DEV Community: Michael Krisna The latest articles on DEV Community by Michael Krisna (@krisnamic). https://dev.to/krisnamic https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1385161%2F97d85615-9a6e-4ae5-b7bf-352d19801c38.jpeg DEV Community: Michael Krisna https://dev.to/krisnamic en Stop telling Claude Code rules. Enforce them with hooks. Michael Krisna Sun, 24 May 2026 14:13:09 +0000 https://dev.to/krisnamic/stop-telling-claude-code-rules-enforce-them-with-hooks-3po1 https://dev.to/krisnamic/stop-telling-claude-code-rules-enforce-them-with-hooks-3po1 <p>I stopped writing rules in CLAUDE.md.</p> <p>CLAUDE.md is Claude Code's project memory file: where you stash conventions, build commands, and "always do X" rules that should apply to every session. Mine had four lines about Node versions.</p> <p>Claude followed them. Most of the time.</p> <p>The other times were the problem. Over a long task, Claude's attention drifts; a rule loaded at the start of the session may not influence what it does after 2 hrs. A subagent might spawn for a focused job without the project's CLAUDE.md in its context. A fresh worktree on a sibling repo wouldn't have the rule at all. Any of those, and <code>pnpm build</code> would quietly run on whatever Node was on PATH (22, in my case, not 20). Build succeeds. Wrong runtime. No error until deploy.</p> <p>I tried the obvious fix: add the rule in more places. User-scope CLAUDE.md. System prompt. Every prompt. Adherence improved. The failure mode never went away. It just got rarer and harder to catch.</p> <p>That's when it clicked. Asking Claude to follow a rule is not the same as making sure it does. <strong>More reminders weren't going to close that gap.</strong></p> <blockquote> <p>CLAUDE.md tells Claude what to do. A hook makes sure Claude does it.</p> </blockquote> <h2> TL;DR </h2> <p>Four hooks (~30 lines of bash each) I now run on every Claude Code session:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>#</th> <th>Hook</th> <th>What it enforces</th> </tr> </thead> <tbody> <tr> <td>1</td> <td><code>nvm-guard</code></td> <td>Every Node command must use Node 20</td> </tr> <tr> <td>2</td> <td><code>main-guard</code></td> <td>No <code>git push</code> to main/master</td> </tr> <tr> <td>3</td> <td><code>secret-scan</code></td> <td>No Stripe/AWS/GitHub keys in written files</td> </tr> <tr> <td>4</td> <td><code>auto-format</code></td> <td>Every file Claude edits gets formatted</td> </tr> </tbody> </table></div> <p>Code for all four below.</p> <h2> What hooks are </h2> <p>Hooks are shell scripts Claude Code runs at fixed lifecycle points: <strong>before</strong> a tool call (<code>PreToolUse</code>), <strong>after</strong> a tool call (<code>PostToolUse</code>), on session end (<code>Stop</code>).</p> <p>The flow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Claude wants to run something ↓ Hook receives JSON of what's about to happen ↓ Hook decides: exit 0 → allow exit 2 → block + stderr message returns to Claude </code></pre> </div> <p>When a hook blocks, Claude reads the stderr and <strong>retries with the fix on its own</strong>. You don't have to intervene. Claude can't forget hooks. Claude can't be talked out of them. They just run.</p> <h2> Hook 1: Force Node 20 </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/usr/bin/env bash</span> <span class="c"># ~/.claude/hooks/nvm-guard.sh</span> <span class="nb">set</span> <span class="nt">-euo</span> pipefail <span class="nv">input</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">cat</span><span class="si">)</span><span class="s2">"</span> <span class="nv">tool_name</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$input</span><span class="s2">"</span> | jq <span class="nt">-r</span> <span class="s1">'.tool_name // ""'</span><span class="si">)</span><span class="s2">"</span> <span class="nb">command</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$input</span><span class="s2">"</span> | jq <span class="nt">-r</span> <span class="s1">'.tool_input.command // ""'</span><span class="si">)</span><span class="s2">"</span> <span class="o">[[</span> <span class="s2">"</span><span class="nv">$tool_name</span><span class="s2">"</span> <span class="o">==</span> <span class="s2">"Bash"</span> <span class="o">]]</span> <span class="o">||</span> <span class="nb">exit </span>0 <span class="o">[[</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$command</span><span class="s2">"</span> <span class="o">]]</span> <span class="o">||</span> <span class="nb">exit </span>0 <span class="c"># Match node-based commands at a command boundary</span> <span class="k">if</span> <span class="o">!</span> <span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$command</span><span class="s2">"</span> | <span class="nb">grep</span> <span class="nt">-qE</span> <span class="se">\</span> <span class="s1">'(^|[;&amp;|(]|&amp;&amp;|\|\|)[[:space:]]*(pnpm|npm|yarn|bun|npx|node)([[:space:]]|$)'</span><span class="p">;</span> <span class="k">then </span><span class="nb">exit </span>0 <span class="k">fi</span> <span class="c"># Allow if nvm use is already in the same invocation</span> <span class="k">if </span><span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$command</span><span class="s2">"</span> | <span class="nb">grep</span> <span class="nt">-qE</span> <span class="s1">'nvm[[:space:]]+use'</span><span class="p">;</span> <span class="k">then </span><span class="nb">exit </span>0<span class="p">;</span> <span class="k">fi if </span><span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$command</span><span class="s2">"</span> | <span class="nb">grep</span> <span class="nt">-qE</span> <span class="s1">'^[[:space:]]*nvm[[:space:]]'</span><span class="p">;</span> <span class="k">then </span><span class="nb">exit </span>0<span class="p">;</span> <span class="k">fi </span><span class="nb">cat</span> <span class="o">&gt;</span>&amp;2 <span class="o">&lt;&lt;</span><span class="sh">'</span><span class="no">EOF</span><span class="sh">' Node-based command detected without `nvm use 20`. Re-issue as a single Bash invocation: source ~/.nvm/nvm.sh &amp;&amp; nvm use 20 &amp;&amp; &lt;your original command&gt; </span><span class="no">EOF </span><span class="nb">exit </span>2 </code></pre> </div> <p>The block-then-retry, live:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>● Bash(pnpm run dev) ⎿ PreToolUse:Bash hook blocked Re-issue as: source ~/.nvm/nvm.sh &amp;&amp; nvm use 20 &amp;&amp; &lt;your command&gt; ● Bash(source ~/.nvm/nvm.sh &amp;&amp; nvm use 20 &amp;&amp; pnpm run dev) ⎿ Now using node v20.20.2 ▲ Next.js 15.0.0 </code></pre> </div> <p>Two seconds slower. Zero wrong-version build mysteries.</p> <h2> Hook 2: Block pushes to main </h2> <p>We've all watched Claude type <code>git push origin main</code> and felt something cold pass through us. Easy to prevent.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/usr/bin/env bash</span> <span class="c"># ~/.claude/hooks/main-guard.sh</span> <span class="nb">set</span> <span class="nt">-euo</span> pipefail <span class="nv">input</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">cat</span><span class="si">)</span><span class="s2">"</span> <span class="nb">command</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$input</span><span class="s2">"</span> | jq <span class="nt">-r</span> <span class="s1">'.tool_input.command // ""'</span><span class="si">)</span><span class="s2">"</span> <span class="k">if </span><span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$command</span><span class="s2">"</span> | <span class="nb">grep</span> <span class="nt">-qE</span> <span class="se">\</span> <span class="s1">'git[[:space:]]+push.*[[:space:]](main|master)([[:space:]]|$|:)'</span><span class="p">;</span> <span class="k">then if</span> <span class="o">[[</span> <span class="s2">"</span><span class="k">${</span><span class="nv">CLAUDE_ALLOW_MAIN_PUSH</span><span class="k">:-}</span><span class="s2">"</span> <span class="o">!=</span> <span class="s2">"1"</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">cat</span> <span class="o">&gt;</span>&amp;2 <span class="o">&lt;&lt;</span><span class="sh">'</span><span class="no">EOF</span><span class="sh">' Push to main/master blocked. Create a feature branch and PR, or relaunch with CLAUDE_ALLOW_MAIN_PUSH=1. </span><span class="no">EOF </span> <span class="nb">exit </span>2 <span class="k">fi fi </span><span class="nb">exit </span>0 </code></pre> </div> <p>The escape-hatch env var matters. Block too cleanly and Claude invents creative workarounds. Document the escape, and it stops improvising.</p> <h2> Hook 3: Refuse to write secrets </h2> <p>Saved me twice. Once, Claude pasted a real <code>STRIPE_SECRET_KEY</code> into a JSDoc example. Caught before it hit disk.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/usr/bin/env bash</span> <span class="c"># ~/.claude/hooks/secret-scan.sh</span> <span class="nb">set</span> <span class="nt">-euo</span> pipefail <span class="nv">input</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">cat</span><span class="si">)</span><span class="s2">"</span> <span class="nv">tool_name</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$input</span><span class="s2">"</span> | jq <span class="nt">-r</span> <span class="s1">'.tool_name // ""'</span><span class="si">)</span><span class="s2">"</span> <span class="nv">content</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$input</span><span class="s2">"</span> | jq <span class="nt">-r</span> <span class="s1">'.tool_input.content // .tool_input.new_string // ""'</span><span class="si">)</span><span class="s2">"</span> <span class="o">[[</span> <span class="s2">"</span><span class="nv">$tool_name</span><span class="s2">"</span> <span class="o">=</span>~ ^<span class="o">(</span>Write|Edit<span class="o">)</span><span class="nv">$ </span><span class="o">]]</span> <span class="o">||</span> <span class="nb">exit </span>0 <span class="o">[[</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$content</span><span class="s2">"</span> <span class="o">]]</span> <span class="o">||</span> <span class="nb">exit </span>0 <span class="k">if </span><span class="nb">printf</span> <span class="s1">'%s'</span> <span class="s2">"</span><span class="nv">$content</span><span class="s2">"</span> | <span class="nb">grep</span> <span class="nt">-qE</span> <span class="se">\</span> <span class="nt">-e</span> <span class="s1">'sk_(live|test)_[A-Za-z0-9]{20,}'</span> <span class="se">\</span> <span class="nt">-e</span> <span class="s1">'AKIA[0-9A-Z]{16}'</span> <span class="se">\</span> <span class="nt">-e</span> <span class="s1">'ghp_[A-Za-z0-9]{36}'</span> <span class="se">\</span> <span class="nt">-e</span> <span class="s1">'xox[baprs]-[A-Za-z0-9-]{10,}'</span> <span class="se">\</span> <span class="nt">-e</span> <span class="s1">'-----BEGIN [A-Z ]+ PRIVATE KEY-----'</span><span class="p">;</span> <span class="k">then </span><span class="nb">cat</span> <span class="o">&gt;</span>&amp;2 <span class="o">&lt;&lt;</span><span class="sh">'</span><span class="no">EOF</span><span class="sh">' Possible secret detected. Write blocked. Use sk_test_fake_replace_me or move the real value to .env (gitignored). </span><span class="no">EOF </span> <span class="nb">exit </span>2 <span class="k">fi </span><span class="nb">exit </span>0 </code></pre> </div> <p>Add patterns for whatever your stack uses: internal API formats, OpenAI keys, anything distinctive.</p> <h2> Hook 4: Format on every edit </h2> <p>Silent <code>PostToolUse</code>. Claude writes, the file gets formatted before the next read. No more whitespace-noise diffs.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/usr/bin/env bash</span> <span class="c"># ~/.claude/hooks/auto-format.sh</span> <span class="nb">set</span> <span class="nt">-euo</span> pipefail <span class="nv">file</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span>jq <span class="nt">-r</span> <span class="s1">'.tool_input.file_path // ""'</span><span class="si">)</span><span class="s2">"</span> <span class="o">[[</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span> <span class="o">&amp;&amp;</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span> <span class="o">]]</span> <span class="o">||</span> <span class="nb">exit </span>0 <span class="k">case</span> <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span> <span class="k">in</span> <span class="k">*</span>.ts|<span class="k">*</span>.tsx|<span class="k">*</span>.js|<span class="k">*</span>.jsx|<span class="k">*</span>.json|<span class="k">*</span>.md|<span class="k">*</span>.css<span class="p">)</span> <span class="nb">command</span> <span class="nt">-v</span> prettier <span class="o">&gt;</span>/dev/null <span class="o">&amp;&amp;</span> prettier <span class="nt">--write</span> <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span> <span class="nt">--log-level</span><span class="o">=</span>silent <span class="o">||</span> <span class="nb">true</span> <span class="p">;;</span> <span class="k">*</span>.go<span class="p">)</span> <span class="nb">command</span> <span class="nt">-v</span> gofmt <span class="o">&gt;</span>/dev/null <span class="o">&amp;&amp;</span> gofmt <span class="nt">-w</span> <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span> <span class="o">||</span> <span class="nb">true</span> <span class="p">;;</span> <span class="k">*</span>.py<span class="p">)</span> <span class="nb">command</span> <span class="nt">-v</span> ruff <span class="o">&gt;</span>/dev/null <span class="o">&amp;&amp;</span> ruff format <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span> <span class="nt">--quiet</span> <span class="o">||</span> <span class="nb">true</span> <span class="p">;;</span> <span class="k">*</span>.rs<span class="p">)</span> <span class="nb">command</span> <span class="nt">-v</span> rustfmt <span class="o">&gt;</span>/dev/null <span class="o">&amp;&amp;</span> rustfmt <span class="s2">"</span><span class="nv">$file</span><span class="s2">"</span> <span class="nt">--quiet</span> <span class="o">||</span> <span class="nb">true</span> <span class="p">;;</span> <span class="k">esac</span> <span class="nb">exit </span>0 </code></pre> </div> <p>Missing formatter? <code>|| true</code> makes it a silent no-op. Claude doesn't even know the format happened.</p> <h2> Install </h2> <ol> <li>Save each script to <code>~/.claude/hooks/</code> and <code>chmod +x ~/.claude/hooks/*.sh</code> </li> <li>Add to <code>~/.claude/settings.json</code>: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"hooks"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"PreToolUse"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"matcher"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Bash"</span><span class="p">,</span><span class="w"> </span><span class="nl">"hooks"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"command"</span><span class="p">,</span><span class="w"> </span><span class="nl">"command"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/Users/YOU/.claude/hooks/nvm-guard.sh"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"command"</span><span class="p">,</span><span class="w"> </span><span class="nl">"command"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/Users/YOU/.claude/hooks/main-guard.sh"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"matcher"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Write|Edit"</span><span class="p">,</span><span class="w"> </span><span class="nl">"hooks"</span><span class="p">:</span><span class="w"> </span><span class="p">[{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"command"</span><span class="p">,</span><span class="w"> </span><span class="nl">"command"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/Users/YOU/.claude/hooks/secret-scan.sh"</span><span class="w"> </span><span class="p">}]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"PostToolUse"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"matcher"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Write|Edit"</span><span class="p">,</span><span class="w"> </span><span class="nl">"hooks"</span><span class="p">:</span><span class="w"> </span><span class="p">[{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"command"</span><span class="p">,</span><span class="w"> </span><span class="nl">"command"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/Users/YOU/.claude/hooks/auto-format.sh"</span><span class="w"> </span><span class="p">}]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ol> <li>Start a new Claude session. Run <code>/hooks</code> to confirm they're loaded.</li> </ol> <p>Three things to know:</p> <ul> <li> <code>matcher</code> is <strong>regex</strong> on the tool name. <code>Bash</code>, <code>Write|Edit</code>, <code>.*</code> all work.</li> <li>Paths must be <strong>absolute</strong>. <code>~</code> won't expand inside settings.json.</li> <li>Multiple hooks under one matcher run in order. First <code>exit 2</code> blocks the rest.</li> </ul> <h2> Five more worth building </h2> <ul> <li> <strong>Test gate</strong>: <code>PostToolUse</code> runs the relevant test on every file edit; exit 2 on red</li> <li> <strong>Diff cap</strong>: <code>PreToolUse</code> blocks any single Write/Edit over N lines (forces small, reviewable changes)</li> <li> <strong>Dependency lock</strong>: block <code>pnpm add &lt;pkg&gt;</code> unless <code>&lt;pkg&gt;</code> is on an allowlist</li> <li> <strong>Cost warn</strong>: <code>Stop</code> hook pings you if the session burned more than $X</li> <li> <strong>Forbidden flag guard</strong>: block <code>--no-verify</code>, <code>--force</code>, <code>--dangerously-skip-permissions</code> </li> </ul> <p>20-30 lines of bash each. Each one removes a class of mistakes you stop having to think about.</p> <p>You wouldn't write "please don't drop the database" in a runbook and call it a control. You'd revoke the permission.</p> <p>Same thing here.</p> <p><strong>Stop telling Claude rules. Start enforcing them.</strong></p> <p><em>All four scripts are MIT-licensed and copy-pasteable as-is. Drop your hook #5 in the comments.</em></p> claudecode ai productivity automation