ClawdStrike

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a local shell script (scripts/collect_verified.sh) to perform non-intrusive system diagnostics. It executes standard auditing tools including uname, network connection utilities (ss, lsof, netstat), firewall managers (ufw, firewalld, iptables, nft), and filesystem search commands (find, stat) to gather configuration metadata.
  • [DATA_EXPOSURE]: To prevent the exposure of sensitive information, the skill includes a dedicated redaction utility (scripts/redact_helpers.sh) that uses regular expressions to automatically mask tokens, passwords, and API keys in the diagnostic output before the agent processes it.
  • [PROMPT_INJECTION]: The audit workflow involves scanning third-party skills and plugins which could contain adversarial content. The skill mitigates indirect prompt injection risks by explicitly instructing the agent to treat these files as untrusted data and never follow instructions contained within them.
  • [DYNAMIC_EXECUTION]: The skill executes a bundled Python script (scripts/config_summary.py) to analyze local configuration files. This script uses standard Python libraries to summarize settings and confirm the presence of secrets without exposing their actual values.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — ClawdStrike