Documents
Security checks across malware telemetry and agentic risk
Overview
This is a coherent local document-organizing skill, but it involves cataloging very sensitive personal records that should be protected carefully.
Before installing, decide whether you are comfortable letting an agent help maintain a local index of IDs, financial records, medical records, legal documents, and similar private information. Use encrypted folders for scans, avoid putting full sensitive numbers in Markdown files, and periodically review the ~/docs/ contents for unnecessary sensitive details.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the local document index is not protected, sensitive document references, locations, expiry dates, account references, or medical/legal details could be exposed to other local users, backups, sync tools, or future agent sessions.
The skill instructs the agent to build a persistent local document catalog containing highly sensitive personal categories such as identity, financial, medical, and legal records.
Create `~/docs/` as workspace ... identity/ ... financial/ ... medical/ ... legal/ ...
Keep only minimal references in the index, avoid storing full ID/account numbers, use encrypted storage for scans and sensitive notes, restrict file permissions, and review what the agent writes before saving.