ワンクリックで
vet-repo
Scan repository agent configuration files for known malicious patterns
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Scan repository agent configuration files for known malicious patterns
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
| name | vet-repo |
| description | Scan repository agent configuration files for known malicious patterns |
| disable-model-invocation | true |
| allowed-tools | Read, Glob, Grep, Bash |
| context | fork |
Scan all agent configuration files in a repository for known malicious patterns. Use this when entering an unfamiliar codebase to assess agent-level security risks before trusting the repo's configurations.
Run the scanner script against the current project root:
python3 "$SKILL_DIR/scripts/vet_repo.py" "$PROJECT_ROOT"
Where $SKILL_DIR is the directory containing this SKILL.md, and $PROJECT_ROOT is the root of the repository being scanned.
.claude/settings.json -- hook configs (auto-approve, stop loops, env persistence).claude/skills/ -- all SKILL.md files (hidden comments, curl|bash, persistence triggers).mcp.json -- MCP server configs (unknown URLs, env var expansion, broad tools)AGENTS.md, CLAUDE.md, GEMINI.md, .claude/rules/*.md, .github/copilot-instructions.md, .github/instructions/*.instructions.md, Cursor rules, Windsurf rules, and .clinerulesStructured report with findings grouped by severity (CRITICAL, HIGH, MEDIUM, LOW, INFO) and actionable recommendations for each finding.
.claude/ or .mcp.jsonThis repository includes PreToolUse hooks in .claude/settings.json that warn on
dangerous Bash commands (pipe-to-shell, rm -rf /, chmod 777, eval with variables,
base64-to-execution) and sensitive file writes (.ssh/, .aws/, .gnupg/, shell
profiles, settings.json).
These hooks are advisory only -- they produce warning messages but do not block execution. An agent or user can proceed past the warning.
PreToolUse blocking requires returning
hookSpecificOutput.permissionDecision: "deny" or "ask" instead of only showing a warning message.claude/settings.json for the current hook definitions