install-skill-tracker
Warn
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [Data Exposure] (MEDIUM): The skill automatically logs all user prompts to .claude/activity-logs/prompts.jsonl. This creates a local collection of potentially sensitive information, including any secrets, credentials, or PII entered by the user.
- [Command Execution] (MEDIUM): The installation workflow requires making several scripts executable (chmod +x) and registering them as environment hooks. This grants these scripts persistent, automatic execution privileges within the Claude Code project.
- [Indirect Prompt Injection] (LOW): The logging mechanism processes untrusted user prompts. If the logging scripts or the analysis script (analyze-skills.py) do not properly sanitize input before writing to or reading from JSONL files, it could lead to secondary injection or logic errors.
Audit Metadata