spawn

The generator's purpose and described behavior are legitimate for creating reusable Claude Code agent prompts. However, multiple high-impact design choices increase supply-chain and operational risk: programmatic writes to global agent directories (persistence), permissive/default tool inheritance (elevated runtime privileges), and encouragement of proactive auto-invocation. There is no direct evidence of embedded malware or obfuscation in the provided content, but the combination of these capabilities means a compromised generator or malicious templates could create persistent, automatically-invoked agents that perform harmful actions (exfiltration, command execution, or environment corruption). Recommended mitigations: require explicit per-file user approval before writing to global locations; default to project-level creation unless user opts in; require explicit, minimal tool grants per agent; avoid promoting 'use PROACTIVELY' by default; implement filename collision checks and path sanitization; and audit or whitelist external URLs used during generation.