GOG Dormant Game Cleanup
AdvisoryAudited by Static analysis on May 6, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill may send a report through your configured mail tool and add items to your Reminders list.
When run normally, the script invokes local tools that send an email and create reminders. These actions are central to the stated purpose, but they are real side effects.
himalaya message write \
--account "$ACCOUNT" ...
...
remindctl add --title "Consider uninstalling: $name (last played: $last)" --list "$REMINDERS_LIST"Run with DRY_RUN=1 first, confirm the selected email account and reminder list, and avoid unattended scheduling unless you want those side effects.
The skill can use your configured mail account to send the dormant-games report.
The script uses a configured local himalaya email account, defaulting to 'personal'. This is expected for sending the report, and no hardcoded credentials or unrelated account access are shown.
ACCOUNT="${3:-personal}"
...
himalaya message write \
--account "$ACCOUNT"Use a known himalaya account, review its configuration, and prefer DRY_RUN if you do not want email sent.
Behavior depends on whatever local jq, himalaya, and remindctl binaries are installed on the system.
The skill depends on local CLI tools, while the registry metadata lists no required binaries. The dependencies are disclosed in the README and purpose-aligned, but users must supply trusted local versions.
- `jq` — JSON parsing - `himalaya` — email delivery (optional; skips email if absent) - `remindctl` — Apple Reminders (optional; skips reminders if absent)
Verify these tools are installed from trusted sources and understand their account/device permissions before running the skill.
A local report containing installed game names and paths may remain on disk after the run.
The generated report includes game names and install paths, then stores that summary in a fixed /tmp file before emailing it.
printf "%-40s %-22s %s\n" "GAME" "LAST PLAYED" "INSTALL PATH" ... } > /tmp/gog_dormant_email.txt body=$(cat /tmp/gog_dormant_email.txt)
Delete /tmp/gog_dormant_email.txt after use if you consider the game list or install paths private, or modify the script to use a private temporary file.
If scheduled, the script may repeatedly send reports and create reminders without further manual action.
The skill documents optional recurring execution. This is clearly disclosed and user-directed, but it creates ongoing automated behavior if the user enables it.
To run weekly via cron: ```bash # Every Monday at 9 AM 0 9 * * 1 /path/to/gog_dormant_cleanup.sh 30 /path/to/gog_library.json ``` Or use OpenClaw's cron tool for managed scheduling.
Only enable cron/OpenClaw scheduling if recurring cleanup nudges are desired, and monitor for duplicate reminders.