Battle-tested hooks from ~6 months of daily Claude Code usage. These run globally via ~/.claude/settings.json and protect every project.
# 1. Copy hooks to ~/.claude/hooks/
mkdir -p ~/.claude/hooks/lib
cp *.sh ~/.claude/hooks/
cp secret-patterns.sh ~/.claude/hooks/lib/
# 2. Wire them in ~/.claude/settings.json (see settings-wiring.jsonc)
# 3. Restart Claude Code (hooks snapshot at startup)| File | Event | What it does |
|---|---|---|
| Security | ||
detect-secrets.sh |
PreToolUse (Edit|Write) | Blocks secrets (API keys, tokens, private keys) from being written to files |
bash-secrets-warn.sh |
PreToolUse (Bash) | Blocks secrets from appearing in shell commands |
secret-patterns.sh |
(shared lib) | 25+ regex patterns for AWS, GitHub, Stripe, OpenAI, Anthropic, Slack, npm, DB URLs, private keys |
npm-malware-scan.sh |
SessionStart + PreToolUse (Bash) | Detects Shai-Hulud supply chain malware in node_modules (Sep-Oct 2025 campaign) |
git-clean-guard.sh |
PreToolUse (Bash) | Blocks git clean -f which destroys untracked files (especially dangerous on orphan branches) |
| Team Orchestration | ||
force-background-tasks.sh |
PreToolUse (Task) | Auto-backgrounds named teammate spawns so the lead stays non-blocking |
task-completion-gate.sh |
TaskCompleted | Enforces structured metadata (changes, learnings, risks) before workers can mark tasks complete |
ceo-stop-guard.sh |
Stop | Prevents the lead from stopping while workers are still running |
| Knowledge Pipeline | ||
session-end-promote.sh |
SessionEnd | Scans completed task metadata, auto-promotes learnings appearing in 2+ tasks to CLAUDE.md |
| Diagnostic | ||
task-call-logger.sh |
PreToolUse (Task) | Logs every Task tool call to ~/.claude/debug/task-calls.log for debugging |
updatedInputin PreToolUse hooks REPLACEStool_input, not merges. To add a field, pass through the full original:.tool_input + { new_field: value }. Seeforce-background-tasks.shfor the pattern.- Hooks snapshot at session start. Edits mid-session require a restart. The
ConfigChangeevent fires but doesn't reload hooks. $TMPDIRvaries across sessions. Use$HOME/.claude/debug/for log files that need to persist.- Fail open by default.
trap 'exit 0' ERRat the top of every hook. A broken hook shouldn't block your workflow. - Exit 2 = block with feedback. stderr text is fed back to Claude as an error message.
~/.claude/
hooks/
lib/
secret-patterns.sh # Shared regex patterns
detect-secrets.sh # PreToolUse (Edit|Write)
bash-secrets-warn.sh # PreToolUse (Bash)
npm-malware-scan.sh # SessionStart + PreToolUse (Bash)
git-clean-guard.sh # PreToolUse (Bash)
force-background-tasks.sh # PreToolUse (Task)
task-completion-gate.sh # TaskCompleted
ceo-stop-guard.sh # Stop
session-end-promote.sh # SessionEnd
task-call-logger.sh # PreToolUse (Task)
settings.json # Wire hooks here (see settings-wiring.jsonc)
The team orchestration hooks (force-background-tasks.sh, task-completion-gate.sh, ceo-stop-guard.sh) support a "CEO mode" workflow where the lead agent never writes code directly - it only triages, creates tasks, spawns workers, and merges results.
See CLAUDE-ceo-mode.md for the full CLAUDE.md section that teaches the model this workflow.
MIT. Use however you want.