omc-setup
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses bash scripts and inline Node.js commands to perform system environment checks, version detection, and configuration management. These operations target standard paths within the user's home directory (~/.claude/settings.json, ~/.claude/.omc-config.json) to store preferences and enable experimental features like agent teams.
- [EXTERNAL_DOWNLOADS]: Fetches CLAUDE.md configuration templates and version information from the author's verified GitHub repository (Yeachan-Heo/oh-my-claudecode). These network operations are necessary for keeping the environment up to date and use trusted sources.
- [REMOTE_CODE_EXECUTION]: Offers to install the oh-my-claude-sisyphus CLI tool globally via 'npm install -g'. This is a vendor-provided tool that extends the skill's capabilities and is only installed after an explicit 'AskUserQuestion' prompt and user confirmation.
- [PROMPT_INJECTION]: The skill processes external markdown and JSON configuration files, representing a surface for indirect prompt injection.
- Ingestion points: Reads project-level CLAUDE.md files and downloads a template from the vendor's GitHub repository.
- Boundary markers: Employs specific '' and '' markers to delimit managed content within CLAUDE.md.
- Capability inventory: The skill has permissions to execute shell commands, write files, and install NPM packages.
- Sanitization: Content is retrieved from the author's trusted repository, minimizing the risk of malicious instruction injection in the templates.
- [DATA_EXFILTRATION]: Includes an optional feature to star the project repository using the GitHub CLI (gh). This involves an authenticated API request but is only executed upon user consent and is directed at the project's own repository rather than an unknown third party.
Audit Metadata