Session demo-heavy-activity
Agent claude-code on host dev-laptop-bill
· 2m10s
Verdict
Low
2 shell spawns
4 network targets
Sensitive path hits · 0
No sensitive path hits.
Suspicious host queries · 0
No suspicious host queries.
Suspicious command lines · 0
No suspicious command lines.
Registry persistence · 0
No registry persistence writes.
Flagged image loads · 0
No flagged image loads.
Top processes · 4
| Image | Count |
|---|---|
C:\Program Files\Git\usr\bin\bash.exe | 1 |
C:\Program Files\nodejs\node.exe | 1 |
C:\Users\bill\AppData\Roaming\Claude\claude-code\2.1.111\claude.exe | 1 |
C:\Windows\System32\cmd.exe | 1 |
Top file opens · 7
| Path | Count |
|---|---|
C:\work\shadowtrace\README.md | 9 |
C:\work\shadowtrace\go.mod | 8 |
C:\work\shadowtrace\cmd\etw-probe\main.go | 7 |
C:\work\shadowtrace\internal\storage\pgstore\store.go | 6 |
C:\work\shadowtrace\internal\summary\summary.go | 5 |
C:\work\shadowtrace\internal\server\ui.go | 4 |
C:\work\shadowtrace\internal\server\server.go | 3 |
File writes · 7
| Path | Count |
|---|---|
C:\work\shadowtrace\README.md | 1 |
C:\work\shadowtrace\cmd\etw-probe\main.go | 1 |
C:\work\shadowtrace\go.mod | 1 |
C:\work\shadowtrace\internal\server\server.go | 1 |
C:\work\shadowtrace\internal\server\ui.go | 1 |
C:\work\shadowtrace\internal\storage\pgstore\store.go | 1 |
C:\work\shadowtrace\internal\summary\summary.go | 1 |
File renames / deletes
| Path | Op | Count |
|---|---|---|
C:\work\shadowtrace\internal\server\server.go | rename | 1 |
C:\work\shadowtrace\scratch\old.txt | delete | 1 |
DNS queries · 5
| Query | Count |
|---|---|
api.anthropic.com | 1 |
deb.debian.org | 1 |
github.com | 1 |
proxy.golang.org | 1 |
registry.npmjs.org | 1 |
TCP targets · 4
| Target | Count |
|---|---|
104.16.132.229:443 | 1 |
140.82.114.3:443 | 1 |
34.107.221.82:443 | 1 |
52.88.101.23:443 | 1 |