Skylv Context Aware Scheduler
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a real scheduler, but it can run arbitrary shell commands from task files and keep doing so in daemon mode, so mistakes or tampered tasks could have serious effects.
Review this skill before installing. It is suitable only if you intentionally want local command automation. Inspect tasks.json and any future taskfile before running run, now, or watch; avoid untrusted taskfiles; run under a low-privilege account with minimal environment variables; and be cautious with daemon mode until the repeated-run persistence issue is fixed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Any enabled task can run arbitrary local commands with the user's privileges, so a malicious or mistaken taskfile could modify files, publish content, or run other high-impact operations.
The taskfile's action.command is passed directly to a shell execution API with no allowlist, sandbox, or confirmation gate.
const out = execSync(action.command, opts);
Only use trusted task files, review every action.command before running, and prefer an allowlist or explicit confirmation for destructive, publishing, credentialed, or account-mutating commands.
In watch mode, an interval task that is already due may run again every daemon tick, potentially repeating publishes, file changes, or other commands more often than intended.
runTask updates the in-memory task, but watch mode saves a freshly reloaded taskfile instead of the modified task object, which can discard lastRun/runCount updates.
task.lastRun = new Date().toISOString(); ... runTask(t).then(() => saveTasks(taskFile, loadTasks(taskFile)));
Fix watch mode to persist the updated task list after each run, and avoid running high-impact interval tasks until this behavior is tested.
A scheduled command can access whatever credentials are already available in the environment.
Scheduled commands inherit the agent process environment, which may include API keys or other account credentials.
env: { ...process.env, ...action.env },Run the scheduler with a minimal environment and a least-privileged OS/account context, especially for untrusted or experimental tasks.
If started, the scheduler can keep running tasks until stopped, which is expected for this skill but important to control.
The documented watch command starts a daemon-style scheduler that checks repeatedly instead of performing a one-shot action.
node scheduler.js watch tasks.json
Start watch mode only intentionally, keep the taskfile small and trusted, and stop the process when background scheduling is no longer needed.