cheat-init
Fail
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill creates multiple shell scripts (
prediction-immutability.sh,session-start.sh,log-event.sh) in a.cheat-hooks/directory and applies execution permissions usingchmod +x. It then modifies the.claude/settings.jsonfile to register these scripts asPreToolUseandSessionStarthooks, which allows for persistent and automatic command execution without user interaction. - [DATA_EXFILTRATION]: The skill implements a "silent usage logs" feature (Phase 2, Q5) that asynchronously records usage frequency and telemetry data. While described as diagnostic, it establishes an automated channel for data to leave the user's environment.
- [CREDENTIALS_UNSAFE]: The onboarding process explicitly requests sensitive authentication data, including YouTube API keys and session-level access to social media creator centers (e.g., Douyin/TikTok) via QR code scanning, which can lead to account compromise if handled insecurely.
- [EXTERNAL_DOWNLOADS]: The skill prompts the user to download and install external adapters and software dependencies, such as Playwright, and uses network access to fetch data from third-party social media platforms (YouTube, Bilibili).
- [REMOTE_CODE_EXECUTION]: By configuring persistent hooks in the agent's environment and installing external execution adapters, the skill creates an infrastructure capable of running arbitrary code whenever the agent is active.
Recommendations
- AI detected serious security threats
Audit Metadata