Audit Receipts · Claude Tool Ecosystem · April 2026

← Audit Registry

Claude Tool Ecosystem

Five open-source repositories from the Claude tool ecosystem, audited under HARS v4.4 on April 1, 2026. The following receipts are direct outputs of the HARS engine. Each reflects a complete repository scan at runtime and is cryptographically linked within the HARS-ATC-001 audit chain.

Findings from this batch are published at /findings/claude-leak-repos ↗.

Published Receipts · 5 Entries

claw-code

RED VIOLATIONS
Audit IDHARS_AUDIT_20260401_191023
TimestampApril 1, 2026
Max SeverityL1 — Structural / Technical
Scope67 Python files. Max severity SEVERITY_L1 — structural/technical only. All 28 findings OVERRIDE_PASS eligible. No USER_FACING or IDENTITY_AUTHORITY layer activity. Zero escalations, zero remediation required.

everything-claude-code

RED VIOLATIONS
Audit IDHARS_AUDIT_20260401_194650
TimestampApril 1, 2026
Max SeverityL3 — Human Steering / Guidance
Scope238 files (202 JS, 17 TS, 17 Python, 3 TSX). Max severity SEVERITY_L3 — human steering present. 51 ESCALATE findings (Mirror Gate Bridge Verb pattern). Dominant layer: OPERATOR_LAYER (156 findings). No IDENTITY_AUTHORITY_LAYER findings. Zero remediation required.

claude-mem

RED VIOLATIONS
Audit IDHARS_AUDIT_20260401_200104
TimestampApril 1, 2026
Max SeverityL4 — Identity / Concealment / Authority
Scope328 files (297 TS, 16 JS, 14 TSX, 2 Python). Max severity SEVERITY_L4. Dominant layer: USER_FACING_LAYER (137 findings). 5 IDENTITY_AUTHORITY_LAYER findings — all REMEDIATION_REQUIRED. 115 escalation-eligible findings. Mixed authority profile.

claude-code

RED VIOLATIONS
Audit IDHARS_AUDIT_20260401_192712
TimestampApril 1, 2026
Max SeverityL4 — Identity / Concealment / Authority
Scope1,885 files (1,332 TS, 552 TSX, 18 JS). Max severity SEVERITY_L4. Dominant layer: USER_FACING_LAYER (629 findings). 121 IDENTITY_AUTHORITY_LAYER findings — all REMEDIATION_REQUIRED. 480 escalation-eligible findings. High authority density.

claude-code-best

RED VIOLATIONS
Audit IDHARS_AUDIT_20260401_195127
TimestampApril 1, 2026
Max SeverityL4 — Identity / Concealment / Authority
Scope2,802 files (2,230 TS, 552 TSX, 26 JS, 1 JSX). Max severity SEVERITY_L4. Dominant layer: USER_FACING_LAYER (671 findings). 123 IDENTITY_AUTHORITY_LAYER findings — all REMEDIATION_REQUIRED. 513 escalation-eligible findings. Highest authority density in batch.

Receipts are published as plaintext. Each file is served directly from the canonical registry at harsregistry.org/audits/<filename>.txt. Engine: HARS v4.4 · Protocol v3.3+ATC-001 · SAL, SAL-X, ASC, MGL active. Chain integrity at publication: INTACT.

← Findings for this batchFull audit registry →