Agent-Skills.md

Agent Skills: Claude Code Hooks Configuration

|

UncategorizedID: laurigates/claude-plugins/hooks-configuration

Repository

laurigates/claude-plugins
laurigatesLicense: MIT
234

Install this agent skill to your local

pnpm dlx add-skill https://github.com/laurigates/claude-plugins/tree/HEAD/hooks-plugin/skills/hooks-configuration

Skill Files

Browse the full folder contents for hooks-configuration.

Download Skill

Loading file tree…

hooks-plugin/skills/hooks-configuration/SKILL.md

Skill Metadata

Name
hooks-configuration
Description
|

Claude Code Hooks Configuration

Expert knowledge for configuring and developing Claude Code hooks to automate workflows and enforce best practices.

Core Concepts

What Are Hooks? Hooks are user-defined shell commands that execute at specific points in Claude Code's lifecycle. Unlike relying on Claude to "decide" to run something, hooks provide deterministic, guaranteed execution.

Why Use Hooks?

  • Enforce code formatting automatically
  • Block dangerous commands before execution
  • Inject context at session start
  • Log commands for audit trails
  • Send notifications when tasks complete

Hook Lifecycle Events

| Event | When It Fires | Key Use Cases | | ---------------------- | ------------------------------------------ | ------------------------------------------ | | SessionStart | Session begins/resumes | Environment setup, context loading | | SessionEnd | Session terminates | Cleanup, state persistence | | UserPromptSubmit | User submits prompt | Input validation, context injection | | PreToolUse | Before tool execution | Permission control, blocking dangerous ops | | PostToolUse | After tool completes | Auto-formatting, logging, validation | | PostToolUseFailure | After tool execution fails | Retry decisions, error handling | | PermissionRequest | Claude requests permission for a tool | Auto approve/deny without user prompt | | Stop | Main agent finishes responding | Notifications, git reminders | | SubagentStart | Subagent (Task tool) is about to start | Input modification, context injection | | SubagentStop | Subagent finishes | Per-task completion evaluation | | WorktreeCreate | New git worktree created via EnterWorktree | Worktree setup, dependency install | | WorktreeRemove | Worktree removed after session exits | Cleanup, uncommitted changes alert | | TeammateIdle | Teammate in agent team goes idle | Assign additional tasks to teammate | | TaskCompleted | Task in shared task list marked complete | Validation gates before task acceptance | | PreCompact | Before context compaction | Transcript backup | | Notification | Claude sends notification | Custom alerts | | ConfigChange | Claude Code settings change at runtime | Audit config changes, validation |

Stop vs SubagentStop: Stop fires at the session level when the main agent finishes a response turn. SubagentStop fires when an individual subagent (spawned via the Task tool) completes. Use Stop for session-level notifications; use SubagentStop for per-task quality gates.

For full schemas, examples, and timeout recommendations for each event, see .claude/rules/hooks-reference.md.

Configuration

File Locations

Hooks are configured in settings files:

  • ~/.claude/settings.json - User-level (applies everywhere)
  • .claude/settings.json - Project-level (committed to repo)
  • .claude/settings.local.json - Local project (not committed)

Claude Code merges all matching hooks from all files.

Frontmatter Hooks (Skills and Commands)

Hooks can also be defined directly in skill and command frontmatter using the hooks field:

---
name: my-skill
description: A skill with hooks
allowed-tools: Bash, Read
hooks:
  PreToolUse:
    - matcher: "Bash"
      hooks:
        - type: command
          command: "echo 'Pre-tool hook from skill'"
          timeout: 10
---

This allows skills and commands to define their own hooks that are active only when that skill/command is in use.

Basic Structure

{
  "hooks": {
    "EventName": [
      {
        "matcher": "ToolPattern",
        "hooks": [
          {
            "type": "command",
            "command": "your-command-here",
            "timeout": 30
          }
        ]
      }
    ]
  }
}

Matcher Patterns

  • Exact match: "Bash" - matches exactly "Bash" tool
  • Regex patterns: "Edit|Write" - matches either tool
  • Wildcards: "Notebook.*" - matches tools starting with "Notebook"
  • All tools: "*" - matches everything
  • MCP tools: "mcp__server__tool" - targets MCP server tools

Input Schema

Hooks receive JSON via stdin with these common fields:

{
  "session_id": "unique-session-id",
  "transcript_path": "/path/to/conversation.json",
  "cwd": "/current/working/directory",
  "permission_mode": "mode",
  "hook_event_name": "PreToolUse"
}

PreToolUse additional fields:

{
  "tool_name": "Bash",
  "tool_input": {
    "command": "npm test"
  }
}

PostToolUse additional fields:

{
  "tool_name": "Bash",
  "tool_input": { ... },
  "tool_response": { ... }
}

SubagentStart additional fields:

{
  "subagent_type": "Explore",
  "subagent_prompt": "original prompt text",
  "subagent_model": "claude-opus"
}

Output Schema

Exit Codes

  • 0: Success (command allowed)
  • 2: Blocking error (stderr shown to Claude, operation blocked)
  • Other: Non-blocking error (logged in verbose mode)

JSON Response (optional)

PreToolUse (wrapped in hookSpecificOutput):

{
  "hookSpecificOutput": {
    "hookEventName": "PreToolUse",
    "permissionDecision": "allow|deny|ask",
    "permissionDecisionReason": "explanation",
    "updatedInput": { "modified": "input" }
  }
}

Stop/SubagentStop:

{
  "decision": "block",
  "reason": "required explanation for continuing"
}

SubagentStart (input modification):

{
  "updatedPrompt": "modified prompt text to inject context or modify behavior"
}

SessionStart (wrapped in hookSpecificOutput):

{
  "hookSpecificOutput": {
    "hookEventName": "SessionStart",
    "additionalContext": "Information to inject into session"
  }
}

Common Hook Patterns

Block Dangerous Commands (PreToolUse)

#!/bin/bash
INPUT=$(cat)
COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty')

# Block rm -rf /
if echo "$COMMAND" | grep -Eq 'rm\s+(-rf|-fr)\s+/'; then
    echo "BLOCKED: Refusing to run destructive command on root" >&2
    exit 2
fi

exit 0

Auto-Format After Edits (PostToolUse)

#!/bin/bash
INPUT=$(cat)
FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty')

if [[ "$FILE" == *.py ]]; then
    ruff format "$FILE" 2>/dev/null
    ruff check --fix "$FILE" 2>/dev/null
elif [[ "$FILE" == *.ts ]] || [[ "$FILE" == *.tsx ]]; then
    prettier --write "$FILE" 2>/dev/null
fi

exit 0

Remind About Built-in Tools (PreToolUse)

#!/bin/bash
INPUT=$(cat)
COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty')

if echo "$COMMAND" | grep -Eq '^\s*cat\s+[^|><]'; then
    echo "REMINDER: Use the Read tool instead of 'cat'" >&2
    exit 2
fi

exit 0

Load Context at Session Start (SessionStart)

#!/bin/bash
GIT_STATUS=$(git status --short 2>/dev/null | head -5)
BRANCH=$(git branch --show-current 2>/dev/null)

CONTEXT="Current branch: $BRANCH\nPending changes:\n$GIT_STATUS"
jq -n --arg ctx "$CONTEXT" '{
  "hookSpecificOutput": {
    "hookEventName": "SessionStart",
    "additionalContext": $ctx
  }
}'

Inject Context for Subagents (SubagentStart)

#!/bin/bash
INPUT=$(cat)
SUBAGENT_TYPE=$(echo "$INPUT" | jq -r '.subagent_type // empty')
ORIGINAL_PROMPT=$(echo "$INPUT" | jq -r '.subagent_prompt // empty')

# Add project context to Explore agents
if [ "$SUBAGENT_TYPE" = "Explore" ]; then
    PROJECT_INFO="Project uses TypeScript with Bun. Main source in src/."
    cat << EOF
{
  "updatedPrompt": "$PROJECT_INFO\n\n$ORIGINAL_PROMPT"
}
EOF
fi

exit 0

Desktop Notification on Stop (Stop)

#!/bin/bash
# Linux
notify-send "Claude Code" "Task completed" 2>/dev/null

# macOS
osascript -e 'display notification "Task completed" with title "Claude Code"' 2>/dev/null

exit 0

Audit Logging (PostToolUse)

#!/bin/bash
INPUT=$(cat)
TOOL=$(echo "$INPUT" | jq -r '.tool_name')
COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // "N/A"')

echo "$(date -Iseconds) | $TOOL | $COMMAND" >> ~/.claude/audit.log
exit 0

Auto-Approve Safe Operations (PermissionRequest)

#!/bin/bash
INPUT=$(cat)
TOOL=$(echo "$INPUT" | jq -r '.tool_name')
COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty')

# Auto-approve read-only git operations
if [ "$TOOL" = "Bash" ] && echo "$COMMAND" | grep -Eq '^git (status|log|diff|branch|remote)'; then
  echo '{"decision": "approve", "reason": "Read-only git operation"}'
  exit 0
fi

# Auto-deny destructive operations on root
if [ "$TOOL" = "Bash" ] && echo "$COMMAND" | grep -Eq 'rm\s+(-rf|-fr)\s+/'; then
  echo '{"decision": "deny", "reason": "Destructive root operation blocked"}'
  exit 0
fi

exit 0

Set Up Worktree Environment (WorktreeCreate)

#!/bin/bash
INPUT=$(cat)
WORKTREE_PATH=$(echo "$INPUT" | jq -r '.worktree_path')

if [ -f "$WORKTREE_PATH/package.json" ]; then
  (cd "$WORKTREE_PATH" && bun install --frozen-lockfile) 2>/dev/null
fi

exit 0

Gate Task Completion (TaskCompleted)

#!/bin/bash
INPUT=$(cat)
TASK_TITLE=$(echo "$INPUT" | jq -r '.task_title')

if echo "$TASK_TITLE" | grep -qi 'implement\|add\|fix\|refactor'; then
  if ! npm test --bail 2>/dev/null; then
    echo '{"decision": "block", "reason": "Tests must pass before task is accepted."}'
    exit 0
  fi
fi

exit 0

Configuration Examples

Anti-Pattern Detection

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "bash $CLAUDE_PROJECT_DIR/hooks-plugin/hooks/bash-antipatterns.sh",
            "timeout": 5
          }
        ]
      }
    ]
  }
}

Auto-Format Python Files

{
  "hooks": {
    "PostToolUse": [
      {
        "matcher": "Edit|Write",
        "hooks": [
          {
            "type": "command",
            "command": "bash -c 'FILE=$(cat | jq -r \".tool_input.file_path\"); [[ \"$FILE\" == *.py ]] && ruff format \"$FILE\"'"
          }
        ]
      }
    ]
  }
}

Git Reminder on Stop

{
  "hooks": {
    "Stop": [
      {
        "matcher": "*",
        "hooks": [
          {
            "type": "command",
            "command": "bash -c 'changes=$(git status --porcelain | wc -l); [ $changes -gt 0 ] && echo \"Reminder: $changes uncommitted changes\"'"
          }
        ]
      }
    ]
  }
}

Prompt-Based and Agent-Based Hooks

In addition to command hooks, Claude Code supports LLM-powered hooks for decisions that require judgment.

Hook Types

| Type | How It Works | Default Timeout | Use When | |------|-------------|-----------------|----------| | command | Runs a shell command, reads stdin, returns exit code | 600s | Deterministic rules (regex, field checks) | | http | Sends hook data to an HTTPS endpoint, reads JSON response | 30s | Remote/centralized policy enforcement | | prompt | Single-turn LLM call (Haiku), returns {ok: true/false} | 30s | Judgment on hook input data alone | | agent | Multi-turn subagent with tool access, returns {ok: true/false} | 60s | Verification needing file/tool access |

Additional Hook Handler Fields

  • async: true: Fire-and-forget for command hooks (non-blocking, exit code ignored)
  • once: true: Run only once per session; subsequent triggers are skipped

HTTP Hook Configuration

{
  "type": "http",
  "url": "https://hooks.example.com/pre-tool-use",
  "headers": {
    "Authorization": "Bearer ${HOOKS_API_KEY}"
  },
  "timeout": 30
}

Only HTTPS URLs are allowed. Header values support ${ENV_VAR} expansion.

Supported Events

Prompt and agent hooks work on: PreToolUse, PostToolUse, PostToolUseFailure, PermissionRequest, Stop, SubagentStop, TaskCompleted, UserPromptSubmit.

CLAUDE_ENV_FILE (SessionStart)

SessionStart hooks can write environment variables that persist for the session via CLAUDE_ENV_FILE:

if [ -n "$CLAUDE_ENV_FILE" ]; then
  echo "NODE_ENV=development" >> "$CLAUDE_ENV_FILE"
fi

All other events (SessionStart, SessionEnd, PreCompact, etc.) support only command hooks.

Prompt Hook Configuration

{
  "type": "prompt",
  "prompt": "Evaluate whether all tasks are complete. $ARGUMENTS",
  "model": "haiku",
  "timeout": 30,
  "statusMessage": "Checking completeness..."
}

Agent Hook Configuration

{
  "type": "agent",
  "prompt": "Check for TODO/FIXME comments and debugging artifacts in changed files. $ARGUMENTS",
  "model": "haiku",
  "timeout": 60,
  "statusMessage": "Checking implementation quality..."
}

Note: Prefer command hooks over agent hooks when the logic is deterministic. For example, test verification (detect changed files → find test runner → run tests) is better as a bash script than an agent hook — it eliminates LLM latency on every invocation.

Response Schema (both types)

{"ok": true}
{"ok": false, "reason": "Explanation of what's wrong"}

Stop Hook Loop Prevention

Stop hooks fire every time Claude finishes responding, including after acting on stop hook feedback. Include this check in Stop hook prompts:

First: if stop_hook_active is true in the input, respond with {"ok": true} immediately.

For the full decision guide on when to use each hook type, see .claude/rules/prompt-agent-hooks.md.

Handling Blocked Commands

When a PreToolUse hook blocks a command:

| Situation | Action | | ------------------------- | ---------------------------------------------------------------- | | Hook suggests alternative | Use the suggested tool/approach | | Alternative won't work | Ask user to run command manually | | User says "proceed" | Still blocked - explain and provide command for manual execution |

Critical: User permission does NOT bypass hooks. Retrying a blocked command will fail again.

When command is legitimately needed:

  1. Explain why the command is required
  2. Describe alternatives considered and why they won't work
  3. Provide exact command for user to run manually
  4. Let user decide

Example response:

The hook blocked `git reset --hard abc123` because it's usually unnecessary.

I considered:
- `git pull`: Won't work because we need to discard local commits, not merge
- `git restore`: Only handles file changes, not commit history

If you need to proceed, please run manually:
git reset --hard abc123

This is needed because [specific justification].

Best Practices

Script Development:

  1. Always read input from stdin with cat
  2. Use jq for JSON parsing
  3. Quote all variables to prevent injection
  4. Exit with code 2 to block, 0 to allow
  5. Write blocking messages to stderr
  6. Keep hooks fast (< 5 seconds)

Configuration:

  1. Use $CLAUDE_PROJECT_DIR for portable paths
  2. Set explicit timeouts (default: 10 minutes / 600s as of 2.1.50)
  3. Use specific matchers over wildcards
  4. Test hooks manually before enabling

Security:

  1. Validate all inputs
  2. Use absolute paths
  3. Avoid touching .env or .git/ directly
  4. Review hook code before deployment

Debugging

Verify hook registration:

/hooks

Enable debug logging:

claude --debug

Test hooks manually:

echo '{"tool_input": {"command": "cat file.txt"}}' | bash your-hook.sh
echo $?  # Check exit code

Available Hooks in This Plugin

  • bash-antipatterns.sh: Detects when Claude uses shell commands instead of built-in tools (cat, grep, sed, timeout, etc.)

See hooks/README.md for full documentation.