← 返回 Skills 市场
clawdo - Todo List for Agents
作者
LePetitPince
· GitHub ↗
· v1.1.4
2403
总下载
2
收藏
9
当前安装
5
版本数
在 OpenClaw 中安装
/install clawdo
功能描述
Todo list and task management for AI agents. Add, track, and complete tasks with autonomy levels — agents propose work, humans approve. Works in heartbeats, cron, and conversations. Persistent SQLite CLI with structured JSON output.
使用说明 (SKILL.md)
🦞 clawdo — The missing todo list for AI agents
Your agent has memory files, cron jobs, and chat. It has no todo list.
No way to say "do this when you get to it." Not "do this at 14:00 UTC." Not "do this right now in this conversation." Just... remember to do it. Track it. Pick it up when there's a gap.
That's clawdo.
Install
clawhub install clawdo # installs skill + docs into your workspace
npm install -g clawdo # install the CLI binary
Requirements: Node.js ≥18
Quick Start
# Capture a task
clawdo add "update dependencies" --urgency soon
# Agent checks its queue (heartbeat, cron, conversation — wherever)
clawdo inbox --format json
# Agent works it
clawdo start a3f2
clawdo done a3f2 --json
add → inbox → start → done. Persistent state in SQLite. Every command has --json so agents parse structured output, not terminal art.
Where it fits
clawdo works everywhere agents work:
- Heartbeat loops — "anything in my queue? let me do it between checks"
- Cron jobs — "every hour, process one task"
- Conversations — "J mentioned fixing the auth module, let me capture that"
- Pipes and sub-agents — non-TTY safe, no interactive prompts
Heartbeat integration example
# In HEARTBEAT.md — runs every ~30 minutes
TASKS=$(clawdo inbox --format json)
AUTO=$(echo "$TASKS" | jq '.autoReady | length')
if [ "$AUTO" -gt 0 ]; then
TASK=$(clawdo next --auto --json | jq -r '.task.id')
clawdo start "$TASK" --json
# ... do the work ...
clawdo done "$TASK" --json
fi
Autonomy levels
Tasks can be tagged with permission tiers that control what the agent is allowed to do unsupervised:
| Level | Time Limit | What it means |
|---|---|---|
| auto | 10 min | Agent does it silently. Fix a typo, run tests. |
| auto-notify | 30 min | Agent does it, tells the human when done. |
| collab | Unlimited | Human required. Complex, risky, or ambiguous. |
Default: collab (safe).
Key rule: Autonomy is a permission, not a suggestion. Once set, agents can't change it. If an agent fails 3 times, autonomy demotes to collab. Safety only moves down, never up.
Agents propose, humans approve. Agent tasks always start as proposed. The human runs clawdo confirm \x3Cid> or it doesn't happen.
Usage
For humans
# Add tasks — inline metadata parsing
clawdo add "deploy new API +backend auto-notify now"
# └── text ──────┘ └project┘ └─level──┘ └urg┘
# View
clawdo list # active tasks
clawdo list --status proposed # agent suggestions
clawdo next # highest priority
# Review agent proposals
clawdo confirm \x3Cid> # approve
clawdo reject \x3Cid> # reject
# Work
clawdo start \x3Cid>
clawdo done \x3Cid>
clawdo done abc,def,ghi # complete several
For agents
# Check inbox (structured)
clawdo inbox --format json
# Propose work
clawdo propose "add input validation" --level auto --json
# Execute
TASK=$(clawdo next --auto --json | jq -r '.task.id // empty')
if [ -n "$TASK" ]; then
clawdo start "$TASK" --json
# ... do the work ...
clawdo done "$TASK" --json
fi
The inbox returns: autoReady, autoNotifyReady, urgent, overdue, proposed, stale, blocked.
Inline syntax
clawdo add "fix auth bug +backend @code auto soon"
+word→ project@word→ contextauto/auto-notify/collab→ autonomy levelnow/soon/whenever/someday→ urgencydue:YYYY-MM-DD→ due date
Security
- Immutable autonomy — agents cannot escalate permissions
- Proposal limits — max 5 active, 60s cooldown
- Prompt injection defense — input sanitization, parameterized SQL
- Audit trail — append-only log of every state change
- Secure IDs —
crypto.randomInt(), no modulo bias
Resources
- GitHub: https://github.com/LePetitPince/clawdo
- npm: https://www.npmjs.com/package/clawdo
- Full docs:
clawdo --help
License
MIT
安全使用建议
This skill is internally consistent with its stated purpose: it simply wraps a CLI named 'clawdo' distributed via npm. The package distributed in this skill bundle contains only documentation — the actual code comes from npm/GitHub. Before installing or giving agents the ability to run it: 1) inspect the 'clawdo' npm package and its GitHub source (check for unexpected network endpoints, shelling out, or writing to unusual paths); 2) confirm the publisher identity and package history on npm; 3) run the CLI in a sandboxed environment (or with limited FS/network permissions) to observe behavior; 4) verify where the SQLite DB is stored and whether logs or audit trails might contain sensitive data; and 5) don't rely solely on the SKILL.md security claims (e.g., SQL parameterization) without code review. If you cannot review the npm package, treat it as higher risk.
功能分析
Type: OpenClaw Skill
Name: clawdo
Version: 1.1.4
The OpenClaw AgentSkills skill bundle for 'clawdo' is classified as benign. The `SKILL.md` and `README.md` files primarily contain documentation and instructions for installing and using the `clawdo` CLI tool for task management. The installation process involves a standard `npm install -g clawdo` command. All example commands provided for agent interaction are directly related to the stated purpose of the tool (e.g., `clawdo add`, `clawdo inbox`, `clawdo start`, `clawdo done`) and do not exhibit any signs of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts designed to make the agent deviate from its intended function or access sensitive data. The documentation even highlights security features like 'Immutable autonomy' and 'Prompt injection defense'.
能力评估
Purpose & Capability
The name/description (todo/task management for agents) aligns with the declared requirement of a 'clawdo' binary and the npm install spec. There are no unrelated environment variables, credentials, or config paths requested that would be unexpected for a local task queue CLI.
Instruction Scope
SKILL.md instructs agents to run the clawdo CLI (add, inbox, next, start, done, propose). Examples show integration in heartbeats and cron. The doc does not instruct reading arbitrary host files or exfiltrating data, but the examples leave the step '... do the work ...' open-ended — the agent will run whatever commands are needed to complete tasks, which is expected but broad in practice. The SKILL.md claims input sanitization and parameterized SQL, but those claims cannot be verified from the documentation alone.
Install Mechanism
Installation is via npm (package 'clawdo' → global binary). This is a standard distribution mechanism and matches the declared binary requirement. However, npm packages run arbitrary code at install and runtime; because the skill package contains only docs and not the CLI source, you must inspect the npm package or its GitHub repo before installing to ensure it doesn't perform unexpected actions.
Credentials
No environment variables, credentials, or config paths are required. That is proportionate for a local CLI that stores state in SQLite and integrates with agent workflows.
Persistence & Privilege
The skill is not marked always:true and does not request special system-level privileges. Persistence is local (SQLite) as advertised. The skill permits normal autonomous invocation (platform default), which is expected for agent tools.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install clawdo - 安装完成后,直接呼叫该 Skill 的名称或使用
/clawdo触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.4
See https://github.com/LePetitPince/clawdo/releases/tag/v1.1.4
v1.1.3
See https://github.com/LePetitPince/clawdo/releases/tag/v1.1.3
v1.1.2
See https://github.com/LePetitPince/clawdo/releases/tag/v1.1.2
v1.1.1
See https://github.com/LePetitPince/clawdo/releases/tag/v1.1.1
v1.0.1
**Bug Fix:**
- Fixed ClawHub publishing in CI/CD workflow
- Added explicit authentication step before publishing
**Changes:**
- Workflow now properly authenticates with ClawHub using
- No functional changes to the CLI itself
**Install:**
added 41 packages in 1s
10 packages are looking for funding
run `npm fund` for details
**What's New:**
This is a patch release to fix the automated ClawHub publishing. The package functionality is identical to v1.0.0.
元数据
常见问题
clawdo - Todo List for Agents 是什么?
Todo list and task management for AI agents. Add, track, and complete tasks with autonomy levels — agents propose work, humans approve. Works in heartbeats, cron, and conversations. Persistent SQLite CLI with structured JSON output. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2403 次。
如何安装 clawdo - Todo List for Agents?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawdo」即可一键安装,无需额外配置。
clawdo - Todo List for Agents 是免费的吗?
是的,clawdo - Todo List for Agents 完全免费(开源免费),可自由下载、安装和使用。
clawdo - Todo List for Agents 支持哪些平台?
clawdo - Todo List for Agents 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 clawdo - Todo List for Agents?
由 LePetitPince(@lepetitpince)开发并维护,当前版本 v1.1.4。
推荐 Skills