ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ccsinfo

v0.1.6

Query and analyze Claude Code session data from a remote server. Use when asked to inspect Claude Code sessions, view conversation history, check tool calls,...

0· 2.2k·0 current·0 all-time
byMeni Yakove@myakove
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description, required binary (ccsinfo), and required environment variable (CCSINFO_SERVER_URL) align with the declared purpose of querying a remote ccsinfo server. The included wrapper and install scripts are consistent with providing a CLI client.
Instruction Scope
SKILL.md instructs the agent to invoke the ccsinfo CLI against the server URL and does not ask the agent to read unrelated local files or credentials. However, the documentation instructs running the server with access to ~/.claude/projects/ and suggests binding to 0.0.0.0, which would expose local Claude Code session data on the LAN; that is a privacy/security concern even though it is consistent with the skill's purpose.
Install Mechanism
No remote download-from-arbitrary-URL occurs in the skill bundle itself. The provided install script uses the 'uv' tool manager to install the ccsinfo package (uv tool install ccsinfo), which is a standard package-install approach (PyPI/git are referenced in docs). This is a moderate-risk but expected install mechanism; it requires trusting the ccsinfo package source and the 'uv' tool.
Credentials
Only CCSINFO_SERVER_URL is required and matches the skill's need to know where to contact the server. No unrelated secret environment variables or config paths are requested. Note: examples use http (not https) which may expose data in transit unless the server is configured for TLS.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. It requires a CLI binary and an env var but does not demand elevated privileges or permanent forced inclusion.
Assessment
This skill appears to do what it says, but before installing: 1) Verify the ccsinfo server code (GitHub/PyPI package) yourself — it will read ~/.claude/projects/ and therefore has access to your conversation history. 2) Avoid running the server bound to 0.0.0.0 on untrusted networks; prefer localhost or use firewall rules, TLS, and authentication. 3) Confirm the CCSINFO_SERVER_URL points to a trusted, private endpoint and does not embed credentials. 4) Ensure you trust the 'uv' package manager and the ccsinfo package source before running scripts/install.sh. If you cannot review the server code or cannot secure the server endpoint, treat the data exposure risk as significant.

Like a lobster shell, security has layers — review code before you run it.

latestvk9712vyg1q8c1s8s01synev3gd816d3z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsccsinfo
EnvCCSINFO_SERVER_URL

Comments