claude-code-analyzer
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill instructs the agent to execute local shell scripts (
bash scripts/analyze.shandbash scripts/analyze-claude-md.sh). These scripts are referenced in the workflow but their contents are not provided, meaning they could perform arbitrary operations on the user's system. - DATA_EXPOSURE (MEDIUM): The skill accesses sensitive information including tool usage history (JSONL files) and modifies the global
~/.claude/settings.jsonfile. While intended for optimization, this provides a pathway for exposing or altering a user's operational history and security configurations. - EXTERNAL_DOWNLOADS (LOW): Uses the
web_fetchtool to retrieve content fromdocs.claude.comandanthropic.com. Although these are trusted domains, the skill uses the retrieved content to dynamically generate and overwrite configuration files without a verification step. - INDIRECT_PROMPT_INJECTION (LOW):
- Ingestion points: Fetches remote documentation and reads local project files (e.g.,
package.json,cargo.toml). - Boundary markers: None. The skill does not provide instructions to ignore potentially malicious content found in project files or fetched documentation.
- Capability inventory: Includes bash command execution, file writing/modification, and modification of global tool settings.
- Sanitization: No evidence of sanitization or validation of data before it is used to create or update configurations.
Audit Metadata