cli
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The CLI tool performs extensive system modifications, including creating shell aliases (cc, ccc) and modifying shell configuration files (.zshenv, .bashrc, .zshrc, and Profile.ps1). These modifications are designed to run Claude Code with the --dangerously-skip-permissions flag to streamline the user experience.
- [COMMAND_EXECUTION]: The setup process modifies ~/.claude/settings.json to set permissions.defaultMode to bypassPermissions. This disables standard AI agent permission prompts, which is a significant change to the security model, although mitigated by the tool's own validator hook.
- [REMOTE_CODE_EXECUTION]: The installation script executes remote code from well-known, established services to install core dependencies. Specifically, it uses 'curl | bash' patterns to install Bun (bun.sh) and Oh My Zsh (github.com/ohmyzsh).
- [EXTERNAL_DOWNLOADS]: The CLI fetches configuration files, premium features, and plugins from several GitHub repositories, including Melvynx/aiblueprint and its associated premium/pro repositories.
- [CREDENTIALS_UNSAFE]: The tool prompts users for and stores Premium access tokens and GitHub tokens. These are stored in plaintext in the user's home configuration directory (~/.config/aiblueprint/token.txt), which is standard for CLI tools but represents sensitive data storage.
- [DATA_EXFILTRATION]: The CLI includes a telemetry module that sends platform info, versioning, and event data to a vendor-owned endpoint (codelynx.dev). While common in software, this involves sending usage data to a remote server.
Audit Metadata