Skills
skills/b-open-io/prompts/statusline-setup/Gen Agent Trust Hub

statusline-setup

Warn

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill encourages the execution of bunx ccstatusline@latest and npx ccstatusline@latest, which downloads and runs a third-party package from an unverified repository (github.com/sirmalloc/ccstatusline).
  • [COMMAND_EXECUTION]: Documentation for the recommended ccstatusline utility describes a CustomCommand widget that allows for the execution of arbitrary shell commands, creating a risk if malicious configurations are introduced.
  • [COMMAND_EXECUTION]: The skill includes shell scripts (scripts/install-statusline.sh and scripts/restore-statusline.sh) that perform file system operations, such as modifying permissions with chmod and moving files within the ~/.claude/ configuration directory.
  • [COMMAND_EXECUTION]: By updating ~/.claude/settings.json to point to a script or the ccstatusline tool, the skill establishes a persistence mechanism that executes code every time the application's interface status updates.
  • [DATA_EXFILTRATION]: Scripts and documentation demonstrate how to access the session transcript file via the transcript_path variable. This allows status line scripts to read the full conversation history, which could be misused to harvest sensitive information from session logs.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 1, 2026, 08:29 AM