This skill should be used when the user asks to "create a hookify rule", "write a hook rule", "configure hookify", "add a hookify rule", or needs guidance on hookify rule syntax and patterns.
.claude/hookify.{rule-name}.local.md files.---
name: rule-identifier
enabled: true
event: bash|file|stop|prompt|all
pattern: regex-pattern-here
---
Message to show Claude when this rule triggers.
Can include markdown formatting, warnings, suggestions, etc.
warn-dangerous-rm, block-console-logtrue: Rule is activefalse: Rule is disabled (won't trigger)bash: Bash tool commandsfile: Edit, Write, MultiEdit toolsstop: When agent wants to stopprompt: When user submits a promptall: All eventswarn: Show message but allow operation (default)block: Prevent operation (PreToolUse) or stop session (Stop events)warnevent: bash
pattern: rm\s+-rf
---
name: warn-env-file-edits
enabled: true
event: file
conditions:
- field: file_path
operator: regex_match
pattern: \.env$
- field: new_text
operator: contains
pattern: API_KEY
---
You're adding an API key to a .env file. Ensure this file is in .gitignore!
field: Which field to check
commandfile_path, new_text, old_text, contentoperator: How to match
regex_match: Regex pattern matchingcontains: Substring checkequals: Exact matchnot_contains: Substring must NOT be presentstarts_with: Prefix checkends_with: Suffix checkpattern: Pattern or string to match⚠️ **Console.log detected!**
You're adding console.log to production code.
**Why this matters:**
- Debug logs shouldn't ship to production
- Console.log can expose sensitive data
- Impacts browser performance
**Alternatives:**
- Use a proper logging library
- Remove before committing
- Use conditional debug builds
---
event: bash
pattern: sudo\s+|rm\s+-rf|chmod\s+777
---
Dangerous command detected!
rm\s+-rf, dd\s+if=, mkfssudo\s+, su\s+chmod\s+777, chown\s+root---
event: file
pattern: console\.log\(|eval\(|innerHTML\s*=
---
Potentially problematic code pattern detected!
---
event: file
conditions:
- field: file_path
operator: regex_match
pattern: \.tsx?$
- field: new_text
operator: regex_match
pattern: console\.log\(
---
Console.log in TypeScript file!
console\.log\(, debugger, print\(eval\(, innerHTML\s*=, dangerouslySetInnerHTML\.env$, credentials, \.pem$node_modules/, dist/, build/---
event: stop
pattern: .*
---
Before stopping, verify:
- [ ] Tests were run
- [ ] Build succeeded
- [ ] Documentation updated
---
event: prompt
conditions:
- field: user_prompt
operator: contains
pattern: deploy to production
---
Production deployment checklist:
- [ ] Tests passing?
- [ ] Reviewed by team?
- [ ] Monitoring ready?
rm matches "rm"console.log matches "console.log". (any char) → \. (literal dot)( ) → \( \) (literal parens)[ ] → \[ \] (literal brackets)\s - whitespace (space, tab, newline)\d - digit (0-9)\w - word character (a-z, A-Z, 0-9, _). - any character+ - one or more* - zero or more? - zero or one| - ORrm\s+-rf Matches: rm -rf, rm -rf
console\.log\( Matches: console.log(
(eval|exec)\( Matches: eval( or exec(
chmod\s+777 Matches: chmod 777, chmod 777
API_KEY\s*= Matches: API_KEY=, API_KEY =
python3 -c "import re; print(re.search(r'your_pattern', 'test text'))"
pattern: log # Matches "log", "login", "dialog", "catalog"
console\.log\(|logger\.pattern: rm -rf /tmp # Only matches exact path
rm\s+-rf"pattern" requires double backslashes \\spattern: \s works as-is.claude/ directory
Naming: .claude/hookify.{descriptive-name}.local.md
Gitignore: Add .claude/*.local.md to .gitignorehookify.dangerous-rm.local.mdhookify.console-log.local.mdhookify.require-tests.local.mdhookify.sensitive-files.local.mdhookify.rule1.local.md (not descriptive)hookify.md (missing .local)danger.local.md (missing hookify prefix).claude/hookify.{name}.local.md file in project root.local.md fileenabled: false in frontmatter
Permanent: Delete the .local.md file${CLAUDE_PLUGIN_ROOT}/examples/ for complete examples:dangerous-rm.local.md - Block dangerous rm commandsconsole-log-warning.local.md - Warn about console.logsensitive-files-warning.local.md - Warn about editing .env files---
name: my-rule
enabled: true
event: bash
pattern: dangerous_command
---
Warning message here
---
name: my-rule
enabled: true
event: file
conditions:
- field: file_path
operator: regex_match
pattern: \.ts$
- field: new_text
operator: contains
pattern: any
---
Warning message
bash - Bash commandsfile - File editsstop - Completion checksprompt - User inputall - All eventscommandfile_path, new_text, old_text, contentuser_promptregex_match, contains, equals, not_contains, starts_with, ends_with