Zip Tool
ReviewAudited by ClawScan on May 15, 2026.
Overview
This looks like a simple local ZIP helper, but its documentation claims encryption and archive-management features that the included code and install metadata do not support.
Review before installing. This appears to be a local ZIP-creation helper, but do not rely on its advertised password protection or AES encryption unless you independently verify a real implementation. Also confirm what `zip-tool` command would run on your system, because the package does not provide a clear install mapping.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could trust the skill for password-protected or encrypted archives even though the packaged code does not provide those protections.
This is the only included implementation, and it only creates a basic ZIP. It does not implement the SKILL.md claims for password protection, AES-256 encryption, listing, extraction, update, or deletion.
parser.add_argument('output')
parser.add_argument('files', nargs='+')
...
with zipfile.ZipFile(args.output, 'w') as z:
for f in args.files:
z.write(f, arcname=f)Do not rely on this skill for confidential archives unless the encryption and archive-management features are actually implemented and verified; the documentation should be corrected or the missing functionality should be added with clear tests.
The command may fail or may resolve to an unrelated local executable named `zip-tool` if one exists.
The skill documents a `zip-tool` executable, but the metadata says there is no install spec and no required binary. The included script is `scripts/zip.py`, so the command provenance is unclear.
zip-tool [OPTIONS] ARCHIVE [FILES...]
Verify the installed command before use, or update the package metadata/install mechanism so the documented command clearly maps to the included reviewed script.
Follow-on steps could proceed using an archive that was not created correctly.
The script reports an error but does not exit with a nonzero status, so an agent or automation could mistake a failed or partial archive operation for success.
except Exception as e: print(f"Error: {e}", file=sys.stderr)Change error handling to exit with a failure status, and have users verify archive creation before relying on the output.