Umask Tool
PassAudited by VirusTotal on May 6, 2026.
Overview
Type: OpenClaw Skill Name: umask-tool Version: 1.0.0 The skill bundle provides a simple utility to display the system's current umask. While the documentation in SKILL.md suggests the tool can also set the mask, the implementation in scripts/umask.py only retrieves and prints the current mask using os.umask(0). The code is non-malicious and lacks any high-risk behaviors or indicators of compromise.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this code is used by the agent in a persistent process, later files may be created with overly permissive default permissions.
Calling os.umask(0) does not merely read the current mask; it changes the process umask to 000 and returns the previous value. The script does not restore the old mask or honor a user-supplied mask.
print(oct(os.umask(0)))
Do not rely on this skill as-is. The script should restore the previous mask when displaying it, parse and validate user-supplied masks, and clearly document whether changes affect only a subprocess or the user's shell/session.
A user or agent may believe they are only checking the current setting while actually invoking code with a permission-changing side effect.
The documentation presents the no-argument command as a read-only display operation, but the included implementation changes the umask to 000 before printing the previous value.
# Show current mask umask-tool
Update the documentation and implementation so the display path is genuinely read-only or explicitly restores any temporary change immediately.