Skills
skills/yeachan-heo/oh-my-claudecode/omc-doctor/Gen Agent Trust Hub

omc-doctor

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands and Node.js one-liners to perform file system diagnostics and maintenance within the tool's configuration directory. Evidence: Uses 'ls', 'grep', and 'node -e' to manage files and directories in ~/.claude/.
  • [EXTERNAL_DOWNLOADS]: Retrieves version information and configuration files from the npm registry and the author's official GitHub repository. Evidence: Uses 'npm view' and 'WebFetch' to download resources from github.com/Yeachan-Heo/oh-my-claudecode.
  • [PROMPT_INJECTION]: The skill reads and processes user-controlled files, which presents an indirect injection surface. 1. Ingestion points: Reads ~/.claude/settings.json and ~/.claude/CLAUDE.md. 2. Boundary markers: None present. 3. Capability inventory: Includes file deletion (rm), system inspection (ls, node), and network access (WebFetch). 4. Sanitization: None present; files are searched for specific markers but not validated or escaped.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 03:24 PM