← 返回 Skills 市场
157
总下载
0
收藏
1
当前安装
3
版本数
在 OpenClaw 中安装
/install nm-abstract-hook-authoring
功能描述
Guide for creating Claude Code hooks with security-first design. Use for validation, logging, and policy enforcement
安全使用建议
This is a documentation-only skill (no code is installed). It appears coherent and useful for writing hooks, but be careful when copying examples into your settings.json or plugin hooks: - Avoid logging raw tool inputs (CLAUDE_TOOL_INPUT) or other unredacted data; use sanitization patterns before writing logs. - HTTP-type hooks can send full hook payloads off-host; only point them at endpoints you control and review payloads for secrets. - Prefer project-scoped or plugin-scoped hooks for team controls instead of global hooks that apply to all sessions. - Test hooks in a sandboxed/untrusted workspace before enabling them globally. - Review any hook scripts referenced (e.g., ~/.claude/hooks/*.sh or ${CLAUDE_PLUGIN_ROOT}/scripts/*) before enabling to ensure they don’t perform unintended file access or network calls. Installing this skill itself is low-risk, but the hook configurations you create following its examples can introduce privacy or exfiltration risks if misused.
功能分析
Type: OpenClaw Skill
Name: nm-abstract-hook-authoring
Version: 1.8.3
The skill bundle is a comprehensive educational resource and documentation set for authoring hooks in Claude Code and the Claude Agent SDK. The files (SKILL.md and various modules) provide legitimate guidance, implementation patterns, and best practices for validation, logging, and performance optimization. The code examples are security-conscious, featuring patterns for redacting secrets and blocking dangerous shell commands (e.g., 'rm -rf /'). There is no evidence of malicious intent, data exfiltration, or prompt injection.
能力评估
Purpose & Capability
The name and description claim an authoring guide for Claude hooks and the included SKILL.md and module files are exactly that: examples, patterns, and best practices. No binaries, env vars, installs, or external credentials are required by the skill itself, which is proportionate to a documentation skill.
Instruction Scope
The instructions include many runnable examples (shell commands, JSON hook configs, and Python SDK code) that show writing logs, running hook commands, and POSTing hook payloads to URLs. Those examples are within scope for a hook authoring guide, but several examples demonstrate writing full tool inputs to logs (which could capture secrets) and describe HTTP hooks that send hook payloads off-host — both are legitimate patterns but risky if copied blindly into global/project hooks. The guide does call out sanitization patterns in some examples, but some snippets (e.g., direct echo of $CLAUDE_TOOL_INPUT) can expose sensitive data if used without redaction.
Install Mechanism
No install specification and no code files are executed by the registry; this is instruction-only, so nothing is downloaded or written at install time.
Credentials
The skill declares no required environment variables or credentials. The docs reference platform variables (CLAUDE_TOOL_NAME, CLAUDE_TOOL_INPUT, CLAUDE_PLUGIN_ROOT, CLAUDE_CODE_DISABLE_CRON) and suggest using an optional PRODUCTION_APPROVED env var in examples — these are usage examples, not requirements. Still, users should be aware examples may reference or check env vars and that hooks can access environment and filesystem when actually installed as hooks.
Persistence & Privilege
always is false and there is no install behavior that persists or modifies other skills or system-wide settings. The documentation explains scopes (plugin, project, global) and warns about persistence; nothing in the skill itself requests elevated or permanent privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nm-abstract-hook-authoring - 安装完成后,直接呼叫该 Skill 的名称或使用
/nm-abstract-hook-authoring触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.8.3
Release v1.8.3
v1.8.2
Release v1.8.2
v1.0.0
Initial release — security-focused guide for writing Claude Code hooks.
- Covers both declarative JSON (Claude Code) and Python (Claude Agent SDK) hook creation.
- Documents all supported hook event types, key parameters, and example use cases.
- Provides quick start examples for logging and validation hooks.
- Emphasizes security, validation, logging, and automation patterns.
- Includes best practices and patterns for performance and safe design.
元数据
常见问题
Nm Abstract Hook Authoring 是什么?
Guide for creating Claude Code hooks with security-first design. Use for validation, logging, and policy enforcement. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 157 次。
如何安装 Nm Abstract Hook Authoring?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nm-abstract-hook-authoring」即可一键安装,无需额外配置。
Nm Abstract Hook Authoring 是免费的吗?
是的,Nm Abstract Hook Authoring 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Nm Abstract Hook Authoring 支持哪些平台?
Nm Abstract Hook Authoring 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Nm Abstract Hook Authoring?
由 athola(@athola)开发并维护,当前版本 v1.8.3。
推荐 Skills