clone
Warn
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill reads from
~/.claude/history.jsonl, which contains the user's private conversation history and session metadata. - [COMMAND_EXECUTION]: The skill executes multiple shell commands, including
tail,jq, andfind, to extract data and locate scripts within the user's home directory. - [REMOTE_CODE_EXECUTION]: The skill dynamically locates a script named
clone-conversation.shusing thefindcommand and subsequently executes it with parameters. Executing scripts from computed or runtime-discovered paths can lead to the execution of unintended files if the search environment is not strictly controlled.
Audit Metadata