Task Tracker
v1.1.0Proactive task state management. Use on EVERY task start, progress update, completion, or failure. Tracks what was requested, what's running (background proc...
⭐ 4· 4.4k·40 current·42 all-time
by@rikouu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (task state tracking across session resets) matches the SKILL.md guidance to keep a single state file. However the SKILL.md claims the tracker 'Triggers automatically — not user-invoked' while the registry flags do not set always:true and still mark it user-invocable, which is an inconsistency about how and when the skill runs.
Instruction Scope
Instructions direct the agent to read/write a persistent file memory/tasks.md and to record session IDs, PIDs, server names and full commands for background/SSH sessions. Recording full commands risks capturing secrets (passwords, tokens, sensitive CLI args). The rules also instruct updating the file BEFORE reporting to the user (write-first), which can cause unreviewed sensitive content to be persisted.
Install Mechanism
No install spec and no code files are present (instruction-only). This minimizes code-execution/install risk — the skill won't pull external binaries or archives during install.
Credentials
No environment variables or external credentials are required, which is consistent with a simple tracker, but the instructions still require capturing runtime context (servers, PIDs, commands) that can include sensitive data. The skill does not document sanitization, access controls, or who can read memory/tasks.md — so requested persistence of sensitive context is disproportionate without mitigation.
Persistence & Privilege
The skill requires persistent state across sessions (memory/tasks.md) which is reasonable for a tracker, but the SKILL.md's claim that it 'Triggers automatically — not user-invoked' conflicts with registry metadata (always:false). If the skill were to run automatically for every task, that would increase blast radius because it records potentially sensitive context. The write-first rule and retention policy (prune after 3 days) are noted, but there is no guidance on storage access controls or redaction.
What to consider before installing
This skill generally does what it says (maintains a persistent task-state file), but it instructs the agent to persist session IDs, PIDs, server names and the exact commands for background/SSH work — these can contain secrets. Before installing, consider:
- Confirm whether the skill will actually run automatically; if automatic invocation is intended, the registry should set always:true or otherwise document how auto-triggering is enforced. If not intended, update SKILL.md to avoid surprise behavior.
- Ask where memory/tasks.md is stored, who can read it, and whether it is synced off-device. Ensure appropriate access controls and encryption are in place.
- Require the skill to redact or avoid storing command-line arguments that may contain credentials (e.g., mask tokens/ passwords) or record only sanitized metadata (e.g., command name, not full args).
- Prefer prompting the user for explicit consent before recording SSH/server details or before the first automatic write.
- If you cannot verify storage protections or sanitization, treat this skill as higher risk and avoid installing it in environments that handle secrets or sensitive infrastructure.
If the author can provide: where the file is stored, assurance of access controls/encryption, and a change to the SKILL.md that either removes automatic-trigger language or the registry is updated to reflect true automatic behavior, this would reduce concern.Like a lobster shell, security has layers — review code before you run it.
latestvk973m5njs1chs1yb798q5trd0581dneg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.