block-no-verify
PreToolUse hook that blocks --no-verify, --no-gpg-sign, and other flags that bypass git hooks.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for block-no-verify, derived from its capabilities.
AIVSS 5.4 ยท Medium
View MAESTRO 7-layer threat model โOverview
A Claude Code plugin whose PreToolUse hook prevents AI agents from using bypass flags like --no-verify and --no-gpg-sign that skip git hooks and commit signing. It inspects the agent's proposed git commands and denies dangerous ones, sitting exactly on the command trust boundary โ a pure guardrail plugin.
Key features
- Blocks git hook-bypass flags
- PreToolUse command inspection
- Enforces signing and verification
Use cases
- Stop agents skipping git hooks
- Enforce commit signing