ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Temp Heartbeat - 临时心跳

v1.0.0

设置一次性临时心跳任务,在指定时间执行提醒、检查或操作,任务完成后自动删除,无需永久配置。

0· 54·0 current·0 all-time
by@rfdiosuao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (temporary one‑time heartbeat tasks) aligns with the instructions: parsing times, creating task files under memory/, listing/cancelling tasks, and automatic deletion after execution. No extraneous credentials, binaries, or installs are requested.
!
Instruction Scope
SKILL.md instructs the agent to create/read/delete files under memory/ (expected) and to "执行任务内容" via an executeTask(file, content) step. The spec does not define what allowed task content is or how execution is sandboxed — task content could include arbitrary operations (network requests, shell commands, data exfiltration). This ambiguous execution semantics is a material risk.
Install Mechanism
No install spec; instruction-only skill. No packages or remote downloads are declared, which reduces installer risk. package.json and skill.json are present but no code files (src/index.ts) were included — implementation is missing.
Credentials
The skill requests no environment variables, credentials, or special config paths. That is proportionate for a local temporary task manager.
Persistence & Privilege
always is false and skill is user-invocable. It writes task files under memory/, which is reasonable for its purpose. It does not request system-wide persistent privileges in the provided metadata.
What to consider before installing
This skill appears to do what it says (create one‑time temporary tasks saved under memory/ and delete them after execution), but the runtime instructions leave a critical detail unspecified: how task content is executed. Before installing or enabling this skill, verify the following: (1) inspect the actual implementation code (src/index.ts or similar) — it is not included in the package shown; (2) confirm executeTask is sandboxed and does not run arbitrary shell commands or allow tasks to include remote endpoints or secrets; (3) ensure task content is treated as data (notifications/reminders) rather than executable code, or that only a restricted set of safe actions is supported; (4) prefer a published source repository and a known author (skill.json lists a GitHub URL but the package lacks code) and check repository history; (5) avoid creating tasks that embed sensitive information or credentials. If you cannot review the implementation or get clarification about execution/sandboxing, treat this skill as higher risk and consider not installing it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e8r189hx4prjym26qrjbrq9845ps1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments