中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:23 hr ago Rescan
5 /100
fast-claude-code
Claude Code task completion callback runtime supporting Single/Interactive/Team modes with tmux background execution and system event notifications
Legitimate Claude Code task runner with documented tmux-based execution, callback notifications, and team collaboration features. No malicious behavior detected.
Skill Namefast-claude-code
Duration33.4s
Enginepi
Safe to install
This skill is safe for use. Users should be aware that 'auto' permission mode bypasses safety confirmations and should only be used in trusted environments.
ResourceDeclaredInferredStatusEvidence
Shell WRITE WRITE ✓ Aligned bin/fast-claude-code.sh - Uses tmux send-keys and claude CLI commands
Filesystem WRITE WRITE ✓ Aligned modes/team.sh:98-165 - Creates hooks in .claude/hooks/, modifies settings.json w…
Network READ WRITE ✓ Aligned callbacks/webhook.sh - HTTP POST to user-specified webhook URL; callbacks/ntfy.s…
Environment NONE READ ✓ Aligned modes/team.sh:85 - Reads CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS env var for featur…

File Tree

17 files · 67.5 KB · 2242 lines
Shell 15f · 2034L Markdown 1f · 203L JSON 1f · 5L
├─ 📁 bin
│ └─ 🔧 fast-claude-code.sh Shell 100L · 3.0 KB
├─ 📁 callbacks
│ ├─ 🔧 ntfy.sh Shell 96L · 1.8 KB
│ ├─ 🔧 openclaw.sh Shell 108L · 2.2 KB
│ └─ 🔧 webhook.sh Shell 93L · 1.8 KB
├─ 📁 modes
│ ├─ 🔧 interactive.sh Shell 390L · 12.7 KB
│ ├─ 🔧 send-task.sh Shell 186L · 5.4 KB
│ ├─ 🔧 single.sh Shell 202L · 5.6 KB
│ └─ 🔧 team.sh Shell 447L · 13.9 KB
├─ 📁 templates
│ ├─ 🔧 architecture-decision.sh Shell 52L · 1.8 KB
│ ├─ 🔧 bottleneck-analysis.sh Shell 79L · 2.6 KB
│ ├─ 🔧 competing-hypotheses.sh Shell 63L · 2.3 KB
│ ├─ 🔧 fullstack-feature.sh Shell 62L · 2.1 KB
│ ├─ 🔧 inventory-classification.sh Shell 74L · 2.6 KB
│ ├─ 🔧 parallel-review.sh Shell 62L · 2.3 KB
│ └─ 🔧 simple-dialog.sh Shell 20L · 641 B
├─ 📋 _meta.json JSON 5L · 135 B
└─ 📝 SKILL.md Markdown 203L · 6.7 KB

Security Positives

✓ All functionality is documented in SKILL.md with clear descriptions
✓ No credential harvesting or environment variable enumeration observed
✓ No base64-encoded payloads or obfuscated code execution
✓ No remote script downloads (curl|bash, wget|sh patterns)
✓ No direct IP connections to suspicious destinations
✓ Webhook/ntfy callbacks require user-specified URLs, no hardcoded exfiltration targets
✓ Project directory modifications are scoped to user's specified project path
✓ Uses standard, documented CLI tools (tmux, claude, curl)
✓ Hook installation follows standard Claude Code hook patterns (.claude/hooks/)
✓ Permission modes (plan vs auto) are user-selectable and documented with warnings
✓ Callback mechanisms use standard protocols (openclaw gateway, webhook, ntfy)
✓ Templates provide structured prompts for legitimate team collaboration workflows