configure-ecc
Fail
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill clones a repository from an unverified GitHub user (
affaan-m/everything-claude-code). This source is not on the trusted organizations list, meaning the downloaded instructions are unvetted. - [REMOTE_CODE_EXECUTION]: The skill facilitates the execution of remote code by installing unverified 'skills' into the agent's auto-load directory. These skills are instruction sets that the agent will interpret and act upon as code logic.
- [COMMAND_EXECUTION]: The installer executes several shell commands to manipulate the file system, including
rm -rf,mkdir -p, andcp -ron sensitive paths like~/.claude/. It also usesgrepto scan untrusted content. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8).
- Ingestion points: External files are retrieved from the
affaan-m/everything-claude-codeGitHub repository. - Boundary markers: No safety delimiters or instructions are used to prevent the agent from being influenced by instructions embedded within the downloaded files.
- Capability inventory: The skill can write to the agent's configuration, execute commands, and modify existing skills.
- Sanitization: The skill lacks any mechanism to validate or sanitize the downloaded content before it is processed or installed.
Recommendations
- AI detected serious security threats
Audit Metadata