Skillv1.0.0

ClawScan security

Dup File Finder · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 16, 2026, 8:58 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions are consistent with a simple duplicate-file finder: it reads files under a given directory, computes SHA-256 checksums, and prints groups of duplicates; there is no network activity, credential access, or installer behavior that contradicts its stated purpose.
Guidance: This skill appears to be what it claims, but note the small issues before using: SKILL.md references dup_file_finder.py while the shipped file is tool.py — rename or adjust the command. Run the script only on directories you intend to scan (avoid running as root or scanning entire system roots), since it will attempt to read every file under the directory and print full paths. The code does not perform deletions or network requests, so it won't exfiltrate data, but it may be slow on large trees and may raise permission or device-read errors for special files. The package has no listed source or homepage — if you need stronger assurance, obtain the tool from a known author or review/modify the script before use.

Review Dimensions

Purpose & Capability: okThe name and description (find duplicate files to free disk space) match the included Python code which recursively walks a directory, computes SHA-256 checksums, and reports files with identical hashes. It does not request unrelated permissions, credentials, or external services.
Instruction Scope: noteSKILL.md instructs running 'python dup_file_finder.py' but the provided file is tool.py (minor mismatch that will cause a runtime error if the exact name is required). The instructions otherwise match the code. The code will attempt to open and read every file under the target directory (including binaries and system files) and will print full file paths; this is expected for deduplication but you should avoid running it as root or against system roots unless intended. The skill only lists duplicates and does not delete files.
Install Mechanism: okThere is no install spec and the skill is instruction-only with a single Python script included. No external downloads, package installs, or archive extraction are performed.
Credentials: okNo environment variables, credentials, or config paths are requested. The tool only reads filesystem paths provided by the user, which is proportionate to its purpose.
Persistence & Privilege: okThe skill does not request persistent presence (always:false) and does not modify agent or system configuration. It does not store or exfiltrate data and has no autonomous privileged behavior beyond normal agent invocation.