ClawHub

Clawdbot Filesystem 1.0.2

v1.0.0

Advanced filesystem operations - listing, searching, batch processing, and directory analysis for Clawdbot

10· 2.8k·45 current·49 all-time
by@lucky-2968
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name, description, and SKILL.md describe a filesystem CLI and require only node — that is coherent. However package.json and SKILL.md both reference a 'filesystem' binary/entrypoint and show a bin mapping, yet no executable file named 'filesystem' is present in the provided file manifest. This missing artifact (and a small version mismatch between registry metadata and package.json/package-lock) is an inconsistency: either the skill is incompletely packaged or it expects additional files from the remote repo. That makes the skill incomplete and requires extra steps that should be audited.
Instruction Scope
The SKILL.md instructions stay within filesystem management scope: list, search, copy, analyze, install via git/ClawdHub, and editing config.json. The instructions do not ask the agent to read unrelated system files or siphon environment variables. They do instruct cloning a repo and making an executable, which is expected for a CLI skill but needs the missing executable to be present in the repo.
Install Mechanism
No formal install spec is provided (instruction-only), which is lower-risk from automatic execution perspective. Installation instructions rely on 'git clone' or ClawdHub; repository URLs are provided in README. Because the package lacks the actual 'filesystem' binary, installing will require fetching additional content from the listed GitHub repo — fetching arbitrary code from a remote repo increases risk and should be reviewed. There are no opaque download URLs or archive-extract steps in the manifest.
Credentials
The skill requests only node as a required binary and declares no environment variables or config paths. package.json lists filesystem read-write permission which is appropriate for a filesystem tool. No unrelated credentials or environment access are requested.
Persistence & Privilege
always is false and disable-model-invocation is false (normal). There is no install script declared that would force persistent background behavior, and the SKILL.md does not instruct modifying other skills or global agent settings. The skill does request filesystem read/write in package metadata which is reasonable for its purpose.
What to consider before installing
This skill largely does what it says, but exercise caution because the package appears incomplete. Before installing or running: 1) Inspect the GitHub repository listed (https://github.com/gtrusler/clawdbot-filesystem) to confirm the 'filesystem' executable/script exists and review its source for network calls, eval/child_process usage, or obfuscated code. 2) Verify release tags and checksums if you download a binary. 3) Do not run install or clone commands as root; test in a contained environment (VM/container) first. 4) Confirm the skill's protective settings (protectedPaths, requireConfirmation) are implemented in the executable and not just documented in SKILL.md/config.json. 5) If you cannot verify the executable or if the repo differs from the package metadata (missing files, version mismatch), treat the package as untrusted and avoid installing it.

Like a lobster shell, security has layers — review code before you run it.

latestvk970n9stg6aqnfxhq6ha5mfqr580hcfb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📁 Clawdis
Binsnode

Comments