v1.0.2

Dead Or Not

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:15 AM.

Analysis

The skill’s life-check purpose is coherent, but it needs review because it stores SMTP credentials locally, runs persistently via cron, and can send emergency emails automatically after a no-reply condition.

GuidanceReview carefully before installing. If you use it, configure a dedicated app-specific SMTP password, restrict the config file permissions, choose a trusted emergency contact, define exactly when emails should be sent, and make sure you know how to remove the cron job and reset the stored state.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceMediumStatusConcern

SKILL.md

Agent reads check_flag → asks user if they're okay
4. No reply → calls send_mail.py to notify emergency contact

The skill authorizes an automated external notification after a no-reply condition, but the artifacts do not define how long to wait, how to confirm the user is truly unresponsive, or how to prevent false alerts.

User impactA false timeout or ambiguous no-reply condition could cause the agent to email an emergency contact unexpectedly.

RecommendationDefine an explicit post-prompt waiting period, rate limit, final warning, and easy disable/reset procedure before sending emergency emails.

Unexpected Code Execution

SeverityMediumConfidenceHighStatusConcern

scripts/check.sh

source "$CONFIG_FILE"

The cron-run shell script executes the local config file as shell code instead of safely parsing key-value settings, so malformed or tampered config content can run commands with the user's privileges.

User impactA config mistake or modification could cause commands to run whenever the scheduled check executes.

RecommendationParse configuration as data rather than sourcing it, quote free-form values such as MESSAGE, and set restrictive permissions on the config file.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

crontab -l | { cat; echo "0 0 * * * /path/to/check.sh >> /path/to/log.txt 2>&1"; } | crontab -

The skill instructs the user to add a recurring cron job. This is disclosed and purpose-aligned, but it creates persistent background behavior.

User impactThe check will continue running daily until the user removes the cron entry.

RecommendationOnly install the cron job if persistent monitoring is desired, and document the exact command to remove or pause it.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

SKILL.md

SMTP_EMAIL=your_qq@qq.com
SMTP_PASSWORD=your_auth_code

The skill requires SMTP account credentials that allow sending mail as the configured sender, while the registry metadata declares no primary credential or required environment variables.

User impactInstalling and configuring this skill gives it delegated authority to send email through the user's SMTP account.

RecommendationUse a dedicated app-specific SMTP password, protect the config file, and require the skill metadata to clearly declare the credential requirement.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceMediumStatusNote

scripts/check.sh

LAST_SEEN_FILE="$CONFIG_DIR/last_seen"
LAST_ASKED_FILE="$CONFIG_DIR/last_asked"

The skill relies on persistent local state files to decide whether the user is overdue for a check-in.

User impactIncorrect or modified state files could cause unnecessary prompts or emergency notifications.

RecommendationKeep the state directory private, validate timestamp contents, and provide a clear reset procedure.