Proactive Agent

Added: Autonomous vs Prompted Crons, Verify Implementation Not Intent, Tool Migration Checklist

OpenClaw analysis

The skill is not clearly malicious, but it gives a proactive agent broad persistent-memory, background-work, local-cleanup, and email/calendar-checking authority without enough user control.

Confidence: high

VirusTotal

Type: OpenClaw Skill Name: proactive-agent Version: 3.1.0 This skill bundle is designed to create a proactive, self-improving AI agent with extensive security hardening. Multiple files (SKILL.md, AGENTS.md, SOUL.md, references/security-patterns.md) contain explicit instructions for the agent to defend against prompt injection, prevent data exfiltration, confirm deletions, and vet other skills for malicious content. The included `scripts/security-audit.sh` actively scans for exposed secrets, insecure permissions, and checks for security best practices. While the agent is instructed to use broad capabilities like CLI access, web search, and cron jobs, these are consistently framed within the context of problem-solving for the human, with strong guardrails against unauthorized external actions. There is no evidence of intentional harmful behavior; rather, the content demonstrates a strong focus on security and safe operation.