Project Workflow Scheduler
Security checks across malware telemetry and agentic risk
Overview
This instruction-only skill is coherent and safety-focused, but users should review any scheduled cron work because it creates future agent runs.
This skill appears safe to install as an instruction-only workflow planner. Before letting it create cron jobs, read each proposed payload and confirm it is one-time, narrowly scoped, non-destructive, and does not send customer-facing messages or change infrastructure without explicit approval.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A job approved now may run later without the original conversation context, so an overly broad payload could cause unwanted work if not reviewed.
The skill's core function is to schedule future agent runs. This is disclosed, purpose-aligned, and bounded to one-time jobs, but it is still persistent delayed activity.
Use the cron tool to propose or create one-time isolated `agentTurn` jobs.
Approve only specific one-time jobs with clear scope, forbidden actions, expected output, and a checkpoint before any risky follow-up work.