System Monitor
PassAudited by ClawScan on May 4, 2026.
Overview
This is a straightforward local system monitor; it reads system metrics and process information, with no evidence of hidden network exfiltration, destructive actions, or credential use.
This skill appears safe for local system monitoring. Before installing, be aware that process output can expose sensitive command-line details, and continuous watch mode should be stopped when no longer needed.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent displays or stores the process list, it may reveal sensitive command-line arguments from running programs.
The script collects process command lines for the top-processes feature. This is purpose-aligned, but command-line arguments can sometimes include tokens, passwords, or other sensitive values.
result = subprocess.run(['ps', 'aux', '--sort=-%cpu'], capture_output=True, text=True) ... 'command': ' '.join(fields[10:])
Use the process-list feature only when needed, and review output before sharing it outside the local troubleshooting context.
Watch mode can keep producing output and consuming some system resources until it is stopped.
The script supports a continuous monitoring loop. This is disclosed by the --watch option and appears to run in the foreground until interrupted.
while True: ... if args.watch: time.sleep(args.interval)
Run --watch only when continuous monitoring is intended, choose a reasonable interval, and stop it with Ctrl-C when finished.