Back to Hooks

dependency-checker

AutomationยทPostToolUse

Monitor and audit dependencies for security vulnerabilities and updates

Matcher: Edit

Configuration

Add to your .claude/settings.json:

{
  "hooks": {
    "PostToolUse": [
      {
        "hooks": [
          {
            "type": "command",
            "command": ".claude/hooks/dependency-checker.sh"
          }
        ],
        "matcher": "Edit"
      }
    ]
  }
}

This hook includes a script file. Download the ZIP bundle for complete installation with script and instructions.

Hook Details


dependency-checker


Monitor and audit dependencies for security vulnerabilities and updates


Event Configuration


  • **Event Type**: `PostToolUse`
  • **Tool Matcher**: `Edit`
  • **Category**: automation

    • Environment Variables


  • `CLAUDE_TOOL_FILE_PATH`

    • Requirements


  • npm audit (for Node.js)
  • safety (for Python)
  • cargo-audit (for Rust)

    • Script


    ```bash

    file_path=$(jq -r '.tool_input.file_path // empty')

    if [[ "$file_path" == *"package.json" ]]; then

    npm audit --audit-level=high 2>/dev/null || true

    elif [[ "$file_path" == *"requirements.txt" ]] || [[ "$file_path" == *"Pipfile" ]]; then

    pip-audit 2>/dev/null || safety check 2>/dev/null || true

    elif [[ "$file_path" == *"Cargo.toml" ]]; then

    cargo audit 2>/dev/null || true

    fi

    ```

    About PostToolUse Hooks

    PostToolUse hooks run after a tool completes execution. They can modify the result or trigger additional actions.