Back to skill

Security audit

Claude Code Dev Workflow

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Claude Code workflow guide, but it recommends broad unattended coding permissions and background sessions that could change projects without enough user checkpoints.

Install only if you are comfortable delegating coding work to Claude Code in a project directory. Prefer a sandbox, disposable branch, narrow working directory, and explicit approval mode; avoid approve-all for normal use, protect API keys, set spending limits, monitor background sessions, and close or cancel persistent sessions when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill explicitly tells users to set ACP permission mode to approve-all for a non-interactive coding agent. That removes human approval gates for code execution and file-modifying actions, allowing the spawned agent to autonomously run commands, change source files, and potentially access secrets or perform destructive operations if prompted unsafely or compromised.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The PTY examples instruct users to run Claude Code via exec, including background sessions and follow-up input, without warning that the tool can execute commands and modify files in the specified workdir. In a coding workflow skill, this materially increases the chance of unintended code changes, destructive shell actions, or secret exposure, especially when combined with broad prompts and unattended execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.