ccc
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the tool using 'pipx install cocoindex-code', which is the standard distribution method for this vendor's software. It also references official embedding providers such as OpenAI, Google Gemini, and Voyage AI for cloud-based services.
- [COMMAND_EXECUTION]: The skill uses local CLI commands for project indexing ('ccc index'), searching ('ccc search'), and lifecycle management ('ccc init', 'ccc daemon'). These commands are scoped to the intended functionality of code search and project management.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data (the contents of the codebase being indexed) and presents search results to the agent. While this presents an attack surface where malicious comments in the code could attempt to influence agent behavior, the risk is inherent to code analysis tools and mitigated by standard agent guardrails.
- Ingestion points: Reads files from the local filesystem during indexing and searching.
- Boundary markers: None explicitly defined for search results.
- Capability inventory: The skill can execute shell commands, read files, and interact with the local daemon.
- Sanitization: Not explicitly documented; the skill relies on the 'ccc' tool's internal handling of file contents.
- [DATA_EXFILTRATION]: The skill provides mechanisms to manage API keys (e.g., OPENAI_API_KEY) for embedding providers. These keys are stored in a local configuration file ('~/.cocoindex_code/global_settings.yml') or environment variables, which is a standard practice for local development tools.
Audit Metadata