Pre-Commit Hooks

Establishes automated code quality checks before commits to enforce coding standards and improve project maintainability.

Install this skill

or

0/100

Security score

The Pre-Commit Hooks skill was audited on Mar 1, 2026 and we found 18 security issues across 2 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 661

Direct command execution function call

SourceSKILL.md

661	execSync('npm install --save-dev husky lint-staged @commitlint/cli @commitlint/config-conventional', { stdio: 'inherit' });

high line 730

Direct command execution function call

SourceSKILL.md

730	execSync('npm run prepare', { stdio: 'inherit' });

medium line 117

Template literal with variable interpolation in command context

SourceSKILL.md

117	return `eslint --fix ${filenames.map(f => `"${f}"`).join(' ')}`;

medium line 121

Template literal with variable interpolation in command context

SourceSKILL.md

121	return `prettier --write ${filenames.map(f => `"${f}"`).join(' ')}`;

medium line 548

Template literal with variable interpolation in command context

SourceSKILL.md

548	console.log(`${colors[color]}${message}${colors.reset}`);

medium line 556

Template literal with variable interpolation in command context

SourceSKILL.md

556	colorLog(`✅ Created ${hookName}`, 'green');

medium line 559

Template literal with variable interpolation in command context

SourceSKILL.md

559	colorLog(`❌ Failed to create ${hookName}`, 'red');

medium line 651

Template literal with variable interpolation in command context

SourceSKILL.md

651	colorLog(`\n📊 Setup Summary: ${successCount}/${hooks.length} hooks created`,

medium line 809

Template literal with variable interpolation in command context

SourceSKILL.md

809	(filenames) => `eslint --fix --max-warnings 0 ${filenames.join(' ')}`,

medium line 818

Template literal with variable interpolation in command context

SourceSKILL.md

818	return `npx tsc --noEmit ${tsFiles.join(' ')}`;

low line 534

Node child_process module reference

SourceSKILL.md

534	const { execSync } = require('child_process');

medium line 538

Hex-encoded characters

SourceSKILL.md

538	reset: '\x1b[0m',

medium line 539

Hex-encoded characters

SourceSKILL.md

539	red: '\x1b[31m',

medium line 540

Hex-encoded characters

SourceSKILL.md

540	green: '\x1b[32m',

medium line 541

Hex-encoded characters

SourceSKILL.md

541	yellow: '\x1b[33m',

medium line 542

Hex-encoded characters

SourceSKILL.md

542	blue: '\x1b[34m',

medium line 543

Hex-encoded characters

SourceSKILL.md

543	cyan: '\x1b[36m',

medium line 544

Hex-encoded characters

SourceSKILL.md

544	magenta: '\x1b[35m',

Scanned on Mar 1, 2026

View Security Dashboard

Installation guide →

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw git frontend-developer backend-developer fullstack-developer devops-sre qa-engineer development

Coverage-Creatives/zeus