Tar Tool
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is a simple tar archive tool, but its extraction code can write archive contents into the current filesystem without visible path-safety checks.
Review this skill before installing. If you use it, extract archives only in a disposable directory and only from trusted sources. Do not rely on the advertised compression or tar-style commands unless the implementation is fixed to match the documentation and to perform safe extraction.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Extracting an untrusted archive could overwrite project files, configuration files, or other local files accessible to the agent.
The code extracts all archive members into the current working directory without an explicit destination, path validation, extraction filter, or overwrite controls. Malicious tar archives can contain unsafe paths or links on some Python runtimes, which may cause files outside the intended directory to be written or overwritten.
with tarfile.open(args.file, 'r:*') as t:
t.extractall()Only extract trusted archives in a temporary sandbox directory. The skill should implement safe extraction by validating member paths, rejecting absolute or parent-directory paths, using a safe extraction filter where available, and requiring user confirmation before overwriting files.
The agent may believe it created a compressed backup or used documented tar flags when the included implementation does not support those behaviors.
The documentation advertises tar-style flags and compression creation, but the included script only defines a positional archive path, optional files, and an `-x/--extract` flag, and opens new archives with mode `w` rather than compressed modes.
Supports gzip, bzip2, and xz compression ... `-czf archive.tar.gz files`: Create gzip compressed
Verify the actual command behavior before relying on this skill for backups or distribution, and update the documentation or implementation so they match.