ClawHub

Todos

v1.0.0

简洁高效的待办事项管理技能,支持添加、完成、查看、删除待办,数据存储在本地 JSON 文件

0· 123·0 current·0 all-time
by@radiantbk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (local todo manager) matches the provided script and SKILL.md. The script implements add/list/complete/delete and stores data under ~/.openclaw/workspace/memory/todos.json — which aligns with the stated purpose. No unrelated binaries or credentials are requested.
Instruction Scope
SKILL.md instructs using the included Python script (scripts/todos.py) and references the same local data path the script uses. The runtime instructions do not ask the agent to read other system files, environment variables, or send data externally. The script only reads/writes the declared JSON file and prints output.
Install Mechanism
There is no install spec (instruction-only skill with a bundled script). Nothing is downloaded or extracted; no external install URLs are used.
Credentials
The skill requires no environment variables, credentials, or config paths outside its own workspace file. Requested resources are minimal and proportional to a local todo app.
Persistence & Privilege
always is false and the skill is user-invocable. It does create and write its own data file under the user's ~/.openclaw workspace (expected behavior) but does not modify other skills or system-wide settings.
Assessment
This skill appears coherent and implements a local todo manager. Before installing, note: (1) it will create and update ~/.openclaw/workspace/memory/todos.json — data is stored locally and unencrypted, so avoid putting sensitive information into todos; (2) the agent (or you) will run the included Python script when invoking the skill, so ensure you trust bundled code; (3) there are no network calls or credential requests in the code, so there is no obvious exfiltration path. If you want extra assurance, inspect the script yourself or run it in a restricted environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk977n17xcvmzg6060x3fa0cg1183hash

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments