ClawHub

Heartbeat

v1.0.1

Design better OpenClaw HEARTBEAT.md files with adaptive cadence, safe checks, and cron handoffs for precise schedules.

3· 2k·28 current·33 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (heartbeat design and templates) match the delivered artifacts (templates, QA checklist, setup flow, memory schema). No unrelated binaries, env vars, or external services are required.
Instruction Scope
SKILL.md and supporting files primarily limit actions to creating and maintaining heartbeat artifacts in ~/heartbeat and running dry-run/checklist validations. However, the instructions say the agent should 'audit current heartbeat behavior' and 'capture current state' if an existing heartbeat file exists — this is reasonable but somewhat open-ended and could be interpreted to read more files or system state if the agent implementation is too permissive. The skill explicitly says it won't call external APIs without user approval.
Install Mechanism
Instruction-only skill with no install steps or downloads; nothing is written to disk by an installer. Low install risk.
Credentials
No required environment variables, no credentials, and no config paths beyond creating/reading ~/heartbeat as documented. Requested scope is proportional to the stated purpose.
Persistence & Privilege
The skill persists data to ~/heartbeat (memory.md, drafts, snapshots) which is expected for this kind of skill. It is not always-enabled and does not declare broader system privileges, but users should be aware it will create and read files in their home directory.
Assessment
This skill appears coherent for building and tuning HEARTBEAT.md files. Before installing: (1) acknowledge that the skill will create and store files under ~/heartbeat (memory, drafts, snapshots); (2) confirm any automatic 'audit' or 'dry run' actions only operate on the existing heartbeat file and not unrelated directories or services; (3) require explicit approval before the agent connects to external systems (inbox, CI, paid APIs, etc.) during validation or simulation; and (4) review the first draft and the QA checklist outputs before enabling any automation or escalation routes. If you want stricter limits, ask the agent to only simulate using synthetic/sample data and to prompt you before reading or writing any files outside a single explicit path.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f0fpqg4qb9yek383yv9eb81828kkm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💓 Clawdis
OSLinux · macOS · Windows

Comments