Fidensa
Plugin Verified

disler-hooks-mastery

A comprehensive Claude extension suite that provides 12+ lifecycle hooks, sub-agents, slash commands, and output styles for automated logging, security enforcement, text-to-speech feedback, and multi-agent orchestration.

31

/ 74 · Grade F-D

F-D = below 60 (deductions)

I need to extend Claude's functionality with comprehensive automation, security enforcement, logging capabilities, and multi-agent orchestration through a unified plugin system.

AI-ExtensionsDevelopment-ToolsAutomationSecurityMulti-Agent-SystemsCode-Hooks
Publisher: dislerVersion: latestCertified: Mar 28, 2026Expires: Mar 28, 2027Source ↗

disler-hooks-mastery earned Verified status with a trust score of 31/74 (Grade F-D). Adversarial testing produced 4 findings (4 high). Security scan flagged 0 findings. Tier is Verified rather than Certified due to unmitigated findings above severity thresholds.

Trust Score Breakdown

Eight weighted signals composing the aggregate trust score

security scan
100% × 15w
15.0
supply chain
100% × 10w
10.0
adversarial
0% × 25w
0.0
provenance
40% × 20w
8.0
consumer confirm
0% × 10w
0.0
behavioral pass
0% × 10w
0.0
contract accuracy
0% × 6w
0.0
uptime
100% × 4w
4.0

Scheme v2.0 · Weights provisional · Consumer confirmations and uptime use pipeline-derived baselines.

Findings

Security scan results, adversarial testing, and pipeline review

Security Scan — Cisco Skill Scanner

cisco-skill-scannerFAIL
critical: 0high: 0medium: 0low: 0

Adversarial Testing — 6 categories, 4 findings

prompt injection chainsprivilege escalationdata exfiltration side channelscapability squattingcontext poisoningdependency confusion
highWarnprompt injection chainsconfirmed

Several hook scripts directly incorporate user-provided content (prompts, tool inputs, file paths) into their processing logic without explicit data boundary markers. The user_prompt_submit.py hook processes raw user prompts, and pre_tool_use.py processes tool inputs that could contain instruction-like content. While these hooks have some validation, they don't explicitly mark user content as data-only, creating potential injection surfaces.

highWarnprompt injection chainsconfirmed

Multiple hook scripts execute system commands and file operations using user-provided content as parameters. The pre_tool_use.py hook processes bash commands from user input, and various hooks perform file operations with user-controlled paths. While there is some validation for dangerous patterns, the parameter injection surface remains significant, especially for path traversal and command injection through tool parameters.

highWarncapability squattingconfirmed

Multiple hook scripts contain conditional logic that references system state the user wouldn't anticipate, including environment variables (ENGINEER_NAME, ELEVENLABS_API_KEY, OPENAI_API_KEY), file existence checks, and system capabilities. These conditionals can alter behavior based on hidden system state rather than user-visible inputs.

highReviewcapability squattingconfirmed

The plugin declares 6 agents, 15 commands, 1 hook, and 35 scripts totaling 57 components, which is unusually large for a 'mastery' tutorial. This volume could obscure malicious content within legitimate educational material, making thorough review difficult.

Methodology v1.0 · 6 categories · ~55 attack patterns

Component Inventory

57 components composing this plugin

agents

6

commands

15

hook

1

scripts

35

agents (6)

crypto.claude/agents/crypto
hello-world-agent.claude/agents/hello-world-agent.md
llm-ai-agents-and-eng-research.claude/agents/llm-ai-agents-and-eng-research.md
meta-agent.claude/agents/meta-agent.md
team.claude/agents/team
work-completion-summary.claude/agents/work-completion-summary.md

commands (15)

agent_prompts.claude/commands/agent_prompts
all_tools.claude/commands/all_tools.md
build.claude/commands/build.md
cook.claude/commands/cook.md
cook_research_only.claude/commands/cook_research_only.md
crypto_research.claude/commands/crypto_research.md
crypto_research_haiku.claude/commands/crypto_research_haiku.md
git_status.claude/commands/git_status.md
plan.claude/commands/plan.md
plan_w_team.claude/commands/plan_w_team.md
prime.claude/commands/prime.md
prime_tts.claude/commands/prime_tts.md
question.claude/commands/question.md
sentient.claude/commands/sentient.md
update_status_line.claude/commands/update_status_line.md

hooks (1)

settings-hooks.claude/settings.json

scripts (35)

notification.claude/hooks/notification.py
permission_request.claude/hooks/permission_request.py
post_tool_use.claude/hooks/post_tool_use.py
post_tool_use_failure.claude/hooks/post_tool_use_failure.py
pre_compact.claude/hooks/pre_compact.py
pre_tool_use.claude/hooks/pre_tool_use.py
session_end.claude/hooks/session_end.py
session_start.claude/hooks/session_start.py
setup.claude/hooks/setup.py
stop.claude/hooks/stop.py
subagent_start.claude/hooks/subagent_start.py
subagent_stop.claude/hooks/subagent_stop.py
user_prompt_submit.claude/hooks/user_prompt_submit.py
anth.claude/hooks/utils/llm/anth.py
oai.claude/hooks/utils/llm/oai.py
ollama.claude/hooks/utils/llm/ollama.py
task_summarizer.claude/hooks/utils/llm/task_summarizer.py
elevenlabs_tts.claude/hooks/utils/tts/elevenlabs_tts.py
openai_tts.claude/hooks/utils/tts/openai_tts.py
pyttsx3_tts.claude/hooks/utils/tts/pyttsx3_tts.py
tts_queue.claude/hooks/utils/tts/tts_queue.py
ruff_validator.claude/hooks/validators/ruff_validator.py
ty_validator.claude/hooks/validators/ty_validator.py
validate_file_contains.claude/hooks/validators/validate_file_contains.py
validate_new_file.claude/hooks/validators/validate_new_file.py
status_line.claude/status_lines/status_line.py
status_line_v2.claude/status_lines/status_line_v2.py
status_line_v3.claude/status_lines/status_line_v3.py
status_line_v4.claude/status_lines/status_line_v4.py
status_line_v5.claude/status_lines/status_line_v5.py
status_line_v6.claude/status_lines/status_line_v6.py
status_line_v7.claude/status_lines/status_line_v7.py
status_line_v8.claude/status_lines/status_line_v8.py
status_line_v9.claude/status_lines/status_line_v9.py
helloapps/hello.py

Interface

Aggregated instruction summary

Instructions: 0Files: 0Format: composite

Scope & Permissions

What this capability can and cannot access — derived from pipeline analysis

creates files

no

deletes files

no

modifies files

yes

accesses env variables

yes

invokes external tools

yes

makes network requests

no

Badge & Integration

Embed certification status in your README, docs, or CI pipeline

Fidensa Verified badge for disler-hooks-mastery
badge SVG →attestation API →integration guide →

Certification Notes

Provenance observations from the pipeline

publisher

Publisher "disler" is not verified — first certification from this publisher

provenance

No license file found in repository

provenance

No SECURITY.md or SECURITY.txt file found — no published vulnerability reporting process

provenance

Single contributor — no peer review evidence in commit history

provenance

Package description appears to be boilerplate or template text

Signed Artifact

Certification provenance and verification metadata

Content hashsha256:993815883bc74797eae6c76d1c1d303f574bcb163650e91d2079d7d9446aec3a
Key IDkms-9db4ed3b9f53
CertifiedMar 28, 2026
ExpiresMar 28, 2027
Pipeline version1.0
Statusvalid
download .cert.json →download annotated file →

Pipeline Artifacts

Raw data files from this certification run — downloadable for independent verification

contract.json

Full unsigned contract

stage1-ingest.json

Ingest stage output

stage2a-sbom.json

SBOM generation results

stage2a-vulns.json

Vulnerability scan results

stage2b-security.json

Security scan results

stage3a-functional.json

Functional test results

stage3b-adversarial.json

Adversarial test results

stage3c-fingerprint.json

Behavioral fingerprint

stage4-certify.json

Certification decision + trust score

stage3a-measurements.json

Raw functional test measurements

stage3b-measurements.json

Raw adversarial test measurements

run-log.json

Pipeline execution log

Not all files may be present for every certification.

disler-hooks-mastery — Verified (31/F-D) — Fidensa