cc-insights
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses sensitive conversation history stored in the
~/.claude/projects/directory. This access is fundamental to the skill's core functionality of providing search and analytics for Claude Code activities. The analysis found no evidence of network operations intended to exfiltrate this sensitive data. - [EXTERNAL_DOWNLOADS]: The skill uses the
sentence-transformerslibrary to fetch pre-trained embedding models from Hugging Face's official repository. This is a well-known and trusted service for machine learning models, and the download is required for initializing the semantic search features. - [PROMPT_INJECTION]: The skill processes untrusted historical conversation data, which presents a surface for indirect prompt injection. If past logs contain malicious instructions, an agent could potentially execute them when retrieving or summarizing those conversations.
- Ingestion points: JSONL conversation files located in
~/.claude/projects/. - Boundary markers: None; conversation content is indexed directly for search and reports.
- Capability inventory: The skill performs local file and database operations; the agent consuming its output has full system access.
- Sanitization: No specific filtering or escaping is applied to message content before it is indexed or used in report generation.
Audit Metadata