Unzip Tool
PassAudited by VirusTotal on May 6, 2026.
Overview
Type: OpenClaw Skill Name: unzip-tool Version: 1.0.0 The unzip-tool is vulnerable to Zip Slip (path traversal) because scripts/unzip.py uses zipfile.extractall() without validating member paths, which could allow an attacker to overwrite files outside the target directory. Additionally, there is a significant discrepancy between the features documented in SKILL.md (listing, overwrite control) and the actual implementation in scripts/unzip.py, which lacks these capabilities.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Extracting an untrusted or unexpected archive could overwrite files in the target directory or place many files there.
The script extracts all ZIP members to the chosen directory. This is expected for the skill's purpose, but it writes local files and does not prompt before overwriting existing paths.
with zipfile.ZipFile(args.file, 'r') as z:
z.extractall(args.dir)Extract only archives you trust, use a new empty destination directory, and consider adding non-overwrite, list, and validation behavior before extraction.
A user or agent may expect safety or inspection options that are not actually available in the provided implementation.
The documentation advertises controls such as selective extraction, archive inspection, and overwrite handling, while the included script only parses an archive path and destination directory and then extracts everything.
support for selective extraction, overwrite control, and archive inspection
Align the documentation with the script or implement the advertised -l, -n, -o, test, and selective extraction behavior.