Skills
skills/mizok/claude-code-skills/claude-code-notifications/Gen Agent Trust Hub

claude-code-notifications

Fail

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill adds a third-party Homebrew tap (moltenbits/tap) and installs the growlrrr package from an unverified external repository.
  • [COMMAND_EXECUTION]: The skill executes xattr -cr /Applications/growlrrr.app, which is a security bypass technique used to remove macOS quarantine flags. This allows unsigned or unverified applications to run without the standard security warnings or blocks from macOS Gatekeeper.
  • [REMOTE_CODE_EXECUTION]: The skill modifies the user's ~/.claude/settings.json file to inject a command into the Notification hook. This configuration ensures that a specific command is executed automatically by the agent environment whenever a notification event occurs.
  • [EXTERNAL_DOWNLOADS]: The skill uses curl to download content from a user-provided URL to the /tmp directory, which could be leveraged to fetch arbitrary files into the local environment.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 21, 2026, 08:34 AM