hookintermediateClaude Code

Claude Code Hooks: Safety, Automation & Notification Scripts

This open-source repository provides ready-to-drop-in JavaScript hooks for Claude Code that run before or after AI tool executions — blocking dangerous shell commands, protecting secret files, auto-staging git changes, and sending Slack alerts when Claude needs input. Each hook is tested (262 passing tests), MIT-licensed, and designed to be copied, pasted, and customized in minutes. It solves a real gap: giving developers guardrails and automation on top of Claude Code's agentic actions without building from scratch.

AI SETUP PROMPT

Paste into Claude Code — it will scan your project and set everything up

# Install & Configure: Claude Code Hooks: Safety, Automation & Notification Scripts

## What This Is
This open-source repository provides ready-to-drop-in JavaScript hooks for Claude Code that run before or after AI tool executions — blocking dangerous shell commands, protecting secret files, auto-staging git changes, and sending Slack alerts when Claude needs input. Each hook is tested (262 passing tests), MIT-licensed, and designed to be copied, pasted, and customized in minutes. It solves a real gap: giving developers guardrails and automation on top of Claude Code's agentic actions without building from scratch.

Source: https://github.com/karanb192/claude-code-hooks

## Before You Start

Scan my workspace and analyze:
- The project language, framework, and directory structure
- Existing agent configuration (check for .claude/, .codex/, CLAUDE.md, settings.json, commands/, skills/ directories)
- Whether this repository or a similar tool is already cloned or installed

Then ask me before proceeding:
1. Which lifecycle event should this hook fire on? (PreToolUse, PostToolUse, Notification, etc.)
2. Are there any files, patterns, or tools this should be scoped to?

## Fetch the Source

Clone or inspect the repository to understand what needs to be installed:
```bash
gh repo clone karanb192/claude-code-hooks
```
Review the README, directory structure, and any install instructions before proceeding.

## What to Implement

This is an **Agent Hook** — a shell/HTTP command that fires at lifecycle events.

- Add the hook configuration to `.claude/settings.json` under the lifecycle event I specified
- If the hook needs a shell script, create it and make it executable (`chmod +x`)
- If the hook calls an external API, configure it using credentials from my .env files
- Validate the JSON config is syntactically correct before saving

## Additional Context

- Clone the repo and copy block-dangerous-commands.js and protect-secrets.js into ~/.claude/hooks/ using the two-line bash commands from the Quick Start section.
- Add the PreToolUse configuration block to your .claude/settings.json, setting SAFETY_LEVEL to 'high' for the recommended balance of flexibility and protection.
- Run event-logger.py against your own project to inspect the exact payload Claude Code sends for each hook event, then use that data to write a custom hook tailored to your codebase within 30 minutes.

## Reference Implementation

```
// .claude/settings.json
{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "node ~/.claude/hooks/block-dangerous-commands.js"
          }
        ]
      }
    ]
  }
}

// In hook script:
const SAFETY_LEVEL = 'strict'; // or 'critical', 'high'
```

## Guidelines

- Adapt everything to my existing project — do not assume a specific stack or directory layout
- Review any fetched code for safety before installing or executing it
- After setup, run a quick verification and show me a summary of exactly what was installed, where, and how to use it

3,092 charactersCompatible with Claude Code & Codex CLI

MANUAL SETUP STEPS

01Clone the repo and copy block-dangerous-commands.js and protect-secrets.js into ~/.claude/hooks/ using the two-line bash commands from the Quick Start section.
02Add the PreToolUse configuration block to your .claude/settings.json, setting SAFETY_LEVEL to 'high' for the recommended balance of flexibility and protection.
03Run event-logger.py against your own project to inspect the exact payload Claude Code sends for each hook event, then use that data to write a custom hook tailored to your codebase within 30 minutes.

CODE INTELLIGENCE

bash

// .claude/settings.json
{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "node ~/.claude/hooks/block-dangerous-commands.js"
          }
        ]
      }
    ]
  }
}

// In hook script:
const SAFETY_LEVEL = 'strict'; // or 'critical', 'high'

FIELD OPERATIONS

Compliance Audit Hook for Regulated Industries

Build a PreToolUse hook that scans every file Claude attempts to read or edit against a list of PII patterns (SSNs, credit card numbers, HIPAA fields) and logs violations to a centralized audit trail — giving compliance teams a real-time record of what the AI touched.

Team Notification Dashboard for Multi-Developer Claude Sessions

Extend the notify-permission hook to post structured Slack messages (file name, operation type, requester) into a shared channel, then pipe those events into a lightweight dashboard so engineering managers can see what Claude Code is doing across the team in real time.

STRATEGIC APPLICATIONS

→A software agency using Claude Code for client projects can activate the protect-secrets hook to prevent the AI from ever reading .env files or exfiltrating API keys — turning it into a mandatory safety layer before handing junior developers unsupervised AI access.
→A DevOps team can combine block-dangerous-commands at 'strict' level with the auto-stage hook so Claude Code can never run force pushes or destructive git operations, while automatically staging every approved edit for human review before any commit lands.