typescript-hook-writer
Provides expert guidance for developing TypeScript hooks for Claude Code, ensuring type safety and efficient testing.
Install this skill
Security score
The typescript-hook-writer skill was audited on Feb 27, 2026 and we found 32 security issues across 3 threat categories, including 3 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Direct command execution function call
| 403 | execSync(`command -v ${command}`, { stdio: 'ignore' }); |
Direct command execution function call
| 427 | execSync(`(${fullCommand} &)`, { |
Direct command execution function call
| 434 | execSync(fullCommand, { |
Template literal with variable interpolation in command context
| 179 | console.error(`Hooks directory not found: ${HOOKS_DIR}`); |
Template literal with variable interpolation in command context
| 235 | console.log(`✓ Built ${hook.name}`); |
Template literal with variable interpolation in command context
| 241 | console.error(`✗ Failed to build ${hook.name}:`, error); |
Template literal with variable interpolation in command context
| 259 | console.log(`Found ${hooks.length} hooks:\n`); |
Template literal with variable interpolation in command context
| 264 | console.log(`\n✓ Built ${hooks.length} hooks successfully`); |
Template literal with variable interpolation in command context
| 403 | execSync(`command -v ${command}`, { stdio: 'ignore' }); |
Template literal with variable interpolation in command context
| 423 | const fullCommand = `${command} ${args.map(arg => `"${arg}"`).join(' ')}`; |
Template literal with variable interpolation in command context
| 427 | execSync(`(${fullCommand} &)`, { |
Template literal with variable interpolation in command context
| 453 | if (new RegExp(`^${regexPattern}$`).test(filePath)) { |
Template literal with variable interpolation in command context
| 571 | logError(`Failed to format ${filePath}: ${error}`); |
Template literal with variable interpolation in command context
| 690 | logWarning(`Found ${outdatedDeps.length} outdated dependencies`); |
Template literal with variable interpolation in command context
| 744 | throw new Error(`EXIT_${code}`); |
Template literal with variable interpolation in command context
| 1212 | logError(`⛔ Blocked: Cannot modify sensitive file '${filePath}'`); |
Template literal with variable interpolation in command context
| 1213 | logError(` Pattern: ${match.pattern}`); |
Template literal with variable interpolation in command context
| 1230 | const logLine = `[${getTimestamp()}] ${command}`; |
Template literal with variable interpolation in command context
| 1252 | logWarning(`⚠️ Warning: Potential credential detected in ${filePath}`); |
Template literal with variable interpolation in command context
| 1253 | logWarning(` Pattern matched: ${pattern}`); |
Template literal with variable interpolation in command context
| 1303 | logError(`[DEBUG] Processing file: ${filePath}`); |
Template literal with variable interpolation in command context
| 1304 | logError(`[DEBUG] Extensions: ${JSON.stringify(supportedExtensions)}`); |
Node child_process module reference
| 355 | import { execSync } from 'child_process'; |
Access to .env file
| 430 | env: { ...process.env, ...options.env }, |
Access to .env file
| 437 | env: { ...process.env, ...options.env }, |
Access to .env file
| 1208 | const blockedPatterns = ['.env', '.env.*', '*.pem', '*.key', '*credentials*']; |
Access to .env file
| 1436 | matchesPattern(path, ['*.env']) // Glob matching |
External URL reference
| 1448 | - [Claude Code Hooks Docs](https://code.claude.com/docs/en/hooks) |
External URL reference
| 1449 | - [TypeScript Handbook](https://www.typescriptlang.org/docs/) |
External URL reference
| 1450 | - [esbuild Documentation](https://esbuild.github.io/) |
External URL reference
| 1451 | - [Vitest Documentation](https://vitest.dev/) |
External URL reference
| 1452 | - [PRPM Publishing Guide](https://prpm.dev/docs/publishing) |