System Doctor
PassAudited by ClawScan on May 10, 2026.
Overview
System Doctor appears to perform local server health diagnostics as advertised, but users should know it runs local system commands and may perform a DNS lookup during network checks.
This looks like a normal local diagnostics skill. Before installing or running it, be aware that its reports can include infrastructure details such as hostnames, IP addresses, mounted disks, logged-in users, and running services, and that its network check may perform a DNS lookup to google.com despite the documentation’s offline wording.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill can reveal server configuration details such as services, users, network interfaces, hostnames, and resource usage in terminal, JSON, or HTML output.
The script runs local diagnostic commands to enumerate services and other system state. This is expected for a system health tool and uses fixed argument lists rather than shell strings, but it is still local system inspection.
subprocess.run(["systemctl", "list-units", "--type=service", "--state=running", "--no-pager"], capture_output=True, text=True, timeout=10)
Run it only on systems you are authorized to inspect, and review generated reports before sharing them.
A default network health check may generate outbound DNS traffic even if the user expects the tool to be completely offline.
The documentation says the skill is fully offline, while the network check can trigger DNS resolution for google.com. This is purpose-aligned for connectivity diagnostics and does not show data exfiltration, but the wording is not fully accurate.
SKILL.md: "No external API calls — fully offline"; scripts/sys_doctor.py: subprocess.run(["getent", "hosts", "google.com"], capture_output=True, text=True, timeout=5)
If outbound DNS lookups are not acceptable in your environment, avoid the network check or modify the script before use; the skill author should clarify this behavior in the documentation.