Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Owner Briefing
v1.1.0Generate and send a daily briefing to your owner covering today's meetings, urgent emails, open tasks, and anything that needs attention. Use when: it's the...
⭐ 0· 50·1 current·1 all-time
byNetanel Abergel@netanel-abergel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The described goal (collect calendar events, urgent emails, and monday.com tasks and send a briefing) is coherent with the runtime steps. However the skill implicitly requires Google/Gmail/Calendar access, a monday.com API token file, the 'gog' CLI, and an 'openclaw' message-sending CLI — none of these are declared in the registry metadata (no required env vars, no required binaries). That omission is disproportionate to the stated purpose and reduces transparency.
Instruction Scope
SKILL.md contains explicit shell scripts that: call 'gog calendar' and 'gog gmail' (which will use Google credentials), read a monday.com API token from $HOME/.credentials/monday-api-token.txt, make an authenticated curl POST to api.monday.com, and invoke 'openclaw message send'. The instructions access a local credential file and external services, and the assemble step calls 'bash step1-calendar.sh' / 'step2-email.sh' / 'step3-tasks.sh' though those filenames are not created or installed by the skill — an inconsistency that could cause unintended behavior. The skill does not instruct how credentials are provisioned, nor does it warn about token leakage (e.g., via process lists or logs).
Install Mechanism
There is no install spec (instruction-only), which minimizes write-to-disk risk. However the skill assumes presence of external binaries (gog, openclaw, curl, python3, bash) without declaring them as required, which is an omission that affects safety and deployability.
Credentials
Although the skill needs access to Google account credentials and a monday.com API token, the registry lists no required env vars or primary credential. The script reads a plaintext token at $HOME/.credentials/monday-api-token.txt and sets GOG_ACCOUNT inline to owner@company.com — sensitive items are accessed but not declared or scoped. This is disproportionate and decreases transparency about what secrets will be used or where they must live.
Persistence & Privilege
The skill does not request always:true and does not include an install that modifies other skills or system-wide settings. The provided cron JSON is only an example; the skill does not itself install persistent jobs. Persistence/privilege level appears reasonable.
What to consider before installing
This skill will run shell commands that access your calendar, Gmail, and monday.com using local credentials and CLIs that it never declares. Before installing: 1) Verify you want the agent to read your Google calendar/Gmail and a monday.com token file at $HOME/.credentials/monday-api-token.txt (or change the script to use a safe secret store). 2) Confirm the 'gog' and 'openclaw' CLIs are legitimate, available on the agent host, and that their credential storage is secure. 3) Avoid storing API tokens in plaintext; prefer environment vars or an OS keychain and update the scripts accordingly. 4) Fix the script inconsistencies (the assemble step references step1/step2/step3 filenames that the SKILL.md only shows inline) so you know exactly what will be executed. 5) Test manually in a sandboxed account (no real owner data) before enabling any cron/autonomous runs. If you cannot locate or verify where credentials are stored or why the CLIs are trusted, do not install or enable autonomous invocation.Like a lobster shell, security has layers — review code before you run it.
latestvk97943p1d75zrga55cn2an6915842c26
License
MIT-0
Free to use, modify, and redistribute. No attribution required.