Dir Text Search

v1.1.0

This skill should be used when the user wants to search for text or regex patterns inside a directory, including inside ZIP / RAR / TAR / 7z archives recursi...

⭐ 0· 85·0 current·0 all-time

by@trylovecatch

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for trylovecatch/dir-text-search.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Dir Text Search" (trylovecatch/dir-text-search) from ClawHub.
Skill page: https://clawhub.ai/trylovecatch/dir-text-search
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install dir-text-search

ClawHub CLI

Package manager switcher

npx clawhub@latest install dir-text-search

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

medium confidence

✓

Purpose & Capability

Name/description ask for directory and archive text searching and the repository includes a dedicated Python script (scripts/search_tool.py) that implements recursive file traversal, archive extraction, encoding fallbacks, and pattern matching. No unrelated binaries, env vars, or external services are requested.

ℹ

Instruction Scope

SKILL.md instructs the agent only to collect path and pattern parameters, run the bundled script, and present results — all within the declared purpose. The script extracts archives to a temporary directory and cleans up. However, the provided script listing is truncated so the tail of the logic (final scanning/writing/reporting) couldn't be fully reviewed. The script attempts to mitigate path traversal when extracting ZIP and TAR members, but the TAR extraction branch contains an odd use of extractall(filter="data") (likely incorrect API use) and the manual filtering checks are simple (reject names with '..' or leading '/'); edge-cases such as symlink entries or more subtle archive attacks may not be fully handled. This is an implementation detail rather than a purpose mismatch, but worth reviewing before use on sensitive data.

✓

Install Mechanism

No install spec is provided (instruction-only skill plus a local script). Optional Python deps (rarfile, py7zr, chardet) are documented and installed via pip if the user chooses; there are no downloads from untrusted URLs or opaque installers.

✓

Credentials

The skill declares no required environment variables, no credentials, and no config paths. The SKILL.md and visible script do not attempt to read environment secrets or unrelated system configuration.

✓

Persistence & Privilege

always is false and the skill does not request persistent or privileged platform presence. It does not modify other skills or system-wide settings in the visible parts of SKILL.md or the script.

Assessment

This skill appears coherent and matches its description, but before installing or running it on sensitive data: (1) provide the rest of scripts/search_tool.py for a full audit (the file listing you supplied is truncated); (2) run the script in a sandbox or on non-sensitive copies first; (3) do not run it as root — run it as a low-privilege user; (4) confirm optional dependencies (rarfile/py7zr) are installed intentionally; (5) if you plan to scan untrusted archives, review or test the archive-extraction code for symlink/absolute-path extraction edge-cases to ensure it truly prevents path traversal and symlink escapes. If you can supply the full script contents I will re-evaluate and raise the confidence level.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fc89s1272hnswwy9mhvxmw184xv5f

85downloads

0stars

2versions

Updated 1w ago

v1.1.0

MIT-0

dir-text-search — 目录文本搜索技能

功能概述

在指定目录下递归搜索文本或正则表达式，支持：

文本文件（.txt .log .cfg .conf .ini .md .json .xml .py .java 等）
压缩包递归解压搜索（.zip .rar .tar .tar.gz .tar.bz2 .7z）
嵌套压缩包（解压后继续递归扫描）
多编码自动探测（UTF-8 → GBK → latin-1）
超大文件（> 100 MB）自动跳过并警告
结果按时间戳自动命名，保存在 search_results/ 子目录，不会覆盖旧结果

触发场景

以下用户请求应加载本 Skill：

"在 X 目录下查找 Y"
"搜索所有日志中包含 error 的行"
"在压缩包里找 Account_Main"
"帮我 grep \d{4}-\d{2}-\d{2} 这个模式"
任何需要在文件/压缩包中批量搜索字符串或正则的请求

核心脚本

脚本路径：scripts/search_tool.py

标准调用方式

python scripts/search_tool.py --path <目标目录> --pattern "<搜索文本或正则>"

参数说明

参数	简写	说明	默认值
`--path`	`-p`	要搜索的目标目录路径	交互式输入
`--pattern`	`-t`	搜索文本或正则表达式	交互式输入
`--output`	`-o`	结果保存目录（非文件名）	脚本所在目录下的 `search_results/`
`--no-regex`	—	将 pattern 作为普通字符串（自动转义元字符）	否（默认正则模式）

结果文件位置

每次执行自动生成：

search_results/
  20260415_101252_Account_Main.txt
  20260415_110000_error.txt

执行流程

收集参数：从用户消息中提取目标目录和搜索关键词。
运行脚本：调用 scripts/search_tool.py，传入 --path 和 --pattern。
展示结果：
- 告知用户结果文件路径。
- 读取结果文件，汇总每个命中文件的匹配行数。
- 如有特别关键的匹配内容，摘要呈现给用户。

依赖安装

脚本使用 Python 标准库，可选依赖：

pip install rarfile   # 支持 .rar 文件（还需系统安装 unrar）
pip install py7zr     # 支持 .7z 文件

RAR 所需系统工具：

Windows：下载 unrar.exe → https://www.rarlab.com/rar_add.htm
macOS：brew install unrar
Linux：sudo apt install unrar

若用户未安装上述依赖，脚本会给出友好提示，ZIP/TAR 等格式不受影响仍可正常使用。

注意事项

不修改原始文件，只读。
解压到系统临时目录，搜索完成后自动清理。
防路径遍历攻击（对 ZIP/TAR 安全提取，拒绝含 .. 的路径）。
对用户提供的 pattern，若不确定是否为正则，可加 --no-regex 参数安全处理。

Comments

Loading comments...