superviser ressources
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a server monitor, but it asks for autonomous recurring checks and service restarts without clear approval, scope, or stop controls, and it also pings hardcoded external sites.
Review this skill carefully before installing. It is not clearly malicious, but you should not let it automatically restart services or run on a schedule until the monitored targets, allowed restart actions, required privileges, and disable/stop controls are clearly defined.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could restart services or containers in a way that disrupts applications or production workloads.
The skill authorizes service restarts and automatic recovery, but the artifacts do not define an allowlist, confirmation requirement, rollback plan, or limits on which services can be restarted.
- **/supervisor restart <nom>** : Relance un service spécifique. L'agent scanne le serveur toutes les 5 minutes et tente une auto-guérison si un site tombe ou si un conteneur s'arrête.
Require explicit user confirmation for restarts, document exact restart commands, add an allowlist of services/containers, and keep status checks separate from mutation actions.
A user may expect a one-off command but get repeated monitoring or recovery behavior if the agent follows the instruction.
This describes recurring autonomous behavior, but the registry says this is an instruction-only skill with no install spec and no clear scheduler, stop command, or user control for ongoing operation.
L'agent scanne le serveur toutes les 5 minutes
Make recurring monitoring opt-in, document how it is scheduled, provide a stop/disable command, and avoid autonomous actions unless the user explicitly enables them.
Running the monitor may contact third-party sites the user did not choose, revealing request metadata such as source IP and timing, and may not monitor the user's own services.
The user-facing documentation only says it checks 'Sites', but the code checks three fixed external domains rather than user-configured targets.
TARGETS = [
{"name": "AIFlowHub", "url": "https://aiflowhub.online"},
{"name": "ProspectX", "url": "https://prospectx.aiflowhub.online/api/health"},
{"name": "MarocPromo", "url": "https://marocpromo.insightops.online"}
]Disclose the target URLs in SKILL.md or make them user-configurable before any network checks run.
If granted Docker or service-management access, the skill can observe container names/statuses and may be able to affect running workloads.
The code reads Docker container status, and the documentation also describes container/service restart behavior. Docker and service control can require significant local privileges.
subprocess.run(['docker', 'ps', '--format', '{{.Names}}|{{.Status}}'], capture_output=True, text=True)Run with the least privilege needed, restrict access to intended containers/services, and avoid giving broad Docker or root-equivalent access unless necessary.
The skill may fail at runtime or cause the agent/user to install dependencies manually without pinned versions.
The included code depends on Python packages and the Docker CLI, but the supplied metadata lists no required binaries and there is no install spec.
import requests
import psutil
...
subprocess.run(['docker', 'ps', '--format', '{{.Names}}|{{.Status}}']Declare required packages and binaries, pin versions where applicable, and document setup steps explicitly.