Admin Cli
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is transparent about being an admin helper, but it gives the agent elevated authority to update the system and restart services without clear safeguards.
Treat this as a powerful admin tool. Install it only if you are comfortable letting the agent run elevated package-manager and systemd commands, and configure it so every update or service restart requires explicit approval.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly, the agent could update packages or restart important system services, causing downtime, broken software, or interrupted work.
These are host-changing administrative commands. The service name is broad, and the artifact does not specify confirmations, allowlists, dry-run behavior, rollback, or containment before running package updates or restarting services.
- `update-system`: Run package manager update (`pacman -Syu`). - `restart-service <service>`: Restart a systemd service.
Only install if you want the agent to perform admin operations. Require explicit user approval for every elevated action, restrict which services can be restarted, and consider adding OS checks and rollback guidance.
Granting this skill elevated access could let the agent affect the whole system, not just a narrow application or directory.
The skill explicitly asks for elevated privileges. That is coherent for admin work, but it materially expands the agent's authority over the local machine without describing clear privilege boundaries.
> **Note:** These commands use the `elevated` flag. Ensure the agent has the necessary permissions in its configuration.
Grant elevated privileges only in a controlled environment, and prefer a configuration that prompts for approval before each privileged command.