How do I block dangerous commands using hooks?

You can implement a PreToolUse hook with a matcher for 'Bash' that evaluates the command input against a security policy, returning a 'deny' decision if unsafe patterns are detected.

What is the difference between prompt-based and command hooks?

Prompt-based hooks use LLM reasoning for flexible, context-aware decisions, while command hooks execute bash scripts for fast, deterministic checks and file system operations.

Where should I store plugin hook configurations?

For individual plugins, hooks should be defined in a hooks/hooks.json file. For global user preferences, they are placed directly in the .claude/settings.json file.

Can I persist environment variables across a session?

Yes, using a SessionStart hook, you can append export commands to the $CLAUDE_ENV_FILE to ensure variables remain available throughout the entire Claude Code session.

What are Claude Code hooks?

Hooks are event-driven scripts or prompts that execute in response to specific Claude Code events, allowing you to validate operations, enforce policies, and add context to the AI's workflow.

Hook Development for Claude Code

Name: Hook Development for Claude Code
Author: troykelly

bytroykelly

•

보안 및 테스팅

Automates and secures Claude Code workflows using event-driven hooks for tool validation and session management.

This skill provides comprehensive patterns and best practices for implementing Claude Code hooks, enabling developers to build smarter and safer plugin architectures. It covers the full lifecycle of hook events—including PreToolUse, PostToolUse, and SessionStart—supporting both AI-powered prompt-based logic and deterministic bash command execution. By utilizing these patterns, users can enforce strict security policies, validate tool outputs, automate project context loading, and ensure rigorous task completion standards are met through sophisticated, context-aware automation.

주요 기능

01Security patterns for blocking dangerous commands and preventing path traversal

02Implementation of prompt-based hooks for context-aware AI validation

035 GitHub stars

04Environment variable persistence and portable path management via CLAUDE_PLUGIN_ROOT

05Support for the full event lifecycle including PreToolUse, Stop, and SessionStart

06Configuration guidance for command-based hooks using deterministic bash scripts

사용 사례

01Preventing accidental execution of destructive shell commands or sensitive file writes

02Automatically loading project-specific environment variables and context at the start of a session

03Implementing quality gates that require Claude to verify test passes before concluding a task

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add troykelly/claude-skills hook-development

For use in Claude.ai and ChatGPT

Download Skill