Custom hook creation for preventing unwanted behaviors in Claude Code. Use when: hook, hookify, rule, block, warn, prevent, pattern, detect, unwanted behavior, dangerous command, coding standards enforcement. Creates declarative rules to block dangerous operations or warn about potential issues. Based on Anthropic's official hookify plugin.
This skill is limited to using the following tools:
Create custom hooks to prevent unwanted behaviors in Claude Code.
Hookify enables creating simple, declarative rules that:
Based on Anthropic's official hookify plugin.
Keywords that activate this skill:
/hookify [description]
Rules are stored as Markdown files with YAML frontmatter:
---
name: creating-hooks
enabled: true
event: file|bash|stop|prompt|all
pattern: regex-pattern # simple rules
action: warn|block
conditions: # complex rules (optional)
- field: file_path|new_text|old_text|command|user_prompt
operator: regex_match|contains|not_contains|equals|starts_with|ends_with
pattern: pattern-to-match
---
Message shown when pattern matches.
Supports **Markdown** formatting.
| Event | When Triggered | Common Use Cases |
|---|---|---|
file | Edit/Write/MultiEdit | Code patterns, debug code |
bash | Bash commands | Dangerous commands |
stop | Claude stops | Require tests before done |
prompt | User message | Input validation |
all | Any event | General rules |
| Action | Behavior | Exit Code |
|---|---|---|
warn | Show message, continue | 0 |
block | Show message, block operation | 2 |
| Pattern | Matches | Example |
|---|---|---|
rm\s+-rf | rm -rf | rm -rf /tmp |
console\.log\( | console.log( | console.log("test") |
(eval|exec)\( | eval( or exec( | eval("code") |
\.env$ | Files ending in .env | .env, .env.local |
chmod\s+777 | chmod 777 | chmod 777 file |
\s = whitespace\. = literal dot\| = OR condition.* = match anything^ = start of string$ = end of string| Operator | Description |
|---|---|
regex_match | Pattern matches (most common) |
contains | String contains pattern |
not_contains | String does NOT contain pattern |
equals | Exact match |
starts_with | String starts with pattern |
ends_with | String ends with pattern |
| Field | Description |
|---|---|
file_path | Path of file being edited |
new_text | New content being added |
old_text | Content being replaced (Edit only) |
content | Full file content (Write only) |
| Field | Description |
|---|---|
command | Bash command string |
| Field | Description |
|---|---|
user_prompt | User's message text |
| Field | Description |
|---|---|
transcript | Full conversation transcript |
---
name: creating-hooks
enabled: true
event: bash
pattern: rm\s+-rf|dd\s+if=|mkfs|format
action: block
---
๐ **Destructive operation detected!**
This command can cause data loss. Operation blocked for safety.
---
name: creating-hooks
enabled: true
event: file
pattern: console\.log\(|debugger;|print\(
action: warn
---
๐ **Debug code detected**
Remember to remove debugging statements before committing.
---
name: creating-hooks
enabled: true
event: file
action: warn
conditions:
- field: file_path
operator: regex_match
pattern: \.tsx?$
- field: new_text
operator: contains
pattern: console.log
---
โ ๏ธ **console.log in TypeScript**
Consider using a proper logging library instead.
---
name: creating-hooks
enabled: false
event: stop
action: block
conditions:
- field: transcript
operator: not_contains
pattern: npm test|vitest|jest
---
๐งช **Tests not detected!**
Please run tests before completing the task.
---
name: creating-hooks
enabled: true
event: file
action: warn
conditions:
- field: file_path
operator: regex_match
pattern: \.env$|credentials|secrets
- field: new_text
operator: contains
pattern: KEY|SECRET|PASSWORD
---
๐ **Sensitive file edit detected!**
Ensure credentials are not hardcoded and file is in .gitignore.
Rules are stored in .claude/hookify.{name}.local.md
| Command | Description |
|---|---|
/hookify [desc] | Create new rule |
/hookify:list | Show all rules |
/hookify:configure | Enable/disable rules |
# Disable rule: change enabled: false in file
# Delete rule: move to Trash (per CLAUDE.md P4)
mv .claude/hookify.my-rule.local.md ~/.Trash/
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Claude Code Tool Execution โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ 1. Tool invoked (Edit/Write/Bash/etc) โ
โ โ โ
โ 2. settings.json PreToolUse hooks โ
โ โโ ~/.claude/hooks/frontend-security-hook.py โ
โ โโ Other system hooks โ
โ โ โ
โ 3. Hookify rules (.claude/hookify.*.local.md) โ
โ โโ Pattern matching against tool input โ
โ โโ warn/block actions โ
โ โ โ
โ 4. Tool executes (if not blocked) โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Note: Hookify rules are now fully implemented with the hookify-processor.py hook. Rules are automatically processed for Write/Edit/MultiEdit/Bash operations via settings.json PreToolUse hook.
Hookify rules work alongside settings.json hooks:
| Location | Scope | Use Case |
|---|---|---|
.claude/hookify.*.local.md | Project-local | Project-specific rules |
~/.claude/hookify.*.local.md | Global | Personal rules across all projects |
Search order: Project-local rules are checked first, then global rules.
block action stops the operationwarn action, upgrade to block if needed"Prevention is better than cure" - but balance strictness with usability
Start simple, refine based on actual issues encountered.