功能描述

磁盘空间分析与优化建议工具。自动扫描所有磁盘驱动器，生成包含目录占用排名、爆满元凶锁定、可清理缓存识别和优化建议的完整报告。触发词: 磁盘空间分析、C盘满了、硬盘空间不足、磁盘爆满、磁盘占用、磁盘分析、磁盘清理、C盘空间、磁盘空间报告、扫描磁盘、disk space、磁盘满了、磁盘空间不够、帮我看看磁盘、...

使用说明 (SKILL.md)

\r \r

Disk Space Analyzer\r

Name: Disk Space Analyzer
Author: raingingkleec

\r 扫描用户所有磁盘驱动器，生成专业的空间分析报告（HTML）。\r \r

Workflow\r

\r

Phase 1: Scan\r

\r Run the bundled scanner script to collect disk usage data:\r \r

python scripts/disk_scan.py --top 10 --deep --output \x3Coutput_path>\r
```\r
\r
- `--top N`: Number of top directories per drive (default 10)\r
- `--deep`: Deep-trace the top 3 directories on each drive, recursively following the largest child up to 5 levels deep to find the true culprit\r
- `--output`: Save JSON to file (recommended for large reports)\r
- Output: JSON with per-drive data, progress to stderr\r
\r
Read the JSON output. Key fields:\r
- `drives[]`: Per-drive overview with `top_directories`\r
- `drives[].deep_consumers[]`: Top 3 dirs with their children + `culprit_trace` (recursive deep trace result with `chain`, `leaf`, `breadcrumb`)\r
- `special_locations`: Cache/temp locations across all drives\r
- `windows_components`: C:\Windows subfolder breakdown\r
\r
### Phase 2: Generate Report\r
\r
Create an HTML report by:\r
\r
1. Read the scan JSON data\r
2. Copy `assets/report_template.html` to the workspace as the HTML output file\r
3. Replace `__REPORT_DATA__` in the HTML with the raw JSON string from `json.dumps(data, ensure_ascii=False, separators=(',',':'))`\r
4. The HTML template uses `const REPORT_DATA = __REPORT_DATA__;` — JSON is injected directly as a JS object literal, no parsing needed\r
5. Deliver the HTML file and preview it\r
\r
⚠️ **Simply replace `__REPORT_DATA__` with the raw JSON output. Do NOT add any extra escaping.**\r
\r
Python snippet for report generation:\r
```python\r
import json\r
\r
with open(scan_json_path, encoding='utf-8') as f:\r
    data = json.load(f)\r
\r
with open(template_path, encoding='utf-8') as f:\r
    html = f.read()\r
\r
json_str = json.dumps(data, ensure_ascii=False, separators=(',',':'))\r
html = html.replace('__REPORT_DATA__', json_str)\r
\r
with open(output_html_path, 'w', encoding='utf-8') as f:\r
    f.write(html)\r
```\r
\r
### Phase 3: Present & Advise\r
\r
After showing the visual report, provide a text summary to the user:\r
\r
1. **每个盘元凶锁定**: Every drive gets a culprit alert — the deep tracer recursively follows the largest child directory up to 5 levels to find the true space hog (e.g., `Program Files → NetEase → MuMu → vms`)\r
2. **追踪路径可视化**: Show the breadcrumb path of how the culprit was traced\r
3. **前3目录深度分析**: Show children breakdown for each drive's top 3 directories\r
4. **可清理项**: List safe-to-clean caches and temp files with total savings\r
5. **优化建议**: Actionable recommendations ordered by impact\r
\r
#### Suggestion Rules\r
\r
- If a directory exceeds **30%** of drive used space, flag it as the primary culprit\r
- For Windows systems, note `WinSxS` is not safe to manually delete; recommend `Dism /Online /Cleanup-Image /StartComponentCleanup`\r
- For MuMu/Android emulators, recommend migrating VM storage to another drive\r
- For cache/temp files, confirm with user before deleting (show the list first)\r
\r
### Edge Cases\r
\r
- If a drive scan fails (permission denied), skip and note it\r
- On non-Windows systems, the `special_locations` scan will simply find fewer items\r
- If only one drive exists, still run the full workflow\r

安全使用建议

This skill is coherent with its stated purpose, but before running it: (1) expect it to scan all available drives and your user home — it will read directory and file metadata (paths, sizes). Don't run it if you don't want that information enumerated. (2) The generated HTML report embeds raw JSON containing absolute paths and filenames — treat the report as sensitive and do not upload or share it without sanitizing. (3) The SKILL.md asks you not to escape the JSON when injecting it into the template; that can enable client-side injection if filenames are malicious or contain unusual characters — open the report locally in a safe environment and inspect contents before sharing. (4) The scanner can be I/O-intensive and slow on large drives; run with care on production systems. If you need stronger guarantees: request the author add optional escaping/sanitization of fields and an option to redact absolute paths before generating the report.

功能分析

Type: OpenClaw Skill Name: disk-space-analyzer Version: 1.0.0 The skill bundle is a disk space analyzer that performs deep file system traversal to identify large directories and generate an HTML report. While the code in `scripts/disk_scan.py` appears functionally legitimate and lacks network activity, the bundle is classified as suspicious due to a forced security vulnerability in `SKILL.md`. The instructions explicitly command the AI agent to inject raw JSON data into the `assets/report_template.html` without any escaping. This creates a high risk of Cross-Site Scripting (XSS) if the scanner encounters maliciously named files or directories (e.g., containing `</script><script>...`), which would execute in the agent's environment during the report preview phase.

能力评估

✓ Purpose & Capability

Name/description align with the provided code and instructions: the Python scanner recursively enumerates drives and directories, identifies large directories, and the SKILL.md explains generating an HTML report. There are no unrelated dependencies or credentials requested.

ℹ Instruction Scope

Runtime instructions are focused on running the bundled scanner and creating a local HTML report. Two issues to be aware of: (1) the SKILL.md explicitly instructs to inject the raw JSON into the HTML template without additional escaping — this increases risk of client-side injection/XSS if file or directory names contain crafted content and the report is later opened in a browser; (2) the report embeds absolute paths and other local metadata (home path, Windows component names), so the generated report contains sensitive local information that should not be shared without review. The skill does not instruct sending data to external endpoints.

✓ Install Mechanism

No install spec or remote download is present; the skill ships code files and is instruction-driven. That is lower-risk than fetching/executing remote artifacts.

✓ Credentials

No required environment variables or credentials are declared. The code reads common environment values (HOME, COMPUTERNAME/HOSTNAME) and scans user/home directories — this is consistent with a disk analyzer. No unrelated secrets or network tokens are requested.

✓ Persistence & Privilege

Flags show always:false and the skill does not request persistent/system-wide configuration changes. It does not modify other skills or system settings.

版本历史

v1.0.0

Initial release of disk-space-analyzer. - Automatically scans all disk drives and generates detailed reports on disk usage. - Identifies top space-consuming directories and traces the root cause of disk full issues. - Lists safe-to-clean caches and temporary files, including estimated space savings. - Provides actionable optimization suggestions, prioritizing the most effective actions. - HTML report includes visual breakdowns and trace paths for top culprits. - Handles edge cases such as permission-denied drives or limited scan results.

元数据

Slug disk-space-analyzer

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题

Disk Space Analyzer 是什么？

磁盘空间分析与优化建议工具。自动扫描所有磁盘驱动器，生成包含目录占用排名、爆满元凶锁定、可清理缓存识别和优化建议的完整报告。触发词: 磁盘空间分析、C盘满了、硬盘空间不足、磁盘爆满、磁盘占用、磁盘分析、磁盘清理、C盘空间、磁盘空间报告、扫描磁盘、disk space、磁盘满了、磁盘空间不够、帮我看看磁盘、... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 67 次。

如何安装 Disk Space Analyzer？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install disk-space-analyzer」即可一键安装，无需额外配置。

Disk Space Analyzer 是免费的吗？

是的，Disk Space Analyzer 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Disk Space Analyzer 支持哪些平台？

Disk Space Analyzer 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Disk Space Analyzer？

由 raingingkleec（@raingingkleec）开发并维护，当前版本 v1.0.0。

Disk Space Analyzer