Claude Code Security Hooks
4 production hooks: block-dangerous-commands (blocks rm -rf ~, fork bombs, curl|sh), protect-secrets (prevents reading/modifying sensitive files), auto-stage (git stages after edits), notify-permission (Slack alert when input needed).
- Block known dangerous shell commands across all sessions
- Prevent Claude from reading or changing sensitive config files
- Get instant team alerts when Claude needs human approval
Ready-to-deploy guardrails for client Claude Code deployments. block-dangerous-commands and protect-secrets are essential safety hooks. Transparent bash scripts, auditable implementation.
Any client Claude Code deployment — these hooks are foundational safety guardrails that should be part of every production setup.
https://github.com/karanb192/claude-code-hooks
By karanb192
How to Get It
Claude Code only: Hooks are configured in your project's .claude/settings.json file. They run automatically before or after Claude takes actions. You can ask Claude to set up a hook for you by describing what you want in your conversation. Not available in Claude Cowork or Claude Chat.
Trust Signals Automated Scan
Data & Access
Community Pulse Active
Discussed on Hacker News, Reddit
- oopsAccidentalPushIntoProduction — Reddit · 4573 pts
- claude code now have /context hook — Reddit · 647 pts
- Two Claude Code features I slept on that completely changed how I use it: Stop H — Reddit · 519 pts
23 mentions across 2 sources
Reviewer notes
Automated Scan review. These are observations, not a security certification.
Transparent auditable bash scripts. Blocks dangerous commands. Protects secrets. MIT license.
Things to check
- Single maintainer. Consider the risk if this person stops maintaining the project.
How to evaluate tools before deploying →
Data shown here comes from public APIs and automated scanning. Reviewer notes reflect one person's experience. This is not a security certification or legal recommendation. Always evaluate tools according to your own organization's policies.