hooks-session-end-issue-hook
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform system checks, including searching for the '.claude' directory, verifying 'jq' installation, and checking GitHub CLI ('gh') authentication status.- [COMMAND_EXECUTION]: It configures a 'Stop' hook that executes a local bash script ('session-end-issue-hook.sh') using the Bash interpreter with a 15-second timeout.- [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface because the configured hook processes the session transcript. \n
- Ingestion points: The hook script reads the full session transcript from the 'transcript_path' provided by the agent environment. \n
- Boundary markers: No specific delimiters or instructions to ignore embedded commands within the transcript are defined in the setup. \n
- Capability inventory: The script has the capability to generate and suggest 'gh issue create' commands for execution. \n
- Sanitization: No explicit sanitization of transcript content (e.g., todo descriptions) is mentioned before being used in suggested commands.
Audit Metadata