project-hook-setup

[Skill Scanner] Backtick command substitution detected This skill's declared purpose aligns with its actions: it installs local hook scripts that read a per-project config and execute test/health/dependency checks. I found no indications of hidden network exfiltration, obfuscated payloads, or remote code downloads. The primary security concern is that hook behavior is driven by values in .claude/config/project.json (test_command, health_check, required_services), so if an attacker can modify that file or drop malicious hooks into .claude/hooks/, arbitrary commands and network calls can be executed. With proper access controls on the project config and hooks directory, the design is acceptable. Otherwise, treat the execution of config-driven commands as a significant risk. LLM verification: The skill's declared purpose and requested configuration are reasonable for project-local hook installation. However, the design allows execution of arbitrary commands supplied in project.json (test_command, health_check) and reading of sensitive environment variables. Because the hook implementations are not present in this artifact, there is an unresolved risk: if the hooks invoke configured commands via a shell or transmit environment data, an attacker who can modify project.json or add hooks