docs
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The skill executes a shell script (
~/.claude-code-docs/claude-docs-helper.sh) that performs automatic updates from an external GitHub repository (ericbuess/claude-code-docs). Because this repository is not in the trusted sources list, the skill's logic can be changed to execute arbitrary malicious code at any time. - [COMMAND_EXECUTION] (HIGH): The skill invokes a local shell script passing
$ARGUMENTSdirectly. This pattern can lead to command injection if the underlying script does not perform rigorous input validation and escaping. - [EXTERNAL_DOWNLOADS] (MEDIUM): The skill explicitly states it fetches the latest documentation and updates from a third-party 'Community Mirror' (github.com/ericbuess/claude-code-docs) instead of official Anthropic sources, introducing a significant supply chain risk.
Recommendations
- AI detected serious security threats
Audit Metadata