Defined in ./hooks/hooks.json
{
"PreToolUse": [
{
"hooks": [
{
"type": "prompt",
"prompt": "A DAPR deployment command is about to be executed. Before proceeding, verify: all component YAML files are valid, no plain-text secrets in configurations, resiliency policies are defined for production. If any issues are found, suggest using /dapr:security before deployment.",
"description": "Pre-deployment validation"
}
],
"matcher": "Bash",
"command_pattern": "dapr.*deploy|az containerapp.*dapr"
},
{
"hooks": [
{
"type": "prompt",
"prompt": "dapr-agents is being installed. After installation, remind the user to: (1) Set OPENAI_API_KEY or configure Azure OpenAI credentials, (2) Use /dapr:agent command to create agent templates, (3) Review agent-builder skill for best practices. Offer to create an initial agent scaffold.",
"description": "DAPR Agents setup guidance"
}
],
"matcher": "Bash",
"command_pattern": "pip install.*dapr-agents|uv add.*dapr-agents"
}
],
"PostToolUse": [
{
"glob": "**/components/*.yaml",
"hooks": [
{
"type": "prompt",
"prompt": "A DAPR component file was just modified at $FILE. Validate that it follows DAPR component schema: check apiVersion is 'dapr.io/v1alpha1', kind is 'Component', metadata.name is valid (lowercase, alphanumeric, hyphens), spec.type is a valid DAPR component type, spec.version is specified, and no secrets are stored in plain text. Report any issues found.",
"description": "Validate DAPR component configuration"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/middleware/*.yaml",
"hooks": [
{
"type": "prompt",
"prompt": "A DAPR middleware file was modified at $FILE. SECURITY VALIDATION: (1) For OAuth2/OAuth2CC: clientId and clientSecret must use secretKeyRef (not plain values), authURL and tokenURL must use HTTPS, (2) For Bearer: issuer must use HTTPS, audience must be specified, (3) For OPA: policy must have 'default allow = false', (4) For RateLimit: maxRequestsPerSecond must be reasonable, (5) For Sentinel: appName and at least one rule type required. Report any security issues or misconfigurations.",
"description": "Validate DAPR middleware configuration"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/bindings/*.yaml",
"hooks": [
{
"type": "prompt",
"prompt": "A DAPR binding file was modified at $FILE. Validate: (1) Connection strings and passwords use secretKeyRef, (2) For HTTP bindings: URLs should use HTTPS in production, (3) For database bindings (postgresql, mysql): parameterized queries are used to prevent SQL injection, (4) For SMTP: credentials use secretKeyRef, (5) For Kafka/RabbitMQ: authentication is configured for production. Report any security issues or misconfigurations.",
"description": "Validate DAPR binding configuration"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/pluggable/*.py",
"hooks": [
{
"type": "prompt",
"prompt": "A pluggable component file was modified at $FILE. Validate: (1) gRPC servicer implements required interface methods, (2) Socket path is configurable via environment variable, (3) Init method handles all metadata from component YAML, (4) Features method declares supported capabilities, (5) Error handling uses gRPC status codes. Report any issues found.",
"description": "Validate pluggable component implementation"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/dapr.yaml",
"hooks": [
{
"type": "prompt",
"prompt": "The dapr.yaml file was just modified at $FILE. Validate that it has proper structure: version field is present, apps array is defined with valid entries (each having appId, appDirPath, appPort), no duplicate app IDs or port conflicts exist. Report any issues found.",
"description": "Validate DAPR multi-app configuration"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/resiliency*.yaml",
"hooks": [
{
"type": "prompt",
"prompt": "A DAPR resiliency file was just modified at $FILE. Validate that: apiVersion is 'dapr.io/v1alpha1', kind is 'Resiliency', policies section defines valid retry/timeout/circuitBreaker policies, targets section correctly references app IDs or component names, policy names are referenced correctly. Report any issues found.",
"description": "Validate DAPR resiliency configuration"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/.github/workflows/*.yml",
"hooks": [
{
"type": "prompt",
"prompt": "A GitHub Actions workflow was just modified at $FILE. If this is a DAPR-related workflow, verify: DAPR CLI installation step uses official install script, component paths are correctly referenced, AZURE_CREDENTIALS secret is used for Azure deployments (not hardcoded), health checks target the correct endpoints. Report any issues found.",
"description": "Validate GitHub Actions workflow for DAPR"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/*secret*.yaml",
"hooks": [
{
"type": "prompt",
"prompt": "A file containing 'secret' in the name was modified at $FILE. CRITICAL SECURITY CHECK: Verify that no actual secrets, passwords, API keys, or sensitive credentials are stored in plain text. All secrets should reference a secret store component using secretKeyRef. Report any security issues found.",
"description": "Security check for secret files"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/Dockerfile",
"hooks": [
{
"type": "prompt",
"prompt": "A Dockerfile was modified at $FILE. For DAPR compatibility, verify: EXPOSE statement includes the app port, health endpoint is reachable, no DAPR sidecar is included in the container (DAPR runs as sidecar, not in-container), non-root user is configured if possible. Report any issues found.",
"description": "Validate Dockerfile for DAPR compatibility"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/*_agent.py",
"hooks": [
{
"type": "prompt",
"prompt": "An agent file was just modified at $FILE. Validate the DAPR Agent configuration: (1) Agent has required fields (name, role, instructions), (2) All tools have @tool decorator and docstrings for LLM understanding, (3) API keys are loaded from environment variables (not hardcoded), (4) Async is used for I/O-bound tools, (5) Complex inputs use Pydantic models with Field descriptions. Report any issues found.",
"description": "Validate DAPR Agent configuration"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/*agent*.py",
"hooks": [
{
"type": "prompt",
"prompt": "An agent-related file was modified at $FILE. If this contains DAPR Agents code, validate: (1) AssistantAgent/DurableAgent is properly imported from dapr_agents, (2) Tools are properly decorated with @tool, (3) For workflow-backed agents, activities are idempotent and workflows handle failures, (4) Memory configuration is appropriate for the use case. Report any issues found.",
"description": "Validate DAPR Agent patterns"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/tools/*.py",
"hooks": [
{
"type": "prompt",
"prompt": "A tool file was modified at $FILE. Validate the tool definitions: (1) Each tool has @tool decorator, (2) Clear docstring describing when LLM should use the tool, (3) Input validation using Pydantic for complex parameters, (4) Proper async/await for network or I/O operations, (5) Error handling returns informative messages rather than raising exceptions. Report any issues found.",
"description": "Validate agent tool definitions"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/patterns/*.py",
"hooks": [
{
"type": "prompt",
"prompt": "An agentic pattern file was modified at $FILE. Validate the pattern implementation: (1) Workflow activities are properly decorated with @activity, (2) Workflows are decorated with @workflow, (3) Activities are idempotent (safe to retry), (4) External events are properly awaited for human-in-the-loop patterns, (5) Parallel execution uses when_all correctly. Report any issues found.",
"description": "Validate agentic pattern implementation"
}
],
"matcher": "Write|Edit"
},
{
"glob": "**/integrations/*.py",
"hooks": [
{
"type": "prompt",
"prompt": "An integration file was modified at $FILE. Validate the integration: (1) External framework imports are correct (crewai, openai, etc.), (2) DAPR client is properly used with async context manager, (3) Session/state management uses DAPR state store, (4) Events are published via DAPR pub/sub, (5) Error handling is comprehensive. Report any issues found.",
"description": "Validate agent integration code"
}
],
"matcher": "Write|Edit"
}
],
"SessionStart": [
{
"hooks": [
{
"type": "command",
"silent": true,
"command": "dapr --version",
"description": "Check DAPR CLI installation"
}
]
}
]
}{
"riskFlags": {
"touchesBash": true,
"matchAllTools": false,
"touchesFileWrites": true
},
"typeStats": {
"prompt": 16,
"command": 1
},
"eventStats": {
"PreToolUse": 2,
"PostToolUse": 14,
"SessionStart": 1
},
"originCounts": {
"absolutePaths": 0,
"pluginScripts": 0,
"projectScripts": 0
},
"timeoutStats": {
"commandsWithoutTimeout": 1
}
}