Does it support both command and prompt hook types?

Yes, it validates the structure of bash-based command hooks and ensures that LLM-based prompt hooks are only used on supported events like 'Stop' or 'SubagentStop'.

Can this skill automatically fix my hook scripts?

Yes, when run with the --fix flag, the skill can automatically inject missing safety headers, add required frontmatter fields, and correct improper exit codes.

How does Enhance Hooks improve script security?

It scans for dangerous patterns like recursive deletes or remote code execution, ensures scripts fail-fast using 'set -euo pipefail', and validates that blocking hooks use the correct exit code 2.

What are Claude Code hooks?

Hooks are automated actions triggered at specific points in a Claude Code session, such as before a tool is used (PreToolUse) or when a session completes (Stop), allowing for validation and custom workflows.

Enhance Hooks

Name: Enhance Hooks
Author: agent-sh

byagent-sh

•

Security & Testing

Validates and optimizes Claude Code hook scripts for safety, performance, and correct lifecycle implementation.

Enhance Hooks is a specialized utility designed to audit and improve Claude Code session hooks. It automatically scans hook definitions—including shell scripts and JSON configurations—to ensure they follow security best practices and technical specifications. By analyzing lifecycle events and tool matchers, the skill prevents common pitfalls like using prompt hooks on unsupported events or missing critical safety headers. Whether you are building security firewalls or auto-formatters, this skill ensures your session automation remains robust, fast, and secure through automated reporting and intelligent auto-fixing.

Key Features

01Auto-fix capabilities for missing safety headers and incorrect exit codes

021 GitHub stars

03Verification of frontmatter requirements and timeout configurations

04Detailed markdown reporting of security risks and architectural anti-patterns

05Validation of hook lifecycle events and tool matcher regex syntax

06Automated safety auditing for bash scripts (detects dangerous commands like rm -rf and eval)

Use Cases

01Debugging failed automation by verifying JSON output schemas and exit code logic

02Standardizing project-wide hooks with consistent documentation and performance constraints

03Securing local environments by auditing PreToolUse hooks for dangerous command execution patterns

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add agent-sh/enhance enhance-hooks

For use in Claude.ai and ChatGPT

Download Skill