Syscheck
ReviewAudited by ClawScan on May 10, 2026.
Overview
Syscheck is advertised as a system health checker, but the provided script mainly persists user-supplied text in local logs and does not match the documented diagnostic commands.
Review carefully before installing. Treat this as a local logging tool unless the maintainer provides code that actually performs the advertised system checks. If you test it, avoid entering sensitive information and inspect or clear ~/.local/share/syscheck afterward.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may trust this as a diagnostic tool, but it may not provide the advertised CPU, memory, disk, uptime, or process checks.
The visible script help and dispatch do not match these advertised health-check commands; they expose generic logging commands and save inputs instead, which could mislead users about what the skill actually does.
description: "System health checker and diagnostics tool. Quick overview of CPU usage, memory, disk space, uptime, load average, and running processes."
Require the package to align its script with the documented system-health commands, or update the documentation to accurately describe the local logging behavior.
If a user or agent enters sensitive diagnostic details, hostnames, incident notes, or other private text, those values can remain in local log files and later be exported or searched.
The script persistently stores raw user-provided command input and history in local log files. SKILL.md only describes stdout output and redirection, not automatic local retention.
DATA_DIR="${HOME}/.local/share/syscheck"; mkdir -p "$DATA_DIR" ... echo "$ts|$input" >> "$DATA_DIR/scan.log" ... _log "scan" "$input"Disclose the retention behavior, avoid logging raw input by default, add a clear purge command, and warn users not to enter secrets or sensitive incident data.
The syscheck command may fail, resolve to a different local binary, or behave differently than the included script unless the user verifies the command path.
The artifacts include a shell script and SKILL.md examples that invoke a syscheck command, but there is no declared installation mechanism or required binary showing how that command is made available.
No install spec — this is an instruction-only skill. ... Code file presence: scripts/script.sh
Provide a clear, pinned install mechanism or explicitly document how the included script should be invoked and verified.