Is imrkhn03/proactive-tasks safe?

https://github.com/openclaw/skills/tree/main/skills/imrkhn03/proactive-tasks

90
SAFE

This skill provides a comprehensive task management system that enables agents to work autonomously on goals and tasks. The functionality appears legitimate and well-implemented, with proper logging, recovery mechanisms, and safety features. The main security considerations are the presence of executable Python code and instructions for autonomous behavior, but these align with the skill's intended purpose as a productivity tool.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 80/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (3)

MEDIUM Executable Python Script Present -20

The skill contains a Python script (task_manager.py) that provides command-line task management functionality. While the code appears legitimate and safe, it represents executable code that could potentially be modified or misused.

LOW Autonomous Agent Behavior Instructions -15

The skill instructs agents to work autonomously during heartbeats, check for tasks, and message users with updates. While this appears to be legitimate task management functionality, it does modify standard agent behavior patterns.

LOW Persistent Task Management Behavior -15

The skill establishes persistent task management behavior that continues across sessions through heartbeat integration. While benign, this represents a change to normal agent operation patterns.