Skills
skills/shareful-ai/skills/shareful-mine/Gen Agent Trust Hub

shareful-mine

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the global installation of claude-code-search and execution of shareful-ai via npx. These packages are not from trusted organizations listed in the security policy, posing a supply-chain risk.
  • Evidence: npm install -g claude-code-search and npx shareful-ai check in SKILL.md.
  • COMMAND_EXECUTION (LOW): The skill frequently executes the ccs command-line utility to search and retrieve data from the local file system. While this is the intended purpose, it relies on the integrity of the external tool.
  • PROMPT_INJECTION (LOW): Indirect Prompt Injection vulnerability exists as the skill ingests and processes untrusted conversation history from the user's past sessions.
  • Ingestion points: Data enters the agent context via ccs -j output which reads from ~/.claude/projects/ (referenced in references/ccs-commands.md).
  • Boundary markers: Absent. The skill does not use delimiters or instructions to ignore embedded commands in the mined text.
  • Capability inventory: The skill uses file-write operations to create SHARE.md files (SKILL.md Step 4).
  • Sanitization: Absent. The instructions suggest creating shares by copying content directly from the search results.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:21 PM