hooks-configuration
Facilitates the configuration and development of Claude Code hooks for automating workflows and ensuring consistent behavior.
Install this skill
or
53/100
Security score
The hooks-configuration skill was audited on Mar 2, 2026 and we found 7 security issues across 3 threat categories, including 2 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
medium line 468
Template literal with variable interpolation in command context
SourceSKILL.md
| 468 | ```json |
high line 479
Template literal with variable interpolation in command context
SourceSKILL.md
| 479 | Only HTTPS URLs are allowed. Header values support `${ENV_VAR}` expansion. |
high line 614
Piping content to bash shell
SourceSKILL.md
| 614 | echo '{"tool_input": {"command": "cat file.txt"}}' | bash your-hook.sh |
medium line 67
Access to hidden dotfiles in home directory
SourceSKILL.md
| 67 | - **`~/.claude/settings.json`** - User-level (applies everywhere) |
low line 327
Access to hidden dotfiles in home directory
SourceSKILL.md
| 327 | echo "$(date -Iseconds) | $TOOL | $COMMAND" >> ~/.claude/audit.log |
medium line 594
Access to .env file
SourceSKILL.md
| 594 | 3. Avoid touching `.env` or `.git/` directly |
low line 471
External URL reference
SourceSKILL.md
| 471 | "url": "https://hooks.example.com/pre-tool-use", |
Scanned on Mar 2, 2026
View Security DashboardInstall this skill with one command
/learn @laurigates/hooks-configuration