v1.0.0

Pi Admin

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 4:52 AM.

Analysis

Pi Admin matches its Raspberry Pi administration purpose, but it can make host-wide privileged changes such as cleaning packages/logs, rebooting, disabling services, and restarting the gateway with incomplete confirmations.

GuidanceReview the maintenance scripts before installing. Use read-only commands freely for diagnostics, but run update, clean, reboot, restart-gateway, and optimize only when you intend to change the Pi. Prefer --dry-run first, confirm sudo prompts carefully, and be aware that network/Tailscale and service outputs may reveal local infrastructure details if shared.

Findings (7)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

clean.sh

$SUDO apt autoremove -y ... $SUDO journalctl --vacuum-time=7d ... $SUDO apt-get autoremove --purge -y

The cleanup path can remove packages and purge old logs non-interactively after the command is invoked, which is broad host mutation and not easily reversible.

User impactRunning cleanup can remove packages, cache, and log history, which may affect installed software or troubleshooting.

RecommendationUse --dry-run first, add an explicit confirmation immediately before destructive cleanup, and run only on the intended Pi.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

reboot.sh

for i in {10..1}; do ... sleep 1; done ... $SUDO reboot

The reboot command proceeds after a countdown with Ctrl+C cancellation, but no explicit yes/no confirmation before rebooting the host.

User impactAn accidental or mistaken invocation can interrupt users, services, or active work on the Raspberry Pi.

RecommendationRequire an explicit confirmation prompt or make dry-run the default unless the user directly requests an actual reboot.

Rogue Agents

SeverityMediumConfidenceHighStatusConcern

restart-gateway.sh

pkill -f "clawdis gateway" ... pkill -9 -f "clawdis gateway" ... pnpm clawdis gateway --port 18789 > /dev/null 2>&1 &

The script force-stops all matching gateway processes and starts a new gateway in the background, creating long-running behavior after the command finishes.

User impactThis can disrupt the local gateway or agent access and leave a background service running with little visibility.

RecommendationAdd explicit confirmation, use a scoped service manager or exact PID targeting, log startup output, and avoid force-kill unless the user approves.

Cascading Failures

SeverityMediumConfidenceHighStatusNote

optimize.sh

$SUDO systemctl disable bluetooth.service ... $SUDO systemctl disable avahi-daemon.service ... echo "vm.swappiness=10" | $SUDO tee /etc/sysctl.d/99-swappiness.conf

The optimize command persists service and kernel-setting changes across sessions; it is purpose-aligned and has an undo flag, but it can affect device connectivity and discovery.

User impactBluetooth, modem, Avahi/Zeroconf, or memory behavior may change after optimization and continue after reboot.

RecommendationRun --dry-run first, confirm the affected services are not needed, and keep the documented --undo option available.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

**Note:** All maintenance commands require sudo and ask for confirmation before making changes.

This safety statement is broader than the scripts show: reboot proceeds after a countdown, restart-gateway has no confirmation, and optimize applies changes after the sudo/root path.

User impactUsers may overestimate the approval safeguards before running commands that can alter or restart the host.

RecommendationUpdate the documentation to match actual behavior or add consistent explicit confirmations to every high-impact maintenance command.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none; OS restriction: none; Required binaries: none

The registry metadata does not declare provenance, platform, or required system tools, even though the provided scripts depend on Linux/Raspberry Pi administration commands.

User impactUsers may install it on an unsuitable system or miss that it depends on privileged Linux tooling.

RecommendationDeclare Linux/Raspberry Pi OS expectations, required binaries, and a source/homepage so users can verify provenance and compatibility.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

update.sh

read -p "Continue with sudo? [y/N]" ... $SUDO apt upgrade -y

The skill expects sudo/root authority for package maintenance; this is normal for Pi administration but grants broad control over the host.

User impactIf run with sudo, the skill can change system packages and affect the entire Raspberry Pi environment.

RecommendationOnly grant sudo for specific maintenance tasks you intend to perform, and prefer dry-run previews where available.