hooksSource-backedReview first Safety ✓ Privacy ✓

Destructive SQL Bash Guardrail Hook

PreToolUse Bash guardrail implementing the Claude Code hooks guide drop-table example: exit 2 with stderr feedback when Bash command text contains the documented destructive SQL substring.

by kiannidev·added 2026-06-16·

Claude Code

HarnessClaude Code

Trigger:PreToolUse

Install

Source

mkdir -p .claude/hooks && touch .claude/hooks/block-drop-table.sh && chmod +x .claude/hooks/block-drop-table.sh

Readiness

TrustReview first
Sourcesource-backed
Safety notesPresent
ReviewedYes

Documentation Source repository Registry JSON · LLM text

Review first — review before installing

Open the source and read safety notes before installing.

Safety notes

Implements only the hooks-guide drop-table guardrail; extend locally for additional patterns.
Exit code 2 blocks the Bash tool call and returns stderr feedback to Claude.

Privacy notes

Reads proposed Bash command text from stdin locally; no network access.

Schema details

Install type: cli
Reading time: 3 min
Difficulty score: 36
Troubleshooting: Yes
Breaking changes: No

Source repository stats

Scope: Source repo

Runtime and command metadata

Trigger: PreToolUse
Script language: bash

Script body

#!/usr/bin/env bash
set -u
if ! command -v jq >/dev/null 2>&1; then exit 0; fi
input=$(cat)
tool_name=$(printf '%s' "$input" | jq -r '.tool_name // .toolName // empty')
case "$tool_name" in
  Bash|bash) ;;
  *) exit 0 ;;
esac
command_text=$(printf '%s' "$input" | jq -r '.tool_input.command // .toolInput.command // empty')
[ -z "$command_text" ] && exit 0
if printf '%s' "$command_text" | grep -Fq "drop table"; then
  echo "Blocked: dropping tables is not allowed" >&2
  exit 2
fi
exit 0

Full copyable content

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Bash",
        "hooks": [
          {
            "type": "command",
            "command": "$CLAUDE_PROJECT_DIR/.claude/hooks/block-drop-table.sh"
          }
        ]
      }
    ]
  }
}

About this resource

This hook applies the hooks guide drop-table guardrail example to Bash PreToolUse events so destructive SQL substrings are denied before execution.

Scope

This is a community custom hook for .claude/hooks/. It is not a built-in Claude Code hook shipped by Anthropic.

Installation

Paste scriptBody into .claude/hooks/block-drop-table.sh.
Run the installCommand chmod step.
Merge copySnippet into .claude/settings.json.

Expected behavior

When Bash command text contains the documented drop table substring, the hook writes feedback to stderr and exits 2 so Claude Code denies the tool call.

Source Verification Notes

Verified against the Claude Code hooks guide on 2026-06-16:

The guide's Hook output section shows a PreToolUse example that reads .tool_input.command, writes a block reason to stderr, and exits 2 to block the action when command text matches drop table.
The same section states exit 2 blocks the action and stderr becomes Claude feedback for PreToolUse hooks.
Bash hook input includes tool_input.command, which this script reads with jq.

Duplicate Check

No existing hook in content/hooks/ documents the hooks-guide drop-table Bash guardrail pattern.

Troubleshooting

Hook never fires: Confirm matcher is Bash, the script is executable, and jq is installed as recommended in the hooks guide.

#hooks #bash #guardrail #safety

Source citations

Add this badge to your README

Show that Destructive SQL Bash Guardrail Hook is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

[![Listed on HeyClaude](https://heyclau.de/badge/hooks/unsafe-shell-command-blocker-hook.svg)](https://heyclau.de/entry/hooks/unsafe-shell-command-blocker-hook)

How it compares

Destructive SQL Bash Guardrail Hook side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

Field	Destructive SQL Bash Guardrail Hook PreToolUse Bash guardrail implementing the Claude Code hooks guide drop-table example: exit 2 with stderr feedback when Bash command text contains the documented destructive SQL substring. Open dossier	Hardcoded Secret Pre-Write Guard Hook PreToolUse Write and Edit guardrail combining the hooks guide protected-file pattern with a local scan for common hardcoded credential shapes called out by GitHub secret scanning guidance before content is written. Open dossier	/frontend-visual-qa - Chrome Design Verification Runbook Community slash command runbook for frontend visual QA using documented Claude Code Chrome integration workflows: enable /chrome, open a local page, read console messages, and follow the design verification checklist from the Chrome integration guide. Open dossier	Claude Code Checkpoint Recovery Capability Pack Skill Expert Claude Code checkpoint recovery capability pack for auditing automatic edit tracking, choosing restore versus summarize actions in /rewind, and recovering from bad turns without losing git history. Open dossier
Trust
Install risk	Review first	Review first	Review first	Review first
Notes	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓	Safety ✓ Privacy ✓
Category	hooks	hooks	commands	skills
Source	source-backed	source-backed	source-backed	source-backed
Author	kiannidev	kiannidev	kiannidev	kiannidev
Added	2026-06-16	2026-06-16	2026-06-16	2026-06-13
Platforms	Claude Code	Claude Code	Claude Code	Claude CodeCodexWindsurfGeminiCursorCLI
Source repo	—	—	—	—
Safety notes	✓Implements only the hooks-guide drop-table guardrail; extend locally for additional patterns. Exit code 2 blocks the Bash tool call and returns stderr feedback to Claude.	✓Heuristic regex guard only; pair with GitHub secret scanning or pre-commit secret scanners in CI. Skips dedicated env template paths so teams can manage placeholders separately.	✓Chrome integration runs in a visible browser with your logged-in session; avoid production admin flows. Handle login pages and CAPTCHAs manually when the integration pauses.	✓This skill recommends checkpoint actions; it must not run `/rewind` restore or summarize without explicit user approval. Restore code and conversation reverts both files and chat history to a prior prompt; confirm the target checkpoint before acting. Restore code alone keeps conversation but reverts file edits; restore conversation alone keeps current files but rewinds chat. Summarize compresses conversation segments without changing files on disk; it is not a substitute for git revert when bash commands modified files. Checkpointing does not track files changed by bash commands such as `rm`, `mv`, or `cp`; use git or manual recovery for those paths.
Privacy notes	✓Reads proposed Bash command text from stdin locally; no network access.	✓Scans pending tool input locally in the hook process; nothing is uploaded.	✓Console logs and screenshots may include staging data; redact before external sharing.	✓The /rewind menu lists every user prompt in the session, which may expose internal task names, credentials pasted in prompts, or customer context. Restored prompts reappear in the input field and may contain sensitive instructions that should be redacted before sharing screens. Session transcripts persist with checkpoints for up to 30 days by default; treat resumed sessions as containing prior sensitive content. Public support notes should describe the recovery lane and checkpoint choice, not full prompt text or complete file diffs.
Prerequisites	— none listed	— none listed	Claude Code 2.0.73+ and Claude in Chrome extension 1.0.36+ on Chrome or Edge. Local dev server reachable from the operator browser session.	An active or resumable Claude Code session where checkpoint recovery is needed. Permission to run `/rewind` or use double-Esc when the prompt input is empty. Awareness of whether problematic changes came from Claude file tools, bash commands, or manual edits outside the session. Git or other version control available when permanent history or collaboration rollback is required.
Install	`mkdir -p .claude/hooks && touch .claude/hooks/block-drop-table.sh && chmod +x .claude/hooks/block-drop-table.sh`	`mkdir -p .claude/hooks && touch .claude/hooks/hardcoded-secret-guard.sh && chmod +x .claude/hooks/hardcoded-secret-guard.sh`	`/frontend-visual-qa <route-or-host>`	—
Config	`{ "hooks": { "PreToolUse": [ { "matcher": "Bash", "hooks": [ { "type": "command", "command": "$CLAUDE_PROJECT_DIR/.claude/hooks/block-drop-table.sh" } ] } ] } }`	`{ "hooks": { "PreToolUse": [ { "matcher": "Write\|Edit\|MultiEdit", "hooks": [ { "type": "command", "command": "$CLAUDE_PROJECT_DIR/.claude/hooks/hardcoded-secret-guard.sh" } ] } ] } }`	—	—
Citations	Source repositorygithub.com 2026-06-16T23:14:28+00:00 Documentationcode.claude.com Submitted by kiannidev2026-06-16	Source repositorygithub.com 2026-06-16T23:14:28+00:00 Documentationcode.claude.com Submitted by kiannidev2026-06-16	Source repositorygithub.com 2026-06-16T23:14:28+00:00 Documentationcode.claude.com Submitted by kiannidev2026-06-16	Source repositorygithub.com 2026-06-16T23:14:28+00:00 Documentationcode.claude.com Package downloadgithub.com Submitted by kiannidev2026-06-13
Claim	Unclaimed	Unclaimed	Unclaimed	Unclaimed

Signals

Loading live community signals…