ClawHub

Taskr - Persistent Task Planning & Execution for AI Agents

v1.1.1

Persistent cloud task planning and execution for OpenClaw. Create hierarchical task plans that survive session resets, span multiple agents, and let users re...

3· 4.5k·30 current·31 all-time
byEoM@echo-of-machines
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (persistent, cloud task planning) match the required environment variables (MCP_API_URL, MCP_USER_API_KEY, MCP_PROJECT_ID). A remote API URL + API key + project id are appropriate and expected for a cloud task service.
Instruction Scope
SKILL.md only documents task lifecycle API actions (create_task, create_note, get_task, update_task, get_task_hierarchy) and workflow rules — it does not instruct reading local files or unrelated system state. However, the guidance explicitly requires creating a CONTEXT note containing background, goals, and preferences before execution; that encourages sending arbitrary conversation/context content to the remote service, which could include sensitive data if the agent populates the note with full chat context.
Install Mechanism
This is an instruction-only skill with no install spec and no code files — nothing is written to disk by the skill itself. That is the lowest-risk install footprint.
Credentials
Three env vars (API URL, API key, project ID) are proportionate and expected for a cloud project integration. The primary credential is an API key (MCP_USER_API_KEY) which is appropriate. No unrelated credentials or unusual config paths are requested.
Persistence & Privilege
The skill is not permanently forced-on (always:false). It can be invoked autonomously by the agent (platform default), which combined with the ability to write persistent task/notes to the remote service increases blast radius but is expected for this kind of integration.
Assessment
This skill appears to be what it says: a connector to a remote Taskr service. Before installing, verify the Taskr endpoint and operator (https://taskr.one) and only supply an API key scoped to the minimum project permissions you need. Be aware that the skill's workflow explicitly instructs attaching a CONTEXT note with background and preferences — do not include passwords, private API keys, or other secrets in those notes. Prefer ephemeral or least-privilege keys, test with non-sensitive data first, and review the Taskr privacy/security policy and the supplied project token permissions. If you need stronger guarantees, ask whether the service supports data retention controls or on-prem/self-hosted deployments.

Like a lobster shell, security has layers — review code before you run it.

latestvk974j5hq52hhve0fegj65d3qes83ekr1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📋 Clawdis
EnvMCP_API_URL, MCP_USER_API_KEY, MCP_PROJECT_ID
Primary envMCP_USER_API_KEY

Comments