← Back to Skills Marketplace
157
Downloads
0
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install nm-abstract-hook-authoring
Description
Guide for creating Claude Code hooks with security-first design. Use for validation, logging, and policy enforcement
Usage Guidance
This is a documentation-only skill (no code is installed). It appears coherent and useful for writing hooks, but be careful when copying examples into your settings.json or plugin hooks: - Avoid logging raw tool inputs (CLAUDE_TOOL_INPUT) or other unredacted data; use sanitization patterns before writing logs. - HTTP-type hooks can send full hook payloads off-host; only point them at endpoints you control and review payloads for secrets. - Prefer project-scoped or plugin-scoped hooks for team controls instead of global hooks that apply to all sessions. - Test hooks in a sandboxed/untrusted workspace before enabling them globally. - Review any hook scripts referenced (e.g., ~/.claude/hooks/*.sh or ${CLAUDE_PLUGIN_ROOT}/scripts/*) before enabling to ensure they don’t perform unintended file access or network calls. Installing this skill itself is low-risk, but the hook configurations you create following its examples can introduce privacy or exfiltration risks if misused.
Capability Analysis
Type: OpenClaw Skill
Name: nm-abstract-hook-authoring
Version: 1.8.3
The skill bundle is a comprehensive educational resource and documentation set for authoring hooks in Claude Code and the Claude Agent SDK. The files (SKILL.md and various modules) provide legitimate guidance, implementation patterns, and best practices for validation, logging, and performance optimization. The code examples are security-conscious, featuring patterns for redacting secrets and blocking dangerous shell commands (e.g., 'rm -rf /'). There is no evidence of malicious intent, data exfiltration, or prompt injection.
Capability Assessment
Purpose & Capability
The name and description claim an authoring guide for Claude hooks and the included SKILL.md and module files are exactly that: examples, patterns, and best practices. No binaries, env vars, installs, or external credentials are required by the skill itself, which is proportionate to a documentation skill.
Instruction Scope
The instructions include many runnable examples (shell commands, JSON hook configs, and Python SDK code) that show writing logs, running hook commands, and POSTing hook payloads to URLs. Those examples are within scope for a hook authoring guide, but several examples demonstrate writing full tool inputs to logs (which could capture secrets) and describe HTTP hooks that send hook payloads off-host — both are legitimate patterns but risky if copied blindly into global/project hooks. The guide does call out sanitization patterns in some examples, but some snippets (e.g., direct echo of $CLAUDE_TOOL_INPUT) can expose sensitive data if used without redaction.
Install Mechanism
No install specification and no code files are executed by the registry; this is instruction-only, so nothing is downloaded or written at install time.
Credentials
The skill declares no required environment variables or credentials. The docs reference platform variables (CLAUDE_TOOL_NAME, CLAUDE_TOOL_INPUT, CLAUDE_PLUGIN_ROOT, CLAUDE_CODE_DISABLE_CRON) and suggest using an optional PRODUCTION_APPROVED env var in examples — these are usage examples, not requirements. Still, users should be aware examples may reference or check env vars and that hooks can access environment and filesystem when actually installed as hooks.
Persistence & Privilege
always is false and there is no install behavior that persists or modifies other skills or system-wide settings. The documentation explains scopes (plugin, project, global) and warns about persistence; nothing in the skill itself requests elevated or permanent privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install nm-abstract-hook-authoring - After installation, invoke the skill by name or use
/nm-abstract-hook-authoring - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.8.3
Release v1.8.3
v1.8.2
Release v1.8.2
v1.0.0
Initial release — security-focused guide for writing Claude Code hooks.
- Covers both declarative JSON (Claude Code) and Python (Claude Agent SDK) hook creation.
- Documents all supported hook event types, key parameters, and example use cases.
- Provides quick start examples for logging and validation hooks.
- Emphasizes security, validation, logging, and automation patterns.
- Includes best practices and patterns for performance and safe design.
Metadata
Frequently Asked Questions
What is Nm Abstract Hook Authoring?
Guide for creating Claude Code hooks with security-first design. Use for validation, logging, and policy enforcement. It is an AI Agent Skill for Claude Code / OpenClaw, with 157 downloads so far.
How do I install Nm Abstract Hook Authoring?
Run "/install nm-abstract-hook-authoring" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Nm Abstract Hook Authoring free?
Yes, Nm Abstract Hook Authoring is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Nm Abstract Hook Authoring support?
Nm Abstract Hook Authoring is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Nm Abstract Hook Authoring?
It is built and maintained by athola (@athola); the current version is v1.8.3.
More Skills