Skip to content

Instantly share code, notes, and snippets.

@petergs

petergs/claude-artifacts.md

Created February 11, 2026 15:25
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save petergs/cc83ad4986e55522c7768f264c6e1a88 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save petergs/cc83ad4986e55522c7768f264c6e1a88 to your computer and use it in GitHub Desktop.
Download ZIP
Claude Code Artifacts
Raw
claude-artifacts.md

Claude Code Forensics Artifacts

A few notes on investigating execution of malicious skills via Claude Code

Plugins, Marketplaces, & Skills

MacOS/Linux

# installed plugins 
$> cat ~/.claude/plugins/installed_plugins.json
{
  "version": 2,
  "plugins": {
    "ask-questions-if-underspecified@trailofbits": [
      {
        "scope": "user",
        "installPath": "/Users/first.last/.claude/plugins/cache/trailofbits/ask-questions-if-underspecified/1.0.1",
        "version": "1.0.1",
        "installedAt": "2026-02-10T19:43:07.529Z",
        "lastUpdated": "2026-02-10T19:43:07.529Z",
        "gitCommitSha": "f1d166608b1a00e51cb9ccdd8fc8580c243b4a23"
      }
    ]
  }

# known marketplaces
$> cat ~/.claude/plugins/known_marketplaces.json
{
  "claude-plugins-official": {
    "source": {
      "source": "github",
      "repo": "anthropics/claude-plugins-official"
    },
    "installLocation": "/Users/first.last/.claude/plugins/marketplaces/claude-plugins-official",
    "lastUpdated": "2026-02-10T19:42:00.996Z"
  },
  "trailofbits": {
    "source": {
      "source": "github",
      "repo": "trailofbits/skills"
    },
    "installLocation": "/Users/first.last/.claude/plugins/marketplaces/trailofbits",
    "lastUpdated": "2026-02-10T19:42:17.315Z"
  }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment