ClawHub

Cron Helper

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate OpenClaw cron helper, but it can broadly affect persistent scheduled agent jobs and hardcodes scheduling behavior that users should review carefully.

Install only if you intend to manage OpenClaw cron jobs. Before running the repair scripts, review which jobs will change, keep the generated backup, and set the timezone explicitly for your own locale instead of relying on the hardcoded Asia/Shanghai examples.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The manifest description includes broad activation triggers such as 'timing issues' and 'any time-based automation', which can cause the skill to activate in conversations that are not specifically about OpenClaw cron configuration. Over-broad activation increases the chance the agent applies cron-specific operational guidance or file-modification workflows in the wrong context, leading to unintended actions or mis-scoped assistance.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The 'When to Use' section contains ambiguous triggers like '每天X点' and generic scheduled-task phrasing, which are broad enough to match ordinary planning or reminder conversations rather than cron administration. In this skill, that matters because the content gives authoritative instructions for modifying persistent scheduler configuration and delivery targets, so accidental activation could steer the agent toward unsafe or irrelevant system changes.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The skill mandates a fixed timezone of 'Asia/Shanghai' for cron schedules without user opt-in or scope restriction. For a scheduling skill, forced timezone selection is especially risky because it can cause jobs to execute at the wrong real-world time, creating missed tasks, premature actions, duplicate notifications, or business-process errors.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal