entr
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: entr Version: 1.0.0 The skill bundle describes the `entr` utility, which allows executing arbitrary commands when files change. While `entr` is a legitimate tool, its core functionality of running "arbitrary commands" and specifically the `-s` option (evaluating arguments using `SHELL`) provides a broad and powerful command execution primitive. This capability, exposed as an AI agent skill, presents a significant risk for potential misuse or prompt injection, even though the skill itself does not demonstrate explicit malicious intent. The `SKILL.md` file details these capabilities.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A command may run repeatedly whenever watched files change, so a risky command could repeatedly modify files or affect the local environment.
The skill's main function is to execute user-chosen local commands in response to file changes. This is expected for entr, but it is broad authority if used with destructive or untrusted commands.
`entr` takes a list of filenames from standard input and executes the utility specified as the first argument.
Use explicit, safe commands for watch mode, avoid destructive commands unless intentionally requested, and review shell-evaluated commands before running them.
If untrusted or poorly quoted text is used with '-s', the shell may interpret it in unintended ways.
The documented '-s' option invokes shell interpretation. This is a normal entr feature, but shell evaluation is more sensitive than passing a fixed executable and arguments.
`-s`: Evaluate the first argument using the interpreter specified by `SHELL`.
Prefer direct command arguments over '-s' when possible, and only use '-s' with commands that have been reviewed and quoted safely.
A background watch process may keep running and re-run commands after additional file changes.
The instructions explicitly allow a long-running background watcher. This is disclosed and purpose-aligned, but it can continue operating until stopped.
Use `process` tool to run it in the background if you need to do other things.
Monitor background watchers and stop them when the build, test, or reload task is complete.
Users may need to install entr separately and should choose a trusted package source.
The skill documents use of the external entr CLI but does not declare a required binary or installation source. This is a setup/provenance clarity gap rather than evidence of unsafe code.
Required binaries (all must exist): none ... No install spec — this is an instruction-only skill.
Install entr only from a trusted OS package manager or upstream source, and consider declaring the required binary in metadata.