Top Tool
PassAudited by ClawScan on May 5, 2026.
Overview
This is a simple, read-only process-listing skill with no signs of exfiltration or persistence, but it may expose local process command lines and its documentation overstates the implemented controls.
This skill appears safe for ordinary local process inspection. Before installing, be aware that it may show command-line arguments from running processes, and the included script does not actually implement the documented filtering or sorting options.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the tool may place local process names and command-line arguments into the agent conversation or logs.
The script enumerates all readable local processes and prints their command lines. That is purpose-aligned for a process monitor, but command-line arguments can sometimes contain tokens, file paths, or other sensitive operational details.
for p in os.listdir('/proc'):
if p.isdigit():
... open(f'/proc/{p}/cmdline', 'r')Use it only when you are comfortable sharing process listings with the agent, and avoid relying on it in environments where command lines may contain secrets.
A user may think output is filtered or sorted when the included script would not actually enforce those controls.
The documentation advertises filtering, batch, and sort options, but the provided script contains no argument parsing and always iterates over all readable /proc entries. This is a reliability and trust note rather than evidence of malicious behavior.
- `-u user`: Show only processes for a user - `-b`: Batch mode for logging - `-o FIELD`: Sort by specific field
Do not rely on the documented options for limiting output unless the implementation is updated to enforce them.
There is less external context for verifying the publisher or intended project source.
The skill has limited provenance metadata. However, the provided code is small, local, and has no dependency installation or remote download behavior.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
Review the included source before use and prefer a published source/homepage for higher-assurance environments.