Filesystem Management
v1.0.2Advanced filesystem operations - listing, searching, batch processing, and directory analysis for Clawdbot
⭐ 69· 19.3k·251 current·270 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description match the requested capabilities (listing, searching, batch ops). However package.json and SKILL.md imply a Node-based CLI named 'filesystem' that would be installed/run, yet no 'filesystem' binary/script is included in the published files. Also the documentation instructs cloning from GitHub and npm operations (network activity), but the skill metadata and package.json claim no network permission and only require 'node' (they do not list 'git' or 'npm' as required). These inconsistencies mean the manifest does not reliably represent what will be needed or executed.
Instruction Scope
The SKILL.md instructs the agent/user to clone a remote repo, make an executable 'filesystem', and run commands that access arbitrary paths (including examples touching /var/log, /etc). Those actions are expected for a filesystem tool, but the instructions require network access and local execution of a binary that is not present in the skill bundle. There is no instruction to validate the cloned code beyond simple chmod, so following the instructions blindly could run unreviewed code locally.
Install Mechanism
There is no formal install spec in the registry entry (instruction-only). The SKILL.md suggests 'git clone' and optional 'npm install -g .', which pulls code from a remote GitHub repo at runtime. Since no binary or install archive is bundled, the only way to obtain the runnable program is to fetch remote code. The registry metadata claims 'network: none' while the README/installation explicitly require network access — this mismatch raises risk because the actual install is a network fetch of code that will be executed locally.
Credentials
The skill does not request environment variables or credentials, and the declared primary credential is none — that is proportionate for a local filesystem tool. However, package.json lists 'network': 'none' in 'clawdbot.permissions' despite installation and README requiring network access (git/npm). Also the package.json permissions claim filesystem read-write, which is expected for this functionality but underscores the risk: this skill (if installed/executed) will be able to read and copy files on the host.
Persistence & Privilege
The skill does not set always:true and does not request persistent elevated registry privileges. It is user-invocable and allows autonomous model invocation (the platform default). There is no evidence the skill attempts to modify other skills or system-wide agent settings in the provided files.
What to consider before installing
This skill claims to be a CLI filesystem tool but the published package lacks the actual 'filesystem' executable referenced throughout the docs; the README and SKILL.md instruct you to git clone and run npm commands (network fetch) even though the manifest does not declare network or git/npm requirements. Before installing or running anything: 1) Inspect the remote repository (https://github.com/gtrusler/clawdbot-filesystem) yourself and verify the 'filesystem' script contents and authorship; 2) Do not run any cloned code as root — test in a sandbox/VM or container; 3) Confirm config.json protectedPaths and safety settings are enforced by the actual executable; 4) Be cautious because installing this will grant read (and copy) access to local files — avoid installing if you cannot review the code or trust the source. If you want a safer option, ask for a packaged release (verified GitHub release or an npm package) that you can audit before executing.Like a lobster shell, security has layers — review code before you run it.
latestvk97b4wc4q9w2xjg271w7t15vrd801ept
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📁 Clawdis
Binsnode