claude-code-proxy-patterns

Facilitates multi-provider model routing for Claude Code using OAuth proxy patterns, enhancing integration and resilience.

Install this skill

0/100

Security score

The claude-code-proxy-patterns skill was audited on May 12, 2026 and we found 28 security issues across 5 threat categories, including 9 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 80

Python subprocess execution

SourceSKILL.md

80	result = subprocess.run(

medium line 210

Curl to non-GitHub URL

SourceSKILL.md

210	curl -s http://127.0.0.1:8082/health \| jq .

low line 160

Access to hidden dotfiles in home directory

SourceSKILL.md

160	3. ~/.claude/.credentials.json -> Authorization: Bearer (plaintext fallback)

low line 198

Access to hidden dotfiles in home directory

SourceSKILL.md

198	~/.claude/bin/proxy-toggle enable # Adds env vars, creates flag file, checks health

low line 199

Access to hidden dotfiles in home directory

SourceSKILL.md

199	~/.claude/bin/proxy-toggle disable # Removes env vars, removes flag file

low line 200

Access to hidden dotfiles in home directory

SourceSKILL.md

200	~/.claude/bin/proxy-toggle status # Shows routing flag, proxy process, .zshenv state

medium line 257

Access to hidden dotfiles in home directory

SourceSKILL.md

257	\| CCP-05 \| MEDIUM \| Reading `~/.claude/.credentials.json` as primary \| Keychain is SSoT; credential file is stale fallback \|

medium line 281

Access to hidden dotfiles in home directory

SourceSKILL.md

281	\| `~/.claude/tools/claude-code-proxy-go/main.go` \| Go proxy source \|

medium line 282

Access to hidden dotfiles in home directory

SourceSKILL.md

282	\| `~/.claude/tools/claude-code-proxy-go/oauth_refresh.go` \| OAuth auto-refresh (80 lines) \|

medium line 283

Access to hidden dotfiles in home directory

SourceSKILL.md

283	\| `~/.claude/tools/claude-code-proxy-go/.env` \| Provider config (chmod 600) \|

medium line 285

Access to hidden dotfiles in home directory

SourceSKILL.md

285	\| `~/.zshenv` \| Environment (ANTHROPIC_BASE_URL) \|

medium line 283

Access to .env file

SourceSKILL.md

283	\| `~/.claude/tools/claude-code-proxy-go/.env` \| Provider config (chmod 600) \|

high line 70