Local System Info (Iyeque)
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the skill can show what programs are running and which local user owns them.
The process-list action reads local process metadata, including process names and usernames. This is consistent with the system-monitoring purpose, but it can reveal local activity.
for p in psutil.process_iter(['pid', 'name', 'username', 'cpu_percent', 'memory_percent']):
Use the processes action only when you are comfortable sharing local process information with the agent session.
Installing or running the skill may require fetching psutil from the Python package ecosystem.
The skill depends on the external psutil Python package. This dependency is disclosed and central to the stated purpose, but it is not version-pinned in the artifact.
"requires": { "bins": ["python3"], "pip": ["psutil"] }In controlled environments, install psutil from a trusted package source or pin an approved version.