everything-claude-code-harness-optimization
Fail
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone a complete repository from
https://github.com/affaan-m/everything-claude-code.gitand install various Node.js and Python packages, includingecc-universal,ecc-agentshield,torch, andtorchvision. - [REMOTE_CODE_EXECUTION]: Following the clone, the instructions mandate the execution of an unverified shell installer (
./install.sh) and NPM install scripts (npm run install), which can perform arbitrary actions on the host system. - [COMMAND_EXECUTION]: The setup process includes a JavaScript utility (
scripts/harness-setup.js) that usesexecSyncto run shell commands based on environment variables likeECC_HARNESS. Additionally, the skill configures persistent shell scripts (hooks) such asSessionStart.shandSessionStop.shthat run automatically without explicit user approval for each execution. - [DATA_EXFILTRATION]: The skill implements a session management and memory system that captures session summaries and metrics to local storage (
.claude/memory/). Given the presence of automated shell hooks and network-capable installers, this system could be leveraged to exfiltrate session data or environment variables to external servers.
Recommendations
- AI detected serious security threats
Audit Metadata