ClawHub

智能文件整理助手Smartfolder Skill

Security checks across malware telemetry and agentic risk

Overview

This is a local file organizer with no malware-like network or credential behavior, but it can move user files by default while its documentation overstates safety controls.

Install only if you are comfortable letting an agent scan and reorganize local folders. Use explicit paths, run --dry-run first, avoid home-root or system directories, and do not rely on the advertised confirmation, trash, or undo protections because they are not implemented in the script.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The README advertises very broad natural-language requests such as 'clean up duplicate files', 'organize files by type', and 'clean up messy folder' without clearly constraining scope, confirmation requirements, or safe default paths. In a file-management skill, ambiguous triggers can cause the agent to select this skill for high-risk operations on unintended directories, increasing the chance of destructive bulk moves, renames, or cleanup actions from vague user phrasing.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill advertises very broad trigger phrases such as generic requests to clean, organize, or sort files and folders. In an agent environment, this increases the chance of accidental invocation on ambiguous everyday prompts, which can lead to unintended file moves, renames, or cleanup actions affecting user data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The markdown presents destructive operations like duplicate deletion, cleanup, archive moves, and emptying trash without sufficiently prominent, repeated warnings about data-loss risk. Because this skill is specifically designed to manipulate the file system, understated safety messaging can normalize risky actions and increase the chance that users or an agent perform irreversible or hard-to-review changes.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill performs direct file-moving operations with `rename()` once the `organize` command is invoked, but it does not require an explicit confirmation step or present a strong warning that files will be modified. In a file-management skill, this creates a real safety issue because users may trigger destructive or hard-to-reverse changes on important directories by mistake, especially since the tool is designed for broad natural-language cleanup and organization tasks.

VirusTotal

No VirusTotal findings

View on VirusTotal