analyzing-usage
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell pipelines using
ccusage,jq, andtermgraph. It relies on theBashtool to orchestrate data processing and visualization based on user-supplied arguments. - [EXTERNAL_DOWNLOADS]: Fetches and runs the
termgraphpackage at runtime via theuvxpackage runner from well-known sources. - [DATA_EXFILTRATION]: Accesses a specific configuration and log directory (
/Users/alexei/.claude-team-gaia-mbp-m2) to extract token and cost data. This involves reading from a potentially sensitive absolute filesystem path. - [PROMPT_INJECTION]: Subject to indirect prompt injection (Category 8) because it processes untrusted log data that may contain malicious instructions.
- Ingestion points: JSONL logs are ingested via the
ccusagetool (file: SKILL.md). - Boundary markers: None present in the data processing flow.
- Capability inventory: Shell command execution via
Bashand remote package execution viauvx. - Sanitization: Employs
jqfor data extraction and rounding, which does not validate against or strip natural language instructions within the logs.
Audit Metadata