Repo Kanban PM
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: repo-kanban-pm Version: 0.1.1 The skill is classified as suspicious due to the `scripts/add_daily_pm_cron.sh` script, which creates an OpenClaw cron job. This cron job instructs the AI agent to execute external commands like `gh pr list` and `npx tsc --noEmit` as part of its daily PM review process. While these commands are presented as 'lightweight checks' and align with the stated purpose, instructing an AI agent to execute arbitrary external shell commands represents a significant risky capability, even without clear evidence of malicious intent like data exfiltration or backdoors. The `SKILL.md` and other scripts primarily set up documentation and workflow rules, which are benign.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the script will change files in the target repo, including future-agent instructions.
The initialization script creates PM workflow files and appends a section to AGENTS.md in the selected repository.
mkdir -p docs/pm docs/pm/bugs ... cat >> AGENTS.md <<'EOF'
Run it only against the intended repository and review the resulting git diff before committing.
Future agents working in the repo may be steered by these mandatory kanban rules.
The script persists workflow instructions in AGENTS.md, which future agents may treat as authoritative repo context.
## Feature Execution Workflow (Kanban, Mandatory)
Review the AGENTS.md addition and remove or edit it if it does not match your team workflow.
If installed, an agent will run a PM review on the repo every day until the cron is removed.
The optional script creates a recurring OpenClaw cron task for daily PM review.
openclaw cron add --name "${NAME}" --agent "${AGENT_ID}" --cron "${CRON_EXPR}" ... --message "Run daily PM review for repo: ${REPO_PATH}"Use the cron only if you want ongoing automated review, and know how to list or remove the OpenClaw cron later.
The review may query GitHub repository metadata using whichever account the local gh CLI is authenticated as.
The scheduled review prompt may cause the agent to use the local GitHub CLI account/session to inspect PRs.
4) gh pr list + check recent commits
Ensure gh is logged into the intended account and repository before enabling the cron.
A scheduled agent may execute a repo-local Node/TypeScript check, which could be inappropriate for non-Node repos or unexpected in a daily PM audit.
The optional daily review instructions include running project tooling through npx when applicable.
6) Run lightweight checks (if applicable): cd apps/telegram && npx tsc --noEmit
Edit or avoid the cron message if you do not want automated project commands run during PM review.