The Agent Skills Directory

[DATA_EXFILTRATION]: The statusline.sh script is designed to extract sensitive Claude OAuth tokens from the macOS Keychain (using the security utility), the Linux secret-tool utility, and the local file ~/.claude/.credentials.json. Once retrieved, the token is transmitted via a curl request to the Anthropic API (api.anthropic.com). While this supports the skill's feature of displaying usage limits, the automated harvesting and transmission of system-level credentials represents a significant security risk.
[COMMAND_EXECUTION]: The skill requests and utilizes several system tools including jq, python3, and git. It modifies the user's environment by installing shell scripts into ~/.claude/hooks/ and updating ~/.claude/settings.json to execute these scripts as lifecycle hooks. This ensures the scripts run automatically during status line rendering and tool execution.
[DATA_EXPOSURE]: The skill stores and manages state information in /tmp/claude/loops.json. Because the /tmp directory is typically world-readable on multi-user systems, this may expose information regarding the user's active automation jobs and prompts to other local users.

groove-admin-claude-statusline