plugin-audit
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Local Application Data Access: The skill is designed to read conversation logs and internal configuration files located in the
~/.claude/directory. Accessing these files is necessary for auditing plugin performance, although they contain private interaction history that users should handle with care. - Shell Utility Integration: The workflow uses standard command-line tools like
grepanddiffto inspect file content. This allows users to manually verify pattern coverage and synchronization, though it requires executing commands in the local shell environment. - Dynamic Module Loading: The audit script uses dynamic
import()statements to load hook logic from the local filesystem. This ensures that diagnostics are performed against the actual code in use, while requiring the tool to resolve paths within the project structure.
Audit Metadata