Enterprise File Writer
PassAudited by ClawScan on May 10, 2026.
Overview
The skill does what it claims—writes user-specified local files—but it can overwrite or append to any file the user account can access.
This appears reasonable to install if you need a local file-writing helper. Use it carefully: provide exact paths, review before overwriting important files, avoid sensitive/system locations unless intended, and verify the source for enterprise environments.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent or user supplies the wrong path, the tool could overwrite or append to important local files that the user account can access.
The skill intentionally enables local file creation and overwriting, including automatic directory creation. This is purpose-aligned, but a mistaken invocation could modify important files.
覆盖写入 | (默认) | 如果文件存在则覆盖,不存在则创建 ... 写入前会自动创建不存在的目录
Use explicit paths and content, avoid system or sensitive configuration files unless intentional, and back up important files before overwriting them.
It may be harder to independently verify that the package came from the expected publisher or repository.
The registry metadata does not provide a verified source or homepage. This is a provenance note, not evidence of malicious behavior, especially because no install script or external dependency is present.
Source: unknown; Homepage: none
For enterprise use, verify the publisher, repository, and reviewed copy before relying on the skill for file writes.