MIS Logbook Submit
PassAudited by ClawScan on May 10, 2026.
Overview
This skill’s behavior matches its stated purpose, but it will use local MIS credentials and can submit a real logbook entry once the approval workflow is followed.
Before installing, confirm you are comfortable with a skill that reads a local MIS secrets file and can submit a real daily logbook entry. Keep the credentials file private, review the generated activity text carefully, and only approve the final submission after checking that the date and content are correct.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run, the skill can log in as the user and act on the MIS logbook page.
The skill uses local account credentials to access PENS MIS. This is purpose-aligned, but it gives the skill delegated access to the user’s academic account.
Local MIS credentials file. By default the submitter reads `~/.openclaw/secrets/mis.env`, or `MIS_ENV_FILE` if set.
Only install/use this if you are comfortable storing MIS credentials locally for this purpose; protect the secrets file and do not reuse broader credentials than necessary.
A premature or mistaken invocation could submit an unwanted daily logbook entry.
The helper performs the actual form submission to the MIS logbook endpoint. This matches the skill purpose, but it is a real account mutation once invoked.
const response = await fetch('entry_logbook_kp1.php', { method: 'POST', ... body: params.toString() });Review the generated Indonesian activity text first and give explicit confirmation before allowing the submission step to run.
Behavior depends partly on the Playwright installation already present in the environment.
The script loads Playwright from global runtime locations rather than a pinned dependency in an install spec. This is plausible for a browser-automation skill, but users should know the runtime dependency is external to the skill files.
const candidates = [ '/usr/lib/node_modules/@playwright/mcp/node_modules/playwright', ... '/usr/lib/node_modules/openclaw/node_modules/playwright-core' ];
Use a trusted OpenClaw/Playwright runtime and avoid installing unknown global Playwright packages just to satisfy this skill.