ClawHub

file-todos

v2.53.0

File-based todo and task tracking in the todos/ directory. Use when creating, triaging, listing, or managing todo files, tracking work items, managing the ba...

0· 0·0 current·0 all-time
byIlia Alshanetsky@iliaal
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (file-based todo management) align with the provided files and instructions: templates, naming conventions, workflows, and shell snippets all relate to creating, triaging, listing, and managing markdown todo files. The only minor note is references to integrations (gh CLI, slash commands) which are described but not required by the skill; this is reasonable as optional integration guidance.
Instruction Scope
SKILL.md instructs reading and modifying files in the todos/ directory (cp, mv, grep, ls, etc.) which is exactly the stated purpose. It assumes standard Unix CLI utilities exist but does not declare them as required; this is typical but worth noting. There are no instructions to read unrelated system paths or exfiltrate data to external endpoints.
Install Mechanism
No install spec and no code files — instruction-only. This is the lowest-risk install model (nothing written to disk by the skill).
Credentials
The skill declares no environment variables or credentials and none are needed for the core file-based workflows. The docs mention optional integrations (e.g., gh CLI, review agents) that would require separate credentials or tooling if you choose to use them; those are not requested by the skill itself.
Persistence & Privilege
always is false and disable-model-invocation is true, so the skill will not be autonomously invoked by the model and is not forced into every agent run. The skill does not request persistent presence or attempt to modify other skills or system-wide configs.
Assessment
This is an instruction-only, local workflow for managing markdown todos — overall low risk. Before using: back up your todos/ directory if you care about existing files, because the workflows include rename/mv and grep commands; ensure you have standard shell utilities (ls, grep, mv, cp) if you plan to run the examples. If you plan to integrate with GitHub (gh CLI) or slash-command workflows, be aware those integrations require separate tooling and credentials that this skill does not request or manage. Because disable-model-invocation is true, the skill will not run autonomously — you'll invoke these instructions manually or via your own tooling.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dpmnfsrnh37c1va72n4p3h184bw03

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments