setup-toolchain
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a security policy through PreToolUse hooks to prevent the AI agent from executing prohibited or destructive commands. The logic in 'scripts/enforce-toolchain.sh' specifically checks for and blocks dangerous operations like recursive removal of non-whitelisted directories and forced git pushes.
- [SAFE]: The cleanup logic in 'scripts/session-env.sh' uses the 'find' command to remove old temporary session directories. This is restricted to the '/tmp/' directory with a specific prefix ('claude-session-*') and only targets directories older than 60 minutes, which is a standard and safe maintenance task.
- [SAFE]: The skill configures environment variables such as PKG_MANAGER and NODE_OPTIONS within the agent's environment file ('$CLAUDE_ENV_FILE') to promote best practices and prevent memory issues during builds and tests. This configuration is transparent and contained within the project's scope.
Audit Metadata