Team Status Tracker
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: team-status-tracker Version: 1.0.3 This skill is classified as benign. It is designed for systematic team status tracking via Slack DMs and confidential Obsidian-based internal tracking. The documentation (SKILL.md, README.md, templates) consistently and emphatically instructs the AI agent to maintain strict confidentiality, explicitly forbidding the sharing of financial information, performance comparisons, behavioral tracking notes, and other sensitive data with team members. While the skill involves collecting sensitive 'behavioral patterns' and requires network (Slack API via Maton Gateway) and local file system access (Obsidian), these capabilities are necessary for its stated purpose, and the instructions are overwhelmingly focused on ethical and confidential data handling, rather than misuse or exfiltration. There is no evidence of malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts designed to subvert the agent's intended behavior.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may send status-check or reminder messages to coworkers if the user asks it to run the workflow.
The skill directs the agent to send Slack DMs and reminders. This is aligned with the stated purpose, but it affects real workplace communications and should remain user-controlled.
Send personalized status requests (1-on-1 DMs) ... Follow up with non-responders (mid-day, EOD)
Review recipients and message drafts before sending, especially for reminders or follow-ups.
Slack and Obsidian permissions can expose or modify workplace communication and internal notes.
The skill depends on Slack and Obsidian access. This is expected for the workflow, but it means the agent may act through connected workspace tools.
Slack API via Maton Gateway - Obsidian for internal tracking
Use the least-privileged Slack/Obsidian connections available and confirm the agent is using the intended workspace or vault.
The Obsidian vault may contain sensitive employee or contractor performance information that could be harmful if shared or reused out of context.
The Obsidian template stores persistent, confidential notes about individual team members' responsiveness, quality, blockers, and behavioral patterns.
Response Time... Response Quality... Behavioral Note... Non-Responders... CONFIDENTIAL - INTERNAL USE ONLY
Restrict access to the tracking folder, avoid unnecessary personal judgments, and periodically delete or archive records according to company policy.
Confidential team-status history may remain on disk for months.
The configuration persists tracking files to a local Obsidian path and retains history for 90 days. This is bounded and disclosed, but still sensitive.
obsidian_path: "/root/life/pkm/daily-status" # Where to store tracking files keep_history_days: 90
Customize the path to a protected vault location and adjust retention to match your privacy and HR policies.