← 返回 Skills 市场

Folder Inspector

Name: Folder Inspector
Author: jayxu-d

作者 JayXu-D · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

431

总下载

当前安装

版本数

在 OpenClaw 中安装

/install folder-inspector

功能描述

此技能用于扫描本地目录。

使用说明 (SKILL.md)

Folder Inspector Skill

当用户询问“某个文件夹里有什么”、“看看这个目录下的文件大小”时使用。输入参数为文件夹的绝对路径。

参数说明

path: 目标文件夹的绝对路径。

使用场景

当用户询问“目录下有什么”或“查看文件夹大小”时，必须调用此工具。
如果用户给出的是相对路径，请尽量结合上下文将其转换为绝对路径。

使用示例

"帮我看看 /home/jiajiexu 目录下有哪些大文件？"
"查询一下 /tmp 文件夹的内容。"

安全使用建议

This skill's purpose (listing files and sizes) lines up with its code, but there are red flags you should address before using it: - index.js uses a hardcoded python path and an absolute script location in /home/jiajiexu/... instead of the bundled scripts/file_scanner.py. That will likely break or point to an unexpected file. Require the author to change scriptPath to use a path relative to the skill (e.g., __dirname + '/scripts/file_scanner.py') and avoid hardcoding /usr/bin/python3 (or at least fall back to 'python3' on PATH). - The Python script logs every invocation and the provided path to /tmp/openclaw_python_debug.log. This file can leak filesystem paths or be read by others on a multi-user system. If you care about privacy, ask to remove or disable logging or write to a controlled location. - index.js builds a table expecting a 'type' field that the Python script does not return; this mismatch may cause incorrect output. Ask the author to align returned JSON with the consumer code. - Because the package source is 'unknown' and the code references another user's home path, treat this as untrusted until corrected. Prefer running it in a sandbox or requesting a corrected release that uses relative paths and documents its logging behavior. If you don't trust the author or cannot get a corrected package, do not install it system-wide. If you proceed, inspect and modify index.js to use the included scripts/ path and remove or secure the debug logging.

功能分析

Type: OpenClaw Skill Name: folder-inspector Version: 1.0.0 The `index.js` file contains a critical shell injection vulnerability. The `execSync` call directly interpolates the user-provided `args.path` into a shell command without proper sanitization, allowing arbitrary command execution on the host system. While the skill's stated purpose is benign (folder inspection), this severe lack of input validation makes the skill highly exploitable, classifying it as suspicious rather than benign. The `file_scanner.py` script also includes a debug log that writes to `/tmp/openclaw_python_debug.log`, which is a minor information leakage risk but not the primary concern.

能力评估

⚠ Purpose & Capability

The stated purpose is 'scan a local directory', which matches the code's intent. However, index.js hardcodes an absolute Python script path (/home/jiajiexu/.../scripts/file_scanner.py) and a fixed python binary (/usr/bin/python3) rather than calling the bundled script relative to the skill. The registry metadata declared no required binaries, yet the code assumes python3 exists at a specific location. The hardcoded path referencing another user's home and a global node_modules layout is incoherent with a portable skill package.

⚠ Instruction Scope

SKILL.md simply instructs the agent to call the tool for directory queries — that matches behavior. But the implementation writes debug output to /tmp/openclaw_python_debug.log and logs the supplied path, which SKILL.md does not mention. The script also only returns file names and sizes (no types as index.js expects 'type' in table creation), which could lead to runtime errors or truncated output.

ℹ Install Mechanism

No install spec (instruction-only) — low install risk. However, the skill implicitly requires a Python interpreter at /usr/bin/python3 and expects the script to exist at an absolute, external path rather than the included scripts/ file. This mismatch is an implementation bug and increases operational fragility.

⚠ Credentials

The skill requests no credentials or env vars, which is appropriate. But the hardcoded script path points to /home/jiajiexu/... which is unrelated to the declared package; this either indicates the package was packaged incorrectly or intentionally references a user-specific location. The Python script also writes a debug log to /tmp, which records invoked paths and could leak sensitive filesystem locations to anyone who can read /tmp.

✓ Persistence & Privilege

The skill does not request persistent 'always' presence, does not modify other skills or system-wide config, and does not require elevated privileges. The only side-effect is writing an append-only debug log under /tmp, which is low-privilege but notable.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install folder-inspector
安装完成后，直接呼叫该 Skill 的名称或使用 /folder-inspector 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Folder Inspector Skill 1.0.0 – Initial Release - 新增扫描本地目录的能力，可列出文件夹内容及文件大小。 - 支持通过绝对路径参数查询目录。 - 明确适用场景，包括查看目录内容和文件夹大小。 - 提供使用示例与参数说明。 - SKILL.md 包含中英文说明，确保易用性。

元数据

Slug folder-inspector

版本 1.0.0

许可证 —

累计安装 1

当前安装数 1

历史版本数 1

常见问题