Tree Tool
PassAudited by ClawScan on May 5, 2026.
Overview
This appears to be a simple local directory-tree viewer with no network or credential access, but its documented options do not fully match the included script and it can reveal filenames if run on sensitive folders.
This skill looks safe for basic local directory visualization. Before installing or using it, be aware that it lists filenames from whatever path it is run on, and the advertised options do not match the included script; avoid running it on sensitive directories unless you are comfortable with the resulting file and folder names appearing in the agent output.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running it on a home directory, project root, or other sensitive folder may reveal the names of private files or directories, though the script does not read file contents.
The tool accepts an arbitrary local path and recursively prints directory entry names. This is the stated purpose, but broad paths can expose private filenames or folder names if the output is shared.
parser.add_argument('path', nargs='?', default='.') ... items = sorted(os.listdir(p)) ... print(prefix + ('└── ' if is_last else '├── ') + item)Run it only on intended folders, use a limited depth, and review the output before sharing it with others.
Commands copied from the documentation may fail or behave differently than expected, including showing hidden filenames by default rather than only with a hidden-file option.
This code defines -d as a depth argument, while SKILL.md documents -d as directories-only and lists other options such as -L, -a, -h, and -I that the script does not implement. Users may over-trust documented scope or filtering controls that are not actually present.
parser.add_argument('-d', '--depth', type=int, default=3)Verify the actual supported arguments before relying on the documented options, and do not assume exclusion or hidden-file controls are available unless implemented.