An AI co-worker with its own computer. Self-evolving, persistent memory, MCP server, secure credential collection, email identity. Built on the Claude Agent SDK.
C elevated
- capability exposureinferred+35
inferred
The A–E grade is our heuristic synthesis — a "review this" prompt, not a verdict. Each factor is tagged by what backs it: attested (a verifiable record), reported (a third party's claim), or inferred (our own heuristic, e.g. permissions). See methodology.
graded 13m ago · see ecosystem CVEs →
- A · 0 → C · 35
Inferred surface — each links to servers holding it:
No known CVEs for this server.
No tool-safety findings — heuristic detectors run on the compute-risk cadence; a finding appears when a tool trips a rule.
prompt-surface
shipped agent-instruction files + hidden-content / dangerous-code findings —
quoted from the analyzed source
analyzed commit f8c7ab4 · analyzer v19 · 1d ago
skills & prompt files 40
- agent-rulesghostwright-phantom-f8c7ab4/CLAUDE.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10a-activity-correctness-builder.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10a-activity-correctness-reviewer.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10a-chat-pipeline-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10a-murph-pi-event-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10a-product-experience-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10b-durable-timeline-builder.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10b-durable-timeline-re-reviewer.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10b-durable-timeline-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10b-durable-timeline-reviewer.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10c-murph-progress-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10d-chat-ui-polish-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10f-codex-review-fix.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10f-run-console-ui.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10h-chat-integrity-builder.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10h-chat-integrity-review.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10h-phantom-chat-review.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10h-pi-thinking-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10h-provider-thinking-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10i-chat-detail-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10i-memory-architecture-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10i-transcript-recovery-builder.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10i-transcript-recovery-final-re-review.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10i-transcript-recovery-re-review.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10i-transcript-recovery-review.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10i-transcript-search-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10j-tool-card-collapse-research.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10k-page-artifact-ui-builder.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10l-murph-continuity-researcher.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10l-phantom-continuity-researcher.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10m-artifact-memory-architecture.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10m-chat-ui-polish-review.md
- prompt-fileghostwright-phantom-f8c7ab4/prompts/phase-10m-pi-murph-continuity-research.md
- skillghostwright-phantom-f8c7ab4/skills-builtin/echo/SKILL.md
- skillghostwright-phantom-f8c7ab4/skills-builtin/list-plugins/SKILL.md
- skillghostwright-phantom-f8c7ab4/skills-builtin/mirror/SKILL.md
- skillghostwright-phantom-f8c7ab4/skills-builtin/overheard/SKILL.md
- skillghostwright-phantom-f8c7ab4/skills-builtin/ritual/SKILL.md
- skillghostwright-phantom-f8c7ab4/skills-builtin/show-my-tools/SKILL.md
- skillghostwright-phantom-f8c7ab4/skills-builtin/thread/SKILL.md
danger signals4
- suspicious endpoint169.254.169.254 (cloud metadata)ghostwright-phantom-f8c7ab4/src/config/identity-fetcher.ts:32
export const DEFAULT_METADATA_BASE_URL = "http://169.254.169.254"; - suspicious endpoint169.254.169.254 (cloud metadata)ghostwright-phantom-f8c7ab4/src/config/loader.ts:43
const DEFAULT_METADATA_BASE_URL = "http://169.254.169.254"; - suspicious endpoint169.254.169.254 (cloud metadata)ghostwright-phantom-f8c7ab4/src/email/key-fetcher.ts:40
const DEFAULT_METADATA_BASE_URL = "http://169.254.169.254"; - suspicious endpoint169.254.169.254 (cloud metadata)ghostwright-phantom-f8c7ab4/src/ui/auth-magic.ts:72
const DEFAULT_METADATA_BASE_URL = "http://169.254.169.254";
[](https://mcpobservatory.com/servers/github:ghostwright/phantom/security) Heuristic, inferred signals — false positives (legitimately powerful tools, forks, language ports) are expected. Treat each as "review this", not a verdict. See the ecosystem-wide picture on the security hub, or the fleet security of ghostwright.