hooks-setup

[Skill Scanner] Backtick command substitution detected All findings: [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This skill documentation itself is not malicious: it legitimately describes configuring lint/format hooks. However it enables execution of arbitrary shell/CLI commands (including npx which fetches packages) and supports global/project-local hook files. Those capabilities are disproportionate if untrusted hook content is allowed and present a real supply-chain and code-execution risk (hook injection, unpinned npm installs, possible secret exposure via $CLAUDE_ENV_FILE). Treat this as a moderate security risk: validate and pin hook recipes, restrict who can modify global/project hook files, and avoid executing untrusted hooks. No direct malware found in the provided text. LLM verification: The skill’s stated purpose (setting up hooks for lint/format/test) matches its capabilities. The main security concern is that hooks are arbitrary shell commands: if a hook is malicious or a recipe uses unpinned npx installs, this can lead to supply-chain execution or data exfiltration. There is no explicit malicious code in the provided content, but the feature is high-risk by design because it permits running arbitrary commands and using npx (runtime package fetch). Recommend restricting allow