proactive-daily-planner

1[2026-03-12T22:03:03.893Z] Running @yourclaw/clawguard-rules pattern matcher
2Scanning: /tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/SKILL.md
3Content length: 4259 chars
4Patterns matched: 0
5✓ Completed in 19ms

1[2026-03-12T22:04:25.987Z] $ gitleaks detect --source /tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner --report-format json --report-path /dev/stdout --no-git
2
3⚠ stderr output:
4○
5    │╲
6    │ ○
7    ○ ░
8    ░    gitleaks
9
1010:04PM FTL Report path is not writable: /dev/stdout error="open /dev/stdout: no such device or address"
11
12Process exited with code 1
13✓ Completed in 82094ms

1[2026-03-12T22:04:32.056Z] $ semgrep scan --json --quiet --config auto /tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner
2{"version":"1.155.0","results":[{"check_id":"javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal","path":"/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/planner.js","start":{"line":37,"col":58,"offset":1029},"end":{"line":37,"col":77,"offset":1048},"extra":{"message":"Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability,  where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.","metadata":{"owasp":["A05:2017 - Broken Access Control","A01:2021 - Broken Access Control","A01:2025 - Broken Access Control"],"cwe":["CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"],"category":"security","references":["https://owasp.org/www-community/attacks/Path_Traversal"],"technology":["javascript","node.js"],"cwe2022-top25":true,"cwe2021-top25":true,"subcategory":["vuln"],"likelihood":"HIGH","impact":"MEDIUM","confidence":"LOW","license":"Semgrep Rules License v1.0. For more details, visit semgrep.dev/legal/rules-license","vulnerability_class":["Path Traversal"],"source":"https://semgrep.dev/r/javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal","shortlink":"https://sg.run/OPqk"},"severity":"WARNING","fingerprint":"requires login","lines":"requires login","validation_state":"NO_VALIDATOR","engine_kind":"OSS"}}],"errors":[],"paths":{"scanned":["/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/README.md","/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/SKILL.md","/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/_meta.json","/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/config.json","/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/package.json","/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/planner.js","/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/scripts/install.sh","/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/templates/afternoon.md","/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/templates/evening.md","/tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner/templates/morning.md"]},"time":{"rules":[],"rules_parse_time":1.1957659721374512,"profiling_times":{"config_time":2.2439351081848145,"core_time":1.870762825012207,"ignores_time":0.001699686050415039,"total_time":4.124814987182617},"parsing_time":{"total_time":0.0,"per_file_time":{"mean":0.0,"std_dev":0.0},"very_slow_stats":{"time_ratio":0.0,"count_ratio":0.0},"very_slow_files":[]},"scanning_time":{"total_time":0.1789255142211914,"per_file_time":{"mean":0.0071570205688476565,"std_dev":0.00029060990513480646},"very_slow_stats":{"time_ratio":0.0,"count_ratio":0.0},"very_slow_files":[]},"matching_time":{"total_time":0.0,"per_file_and_rule_time":{"mean":0.0,"std_dev":0.0},"very_slow_stats":{"time_ratio":0.0,"count_ratio":0.0},"very_slow_rules_on_files":[]},"tainting_time":{"total_time":0.0,"per_def_and_rule_time":{"mean":0.0,"std_dev":0.0},"very_slow_stats":{"time_ratio":0.0,"count_ratio":0.0},"very_slow_rules_on_defs":[]},"fixpoint_timeouts":[],"prefiltering":{"project_level_time":0.0,"file_level_time":0.0,"rules_with_project_prefilters_ratio":0.0,"rules_with_file_prefilters_ratio":0.9796557120500783,"rules_selected_ratio":0.0297339593114241,"rules_matched_ratio":0.0297339593114241},"targets":[],"total_bytes":0,"max_memory_bytes":1153561344},"engine_requested":"OSS","skipped_rules":[],"profiling_results":[]}
3
4Process exited with code 0
5✓ Completed in 88159ms

1[2026-03-12T22:04:26.625Z] $ mcp-scan --skills /tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner --json
2
3⚠ stderr output:
4WARNING: The 'mcp-scan' package has been renamed to 'snyk-agent-scan'.
5Please update your installation and use 'uvx snyk-agent-scan@latest' instead.
6
7✗ mcp-scan error: Command 'mcp-scan' failed: WARNING: The 'mcp-scan' package has been renamed to 'snyk-agent-scan'.
8Please update your installation and use 'uvx snyk-agent-scan@latest' instead.
9
10
11Process exited with code 1
12✓ Completed in 82726ms

1[2026-03-12T22:04:25.397Z] $ npm audit --json --prefix /tmp/clawguard-scan-wY2SGN/repo/skills/akshaymemane/proactive-daily-planner
2{
3  "error": {
4    "code": "ENOLOCK",
5    "summary": "This command requires an existing lockfile.",
6    "detail": "Try creating one first with: npm i --package-lock-only\nOriginal error: loadVirtual requires existing shrinkwrap file"
7  }
8}
9
10⚠ stderr output:
11npm error code ENOLOCK
12npm error audit This command requires an existing lockfile.
13npm error audit Try creating one first with: npm i --package-lock-only
14npm error audit Original error: loadVirtual requires existing shrinkwrap file
15npm error A complete log of this run can be found in: /home/runner/.npm/_logs/2026-03-12T22_04_24_613Z-debug-0.log
16
17Process exited with code 1
18✓ Completed in 81496ms