ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Executive Assistant Time Blocking

v1.0.1

Standard Operating Procedure (SOP) that acts as an executive assistant to block out calendar time using TS atomic plugins.

0· 57·1 current·1 all-time
by@zvirb

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for zvirb/executive-assistant-time-blocking.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Executive Assistant Time Blocking" (zvirb/executive-assistant-time-blocking) from ClawHub.
Skill page: https://clawhub.ai/zvirb/executive-assistant-time-blocking
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: gog
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install executive-assistant-time-blocking

ClawHub CLI

Package manager switcher

npx clawhub@latest install executive-assistant-time-blocking
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's claimed purpose (time-blocking calendar tasks) aligns with the commands and atomic nodes it uses (gog tasks/calendar and Google Calendar Create/Delete), but it does not declare any credentials or config paths for Google access. A calendar/task integration normally requires OAuth tokens or API keys (or an explanation that 'gog' uses locally stored credentials). The absence of declared auth requirements is an incoherence that should be explained before trusting this skill.
Instruction Scope
SKILL.md stays within the stated scope: collect tasks, compute gaps, create events, audit overlaps. However, it instructs autonomous assignment of durations and autonomous creation/deletion of calendar events with only ‘Jidoka’ verification stops — there is no explicit user-consent/approval step, nor limits on how many or which events may be created/removed. That broad autonomy over a user's calendar is worth flagging.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, which minimizes install-time risk. It requires the external 'gog' binary to be present but does not attempt to download or install anything itself.
!
Credentials
No environment variables or credentials are declared even though the runtime commands and atomic Google Calendar nodes will need authenticated access. The skill relies on an external binary/plugin ('gog' and TS atomic plugins) to have appropriate credentials, but the SKILL.md does not document this dependency or require/ask for the minimal credential scope, which is disproportionate and unclear.
Persistence & Privilege
always:false and normal autonomy behavior. The skill does not request permanent presence or attempt to modify other skills or global agent configuration. The main risk is the normal autonomous ability to create/delete calendar events (which is appropriate for this skill's purpose but sensitive).
What to consider before installing
This skill will read your tasks and create or delete Google Calendar events autonomously using the 'gog' CLI and TS atomic plugins. Before installing: 1) Verify the origin and trustworthiness of the 'gog' binary on your system (where it came from and whether it holds your Google OAuth tokens). 2) Confirm how authentication is handled — the skill should document what credentials or local config it requires and what scope (read-only tasks, calendar write, etc.). 3) Prefer requiring explicit user confirmation before creating or deleting events (or at least a dry-run/report step). 4) Review and trust the 'autonomous-workflows-plugin' and any referenced atomic nodes (Google Calendar Create/Delete). 5) If you want to allow this skill, grant it only after ensuring tokens are limited in scope and you’re comfortable with autonomous calendar edits; otherwise, restrict use to user-invoked runs with manual approval for changes.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsgog
latestvk9732tc1pdkn221gmsav2et3gd85qzgd
57downloads
0stars
2versions
Updated 4h ago
v1.0.1
MIT-0
@zvirb
latest
Download

Lean Philosophy (Principles)

  • Kaizen (改善): This workflow relies entirely on discrete, single-responsibility TS tools rather than a monolithic markdown loop.
  • Standardized Work (Hyojun Sagyo): This node represents a strict, step-by-step Standard Operating Procedure (SOP) for automated time-blocking.
  • Jidoka (自働化): Includes autonomous self-healing loops with hard verification stops between every step.

Executive Assistant Time Blocking SOP

This procedure guides the agent to evaluate current incomplete tasks from Google Tasks, estimate their duration, and sequentially schedule them into available gaps using TS atomic tools.

Cognitive Directives

WHEN [Requested to schedule tasks, time-block the backlog, or act as an executive assistant for schedule management] THEN [ Follow this strict Standard Operating Procedure:

Step 1: Task Collection

  • Execute gog tasks list @default --json to retrieve incomplete tasks.
  • Jidoka Stop: IF the output is not a valid JSON array, retry. IF empty, report no tasks and STOP.

Step 2: Cognitive Assessment

  • Autonomously assign duration and urgency to each task.

Step 3: Schedule Retrieval

  • Execute gog calendar events primary --from "<start>" --to "<end>" --json.
  • Jidoka Stop: Verify the response. Retry on error.

Step 4: Gap Analysis

  • Execute the workflow_calculate_schedule_gaps atomic TS tool, passing the events array.
  • Jidoka Stop: IF the tool returns an error, correct and retry.

Step 5: Sequential Time Blocking

  • For each task, map it to a free gap.
  • Execute the Google Calendar Create Event atomic node.
  • Jidoka Stop: Verify event creation success.

Step 6: Overlap Audit

  • Execute the workflow_audit_schedule_overlaps atomic TS tool.
  • Jidoka Stop: IF overlaps are detected, resolve them using Google Calendar Delete Event and repeat the scheduling loop. ]

Expected Output

A comprehensive summary of the scheduled tasks, detailing the timeline and confirmation of overlap-free scheduling.

Comments

Loading comments...