health-check
Warn
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill reads and reports on sensitive configuration files including
~/.claude/settings.jsonand~/.mcp.json. Thescripts/check-mcp.shscript specifically extracts and displays environment variables for MCP servers, which often contain sensitive credentials and API keys. - [COMMAND_EXECUTION]: The skill uses
scripts/check-plugins.shto dynamically construct JQ filter strings using keys extracted from the plugin registry. A malicious plugin name could inject JQ commands, leading to unexpected file modifications during the fix process. It also relies on several bash scripts with broad read access to the user's configuration environment. - [PROMPT_INJECTION]: The skill parses project-specific configuration files (
.claude/settings.json) which can be provided by untrusted repositories. Maliciously crafted configuration data could influence the agent's diagnostic report or exploit the script's parsing logic.
Audit Metadata