Skylv Log Aggregation
AdvisoryAudited by Static analysis on May 3, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Application and system logs often contain user identifiers, tokens, error details, internal URLs, and other sensitive data; broad indexing could expose or preserve more private information than intended.
This describes broad aggregation of potentially private logs into a searchable store, but the artifact does not define source limits, exclusions, redaction, retention, access controls, or reuse boundaries.
> All your logs in one place. ... **Collect logs** — From files, stdout, syslog, Docker, cloud services
Use only explicitly selected log sources, redact secrets and personal data before indexing, define retention/deletion rules, and avoid letting the agent ingest broad system or cloud logs by default.
The agent might use broad ambient cloud credentials or local profiles to read organization logs beyond the intended services or time ranges.
Cloud log access normally requires provider account credentials or roles, but the supplied metadata declares no primary credential, required env vars, or config paths, so the credential source and privilege scope are unclear.
**Cloud**: AWS CloudWatch, GCP Logging, Azure Monitor
Document the exact credential source and required scopes, use dedicated read-only logging roles, and require explicit user selection of accounts, projects, services, and time windows.
A mistaken command or overly broad path could collect or export more logs than expected.
These operations are central to a log aggregation skill, but if mapped to agent tools they can read broad local paths, write/export results, and create ongoing alert rules.
`collect logs from <path>` ... `export logs to <file>` ... `alert when <condition>`
Confirm paths, time ranges, export destinations, and alert conditions before execution, and prefer narrow service-specific log locations.
It is harder to verify who maintains the skill or whether its instructions match a trusted implementation.
There is no code or installer present, which reduces install-time execution risk, but the instruction source has limited provenance.
Source: unknown; Homepage: none
Review the SKILL.md carefully before use and prefer a known, documented source for production log access.