Sysinfo Tool
PassAudited by ClawScan on May 4, 2026.
Overview
The provided artifacts look like a straightforward local system-information tool; it may display host and process details, but shows no evidence of exfiltration, persistence, or credential use.
This appears safe for local diagnostics, but system-info output can include hostnames, disk layout, network interface names/statistics, and process command lines. Review the output before sharing it with others, and prefer specific flags or brief output if you only need limited details.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can collect and display local system inventory and process information in the conversation.
The script invokes fixed local OS commands to collect disk and process information. This is expected for a system diagnostics tool and is not shell-expanded or user-controlled, but users should know local commands are run.
subprocess.run(['df', '-B1', '-T'], capture_output=True, text=True, check=True) ... subprocess.run(['ps', 'aux', '--sort=-pcpu'], capture_output=True, text=True)
Use the tool only when you want diagnostics, and review the output before sharing it externally.
Users have less external context about who maintains the skill or how the command is installed and invoked.
The skill has limited provenance and no install specification. The included visible source is coherent and the static scan is clean, so this is a transparency note rather than a security concern.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Install only if you are comfortable with the provided source and limited provenance; verify the command path if it does not run as expected.