Security Guidance
PluginSecurity reminder hook that warns about potential security issues when editing files, including command injection, XSS, and unsafe code patterns
This plugin hooks into file editing operations (Edit, Write, MultiEdit) to scan for and warn about common security risks such as command injection, XSS, and unsafe code patterns. It maintains session-specific state to avoid repetitive warnings and uses standard Python for its logic.
Documentation
- warning:Configuration & parameter referenceThe script references an environment variable `ENABLE_SECURITY_REMINDER` for disabling the hook, but this is not documented in the README or plugin.json.
- warning:Install / Setup InstructionsThe README provides general installation instructions for plugins but lacks specific setup or configuration details for this particular plugin, such as how to enable/disable the security reminder.
- warning:Feature TransparencyThe `plugin.json` declares a `PreToolUse` hook, but the README does not mention the security reminder functionality or its purpose.
Versioning
- warning:Release ManagementNo version information is present in the manifest files or any other metadata, and the install instructions do not specify a version, potentially leading to unexpected updates.
Code Execution
- info:LoggingThe plugin implements a debug log file for its own operations, which is helpful but not a user-facing audit log of executed actions.
Invocation
- warning:Hooks-off mechanismThe plugin uses an environment variable `ENABLE_SECURITY_REMINDER` to disable hooks, but this mechanism is not documented in the README, making it difficult for users to discover and use.
التثبيت
أضف Marketplace أولًا
/plugin marketplace add anthropics/claude-plugins-official/plugin install security-guidance@claude-plugins-officialامتدادات مماثلة
AnomalyArmor Agents
99Data observability plugin - health monitoring, alerts, schema drift, freshness tracking
MCP Server Development Suite
98Skills for designing and building MCP servers that work seamlessly with Claude. Guides you through deployment models (remote HTTP, MCPB, local), tool design patterns, auth, and interactive MCP apps.
Plugin Development Toolkit
99Comprehensive toolkit for developing Claude Code plugins. Includes 7 expert skills covering hooks, MCP integration, commands, agents, and best practices. AI-assisted plugin creation and validation.
Plugin Master
99Complete Claude Code plugin development system. PROACTIVELY activate when users want to: (1) Create/build plugins with 2025 features, (2) Add skills/commands/agents/hooks, (3) Validate plugin structure, (4) Publish to marketplace, (5) Get plugin development guidance. Provides: agent-first design patterns, progressive disclosure skills, hook automation, MCP integration, marketplace publishing. Includes plugin-expert agent and validation utilities.
Git Master Plugin
98Complete Git expertise for ALL operations with 2025 features (Git 2.49+, GitHub CLI 2.x). PROACTIVELY activate for: (1) ANY Git task, (2) Git 2.49+ features (git-backfill, path-walk API, reftables, sparse-checkout, worktrees), (3) Security (signed commits, zero-trust, secret scanning, CodeQL), (4) Trunk-Based Development, (5) GitHub CLI 2.x (Copilot CLI, model evaluations), (6) GitHub Actions 2025 (1 vCPU runners, immutable releases), (7) Modern workflows (monorepo, parallel development), (8) History rewriting/recovery. Provides: Git 2.49 git-backfill for partial clones, path-walk API, reftables migration, sparse-checkout (90% space reduction), worktrees, GitHub Copilot CLI, gh models eval, zero-trust security, signed commits (GPG/SSH), GitHub Actions 2025 features, automatic backups, safety guardrails, reflog recovery.