hooks
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides security-hardened templates for creating lifecycle hooks. These templates implement input size limits using
head -c, structural JSON validation viajq, and path traversal prevention usingrealpathand working directory checks.\n- [COMMAND_EXECUTION]: The skill's primary purpose is to configure shell scripts to execute upon specific agent events. It mandates defensive coding patterns, such as avoidingevaland checking for flag injection in filenames, ensuring that the execution of these scripts follows strict security guidelines.\n- [PROMPT_INJECTION]: Analysis of the indirect prompt injection surface (processing untrusted tool and user input) reveals strong mitigation strategies as per platform best practices:\n - Ingestion Points: Hooks receive tool inputs, outputs, and user prompts via JSON on
stdin(SKILL.md).\n - Boundary Markers: Scripts use
jqfor structural JSON data andrealpathfor file system isolation.\n - Capability Inventory: Hooks can execute shell commands via the Bash tool (SKILL.md).\n
- Sanitization: The skill provides logic for input size capping, JSON validation, path verification, and safe variable handling to sanitize external content.
Audit Metadata