ask-claude
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a localized shell script (
scripts/ask-claude.sh) that invokes theclaudeCLI. The script implements security controls including a whitelist for model identifiers (opus, sonnet, haiku) and a restrictive case statement that only permits specific session-management flags, preventing arbitrary argument injection.- [EXTERNAL_DOWNLOADS]: The skill transmits user queries and conversation context to Anthropic's servers via theclaudeCLI. This is the intended behavior and the skill includes instructions to minimize the amount of context sent.- [DATA_EXFILTRATION]: By design, this skill sends data to an external provider (Anthropic). The skill instructions mandate that the agent only include necessary context and use clear delimiters (Question/Context/Instructions) to prevent unintended data leakage or instruction confusion.
Audit Metadata