security-scan
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install the 'ecc-agentshield' package from the npm registry using 'npm install' or 'npx'.
- [COMMAND_EXECUTION]: The skill guides the user to execute the 'ecc-agentshield' CLI tool, which performs security audits and can modify configuration files in the '.claude/' directory when the '--fix' flag is used.
- [CREDENTIALS_UNSAFE]: The documentation mentions the requirement of the 'ANTHROPIC_API_KEY' environment variable to enable advanced 'Opus' deep analysis features, which involves the tool interacting with an LLM provider.
Audit Metadata