pc-assistant
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: pc-assistant Version: 1.2.5 The skill performs an extremely broad system diagnostic that collects highly sensitive information, including environment variables (via `env`), shell history (`.bash_history`), and SSH `authorized_keys` in `scripts/healthcheck.sh`. While the tool is transparently documented as a healthcheck utility and includes warnings in `install.yaml` and `SKILL.md` regarding the sensitivity of the generated reports, the collection of shell history and environment variables poses a significant risk of leaking API keys, passwords, or other secrets to the AI agent. There is no evidence of intentional exfiltration to a remote server, but the data collection is overly invasive for its stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A healthcheck report may reveal sensitive details about the machine, network, users, services, and SSH access patterns if another local user or process can read the report, or if the user later shares it.
The script defaults to saving reports under /tmp and includes SSH authorized_keys/known_hosts content in the report. The artifacts do not show private directory or file permissions being enforced.
OUTPUT_DIR="${1:-/tmp/pc-healthcheck}" ... [ -f "$keyfile" ] && echo "$keyfile:" && cat "$keyfile" | head -5 ... head -10 ~/.ssh/known_hostsUse a private output directory, set restrictive permissions such as 700 on the directory and 600 on report files, and consider redacting SSH, network, and login details before sharing reports.
If the config file is modified by mistake or by another local actor, the scheduled healthcheck could execute unintended commands as the user.
The scheduler loads its config file by sourcing it as shell code. This is a common pattern, but it means any commands placed in that config run when the scheduler runs.
if [[ -f "$CONFIG_FILE" ]]; then ... source "$CONFIG_FILE"
Keep the config file private and writable only by the user, or replace shell sourcing with parsing only the expected PC_ASSISTANT_* key/value settings.
Windows or macOS users may find the advertised functionality broken or unverifiable from this package.
The install manifest declares macOS and Windows scripts, but the supplied file manifest/code presence only includes healthcheck.sh, run.sh, and schedule.sh. Those platform implementations are therefore missing from the reviewed artifacts.
files:\n - scripts/healthcheck.command # macOS\n - scripts/healthcheck.ps1 # Windows
Verify the package source and ensure all referenced platform scripts are present before relying on Windows or macOS support.
If scheduled, the skill may continue generating diagnostic reports until the cron entry is removed, causing sensitive reports to accumulate.
The skill documents a cron job for recurring healthchecks. This persistence is disclosed and user-directed, not hidden, but it can repeatedly create sensitive reports.
# Add to crontab (runs daily at midnight)\n0 0 * * * PC_ASSISTANT_OUTPUT_DIR=... scripts/schedule.sh
Only add the cron job if recurring diagnostics are intended, use a private report directory, enable cleanup deliberately, and periodically review or remove the scheduled job.