Pywayne Bin Cmdlogger
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is coherently described as a command I/O logger, but users should use it deliberately because it can run arbitrary commands and save sensitive input such as passwords to log files.
Install or use this only if you intentionally need full command I/O logging. Verify the `cmdlogger` executable source, avoid commands that prompt for passwords or print secrets, and review any high-impact command before running it through the logger.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used on a destructive or account-changing command, the logger will still execute that command while recording its I/O.
The skill is designed to execute arbitrary user-supplied commands. This is purpose-aligned for a command logger, but broad command execution can affect files, systems, or accounts depending on the command chosen.
`cmdlogger <command> [args...]` and `command | The command to execute`
Use it only for commands the user has explicitly requested, and review commands that deploy, delete, publish, or modify important data before running them.
The behavior depends on whatever `cmdlogger` executable is present in the user's environment, which may not be the one the user expects.
The documentation relies on a `cmdlogger` executable, while the provided package is instruction-only and does not include an install spec or declared binary requirement.
`cmdlogger --log-path <log_path> <command> [args...]`
Confirm the installed `cmdlogger` binary and its source before using this skill, especially on sensitive commands.
Passwords, tokens, private command output, or debugging data may remain on disk in the log file after the command finishes.
The skill intentionally persists full stdin, stdout, and stderr to a log file, including potentially sensitive interactive input.
`User input (including passwords) is logged. Be careful with sensitive information.`
Avoid using it for password prompts or secret-bearing commands, choose log paths carefully, restrict log file access, and delete or redact logs when no longer needed.