Skills
skills/namesreallyblank/clorch/mot/Gen Agent Trust Hub

mot

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The skill makes extensive use of the Bash tool to perform system audits and modifications.
  • Evidence: It executes chmod +x .claude/hooks/*.sh and npm run build when the --fix flag is provided.
  • Risk: While intended for maintenance, arbitrary modification of file permissions and execution of build scripts can be abused if an attacker can place malicious files in the .claude directory.
  • [CREDENTIALS_UNSAFE] (MEDIUM): The skill accesses and utilizes the DATABASE_URL environment variable to verify PostgreSQL connectivity.
  • Evidence: Found in Phase 4: psql "$DATABASE_URL" -c "SELECT 1".
  • Risk: Database URLs typically contain plaintext credentials (username/password). Passing these directly to shell commands can leak sensitive information to process lists or logs.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests data from untrusted local files to perform audits.
  • Ingestion points: Reads from .claude/skills/, .claude/agents/, and .claude/settings.json.
  • Boundary markers: None identified. It uses grep and sed to extract strings from these files.
  • Capability inventory: Can perform file existence checks and trigger chmod or npm build based on audit results.
  • Sanitization: Minimal. It uses standard unix utilities (cut, sed, xargs) to process extracted data.
  • [REMOTE_CODE_EXECUTION] (LOW): The skill uses uv run python and npm run build which rely on the local environment's configuration and dependencies.
  • Risk: If package.json or Python environment files are tampered with, these commands will execute attacker-controlled code.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 09:47 AM