Security Guidance Hook A PreToolUse hook that blocks 12 common security anti-patterns before Claude Code writes them. This skill is a hook , not a slash command. Once installed, it runs automatically before every , , or operation and warns + blocks if it detects a known dangerous pattern. What It Catches The hook scans both: - The file path being edited — flags GitHub Actions workflow files with risky patterns - The content being written — substring matches against 11 anti-patterns | Pattern | Category | Risk | |---|---|---| | GitHub Actions workflow expressions | Path-based | Workflow comman…