Skills
skills/fandhe-ai/agent-reference-skills/lefthook/Gen Agent Trust Hub

lefthook

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The documentation provides instructions to download the Lefthook tool and its configuration from official vendor sources.
  • Evidence: Installation guides link to official repositories on GitHub and package hosting on Cloudsmith (dl.cloudsmith.io).
  • [REMOTE_CODE_EXECUTION]: Linux installation procedures documented in the skill use the common pattern of piping a setup script from the official package repository into a shell.
  • Evidence: 'curl ... | sudo -E bash' patterns are documented in 'references/installation/alpine.md', 'references/installation/deb.md', and 'references/installation/rpm.md'. These are the official repository setup methods provided by the vendor.
  • [COMMAND_EXECUTION]: The skill documents how to configure the tool to run shell commands and external scripts during Git lifecycle events.
  • Evidence: Multiple examples in 'command-settings.md' and 'hook-settings.md' show the execution of development tools like 'yarn lint', 'bundle exec rspec', and 'go vet'.
  • [SAFE]: The skill consists entirely of reference documentation for a legitimate, well-known developer tool. All external references and installation commands point to the official infrastructure of the tool's maintainers (Evil Martians).
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 04:06 PM
Security Audit — agent-trust-hub — lefthook