Back to skill
Skillv1.0.0
ClawScan security
个人日程管理 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 6, 2026, 11:22 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill mostly implements a local personal scheduler and matches its description, but there are multiple implementation inconsistencies and a hard-coded external recipient ID that could unintentionally route reminders to a third party — review before installing.
- Guidance
- This package largely does what it says: a local scheduler with NL input, a web UI, and local reminders. Before installing or running it: 1) Inspect and edit data/config.json to remove or replace the default feishu_user_id (do not leave the bundled ID); 2) Search the skill data folder after running for reminder_jobs.json / cron_jobs.json and confirm no unexpected recipient IDs or commands are stored; 3) Be aware that reminders are delivered by the platform capturing printed output — verify OpenClaw's delivery behavior in a safe test (use a test account or disable sending) so private reminders are not forwarded to third parties; 4) Note the code inconsistency: check_reminders.py expects a 'reminders' DB table that is never created — reminders may be managed via JSON files instead; test reminder flows end-to-end to ensure behavior matches your expectations; 5) Run the skill locally in a sandboxed environment if possible and audit the files it writes (data/*.json, scheduler.db) before trusting it with sensitive calendar data.
Review Dimensions
- Purpose & Capability
- okName, description, and code files align: Python scripts implement natural-language parsing, local SQLite storage, web UI, import/export, and reminder creation. Requiring only python (and Flask at runtime) is proportionate to the stated purpose.
- Instruction Scope
- concernRuntime instructions are generally scoped to local operations (start web server, run scripts, edit data/config.json). However the reminder flow is inconsistent: some code (CronManager and scheduler) creates local JSON-based cron/reminder job records and constructs commands to call send_reminder.py, while check_reminders.py expects a database 'reminders' table that the rest of the code never creates — this mismatch can cause unexpected behavior. Also the skill relies on OpenClaw capturing printed output to deliver messages (Feishu), which means reminders are implicitly routed by platform behavior; that coupling should be explicit and understood by the user.
- Install Mechanism
- okNo install spec included; the SKILL.md asks only to pip install flask. All code is provided in the skill bundle, so nothing will be downloaded from external URLs during install — low install risk.
- Credentials
- concernThe skill requests no environment secrets but embeds a default feishu_user_id in config/scheduler defaults (ou_669575f70b8b81dd5c431c4ed1ad41c4). If the user does not edit config.json, reminders may be marked to be sent to that external ID. Cron job entries and command strings are saved with that user ID. This is disproportionate/unexpected by default and could leak reminder content or metadata to an unintended recipient.
- Persistence & Privilege
- noteThe skill is not always-enabled and does not request elevated platform privileges. It does persist state locally (scheduler.db, config.json, reminder_jobs.json, cron_jobs.json, backups). Creating local scheduled-job configuration files is expected for this functionality, but these files may contain commands and the recipient ID described above — check them if you install.