Filesystem Management
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a normal file-management helper, but it can access local files and the reviewed package does not include the executable that would implement the documented commands.
This skill is coherent with its stated purpose, but it is powerful: it can search file contents and copy files. Keep commands scoped to the folders you intend, use dry-run for copy operations, and review any external GitHub/npm code before installing because the runnable executable was not included in the scanned package.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with broad paths, the agent could inspect many local file contents or copy files into new locations.
The skill exposes content search and batch copy operations. These are expected for filesystem management, but broad paths or copy targets could reveal or modify local files.
filesystem search --pattern "TODO" --path ./src --content filesystem copy --pattern "*.log" --to ./backup/ --dry-run
Use explicit, narrow paths; run copy operations with dry-run first; avoid sensitive directories unless that is the intended task.
The skill may read or write local files within the current user's permissions when asked to perform filesystem tasks.
The package declares read-write filesystem authority. That is purpose-aligned for this skill, but it means the tool can operate on files available to the current user.
"permissions": {
"filesystem": "read-write",
"network": "none",
"system": "none"
}Install only if you want the agent to have local file-management capability, and review commands that write, copy, or overwrite files.
The safety of the actual runnable CLI depends on code that was not included in the reviewed artifact set.
The documentation describes installing executable code from an external repository/global npm workflow, while the reviewed artifacts do not include the actual `filesystem` executable referenced by package.json.
git clone https://github.com/gtrusler/clawdbot-filesystem.git cd clawdbot-filesystem ... npm install -g .
Before running or globally installing the external CLI, review the repository contents and confirm they match the documented permissions and safety behavior.