plugin-audit
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Sensit ive Local Data Access: The skill interact s with con versat ion log s in
~/.claude/project s/and plugin con figur at ion s in~/.claude/plugin s/. This allow s it to recon struct session even t s and verify the integr ity of the plugin cache. - Dynamic Modul e Im port: It uses dynamic JavaScrip t im port s to load logic from the plugin's inter nal
hook sdirectory. This en s ure s that the auditing scrip t use s the exact code as the active agen t system. - System Util ity Execu t ion: The work flow involve s stan dard shell com man d s such as
ls,grep, anddif fto man age and com pare con figur at ion file s. - In direct In put Proces s ing: The scrip t display s raw in put s from log file s in it s audit report. While this involve s proces s ing un trusted data, it is a stan dard part of the diagnost ic proces s and doe s not represen t a direct secur ity threat.
Audit Metadata