Hooks Automation

This skill is a high-feature automation framework for development and multi-agent coordination that legitimately needs hooks, file access, and persistence to operate. However, its design centralizes execution of arbitrary CLI commands, persistence of repository content into shared memory and training stores, and automated agent actions. Those capabilities are coherent with the skill’s stated purpose but are high-risk by nature: unpinned npx usage, executing commands derived from tool parameters, storing raw file contents into coordination memory/neural training pipelines, and automatic broadcasting/spawning of agents create plausible supply-chain and data-exfiltration vectors. Recommended mitigations before use: pin/verify claude-flow package versions, require authorization and encryption for MCP endpoints, implement strict secret redaction (prevent storing .env or other secret files), add per-action user confirmations for high-impact hooks (spawn, commit, push), sandbox or validate commands provided to pre-bash, and restrict who can register or modify custom hooks. Overall I assess moderate-to-high security risk from misuse or misconfiguration rather than clear evidence of inherent malware.