Life Radar
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Life Radar is an instruction-only daily planning skill that clearly describes summarizing connected personal sources, with no code, install steps, persistence, or hidden execution shown.
This skill appears safe to install as an instruction-only planner. Before using it, be aware that it may inspect connected email, messages, calendar, billing notices, and notes to create the brief; verify high-impact items like payments or security alerts in the original source.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When invoked, the agent may summarize sensitive personal or work information from connected accounts.
The skill may use already-connected accounts or data sources to inspect calendar, messages, and financial notifications. This is purpose-aligned for a daily action digest, but users should understand that private account data may be read if available.
Collect only what is available in current environment; skip unavailable sources without failing. 1. Calendar events (today + tomorrow) 2. Recent urgent messages (SMS/iMessage/email/DM) 3. Billing or financial notifications
Only use this skill with sources you are comfortable having summarized, and keep connected account/tool permissions appropriately scoped.
A misleading email, message, or note could influence what appears urgent in the daily brief.
The digest depends on retrieved message and note content, which can include private or untrusted text. The skill includes quality guidance such as redacting secrets and marking uncertainty, but users should still verify important recommendations.
Recent urgent messages (SMS/iMessage/email/DM) ... Existing tasks/notes (if connected)
Treat the digest as a summary aid rather than a source of truth, and verify payment, security, or deadline items in the original source before acting.
The packaged metadata may not exactly match the registry version shown to users.
The bundled metadata version is 0.1.0 while the registry metadata lists version 0.2.0. Because this is an instruction-only skill with no install mechanism or executable code, this is a provenance consistency note rather than a security concern.
"version": "0.1.0"
If version provenance matters for your workflow, confirm the publisher or wait for corrected metadata before relying on it.