Writing Hookify Rules
Guides users in creating and configuring Hookify rules with YAML syntax for effective pattern matching and messaging.
Install this skill
or
43/100
Security score
The Writing Hookify Rules skill was audited on Feb 16, 2026 and we found 7 security issues across 2 threat categories, including 3 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 249
Direct command execution function call
SourceSKILL.md
| 249 | (eval|exec)\( Matches: eval( or exec( |
high line 249
Eval function call - arbitrary code execution
SourceSKILL.md
| 249 | (eval|exec)\( Matches: eval( or exec( |
high line 324
Template literal with variable interpolation in command context
SourceSKILL.md
| 324 | See `${CLAUDE_PLUGIN_ROOT}/examples/` for complete examples: |
low line 76
Access to .env file
SourceSKILL.md
| 76 | pattern: \.env$ |
low line 82
Access to .env file
SourceSKILL.md
| 82 | You're adding an API key to a .env file. Ensure this file is in .gitignore! |
medium line 179
Access to .env file
SourceSKILL.md
| 179 | - Sensitive files: `\.env$`, `credentials`, `\.pem$` |
medium line 327
Access to .env file
SourceSKILL.md
| 327 | - `sensitive-files-warning.local.md` - Warn about editing .env files |
Scanned on Feb 16, 2026
View Security DashboardInstall this skill with one command
/learn @kgadek/writing-rulesRate this skill
Categorydevelopment
UpdatedMarch 29, 2026
claude-codeapifrontend-developerbackend-developerdevops-sretechnical-writerproduct-managerdevelopmentcontent mediaproduct
kgadek/kgadek-claude-plugin