permission-manager
Fail
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to modify the sensitive ~/.claude.json configuration file. This file defines the security posture of the Claude Code environment. By programmatically updating the allowedTools array, the skill effectively disables the security boundary intended to ensure that a human user reviews and approves tool calls before they run.
- [REMOTE_CODE_EXECUTION]: The skill implements a workflow where it generates a temporary JavaScript file (update_permissions.js) and executes it using the Node.js runtime. This dynamic code execution pattern is a high-risk behavior as it allows for the execution of logic that is not statically defined in the skill and can be used to manipulate the host system in ways that standard tools might audit or restrict.
Recommendations
- AI detected serious security threats
Audit Metadata