ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cron Cost Guard

v1.0.0

Audit AI agent cron jobs for token cost risks, model-switch loops, and session isolation failures. Use when setting up new cron jobs, debugging unexpected to...

0· 63·0 current·0 all-time
by@pouria3
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (cron cost auditing) align with the provided runtime instructions: listing crons, inspecting sessions, checking system-prompt sizes, and killing offending cron jobs are all relevant to the stated purpose.
!
Instruction Scope
SKILL.md instructs the agent to read and act on local state beyond the workspace (e.g., tail -200 ~/.openclaw/logs/gateway.log) and to remove cron jobs (cron remove). The metadata declares no required config paths or credentials, yet the instructions explicitly reference a specific home-path log file and several workspace files (MEMORY.md, AGENTS.md, etc.). That mismatch between declared requirements and actual file access is a scope/permission concern.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is low risk from install mechanics (nothing is downloaded or written by an installer).
Credentials
The skill declares no required env vars or config paths, which is consistent with being instruction-only. However, the runtime instructions access sensitive local files and logs (workspace docs and ~/.openclaw/logs/gateway.log) without those accesses being declared in the metadata — a minor proportionality mismatch to be aware of.
Persistence & Privilege
always:false and default autonomous invocation are normal. However, the instructions include potentially destructive operations (removing cron jobs) and guidance to recreate jobs; if the agent is allowed to act autonomously, the skill could cause configuration changes. This is expected for an auditing/remediation skill but worth limiting to manual approval or read-only analysis until validated.
What to consider before installing
This skill appears to do what it says (audit cron jobs for token/cost issues), but be cautious: its instructions ask the agent to read local gateway logs (~/.openclaw/logs/gateway.log) and workspace files and to remove cron jobs — operations that can expose sensitive data or change system state. Before installing: (1) confirm you trust the skill source, (2) run it in a read-only or manual-approval mode first (so the agent can only report, not delete), (3) restrict autonomous invocation until you’ve observed its behavior, and (4) ensure your audit logs/backups exist so you can recover if a job is removed. If you need, request the author to declare the config paths the skill will access (so the platform can present clear permission prompts).

Like a lobster shell, security has layers — review code before you run it.

latestvk976hmre4rcz6zetanwh10txpx841frs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments