Hooks Automation
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill defines an indirect injection surface in the .claude/settings.json configuration examples provided in SKILL.md. Ingestion points: Data is ingested from tool parameters such as file_path, command, and task. Boundary markers: The configuration uses single quotes for shell variables, which is an insufficient boundary against malicious input. Capability inventory: The system has the capability to execute shell commands via npx. Sanitization: No sanitization or escaping of the interpolated tool parameters is visible in the configuration.
- [COMMAND_EXECUTION]: The skill facilitates the execution of shell commands and scripts based on event triggers as part of its core automation functionality.
- [EXTERNAL_DOWNLOADS]: The skill references the 'claude-flow' package, which is a resource associated with the vendor's infrastructure.
Audit Metadata