Cron Scheduler
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: cron-scheduler Version: 1.0.0 The 'cron-scheduler' skill is designed to manage system cron jobs, which inherently involves executing commands. However, the `SKILL.md` file provides agent commands that directly interpolate user-provided input (e.g., 'SCHEDULE COMMAND', 'PATTERN_TO_REMOVE', 'COMMAND_HERE') into shell commands without apparent sanitization. This creates severe shell injection vulnerabilities, allowing a malicious user to achieve arbitrary command execution (RCE) on the host system if the OpenClaw agent does not properly sanitize or quote the input before execution. While this is a critical vulnerability, there is no evidence of intentional malicious behavior (e.g., data exfiltration, backdoors) by the skill author, thus classifying it as suspicious rather than malicious.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly broad cron edit could schedule the wrong command, remove unrelated jobs, or repeatedly run actions the user did not intend.
The skill documents direct mutation of the user's crontab, including adding arbitrary scheduled commands and removing entries by pattern, but does not require confirmation, backups, diffs, or scoped ownership markers.
(crontab -l 2>/dev/null; echo "SCHEDULE COMMAND") | crontab - ... crontab -l | grep -v "PATTERN_TO_REMOVE" | crontab -
Before allowing changes, review the exact cron line, require explicit approval, back up the existing crontab, and tag entries so only skill-created jobs are modified.
A scheduled task can keep running after the conversation ends, continue making changes, producing network calls, or consuming resources until the user notices and removes it.
Cron jobs are persistent recurring background actions. The skill intentionally enables broad scheduled execution, but the artifact does not define lifecycle limits, expiration, review, or cleanup guarantees.
Automate backups, health checks, cleanup scripts, API calls, notifications — anything that should run on a schedule.
Use this only for clearly requested jobs, prefer least-privilege commands, add comments/labels and log paths, set an expiration where possible, and periodically list and remove unwanted entries.