claude-code-source-recovery
Fail
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends cloning a source code repository from an unverified GitHub user (ponponon) which claims to contain recovered software components.
- [EXTERNAL_DOWNLOADS]: Directs users to download an NPM package archive from an official Tencent mirror service for a version that is no longer available on the official registry.
- [COMMAND_EXECUTION]: Provides instructions to perform global package installations (npm install -g) and local builds using unverified source code, which could lead to arbitrary code execution during the install or build phase.
- [CREDENTIALS_UNSAFE]: Explicitly identifies the local file system path (~/.claude/credentials.json) where sensitive API keys and session tokens are stored and demonstrates the programmatic logic required to read them.
- [COMMAND_EXECUTION]: Includes a TypeScript script that programmatically creates directories and writes files to the local system based on content extracted from an external source map file.
Recommendations
- AI detected serious security threats
Audit Metadata