claude-permissions-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Node.js script to analyze local session history and uses
node -eto validate the JSON integrity of settings files after modification.\n- [DATA_EXFILTRATION]: Accesses sensitive local data, specifically Claude Code session transcripts located in~/.claude/projects/, to extract command history. Note that data is processed locally and not transmitted externally.\n- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection as it processes historical session logs which may contain untrusted data.\n - Ingestion points: JSONL session transcripts in
~/.claude/projects/analyzed byextract-commands.mjs.\n - Boundary markers: None present.\n
- Capability inventory: Modifies the security configuration (
settings.json) to alter agent permissions.\n - Sanitization: Uses a regex-based classifier in
extract-commands.mjsto filter out high-risk or destructive command patterns.
Audit Metadata