agent-hooks
Four lifecycle hooks every agent runs: on-session-start scans LESSONS-LEARNED.md, resumes checkpoints; on-pre-delegate verifies tracker issues, file partitions; on-post-delegate runs fast-review, CI checks; on-session-end executes session guard, writes logs. Use when starting a new session, running pre-flight checks before delegation, coordinating between agents, reviewing a completed handoff, or wrapping up a session. Trigger terms: multi-agent setup, delegate tasks, agent coordination, session management, run pre-flight checks, start a new session, coordinate between agents, wrap up session
75
92%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Advisory
Suggest reviewing before use
Security
1 medium severity finding. This skill can be installed but you should review these findings before use.
W011: Third-party content exposure detected (indirect prompt injection risk)
What this means
The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.
Why it was flagged
Third-party content exposure detected (high risk: 0.90). The skill explicitly calls out reading tracker issues via commands like "gh issue view TAS-XX" (on-pre-delegate) and "gh issue view TAS-XX --json body -q '.body'" (on-post-delegate), which ingests untrusted, user-generated GitHub issue content that the agent must interpret to verify acceptance criteria and decide on delegation/closure.
- Repository
- monkilabs/opencastle
- Commit
7a69a05
- Audited
- Security analysis
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.