ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Todo Tracker (CN)

v1.1.0

生成、跟踪和验证待办列表的执行状态。提供 generate-todo-list, mark-completed, show-progress, verify-completion 四个核心动作。

0· 96·0 current·0 all-time
by@elderyang

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for elderyang/todo-tracker-cn.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Todo Tracker (CN)" (elderyang/todo-tracker-cn) from ClawHub.
Skill page: https://clawhub.ai/elderyang/todo-tracker-cn
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install todo-tracker-cn

ClawHub CLI

Package manager switcher

npx clawhub@latest install todo-tracker-cn
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and code align: the included Python implements generate-todo-list, mark-completed, show-progress, and verify-completion and stores state in ~/.openclaw/workspace/todo-current.json. Required binary (python3) is appropriate.
Instruction Scope
Runtime instructions show how to run the included script and reference data at ~/.openclaw/workspace/todo-current.json, which matches the code. However SKILL.md and README also claim integration with a Self-Improving flow and writing to ~/self-improving/corrections.md (and elsewhere mention corrections.md/memory.md/heartbeat-state.md), whereas the code appends only to ~/.openclaw/workspace/MEMORY.md and only if that file already exists — the docs and examples overstate or mismatch actual behavior.
Install Mechanism
No install spec (instruction-only plus bundled Python file). Nothing is downloaded or executed outside the included script; risk from install mechanism is low.
Credentials
The skill requests no environment variables or external credentials. It only reads/writes files under the user's home (~/.openclaw). File access permissions declared in plugin.json (file.read/file.write) align with what the code does.
Persistence & Privilege
The skill writes persistent state to ~/.openclaw/workspace/todo-current.json and may append to ~/.openclaw/workspace/MEMORY.md if that file exists. always:false and no system-wide config changes; privileges are limited to user home paths.
What to consider before installing
This skill's code generally matches a basic todo tracker and does not request secrets or network access, but the documentation claims extra integrations and different file paths that the code does not implement. Before installing: (1) review the bundled todo_tracker.py to confirm you are comfortable with it writing to ~/.openclaw/workspace/; (2) if you expect integration with a Self-Improving system, verify or patch the code (it currently appends only to ~/.openclaw/workspace/MEMORY.md and only if that file exists); (3) consider creating a dedicated test account or sandbox to run the skill first; (4) if you need persistent archiving, either create the expected MEMORY.md or modify append_to_memory to write to your desired path. The inconsistencies look like sloppy documentation rather than malicious behavior, but verify behavior before granting broader trust.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Clawdis
Binspython3
chinesevk97d9t8r354re3j335fn8e848d83nke7latestvk97d9t8r354re3j335fn8e848d83nke7openclawvk97d9t8r354re3j335fn8e848d83nke7productivityvk97d9t8r354re3j335fn8e848d83nke7taskvk97d9t8r354re3j335fn8e848d83nke7todovk97d9t8r354re3j335fn8e848d83nke7
96downloads
0stars
2versions
Updated 1mo ago
v1.1.0
MIT-0
@elderyang
chineselatestopenclawproductivitytasktodo
Download

Todo Tracker Skill

待办事项管理技能,实现任务的生成、跟踪和完成验证。

核心功能

  1. generate-todo-list - 根据任务描述生成结构化待办列表
  2. mark-completed - 标记某个待办项为已完成
  3. show-progress - 查看当前待办列表的完成进度
  4. verify-completion - 验证待办列表是否全部完成

使用方式

# 生成待办列表
python3 ~/.openclaw/workspace/skills/todo-tracker/todo_tracker.py generate-todo-list "分析项目需求"

# 标记完成
python3 ~/.openclaw/workspace/skills/todo-tracker/todo_tracker.py mark-completed "todo_xxx"

# 查看进度
python3 ~/.openclaw/workspace/skills/todo-tracker/todo_tracker.py show-progress

# 验证完成
python3 ~/.openclaw/workspace/skills/todo-tracker/todo_tracker.py verify-completion

数据存储

待办数据存储在:~/.openclaw/workspace/todo-current.json

与 Self-Improving 集成

  • 任务完成后自动记录到 ~/self-improving/corrections.md
  • 定期清理已完成的待办列表

Comments

Loading comments...