hooksSource-backedReview first Safety ✓ Privacy ✓

Hardcoded Secret Pre-Write Guard Hook

PreToolUse Write and Edit guardrail combining the hooks guide protected-file pattern with a local scan for common hardcoded credential shapes called out by GitHub secret scanning guidance before content is written.

by kiannidev·added 2026-06-16·

Claude Code

HarnessClaude Code

Trigger:PreToolUse

Install

Source

mkdir -p .claude/hooks && touch .claude/hooks/hardcoded-secret-guard.sh && chmod +x .claude/hooks/hardcoded-secret-guard.sh

Readiness

TrustReview first
Sourcesource-backed
Safety notesPresent
ReviewedYes

Documentation Source repository Registry JSON · LLM text

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

Heuristic regex guard only; pair with GitHub secret scanning or pre-commit secret scanners in CI.
Skips dedicated env template paths so teams can manage placeholders separately.

Privacy notes

Scans pending tool input locally in the hook process; nothing is uploaded.

Schema details

Install type: cli
Reading time: 3 min
Difficulty score: 42
Troubleshooting: Yes
Breaking changes: No

Source repository stats

Scope: Source repo

Runtime and command metadata

Trigger: PreToolUse
Script language: bash

Script body

#!/usr/bin/env bash
set -u
if ! command -v jq >/dev/null 2>&1; then exit 0; fi
input=$(cat)
tool_name=$(printf '%s' "$input" | jq -r '.tool_name // .toolName // empty')
case "$tool_name" in
  Write|Edit|MultiEdit|write|edit|multiedit) ;;
  *) exit 0 ;;
esac
file_path=$(printf '%s' "$input" | jq -r '.tool_input.file_path // .toolInput.file_path // .tool_input.path // .toolInput.path // empty')
content=$(printf '%s' "$input" | jq -r '[.tool_input.content,.toolInput.content,.tool_input.new_string,.toolInput.new_string] | map(select(. != null and . != "")) | .[0] // empty')
case "$file_path" in
  *.md|*.mdx|*.ts|*.tsx|*.js|*.jsx|*.py|*.go|*.yaml|*.yml|*.json|*.env*) ;;
  *) exit 0 ;;
esac
case "$file_path" in
  *.env|*.env.*|*/.env|*/.env/*) exit 0 ;;
esac
if printf '%s' "$content" | grep -Eiq 'AKIA[0-9A-Z]{{16}}|ghp_[A-Za-z0-9]{{20,}}|github_pat_[A-Za-z0-9_]{{40,}}'; then
  echo "Blocked: proposed edit matches common hardcoded credential shapes." >&2
  exit 2
fi
exit 0

Full copyable content

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Write|Edit|MultiEdit",
        "hooks": [
          {
            "type": "command",
            "command": "$CLAUDE_PROJECT_DIR/.claude/hooks/hardcoded-secret-guard.sh"
          }
        ]
      }
    ]
  }
}

About this resource

Scope

This is a community custom entry you add under .claude/commands/ or .claude/hooks/. It is not a built-in Claude Code feature named on code.claude.com.

This hook applies two documented foundations:

Hooks guide mechanics — a PreToolUse hook on Write|Edit|MultiEdit that exits 2 to block an edit and return stderr feedback to Claude.
GitHub secret scanning guidance — secret scanning exists to detect hardcoded credentials such as tokens committed into repository files.

Installation

Paste scriptBody into .claude/hooks/hardcoded-secret-guard.sh.
Run the installCommand chmod step.
Merge copySnippet into project Claude Code settings.

Source Verification Notes

Verified on 2026-06-16:

The hooks guide Block edits to protected files walkthrough blocks Write and Edit with exit 2 when a path matches protected patterns.
The same guide states exit 2 blocks the action and stderr becomes Claude feedback for PreToolUse hooks.
GitHub secret scanning documentation states it scans repositories for hardcoded credentials like API keys and passwords to prevent fraudulent use.
Claude Code security documentation recommends reviewing proposed code and commands for safety before approval.

Duplicate Check

Existing mcp-config-privacy-scanner-hook focuses on MCP config files. Existing prompt-injection scanners focus on instruction-override phrases. No hook in content/hooks/ combines Write/Edit exit-2 blocking with hardcoded credential shape guards aligned to secret scanning guidance.

Troubleshooting

False positive on docs: Use obvious placeholders without live token prefixes. Hook never fires: Confirm matcher includes Write|Edit|MultiEdit and jq is installed.

#hooks #secrets #privacy #security

Source citations

Add this badge to your README

Show that Hardcoded Secret Pre-Write Guard Hook is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/hooks/environment-variable-leak-warning-hook.svg)](https://heyclau.de/entry/hooks/environment-variable-leak-warning-hook)

How it compares

Hardcoded Secret Pre-Write Guard Hook side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	Hardcoded Secret Pre-Write Guard Hook PreToolUse Write and Edit guardrail combining the hooks guide protected-file pattern with a local scan for common hardcoded credential shapes called out by GitHub secret scanning guidance before content is written. Open dossier	Destructive SQL Bash Guardrail Hook PreToolUse Bash guardrail implementing the Claude Code hooks guide drop-table example: exit 2 with stderr feedback when Bash command text contains the documented destructive SQL substring. Open dossier	/frontend-visual-qa - Chrome Design Verification Runbook Community slash command runbook for frontend visual QA using documented Claude Code Chrome integration workflows: enable /chrome, open a local page, read console messages, and follow the design verification checklist from the Chrome integration guide. Open dossier	Claude Code Auto Mode Policy Review Capability Pack Skill Expert capability pack for reviewing Claude Code autoMode settings blocks, trusted infrastructure prose, classifier rule overrides, and documented claude auto-mode CLI inspection before enabling permission-free auto mode. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	hooks	hooks	commands	skills
Source	source-backed	source-backed	source-backed	source-backed
Author	kiannidev	kiannidev	kiannidev	kiannidev
Added	2026-06-16	2026-06-16	2026-06-16	2026-06-16
Platforms	Claude Code	Claude Code	Claude Code	Claude CodeCodexWindsurfGeminiCursorCLI
Source repo	—	—	—	—
Safety notes	✓Heuristic regex guard only; pair with GitHub secret scanning or pre-commit secret scanners in CI. Skips dedicated env template paths so teams can manage placeholders separately.	✓Implements only the hooks-guide drop-table guardrail; extend locally for additional patterns. Exit code 2 blocks the Bash tool call and returns stderr feedback to Claude.	✓Chrome integration runs in a visible browser with your logged-in session; avoid production admin flows. Handle login pages and CAPTCHAs manually when the integration pauses.	✓Omitting $defaults from autoMode arrays replaces entire built-in rule lists per docs. Developer-added allow entries can override organization soft_deny rules—use managed permissions.deny for non-negotiable blocks. Auto mode runs without routine permission prompts; permissions.deny still blocks before the classifier.
Privacy notes	✓Scans pending tool input locally in the hook process; nothing is uploaded.	✓Reads proposed Bash command text from stdin locally; no network access.	✓Console logs and screenshots may include staging data; redact before external sharing.	✓autoMode.environment prose may describe internal hostnames and bucket names—redact external copies. Recently denied actions in /permissions may expose attempted commands—handle logs internally. Managed settings distribution exposes organization infrastructure descriptions to enrolled clients.
Prerequisites	— none listed	— none listed	Claude Code 2.0.73+ and Claude in Chrome extension 1.0.36+ on Chrome or Edge. Local dev server reachable from the operator browser session.	Permission to edit user, local, or managed settings with autoMode blocks. Inventory of trusted source control orgs, buckets, and internal domains. Security stakeholder for managed permissions.deny hard blocks.
Install	`mkdir -p .claude/hooks && touch .claude/hooks/hardcoded-secret-guard.sh && chmod +x .claude/hooks/hardcoded-secret-guard.sh`	`mkdir -p .claude/hooks && touch .claude/hooks/block-drop-table.sh && chmod +x .claude/hooks/block-drop-table.sh`	`/frontend-visual-qa <route-or-host>`	—
Config	`{ "hooks": { "PreToolUse": [ { "matcher": "Write\|Edit\|MultiEdit", "hooks": [ { "type": "command", "command": "$CLAUDE_PROJECT_DIR/.claude/hooks/hardcoded-secret-guard.sh" } ] } ] } }`	`{ "hooks": { "PreToolUse": [ { "matcher": "Bash", "hooks": [ { "type": "command", "command": "$CLAUDE_PROJECT_DIR/.claude/hooks/block-drop-table.sh" } ] } ] } }`	—	—
Citations	Source repositorygithub.com 2026-06-16T23:14:28+00:00 Documentationcode.claude.com Submitted by kiannidev2026-06-16	Source repositorygithub.com 2026-06-16T23:14:28+00:00 Documentationcode.claude.com Submitted by kiannidev2026-06-16	Source repositorygithub.com 2026-06-16T23:14:28+00:00 Documentationcode.claude.com Submitted by kiannidev2026-06-16	Source repositorygithub.com 2026-06-16T23:14:28+00:00 Documentationcode.claude.com Package downloadgithub.com Submitted by kiannidev2026-06-16
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Featured in

Signals

Loading live community signals…