joelclaw-system-check

This skill/documentation describes a legitimate purpose (system health checks) and lists many appropriate checks for a development/ops environment. However, the document mixes read-only diagnostics with direct remediation steps that modify cluster state, install unpinned packages, and delete files. Those remediation commands (rm -rf, find -delete, kubectl rollout restart, bun add) are potentially destructive or high-risk if executed automatically or in the wrong context. There is no evidence of embedded exfiltration, obfuscation, or a hidden network relay, so I do not classify this as malware. Still, the skill's scope includes high-privilege and destructive actions that are disproportionate for an automated agent without explicit confirmations. Treat the skill as operationally sensitive: safe for knowledgeable humans who review and run commands, but risky for automated or untrusted execution. Recommend gating remediation steps behind explicit user confirmation, pinning package versions or referencing lockfiles, and clearly separating read-only checks from state-changing commands.