the ediscovery claw
ReviewAudited by ClawScan on May 1, 2026.
Overview
The skill is a coherent local e-discovery CLI wrapper, but it handles very sensitive legal documents and should be installed and used deliberately.
This appears aligned with its e-discovery purpose, but install it only after verifying the Homebrew source. Before using it, decide which custodians, folders, cloud accounts, and matters are authorized, and protect or clean up the local ~/.edisclaw/ data store.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill means trusting the Homebrew tap and the edisclaw binary it provides.
The skill depends on an externally installed CLI binary from a Homebrew tap rather than code included in the skill artifact.
brew | formula: legal-tools/tap/edisclaw | creates binaries: edisclaw
Verify the Homebrew tap, repository, publisher, and formula contents before installing or updating the binary.
Incorrect culling or production commands could affect legal review results or create incorrect production files.
The documented CLI can remove documents from a review set and generate legal production outputs; these are expected e-discovery actions but high-impact if run with the wrong matter, filters, or tags.
`edisclaw cull --matter "Smith v. Jones" --exclude-filetype jpg,png,gif` — Remove images ... `edisclaw produce --matter "Smith v. Jones" --tag "responsive" --format concordance`
Have the agent confirm matter names, custodians, date ranges, tags, and output formats before running culling or production commands.
If enabled, the tool may access cloud-hosted custodian data that could include confidential, privileged, or personal records.
The optional Google Drive ingestion path may require delegated access to a cloud account or workspace data, which is purpose-aligned but sensitive.
`edisclaw ingest --source gdrive --custodian "CEO" --matter "Investigation"` (Pro)
Use least-privilege cloud access, confirm OAuth or account scopes, and ingest only approved custodians and folders.
Confidential ESI may remain on the local machine after ingestion and could be exposed if the workstation or local storage is not protected.
The skill persists indexed or processed e-discovery data locally, which is expected for this workflow but can contain highly sensitive legal material.
All data stored locally in `~/.edisclaw/` — ESI never leaves your machine on Free tier
Protect the ~/.edisclaw/ directory, use disk encryption, define retention/deletion practices, and avoid ingesting unrelated private files.