> Night Market Skill — ported from claude-night-market/abstract. For the full experience with agents, hooks, and commands, install the Claude Code plugin.
This skill provides a detailed framework for evaluating, auditing, and implementing Claude Code hooks across all scopes (plugin, project, global) and both JSON-based and programmatic (Python SDK) hooks.
| Component | Purpose |
|---|---|
| ----------- | --------- |
| Hook Types Reference | Complete SDK hook event types and signatures |
| Evaluation Criteria | Scoring system and quality gates |
| Security Patterns | Common vulnerabilities and mitigations |
| Performance Benchmarks | Thresholds and optimization guidance |
HookEvent = Literal[
"PreToolUse", # Before tool execution
"PostToolUse", # After tool execution
"UserPromptSubmit", # When user submits prompt
"Stop", # When stopping execution
"SubagentStop", # When a subagent stops
"TeammateIdle", # When teammate agent becomes idle (2.1.33+)
"TaskCompleted", # When a task finishes execution (2.1.33+)
"PreCompact" # Before message compaction
]
Verification: Run the command with --help flag to verify availability.
Note: Python SDK does not support SessionStart, SessionEnd, or Notification hooks due to setup limitations. However, plugins can define SessionStart hooks via hooks.json using shell commands (e.g., leyline's detect-git-platform.sh).
Plugins can declare hooks via "hooks": "./hooks/hooks.json" in plugin.json. The evaluator validates:
async def my_hook(
input_data: dict[str, Any], # Hook-specific input
tool_use_id: str | None, # Tool ID (for tool hooks)
context: HookContext # Additional context
) -> dict[str, Any]: # Return decision/messages
...
Verification: Run the command with --help flag to verify availability.
return {
"hookSpecificOutput": {
"hookEventName": "PreToolUse", # Match hook type
"permissionDecision": "deny", # Optional: block action
"permissionDecisionReason": "...", # Reason for denial
"additionalContext": "...", # Optional: context added
}
}
Verification: Run the command with --help flag to verify availability.
| Category | Points | Focus |
|---|---|---|
| ---------- | -------- | ------- |
| Security | 30 | Vulnerabilities, injection, validation |
| Performance | 25 | Execution time, memory, I/O |
| Compliance | 20 | Structure, documentation, error handling |
| Reliability | 15 | Timeouts, idempotency, degradation |
| Maintainability | 10 | Code structure, modularity |
modules/sdk-hook-types.md for complete Python SDK type definitions, patterns, and examplesmodules/evaluation-criteria.md for detailed scoring rubric and quality gatesmodules/sdk-hook-types.md for vulnerability detection and mitigationmodules/evaluation-criteria.md for benchmarking and optimization# 1. Run detailed evaluation
/hooks-eval --detailed
# 2. Focus on security issues
/hooks-eval --security-only --format sarif
# 3. Benchmark performance
/hooks-eval --performance-baseline
# 4. Check compliance
/hooks-eval --compliance-report
Verification: Run the command with --help flag to verify availability.
# Complete plugin evaluation pipeline
/hooks-eval --detailed # Evaluate all hooks
/analyze-hook hooks/specific.py # Deep-dive on one hook
/validate-plugin . # Validate overall structure
Verification: Run the command with --help flag to verify availability.
abstract:hook-scope-guide - Decide where to place hooks (plugin/project/global)abstract:hook-authoring - Write hook rules and patternsabstract:validate-plugin - Validate complete plugin structureHook not firing
Verify hook pattern matches the event. Check hook logs for errors
Syntax errors
Validate JSON/Python syntax before deployment
Permission denied
Check hook file permissions and ownership
共 4 个版本