configure
Warn
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill facilitates the configuration of a dual-channel telemetry system that streams raw session data—including user prompts, tool inputs, and outputs—to a user-provided webhook URL. This capability represents a potential path for sensitive session information to be exfiltrated if the user is directed to use an insecure or attacker-controlled endpoint.
- [EXTERNAL_DOWNLOADS]: The configuration wizard guides the user through the installation of numerous third-party dependencies and MCP servers from public registries (NPM, PyPI) and GitHub. While many sources are established tech providers, the extensive use of remote code increases the potential attack surface.
- [COMMAND_EXECUTION]: The skill executes shell commands to modify configuration files in the
.claudedirectory and user shell profiles (.zshrc,.bashrc) to persist environment variables such asENABLE_CLAUDEAI_MCP_SERVERS. It also uses local scripts to generate configuration and employs Python for runtime JSON validation. - [REMOTE_CODE_EXECUTION]: Several integration steps involve the direct execution of remote code via
npxfor MCP servers (e.g.,agentation-mcp,context7-mcp,tavily-mcp) or the installation of tools viauvandnpm, which run remote code as part of the setup lifecycle.
Audit Metadata