ClawHub

Filesystem

PassAudited by VirusTotal on May 12, 2026.

Overview

Type: OpenClaw Skill Name: filesystem Version: 1.0.0 The skill bundle provides extensive capabilities for arbitrary shell command execution, including file creation, modification, deletion, and the installation of new software via `brew install` (e.g., `tree`, `fd`, `ripgrep`) as seen in `SKILL.md`. While these operations are presented as legitimate filesystem management tools, their broad scope and power, particularly the ability to install external programs and modify files in-place (`sed -i`), introduce significant security risks. There is no explicit malicious intent within the provided files, but these capabilities could be easily abused for data exfiltration, system compromise, or persistence if the agent is prompted maliciously or operates in an insecure environment.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Note
ASI02: Tool Misuse and Exploitation
What this means

A mistaken or overbroad command could move, rewrite, or delete local files in bulk.

Why it was flagged

The skill documents recursive batch deletion commands. This is expected for a filesystem utility, but these commands can remove many files if run with the wrong directory, pattern, or age filter.

Skill content
find . -name "*.tmp" -delete ... find . -type f -mtime +30 -delete
Recommendation

Use this skill only with clear target paths and patterns; preview affected files first, keep backups, and explicitly approve destructive operations before running them.

Note
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Installing optional tools changes the local environment and depends on the package manager and package provenance.

Why it was flagged

The skill suggests optional package installation through Homebrew even though there is no install spec or required binary declaration. The installs are user-directed and purpose-aligned, but they introduce external tooling.

Skill content
brew install tree ... brew install fd ... brew install ripgrep
Recommendation

Install optional tools only if needed, from a trusted package manager, and review package names before approving installation.