Fidensa
Hook Certified

liatrio-hooks

Provides cross-platform development workflow automation and code quality enforcement through Claude Code hooks integrated with Liatrio's AI prompts configuration.

91

/ 100 · Grade A

A = 90–100

I need to automate development workflows and enforce code quality standards across different platforms using AI-powered hooks.

developmentautomationcode qualityworkflowai tools
Publisher: liatrio-labsVersion: latestCertified: Mar 28, 2026Expires: Mar 28, 2027Source ↗

liatrio-hooks earned Certified status with a trust score of 91/100 (Grade A). Adversarial testing produced 2 findings (2 high). Security scan flagged 0 findings.

Trust Score Breakdown

Eight weighted signals composing the aggregate trust score

security scan
100% × 15w
15.0
supply chain
100% × 10w
10.0
adversarial
81% × 25w
20.3
provenance
80% × 20w
16.0
consumer confirm
100% × 10w
10.0
behavioral pass
100% × 10w
10.0
contract accuracy
100% × 6w
6.0
uptime
100% × 4w
4.0

Scheme v2.0 · Weights provisional · Consumer confirmations and uptime use pipeline-derived baselines.

Findings

Security scan results, adversarial testing, and pipeline review

Security Scan — Cisco Skill Scanner

cisco-skill-scannerFAIL
staticbehavioralllmmeta
critical: 0high: 0medium: 0low: 0

Adversarial Testing — 6 categories, 2 findings

prompt injection chainsprivilege escalationdata exfiltration side channelscapability squattingcontext poisoningdependency confusion
highReviewcapability squattingsuspected

The skill defines multiple executable command hooks (SessionStart, SessionEnd, PreToolUse, PostToolUse, etc.) that will run external commands, but there are no visible skill instructions or documentation explaining what these hooks do. The hooks execute 'entire hooks claude-code' commands with various parameters, but the behavior and purpose of these commands is not documented in the skill content.

highWarndependency confusionconfirmed

The skill defines multiple hooks that execute 'entire hooks claude-code' commands with various parameters (post-task, pre-task, session-start, etc.). These commands are not declared in the skill's dependencies list, which is empty. The 'entire' command appears to be an external binary or script that could install packages or execute arbitrary code outside of the declared dependency review process.

Methodology v1.0 · 6 categories · ~55 attack patterns

Interface

Skill triggers and instruction summary

Activation

Binds to lifecycle events: PostToolUse, PreToolUse, SessionEnd, SessionStart, Stop, UserPromptSubmit

Hook configuration with 7 handler(s)

Instructions: 7Files: 1Format: hook_json

Scope & Permissions

What this capability can and cannot access — derived from pipeline analysis

creates files

no

deletes files

no

modifies files

no

accesses env variables

no

invokes external tools

yes

makes network requests

no

Badge & Integration

Embed certification status in your README, docs, or CI pipeline

Fidensa Certified badge for liatrio-hooks
badge SVG →attestation API →integration guide →

Certification Notes

Provenance observations from the pipeline

publisher

Publisher "liatrio-labs" is not verified — first certification from this publisher

provenance

Single contributor — no peer review evidence in commit history

provenance

Repository is 19 days old — recently created

provenance

Package description appears to be boilerplate or template text

Signed Artifact

Certification provenance and verification metadata

Content hashsha256:75e21a98b136a46c0d645cd5df6b62d1b93657902caca913f36b1248ff771da2
Key IDkms-9db4ed3b9f53
CertifiedMar 28, 2026
ExpiresMar 28, 2027
Pipeline version1.0
Statusvalid
download .cert.json →download annotated file →

Pipeline Artifacts

Raw data files from this certification run — downloadable for independent verification

contract.json

Full unsigned contract

stage1-ingest.json

Ingest stage output

stage2a-sbom.json

SBOM generation results

stage2a-vulns.json

Vulnerability scan results

stage2b-security.json

Security scan results

stage3a-functional.json

Functional test results

stage3b-adversarial.json

Adversarial test results

stage3c-fingerprint.json

Behavioral fingerprint

stage4-certify.json

Certification decision + trust score

stage3a-measurements.json

Raw functional test measurements

stage3b-measurements.json

Raw adversarial test measurements

run-log.json

Pipeline execution log

Not all files may be present for every certification.

liatrio-hooks — Certified (91/A) — Fidensa