← Back to Context Layers

Project Hooks

Deterministic automation scripts that run at specific lifecycle events

Location: ~/.claude/hooks/ | Config: ~/.claude/settings.json
7 Hooks 5 Event Types Deterministic Execution

What Are Hooks?

Hooks are shell scripts or Python programs that run automatically at specific points in Claude Code's lifecycle. Unlike skills (which are prompts) or agents (which are LLM-driven), hooks provide deterministic behavior - they always run and always produce the same output given the same input. Use hooks for security enforcement, audit logging, naming validation, and automated checklists.

Hook Event Lifecycle

1 SessionStart
->
2 UserPrompt
->
3 PreToolUse
->
4 PostToolUse
->
5 Stop

Hooks fire in sequence: Session start -> User prompt -> Before each tool -> After each tool -> Session end

📋

New Project Checklist PreToolUse

new-project-checklist.py

Shows a "don't forget" checklist when creating a new project directory under ~/projects/. Detects mkdir commands targeting new top-level project directories and injects a reminder about network configuration, GitLab CI/CD setup, standard files, and integrations.

🎯 Trigger Conditions

  • Tool: Bash
  • Command: mkdir /home/administrator/projects/NEW
  • Only triggers for new top-level directories
  • Skips existing projects and subdirectories

✅ Checklist Items

  • Router Port Forwarding - External access config
  • Server Firewall (UFW) - Firewall rules
  • GitLab Repository - Create and initialize
  • .gitlab-ci.yml - CI/CD pipeline
  • CLAUDE.md - Project documentation
  • deploy.sh - Deployment script
  • Traefik/Keycloak - Integration setup
🏷

Naming Validation PreToolUse

naming-validation.py

Enforces naming conventions for resources created through Claude Code. Validates project directories, container names, and database names against infrastructure standards. Blocks operations that violate naming rules with helpful suggestions.

📜 Naming Rules

  • Rule 1: All names must be lowercase
  • Rule 2: Root projects: no hyphens (our projects)
  • Rule 3: Upstream projects: match upstream name
  • Rule 4: MCP/nested: use hyphens for multi-word

🛑 Blocked Operations

  • mkdir ~/projects/My-Project (uppercase)
  • mkdir ~/projects/my-project (hyphen in our project)
  • docker run --name MyContainer (uppercase)
  • CREATE DATABASE MyDB (uppercase)
🛡

Security Guard PreToolUse

pre-tool-use.sh

Blocks dangerous operations before they execute. Prevents force pushes to main/master, deletion of secrets directories, recursive deletion of home directory, and production operations without security agent approval.

🛑 Blocked Operations

  • git push --force origin main
  • rm -rf secrets/
  • rm -rf /home/administrator
  • Production operations without security agent

🔒 Security Features

  • Agent-aware: Checks CLAUDE_AGENT_TYPE
  • Pattern matching on dangerous commands
  • Exit code 1 blocks the operation
  • Clear error messages for blocked actions
📝

Audit Logger PostToolUse

post-tool-use.sh

Logs all tool calls for compliance and debugging. Creates daily audit logs with timestamps, agent type, tool name, and session ID. For Bash commands, also logs the command text (truncated to 200 chars for security). Auto-rotates logs older than 30 days.

📁 Log Location

  • Directory: ~/.claude/audit/
  • Files: YYYY-MM-DD.log
  • Retention: 30 days auto-rotation

📊 Log Format

2026-01-18 15:30:45 | Agent: pm | Tool: Bash | Session: abc123
  Command: docker compose up -d
🚀

Session Start SessionStart

session-start.sh

Logs session start and detects project context. Checks for CLAUDE.md, project-level agents, and skills in the current directory. Provides informational output about available context.

🔍 Context Detection

  • Checks for CLAUDE.md in CWD
  • Checks for .claude/agents/
  • Checks for .claude/skills/
  • Logs session start to audit log

📤 Environment Variables

  • CLAUDE_CWD - Current working directory
  • CLAUDE_SESSION_ID - Session identifier
🏁

Session Summary Stop

stop.sh

Summarizes work done when agent stops. Logs session end to audit log. For PM agent sessions, creates a summary file with session details. Auto-cleans summary files older than 7 days.

📂 Output Files

  • Audit log: ~/.claude/audit/sessions.log
  • Summaries: ~/.claude/sessions/{session}-summary.txt
  • Retention: 7 days for summaries

🤖 Agent-Aware

  • PM agent: Creates detailed session summary
  • Other agents: Basic session end logging
  • Links to daily audit log for details
💬

Prompt Logger UserPromptSubmit

user-prompt-submit.sh

Logs all user prompts with timestamps. Simple audit hook that records when prompts are submitted to Claude Code. Always allows prompts to proceed (exit 0).

📁 Log Location

  • File: ~/.claude/prompt-log.txt
  • Format: Timestamp only (privacy-aware)

⚙ Behavior

  • Always exits 0 (never blocks)
  • Logs timestamp, not content
  • Useful for usage tracking

Hooks vs Skills vs Agents

Aspect Hooks Skills Agents
Location ~/.claude/hooks/ ~/.claude/skills/ ~/.claude/agents/
Format Shell scripts / Python Markdown prompts Markdown with config
Execution Deterministic (always runs) On-demand (LLM chooses) Task-based (LLM-driven)
Can Block Yes (exit code 1 or 2) No No
Use Cases Security, audit, validation Domain knowledge, procedures Complex multi-step tasks
Example Block force push to main How to deploy a service Deploy entire infrastructure

Hook Configuration

Hooks are registered in ~/.claude/settings.json:

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "python3 ~/.claude/hooks/new-project-checklist.py",
            "timeout": 10
          }
        ]
      }
    ]
  }
}

Related: Project Agents | Project Skills | Context Layers | User Skills

Hooks provide deterministic automation - they always run, unlike LLM-driven skills/agents