Three Minds
Security checks across malware telemetry and agentic risk
Overview
This skill is a coherent multi-agent coding tool, but it runs Claude Code agents with permission prompts disabled, so they can modify files and run commands with little user review.
Install only if you are comfortable letting multiple Claude Code agents edit files and run commands in the chosen directory. Use a git branch or container, start with a small task and low max-round setting, remove unrelated secrets from your environment, and review generated diffs and transcript files afterward.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agents could make unwanted code changes, run project commands, or trigger risky tooling in the selected workspace before the user has reviewed each action.
The implementation disables Claude Code's permission confirmations while launching autonomous coding agents, so file edits and command/tool actions may proceed without normal user approval.
'--dangerously-skip-permissions', // 跳过权限确认(自动接受)
Run only in a disposable branch, clean checkout, or container. Prefer removing this flag or requiring explicit approval before file writes, test execution, package commands, or other high-impact actions.
If the shell environment contains API keys, tokens, or other secrets, the invoked agent process and commands it runs may have access to them.
The spawned Claude process inherits all environment variables and runs with the user's existing local privileges; the metadata does not declare any credential or environment boundary.
env: { ...process.env },Use a clean shell or container with only the credentials needed for the task, and avoid running this skill from an environment containing unrelated production secrets.
Installation and runtime expectations may be less visible to users browsing the registry, especially the dependency on an already-authenticated Claude Code CLI.
The skill requires local tooling, but the registry requirements list no required binaries and there is no install spec, so users must verify prerequisites and installation steps outside the registry metadata.
- 需要安装 Claude Code CLI (`claude` 命令) - Node.js 18+
Confirm the local `claude` command, package source, and npm dependencies before use; the publisher should declare required binaries and installation steps in metadata.
Sensitive project information discussed by the agents may remain in a local `three-minds-*.md` transcript after the run.
The skill writes every agent response into a transcript file in the project directory; those responses may include summaries or excerpts of project files.
content += resp.content + '\n\n'; ... fs.writeFileSync(filepath, content);
Review or delete generated transcript and JSON output files when working on private code, credentials, unpublished papers, or other sensitive material.