Skills
skills/rethinking-studio/clawpilot-skills/clawpilot-doctor/Gen Agent Trust Hub

clawpilot-doctor

Warn

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructions direct the agent to read sensitive configuration files, specifically ~/.hermes/.env to check the API_SERVER_KEY and ~/.cc-connect/config.toml to verify management and bridge tokens.
  • [COMMAND_EXECUTION]: The skill manages system service persistence by executing commands to stop, uninstall, and install daemons (cc-connect daemon install). It also uses lsof to monitor network ports.
  • [EXTERNAL_DOWNLOADS]: The skill performs global installation of software using npm install -g cc-connect@latest and references an external configuration guide on GitHub (https://raw.githubusercontent.com/chenhg5/cc-connect/refs/heads/main/INSTALL.md).
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external data.
  • Ingestion points: The skill reads external data from cc-connect daemon logs and an external INSTALL.md guide.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are present when processing this data.
  • Capability inventory: The skill has the capability to execute shell commands, manage system daemons, and install packages via npm.
  • Sanitization: No sanitization or validation of the ingested data is performed before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 5, 2026, 02:48 PM