// Audit Claude Code hooks for safety, correctness, and best practices compliance. Checks settings.json configuration, hook scripts, error logging, and deployment readiness. Use when reviewing hook health, checking hook safety, validating hooks, or after adding/modifying hooks.
[HINT] Download the complete skill directory including SKILL.md and all related files
| name | audit-hooks |
| description | Audit Claude Code hooks for safety, correctness, and best practices compliance. Checks settings.json configuration, hook scripts, error logging, and deployment readiness. Use when reviewing hook health, checking hook safety, validating hooks, or after adding/modifying hooks. |
| disable-model-invocation | true |
| allowed-tools | Read, Grep, Glob, Bash |
Audits all Claude Code hooks registered in .claude/settings.json against the best practices defined in BEST_PRACTICES.md. Produces a structured report with PASS/WARN/FAIL dispositions per hook.
.claude/settings.json and extract all hook entries|| true) or validator (no || true)This skill is read-only. It does NOT auto-fix anything. Review findings and fix manually.
Read .claude/settings.json and extract every hook entry. For each hook, record:
|| true is present| Classification | Criteria | || true required? |
|---------------|----------|-------------------|
| Validator | PreToolUse/PostToolUse + matcher + named validate_*.py | NO — must NOT have || true |
| Advisory | Any hook whose purpose is logging/tracking/enrichment | YES — must have || true |
| Stop | Any hook on Stop events | YES — must have || true |
For EACH hook command, check:
Settings-level checks:
|| true correctness (Rules 1-3 from BEST_PRACTICES.md)Python script checks (for hooks targeting .py files):
try/except + log_hook_error() at __main__ level (Rule 4)sys.exit(1) in advisory hooksanthropic, openai, pandas, numpy, httpx, pydantic (Rule 8)Bash script checks (for hooks targeting .sh files):
set +e, not set -e (Rule 5)exec without error handling (Rule 6)logs/hooks.logchmod +x)log_hook_error() is importable from hook_utils.constantsIf logs/hooks.log exists, scan for recent errors (last 24h). Report:
Output findings as a structured table:
## Hook Audit Report
### Summary
- Total hooks: N
- PASS: N | WARN: N | FAIL: N
### Findings
| Hook | Event | Type | Finding | Severity |
|------|-------|------|---------|----------|
| stop.py | Stop | Advisory | Has || true, has log_hook_error() | PASS |
| validate_commit_message.py | PreToolUse | Validator | No || true (correct) | PASS |
| calendar_prompt_hook.sh | UserPromptSubmit | Advisory | Missing || true | FAIL |
### Recommendations
[List specific fixes for FAIL and WARN items]