claude-code-hookkit 1.0.0

package/registry/hooks/exit-code-enforcer.sh

@@ -0,0 +1,76 @@
+#!/bin/bash
+# exit-code-enforcer.sh
+# PreToolUse hook for Bash events
+#
+# Blocks execution of known-dangerous shell commands that could cause
+# irreversible damage to the system (data destruction, privilege escalation,
+# fork bombs, etc.)
+#
+# Claude Code passes JSON via stdin. We extract tool_input.command
+# and check it against dangerous patterns using grep (POSIX, no jq needed).
+#
+# Exit 2 = block (Claude Code spec), Exit 0 = allow
+
+# Read all stdin into a variable
+INPUT=$(cat)
+
+# Extract command value from tool_input JSON.
+# Strategy: isolate the "command":"..." pair, handling escaped quotes inside the value.
+# 1. grep extracts "command": followed by a JSON string (handling \" escapes)
+# 2. sed strips the key and outer quotes
+# 3. Second sed unescapes JSON string escapes
+COMMAND_RAW=$(printf '%s' "$INPUT" | grep -o '"command"[[:space:]]*:[[:space:]]*"[^"\\]*\(\\.[^"\\]*\)*"' | head -1 | sed 's/^"command"[[:space:]]*:[[:space:]]*"//; s/"$//')
+COMMAND=$(printf '%s' "$COMMAND_RAW" | sed 's/\\"/"/g; s/\\\\/\\/g')
+
+# If no command found, allow (can't determine what's being run)
+if [ -z "$COMMAND" ]; then
+  exit 0
+fi
+
+# --- Dangerous command patterns ---
+# Each pattern check is explained inline.
+
+# Block recursive force-delete of root filesystem
+# This would permanently destroy the entire OS installation
+if printf '%s' "$COMMAND" | grep -qE 'rm[[:space:]].*-[a-zA-Z]*r[a-zA-Z]*f[a-zA-Z]*[[:space:]]+/[[:space:]]*$|rm[[:space:]].*-[a-zA-Z]*f[a-zA-Z]*r[a-zA-Z]*[[:space:]]+/[[:space:]]*$'; then
+  printf 'BLOCKED: "rm -rf /" would delete the entire filesystem. Command: %s\n' "$COMMAND" >&2
+  exit 2
+fi
+
+# Block rm -rf targeting home directory by path or variable
+# These would delete all user files and configuration
+if printf '%s' "$COMMAND" | grep -qE 'rm[[:space:]].*-[a-zA-Z]*r[a-zA-Z]*f[a-zA-Z]*[[:space:]].*(~|\$HOME)[[:space:]]*$|rm[[:space:]].*-[a-zA-Z]*f[a-zA-Z]*r[a-zA-Z]*[[:space:]].*(~|\$HOME)[[:space:]]*$'; then
+  printf 'BLOCKED: "rm -rf ~" or "rm -rf $HOME" would delete your home directory. Command: %s\n' "$COMMAND" >&2
+  exit 2
+fi
+
+# Block chmod 777 on system directories or broad paths
+# World-writable permissions on directories create security vulnerabilities
+if printf '%s' "$COMMAND" | grep -qE 'chmod[[:space:]]+(777|a\+rwx|ugo\+rwx)[[:space:]]+(/[^[:space:]]*)?$'; then
+  printf 'BLOCKED: "chmod 777" on system paths creates severe security vulnerabilities. Command: %s\n' "$COMMAND" >&2
+  exit 2
+fi
+
+# Block writing directly to raw disk devices
+# This would corrupt the filesystem/OS partition table
+if printf '%s' "$COMMAND" | grep -qE '>[[:space:]]*/dev/(sd[a-z]|hd[a-z]|nvme[0-9]|disk[0-9])[[:space:]]*$'; then
+  printf 'BLOCKED: Writing directly to a block device would corrupt the filesystem. Command: %s\n' "$COMMAND" >&2
+  exit 2
+fi
+
+# Block fork bombs — the classic ":(){:|:&};:" pattern and common variants
+# These consume all system resources and require a hard reboot
+if printf '%s' "$COMMAND" | grep -qE ':\(\)\{[[:space:]]*:\|:'; then
+  printf 'BLOCKED: Fork bomb detected. This would consume all system resources. Command: %s\n' "$COMMAND" >&2
+  exit 2
+fi
+
+# Block dd reading from /dev/zero or /dev/random and writing to disk devices
+# dd if=/dev/zero of=/dev/sda would overwrite a disk with zeros, destroying all data
+if printf '%s' "$COMMAND" | grep -qE 'dd[[:space:]].*of=/dev/(sd[a-z]|hd[a-z]|nvme[0-9]|disk[0-9])'; then
+  printf 'BLOCKED: "dd" writing to a block device would destroy all data on that disk. Command: %s\n' "$COMMAND" >&2
+  exit 2
+fi
+
+# Allow everything else
+exit 0

package/registry/hooks/fixtures/cost-tracker/allow-bash-tool.json

@@ -0,0 +1,5 @@
+{
+  "description": "Tracks Bash tool usage (always exits 0, advisory hook)",
+  "input": { "session_id": "fixture-cost-test", "tool_name": "Bash" },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/cost-tracker/allow-no-session.json

@@ -0,0 +1,5 @@
+{
+  "description": "Handles missing session_id gracefully (exits 0)",
+  "input": { "tool_name": "Read" },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/error-advisor/allow-enoent.json

@@ -0,0 +1,5 @@
+{
+  "description": "Provides ENOENT advice to stderr (always exits 0, advisory hook)",
+  "input": { "tool_name": "Bash", "tool_response": "ENOENT: no such file or directory" },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/error-advisor/allow-no-error.json

@@ -0,0 +1,5 @@
+{
+  "description": "Silent when no error detected (exits 0 with no output)",
+  "input": { "tool_name": "Bash", "tool_response": "Success" },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/exit-code-enforcer/allow-npm-test.json

@@ -0,0 +1,5 @@
+{
+  "description": "Allows safe npm test command",
+  "input": { "tool_input": { "command": "npm test" } },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/exit-code-enforcer/block-rm-rf.json

@@ -0,0 +1,5 @@
+{
+  "description": "Blocks destructive rm -rf /",
+  "input": { "tool_input": { "command": "rm -rf /" } },
+  "expectedExitCode": 2
+}

package/registry/hooks/fixtures/post-edit-lint/allow-ts-file.json

@@ -0,0 +1,5 @@
+{
+  "description": "Exits 0 for TypeScript file (linter runs externally, hook always succeeds)",
+  "input": { "tool_input": { "file_path": "src/app.ts" } },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/post-edit-lint/allow-unknown-ext.json

@@ -0,0 +1,5 @@
+{
+  "description": "Exits 0 for unknown file extension (no linter configured)",
+  "input": { "tool_input": { "file_path": "file.xyz" } },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/sensitive-path-guard/allow-src.json

@@ -0,0 +1,5 @@
+{
+  "description": "Allows writes to source files",
+  "input": { "tool_input": { "file_path": "src/app.ts" } },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/sensitive-path-guard/block-env.json

@@ -0,0 +1,5 @@
+{
+  "description": "Blocks writes to .env files",
+  "input": { "tool_input": { "file_path": ".env" } },
+  "expectedExitCode": 2
+}

package/registry/hooks/fixtures/ts-check/allow-non-ts.json

@@ -0,0 +1,5 @@
+{
+  "description": "Exits 0 for non-TypeScript file (hook skips non-TS files)",
+  "input": { "tool_input": { "file_path": "app.py" } },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/ts-check/allow-ts-file.json

@@ -0,0 +1,5 @@
+{
+  "description": "Exits 0 for TypeScript file (tsc runs externally, hook always succeeds)",
+  "input": { "tool_input": { "file_path": "src/app.ts" } },
+  "expectedExitCode": 0
+}

package/registry/hooks/fixtures/web-budget-gate/allow-within-budget.json

@@ -0,0 +1,6 @@
+{
+  "description": "Allows call when within budget (fresh session, limit=10)",
+  "input": { "session_id": "fixture-allow-test" },
+  "expectedExitCode": 0,
+  "env": { "CLAUDE_HOOKS_WEB_LIMIT": "10" }
+}

package/registry/hooks/fixtures/web-budget-gate/block-over-budget.json

@@ -0,0 +1,6 @@
+{
+  "description": "Blocks when budget limit is 0 (any call immediately exhausts budget)",
+  "input": { "session_id": "fixture-block-budget-test" },
+  "expectedExitCode": 2,
+  "env": { "CLAUDE_HOOKS_WEB_LIMIT": "0" }
+}

package/registry/hooks/post-edit-lint.sh

@@ -0,0 +1,82 @@
+#!/bin/bash
+# post-edit-lint.sh
+# PostToolUse hook for Write|Edit events
+#
+# Runs the appropriate linter on the file that Claude just edited,
+# providing immediate feedback on code quality issues.
+#
+# Linter routing by file extension:
+#   .ts/.tsx   -> ESLint (eslint) or Biome (biome check)
+#   .py        -> Ruff (ruff check)
+#   .sh/.bash  -> ShellCheck (shellcheck)
+#
+# If the linter for a file type is not installed, we skip silently.
+# This hook is purely informational — it always exits 0 to avoid blocking.
+#
+# Claude Code passes JSON via stdin. We extract tool_input.file_path.
+#
+# Exit 0 = always allow (informational PostToolUse hook)
+
+# Read all stdin into a variable
+INPUT=$(cat)
+
+# Extract file_path from tool_input using grep/sed
+FILE_PATH=$(printf '%s' "$INPUT" | grep -o '"file_path"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/"file_path"[[:space:]]*:[[:space:]]*"\(.*\)"/\1/')
+
+# If no file_path found, try path field (some tools use different field names)
+if [ -z "$FILE_PATH" ]; then
+  FILE_PATH=$(printf '%s' "$INPUT" | grep -o '"path"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/"path"[[:space:]]*:[[:space:]]*"\(.*\)"/\1/')
+fi
+
+# If no file path found, nothing to lint
+if [ -z "$FILE_PATH" ]; then
+  exit 0
+fi
+
+# Check the file still exists (it might be a delete operation)
+if [ ! -f "$FILE_PATH" ]; then
+  exit 0
+fi
+
+# Get the file extension (lowercase for case-insensitive matching)
+EXTENSION=$(printf '%s' "$FILE_PATH" | sed 's/.*\.//' | tr '[:upper:]' '[:lower:]')
+
+case "$EXTENSION" in
+  ts|tsx|js|jsx|mjs|cjs)
+    # TypeScript/JavaScript: try ESLint first, then Biome
+    if command -v eslint > /dev/null 2>&1; then
+      printf '[post-edit-lint] Running ESLint on %s\n' "$FILE_PATH" >&2
+      eslint --no-eslintrc --rule "{}" "$FILE_PATH" 2>&1 >&2 || true
+    elif command -v biome > /dev/null 2>&1; then
+      printf '[post-edit-lint] Running Biome check on %s\n' "$FILE_PATH" >&2
+      biome check "$FILE_PATH" 2>&1 >&2 || true
+    else
+      # No linter found — skip silently (don't block for missing tools)
+      :
+    fi
+    ;;
+
+  py)
+    # Python: use Ruff (fast, modern Python linter)
+    if command -v ruff > /dev/null 2>&1; then
+      printf '[post-edit-lint] Running Ruff on %s\n' "$FILE_PATH" >&2
+      ruff check "$FILE_PATH" 2>&1 >&2 || true
+    fi
+    ;;
+
+  sh|bash)
+    # Shell scripts: use ShellCheck for static analysis
+    if command -v shellcheck > /dev/null 2>&1; then
+      printf '[post-edit-lint] Running ShellCheck on %s\n' "$FILE_PATH" >&2
+      shellcheck "$FILE_PATH" 2>&1 >&2 || true
+    fi
+    ;;
+
+  *)
+    # Unknown file type — no linter available, skip silently
+    :
+    ;;
+esac
+
+# Always exit 0 — this hook informs, it does not block
+exit 0

package/registry/hooks/sensitive-path-guard.sh

@@ -0,0 +1,103 @@
+#!/bin/bash
+# sensitive-path-guard.sh
+# PreToolUse hook for Edit|Write events
+#
+# Blocks writes to sensitive files: .env, credentials, keys, secrets, PEM certs,
+# SSH private keys, and the claude-code-hookkit settings file itself.
+#
+# Claude Code passes JSON via stdin. We extract tool_input.file_path
+# and check it against blocked patterns using grep (POSIX, no jq needed).
+#
+# Exit 2 = block (Claude Code spec), Exit 0 = allow
+
+# Read all stdin into a variable (handles multi-line JSON)
+INPUT=$(cat)
+
+# Extract file_path from tool_input using grep/sed
+# Claude Code sends: {"tool_input": {"file_path": "/path/to/file", ...}}
+FILE_PATH=$(printf '%s' "$INPUT" | grep -o '"file_path"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/"file_path"[[:space:]]*:[[:space:]]*"\(.*\)"/\1/')
+
+# If no file_path found (e.g. Write tool may use different field), try path field
+if [ -z "$FILE_PATH" ]; then
+  FILE_PATH=$(printf '%s' "$INPUT" | grep -o '"path"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/"path"[[:space:]]*:[[:space:]]*"\(.*\)"/\1/')
+fi
+
+# If still no path found, allow (can't determine what's being written)
+if [ -z "$FILE_PATH" ]; then
+  exit 0
+fi
+
+# Extract just the filename (basename) for pattern matching
+BASENAME=$(basename "$FILE_PATH")
+
+# --- Blocked patterns ---
+# Each pattern is explained inline.
+
+# Block .env files (exact match and prefixed variants like .env.local, .env.production)
+# These contain API keys, database URLs, and other secrets.
+case "$BASENAME" in
+  .env|.env.*|env)
+    printf 'BLOCKED: Writing to env file "%s" is not allowed. Move secrets to a vault or use environment variables.\n' "$FILE_PATH" >&2
+    exit 2
+    ;;
+esac
+
+# Block files with "credentials" in the name — cloud provider credential files
+# e.g. ~/.aws/credentials, gcloud credentials.json
+if printf '%s' "$BASENAME" | grep -qi "credential"; then
+  printf 'BLOCKED: Writing to credentials file "%s" is not allowed.\n' "$FILE_PATH" >&2
+  exit 2
+fi
+
+# Block files with "secret" in the name — generic secret storage
+if printf '%s' "$BASENAME" | grep -qi "secret"; then
+  printf 'BLOCKED: Writing to secrets file "%s" is not allowed.\n' "$FILE_PATH" >&2
+  exit 2
+fi
+
+# Block private key files (.key, .pem, .p12, .pfx)
+# These are TLS/SSL private keys and certificate bundles
+case "$BASENAME" in
+  *.key|*.pem|*.p12|*.pfx)
+    printf 'BLOCKED: Writing to private key/certificate file "%s" is not allowed.\n' "$FILE_PATH" >&2
+    exit 2
+    ;;
+esac
+
+# Block SSH private keys by conventional name
+# OpenSSH default key names
+case "$BASENAME" in
+  id_rsa|id_ed25519|id_ecdsa|id_dsa)
+    printf 'BLOCKED: Writing to SSH private key file "%s" is not allowed.\n' "$FILE_PATH" >&2
+    exit 2
+    ;;
+esac
+
+# Block the claude-code-hookkit settings file itself to prevent hooks from modifying
+# their own configuration (self-modification guard)
+case "$BASENAME" in
+  settings.json)
+    # Only block if it's inside a .claude directory
+    if printf '%s' "$FILE_PATH" | grep -q '\.claude'; then
+      printf 'BLOCKED: Writing to Claude settings file "%s" is not allowed from within a hook.\n' "$FILE_PATH" >&2
+      exit 2
+    fi
+    ;;
+esac
+
+# Block .htpasswd files — Apache password files
+case "$BASENAME" in
+  .htpasswd)
+    printf 'BLOCKED: Writing to password file "%s" is not allowed.\n' "$FILE_PATH" >&2
+    exit 2
+    ;;
+esac
+
+# Block keychain/keystore files
+if printf '%s' "$BASENAME" | grep -qi "keystore\|keychain"; then
+  printf 'BLOCKED: Writing to keystore/keychain file "%s" is not allowed.\n' "$FILE_PATH" >&2
+  exit 2
+fi
+
+# Allow everything else
+exit 0

package/registry/hooks/ts-check.sh

@@ -0,0 +1,98 @@
+#!/bin/bash
+# ts-check.sh
+# PostToolUse hook for Write|Edit events
+#
+# Runs TypeScript type checking (tsc --noEmit) after Claude edits a .ts or .tsx file.
+# This gives Claude immediate feedback on type errors so it can self-correct.
+#
+# Only runs for .ts and .tsx files. Skips silently for all other file types.
+# If tsc is not available (no TypeScript project), exits 0 silently.
+#
+# Output goes to stderr so Claude can see type errors in the hook output.
+#
+# Claude Code passes JSON via stdin. We extract tool_input.file_path.
+#
+# Exit 0 = always allow (informational PostToolUse hook)
+
+# Read all stdin into a variable
+INPUT=$(cat)
+
+# Extract file_path from tool_input using grep/sed
+FILE_PATH=$(printf '%s' "$INPUT" | grep -o '"file_path"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/"file_path"[[:space:]]*:[[:space:]]*"\(.*\)"/\1/')
+
+# If no file_path found, try path field
+if [ -z "$FILE_PATH" ]; then
+  FILE_PATH=$(printf '%s' "$INPUT" | grep -o '"path"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/"path"[[:space:]]*:[[:space:]]*"\(.*\)"/\1/')
+fi
+
+# If no file path found, nothing to check
+if [ -z "$FILE_PATH" ]; then
+  exit 0
+fi
+
+# Get the file extension (lowercase)
+EXTENSION=$(printf '%s' "$FILE_PATH" | sed 's/.*\.//' | tr '[:upper:]' '[:lower:]')
+
+# Only run on TypeScript files
+case "$EXTENSION" in
+  ts|tsx)
+    # TypeScript file — proceed with type check
+    ;;
+  *)
+    # Not a TypeScript file — skip silently
+    exit 0
+    ;;
+esac
+
+# Check if npx is available (needed to run tsc from node_modules)
+if ! command -v npx > /dev/null 2>&1; then
+  exit 0
+fi
+
+# Find the tsconfig.json by walking up from the file's directory
+# This handles monorepos and nested TypeScript projects
+FILE_DIR=$(dirname "$FILE_PATH")
+TSCONFIG=""
+SEARCH_DIR="$FILE_DIR"
+
+# Walk up directory tree looking for tsconfig.json (max 10 levels to avoid infinite loop)
+i=0
+while [ $i -lt 10 ]; do
+  if [ -f "$SEARCH_DIR/tsconfig.json" ]; then
+    TSCONFIG="$SEARCH_DIR/tsconfig.json"
+    break
+  fi
+  PARENT=$(dirname "$SEARCH_DIR")
+  # Stop if we've reached the filesystem root
+  if [ "$PARENT" = "$SEARCH_DIR" ]; then
+    break
+  fi
+  SEARCH_DIR="$PARENT"
+  i=$((i + 1))
+done
+
+# If no tsconfig.json found, this isn't a TypeScript project — skip
+if [ -z "$TSCONFIG" ]; then
+  exit 0
+fi
+
+# Get the project root (directory containing tsconfig.json)
+PROJECT_ROOT=$(dirname "$TSCONFIG")
+
+printf '[ts-check] Running tsc --noEmit in %s\n' "$PROJECT_ROOT" >&2
+
+# Run tsc --noEmit from the project root directory
+# --pretty enables colored output for readability
+# Capture output and send to stderr for Claude to see
+TSC_OUTPUT=$(cd "$PROJECT_ROOT" && npx tsc --noEmit --pretty 2>&1)
+TSC_EXIT=$?
+
+if [ $TSC_EXIT -ne 0 ]; then
+  printf '[ts-check] TypeScript errors found:\n' >&2
+  printf '%s\n' "$TSC_OUTPUT" >&2
+else
+  printf '[ts-check] No TypeScript errors.\n' >&2
+fi
+
+# Always exit 0 — this hook informs, it does not block
+exit 0

package/registry/hooks/web-budget-gate.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+# web-budget-gate.sh
+# PreToolUse hook for WebSearch|WebFetch events
+#
+# Enforces a per-session cap on web search and fetch calls to control LLM costs.
+# Each call increments a counter stored in /tmp. When the counter exceeds the limit,
+# further web calls are blocked until the session ends.
+#
+# Configuration:
+#   CLAUDE_HOOKS_WEB_LIMIT — max web calls per session (default: 10)
+#
+# Counter file: /tmp/claude-code-hookkit-web-count-<session_id>
+#
+# Claude Code passes JSON via stdin. We extract session_id for tracking.
+#
+# Exit codes:
+#   0  - allow (budget not exceeded)
+#   2  - block (budget exceeded, shows reason to Claude)
+
+INPUT=$(cat)
+
+# Extract session_id from JSON using grep/sed (no jq or python3 required)
+SESSION_ID=$(printf '%s' "$INPUT" | grep -o '"session_id"[[:space:]]*:[[:space:]]*"[^"]*"' | head -1 | sed 's/"session_id"[[:space:]]*:[[:space:]]*"\(.*\)"/\1/')
+
+# If no session_id, use a fallback key (shouldn't happen in practice)
+if [ -z "$SESSION_ID" ]; then
+  SESSION_ID="default"
+fi
+
+# Get the web call limit — default 10, overridable via env var
+WEB_LIMIT="${CLAUDE_HOOKS_WEB_LIMIT:-10}"
+
+# Counter file path — unique per session
+COUNTER_FILE="/tmp/claude-code-hookkit-web-count-${SESSION_ID}"
+
+# Read current count from file (default 0 if file doesn't exist)
+if [ -f "$COUNTER_FILE" ]; then
+  CURRENT_COUNT=$(cat "$COUNTER_FILE" 2>/dev/null)
+  # Sanitize: ensure it's a non-negative integer
+  CURRENT_COUNT=$(printf '%s' "$CURRENT_COUNT" | grep -o '^[0-9]*$')
+  if [ -z "$CURRENT_COUNT" ]; then
+    CURRENT_COUNT=0
+  fi
+else
+  CURRENT_COUNT=0
+fi
+
+# Check if the budget is already exhausted BEFORE incrementing
+# This prevents off-by-one: the Nth call should be the last allowed, (N+1)th is blocked
+if [ "$CURRENT_COUNT" -ge "$WEB_LIMIT" ]; then
+  printf 'Web budget exceeded: %d/%d calls used this session. Set CLAUDE_HOOKS_WEB_LIMIT to increase the limit.\n' "$CURRENT_COUNT" "$WEB_LIMIT" >&2
+  exit 2
+fi
+
+# Increment the counter and write back to the file
+NEW_COUNT=$((CURRENT_COUNT + 1))
+printf '%d' "$NEW_COUNT" > "$COUNTER_FILE"
+
+# Allow the web call
+exit 0

package/registry/registry.json

@@ -0,0 +1,81 @@
+{
+  "hooks": {
+    "sensitive-path-guard": {
+      "name": "sensitive-path-guard",
+      "description": "Blocks writes to sensitive paths (.env, credentials, keys, etc.)",
+      "event": "PreToolUse",
+      "matcher": "Edit|Write",
+      "pack": "security-pack",
+      "scriptFile": "sensitive-path-guard.sh"
+    },
+    "exit-code-enforcer": {
+      "name": "exit-code-enforcer",
+      "description": "Ensures hook scripts use exit code 2 to block (not exit 1)",
+      "event": "PreToolUse",
+      "matcher": "Bash",
+      "pack": "security-pack",
+      "scriptFile": "exit-code-enforcer.sh"
+    },
+    "post-edit-lint": {
+      "name": "post-edit-lint",
+      "description": "Runs linter on files after Claude edits them",
+      "event": "PostToolUse",
+      "matcher": "Write|Edit",
+      "pack": "quality-pack",
+      "scriptFile": "post-edit-lint.sh"
+    },
+    "ts-check": {
+      "name": "ts-check",
+      "description": "Runs TypeScript type checking after code changes",
+      "event": "PostToolUse",
+      "matcher": "Write|Edit",
+      "pack": "quality-pack",
+      "scriptFile": "ts-check.sh"
+    },
+    "web-budget-gate": {
+      "name": "web-budget-gate",
+      "description": "Limits web search/fetch calls per session to control costs",
+      "event": "PreToolUse",
+      "matcher": "WebSearch|WebFetch",
+      "pack": "cost-pack",
+      "scriptFile": "web-budget-gate.sh"
+    },
+    "cost-tracker": {
+      "name": "cost-tracker",
+      "description": "Tracks tool usage costs per session",
+      "event": "PostToolUse",
+      "pack": "cost-pack",
+      "scriptFile": "cost-tracker.sh"
+    },
+    "error-advisor": {
+      "name": "error-advisor",
+      "description": "Provides contextual fix suggestions when commands fail",
+      "event": "PostToolUse",
+      "matcher": "Bash",
+      "pack": "error-pack",
+      "scriptFile": "error-advisor.sh"
+    }
+  },
+  "packs": {
+    "security-pack": {
+      "name": "security-pack",
+      "description": "Essential security hooks for Claude Code",
+      "hooks": ["sensitive-path-guard", "exit-code-enforcer"]
+    },
+    "quality-pack": {
+      "name": "quality-pack",
+      "description": "Code quality hooks (linting, type checking)",
+      "hooks": ["post-edit-lint", "ts-check"]
+    },
+    "cost-pack": {
+      "name": "cost-pack",
+      "description": "Cost control and usage tracking hooks",
+      "hooks": ["web-budget-gate", "cost-tracker"]
+    },
+    "error-pack": {
+      "name": "error-pack",
+      "description": "Error recovery and fix suggestion hooks",
+      "hooks": ["error-advisor"]
+    }
+  }
+}