Folder Tree Generator
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run on a sensitive directory, private project names, filenames, and paths could be placed into the agent conversation or logs.
The skill recursively enumerates a chosen directory and defaults to unlimited depth, which is central to its purpose but can reveal local file and folder names or produce very large output if pointed at a broad location.
const { maxDepth = Infinity, ignore = ['.git', 'node_modules', '.DS_Store'], currentDepth = 0 } = options; ... fs.readdirSync(dirPath) ... .map(child => generateStructure(path.join(dirPath, child), ...))Run it only on intended folders, use --depth for large trees, and avoid scanning home, root, secrets, or other sensitive directories unless you are comfortable exposing the listing.