cc-hooks
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill implements a lifecycle hook system that executes local shell and Python scripts (e.g.,
installed-skill-edit-guard.sh,my-validator.sh) triggered by agent tool usage. These scripts are provided as transparent examples for safety validation, auto-formatting, and workflow automation. - [DATA_EXFILTRATION]: The
installed-skill-edit-guard.shscript records telemetry to a local file (~/.agentops/guardrail-telemetry.jsonl) to audit the effectiveness of security guards. The data collected is limited to session IDs and SHA-256 hashes of target file paths, ensuring user privacy by avoiding the storage of raw file names or content. - [DYNAMIC_EXECUTION]: The skill's primary function is the dynamic execution of logic based on tool input and output. This is used defensively to block dangerous operations or to route commands to remote workers (e.g., via the Remote Compilation Helper).
- [EXTERNAL_DOWNLOADS]: Documentation references external developer tools such as
dcg(Destructive Command Guard) andrch(Remote Compilation Helper), providing standard installation instructions for users via package managers like Homebrew and Cargo.
Audit Metadata