ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

workspace-manager

v1.0.0

用于管理和维护 OpenClaw 工作区的结构。当用户提到工作区混乱、需要整理文件夹、或者希望建立标准目录结构时使用。提供自动归档、分类、清理和健康审计功能。

1· 84·0 current·0 all-time
bymusenlinc@mslchy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description align with the bundled scripts: organize, audit, cleanup, archive and optional cloud sync. However the package does not declare binaries it actually uses (e.g., trash-put, gog, jq) in metadata, which is an omission and reduces clarity about required runtime tools.
!
Instruction Scope
SKILL.md instructs the agent to run the included scripts (good), but there is a behavioral mismatch: SKILL.md emphasizes 'default dry-run' for destructive operations, yet pipeline.sh will call cleanup.py with --execute by default (i.e., perform deletions) unless the user explicitly supplies --dry-run. The scripts traverse and modify the entire workspace path (~/.openclaw/workspace by default) and can move/delete (via trash) many files; archive.sh and cleanup.py prompt for confirmation but pipeline may invoke them non-interactively. The sync step can upload workspace files to Google Drive if 'gog' is installed and authenticated.
Install Mechanism
No install spec (instruction-only) — lowest install risk. Files are shipped as scripts (no remote downloads). No install-time network fetches or extract operations were found.
!
Credentials
The skill requests no environment variables or declared credentials, yet sync.sh can upload data to Google Drive using the gog CLI (requires user authentication outside the skill). The scripts also call external tools (trash-put, jq) without declaring them. The optional sync defaults (sync_human: true) would upload Workspace_Human content if 'gog' is present and authenticated, which may include sensitive files unless the user configures sync-config.json carefully.
Persistence & Privilege
always:false and no attempt to modify other skills or system-wide agent settings. The skill creates/changes files only under the workspace directory and writes logs there — expected behavior for a workspace manager.
What to consider before installing
Before installing or running this skill: (1) Inspect the scripts locally and back up your ~/.openclaw/workspace directory. (2) Run pipeline.sh with --dry-run (or call the individual scripts in preview mode) to see proposed changes; do not rely on SKILL.md's assertion of default dry-run because pipeline.sh will run cleanup with --execute by default unless you pass --dry-run. (3) Be aware the sync step can upload files to Google Drive if you have the 'gog' CLI installed and authenticated — disable or review config/sync-config.json if you don't want uploads. (4) Ensure required helper tools (trash-put, gog, jq) are intentionally installed or remove calls to them; trash-put is used for safe deletion fallback. (5) Consider running the skill on a test workspace first and verify config/patterns.json protected paths include any sensitive locations. If you want this skill but prefer safer defaults, change pipeline.sh to default to dry-run and set sync_human/sync_agent to false in config/sync-config.json.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bgv49g5rjamx1zqb64mjqj183749j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments