claude-code
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the official
@anthropic-ai/claude-codeCLI and Model Context Protocol (MCP) servers (e.g.,@modelcontextprotocol/server-filesystem). These resources originate from trusted organizations and are necessary for the tool's intended functionality. - [COMMAND_EXECUTION]: Describes the use of a tool designed to execute shell commands, read/write files, and run tests as part of its core developer-assistance features. The skill highlights the tool's permission system, which prompts the user before executing potentially dangerous actions.
- [PROMPT_INJECTION]: Documents the use of
CLAUDE.mdfiles to provide project-specific instructions to the agent. While this constitutes an ingestion point for untrusted data if a repository is malicious, it is the primary intended design for providing context to the agent, and the tool incorporates boundary markers such as permission prompts for high-risk operations. - [CREDENTIALS_UNSAFE]: Mentions configuration for environment variables such as
GITHUB_TOKENandDATABASE_URLwithin the context of MCP servers, but uses standard placeholders (e.g.,ghp_xxx) rather than hardcoded secrets.
Audit Metadata