claude-hud-statusline
Warn
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires users to add an external marketplace source ('jarrodwatts/claude-hud') and install a plugin. This process downloads and executes third-party JavaScript/Node.js code within the agent's environment.
- [COMMAND_EXECUTION]: Installation and troubleshooting instructions involve running shell commands such as 'mkdir', setting environment variables like 'TMPDIR', and using 'winget' to install Node.js on Windows.
- [PROMPT_INJECTION]: The skill parses terminal transcripts (JSONL) in real-time to monitor tool calls, subagent actions, and todo progress. This creates an indirect prompt injection surface where malicious content produced by tools or external files could influence the HUD's display or behavior.
- Ingestion points: Processes live transcript JSONL containing tool outputs and agent activities.
- Boundary markers: No specific boundary markers or 'ignore' instructions are mentioned for the parsed data.
- Capability inventory: Modifies local configuration files (~/.claude/plugins/claude-hud/config.json) and updates the terminal statusline display.
- Sanitization: No explicit sanitization or validation of the transcript data is described.
Audit Metadata