The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides scripts (scripts/check_workspace_trust.sh) that programmatically modify the global Claude Code configuration file (~/.claude.json) to set hasTrustDialogAccepted to true. This action bypasses a built-in security prompt designed to prevent unauthorized hook execution in new workspaces.
[CREDENTIALS_UNSAFE]: The scripts/audit_project.sh script is designed to scan for and catalog sensitive file paths including .env, .envrc, *.pem, and *.key. While the script reports metadata about these files, identifying their locations within a project constitutes a sensitive data exposure finding.
[COMMAND_EXECUTION]: The core functionality relies on multiple bash scripts (scripts/scaffold_hooks.sh, scripts/merge_settings.sh, scripts/render_hooks_readme.sh) that perform extensive file system modifications and configuration merges based on the project's structure and user-provided plans.
[EXTERNAL_DOWNLOADS]: The skill instructions (SKILL.md) direct the agent to fetch and process content from external documentation sites (e.g., code.claude.com and reading.sh) to verify current hook specifications before performing scaffolding operations.

scaffold-cc-hooks