hook-creator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous examples and templates for 'command' hooks, which involve executing bash and python scripts (e.g., validate-command.sh, auto-approve-reads.py). These are provided as educational templates for the user to implement locally.
- [SAFE]: The skill includes a dedicated 'Hook Security Guide' (references/security-guide.md) that provides detailed instructions on mitigating risks such as path traversal, command injection, and secret exposure.
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration were found. The skill emphasizes user responsibility and provides tools for blocking destructive commands and sensitive file access.
- [SAFE]: All external tools mentioned (such as jq, git, black, and prettier) are standard development utilities used for their intended purposes within the provided examples.
Audit Metadata