Skills
skills/stellarlinkco/myclaude/do/Gen Agent Trust Hub

do

Warn

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The verify-loop.py script retrieves command strings from a task.json file and executes them using subprocess.run(shell=True). This mechanism allows the execution of arbitrary shell commands on the host if the configuration file is modified.
  • [COMMAND_EXECUTION]: The install.py script modifies the user's global ~/.claude/settings.json file to register a Stop hook. This hook ensures that stop-hook.py is executed at the end of every agent session to manage the skill's state.
  • [COMMAND_EXECUTION]: The task.py script executes git commands, specifically git worktree add, via subprocess calls to manage isolated development environments.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 12:56 AM