Security risk report for @forgecat/anthropics_claude-plugins-official_claude-md-management v0.0.3
Source Integrity
Low
Profile is sourced from Anthropic's official Claude plugins repository (github.com/anthropics/claude-plugins-official), a trusted first-party source.
Metadata (author, license, original commit) is verifiable and consistent with legitimate open-source distribution.
Agent Intent
Low
Content describes legitimate project-maintenance workflows (auditing CLAUDE.md files, capturing session learnings) with no hidden instructions to manipulate the AI or exfiltrate data.
Guidance is constructive and security-conscious: emphasizes conciseness, actionability, and avoiding generic/obvious info—standard best practices for context management, not poisoning.
No instructions to ignore system prompts, read credentials, fetch external payloads, or weaken security defaults; no role hijacking or prompt leakage directives.
Details
Evidence
"Keep it concise - one line per concept. CLAUDE.md is part of the prompt, so brevity matters."
"Avoid: Verbose explanations, Obvious information, One-off fixes unlikely to recur"
"Actionable commands: All documented commands should be copy-paste ready"
Permissions
PRM-000Medium
The skill declares the Bash tool, which is a shell-execution capability; while its stated use is limited to `find` commands for locating CLAUDE.md files, shell access is inherently broader than read/edit file operations.
The core purpose (auditing and editing CLAUDE.md files) is well-matched by Read, Glob, Grep, and Edit; the addition of Bash slightly exceeds the minimum necessary authority.
No alwaysApply=true or wildcard glob rules are present, and the Bash usage described is narrow and benign.