Security audit

Claude Code Statusline

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local Claude Code status line installer, but users should know it changes Claude configuration until uninstalled.

Install this only if you want Claude Code to run this local status line command. Before installing, check whether you already have a custom statusLine in ~/.claude/settings.json, because this installer may replace it and uninstall will remove the key rather than restore the old value.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Low

Confidence: 89% confidence
Finding: The skill states that it will copy scripts into ~/.claude, create a config file, and modify ~/.claude/settings.local.json, but it does not prominently warn the user that local Claude configuration will be changed. This is dangerous mainly from a trust and safety perspective: users may trigger the skill expecting a cosmetic statusline change without realizing it persists changes to startup behavior and local config.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.