Folders
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may remember where your important folders are across later uses of the skill.
The skill creates persistent local memory of folder paths and notes. This is purpose-aligned, but folder names and project locations may be sensitive.
Maintain a lightweight index at `~/.config/folder-index.json` to know where important things are without rescanning.
Install only if you are comfortable with a local folder index, and periodically review or delete ~/.config/folder-index.json if it contains sensitive paths.
If asked to clean folders, the agent could move build or dependency directories to trash, which may affect local development until rebuilt.
The skill includes local cleanup guidance that can remove folders, though it mitigates impact by using the OS trash and focusing on common rebuildable artifacts.
Use OS trash instead of permanent delete ... Build artifacts safe to delete: node_modules, __pycache__, .gradle, build/, target/, Pods/, .next/
Confirm cleanup actions before they run, especially in work projects or on network drives.