Writing Hookify Rules

Overview

Hookify rules are markdown files with YAML frontmatter that define patterns to watch for and messages to show when those patterns match. Rules are stored in .claude/hookify.{rule-name}.local.md files.

Rule File Format

Basic Structure

---
name: rule-identifier
enabled: true
event: bash|file|stop|prompt|all
pattern: regex-pattern-here
---

Message to show Claude when this rule triggers.
Can include markdown formatting, warnings, suggestions, etc.

Frontmatter Fields

Field	Required	Values	Description
name	Yes	kebab-case string	Unique identifier (verb-first: warn-, block-, require-*)
enabled	Yes	true/false	Toggle without deleting
event	Yes	bash/file/stop/prompt/all	Which hook event triggers this
action	No	warn/block	warn (default) shows message; block prevents operation
pattern	Yes*	regex string	Pattern to match (*or use conditions for complex rules)

Advanced Format (Multiple Conditions)

---
name: warn-env-api-keys
enabled: true
event: file
conditions:
  - field: file_path
    operator: regex_match
    pattern: \.env$
  - field: new_text
    operator: contains
    pattern: API_KEY
---

You're adding an API key to a .env file. Ensure this file is in .gitignore!

Condition fields by event:

bash: command
file: file_path, new_text, old_text, content
prompt: user_prompt

Operators: regex_match, contains, equals, not_contains, starts_with, ends_with

All conditions must match for rule to trigger.

Event Type Guide

bash Events

Match Bash command patterns:

Dangerous commands: rm\s+-rf, dd\s+if=, mkfs
Privilege escalation: sudo\s+, su\s+
Permission issues: chmod\s+777

file Events

Match Edit/Write/MultiEdit operations:

Debug code: console\.log\(, debugger
Security risks: eval\(, innerHTML\s*=
Sensitive files: \.env$, credentials, \.pem$

stop Events

Completion checks and reminders. Pattern .* matches always.

prompt Events

Match user prompt content for workflow enforcement.

Pattern Writing Tips

Regex Basics

Escape special chars: . to \., ( to \(
\s whitespace, \d digit, \w word char
+ one or more, * zero or more, ? optional
| OR operator

Common Pitfalls

Too broad: log matches "login", "dialog" — use console\.log\(
Too specific: rm -rf /tmp — use rm\s+-rf
YAML escaping: Use unquoted patterns; quoted strings need \\s

Testing

python3 -c "import re; print(re.search(r'your_pattern', 'test text'))"

File Organization

Location: .claude/ directory in project root
Naming: .claude/hookify.{descriptive-name}.local.md
Gitignore: Add .claude/*.local.md to .gitignore

Commands

/hookify [description] - Create new rules (auto-analyzes conversation if no args)
/hookify-list - View all rules in table format
/hookify-configure - Toggle rules on/off interactively
/hookify-help - Full documentation

Quick Reference

Minimum viable rule:

---
name: my-rule
enabled: true
event: bash
pattern: dangerous_command
---
Warning message here

Analysis failed

429 {"type":"error","error":{"type":"rate_limit_error","message":"This request would exceed your organization's rate limit of 450,000 input tokens per minute (org: a7b9459e-09e0-417d-ba38-f43911180ff6, model: claude-haiku-4-5-20251001). For details, refer to: https://docs.claude.com/en/api/rate-limits. You can see the response headers for current usage. Please reduce the prompt length or the maximum tokens requested, or try again later. You may also contact sales at https://claude.com/contact-sales to discuss your options for a rate limit increase."},"request_id":"req_011CaE4CVN3ARu5VdM89o4kq"}

Reviews

Add this skill to your library to leave a review.

No reviews yet

Be the first to share your experience.

Version History

v1.1

Content updated

2026-04-20

Latest

v1.0

No changelog

2026-04-05

hookify-rules