create-hook

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill permits adding arbitrary commands as persistent event hooks (including on sensitive events like PermissionRequest and UserPromptSubmit), which directly enables remote code execution, data exfiltration, credential harvesting, and persistence—making it a high-risk enabler for deliberate malicious activity despite no explicit payloads included.