← Back to Skills Marketplace
clawdo - Todo List for Agents
by
LePetitPince
· GitHub ↗
· v1.1.4
2403
Downloads
2
Stars
9
Active Installs
5
Versions
Install in OpenClaw
/install clawdo
Description
Todo list and task management for AI agents. Add, track, and complete tasks with autonomy levels — agents propose work, humans approve. Works in heartbeats, cron, and conversations. Persistent SQLite CLI with structured JSON output.
README (SKILL.md)
🦞 clawdo — The missing todo list for AI agents
Your agent has memory files, cron jobs, and chat. It has no todo list.
No way to say "do this when you get to it." Not "do this at 14:00 UTC." Not "do this right now in this conversation." Just... remember to do it. Track it. Pick it up when there's a gap.
That's clawdo.
Install
clawhub install clawdo # installs skill + docs into your workspace
npm install -g clawdo # install the CLI binary
Requirements: Node.js ≥18
Quick Start
# Capture a task
clawdo add "update dependencies" --urgency soon
# Agent checks its queue (heartbeat, cron, conversation — wherever)
clawdo inbox --format json
# Agent works it
clawdo start a3f2
clawdo done a3f2 --json
add → inbox → start → done. Persistent state in SQLite. Every command has --json so agents parse structured output, not terminal art.
Where it fits
clawdo works everywhere agents work:
- Heartbeat loops — "anything in my queue? let me do it between checks"
- Cron jobs — "every hour, process one task"
- Conversations — "J mentioned fixing the auth module, let me capture that"
- Pipes and sub-agents — non-TTY safe, no interactive prompts
Heartbeat integration example
# In HEARTBEAT.md — runs every ~30 minutes
TASKS=$(clawdo inbox --format json)
AUTO=$(echo "$TASKS" | jq '.autoReady | length')
if [ "$AUTO" -gt 0 ]; then
TASK=$(clawdo next --auto --json | jq -r '.task.id')
clawdo start "$TASK" --json
# ... do the work ...
clawdo done "$TASK" --json
fi
Autonomy levels
Tasks can be tagged with permission tiers that control what the agent is allowed to do unsupervised:
| Level | Time Limit | What it means |
|---|---|---|
| auto | 10 min | Agent does it silently. Fix a typo, run tests. |
| auto-notify | 30 min | Agent does it, tells the human when done. |
| collab | Unlimited | Human required. Complex, risky, or ambiguous. |
Default: collab (safe).
Key rule: Autonomy is a permission, not a suggestion. Once set, agents can't change it. If an agent fails 3 times, autonomy demotes to collab. Safety only moves down, never up.
Agents propose, humans approve. Agent tasks always start as proposed. The human runs clawdo confirm \x3Cid> or it doesn't happen.
Usage
For humans
# Add tasks — inline metadata parsing
clawdo add "deploy new API +backend auto-notify now"
# └── text ──────┘ └project┘ └─level──┘ └urg┘
# View
clawdo list # active tasks
clawdo list --status proposed # agent suggestions
clawdo next # highest priority
# Review agent proposals
clawdo confirm \x3Cid> # approve
clawdo reject \x3Cid> # reject
# Work
clawdo start \x3Cid>
clawdo done \x3Cid>
clawdo done abc,def,ghi # complete several
For agents
# Check inbox (structured)
clawdo inbox --format json
# Propose work
clawdo propose "add input validation" --level auto --json
# Execute
TASK=$(clawdo next --auto --json | jq -r '.task.id // empty')
if [ -n "$TASK" ]; then
clawdo start "$TASK" --json
# ... do the work ...
clawdo done "$TASK" --json
fi
The inbox returns: autoReady, autoNotifyReady, urgent, overdue, proposed, stale, blocked.
Inline syntax
clawdo add "fix auth bug +backend @code auto soon"
+word→ project@word→ contextauto/auto-notify/collab→ autonomy levelnow/soon/whenever/someday→ urgencydue:YYYY-MM-DD→ due date
Security
- Immutable autonomy — agents cannot escalate permissions
- Proposal limits — max 5 active, 60s cooldown
- Prompt injection defense — input sanitization, parameterized SQL
- Audit trail — append-only log of every state change
- Secure IDs —
crypto.randomInt(), no modulo bias
Resources
- GitHub: https://github.com/LePetitPince/clawdo
- npm: https://www.npmjs.com/package/clawdo
- Full docs:
clawdo --help
License
MIT
Usage Guidance
This skill is internally consistent with its stated purpose: it simply wraps a CLI named 'clawdo' distributed via npm. The package distributed in this skill bundle contains only documentation — the actual code comes from npm/GitHub. Before installing or giving agents the ability to run it: 1) inspect the 'clawdo' npm package and its GitHub source (check for unexpected network endpoints, shelling out, or writing to unusual paths); 2) confirm the publisher identity and package history on npm; 3) run the CLI in a sandboxed environment (or with limited FS/network permissions) to observe behavior; 4) verify where the SQLite DB is stored and whether logs or audit trails might contain sensitive data; and 5) don't rely solely on the SKILL.md security claims (e.g., SQL parameterization) without code review. If you cannot review the npm package, treat it as higher risk.
Capability Analysis
Type: OpenClaw Skill
Name: clawdo
Version: 1.1.4
The OpenClaw AgentSkills skill bundle for 'clawdo' is classified as benign. The `SKILL.md` and `README.md` files primarily contain documentation and instructions for installing and using the `clawdo` CLI tool for task management. The installation process involves a standard `npm install -g clawdo` command. All example commands provided for agent interaction are directly related to the stated purpose of the tool (e.g., `clawdo add`, `clawdo inbox`, `clawdo start`, `clawdo done`) and do not exhibit any signs of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts designed to make the agent deviate from its intended function or access sensitive data. The documentation even highlights security features like 'Immutable autonomy' and 'Prompt injection defense'.
Capability Assessment
Purpose & Capability
The name/description (todo/task management for agents) aligns with the declared requirement of a 'clawdo' binary and the npm install spec. There are no unrelated environment variables, credentials, or config paths requested that would be unexpected for a local task queue CLI.
Instruction Scope
SKILL.md instructs agents to run the clawdo CLI (add, inbox, next, start, done, propose). Examples show integration in heartbeats and cron. The doc does not instruct reading arbitrary host files or exfiltrating data, but the examples leave the step '... do the work ...' open-ended — the agent will run whatever commands are needed to complete tasks, which is expected but broad in practice. The SKILL.md claims input sanitization and parameterized SQL, but those claims cannot be verified from the documentation alone.
Install Mechanism
Installation is via npm (package 'clawdo' → global binary). This is a standard distribution mechanism and matches the declared binary requirement. However, npm packages run arbitrary code at install and runtime; because the skill package contains only docs and not the CLI source, you must inspect the npm package or its GitHub repo before installing to ensure it doesn't perform unexpected actions.
Credentials
No environment variables, credentials, or config paths are required. That is proportionate for a local CLI that stores state in SQLite and integrates with agent workflows.
Persistence & Privilege
The skill is not marked always:true and does not request special system-level privileges. Persistence is local (SQLite) as advertised. The skill permits normal autonomous invocation (platform default), which is expected for agent tools.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawdo - After installation, invoke the skill by name or use
/clawdo - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.4
See https://github.com/LePetitPince/clawdo/releases/tag/v1.1.4
v1.1.3
See https://github.com/LePetitPince/clawdo/releases/tag/v1.1.3
v1.1.2
See https://github.com/LePetitPince/clawdo/releases/tag/v1.1.2
v1.1.1
See https://github.com/LePetitPince/clawdo/releases/tag/v1.1.1
v1.0.1
**Bug Fix:**
- Fixed ClawHub publishing in CI/CD workflow
- Added explicit authentication step before publishing
**Changes:**
- Workflow now properly authenticates with ClawHub using
- No functional changes to the CLI itself
**Install:**
added 41 packages in 1s
10 packages are looking for funding
run `npm fund` for details
**What's New:**
This is a patch release to fix the automated ClawHub publishing. The package functionality is identical to v1.0.0.
Metadata
Frequently Asked Questions
What is clawdo - Todo List for Agents?
Todo list and task management for AI agents. Add, track, and complete tasks with autonomy levels — agents propose work, humans approve. Works in heartbeats, cron, and conversations. Persistent SQLite CLI with structured JSON output. It is an AI Agent Skill for Claude Code / OpenClaw, with 2403 downloads so far.
How do I install clawdo - Todo List for Agents?
Run "/install clawdo" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is clawdo - Todo List for Agents free?
Yes, clawdo - Todo List for Agents is completely free (open-source). You can download, install and use it at no cost.
Which platforms does clawdo - Todo List for Agents support?
clawdo - Todo List for Agents is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created clawdo - Todo List for Agents?
It is built and maintained by LePetitPince (@lepetitpince); the current version is v1.1.4.
More Skills