ClawHub

Cron Scheduler Local

Security checks across malware telemetry and agentic risk

Overview

This skill is a local recurring-schedule helper that stores schedule data on the user's machine and does not show hidden network, credential, or destructive behavior.

Reasonable to install for local recurring reminders or task schedules. Be aware that job titles, notes, schedules, run history, and stats are saved under ~/.openclaw/workspace/memory/cron, so avoid storing secrets or highly sensitive details there.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill explicitly states it reads and writes local files under the user's home directory, but the manifest does not declare corresponding permissions. That mismatch weakens transparency and consent boundaries: a host system or reviewer may underestimate the skill's actual capabilities, and users may invoke it without realizing it can persist or modify local state.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The description contains very broad activation language such as 'whenever the user mentions recurring timing, repetition, schedules, cadence, weekly/daily/monthly routines, future triggers,' which can cause the skill to trigger in many ordinary conversations. Over-broad routing increases the chance of unintended invocation of a stateful skill that writes local schedule data, creating opportunities for accidental task creation, modification, or privacy-sensitive capture of user intentions.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal