Hook by its-animay · 2 stars
A pre-tool-use hook plugin that automatically scans code for security vulnerabilities before Claude writes it to disk. Detects eval() usage, Function constructor abuse, hardcoded API keys and secrets, Bearer tokens, AWS credentials, innerHTML/outerHTML XSS vectors, inline private keys, and GitHub personal access tokens. Uses a two-tier severity system: errors block the write with detailed remediation guidance, while warnings allow the write but inject advisory context. Runs as pure Node.js wi...
/plugin install claude-security-linter@claude-community