Cron Forge
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Cron Forge is an instruction-only cron template guide; the main thing to review is that following its examples can create recurring OpenClaw jobs that keep running until removed.
This skill appears safe as a documentation-only cron helper. Before using its examples, review each scheduled prompt carefully, prefer isolated sessions for recurring jobs, and remove old crons when they are no longer needed.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you run the example, OpenClaw may execute the chosen prompt automatically on the schedule you set.
This documents creation of a recurring scheduled agent task. It is central to the skill's purpose and user-directed, but such jobs can continue running until removed.
openclaw cron add --schedule "0 9 * * *" --prompt "Check email and summarize" --model haiku
Only create cron jobs with prompts you have reviewed, use isolated sessions where appropriate, and periodically run `openclaw cron list` to remove jobs you no longer need.
Scheduled jobs could repeatedly access private accounts or publish content if you configure prompts and permissions that allow it.
The suggested scheduled tasks may use sensitive account integrations or public-posting capabilities if the user's OpenClaw environment has access to them. The skill does not request credentials itself.
Daily email summary — 8 AM, summarize inbox; Weekly project report — Friday 5 PM, status of all repos; Social post scheduler — configurable times, queued content
Limit scheduled prompts to the minimum needed permissions, avoid automatic public posting without a review step, and verify which account integrations each cron job can use.