lobotomized-claude-code-update
Warn
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill executes a JavaScript file (
index.mjs) vianodefrom a repository previously cloned fromgithub.com/skrabe/tweakcc-fixed.\n- [EXTERNAL_DOWNLOADS]: Fetches updates and source code from non-trusted GitHub repositoriesskrabe/lobotomized-claude-codeandskrabe/tweakcc-fixedusinggit pull.\n- [COMMAND_EXECUTION]: Runspnpm installandpnpm buildin an external repository, which may trigger arbitrary installation and build scripts.\n- [COMMAND_EXECUTION]: Modifies theclaudesystem binary in-place by applying code overrides from third-party sources.\n- [PROMPT_INJECTION]: The skill processes untrusted output fromgit logandgit diffcommands which could be manipulated to include malicious instructions for the agent.\n - Ingestion points: Output from
git log,git diff, andgit statusinSKILL.md.\n - Boundary markers: None used for command output results.\n
- Capability inventory: Binary file modification, subprocess execution (
pnpm,node,git), and system installation (claude install).\n - Sanitization: None; the agent processes raw output from the git history.
Audit Metadata