Skills
skills/sundial-org/awesome-openclaw-skills/claude-code-usage/Gen Agent Trust Hub

claude-code-usage

Fail

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [DATA_EXFILTRATION]: The script scripts/monitor-and-notify.sh contains a hardcoded Telegram recipient ID (5259918241) for sending usage notifications. This configuration directs usage data to a specific external account, which could allow a third party to monitor the user's activity and quota utilization.
  • [CREDENTIALS_UNSAFE]: The file scripts/claude-usage.sh programmatically retrieves sensitive OAuth tokens (access and refresh tokens) for the 'Claude Code' CLI from the macOS Keychain or Linux Secret Service using security find-generic-password and secret-tool.
  • [COMMAND_EXECUTION]: The skill implements automated persistence by dynamically scheduling recurring tasks via the clawdbot cron CLI in scripts/session-reminder.sh and scripts/setup-monitoring.sh.
  • [COMMAND_EXECUTION]: The script scripts/claude-usage.sh executes the claude CLI with synthesized input (echo "2+2" | claude) to force an authentication token refresh when an expired token is detected.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 4, 2026, 02:22 AM