Disk Health Guardian
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the remote installer or mirror content is changed or compromised, the user could run unintended code on their machine.
The skill fetches a third-party installer executable from runtime mirror URLs, but the artifacts show no checksum, signature verification, or pinned installer version.
url = f"https://{host}.easeus.com/epm/free/epm_free_ob.exe?source=skills&dest={dest_arg}" ... fh.write(response.read())Download only from the official vendor page, verify the publisher signature or checksum before running, and prefer a pinned or reviewed installer source.
Software can be installed or system settings changed with fewer prompts than a normal interactive installer.
The downloaded executable is immediately executed with silent-install flags, reducing user visibility into what the installer is doing.
subprocess.run([str(dest_path), "/verysilent", "/suppressmsgboxes", "/norestart", "/log"], check=False)
Avoid the silent installer path unless you trust the source; run the installer interactively and review prompts before approving installation.
A mistaken or overly broad disk operation could alter partitions, filesystems, or data.
The documented workflow expects elevated privileges and acknowledges possible disk write operations, which is high-impact authority for a skill framed mainly as diagnostics.
Run terminal as Administrator before script execution or app launch ... Approve User Account Control prompts ... Confirm the target disk appears before any write operation
Use read-only diagnostics when possible, back up important data first, and do not approve partition or filesystem write operations unless you explicitly intend them.