Cron
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to be a local schedule/reminder helper that stores recurring job data on the user's machine, with no evidence of network access, credential use, or hidden execution.
This skill looks safe for local recurring reminders and task schedules. Be aware that it stores schedule details in local OpenClaw memory, so avoid putting secrets in job notes, and make sure Python 3 is available because the registry metadata does not declare it.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may not work unless Python 3 is available, even though the registry metadata does not declare that dependency.
The runtime requirement is disclosed in SKILL.md, while the registry requirements list no required binaries. This is a metadata completeness issue rather than evidence of unsafe code.
## Runtime Requirements - Python 3 must be available as `python3` - No external packages required
Before installing, confirm Python 3 is available; the publisher should declare Python 3 in the registry requirements.
Recurring-job titles and notes may remain in local OpenClaw memory until removed or edited.
User-provided schedule details are written into persistent local job storage. This is core to the skill's purpose, but it means private or instruction-like text can be retained and later displayed.
"title": args.title, "notes": args.notes, "tags": parse_csv(args.tags), ... save_jobs(data)
Avoid storing secrets or highly sensitive instructions in job titles or notes, and periodically review the local cron memory files if privacy matters.