@hasna/hooks 0.0.6 → 0.1.0

package/hooks/hook-protectfiles/README.md

@@ -0,0 +1,62 @@
+# hook-protectfiles
+
+Claude Code hook that blocks access to sensitive files like `.env`, secrets, keys, and lock files.
+
+## Overview
+
+Prevents Claude from reading or modifying files that contain secrets, credentials, or are auto-generated (lock files). Protects across all tool types — file operations and bash commands.
+
+## Hook Event
+
+- **PreToolUse** (matcher: `Edit|Write|Read|Bash`)
+
+## Protected Files
+
+### Always Blocked (Read + Write)
+
+| Pattern | Description |
+|---------|-------------|
+| `.env`, `.env.*` | Environment variable files |
+| `.secrets/` | Secrets directory |
+| `credentials.json` | Credential files |
+| `*.pem`, `*.key`, `*.p12`, `*.pfx` | SSL/TLS certificates and keys |
+| `id_rsa`, `id_ed25519`, `id_ecdsa` | SSH keys |
+| `.ssh/` | SSH directory |
+| `.aws/credentials` | AWS credentials |
+| `.npmrc` | npm config (may contain tokens) |
+| `.netrc` | Network credentials |
+| `*.keystore`, `*.jks` | Java keystores |
+
+### Write-Only Block (Read is OK)
+
+| Pattern | Description |
+|---------|-------------|
+| `package-lock.json` | npm lock file |
+| `yarn.lock` | Yarn lock file |
+| `bun.lock`, `bun.lockb` | Bun lock files |
+| `pnpm-lock.yaml` | pnpm lock file |
+| `Gemfile.lock` | Ruby lock file |
+| `poetry.lock` | Poetry lock file |
+| `Cargo.lock` | Rust lock file |
+| `composer.lock` | PHP lock file |
+
+## Tool Coverage
+
+| Tool | Check Method |
+|------|-------------|
+| `Read` | Checks `tool_input.file_path` against protected patterns |
+| `Edit` | Checks `tool_input.file_path` against protected + lock patterns |
+| `Write` | Checks `tool_input.file_path` against protected + lock patterns |
+| `Bash` | Scans command string for references to protected files |
+
+## Bash Command Intelligence
+
+For Bash commands, the hook:
+- Allows git commands that naturally reference `.env` (e.g., `git add .gitignore` where `.env` appears)
+- Blocks direct file access (`cat .env`, `cp .secrets/`, etc.)
+- Blocks redirects to lock files (`> package-lock.json`)
+- Blocks sed/awk modifications to lock files
+
+## License
+
+MIT

package/hooks/hook-protectfiles/package.json

@@ -0,0 +1,58 @@
+{
+  "name": "@hasna/hook-protectfiles",
+  "version": "0.1.0",
+  "description": "Claude Code hook that blocks access to sensitive files like .env, secrets, and keys",
+  "type": "module",
+  "bin": {
+    "hook-protectfiles": "./dist/cli.js"
+  },
+  "main": "./dist/hook.js",
+  "exports": {
+    ".": {
+      "import": "./dist/hook.js",
+      "types": "./dist/hook.d.ts"
+    },
+    "./cli": {
+      "import": "./dist/cli.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "bun build ./src/hook.ts --outdir ./dist --target node",
+    "prepublishOnly": "bun run build",
+    "typecheck": "tsc --noEmit"
+  },
+  "keywords": [
+    "claude-code",
+    "claude",
+    "hook",
+    "security",
+    "protect",
+    "secrets",
+    "env",
+    "credentials",
+    "cli"
+  ],
+  "author": "Hasna",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/hasna/open-hooks.git"
+  },
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/"
+  },
+  "engines": {
+    "node": ">=18",
+    "bun": ">=1.0"
+  },
+  "devDependencies": {
+    "@types/bun": "^1.3.8",
+    "@types/node": "^20",
+    "typescript": "^5.0.0"
+  }
+}

package/hooks/hook-protectfiles/src/hook.ts

@@ -0,0 +1,267 @@
+#!/usr/bin/env bun
+
+/**
+ * Claude Code Hook: protectfiles
+ *
+ * PreToolUse hook that blocks access to sensitive files:
+ *
+ * Always blocked (Edit/Write/Read/Bash):
+ * - .env, .env.local, .env.production, .env.*
+ * - .secrets/, credentials.json
+ * - *.pem, *.key
+ * - id_rsa, id_ed25519, .ssh/
+ *
+ * Blocked for Edit/Write only (Read is OK):
+ * - package-lock.json, yarn.lock, bun.lock, bun.lockb
+ *
+ * For Edit/Write/Read: checks tool_input.file_path
+ * For Bash: checks if the command references protected files
+ */
+
+import { readFileSync } from "fs";
+import { basename } from "path";
+
+interface HookInput {
+  session_id: string;
+  cwd: string;
+  tool_name: string;
+  tool_input: Record<string, unknown>;
+}
+
+interface HookOutput {
+  decision: "approve" | "block";
+  reason?: string;
+}
+
+function readStdinJson(): HookInput | null {
+  try {
+    const input = readFileSync(0, "utf-8").trim();
+    if (!input) return null;
+    return JSON.parse(input);
+  } catch {
+    return null;
+  }
+}
+
+function respond(output: HookOutput): void {
+  console.log(JSON.stringify(output));
+}
+
+/**
+ * Sensitive file patterns that are always blocked (read + write).
+ */
+const ALWAYS_PROTECTED_PATTERNS: Array<{ pattern: RegExp; description: string }> = [
+  // Environment files
+  { pattern: /(?:^|\/)\.env$/, description: ".env file" },
+  { pattern: /(?:^|\/)\.env\.[a-zA-Z0-9._-]+$/, description: ".env.* file" },
+
+  // Secrets directory
+  { pattern: /(?:^|\/)\.secrets(?:\/|$)/, description: ".secrets/ directory" },
+
+  // Credential files
+  { pattern: /(?:^|\/)credentials\.json$/, description: "credentials.json" },
+
+  // SSL/TLS keys and certificates
+  { pattern: /\.pem$/, description: ".pem file (certificate/key)" },
+  { pattern: /\.key$/, description: ".key file (private key)" },
+  { pattern: /\.p12$/, description: ".p12 file (certificate bundle)" },
+  { pattern: /\.pfx$/, description: ".pfx file (certificate bundle)" },
+
+  // SSH keys
+  { pattern: /(?:^|\/)id_rsa(?:\.pub)?$/, description: "SSH RSA key" },
+  { pattern: /(?:^|\/)id_ed25519(?:\.pub)?$/, description: "SSH Ed25519 key" },
+  { pattern: /(?:^|\/)id_ecdsa(?:\.pub)?$/, description: "SSH ECDSA key" },
+  { pattern: /(?:^|\/)id_dsa(?:\.pub)?$/, description: "SSH DSA key" },
+  { pattern: /(?:^|\/)\.ssh\//, description: ".ssh/ directory" },
+
+  // AWS credentials
+  { pattern: /(?:^|\/)\.aws\/credentials$/, description: "AWS credentials" },
+
+  // Token files
+  { pattern: /(?:^|\/)\.npmrc$/, description: ".npmrc (may contain tokens)" },
+  { pattern: /(?:^|\/)\.netrc$/, description: ".netrc (may contain credentials)" },
+
+  // Keystore files
+  { pattern: /\.keystore$/, description: "keystore file" },
+  { pattern: /\.jks$/, description: "Java keystore" },
+];
+
+/**
+ * Lock file patterns — blocked for Edit/Write only, allowed for Read.
+ */
+const LOCK_FILE_PATTERNS: Array<{ pattern: RegExp; description: string }> = [
+  { pattern: /(?:^|\/)package-lock\.json$/, description: "package-lock.json (auto-generated)" },
+  { pattern: /(?:^|\/)yarn\.lock$/, description: "yarn.lock (auto-generated)" },
+  { pattern: /(?:^|\/)bun\.lock$/, description: "bun.lock (auto-generated)" },
+  { pattern: /(?:^|\/)bun\.lockb$/, description: "bun.lockb (auto-generated binary)" },
+  { pattern: /(?:^|\/)pnpm-lock\.yaml$/, description: "pnpm-lock.yaml (auto-generated)" },
+  { pattern: /(?:^|\/)Gemfile\.lock$/, description: "Gemfile.lock (auto-generated)" },
+  { pattern: /(?:^|\/)poetry\.lock$/, description: "poetry.lock (auto-generated)" },
+  { pattern: /(?:^|\/)Cargo\.lock$/, description: "Cargo.lock (auto-generated)" },
+  { pattern: /(?:^|\/)composer\.lock$/, description: "composer.lock (auto-generated)" },
+];
+
+type ToolCategory = "read" | "write" | "bash";
+
+function getToolCategory(toolName: string): ToolCategory | null {
+  switch (toolName) {
+    case "Read":
+      return "read";
+    case "Edit":
+    case "Write":
+      return "write";
+    case "Bash":
+      return "bash";
+    default:
+      return null;
+  }
+}
+
+function checkFilePath(filePath: string, category: ToolCategory): { blocked: boolean; reason?: string } {
+  // Check always-protected files
+  for (const { pattern, description } of ALWAYS_PROTECTED_PATTERNS) {
+    if (pattern.test(filePath)) {
+      return {
+        blocked: true,
+        reason: `Blocked: access to ${description} (${basename(filePath)})`,
+      };
+    }
+  }
+
+  // Check lock files — only block writes, allow reads
+  if (category === "write") {
+    for (const { pattern, description } of LOCK_FILE_PATTERNS) {
+      if (pattern.test(filePath)) {
+        return {
+          blocked: true,
+          reason: `Blocked: writing to ${description} — this file is auto-generated`,
+        };
+      }
+    }
+  }
+
+  return { blocked: false };
+}
+
+function checkBashCommand(command: string): { blocked: boolean; reason?: string } {
+  // For Bash, check if the command references any protected file
+  // We check both always-protected and lock files (since bash could write to them)
+
+  for (const { pattern, description } of ALWAYS_PROTECTED_PATTERNS) {
+    // Extract the core pattern to search in the command string
+    if (pattern.test(command)) {
+      return {
+        blocked: true,
+        reason: `Blocked: command references ${description}`,
+      };
+    }
+  }
+
+  // Additional string-based checks for common patterns in bash commands
+  const sensitiveReferences: Array<{ pattern: RegExp; description: string }> = [
+    { pattern: /\b\.env\b(?!\.)/, description: ".env file" },
+    { pattern: /\.env\.[a-zA-Z]+/, description: ".env.* file" },
+    { pattern: /\.secrets\//, description: ".secrets/ directory" },
+    { pattern: /credentials\.json/, description: "credentials.json" },
+    { pattern: /\bid_rsa\b/, description: "SSH RSA key" },
+    { pattern: /\bid_ed25519\b/, description: "SSH Ed25519 key" },
+    { pattern: /\.ssh\//, description: ".ssh/ directory" },
+    { pattern: /\.aws\/credentials/, description: "AWS credentials" },
+  ];
+
+  for (const { pattern, description } of sensitiveReferences) {
+    if (pattern.test(command)) {
+      // Allow read-only commands that just check existence or list
+      // e.g., "test -f .env", "ls .secrets/", "cat .env" should still be caught
+      // But git commands that reference .env in .gitignore context are OK
+      if (/\bgit\s+(add|commit|diff|status|log)\b/.test(command)) {
+        continue;
+      }
+
+      return {
+        blocked: true,
+        reason: `Blocked: command references ${description}`,
+      };
+    }
+  }
+
+  // Check if bash command writes to lock files
+  const lockFileWritePatterns: Array<{ pattern: RegExp; description: string }> = [
+    { pattern: />\s*package-lock\.json/, description: "writing to package-lock.json" },
+    { pattern: />\s*yarn\.lock/, description: "writing to yarn.lock" },
+    { pattern: />\s*bun\.lock/, description: "writing to bun.lock" },
+    { pattern: /sed\s+.*package-lock\.json/, description: "modifying package-lock.json" },
+    { pattern: /sed\s+.*yarn\.lock/, description: "modifying yarn.lock" },
+    { pattern: /sed\s+.*bun\.lock/, description: "modifying bun.lock" },
+  ];
+
+  for (const { pattern, description } of lockFileWritePatterns) {
+    if (pattern.test(command)) {
+      return {
+        blocked: true,
+        reason: `Blocked: ${description} — this file is auto-generated`,
+      };
+    }
+  }
+
+  return { blocked: false };
+}
+
+export function run(): void {
+  const input = readStdinJson();
+
+  if (!input) {
+    respond({ decision: "approve" });
+    return;
+  }
+
+  const category = getToolCategory(input.tool_name);
+  if (!category) {
+    respond({ decision: "approve" });
+    return;
+  }
+
+  // For Edit/Write/Read: check file_path
+  if (category === "read" || category === "write") {
+    const filePath = input.tool_input?.file_path as string;
+    if (!filePath || typeof filePath !== "string") {
+      respond({ decision: "approve" });
+      return;
+    }
+
+    const result = checkFilePath(filePath, category);
+    if (result.blocked) {
+      console.error(`[hook-protectfiles] ${result.reason}`);
+      respond({ decision: "block", reason: result.reason });
+      return;
+    }
+
+    respond({ decision: "approve" });
+    return;
+  }
+
+  // For Bash: check command
+  if (category === "bash") {
+    const command = input.tool_input?.command as string;
+    if (!command || typeof command !== "string") {
+      respond({ decision: "approve" });
+      return;
+    }
+
+    const result = checkBashCommand(command);
+    if (result.blocked) {
+      console.error(`[hook-protectfiles] ${result.reason}`);
+      respond({ decision: "block", reason: result.reason });
+      return;
+    }
+
+    respond({ decision: "approve" });
+    return;
+  }
+
+  respond({ decision: "approve" });
+}
+
+if (import.meta.main) {
+  run();
+}

package/hooks/hook-sessionlog/README.md

@@ -0,0 +1,48 @@
+# hook-sessionlog
+
+Claude Code hook that logs every tool call to a session log file.
+
+## Overview
+
+Every time Claude calls any tool, this hook appends a JSON line to `.claude/session-log-<date>.jsonl` in the project directory. Useful for auditing, debugging, and understanding what Claude did during a session.
+
+## Event
+
+- **PostToolUse** (matches all tools)
+
+## Log Format
+
+Each line in the `.jsonl` file is a JSON object:
+
+```json
+{
+  "timestamp": "2026-02-14T10:30:00.000Z",
+  "tool_name": "Edit",
+  "tool_input": "{\"file_path\":\"src/index.ts\",\"old_string\":\"...\",\"new_string\":\"...\"}",
+  "session_id": "abc123"
+}
+```
+
+- `tool_input` is truncated to 500 characters to keep log files manageable
+- One file per day: `.claude/session-log-2026-02-14.jsonl`
+
+## Behavior
+
+- Creates `.claude/` directory if it does not exist
+- Appends to the log file (never overwrites)
+- Non-blocking: logging failures are logged to stderr but never interrupt Claude
+- Outputs `{ "continue": true }` always
+
+## Log Location
+
+```
+<project-root>/
+└── .claude/
+    ├── session-log-2026-02-14.jsonl
+    ├── session-log-2026-02-15.jsonl
+    └── ...
+```
+
+## License
+
+MIT

package/hooks/hook-sessionlog/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "hook-sessionlog",
+  "version": "0.1.0",
+  "description": "Claude Code hook that logs every tool call to a session log file",
+  "type": "module",
+  "main": "./src/hook.ts",
+  "scripts": {
+    "typecheck": "tsc --noEmit"
+  },
+  "author": "Hasna",
+  "license": "MIT"
+}

package/hooks/hook-sessionlog/src/hook.ts

@@ -0,0 +1,100 @@
+#!/usr/bin/env bun
+
+/**
+ * Claude Code Hook: sessionlog
+ *
+ * PostToolUse hook that logs every tool call to a session log file.
+ * Creates .claude/session-log-<date>.jsonl in the project directory.
+ *
+ * Each line is a JSON object with:
+ * - timestamp: ISO string
+ * - tool_name: name of the tool that was called
+ * - tool_input: first 500 characters of the stringified tool input
+ * - session_id: current session ID
+ */
+
+import { readFileSync, existsSync, mkdirSync, appendFileSync } from "fs";
+import { join } from "path";
+
+interface HookInput {
+  session_id: string;
+  cwd: string;
+  tool_name: string;
+  tool_input: Record<string, unknown>;
+}
+
+interface HookOutput {
+  continue: boolean;
+}
+
+function readStdinJson(): HookInput | null {
+  try {
+    const input = readFileSync(0, "utf-8").trim();
+    if (!input) return null;
+    return JSON.parse(input);
+  } catch {
+    return null;
+  }
+}
+
+function respond(output: HookOutput): void {
+  console.log(JSON.stringify(output));
+}
+
+function getDateString(): string {
+  const now = new Date();
+  const year = now.getFullYear();
+  const month = String(now.getMonth() + 1).padStart(2, "0");
+  const day = String(now.getDate()).padStart(2, "0");
+  return `${year}-${month}-${day}`;
+}
+
+function truncate(str: string, maxLength: number): string {
+  if (str.length <= maxLength) return str;
+  return str.slice(0, maxLength) + "...";
+}
+
+function logToolCall(input: HookInput): void {
+  const claudeDir = join(input.cwd, ".claude");
+
+  // Create .claude/ directory if it doesn't exist
+  if (!existsSync(claudeDir)) {
+    mkdirSync(claudeDir, { recursive: true });
+  }
+
+  const dateStr = getDateString();
+  const logFile = join(claudeDir, `session-log-${dateStr}.jsonl`);
+
+  const toolInputStr = truncate(JSON.stringify(input.tool_input), 500);
+
+  const logEntry = {
+    timestamp: new Date().toISOString(),
+    tool_name: input.tool_name,
+    tool_input: toolInputStr,
+    session_id: input.session_id,
+  };
+
+  appendFileSync(logFile, JSON.stringify(logEntry) + "\n");
+}
+
+export function run(): void {
+  const input = readStdinJson();
+
+  if (!input) {
+    respond({ continue: true });
+    return;
+  }
+
+  try {
+    logToolCall(input);
+  } catch (error) {
+    const errMsg = error instanceof Error ? error.message : String(error);
+    console.error(`[hook-sessionlog] Warning: failed to log tool call: ${errMsg}`);
+  }
+
+  respond({ continue: true });
+}
+
+if (import.meta.main) {
+  run();
+}

package/hooks/hook-slacknotify/README.md

@@ -0,0 +1,62 @@
+# hook-slacknotify
+
+Claude Code hook that sends a Slack webhook notification when Claude Code finishes working.
+
+## Overview
+
+When Claude stops, this hook sends a notification to a configured Slack channel via an incoming webhook URL. Useful for being notified when long-running tasks complete.
+
+## Event
+
+- **Stop** (no matcher)
+
+## Configuration
+
+Configure the webhook URL via one of:
+
+### 1. Environment Variable (preferred)
+
+```bash
+export SLACK_WEBHOOK_URL="https://hooks.slack.com/services/T.../B.../xxx"
+```
+
+### 2. Settings File
+
+Add to `~/.claude/settings.json`:
+
+```json
+{
+  "slackNotifyConfig": {
+    "webhookUrl": "https://hooks.slack.com/services/T.../B.../xxx",
+    "enabled": true
+  }
+}
+```
+
+## Slack Message Format
+
+The hook sends a message with:
+
+```json
+{
+  "text": "Claude Code finished in <project-name>",
+  "blocks": [{
+    "type": "section",
+    "text": {
+      "type": "mrkdwn",
+      "text": "*Claude Code* finished working in `<cwd>`"
+    }
+  }]
+}
+```
+
+## Behavior
+
+- If no webhook URL is configured, logs a warning to stderr and continues
+- If the webhook request fails, logs the error to stderr and continues
+- Never blocks the session from ending
+- Outputs `{ "continue": true }` always
+
+## License
+
+MIT

package/hooks/hook-slacknotify/package.json

@@ -0,0 +1,12 @@
+{
+  "name": "hook-slacknotify",
+  "version": "0.1.0",
+  "description": "Claude Code hook that sends Slack webhook notifications when Claude stops",
+  "type": "module",
+  "main": "./src/hook.ts",
+  "scripts": {
+    "typecheck": "tsc --noEmit"
+  },
+  "author": "Hasna",
+  "license": "MIT"
+}