Skillv1.0.0

ClawScan security

findFilePath · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 4, 2026, 8:39 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's stated purpose (locating local files) matches its requirements and there is no install or secret access requested, but the runtime instructions are somewhat vague about how broad searches are performed and where results might be sent, so exercise normal privacy precautions.
Guidance: This skill appears to do what it says (search local folders for file names) and doesn't request credentials or installs. However: (1) a full-disk search can reveal sensitive file paths — consider restricting searches to specific directories (Home, Documents) rather than allowing entire-disk scans; (2) the SKILL.md's statement that it 'does not upload or share files' is not technically enforced by the skill metadata — confirm how the agent will handle and where it will display or transmit results before use; (3) the skill source is unknown — if you need higher assurance, ask the publisher for the exact commands/APIs the skill uses or request the SKILL.md be expanded to list platform-specific search methods, or run it in a sandboxed environment first; and (4) if you are worried about autonomous runs, disable autonomous invocation for this skill or limit its permissions in your agent configuration.

Purpose & Capability: okName and description (find local files) match the contents of SKILL.md. The skill requests no binaries, no environment variables, and no install — all proportionate for a read-only file-search helper.
Instruction Scope: noteSKILL.md instructs the agent to search common directories (Home, Desktop, Documents, Downloads) and optionally the entire disk. The instructions are high-level and do not specify which OS commands or APIs will be used. That makes the scope coherent but ambiguous: a full-disk search can read paths to sensitive files, and the skill's claim that it 'does not upload or share files' is a policy statement in prose, not an enforceable constraint.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest install risk (nothing written to disk by an installer).
Credentials: okNo environment variables, credentials, or config paths are required — appropriate for a local file-search utility.
Persistence & Privilege: okalways:false and no special privileges requested. The skill may be invoked autonomously by the agent (platform default), which is normal; if you are concerned about privacy, control autonomous invocation in the agent settings.