ClawHub

Time Capsule 🔮

v1.0.0

Create, manage, and open time capsules — seal a thought, feeling, decision, or wish and have it delivered back to your future self with AI reflection on what...

0· 109·0 current·0 all-time
byWen@wyatt88
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the instructions: the skill collects user messages, records metadata, schedules openings, and composes reflections using memory_search. It does not request unrelated credentials, binaries, or services.
Instruction Scope
Runtime instructions are limited to creating/reading/writing ~/.openclaw/state/time-capsules.json, extracting metadata from the message and recent conversation context, calling memory_search when opening, and creating cron jobs that trigger an agent turn. These actions are in-scope for a time-capsule feature, but they give the skill broad discretion to read conversation context and memory_search results when composing reflections.
Install Mechanism
No install steps or external downloads — instruction-only. Nothing is written to disk by an installer beyond what the skill's runtime instructions specify, which reduces supply-chain risk.
!
Credentials
The skill stores sealed messages verbatim in a plaintext JSON file under the user's home (~/.openclaw/state/time-capsules.json). While the SKILL.md warns not to store passwords/secrets, the design still places potentially sensitive user text in an unencrypted, persistent file that other local processes or backups could access. It also uses memory_search at open time, which will access the agent's stored memories (expected but privacy-relevant). No environment variables or external credentials are requested, which is proportionate.
Persistence & Privilege
The skill creates persistent artifacts (a JSON file and scheduled cron jobs). It does not set always:true and does not request system-wide privilege changes, but the cron jobs enable future autonomous agent runs that will read the file and call memory_search. This is coherent with the feature but increases the long-term blast radius (persistent data + scheduled agent activity).
Assessment
This skill behaves like a local time-capsule manager: it will write sealed messages and metadata to ~/.openclaw/state/time-capsules.json and create scheduled cron jobs so the agent can open capsules later and run memory searches to compose reflections. Before installing: (1) do not store passwords, private keys, or other secrets in capsules — the file is plaintext; (2) inspect and control file permissions for ~/.openclaw/state/ and delete any capsules you no longer want retained; (3) confirm you are comfortable with scheduled agent runs (cron jobs) that will autonomously read that file and access your agent memories; (4) if you need stronger privacy, request or implement encryption for the stored file or use a secure storage mechanism instead. If you want, I can suggest an encrypted storage pattern or a checklist of how to audit/remove the cron jobs and capsule file.

Like a lobster shell, security has layers — review code before you run it.

latestvk973qaty2h26eqka7p3egxd1ns8399mf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔮 Clawdis

Comments