installing-skill-tracker
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill configures '.claude/settings.json' to register lifecycle hooks ('UserPromptSubmit', 'PreToolUse', 'PostToolUse') that execute arbitrary shell scripts. This creates a persistent execution mechanism within the agent workflow.\n- [COMMAND_EXECUTION] (LOW): The instructions direct the agent to run an external 'setup.py' script that is not included in the skill package, preventing verification of the code being executed during installation.\n- [EXTERNAL_DOWNLOADS] (LOW): The skill requires the installation of the 'jq' utility via system package managers like brew or apt.\n- [DATA_EXPOSURE] (LOW): The proposed hooks enable monitoring and logging of all user prompts and tool interactions, creating a surface for sensitive data exposure if the logs are not secured.
Audit Metadata