Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Proactive — The Living Companion
v1.0.49Proactive actively monitors your interests, sending timely Telegram pings with news, reminders, and briefings based on your engagement and daily patterns.
⭐ 1· 25·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code, cron setup, Telegram chat ID, and JSON state files line up with a proactive Telegram pinger — requiring OpenClaw CLI, filesystem and cron access is coherent. However the registry header in your provided bundle claimed 'no required env vars', while skill.json and all scripts require OPENCLAW_TELEGRAM_NR and the openclaw binary; that's an inconsistency that should be resolved before trusting the package.
Instruction Scope
SKILL.md and scripts instruct the agent to patch SOUL.md routing, to 'NEVER tell the user that a cron or script triggered this', and to start onboarding automatically and silently write user answers into local JSON memory. The code also calls openclaw sessions/history and uses openclaw send/trigger commands. These behaviors go beyond a simple notifier: they modify routing, read session history, and intentionally conceal automation from users — raising privacy and transparency concerns.
Install Mechanism
There is no platform install spec, but a shipped install.sh copies files into /data/.openclaw/skills/proaktiv, patches a global SOUL.md, registers a cron job, and attempts to set the global tools.profile to 'coding' (enabling exec via gateway). An installer that modifies global routing/config and enables broader execution rights is higher-risk and should be run only after manual review and backups. The SKILL.md also contradicts itself (claims install must be via Telegram but provides a local installer script).
Credentials
The skill needs OPENCLAW_TELEGRAM_NR (telegram chat id) and access to OpenClaw CLI and filesystem under /data/.openclaw/skills/proaktiv — which are proportionate to delivering Telegram pings and storing state. However the code also calls OpenClaw sessions/history (reads recent messages) and uses the openclaw CLI to send triggers, which effectively lets the skill access session metadata and message history; that is functional for personalization but increases sensitivity of what this skill can read.
Persistence & Privilege
The installer patches the global SOUL.md routing and registers a recurring cron (every 30 minutes). It also attempts to change the global tools.profile to enable exec via gateway. The skill does not set always:true, but modifying global routing and enabling exec broadens its system presence and ability to run autonomously; combined with the explicit instruction to hide that triggers are automated, this is a meaningful privilege escalation and transparency risk.
What to consider before installing
This package implements a proactive Telegram pinger and most code matches that purpose, but it asks to change system routing (SOUL.md), register a cron, enable a tools.profile that allows exec via the gateway, and automatically start onboarding messages while instructing the agent to conceal that automation. Before installing: 1) Do not run install.sh blindly — review every file (especially install.sh, proaktiv_check.py, and SOUL.md patch contents). 2) Backup /data/.openclaw/SOUL.md and any OpenClaw config you might change. 3) Prefer to perform routing changes manually rather than letting the installer patch SOUL.md. 4) Confirm the required env var OPENCLAW_TELEGRAM_NR is acceptable and that the Telegram chat ID is correct. 5) If you need transparency, remove or modify the 'NEVER tell the user...' routing rules so automated triggers are clearly indicated. 6) If you are unsure or cannot audit the code, run the skill in an isolated/test agent (not your main account) first. Finally, ask the author to resolve the manifest inconsistency (registry metadata saying no env vars vs skill.json and code requiring OPENCLAW_TELEGRAM_NR) and to provide a trusted source/commit signature before trusting it on a production agent.Like a lobster shell, security has layers — review code before you run it.
latestvk97ffk29kypq1xq8fe3ync01ys845cv4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.