Cron Scheduler
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly broad cron edit could schedule the wrong command, remove unrelated jobs, or repeatedly run actions the user did not intend.
The skill documents direct mutation of the user's crontab, including adding arbitrary scheduled commands and removing entries by pattern, but does not require confirmation, backups, diffs, or scoped ownership markers.
(crontab -l 2>/dev/null; echo "SCHEDULE COMMAND") | crontab - ... crontab -l | grep -v "PATTERN_TO_REMOVE" | crontab -
Before allowing changes, review the exact cron line, require explicit approval, back up the existing crontab, and tag entries so only skill-created jobs are modified.
A scheduled task can keep running after the conversation ends, continue making changes, producing network calls, or consuming resources until the user notices and removes it.
Cron jobs are persistent recurring background actions. The skill intentionally enables broad scheduled execution, but the artifact does not define lifecycle limits, expiration, review, or cleanup guarantees.
Automate backups, health checks, cleanup scripts, API calls, notifications — anything that should run on a schedule.
Use this only for clearly requested jobs, prefer least-privilege commands, add comments/labels and log paths, set an expiration where possible, and periodically list and remove unwanted entries.