ClawHub

Tender Deadline Tracker

v1.0.0

Help a bid manager track multiple tender submissions, deadlines, required documents, and document completeness for construction bids.

0· 120·0 current·0 all-time
by@nitevity
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and required fields (deadlines, documents, team, statuses) align with a bid/tender tracking assistant. There are no unrelated env vars, binaries, or installs requested.
Instruction Scope
SKILL.md instructs the agent to maintain a running register in-conversation, proactively warn about deadlines, and track document completeness. The instructions do not ask the agent to read system files, access unrelated environment variables, or send data to external endpoints. They are prescriptive but stay within the skill's domain.
Install Mechanism
No install spec and no code files — instruction-only. This minimizes on-disk risk because nothing is downloaded or executed.
Credentials
The skill declares no environment variables, credentials, or config paths. The functionality described (tracking deadlines and documents) does not require access to external secrets.
Persistence & Privilege
always is false (good). The skill instructs the agent to 'maintain a running tracker within the conversation' and to proactively warn on each tender-related interaction; this implies conversational or memory persistence within the agent/platform. That is reasonable for the purpose but you should confirm platform memory/retention policies before storing sensitive client/financial details. Autonomous invocation is allowed by default (normal) but can increase blast radius if combined with other risky permissions — here there are none.
Assessment
This skill appears coherent and low-risk: it only contains conversational instructions for tracking tenders and asks for no credentials or installs. Before enabling it, consider: (1) Review the full SKILL.md (the provided excerpt was truncated) to ensure there are no hidden instructions to access files or external services. (2) Confirm your platform's memory and retention policy — the skill stores tender data in conversation/memory, which may persist beyond a session and could contain sensitive client or financial information. (3) If you do not want the agent to act autonomously, restrict autonomous invocation or require explicit user confirmation for actions like sending submissions or updating external calendars. (4) If you plan to integrate with calendars, email, or file storage for automated reminders or uploads, grant those permissions explicitly and only to a trusted connector. (5) Test with dummy/anonymous tenders first to verify behavior.

Like a lobster shell, security has layers — review code before you run it.

biddingvk97dhpmyjry4kyrx1kqaffdfcs83cs4hcommercialvk97dhpmyjry4kyrx1kqaffdfcs83cs4hconstructionvk97dhpmyjry4kyrx1kqaffdfcs83cs4hlatestvk97dhpmyjry4kyrx1kqaffdfcs83cs4htendervk97dhpmyjry4kyrx1kqaffdfcs83cs4h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments