v1.0.0

TreeListy

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:19 AM.

Analysis

Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override, unicode-control-chars); human review is required before treating this skill as clean.

GuidanceBefore installing, review the npm package files and install only from a trusted source. Use the optional push feature only with your own local TreeListy bridge, especially if the tree contains business plans, personal details, or other sensitive project information. ClawScan detected prompt-injection indicators (system-prompt-override, unicode-control-chars), so this skill requires review even though the model response was benign.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

README.md

git clone https://github.com/prairie2cloud/treelisty-openclaw-skill.git ~/.openclaw/skills/treelisty ... npm install

The documented setup asks users to clone a repository and install npm dependencies for the Node CLI. This is consistent with the skill's purpose, but it is still a dependency/provenance step users should trust before running.

User impactInstalling the skill may pull the declared npm dependency used for optional WebSocket push support.

RecommendationInstall only from a trusted source and review package.json/package-lock.json before running npm install.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

scripts/push.js

const wsUrl = `ws://${host}:${port}`; ... token: token ... arguments: { tree: tree, source: 'openclaw-skill' }

The optional push feature sends the tree and any supplied token to a WebSocket endpoint. It defaults to localhost and is purpose-aligned, but users should understand what data is sent.

User impactIf used with a non-local or untrusted host, project tree contents and the optional session token could be exposed to that endpoint.

RecommendationUse the push command only with a trusted local TreeListy bridge, avoid remote ws:// hosts unless intentional, and do not push sensitive trees unnecessarily.