Rm Tool
AdvisoryAudited by Static analysis on May 1, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent chooses the wrong path or is prompted into using this tool broadly, important files or directories could be permanently deleted.
The script performs irreversible file and recursive directory deletion on user-supplied paths, with no confirmation, path allowlist, trash/quarantine behavior, or dry-run safeguard.
if os.path.isdir(p) and args.recursive:
shutil.rmtree(p)
elif os.path.isfile(p):
os.remove(p)Use only with explicit per-action user approval. Prefer adding safeguards such as dry-run mode, path restrictions, blocking root/home/protected paths, and moving files to trash instead of permanent deletion.
A small mistake, wildcard expansion, or misunderstood target could remove large parts of a project or user directory.
The documented workflow encourages recursive force deletion; a single mistaken directory target can cascade across many files and subdirectories.
rm-tool -rf temp_directory/
Require the agent to show the exact resolved paths and obtain explicit confirmation before recursive or force deletion, and avoid allowing autonomous use of this skill.
Users may believe they can rely on a confirmation prompt that the actual tool does not provide.
The documentation advertises an interactive confirmation option, but the included script only defines recursive and force options and does not implement interactive prompting.
- `-i`: Interactive (prompt before each removal)
Implement the documented interactive option before use, or remove the claim and clearly state that deletions happen immediately.