Encrypted File Reader
PassAudited by ClawScan on May 10, 2026.
Overview
This is a straightforward local file-reading helper with no network or persistence, but any file it reads may become visible to the AI session.
This skill appears safe for its stated purpose, but only use it on local files you are comfortable sharing with the agent. Be especially careful with files such as .env, cloud state files, source code, logs, or business documents that may contain secrets or confidential information.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If pointed at the wrong path, the tool can reveal local file contents to the AI session.
The tool accepts an arbitrary file path argument and opens that file under the current user's permissions. This is the tool's stated purpose, but it means the agent/user must control which files are read.
file_path = sys.argv[1] ... with open(file_path, 'rb') as f:
Use it only with files you intentionally want the agent to read, and avoid broad or sensitive paths unless necessary.
Secrets or sensitive instructions inside a selected file could be exposed in the conversation or influence the agent's later reasoning.
The supported text extensions include secret-prone configuration/state files, and successful reads are printed to stdout, where the content can enter the agent's context.
'.env', '.env.local', '.env.production', ... '.tfstate' ... print(content)
Review file paths before use, avoid reading credential-bearing files unless required, and treat file contents as untrusted data rather than instructions.