Agent Skills: Hooks Manager

Hooks Manager

Overview

hooks-manager enables sophisticated workflow automation through Claude Code's hooks system (released June 2025).

Purpose: Create event-driven automation for code formatting, security gates, observability, and validation

Pattern: Task-based (8 operations, one per hook event + management)

Key Innovation: Hooks transform Claude Code from interactive to automated - reducing manual work by up to 92%

Hook Events Available (8):

1. UserPromptSubmit - Before Claude sees prompts
2. PreToolUse - Before tool execution
3. PostToolUse - After tool execution
4. PermissionRequest - When permissions requested
5. Notification - Important events
6. SessionStart - Session initialization
7. SessionEnd - Session cleanup
8. Stop - Conversation termination

When to Use

Use hooks-manager when:

• Auto-formatting code (PostToolUse after Write/Edit)
• Security gates (PreToolUse to block dangerous operations)
• Observability integration (send telemetry on all tool calls)
• Validation enforcement (block invalid operations)
• Workflow automation (trigger actions on events)
• Team standardization (enforce coding standards)

Production Impact: Companies report 92% reduction in style review time with PostToolUse formatting hooks

Prerequisites

Required

• Claude Code (hooks support added June 2025)
• Basic understanding of event-driven programming

Recommended

• Linter/formatter installed (ESLint, Prettier, Black)
• Security tools (if using security hooks)
• Observability platform (if using telemetry hooks)

Hook Operations

Operation 1: Create Formatting Hook (PostToolUse)

Purpose: Auto-format code after AI writes/edits files

Use Case: Enforce coding standards without manual intervention

Process:

1. Choose Formatter:

   # JavaScript/TypeScript
   npm install --save-dev prettier
   
   # Python
   pip install black
   
   # Multi-language
   npm install --save-dev prettier @prettier/plugin-python
   

2. Create Hook Configuration:

   {
     "event": "PostToolUse",
     "tools": ["Write", "Edit"],
     "description": "Auto-format code after Claude writes/edits files",
     "handler": {
       "command": "npx prettier --write \"$FILE\"",
       "timeout": 5000
     },
     "filters": {
       "filePatterns": ["**/*.{ts,tsx,js,jsx,py}"],
       "excludePatterns": ["node_modules/**", "*.min.js"]
     }
   }
   

3. Install Hook:

   # Global hook (all projects)
   mkdir -p ~/.claude/hooks
   echo '[above-json]' > ~/.claude/hooks/auto-format.json
   
   # Project-specific
   mkdir -p .claude/hooks
   echo '[above-json]' > .claude/hooks/auto-format.json
   

4. Test Hook:

   # Have Claude write unformatted code
   # Hook should auto-format after Write/Edit
   # Verify formatted correctly
   

Outputs:

• Hook configuration file
• Auto-formatting on all code changes
• 92% reduction in style review time

Validation:

• [ ] Hook file created
• [ ] Formatter configured correctly
• [ ] File patterns appropriate
• [ ] Tested with Claude Code
• [ ] Formatting works automatically

Time Estimate: 30-45 minutes

Operation 2: Create Security Hook (PreToolUse)

Purpose: Block dangerous operations before execution

Use Case: Prevent accidental production file modifications, destructive commands

Process:

1. Define Security Rules:

   {
     "event": "PreToolUse",
     "tools": ["Write", "Edit", "Bash"],
     "description": "Block dangerous operations",
     "handler": {
       "command": ".claude/hooks/security-check.sh \"$TOOL\" \"$FILE\" \"$COMMAND\""
     },
     "structuredOutput": true
   }
   

2. Create Security Check Script:

   #!/bin/bash
   # .claude/hooks/security-check.sh
   
   TOOL=$1
   FILE=$2
   COMMAND=$3
   
   # Block production file modifications
   if [[ "$FILE" == "/etc/"* ]] || [[ "$FILE" == "/usr/"* ]]; then
     echo '{"continue": false, "stopReason": "Cannot modify system files", "suppressOutput": true}'
     exit 1
   fi
   
   # Block destructive commands
   if [[ "$COMMAND" =~ rm\ -rf\ / ]] || [[ "$COMMAND" =~ dd\ if ]]; then
     echo '{"continue": false, "stopReason": "Destructive command blocked", "suppressOutput": true}'
     exit 1
   fi
   
   # Block curl/wget (security risk)
   if [[ "$COMMAND" =~ curl|wget ]]; then
     echo '{"continue": false, "stopReason": "Network commands disabled", "suppressOutput": false}'
     exit 1
   fi
   
   # Allow operation
   echo '{"continue": true}'
   exit 0
   

3. Install Security Hook:

   chmod +x .claude/hooks/security-check.sh
   # Hook JSON already configured in step 1
   

Outputs:

• Security hook blocking dangerous operations
• Protection against accidental damage
• Audit trail of blocked operations

Validation:

• [ ] Hook blocks system file modifications
• [ ] Hook blocks destructive commands
• [ ] Hook allows safe operations
• [ ] Structured JSON output correct

Time Estimate: 45-60 minutes

Operation 3: Create Observability Hook (Notification)

Purpose: Send telemetry to observability platform on important events

Use Case: Track AI agent decisions, tool usage, errors

Process:

1. Create Telemetry Hook:

   {
     "event": "Notification",
     "description": "Send telemetry to observability platform",
     "handler": {
       "command": ".claude/hooks/send-telemetry.sh \"$EVENT_TYPE\" \"$MESSAGE\""
     }
   }
   

2. Create Telemetry Script:

   #!/bin/bash
   # .claude/hooks/send-telemetry.sh
   
   EVENT_TYPE=$1
   MESSAGE=$2
   
   # Send to observability platform (example: Victoria Metrics)
   curl -X POST http://localhost:8428/api/v1/write \
     -d "claude_event{type=\"$EVENT_TYPE\"} 1" \
     -d "claude_message{event=\"$EVENT_TYPE\",msg=\"$MESSAGE\"} 1"
   
   # Or log to file
   echo "$(date -Iseconds) | $EVENT_TYPE | $MESSAGE" >> .claude/telemetry.log
   
   # Or send to webhook
   # curl -X POST https://your-webhook.com/telemetry \
   #   -H "Content-Type: application/json" \
   #   -d "{\"event\": \"$EVENT_TYPE\", \"message\": \"$MESSAGE\"}"
   

3. Test Telemetry:

   # Trigger notification in Claude Code
   # Check telemetry.log or observability platform
   cat .claude/telemetry.log
   

Outputs:

• Telemetry hook sending data
• Observability integration
• Decision tracking

Validation:

• [ ] Hook configured
• [ ] Telemetry script working
• [ ] Data reaches destination
• [ ] No performance impact

Time Estimate: 30-45 minutes

Operation 4: Create Validation Hook (PreToolUse)

Purpose: Validate inputs before tool execution

Use Case: Ensure files exist, validate JSON, check permissions

Process:

1. Create Validation Hook:

   {
     "event": "PreToolUse",
     "tools": ["Write"],
     "description": "Validate JSON before writing",
     "handler": {
       "command": ".claude/hooks/validate-json.sh \"$FILE\" \"$CONTENT\""
     },
     "structuredOutput": true
   }
   

2. Create Validation Script:

   #!/bin/bash
   # .claude/hooks/validate-json.sh
   
   FILE=$1
   CONTENT=$2
   
   # Only validate .json files
   if [[ "$FILE" != *.json ]]; then
     echo '{"continue": true}'
     exit 0
   fi
   
   # Validate JSON syntax
   if echo "$CONTENT" | jq empty 2>/dev/null; then
     echo '{"continue": true}'
     exit 0
   else
     echo '{"continue": false, "stopReason": "Invalid JSON syntax", "suppressOutput": false}'
     exit 1
   fi
   

Outputs:

• Validation hook preventing invalid writes
• JSON syntax enforcement
• Error prevention

Validation:

• [ ] Hook validates JSON files
• [ ] Hook allows non-JSON files
• [ ] Invalid JSON blocked
• [ ] Valid JSON allowed

Time Estimate: 20-30 minutes

Operation 5: Create MCP Tool Hook (PreToolUse)

Purpose: Control MCP tool access granularly

Use Case: Block specific MCP servers or tools

Process:

1. MCP Tool Targeting:

   {
     "event": "PreToolUse",
     "tools": ["mcp__filesystem__*"],
     "description": "Block all filesystem MCP operations",
     "handler": {
       "command": "echo '{\"continue\": false, \"stopReason\": \"Filesystem MCP disabled\"}'"
     },
     "structuredOutput": true
   }
   

2. Selective MCP Control:

   {
     "event": "PreToolUse",
     "tools": ["mcp__github__delete_repository"],
     "description": "Block dangerous GitHub operations",
     "handler": {
       "command": "echo '{\"continue\": false, \"stopReason\": \"Repository deletion disabled\"}'"
     },
     "structuredOutput": true
   }
   

Outputs:

• Fine-grained MCP control
• Security for MCP operations
• Prevent accidental damage

Validation:

• [ ] MCP tools blocked correctly
• [ ] Tool targeting works (mcp__server__tool pattern)
• [ ] Safe operations allowed

Time Estimate: 20-30 minutes

Operation 6: Create Comprehensive Hook (SessionStart)

Purpose: Initialize environment on session start

Use Case: Load context, set variables, validate environment

Process:

1. Session Start Hook:

   {
     "event": "SessionStart",
     "description": "Initialize session with context and validation",
     "handler": {
       "command": ".claude/hooks/session-init.sh"
     }
   }
   

2. Initialization Script:

   #!/bin/bash
   # .claude/hooks/session-init.sh
   
   echo "🚀 Claude Code Session Starting..."
   
   # Load project context
   if [ -f ".claude/PROJECT_CONTEXT.md" ]; then
     echo "📋 Project context available"
   fi
   
   # Check git status
   if git status --porcelain | grep -q .; then
     echo "⚠️  Uncommitted changes detected"
   fi
   
   # Load environment
   if [ -f ".env" ]; then
     echo "🔐 Environment variables available"
   fi
   
   # Run pre-flight checks
   if [ -f ".claude/hooks/pre-flight-check.sh" ]; then
     bash .claude/hooks/pre-flight-check.sh
   fi
   
   echo "✅ Session initialized"
   

Outputs:

• Session initialization automation
• Context loading
• Environment validation

Validation:

• [ ] Hook runs on session start
• [ ] Context loaded correctly
• [ ] Environment validated

Time Estimate: 15-20 minutes

Operation 7: Deploy and Manage Hooks

Purpose: Install, update, remove, and audit hooks

Process:

1. Deploy Hook (global or project):

   # Deploy to global (~/.claude/hooks/)
   deploy-hook --global formatting-hook.json
   
   # Deploy to project (.claude/hooks/)
   deploy-hook --project security-hook.json
   

2. List Active Hooks:

   # List all hooks
   ls -la ~/.claude/hooks/
   ls -la .claude/hooks/
   
   # Parse and display
   for hook in .claude/hooks/*.json; do
     echo "Hook: $(basename $hook)"
     jq '.event, .description' $hook
   done
   

3. Validate Hook:

   # Test hook in safe environment
   validate-hook formatting-hook.json
   
   # Expected:
   # ✅ JSON valid
   # ✅ Handler command exists
   # ✅ Event type valid
   # ✅ Structured output correct
   

4. Remove Hook:

   # Disable hook
   rm .claude/hooks/formatting-hook.json
   
   # Or rename to .disabled
   mv .claude/hooks/security-hook.json .claude/hooks/security-hook.json.disabled
   

Outputs:

• Hook deployment automation
• Hook management interface
• Validation before deployment

Validation:

• [ ] Can deploy hooks globally and per-project
• [ ] Can list active hooks
• [ ] Can validate hooks safely
• [ ] Can remove/disable hooks

Time Estimate: 30-45 minutes

Operation 8: Security Audit Hooks

Purpose: Review all active hooks for security issues

Process:

1. Audit All Hooks:

   # Scan all hook files
   for hook in ~/.claude/hooks/*.json .claude/hooks/*.json; do
     echo "Auditing: $hook"
   
     # Check for dangerous patterns
     if grep -q "rm -rf\|dd if\|curl.*sudo" $hook; then
       echo "⚠️  Dangerous command detected"
     fi
   
     # Check for credential leaks
     if grep -q "password\|secret\|token\|api_key" $hook; then
       echo "⚠️  Potential credential exposure"
     fi
   
     # Validate JSON structure
     jq empty $hook 2>/dev/null || echo "❌ Invalid JSON"
   done
   

2. Generate Security Report:

   # Hook Security Audit
   
   ## Hooks Scanned: 8
   
   ### HIGH RISK
   None
   
   ### MEDIUM RISK
   1. observability-hook.json
      - Issue: Sends data to external URL
      - Recommendation: Validate URL is trusted
   
   ### LOW RISK
   2. formatting-hook.json
      - Info: Executes npx prettier (safe)
   
   ## Recommendations
   - Review observability destination
   - Consider encrypting telemetry data
   

Outputs:

• Security audit report
• Risk assessment
• Recommendations

Validation:

• [ ] All hooks scanned
• [ ] Security issues identified
• [ ] Recommendations provided

Time Estimate: 20-30 minutes

Hook Templates

Template 1: Auto-Format (PostToolUse)

{
  "event": "PostToolUse",
  "tools": ["Write", "Edit"],
  "description": "Auto-format code after Claude writes",
  "handler": {
    "command": "npx prettier --write \"$FILE\"",
    "timeout": 5000
  },
  "filters": {
    "filePatterns": ["**/*.{ts,tsx,js,jsx}"],
    "excludePatterns": ["node_modules/**", "dist/**", "build/**"]
  }
}

Impact: 92% reduction in style review time

Template 2: Security Gate (PreToolUse)

{
  "event": "PreToolUse",
  "tools": ["Write", "Edit", "Bash"],
  "description": "Block modifications to production files",
  "handler": {
    "command": ".claude/hooks/security-gate.sh \"$TOOL\" \"$FILE\" \"$COMMAND\""
  },
  "structuredOutput": true
}

Impact: Prevents accidental production damage

Template 3: Telemetry (Notification)

{
  "event": "Notification",
  "description": "Send telemetry on important events",
  "handler": {
    "command": ".claude/hooks/telemetry.sh \"$EVENT_TYPE\" \"$MESSAGE\""
  }
}

Impact: Full observability of AI agent behavior

Template 4: Validation (PreToolUse)

{
  "event": "PreToolUse",
  "tools": ["Write"],
  "description": "Validate JSON/YAML before writing",
  "handler": {
    "command": ".claude/hooks/validate-syntax.sh \"$FILE\" \"$CONTENT\""
  },
  "structuredOutput": true
}

Impact: Prevent invalid file writes

Template 5: Context Loading (SessionStart)

{
  "event": "SessionStart",
  "description": "Load project context on session start",
  "handler": {
    "command": ".claude/hooks/load-context.sh"
  }
}

Impact: Automatic context initialization

Template 6: Cleanup (SessionEnd)

{
  "event": "SessionEnd",
  "description": "Save state and cleanup on session end",
  "handler": {
    "command": ".claude/hooks/session-cleanup.sh"
  }
}

Impact: Automatic state preservation

Best Practices

1. Structured JSON Output (For Control)

Standard Exit Codes (Simple):

• 0: Continue
• Non-zero: Block

Structured JSON (Advanced):

{
  "continue": false,
  "stopReason": "Custom blocking reason shown to user",
  "suppressOutput": true
}

When to Use:

• Need custom error messages
• Want to suppress default output
• Complex control flow

2. MCP Tool Targeting

Patterns:

• mcp__*: All MCP tools
• mcp__server__*: All tools from specific server
• mcp__server__tool: Specific tool only

Examples:

// Block all filesystem MCP
"tools": ["mcp__filesystem__*"]

// Block specific GitHub operation
"tools": ["mcp__github__delete_repository"]

// Allow specific, block others
"tools": ["mcp__github__*"],
"handler": "allow-list-check.sh"

3. File Pattern Filters

{
  "filePatterns": [
    "src/**/*.ts",           // Include source files
    "tests/**/*.test.ts"     // Include tests
  ],
  "excludePatterns": [
    "node_modules/**",       // Exclude dependencies
    "**/*.min.js",           // Exclude minified
    ".git/**"                // Exclude git internals
  ]
}

Tip: Start inclusive, add exclusions as needed

4. Performance Considerations

Hook Execution:

• Hooks run synchronously (blocking)
• Keep handlers fast (<5 seconds)
• Use timeouts to prevent hangs
• Async operations: spawn background process, return immediately

Example (Fast hook):

#!/bin/bash
# Quick validation
if [ ! -f "$FILE" ]; then
  echo '{"continue": false, "stopReason": "File does not exist"}'
  exit 1
fi
echo '{"continue": true}'
exit 0

Example (Slow operation - backgrounded):

#!/bin/bash
# Start slow operation in background
(sleep 10 && heavy-operation.sh "$FILE") &

# Return immediately
echo '{"continue": true}'
exit 0

5. Security Best Practices

Never in hooks:

• Hardcode credentials
• Execute untrusted input
• Modify critical system files
• Expose sensitive data in logs

Always in hooks:

• Validate all inputs
• Use allowlists (not denylists)
• Log security events
• Fail securely (deny by default)

Common Hook Patterns

Pattern 1: Code Quality Enforcement

PostToolUse Chain:

Write/Edit → Prettier (format) → ESLint (lint) → TypeScript (type check)

Implementation:

[
  {
    "event": "PostToolUse",
    "tools": ["Write", "Edit"],
    "handler": "npx prettier --write \"$FILE\""
  },
  {
    "event": "PostToolUse",
    "tools": ["Write", "Edit"],
    "handler": "npx eslint --fix \"$FILE\""
  }
]

Result: All AI code automatically meets quality standards

Pattern 2: Test-on-Save

PostToolUse Test Runner:

{
  "event": "PostToolUse",
  "tools": ["Write", "Edit"],
  "description": "Run tests after code changes",
  "handler": {
    "command": ".claude/hooks/run-tests.sh \"$FILE\""
  },
  "filters": {
    "filePatterns": ["src/**/*.ts"]
  }
}

run-tests.sh:

#!/bin/bash
FILE=$1

# Find corresponding test file
TEST_FILE="${FILE/.ts/.test.ts}"
TEST_FILE="${TEST_FILE/src\//tests\/}"

if [ -f "$TEST_FILE" ]; then
  npm test -- "$TEST_FILE" --silent
fi

Result: Immediate test feedback on every change

Pattern 3: Security Guardrails

Multi-Layer Security:

PreToolUse → Path traversal check → Permission check → Allowlist check → Allow/Block

Result: Comprehensive security enforcement

Pattern 4: Observability Pipeline

Multi-Hook Telemetry:

SessionStart → Log session init
PreToolUse → Log tool attempts
PostToolUse → Log tool results + timing
Notification → Log important events
SessionEnd → Log session summary + metrics

Result: Complete observability of AI behavior

Troubleshooting

Hook Not Firing

Checklist:

• [ ] Hook file in correct location (~/.claude/hooks/ or .claude/hooks/)
• [ ] Hook file is valid JSON (test with jq empty hook.json)
• [ ] Event type correct (UserPromptSubmit, PreToolUse, etc.)
• [ ] Tool name matches (case-sensitive)
• [ ] Claude Code version supports hooks (June 2025+)

Debug:

# Test hook JSON
jq empty .claude/hooks/my-hook.json

# Check hook location
ls -la .claude/hooks/

# Test handler command manually
bash .claude/hooks/handler.sh "test args"

Hook Blocking Everything

Issue: PreToolUse hook with {"continue": false} blocks all operations

Fix:

• Check handler script logic
• Ensure conditions are correct
• Add fallback: if unsure, allow (fail open vs. fail closed)
• Test with specific files before deploying

Performance Impact

Issue: Hook adds 2-5 seconds to every operation

Solutions:

• Optimize handler script (remove slow operations)
• Use background processes for slow tasks
• Add caching (don't re-validate unchanged files)
• Set timeout limits
• Consider removing hook if not valuable

Appendix A: Hook Event Reference

UserPromptSubmit

Trigger: Before Claude processes user prompt Use: Validate prompts, inject context, enhance prompts Variables: $PROMPT

PreToolUse

Trigger: Before tool execution Use: Security gates, validation, logging Variables: $TOOL, $FILE, $COMMAND, $CONTENT Control: Can block operation

PostToolUse

Trigger: After tool execution Use: Auto-format, linting, testing, cleanup Variables: $TOOL, $FILE, $RESULT

PermissionRequest

Trigger: When Claude requests permissions Use: Auto-approve safe operations, log requests Variables: $PERMISSION_TYPE

Notification

Trigger: Important events Use: Telemetry, alerting, logging Variables: $EVENT_TYPE, $MESSAGE

SessionStart

Trigger: Session initialization Use: Load context, validate environment Variables: None

SessionEnd

Trigger: Session termination Use: Save state, cleanup, metrics Variables: None

Stop

Trigger: Conversation stop Use: Final cleanup, state saving Variables: $REASON

Appendix B: Structured JSON Control

Basic Control (Exit Codes)

# Allow
exit 0

# Block
exit 1

Advanced Control (JSON)

{
  "continue": boolean,        // Allow operation?
  "stopReason": "string",     // Why blocked (shown to user)
  "suppressOutput": boolean   // Hide default blocking message?
}

When to Use JSON:

• Custom error messages
• Silent blocking
• Complex control logic

Quick Reference

The 8 Hook Events

| Event | When | Use For | Can Block? | |-------|------|---------|------------| | UserPromptSubmit | Before prompt processed | Prompt validation/enhancement | Yes | | PreToolUse | Before tool runs | Security, validation | Yes | | PostToolUse | After tool runs | Format, lint, test | No | | PermissionRequest | Permissions requested | Auto-approve, logging | Yes | | Notification | Important events | Telemetry, alerts | No | | SessionStart | Session begins | Init, context load | No | | SessionEnd | Session ends | Cleanup, save state | No | | Stop | Conversation stops | Final cleanup | No |

Common Use Cases

| Use Case | Hook Event | Typical Impact | |----------|------------|----------------| | Auto-format code | PostToolUse | 92% style review reduction | | Security gates | PreToolUse | Prevent production damage | | Run tests on save | PostToolUse | Immediate feedback | | Observability | Notification | Full behavior tracking | | JSON validation | PreToolUse | Prevent invalid writes | | Context loading | SessionStart | Auto-initialization | | State saving | SessionEnd | Preserve progress | | MCP control | PreToolUse | Granular tool access |

hooks-manager enables transformative automation in Claude Code through event-driven hooks, reducing manual work by up to 92% while enforcing security, quality, and observability standards.

For templates, see examples/. For troubleshooting, see Troubleshooting section.