repo-bootstrap-and-audit

Fail

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill clones an external repository from a personal GitHub account ('affaan-m/everything-claude-code.git') to fetch AI skills and commands. This source is not from a verified or well-known organization.
  • [REMOTE_CODE_EXECUTION]: Content downloaded from the external repository is moved directly into the '.claude/skills/' and '.claude/commands/' directories. Since these files define executable behaviors for the AI agent, this constitutes the installation and execution of unvetted remote code.
  • [DATA_EXFILTRATION]: The skill explicitly targets and reads session transcript files from the user's home directory ('~/.claude/projects/'). These JSONL files contain the full history of AI interactions, which may include sensitive code, business logic, or credentials discussed during a session.
  • [DATA_EXFILTRATION]: The extracted session transcripts are staged and pushed to a remote repository via 'git push'. If the repository is public or shared, this exposes private session history to unauthorized parties.
  • [COMMAND_EXECUTION]: The skill uses the 'Bash' tool to perform complex file system operations and execute shell commands. It dynamically constructs paths and executes commands based on '$ARGUMENTS' without visible sanitization, increasing the risk of command injection.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 24, 2026, 09:31 AM
Security Audit — agent-trust-hub — repo-bootstrap-and-audit