Is plan-my-day safe?

https://clawhub.ai/ItsFlow/plan-my-day

90
SAFE

plan-my-day is a benign productivity skill consisting entirely of markdown templates and JSON metadata. It contains no executable code, no external references, no data exfiltration mechanisms, and no prompt injection attacks. The only minor concern is an imperative decision-making framework that could mildly influence agent task prioritization, and the skill's natural need to read local files for planning context.

Category Scores

Prompt Injection 90/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (3)

LOW Imperative decision framework could influence agent behavior -10

The 'Decision-Making Framework' section uses strong imperative language ('Before doing ANYTHING, ask...', 'DON'T DO IT') that could cause the agent to deprioritize or refuse tasks unrelated to the user's stated top 3 priorities. While this is clearly productivity advice, it technically instructs the agent to gate all actions through the skill's framework.

INFO Platform runtime reads sensitive files during installation -5

The OpenClaw runtime process reads .env, .aws/credentials, and auth-profiles.json during skill installation. This is platform behavior, not skill-initiated, but worth noting as it occurs in the context of installing this skill.

INFO Skill encourages agent to read local files for context -15

The 'Gather Context' process step instructs the agent to check existing daily notes and pending tasks, which will cause the agent to read local files. This is expected behavior for a planning skill but increases the skill's filesystem access surface.