Switchgear
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Switchgear appears to be a simple local data manager that stores, lists, exports, and can delete its own switchgear entries without requesting credentials or network access.
This skill looks safe for local switchgear record management. Before installing, be aware that it creates files under ~/.switchgear, can export data into the current directory, and can delete stored entries when asked. Do not store secrets in entries unless you are comfortable keeping them in local plain text.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the remove command is used, stored switchgear entries can be deleted from the skill's local data file.
The script can delete an entry from its local data file when the remove command is invoked; this is expected for a manager tool but is still a data-mutating action.
sed -i "${num}d" "$DATA_DIR/data.jsonl"Use remove only when explicitly intended, and keep backups if the stored entries are important.
Switchgear entries and configuration may remain on disk after the session and could be listed, searched, or exported later.
The script stores user-provided entries persistently in a local home-directory data file, so entered information can remain available across later uses.
DATA_DIR="${SWITCHGEAR_DIR:-$HOME/.switchgear}" ... >> "$DATA_DIR/data.jsonl"Avoid storing secrets or unrelated sensitive information in entries, and change SWITCHGEAR_DIR if you want the data kept in a specific controlled location.