claude-code-hooks

This document describes a hook system that intentionally executes arbitrary command scripts in response to tool events. The fragment contains no hidden obfuscation or explicit malicious payload, but the mechanism itself is a high-value supply-chain risk: misconfiguration or compromise of the config files or hook scripts allows arbitrary code execution in developer/CI environments. Treat hook locations and scripts as sensitive: restrict write access, require code review, use signed or git-verified hooks, and prefer sandboxing or least-privilege execution. The code is not itself malware, but the configuration pattern enables powerful actions that can be abused.