still potentially persistent, but there is no installer to analyze.
Credentials
The skill declares no required environment variables or credentials, yet its runtime actions require the ability to send messages over Feishu or WhatsApp and to schedule crons via an 'openclaw' CLI. Sending messages to external platforms normally requires API tokens/credentials or preconfigured agent integrations; those are not declared. This mismatch is disproportionate and unexplained.
Persistence & Privilege
always:false (good). The skill instructs spawning scheduled reporter crons that run autonomously until the task completes or fails. Creating background scheduled jobs is a legitimate behavior for long-running tasks, but because the cron will autonomously read task files and send external messages, it increases the blast radius — especially combined with missing declarations for which messaging identity/credentials will be used. The skill does not claim to modify other skills or global configs, which is good.
What to consider before installing
Do not enable this skill yet. Ask the publisher to clarify: (1) which messaging platform will be used (WhatsApp or Feishu?) and exactly how recipient identity and authentication are provided (what env vars or agent integrations are required); (2) whether the agent runtime actually provides an 'openclaw' CLI and what privileges that CLI has; (3) where .tasks/ will be stored and who can read those files; and (4) how and when the cron jobs are removed and what safeguards exist to prevent repeated unintended messages. If you proceed, require explicit, per-task consent before creating background crons or sending messages, and ensure messaging credentials are scoped and stored securely (not left implicit).Like a lobster shell, security has layers — review code before you run it.
latestvk978zgb0c6p32xqangmbqq4h65825n9e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.