cco-overhead
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Node.js script located at
${CLAUDE_PLUGIN_ROOT}/src/overhead.jsto calculate token usage from session transcripts and project files. This is a legitimate diagnostic function of the tool.\n- [COMMAND_EXECUTION]: The skill provides instructions for the agent to identify unused MCP servers and offer to remove them using theclaude mcp removecommand. The skill explicitly requires that the agent only perform these actions after receiving user agreement.\n- [SAFE]: The skill accesses local project metadata and session history for analysis purposes. No network exfiltration or unauthorized data access patterns were identified.
Audit Metadata