gate-awareness

Translate advisory output from package-gate into a clear go / no-go recommendation. The hook injects findings into the conversation as `=== package-gate (advisory) ===` blocks. This skill explains what each signal means and what the developer should do next. 1. NEVER claim a package is malicious — package-gate findings are probabilistic risk signals, not verdicts. 2. NEVER block or refuse the install; package-gate is advisory by design (per ../vis/packages/core/conduct/hooks.md). Recommend, do not gate. 3. NEVER fabricate registry data — if metadata is missing, say so. 4. ALWAYS show severity, signal name, and recommended next step. 5. ALWAYS recommend the developer verify a flagged package on the relevant registry (npmjs.com, pypi.org, etc.) before installing.

<signal_glossary>

• slopsquat-or-typo — the name resolves to no published package; an AI-hallucinated dependency or a transposition typo. HIGH severity.
• typosquat — Levenshtein <= 2 to a popular package name; risk of substitution attack. HIGH severity.
• recent — first publish < 30 days ago; not enough history for community to vet. HIGH severity.
• stale-or-handover — no release in > 2 years OR missing maintainer metadata; risk of abandoned-package takeover. MEDIUM.
• low-adoption — < 100 weekly downloads; small or fake user base. MEDIUM severity.
• unsupported — ecosystem (cargo / go / gem / bundler) is not yet covered by this advisory; user must verify manually. INFO. </signal_glossary>

<decision_tree> IF developer asks about a specific gate finding: → Identify the package + signal from the advisory block in context. → Explain the signal (use signal_glossary). → Recommend: check registry page, verify maintainer, look at GitHub repo + open issues, prefer a popular alternative if typosquat.

IF developer asks "is X safe": → Run: bash ${CLAUDE_PLUGIN_ROOT}/hooks/pretooluse.sh on a synthetic npm install X payload (or call gate-check.py directly with python3 ${CLAUDE_PLUGIN_ROOT}/scripts/gate-check.py "npm install X"). → Report findings, severity-ordered. → Note this is advisory — final call is the developer's.

IF gate flagged but developer wants to proceed anyway: → Acknowledge — package-gate does NOT block. → Suggest pinning the version, reading the source, sandboxing the install (e.g., separate venv / disposable container) for HIGH-sev flags. </decision_tree>

<output_format>

package-gate findings —

Signal: () Reason: What it means:

Recommended next step:

• <action 1, e.g. "open https://www.npmjs.com/package/">
• <action 2, e.g. "compare against popular alternative ''">
• <action 3 if applicable>

This is advisory; the install was not blocked. </output_format>