ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Auto Cleaning Disk

v1.0.0

Automatically clean disk space by removing temp files, browser cache, recycle bin/trash, and log files — safely, without deleting any important files. Use th...

0· 222·0 current·0 all-time
by@ahqazi-dev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the code: OS detection and per-OS cleaning scripts are present and limited to temp, caches, trash, and logs. No unrelated credentials, binaries, or external endpoints are requested. This is coherent with the stated purpose.
!
Instruction Scope
SKILL.md promises 'Only delete files older than 1 day' and 'Never delete Documents/Downloads/System folders', but the scripts do not enforce an age check — they delete all items inside target folders. The scripts also iteratively remove directories with shutil.rmtree and evaluate is_dir() which follows symlinks; that can cause deletion of targets outside intended folders if symlinks exist. Scripts operate on system log locations (/var/log, C:\Windows\Logs) which can require elevated privileges and could remove files important for diagnostics. There are no network calls, and scripts only read standard env vars for paths.
Install Mechanism
No install spec (instruction-only plus bundled scripts) — nothing is downloaded or installed automatically. Risk from install mechanism is low.
Credentials
Skill does not request secrets or unusual environment access. Scripts use common environment variables (TEMP, TMP, USERPROFILE) and Path.home(), which is expected for path discovery.
Persistence & Privilege
always is false and the skill does not request permanent presence or modify other skills or system-wide agent settings. It runs locally and interactively (prompts for confirmation when requested).
What to consider before installing
This skill generally does what it says, but there are meaningful safety gaps in the implementation you should consider before running it: - Do not run it as administrator/root until you review/modify the code. Deleting /var/log, C:\Windows\Logs or similar may require elevation and can remove important logs. - The SKILL.md states it will only delete files older than 1 day, but the scripts do not check file modification times — they delete everything inside the listed folders. That mismatch could remove recently created cache or temporary files the user still needs. - Symlink risk: the code can follow directory symlinks (Path.is_dir() follows symlinks) and then shutil.rmtree will remove the linked target. A symlink inside a 'safe' folder could cause deletion outside the intended area. Consider patching the code to skip symlinks entirely or to never follow directory symlinks. - Confirm Mode is safer — use it and review the per-folder prompts before consenting. - Recommended improvements before use: implement and enforce age checks (os.path.getmtime), explicitly skip symlinks for directories (item.is_symlink()), add a dry-run mode that lists what would be deleted, and add explicit whitelist/blacklist checks (do not call shutil.rmtree on paths outside a vetted list). If you are not comfortable reviewing/modifying the Python, prefer not to install or run this skill, or run it in a disposable/test environment and back up any important data first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dv7zxcq261hwn98wqbtv5xh82xy67

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments