Claude Code PreToolUse hook — Blocks destructive bash commands before they execute.
mkdir -p ~/.claude/hooks/pre_tool_use
curl -sfL https://raw.githubusercontent.com/claude-builders-bounty/claude-security-hook/main/guard.py \
-o ~/.claude/hooks/pre_tool_use/guard.pyOr copy directly:
mkdir -p ~/.claude/hooks/pre_tool_use
cp guard.py ~/.claude/hooks/pre_tool_use/That's it — Claude Code automatically discovers hooks in ~/.claude/hooks/.
| Category | Patterns Blocked |
|---|---|
| File Destruction | rm -rf, rm /, forceful removal |
| Git Destructive | git push --force, git reset --hard, git branch -D |
| Database | DROP TABLE/DATABASE, TRUNCATE, DELETE FROM (no WHERE), ALTER TABLE DROP |
| System Danger | mkfs, dd if=, format, chmod 0, chown -R |
| Remote Code Execution | `curl |
Safe operations pass through normally:
rm -rf node_modules dist build .next __pycache__git reset --hard HEADgit push --force-with-lease- Normal
rm file.txt,mkdir,cp,mv
Every blocked command is logged to ~/.claude/hooks/blocked.log:
[2026-05-16T17:00:00+00:00] BLOCKED | Destructive file removal (rm -rf) | cmd: rm -rf /var/log/ | project: /home/user/project
# Test — should be blocked
python3 guard.py <<< '{"args":{"command":"rm -rf /important"}}'
# Test — should be allowed (safe path)
python3 guard.py <<< '{"args":{"command":"rm -rf node_modules"}}'
# Test — should be allowed (normal command)
python3 guard.py <<< '{"args":{"command":"ls -la"}}'To add custom patterns, edit guard.py and modify the DANGEROUS_PATTERNS or ALLOWLIST lists.
This project is a submission for the Claude Builders Bounty — $100 reward.
Acceptance Criteria:
- Hook follows Claude Code hooks format (
~/.claude/hooks/) - Blocks:
rm -rf,DROP TABLE,git push --force,TRUNCATE,DELETE FROMwithout WHERE - Logs to
~/.claude/hooks/blocked.logwith timestamp, command, project path - Clear message explaining why command was blocked
- Does not interfere with normal bash commands
- README with 2-command install
MIT — built for the Claude Builder community.