The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/claude_usage.py uses subprocess.run to execute npx ccusage when comparison is requested. This allows the tool to validate its findings against the existing community utility.
[COMMAND_EXECUTION]: scripts/claude_usage_report.py executes the core usage script as a subprocess to gather data for its reporting engine.
[EXTERNAL_DOWNLOADS]: The skill's reporting functionality utilizes Playwright and Chromium. These components are downloaded from well-known and trusted technology providers (Microsoft).
[DATA_EXFILTRATION]: The skill reads session logs from ~/.claude/projects/ to calculate usage statistics. This file access is limited to the skill's stated primary function and does not involve sending data to unauthorized external servers.
[PROMPT_INJECTION]: The skill displays session summaries from untrusted log files in its reports, creating a surface for indirect prompt injection. Ingestion points: sessions-index.json. Boundary markers: None. Capability inventory: subprocess.run (for reporting) and local file reads. Sanitization: None. The risk is minimized by the skill's specific use case of reporting and visualization.

claude-usage