ClawHub

Deepfocus

v2.0.0

Run Pomodoro sessions with break timers and productivity tracking. Use when starting focus sessions, tracking streaks, reviewing productivity.

0· 106·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description describe a local productivity tracker and the provided script implements the listed commands, stores logs, and reports stats. There are no unrelated dependencies or credentials requested.
Instruction Scope
SKILL.md simply instructs running scripts/script.sh <command>. The script operates only on a single data directory (~/.local/share/deepfocus) and its own log files; it does not read arbitrary system files or contact external endpoints.
Install Mechanism
No install spec is declared and the bundle contains a bash script. Nothing is downloaded or extracted at install time, so there is no high-risk install mechanism.
Credentials
The skill requests no environment variables or credentials. It writes/reads only to ~/.local/share/deepfocus, which is proportional for a file-based CLI tracker. Note: it will create and modify files under the user's home directory.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide agent settings. Its persistence is limited to the data files it writes under the user's home directory.
Assessment
This skill appears to do exactly what it says: a local, file-based productivity logger implemented as a bash script. Before installing or running it, consider: 1) provenance — the registry metadata lists no homepage or repo (the script header references bytesagain.com), so verify the source if you require strong provenance; 2) filesystem changes — the script will create and write logs to ~/.local/share/deepfocus (back up anything important in that path first); 3) sensitive data — do not store passwords or secrets in the logs (entries are stored in plain text and exported without escaping); 4) code review — the script is short and readable; if you are security-conscious, inspect scripts/script.sh locally before running. If you are comfortable with these tradeoffs, the skill is coherent and low-risk for normal personal use.

Like a lobster shell, security has layers — review code before you run it.

latestvk974jp92smwfpptg9hcdy2mtw9835rq9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments