cc-usage
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill instructs the agent to run a local Python script located at
.claude/skills/cc-usage/scripts/analyzer.py. Running local scripts is a common capability but introduces risk when the underlying code is not visible for audit. - [DATA_EXFILTRATION] (LOW): The skill accesses logs in
~/.claude/projects/. This involves reading application-specific data including project names and usage statistics, which constitutes local data exposure. - [PROMPT_INJECTION] (LOW): The skill presents an indirect prompt injection surface (Category 8). It ingests untrusted data from local logs (
~/.claude/projects/) without boundary markers or explicit sanitization. If logs contain malicious instructions from previous sessions, they could influence the agent during processing.
Audit Metadata