ClawHub

File Organizer

v1.0.0

Automatically organize, categorize, and clean up files. Use when user wants to (1) organize downloads or folders, (2) sort files by type/date/size, (3) find...

0· 14·0 current·0 all-time
by@di5cip1e
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (organize, sort, find duplicates, bulk rename, clean up) matches the instructions: scanning directories, computing hashes, moving/renaming, and deleting files. No unrelated credentials, binaries, or installs are requested.
Instruction Scope
SKILL.md instructs the agent to recursively scan directory trees, read file contents (hashing), move/rename files, and delete old files. Those actions are appropriate for the stated purpose but are inherently destructive and require care: the examples rely on reading entire files into memory (md5 via read_bytes()), use file.unlink() for deletion (the doc suggests using trash but code shows permanent delete), and the safety rules are advisory ("Always confirm") rather than enforced. The code samples also omit some imports (e.g., Path from pathlib) and do not handle large files or permission errors.
Install Mechanism
Instruction-only skill with no install spec or downloaded artifacts. This minimizes supply-chain risk because nothing is written to disk by an installer.
Credentials
The skill requests no environment variables, credentials, or config paths. This is proportionate to a local file-management tool.
Persistence & Privilege
always:false (normal). The skill is allowed to be invoked autonomously by the agent (disable-model-invocation:false). Autonomous invocation combined with arbitrary filesystem operations can be risky if the agent is permitted to act without human confirmation; this is a platform-level consideration rather than an incoherence in the skill itself.
Assessment
This skill appears to do what it says, but it reads and modifies arbitrary files and can permanently delete data. Before installing or running it: (1) restrict it to a specific test folder—do not give it system or home root paths; (2) run in 'scan/plan' or dry-run mode first and review the proposed changes; (3) require explicit confirmations for deletions and prefer moving to Trash/recycle bin rather than unlinking; (4) back up important data before use; (5) be cautious about very large files (the example loads files into memory for hashing) and permission errors; (6) if you need stronger safety, disable autonomous invocation so the agent cannot run it without your explicit approval.

Like a lobster shell, security has layers — review code before you run it.

latestvk97820q11f0dfxx7sgya0b17v984dxvz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments