IronClaw AI
PassAudited by ClawScan on May 16, 2026.
Overview
IronClaw AI is a coherent instruction-only tracker, but it sends personal productivity and sleep-related records to a configured service, so users should verify where that service points.
Before installing, confirm that IRONCLAW_SERVICE_URL points to a service you trust, understand that your personal tracking and sleep-related data may be stored there, and be aware that natural-language tracking phrases can create or update records automatically. No artifact-backed evidence of malicious behavior, credential theft, local file access, or code execution was found.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your mission, habit, tennis, sleep, and status actions may be sent to and recorded by the configured IronClaw service.
The skill delegates user-tracking actions to an HTTP command endpoint. This is central to the stated purpose, but it can create, complete, extend, or abort records in the tracking service.
All commands are dispatched via `POST ${IRONCLAW_SERVICE_URL}/commands` with body `{ "command": "<slash command>" }`.Verify the service URL before use and review important record-changing actions, especially aborts or completions.
Personal routines, sleep quality, goals, notes, and discipline scores may be retained and reused for future summaries or coaching.
The skill is designed to persist and reuse personal performance, sleep, and coaching data. This is expected for a tracking system, but users should treat it as personal data storage.
**Sleep** — duration, quality, and readiness scoring ... `/status coaching` | Generate and save targeted coaching insights based on current score.
Avoid entering sensitive notes unless you trust the backend service, and check whether the service offers retention, export, and deletion controls.
It may be harder to confirm who operates the backend service or whether the configured endpoint is the intended one.
The registry metadata does not provide source, homepage, install provenance, or the service URL declaration, even though the SKILL.md relies on an external command endpoint.
Source: unknown; Homepage: none; Required env vars: none; Env var declarations: none; No install spec — this is an instruction-only skill.
Only use the skill with a known, trusted IRONCLAW_SERVICE_URL and confirm the publisher or service operator before sending personal tracking data.
The assistant may follow up later about active missions or rests if the runtime supports that behavior.
The skill asks for delayed follow-ups after starting a mission or rest period. This is disclosed and aligned with mission tracking, but it implies continued agent involvement after the initial request.
When the ETA expires (or after 15 minutes if default), send a check-in: "Mission ETA reached. Did you complete **<title>**?"
Use the ETA/check-in features only if you want time-based follow-ups, and disable or ignore them if you prefer manual logging.