Durable Files Weekly Review (Public)
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: durable-files-weekly-review-public Version: 1.0.0 The skill is designed for a weekly audit of specific markdown files within a workspace, generating a local report on file metrics and potential stale content. The Python script `durable_files_review_generic.py` only reads files from the specified `--root` directory and writes a markdown report locally; it does not perform any deletions, modifications, network calls, or data exfiltration. The `SKILL.md` instructions explicitly emphasize requiring user approval before any deletions, acting as a safeguard against prompt injection attempts to bypass approval. All content aligns with the stated purpose and lacks any indicators of malicious intent or harmful capabilities.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The scan may process sensitive persistent workspace context, even though the included script only reports metrics and stale-marker matches rather than copying full file contents.
The skill intentionally reviews durable instruction, memory, and identity files, which may contain persistent context or private user/agent guidance.
Audit these files relative to a workspace root: ... `MEMORY.md` ... `IDENTITY.md` ... `AGENTS.md`
Use it only on the intended workspace, review the generated report, and avoid pointing it at roots that contain unrelated sensitive durable files.
Approving the wrong cleanup could remove useful persistent instructions or change how future agents behave in the workspace.
Cleanup edits to durable instruction files can persist across future sessions and influence later agent behavior, but the artifact clearly requires explicit approval first.
Require explicit user approval before any deletions. Apply approved edits and post concise changelog.
Approve cleanup in small batches, keep the changelog, and consider backing up important durable files before accepting deletions.