claude-code-hooks
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides documentation for executing arbitrary local scripts through the Claude Code hooks architecture. It includes Bash templates for tasks like tool validation and session setup, and explains configuration via settings.json.
- [DATA_EXFILTRATION]: Reference patterns are provided for audit logging and external notifications. The examples demonstrate accessing tool interaction data and environment variables, including code snippets for transmitting sanitized logs to external services using curl.
- [PROMPT_INJECTION]: The documentation analyzes the vulnerability surface for indirect prompt injection within the hook system. It provides a mitigation framework including: 1. Ingestion points: PreToolUse and PostToolUse tool input objects. 2. Boundary markers: Use of structured JSON parsing. 3. Capability inventory: Execution of local shell commands. 4. Sanitization: Specific patterns for quoting variables, checking for path traversal, and blacklisting dangerous command strings.
Audit Metadata