The Agent Skills Directory

[COMMAND_EXECUTION]: The skill defines a system for 'Hooks' that automatically trigger shell commands in response to agent events, such as tool calls or user prompts, increasing the attack surface for unauthorized command execution.\n- [PROMPT_INJECTION]: The guide provides examples where variables containing untrusted content, such as {{prompt}} and {{command}}, are interpolated directly into shell script arguments (e.g., ./hooks/log-interaction.sh '{{prompt}}'). This pattern is vulnerable to command injection if an attacker crafts an input containing shell metacharacters to escape the single quotes.\n- [DATA_EXFILTRATION]: Documentation includes templates for sending local file paths and metadata to remote endpoints using curl (e.g., curl -X POST https://api.example.com/notify -d 'file={{file_path}}'), demonstrating a clear vector for data leakage.\n- [EXTERNAL_DOWNLOADS]: Lifecycle hook examples encourage the use of npm install and curl during installation, which can lead to the execution of untrusted remote code or malicious packages without user verification.

claude-hooks