claude-code-hooks

This skill documentation and example hooks are conceptually benign and aligned with their stated purpose: creating hooks to validate, modify, and act on agent events. There is no direct evidence of malware or obfuscation in the provided text. However, the hook execution model allows arbitrary commands run with the user's permissions and supports runtime package execution (npx/npm), and certain events inject hook stdout into agent context — these create realistic supply-chain and exfiltration risks if hooks are untrusted or poorly reviewed. Treat hook files as code with full review, avoid running npx/npm from untrusted hooks, and restrict who can add hook commands. Overall: not malicious by content but operationally moderate risk if misused.