to

v1.0.1

A skill for managing todo lists, including creating, updating, deleting, and organizing tasks with priorities and deadlines.

⭐ 0· 73·0 current·0 all-time

byenoyao@wscats·duplicate of @wscats/y·canonical: @wscats/cool

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The name, description, and the SKILL.md all describe standard todo functionality (create, list, update, delete, prioritize). There are no unrelated environment variables, binaries, or config paths requested — the requested capabilities align with the stated purpose.

✓

Instruction Scope

SKILL.md contains only feature descriptions, usage examples, and a task schema. It does not instruct the agent to run shell commands, read files, access environment variables, or transmit data to external endpoints beyond the implied todo operations.

✓

Install Mechanism

There is no install spec and no code files — this is an instruction-only skill. That has the lowest install-related risk because nothing is downloaded or written to disk by the skill itself.

✓

Credentials

The skill declares no required environment variables, credentials, or config paths. The lack of secrets or unrelated env access is proportionate for a todo manager.

ℹ

Persistence & Privilege

always is false and the skill does not request persistent system presence or special privileges. However, SKILL.md does not state where tasks will be stored (agent ephemeral memory, platform storage, or an external service). Confirm how and where task data is persisted and who can access that storage before use.

Assessment

This skill appears internally consistent and low-risk: it only describes todo functionality and requests no installs or credentials. Before installing, verify where task data will be stored (local/agent memory vs. remote service) and review the platform's data retention/privacy policies. Also note the skill source is unknown (no homepage); if you need auditability or long-term support, prefer skills with a verifiable author or repository. Test with non-sensitive dummy tasks first and watch for any later prompts that request credentials or external endpoints — those would be unexpected for a todo-only skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e6ej4paf1q9kbptt4vawp0x84ap9x

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

to

License

Comments