Linux Security Scanner
AdvisoryAudited by Static analysis on May 11, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the full audit can expose a detailed snapshot of local services, firewall state, privileged files, and login activity in the terminal output.
The script performs broad local enumeration of SUID files across the filesystem, which is appropriate for a security audit but can be slow and reveals host configuration details.
local suid_list=$(find / -perm -4000 -type f 2>/dev/null | sort)
Run it only on systems you own or administer, review output before sharing it, and use individual checks if you do not want a full-system audit.
If run with sudo/root, the script can access privileged security logs and configuration details that may include usernames, source IPs, services, and sudo access rules.
The skill explicitly discloses that elevated privileges may be needed to read failed-login logs and process details.
Requires root/sudo for some checks (failed-logins reads /var/log/btmp, ss shows process info)
Use sudo only when you need the privileged checks, and treat generated output as sensitive system-administration data.
Users have less provenance information for deciding whether to trust the script, especially if they plan to run it with elevated privileges.
The registry metadata does not provide a source repository or homepage for provenance, although the provided artifacts include the visible script and no external install step.
Source: unknown; Homepage: none
Inspect the bundled script before use and avoid running it with sudo unless you are comfortable with its local audit commands.