HookStackGitHub

Ship fast. Break nothing.

Install a production-ready Claude Code HookStack in one command

Up and running in 60 seconds

project root
0 / 86 selected
$ npx hookstack-cli@latest install

Will writes the hooks into .claude/hooks and patches settings.json — nothing else.

or fine-tune it hook by hook

PreToolUse

18

Secret detection before Bash execution

Security

Destructive command blocking

Security

Sensitive file write protection

Security

Lock file write protection

Security

git push to main guardrail

Security

Domain allowlist for WebFetch

Workflow

Enforce package managers

Validation

Worktree guardrail (Edit/Write)

Workflow

Enforce uv for Python dependencies

Validation

Block file writes on main branch

Security

Block push on closed PR

Workflow

WebSearch temporal context injector

Context

Binary file to Markdown converter

Context

Binary file read blocker

Context

Large JSON/CSV compactor

Context

WebFetch HTML-to-Markdown converter

Context

Write-time secret detection

Security

Env file read guard

Security

PostToolUse

11

Automatic formatting after write

Validation

ESLint lint after write

Validation

TypeScript type checking

Validation

Tool usage tracking

Notification

Bash command log

Workflow

Ruff format after write

Validation

Ruff lint after write

Validation

Pyright type checking

Validation

Next.js App Router quality checker

Validation

Motion rules guard

Validation

Conflict marker detector

Validation

PostToolUseFailure

1

Structured tool failure log

Context

UserPromptSubmit

4

Project conventions injection

Context

Current date and time injection

Context

Per-session prompt log

Context

Automatic session naming

Context

PermissionRequest

2

Auto-approve read-only permissions

Security

Automatic ExitPlanMode approval

Workflow

Notification

3

Slack notification on agent event

Notification

TTS voice notification

Notification

System sound notification

Notification

Stop

13

Run tests at end of response

Validation

Session summary generation

Documentation

Automatic quality check (Stop)

Validation

Missing test detection (Stop)

Validation

Per-modified-file coverage (Stop)

Validation

Per-modified-file lint (Stop)

Validation

Auto-disable Stop hook after N failures

Workflow

Full i18n validation (Stop)

Validation

Voice task-completion announcement

Notification

System sound on task completion

Notification

Run pytest at end of response

Validation

Registry drift check at stop

Validation

Code duplication guard

Validation

SubagentStop

1

Subagent end voice summary

Notification

SubagentStart

1

Subagent start voice announcement

Notification

PreCompact

1

Transcript backup before compaction

Workflow

SessionStart

11

Load Git context at startup

Context

Worktree env initialization

Workflow

Worktree dependency update

Workflow

Dependency check and install at startup

Workflow

Re-inject context after compaction

Context

Install project dependencies on init

Workflow

Auto-create worktree when starting on main

Workflow

Auto-pull on main at session start

Context

Stale stash warning at session start

Context

AGENTS.md context loader

Context

GitHub context loader

Context

SessionEnd

2

End-of-session audit log

Notification

Temporary file cleanup at session end

Workflow

CwdChanged

1

Reload direnv on directory change

Workflow

ConfigChange

1

Configuration change audit log

Workflow

FileChanged

5

Reload .env on file change

Workflow

Auto-run tests when source files change

Validation

Registry auto-sync

Workflow

Registry schema validation on change

Validation

Docs consistency reminder

Documentation

InstructionsLoaded

1

Audit log for CLAUDE.md file loads

Workflow

MessageDisplay

1

Redact secrets from displayed output

Security

PermissionDenied

1

Log auto-mode permission denials

Workflow

PostCompact

1

Save compaction summary to log

Documentation

PostToolBatch

1

Typecheck after parallel file edits

Validation

StopFailure

2

Desktop notification on rate limit

Notification

Log API errors to file

Workflow

TaskCompleted

1

Test suite gate before task completion

Validation

TaskCreated

1

Enforce task naming conventions

Workflow

UserPromptExpansion

1

Inject context on skill invocation

Context

WorktreeRemove

1

Clean up artifacts on worktree removal

Workflow
Select hooks (+ button) to generate your settings.json configuration.

Frequently asked questions

What is an agentic hook?
An agentic hook is a Node.js script triggered by Claude Code lifecycle events — PreToolUse, PostToolUse, SessionStart, Stop. Hooks enforce deterministic behavior in agentic workflows: block dangerous commands, run tests automatically, inject context, and notify your team — without relying on the LLM to remember.
How do agentic hooks improve vibe coding?
Vibe coding lets an AI agent like Claude Code drive most of your implementation while you set direction. Hooks add CI-like guardrails that fire on every agent action — making your agentic workflow production-safe, auditable, and repeatable regardless of what the model decides to do.
Does HookStack work with GitHub Copilot?
HookStack is built around Claude Code hooks today. The agentic hook patterns are portable: any AI coding agent that exposes lifecycle events can adopt the same deterministic-behavior approach. GitHub Copilot Workspace and similar tools are natural targets as they mature.
Why are Claude Code hooks better than prompt instructions?
Prompts are probabilistic — the model may or may not follow them. Claude Code hooks are deterministic Node.js scripts that execute unconditionally on matching events. No drift, no hallucination, no forgotten rules. That guarantee is what makes agentic workflows trustworthy in production.
How do I install Claude Code hooks with HookStack?
Browse the catalogue, select the hooks you want, then run the generated npx hookstack-cli@latest install command in your project root. HookStack writes the scripts to .claude/hooks/ and patches your settings.json — nothing else touched.
I already use Claude Code commands like /gen-test-unit or /create-worktree — aren't hooks the same thing?
Commands are interactive: you type them, Claude reads and acts on them inside the conversation. Hooks are the opposite — Node.js scripts that fire unconditionally outside the model, triggered by lifecycle events (PreToolUse, PostToolUse, Stop…). The model never sees them, never decides whether to run them, and can't skip them. Commands steer the AI; hooks constrain it.
Do hooks consume tokens from my context window?
No. Hooks run in a separate process, outside the model entirely. They can inject context back into the session via stdout, but the hook scripts themselves — and whatever they compute — are never sent to the model unless you explicitly return a message. Commands, on the other hand, are part of the conversation and consume context. Hooks are a zero-cost enforcement layer.