Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Workspace Manager
v1.1.0Organize and maintain agent workspace directories by initializing structure, classifying files, auditing placement, cleaning content, and suggesting expansions.
⭐ 0· 81·1 current·1 all-time
by@zhaql
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (manage and maintain agent workspace directories) aligns with the instructions: classification rules, structure templates, duplicate detection, and health checks. The skill does not request unrelated credentials or binaries. Minor inconsistency: the docs mention helper scripts (e.g., workspace_audit.py) and workflows that expect executable tooling, but no code files or install steps are provided.
Instruction Scope
SKILL.md instructs the agent to scan workspaces, run shell find/grep commands, detect duplicates, move/archive files, rename files, and 'prune' redundant content. Those actions necessarily read and modify arbitrary files in the user's workspace(s). The instructions are permissive/vague about deletion and automation (e.g., 'Prune: Remove truly redundant content'), and they do not require explicit user confirmation or a dry-run mode. The skill also references tools/scripts (workspace_audit.py) that are not bundled, creating ambiguity about how actions are intended to be executed.
Install Mechanism
Instruction-only skill with no install spec and no bundled code — this is low installation risk. Because there is no install, no external binaries are being pulled, but the skill expects the agent to execute filesystem and shell operations at runtime.
Credentials
The skill requests no environment variables, no credentials, and no config paths — appropriate and proportional for a local workspace management task. It does not reference external endpoints or secrets.
Persistence & Privilege
The skill is not marked always:true, but it instructs the agent to modify user files (mv, rename, archive, and potentially delete). Combined with the platform default that agents may invoke skills autonomously, this increases the blast radius: an autonomously-invoking agent could apply destructive changes if the skill is used without explicit safeguards. The SKILL.md lacks firm safeguards (confirmation prompts, dry-run only by default), which makes persistent or repeated modifications risky.
What to consider before installing
This skill appears to do what it says (organize and audit workspace files) but it gives the agent broad permission to read and modify your files and is ambiguous about automatic deletion or renaming. Before installing or running it: 1) Back up any important workspaces. 2) Require (or edit the SKILL.md to add) an explicit dry-run/read-only mode and mandatory user confirmation before any move/rename/delete operations. 3) Test on a non-production/sample workspace first. 4) Ensure the agent's file-system permissions are limited to only the directories you want managed. 5) Note the skill references helper scripts (e.g., workspace_audit.py) that are not included — ask the publisher how those are supplied and audited. If you need automatic cleanup, insist on clear safeguards (confirmation prompts, logs, and an easy undo/archive policy) before allowing this skill to run autonomously.Like a lobster shell, security has layers — review code before you run it.
latestvk975gyxvfdkwx0jg814ta9w35h83k1eb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.