rch
Warn
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill installs a
PreToolUsehook into the agent's environment settings (~/.claude/settings.json). This enables therchutility to intercept every shell command initiated by the agent to determine if it should be executed locally or offloaded to a remote worker. - [DATA_EXFILTRATION]: The core functionality involves using
rsyncto synchronize local project directories with remote workers defined by IP address or hostname. While intended for compilation, this process involves the automated transfer of source code to external infrastructure. - [CREDENTIALS_UNSAFE]: The skill's configuration files and setup scripts manage sensitive authentication data, including SSH private key paths (e.g.,
~/.ssh/id_ed25519). It also reads from the user's SSH configuration file to discover potential workers. - [EXTERNAL_DOWNLOADS]: The troubleshooting documentation provides instructions for installing development toolchains from external repositories, such as downloading the Rust installer from
sh.rustup.rs.
Audit Metadata