Skills
skills/aradotso/claude-code-skills/claude-code-usage-monitor/Gen Agent Trust Hub

claude-code-usage-monitor

Fail

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation directs the user to clone a repository from https://github.com/Maciek-roboblog/Claude-Code-Usage-Monitor.git and install a package named claude-monitor from PyPI. These sources are not affiliated with the skill author or a recognized trusted organization.
  • [REMOTE_CODE_EXECUTION]: The provided installation instructions (uv tool install ., pip install, and pipx install) facilitate the download and subsequent execution of arbitrary code from the external repository and package registry on the host system.
  • [COMMAND_EXECUTION]: The skill heavily promotes the execution of the claude-monitor CLI tool and various shell scripts that depend on the unverified code, potentially granting it access to system resources and user data.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 17, 2026, 12:50 PM
Security Audit — agent-trust-hub — claude-code-usage-monitor