Skills
skills/sundial-org/awesome-openclaw-skills/claude-connect/Gen Agent Trust Hub

claude-connect

Warn

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill programmatically accesses the macOS Keychain via the security command to retrieve sensitive OAuth tokens (access and refresh tokens) stored by the Claude CLI.
  • [COMMAND_EXECUTION]: The installation and update scripts execute numerous shell commands to modify system configurations, manage launch agents using launchctl, and perform JSON data manipulation through embedded Python scripts.
  • [DATA_EXFILTRATION]: Credentials retrieved from the secure system Keychain are written to a local configuration file (~/.clawdbot/agents/main/agent/auth-profiles.json) and transmitted to Anthropic's OAuth endpoint during the refresh process. Status updates are also sent to user-defined notification targets (such as Telegram or Slack) using the clawdbot messaging command.
  • [PERSISTENCE]: The installer configures a persistent launchd agent (com.clawdbot.claude-oauth-refresher.plist) in the user's LaunchAgents directory to ensure the token refresh script runs automatically in the background every two hours.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 4, 2026, 02:22 AM