cco-overhead

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Node.js script located at ${CLAUDE_PLUGIN_ROOT}/src/overhead.js to calculate token usage from session transcripts and project files. This is a legitimate diagnostic function of the tool.\n- [COMMAND_EXECUTION]: The skill provides instructions for the agent to identify unused MCP servers and offer to remove them using the claude mcp remove command. The skill explicitly requires that the agent only perform these actions after receiving user agreement.\n- [SAFE]: The skill accesses local project metadata and session history for analysis purposes. No network exfiltration or unauthorized data access patterns were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 07:57 AM
Security Audit — agent-trust-hub — cco-overhead