Skillv0.4.0

ClawScan security

Remote Disk Mount · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 27, 2026, 5:56 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's instructions and requirements are coherent for a Debian/Ubuntu remote-mount helper — it needs sudo and apt packages to perform mounts and does not request unrelated secrets or external installs, but it legitimately requires privileged operations and handling of sensitive credentials which the user must manage carefully.
Guidance: This skill appears to do what it says, but mounting remote storage requires root actions and careful handling of credentials. Before using: confirm you're on Debian/Ubuntu; prefer SSH keys for SFTP; avoid placing long-lived plaintext credential files under /root (delete immediately after use or store securely with strict permissions); prefer user-space FUSE mounts when possible to limit root exposure; verify the remote server is trusted (malicious servers can attack clients via filesystem content); double-check mount-point paths and uid/gid options; and do not paste plaintext passwords into the chat. If you need higher assurance, run these commands manually or in a sandboxed VM and inspect any credential files before deleting them.

Review Dimensions

Purpose & Capability: okThe name/description (mount SMB/FTP/SFTP/WebDAV) matches the instructions. Requiring sudo and apt packages for Debian/Ubuntu is expected. There are no unrelated environment variables, binaries, or external services requested.
Instruction Scope: noteThe SKILL.md stays within the stated purpose: it collects protocol/server/user info, installs packages with sudo apt, creates mount points, and runs mount commands. It warns about passwords and asks for user confirmation before sudo. Points to note: it instructs creating a credential file at /root/.smbcredentials (sensitive and requires root), there are small inconsistencies in mount-point paths used (~/mount_<name>, ~/mount_name, /mnt/webdav), and some mounts use root-mounted mount.cifs vs user-space FUSE (behavior/permissions differ). These are expected for this task but are security-relevant and should be handled carefully.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files; no downloads or package installs performed by the skill itself. The instructions ask the user/agent to run apt installs on-demand, which is appropriate and expected.
Credentials: okThe skill requests no environment variables or external credentials in metadata. It does instruct creating local credential files (e.g., /root/.smbcredentials) which are necessary for some mount options but are sensitive — the SKILL.md warns to remove them after use.
Persistence & Privilege: noteThe skill requires privileged operations (sudo, writing files under /root) to function, which is proportionate to mounting filesystems. It does not request persistent or always-on privileges (always:false) and does not modify other skills or system-wide agent settings.