Skills
skills/aradotso/trending-skills/clui-cc-claude-overlay/Gen Agent Trust Hub

clui-cc-claude-overlay

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads its core application files from a GitHub repository (lcoutodemos/clui-cc).
  • [EXTERNAL_DOWNLOADS]: Fetches plugin metadata and installation tarballs from the trusted anthropics organization on GitHub to populate the skills marketplace.
  • [COMMAND_EXECUTION]: Executes system-level installation commands using Homebrew, NPM, and Pip to set up the necessary runtime environment (Node.js, Claude CLI, Whisper, and Python tools).
  • [COMMAND_EXECUTION]: Spawns the claude CLI as a managed subprocess using the -p --output-format stream-json flags to facilitate interactive sessions.
  • [COMMAND_EXECUTION]: Provides automation scripts (setup.command, start.command, stop.command) to manage the application lifecycle and local environment checks.
  • [PROMPT_INJECTION]: Implements a robust security layer via a local PermissionServer that intercepts tool-use requests from the AI, requiring explicit user approval through the UI before any command is executed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 05:55 AM