findFilePath

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This instruction-only skill is purpose-aligned for finding local file paths and does not show evidence of hidden code, credentials, persistence, uploading, or file modification.

This skill appears safe for its stated purpose. Be aware that file paths and filenames can contain private information, so start with targeted folders and only expand to a whole-disk search if you are comfortable exposing matching path metadata to the agent.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

Low

What this means

A broad search may reveal private file names or folder paths to the agent, even if file contents are not opened.

Why it was flagged

The skill instructs the agent to search local filesystem locations, potentially broadly. This is expected for a file-finding skill, but users should understand the scope before allowing a whole-disk search.

Skill content

Search common directories... Home directory, Desktop, Documents, Downloads... Optionally expand to the entire disk if needed

Recommendation

Prefer searching specific folders first and only allow whole-disk searches when necessary.