QP19 Pre-commit Hooks Presence
What this means
SiteShadow flagged missing pre-commit hooks (or similar local quality gates). Hooks catch issues before they reach CI, which prevents "quick unsafe changes" from landing.
Why it matters
Pre-commit hooks stop common issues before they reach CI.
- Fewer secret leaks when secret scanning runs locally.
- Less formatting churn when formatters run before commit.
- Faster feedback reduces pressure to bypass checks.
Safer examples
1) Add pre-commit checks for the basics
Format, lint, unit tests (fast subset), secret scanning, and dependency checks.
2) Keep hooks fast
Slow hooks get disabled; run the heavy stuff in CI.
3) Document how to install hooks
One command setup encourages adoption.
How SiteShadow detects it (high level)
- Detects missing hook configuration and correlates with lack of "local gates".
- Flags repos where issues likely reach CI/mainline unnecessarily.
References
- OWASP Top 10: https://owasp.org/Top10/
---
← Back to Vulnerability Library
Catch this with SiteShadow Pro.
This vulnerability class is detected by SiteShadow's Pro-tier engines, two-pass interprocedural taint analysis, heuristic flow checks, AI-context scanning, and cross-file detection. The free tier catches OWASP Top 10 single-file patterns; Pro adds the data-flow depth that finds this class of bug.