Inventory
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: inventory Version: 1.0.0 The OpenClaw AgentSkills skill bundle for 'inventory' appears benign. The `_meta.json` file contains standard metadata. The `SKILL.md` file outlines the desired behavior for an AI agent to manage a personal inventory system, including creating a `~/inventory/` workspace and tracking item details. There are no instructions for data exfiltration, malicious execution, persistence, or prompt injection attempts against the agent. All described actions are directly relevant to the stated purpose of inventory management and do not suggest any intent to harm or compromise the system.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the inventory folder is exposed, synced, or shared unintentionally, someone could learn what valuables you own, where they are located, and identifying purchase or serial-number details.
The skill creates persistent local inventory records containing sensitive details about valuable items, where they are stored, and documentation such as receipts and serial numbers.
Create `~/inventory/` as workspace ... Location: room, drawer, box, storage unit ... Serial numbers for electronics ... Receipt photos or PDFs linked
Keep the inventory folder private, consider encrypting or access-restricting it, and avoid storing more serial numbers, receipts, photos, or location detail than you need.