write-article
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [DATA_EXFILTRATION] (HIGH): The skill identifies and reads local session transcript files (
~/.claude/projects/.../*.jsonl) and uses theclaude-code-transcriptstool with the--gistflag to upload them to GitHub. This exposes private conversation data to an external service. - [COMMAND_EXECUTION] (MEDIUM): The skill relies on several local Python scripts located in
~/.claude/skills/write-article/scripts/(e.g.,update-cache.py). Since these scripts are not included in the skill's definition, their behavior regarding file system access and network operations cannot be verified. - [EXTERNAL_DOWNLOADS] (MEDIUM): The skill uses
uvx claude-code-transcriptsto execute code.uvxdynamically downloads and runs packages from external registries (like PyPI), which introduces a supply-chain risk if the package is compromised or malicious.
Recommendations
- AI detected serious security threats
Audit Metadata