Cloud Storage
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken transfer, sync, or delete operation could affect important cloud files or incur costs.
Cloud storage sync and management operations can modify, overwrite, or remove files across accounts. This is purpose-aligned and the skill includes safety checks, but the impact can be significant if used without user review.
User needs to upload, download, sync, or manage files across cloud storage providers.
Confirm source, destination, scope, costs, and backup/restoration checks before approving bulk syncs, migrations, or deletions.
Over-scoped or mishandled credentials could allow unintended access to cloud files or account resources.
The skill describes use of cloud credentials, service account keys, CLI logins, and OAuth tokens. These are expected for the stated purpose, and the document gives some least-privilege guidance, but these credentials can grant broad cloud storage access.
export AWS_ACCESS_KEY_ID=AKIA...; export AWS_SECRET_ACCESS_KEY=...; export GOOGLE_APPLICATION_CREDENTIALS=/path/to/key.json; export AZURE_CLIENT_SECRET=...
Use least-privilege service accounts or scoped OAuth permissions, avoid root/admin keys, rotate secrets, and avoid exposing credentials in chat or logs.
It may be harder to independently verify the author or maintenance history of the guidance.
The artifacts do not provide a public source or homepage for provenance. Because there is no executable code or install step, this is only a provenance note, not a concrete unsafe behavior.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Review the included instructions and cross-check provider-specific guidance against official cloud provider documentation before acting on sensitive operations.