Skylv Smart Task Scheduler
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: skylv-smart-task-scheduler Version: 1.0.0 The skill is a task scheduler that executes arbitrary shell commands via 'child_process.execSync' in 'scheduler.js'. While the code aligns with the stated purpose in 'SKILL.md', it provides high-risk capabilities including a background daemon mode ('watch' command) and the ability to define custom environment variables for executed tasks. These features create a significant attack surface for Remote Code Execution (RCE) and persistence if the 'tasks.json' configuration is influenced by a malicious actor or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A task file can run arbitrary commands on the user’s machine, potentially changing files, running programs, or acting on logged-in services.
The scheduler executes the `command` field from a task file directly through the shell, with no allowlist, confirmation step, or command-scope restriction shown.
const out = execSync(action.command, opts);
Only run trusted task files. Add explicit user approval for high-impact commands, restrict allowed commands or directories, and provide a dry-run/list mode before execution.
Once started, commands can keep running repeatedly in the background-like scheduler loop, which could amplify mistakes or unwanted account actions.
The `watch` command keeps a daemon-style loop running every 30 seconds and executes due tasks until the user interrupts it.
const id = setInterval(tick, interval);
Use `watch` only with reviewed task files, add clear stop/status controls, and consider max-run, backoff, and confirmation safeguards for sensitive tasks.
A configured task could publish or mutate account-backed resources without a fresh review at execution time.
The documentation shows scheduled publishing through a CLI command, which may act using the user’s existing authenticated account or local credentials.
"action": { "command": "clawhub publish . --slug skylv-x --version 1.0.0" }Use least-privilege credentials, review publishing commands carefully, and avoid scheduling account-mutating actions unless the trigger and output are tightly controlled.