configure-ecc
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill clones the Everything Claude Code repository from an unverified GitHub account (affaan-m/everything-claude-code). This introduces a risk of installing unverified scripts or hooks directly into the agent's operating environment.
- [COMMAND_EXECUTION]: The installer uses shell commands to manage files, including directory creation (mkdir), recursive file copying (cp -r), and recursive removal (rm -rf) in the /tmp directory.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It ingests data from a remote source (the cloned repository), lacks boundary markers to separate instructions from data, has the capability to write and modify files in the active agent configuration directory (~/.claude), and lacks sanitization of the downloaded Markdown content.
Audit Metadata