Log Analyzer
PassAudited by ClawScan on May 11, 2026.
Overview
The skill appears to be a straightforward local log-analysis helper, with no evidence of hidden networking, persistence, credential use, or destructive behavior.
This looks like a benign local log-analysis skill. Before using it, confirm the file path or piped command is the log source you intended, avoid sudo unless required, and remember that logs can include IP addresses, usernames, errors, or other operational details that may appear in the analysis output.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If pointed at the wrong file, the tool could process sensitive local data and include derived details in the chat output.
The skill instructs use of a local shell script against a user-provided log file path. This is expected for log analysis, but it means the agent can read and summarize whatever file the user or agent selects.
bash scripts/log-analyzer.sh -f /var/log/syslog --all
Use it only with intended log files or explicitly piped log output, and review the command before running it on privileged or sensitive paths.
Running with sudo could expose more system log data than intended if the wrong file is selected.
The documentation acknowledges that analyzing some system logs may require elevated privileges. This is normal for server-log analysis but should remain user-controlled.
Works without root for user-owned log files; system logs may require sudo
Prefer user-readable logs or narrowed journalctl output; grant sudo only when needed and only for the specific analysis.
The skill runs local shell commands, so its behavior depends on the local environment and selected input file.
The included code is a bash script that reads local input into a temporary file for analysis. Local command execution is central to this skill and no unrelated execution behavior is evident in the provided portion.
cat "$FILE" > "$TEMP_FILE"
Inspect or run the script in a normal user shell first, and avoid using it in highly privileged contexts unless necessary.