harness-init
Warn
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION] (MEDIUM): The skill uses
npx create-next-app@latestto generate new projects. While this is a standard development practice, it involves downloading and executing remote code from a public registry at runtime. - [COMMAND_EXECUTION] (MEDIUM): The skill attempts to execute a shell script using a path derived from an environment variable:
bash "${CLAUDE_PLUGIN_ROOT}/scripts/codex-setup-local.sh". This pattern is risky as the execution depends on the integrity of the environment variable. - [COMMAND_EXECUTION] (MEDIUM): The skill automatically modifies file permissions using
chmod +xon all files matching.claude/hooks/*.sh. Automatically granting execution permissions to files in a project directory can be abused if malicious scripts are introduced to that path. - [EXTERNAL_DOWNLOADS] (LOW): The skill installs packages from the npm registry (
@supabase/supabase-js,lucide-react). Per the [TRUST-SCOPE-RULE], the download of the Supabase package is considered low risk due to its trusted source status, though standard auditing of dependencies is recommended. - [DATA_EXFILTRATION] (SAFE): No patterns of sensitive data exfiltration or unauthorized network requests to non-whitelisted domains were detected.
Audit Metadata