skill-checker 0.1.0 → 0.1.2

package/hook/skill-gate.sh

@@ -14,19 +14,33 @@
 #   }
 # }
 
-set -euo pipefail
+# Fail-closed helper: any unexpected error path outputs ask + exit 0
+fail_closed() {
+  echo "{\"permissionDecision\": \"ask\", \"additionalContext\": \"[skill-gate] $1\"}"
+  exit 0
+}
+
+# Trap any unexpected error to ensure we never exit without JSON output
+trap 'fail_closed "Unexpected error occurred. Manual review recommended."' ERR
+
+set -uo pipefail
+# NOTE: -e is intentionally omitted; we handle errors explicitly via || fail_closed
 
 # Check jq availability - required for parsing hook JSON
 if ! command -v jq &>/dev/null; then
-  echo '{"permissionDecision": "ask", "additionalContext": "[skill-gate] jq is required but not found. Install with: brew install jq (macOS) or apt install jq (Linux)"}'
-  exit 0
+  fail_closed "jq is required but not found. Install with: brew install jq (macOS) or apt install jq (Linux)"
 fi
 
 # Read hook input from stdin
 INPUT=$(cat)
 
-# Extract the file path from the hook input
-FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // .tool_input.path // empty')
+# Validate input is non-empty
+if [[ -z "$INPUT" ]]; then
+  fail_closed "Empty input received. Manual review recommended."
+fi
+
+# Extract the file path from the hook input (fail-closed on jq parse error)
+FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // .tool_input.path // empty' 2>/dev/null) || fail_closed "Failed to parse hook input JSON. Manual review recommended."
 
 # Only process SKILL.md files in skills directories
 if [[ -z "$FILE_PATH" ]] || [[ ! "$FILE_PATH" =~ SKILL\.md$ ]]; then
@@ -49,9 +63,8 @@ elif command -v npx &>/dev/null; then
 fi
 
 if [[ -z "$CHECKER" ]]; then
-  # skill-checker not found - warn but allow
-  echo '{"permissionDecision": "allow", "additionalContext": "[skill-gate] skill-checker not found. Install with: npm install -g skill-checker"}'
-  exit 0
+  # skill-checker not found - fail-closed: ask user to review manually
+  fail_closed "skill-checker not found. Install with: npm install -g skill-checker. Manual review recommended."
 fi
 
 # For new file writes, we need to create a temp dir with the content
@@ -59,8 +72,8 @@ fi
 TEMP_DIR=$(mktemp -d)
 trap 'rm -rf "$TEMP_DIR"' EXIT
 
-# Extract file content from hook input and write to temp
-CONTENT=$(echo "$INPUT" | jq -r '.tool_input.content // empty')
+# Extract file content from hook input and write to temp (fail-closed on jq error)
+CONTENT=$(echo "$INPUT" | jq -r '.tool_input.content // empty' 2>/dev/null) || fail_closed "Failed to extract content from hook input. Manual review recommended."
 if [[ -n "$CONTENT" ]]; then
   echo "$CONTENT" > "$TEMP_DIR/SKILL.md"
   SCAN_DIR="$TEMP_DIR"
@@ -73,8 +86,7 @@ fi
 RESULT=$($CHECKER scan "$SCAN_DIR" --format hook 2>/dev/null) || RESULT=""
 
 if [[ -z "$RESULT" ]]; then
-  echo '{"permissionDecision": "ask", "additionalContext": "[skill-gate] Scan failed or produced no results. Manual review recommended."}'
-  exit 0
+  fail_closed "Scan failed or produced no results. Manual review recommended."
 fi
 
 # Output the hook response

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "skill-checker",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "Security checker for Claude Code skills - detect injection, malicious code, and supply chain risks before installation",
   "type": "module",
   "main": "dist/index.js",
@@ -29,7 +29,13 @@
     "lint": "tsc --noEmit",
     "prepublishOnly": "npm run lint && npm test && npm run build"
   },
-  "keywords": ["claude-code", "skill", "security", "checker", "agent"],
+  "keywords": [
+    "claude-code",
+    "skill",
+    "security",
+    "checker",
+    "agent"
+  ],
   "license": "AGPL-3.0-only",
   "author": "Alexander Jin",
   "repository": {