Skip to main content

Browse the directory

Showing 30 of 87 resources in hooks
Saved
Active

Source-backed filter active — add entries to compare trust side by side.

Trust snapshot

Trust signals across 40 of 87 results

Claimed
0%(0/40)

2 trust signals differ in this sample: Source provenance, Submitter

Signals differ on Source provenance, Submitter — add entries to compare before you install.

Rollout signal scan

1 rollout risk signal in current results

Biggest gaps: package integrity. 0 entries have 2+ required gaps.

12 scanned

Install payload

Install payload is broadly covered in current results.

good

100% (12/12)

Adoption queue

Browse adoption queue · balanced

0/87 visible results are ready for staged adoption under this preset.

ready 0caution 8hold 0

Accessibility Checker - Claude Code Hooks

No required blockers for this preset.

caution

64/100

Collect package checksum or signed artifact information.

hooks/accessibility-checker · trust review · confidence 83%

API Doc Generator

No required blockers for this preset.

caution

64/100

Collect package checksum or signed artifact information.

hooks/api-endpoint-documentation-generator · trust review · confidence 83%

Auto Save Backup - Hooks

No required blockers for this preset.

caution

64/100

Collect package checksum or signed artifact information.

hooks/auto-save-backup · trust review · confidence 83%

AWS CloudFormation Validator - Hooks

No required blockers for this preset.

caution

64/100

Collect package checksum or signed artifact information.

hooks/aws-cloudformation-validator · trust review · confidence 83%

Biome Check Hook for Claude Code

No required blockers for this preset.

caution

64/100

Collect package checksum or signed artifact information.

hooks/biome-check-hook · trust review · confidence 83%

Cloud Backup On Session Stop - Hooks

No required blockers for this preset.

caution

64/100

Collect package checksum or signed artifact information.

hooks/cloud-backup-on-session-stop · trust review · confidence 83%

Decision confidence

Decision confidence scan · balanced

0/87 results are high-confidence for the selected preset.

high 0medium 8low 0

API Doc Generator

Address Package integrity before broader rollout.

medium

68/100

Missing: Package integrity

hooks/api-endpoint-documentation-generator · trust review

Auto Save Backup - Hooks

Address Package integrity before broader rollout.

medium

68/100

Missing: Package integrity

hooks/auto-save-backup · trust review

Freshness distribution

Current results are broadly fresh

Median age 44 days; all 12 scanned entries are within 90 days.

median 44d

Aging

91–180 days

0%

0 entries

Stale

> 180 days

0%

0 entries

Theme distribution

Results center on hooks

58% of this view shares the top theme. Leading themes: hooks, claude-code, security.

Focused

78 distinct themes across 24 scanned

Hooks. Pre/post hooks for agent lifecycles

PostToolUse hook that flags risky package-lock.json, yarn.lock, and pnpm-lock.yaml edits: missing lockfile updates, unexpected registry hosts, and dependency count spikes before merge.

Trigger:PostToolUse
Safety ✓ Privacy ✓

PreToolUse Bash guardrail implementing the Claude Code hooks guide drop-table example: exit 2 with stderr feedback when Bash command text contains a case-insensitive DROP TABLE pattern.

Trigger:PreToolUse
Safety ✓ Privacy ✓

PreToolUse Write and Edit guardrail combining the hooks guide protected-file pattern with a local scan for common hardcoded credential shapes called out by GitHub secret scanning guidance before content is written.

Trigger:PreToolUse
Safety ✓ Privacy ✓

PreToolUse hook that reviews proposed writes to MCP configuration files and blocks inline credential values, credential-bearing URLs, and broad filesystem roots before they are saved.

Trigger:PreToolUse
Safety ✓ Privacy ✓

PreToolUse hook that blocks edits adding remote MCP server URLs unless their host appears in an explicit allowlist, reducing accidental connection to unreviewed OAuth, SSE, or Streamable HTTP MCP endpoints.

Trigger:PreToolUse
Safety ✓ Privacy ✓

PreToolUse hook that reviews proposed Bash commands for package, installer, and archive downloads, then blocks curl or wget download commands that do not include an adjacent checksum or signature verification step.

Trigger:PreToolUse
Safety ✓ Privacy ✓
GitHub logo

Read-only Claude Code Stop hook that checks the current GitHub pull request title against a Conventional Commits style pattern before the session ends, then falls back to the latest commit subject when no PR title is available.

PreToolUse hook that scans proposed writes to prompt, agent, rule, markdown, and context files for common prompt-injection phrases before the content is saved into an AI-readable surface.

Trigger:PreToolUse
Safety ✓ Privacy ✓

PostToolUse hook that compares a just-edited OpenAPI or JSON Schema document against the version committed in git and warns about backward-incompatible drift — removed OpenAPI paths and removed required properties — so breaking API changes are surfaced before they ship. Advisory only; it never blocks the edit.

Trigger:PostToolUse
Safety ✓ Privacy ✓

Read-only Claude Code PostToolUse hook that runs Biome's formatter, linter, and import-sorting checks on edited JavaScript, TypeScript, JSON, CSS, and GraphQL files without auto-writing changes.

Trigger:PostToolUse
Safety ✓ Privacy ✓
Cloudflare logo

Read-only Claude Code PostToolUse hook that checks edited Cloudflare Wrangler config files for required Worker fields, environment inheritance traps, secret-like vars, deprecated Workers Sites usage, and source-of-truth drift before Claude continues.

Trigger:PostToolUse
Safety ✓ Privacy ✓

PreToolUse hook that inspects a database migration before it is written and blocks irreversible or lock-heavy operations — DROP TABLE/COLUMN, TRUNCATE, table/column RENAME, and CREATE INDEX without CONCURRENTLY — following the strong_migrations safe-migration checks.

Trigger:PreToolUse
Safety ✓ Privacy ✓

Read-only Claude Code PostToolUse hook that runs Hadolint diagnostics after Claude writes or edits Dockerfile-like files, surfacing Dockerfile best practice, inline shell, trusted registry, label, and configuration findings without rewriting files.

Trigger:PostToolUse
Safety ✓ Privacy ✓

PostToolUse hook that flags two review hazards as Claude writes files: edits to generated or vendored artifacts (lockfiles, minified bundles, source maps, dist/build output, snapshots, protobuf output) and oversized diffs that change more lines than a configurable threshold versus the committed version.

Trigger:PostToolUse
Safety ✓ Privacy ✓

PostToolUse hook that inspects an edited npm package-lock.json for supply-chain provenance risk rather than known CVEs — dependencies resolved from outside the public npm registry (git, alternate-registry, or insecure transports) and registry tarballs missing an integrity hash.

Trigger:PostToolUse
Safety ✓ Privacy ✓

PostToolUse hook that watches dependency manifest and lockfile edits, then prompts or runs an OSS Review Toolkit dependency license analysis.

Trigger:PostToolUse
Safety ✓ Privacy ✓

PreToolUse hook that scans the exact text Claude Code is about to write or edit for high-confidence secret formats (AWS access keys, GitHub tokens, OpenAI keys, Slack tokens, Google API keys, Stripe keys, and private key blocks) and blocks the write with a non-zero exit before the secret ever reaches disk.

Trigger:PreToolUse
Safety ✓ Privacy ✓

PostToolUse hook that keeps a project's README in sync with the code. When the README or package.json is edited it checks for the standard-readme core sections (Install and Usage) and verifies that the CLI commands exposed via package.json bin are documented. Advisory only; it never edits files.

Trigger:PostToolUse
Safety ✓ Privacy ✓

PostToolUse hook that catches unintended UI changes by pixel-diffing a just-saved screenshot against its baseline with odiff.

Trigger:PostToolUse
Safety ✓ Privacy ✓

Read-only Claude Code PostToolUse hook that runs ShellCheck diagnostics after Claude writes or edits shell scripts, reporting shell portability, quoting, expansion, error-handling, and command-safety issues without modifying files.

Trigger:PostToolUse
Safety ✓ Privacy ✓

Read-only Claude Code PostToolUse hook that runs shfmt diff checks after Claude writes or edits shell scripts, surfacing POSIX shell, Bash, Zsh, and mksh formatting drift without rewriting files or executing scripts.

Trigger:PostToolUse
Safety ✓ Privacy ✓

SessionStart hook that prints a daily Claude Code retro at the top of every session — competency grade (0–100, A–F), 14-day efficiency sparklines, and a year-long contributions heatmap.

Trigger:SessionStart
Safety ✓ Privacy ✓

A PostToolUse hook that reminds you to enable native query logging for PostgreSQL, Prisma, Sequelize, and TypeORM, and flags possible N+1 patterns when you edit SQL or data-access files.

Trigger:PostToolUse
Safety ✓ Privacy ✓

A Claude Code SessionEnd hook that scans a project for dead code and writes a report to .claude/reports. It runs available tools per language: ESLint and Knip for JS/TS, autoflake or pylint for Python, Knip for unused npm dependencies, ripgrep for unreferenced src files, and jq to flag zero-coverage files.

Docker logo

Comprehensive Docker image vulnerability scanning with layer analysis, base image recommendations, and security best practices enforcement. This PostToolUse hook automatically scans Docker images for vulnerabilities when Dockerfiles are modified, providing real-time security validation during development.

Trigger:PostToolUse
Safety ✓ Privacy ✓

Automated documentation coverage analysis with missing docstring detection, API documentation validation, and completeness scoring. This PostToolUse hook automatically checks documentation coverage when code files are modified, providing real-time documentation quality validation during development.

Trigger:PostToolUse
Safety ✓ Privacy ✓

Automated accessibility testing and compliance checking for web applications following WCAG 2.1 and WCAG 2.2 guidelines. This hook automatically runs accessibility scans on HTML files after they are written or edited, using axe-core for comprehensive WCAG compliance testing.

Trigger:PostToolUse
Safety ✓ Privacy ✓

PostToolUse hook that extracts JSDoc and pydoc comments from modified API endpoint files and generates OpenAPI 3.1.0-compatible YAML documentation on every save.

Trigger:PostToolUse
Safety ✓ Privacy ✓

Automatically formats code files after Claude writes or edits them using industry-standard formatters including Prettier 3.6.2+ (JavaScript/TypeScript/Web), Black or Ruff (Python), gofmt (Go), and rustfmt (Rust).

Trigger:PostToolUse
Safety ✓ Privacy ✓

Automatically creates timestamped backups of files before modification to prevent data loss. This hook runs before file editing operations (Edit, Write, Multiedit) and creates versioned backups in a centralized .backups directory with ISO 8601-compliant timestamps including nanoseconds for collision prevention.

Trigger:PreToolUse
Safety ✓ Privacy ✓