claw-deck
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a local Node.js script 'felo-livedoc/scripts/run_livedoc.mjs' to perform workspace operations such as creating tasks and updating README files. Commands are constructed using project identifiers and user-provided metadata.
- [DATA_EXFILTRATION]: Synchronizes project artifacts, URLs, and status updates to the 'felo.ai' domain. This behavior is documented and essential to the skill's function as a cloud-backed workspace manager.
- [CREDENTIALS_UNSAFE]: Implements a workflow for API key management where users are directed to the vendor's official settings page to retrieve their key, which is then stored in a local environment file ('~/.claude/env') for subsequent sessions.
Audit Metadata