permission-manager
Fail
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Provides instructions and Node.js code templates designed to be written to the local filesystem and executed to modify the agent's internal configuration.
- [COMMAND_EXECUTION]: Targets the modification of the core configuration file (~/.claude.json or %USERPROFILE%.claude.json), which is responsible for defining the security boundaries and tool execution policies of the AI agent.
- [COMMAND_EXECUTION]: Implements a mechanism to add tool names to the 'allowedTools' array, which effectively disables the mandatory 'human-in-the-loop' confirmation requirement, creating a persistent security policy bypass.
Recommendations
- AI detected serious security threats
Audit Metadata