Guide for creating hookify rules - markdown files with YAML frontmatter that define patterns to watch for and messages to show when matched.
Creates custom rules to warn or block specific CLI commands and code patterns during development.
/plugin marketplace add https://www.claudepluginhub.com/api/plugins/aventerica89-claude-codex/marketplace.json/plugin install aventerica89-claude-codex@cpd-aventerica89-claude-codexThis skill inherits all available tools. When active, it can use any tool Claude has access to.
---
name: rule-identifier
enabled: true
event: bash|file|stop|prompt|all
pattern: regex-pattern-here
action: warn|block
---
Message to show when this rule triggers.
| Field | Required | Values | Description |
|---|---|---|---|
name | Yes | kebab-case | Unique identifier |
enabled | Yes | true/false | Active or disabled |
event | Yes | bash, file, stop, prompt, all | Which hook event |
pattern | Simple | regex | Single-condition match |
action | No | warn (default), block | Allow or prevent |
conditions | Advanced | list | Multiple conditions |
bash - Bash tool commandsfile - Edit, Write, MultiEdit toolsstop - When agent wants to stopprompt - When user submits a promptall - All events---
name: warn-env-file-edits
enabled: true
event: file
conditions:
- field: file_path
operator: regex_match
pattern: \.env$
- field: new_text
operator: contains
pattern: API_KEY
---
You're adding an API key to a .env file. Ensure this is in .gitignore!
Condition fields:
commandfile_path, new_text, old_text, contentuser_promptOperators:
regex_match - Regex pattern matchingcontains - Substring checkequals - Exact matchnot_contains - Must NOT be presentstarts_with - Prefix checkends_with - Suffix checkAll conditions must match for rule to trigger.
Warning: **Console.log detected!**
**Why this matters:**
- Debug logs shouldn't ship to production
- Can expose sensitive data
**Alternatives:**
- Use a proper logging library
- Remove before committing
rm\s+-rf Dangerous delete
sudo\s+ Privilege escalation
chmod\s+777 Insecure permissions
dd\s+if= Disk operations
console\.log\( Debug logging
eval\( Code injection risk
innerHTML\s*= XSS risk
\.env$ Sensitive files
node_modules/ Dependencies
conditions:
- field: file_path
operator: regex_match
pattern: \.tsx?$
- field: new_text
operator: regex_match
pattern: console\.log\(
.claude/hookify.{name}.local.md.claude/*.local.mdBlock dangerous rm:
name: block-dangerous-rm
enabled: true
event: bash
pattern: rm\s+-rf
action: block
Warn console.log:
name: warn-console-log
enabled: true
event: file
pattern: console\.log\(
action: warn
Require tests before stop:
name: require-tests-run
enabled: false
event: stop
action: block
conditions:
- field: transcript
operator: not_contains
pattern: npm test|pytest|cargo test
python3 -c "import re; print(re.search(r'your_pattern', 'test text'))"
Activates when the user asks about AI prompts, needs prompt templates, wants to search for prompts, or mentions prompts.chat. Use for discovering, retrieving, and improving prompts.
Search, retrieve, and install Agent Skills from the prompts.chat registry using MCP tools. Use when the user asks to find skills, browse skill catalogs, install a skill for Claude, or extend Claude's capabilities with reusable AI agent components.
Creating algorithmic art using p5.js with seeded randomness and interactive parameter exploration. Use this when users request creating art using code, generative art, algorithmic art, flow fields, or particle systems. Create original algorithmic art rather than copying existing artists' work to avoid copyright violations.