cron-creator

[Skill Scanner] URL pointing to executable file detected All findings: [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [CRITICAL] command_injection: URL pointing to executable file detected (CI010) [AITech 9.1.4] [HIGH] command_injection: Reference to external script with install/setup context (SC005) [HIGH] command_injection: Reference to external script with install/setup context (SC005) The cron-creator skill's documentation describes a reasonable, legitimate feature: turning natural-language schedules into Clawdbot cron jobs. The dominant security concerns are procedural and implementation-dependent: (1) the use of curl | bash for installation increases supply-chain risk; (2) the parser may be vulnerable to command injection if it constructs shell commands insecurely; and (3) credential handling for external messaging services is unspecified. Without the scripts/cron_creator.py and install.sh source, definitive statements about malicious behavior cannot be made. Recommended actions before installation: inspect install.sh and scripts/cron_creator.py for safe command construction (avoid shell=True, use argument lists), ensure any tokens/API keys are stored securely (not exfiltrated or written to world-readable files), and avoid running the one-line installer without review. Treat this package as moderate risk until code review confirms safe practices. LLM verification: BENIGN with caveats. The cron-creator skill appears to fulfill its purpose of parsing natural language into cron commands for Clawdbot. The principal risk lies in the installation flow that pulls an external installer from GitHub raw URLs. Mitigations include verifying installer integrity (hash/signature), pinning to a release, hosting a signed installer, or providing a self-contained install workflow. No credentials or data exfiltration are evident in the analyzed fragment.