Filewave
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: filewave Version: 1.0.0 The skill demonstrates robust security practices for credential management, storing API tokens in `~/.filewave/config` with `chmod 600` permissions and truncating tokens in output (`lib/config_manager.py`). Network activity is confined to the configured FileWave UEM server, utilizing specific and relevant API endpoints (`lib/api_utils.py`, `lib/device_cache.py`, `lib/device_hierarchy.py`). Markdown documentation is clear and does not contain prompt injection attempts. However, the `lib/bulk_update_handler.py` module directly passes user-provided `DeviceName` and `EnrollmentUser` strings from a CSV file to FileWave API `PATCH` endpoints. While the skill itself does not construct malicious payloads, this direct input could be exploited as an injection vector if the FileWave UEM platform's API or UI is vulnerable to XSS or other forms of injection via these fields, classifying it as a potential vulnerability rather than intentional malice.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill may run local code and prompt for credentials earlier than expected.
The documentation describes automatic post-install Python execution, while the supplied registry/install summary says there is no install spec. Because this hook collects server and API token details, the install behavior is materially under-declared.
"The Key Point: Onboarding Runs AUTOMATICALLY During Installation" ... "onInstall": "python3 lib/onboarding.py"
Do not install on a production admin machine until the actual manifest/install hook is reviewed; installation behavior should be declared consistently in registry metadata.
A token used with this skill may allow broad access to managed-device inventory and device metadata changes, including production environments.
The skill requires a bearer API token that can query and mutate FileWave UEM device records and refresh the model, but the registry metadata declares no primary credential or environment-variable contract.
"FileWave API token" ... "Authorization: Bearer <token>" ... "PATCH /filewave/api/devices/v1/devices/{id}" ... "POST /filewave/api/fwserver/update_model"Use a least-privilege FileWave token, separate lab and production profiles, and ensure the skill metadata clearly declares required credentials and write permissions.
A bad CSV or wrong profile could rename or reassign many devices before the mistake is noticed.
The documented bulk workflow can apply CSV-driven changes across many managed devices and then refresh the FileWave model so changes propagate.
"PATCH device name" ... "PATCH enrollment user" ... "After all devices are updated, FileWave's internal model is refreshed"
Test with a small lab batch first, avoid --confirm for production runs, keep backups/exports of current device metadata, and verify the selected profile before running bulk updates.
Sensitive device inventory metadata may remain on the local machine for up to seven days.
The skill persistently caches device identifiers and group mappings for performance, including potentially the entire fleet.
"7-Day TTL Cache: Stores `Device ID`, `Serial Number`, `Device UID`, and `Group` mappings" ... "warm-cache command ... index the entire fleet"
Use the cache only on trusted admin machines, avoid warming the cache unnecessarily, and clear local cache data when no longer needed.