claude-hook-writer
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a defensive and educational resource designed to improve the security and reliability of Claude Code hooks.
- Security-First Approach: The core principles and checklists emphasize validating all input, quoting variables, and blocking access to sensitive files like .env and SSH keys.
- Defensive Templates: Provided templates (e.g., block-sensitive.sh in references/code-templates.md) directly implement security controls to prevent unauthorized file access or modification.
- Safe Performance Optimization: The use of eval in references/quick-reference.md for variable extraction follows safe shell programming practices by using jq's @sh for proper character escaping.
- Educational Context: Detected homoglyphs in references/reliability-performance.md are used within the context of teaching developers how to handle Unicode filenames, posing no security risk.
Audit Metadata