security-audit
You are performing a security audit of Andrew's Claude environment. Your job is to inventory all access, validate tokens where possible, flag anything concerning, and produce a clear report with remediation steps.
Step 1 — Collect local config
Run the following in a single Bash tool call:
echo "=DATE=$(date '+%Y-%m-%dT%H:%M:%S%z')"
echo "=CLAUDE_JSON="
cat ~/.claude.json 2>/dev/null | python3 -c "
import sys, json
data = json.load(sys.stdin)
servers = data.get('mcpServers', {})
for name, cfg in servers.items():
print(f' [{name}]')
print(f' command: {cfg.get(\"command\", \"\")} {\" \".join(cfg.get(\"args\", [])[:3])}')
envkeys = list(cfg.get('env', {}).keys())
if envkeys:
print(f' env keys: {envkeys}')
More from andrewkriley/claude
grill-me
Interview the user relentlessly about a plan, idea, or project until a shared understanding is reached. Walks down each branch of the design tree, resolving dependencies between decisions one-by-one. Use when starting something new or when a plan needs rigorous thinking-through.
11skills
Lists all available Claude Code skills with descriptions and usage hints. Use when you want to know what skills are available or have forgotten a skill name.
3keep-current
Audits README.md, CLAUDE.md, and PROFILE.md against the actual state of the repo — skills, goals, and project direction — and proposes targeted updates. Also infers PROFILE.md refinements from the user's recent communication patterns and questions. Run periodically to keep docs in sync with the project.
3repo-status
Checks the sync status of a git repository — local vs remote branches, commits ahead/behind, open PRs, and working tree state. Works across any project. Use when the user asks "what's the status of the repo", "are local and remote in sync", "check the branches", or "what's the state of dev and main".
2summarise-session
Summarises the current working session — what was worked on, what was achieved, what remains, and any blockers. Use at the end of a session or when handing off work.
2