agent-harness Security Report — Trusted | ClawSafe

5 /100

agent-harness

Long-running agent workflow automation — feature tracking, progress management, and session orchestration

The agent-harness skill is a legitimate project workflow automation tool that manages feature tracking and session orchestration using documented bash scripts and git operations.

Skill Nameagent-harness

Duration31.7s

Enginepi

✓

Safe to install

This skill is safe to use. No security concerns identified.

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`WRITE`	✓ Aligned	scripts/harness.sh:51-54 - cp command copies templates
Shell	`NONE`	`WRITE`	✓ Aligned	scripts/harness.sh - git init, chmod +x operations are documented and necessary
Environment	`NONE`	`READ`	✓ Aligned	scripts/harness.sh:67 - date command for timestamps only
Network	`NONE`	`NONE`	—	No network calls in codebase

2 findings

🔗

Medium External URL 外部 URL

https://www.anthropic.com/engineering/effective-harnesses-for-long-running-agents

README.md:3

🔗

Medium External URL 外部 URL

https://docs.anthropic.com/en/docs/about-claude/models

README.md:296

File Tree

12 files · 38.3 KB · 1140 lines

Markdown 7f · 700L Shell 2f · 311L JSON 2f · 107L Text 1f · 22L

├─ ▾ 📁 docs

│ ├─ 📝 architecture.md Markdown 56L · 2.1 KB

│ ├─ 📝 file-flow.md Markdown 63L · 2.0 KB

│ └─ 📝 sequence.md Markdown 73L · 2.4 KB

├─ ▾ 📁 prompts

│ ├─ 📝 coder.md Markdown 85L · 2.9 KB

│ └─ 📝 initializer.md Markdown 57L · 2.2 KB

├─ ▾ 📁 scripts

│ └─ 🔧 harness.sh Shell 244L · 7.9 KB

├─ ▾ 📁 templates

│ ├─ 📄 claude-progress.txt Text 22L · 765 B

│ ├─ 📋 feature_list.json JSON 34L · 784 B

│ └─ 🔧 init.sh Shell 67L · 1.8 KB

├─ 📝 README.md Markdown 296L · 10.2 KB

├─ 📋 skill.json JSON 73L · 2.0 KB

└─ 📝 SKILL.md Markdown 70L · 3.2 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`bash`	`>=4.0`	system	No	Standard shell dependency
`git`	`>=2.0`	system	No	Version control dependency
`python3`	`>=3.7`	system	No	JSON manipulation only

Security Positives

✓ All shell operations are clearly documented and directly support stated purpose

✓ File operations are scoped to project directory only

✓ No credential harvesting or sensitive data access

✓ No obfuscation techniques detected

✓ No external network calls except to Anthropic documentation URLs

✓ Python3 usage limited to JSON parsing/manipulation

✓ Git operations follow standard version control workflow

✓ No curl/wget remote script execution

✓ init.sh template has all sensitive code commented out

Scan Report

File Tree

Dependencies 3 items

Security Positives