#####   ######  #####    ###    #   #  ###  #   #  ######
##  ##  ##      ##  ##  ## ##   #   #   #   #   #  ##
#####   ####    #####   #   #   #   #   #   #   #  ####
##  #   ##      ##      ## ##    # #    #    # #   ##
##   #  ######  ##       ###      #    ###    #    ######

$ curl repovive.com/roadmaps/claude-code/claude-md-skills-hooks-mcp/pretooluse-hooks-block-before-acting

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░████████████████████████████████████████████████████████████████████████████████████████████████████████

#####   ######  #####    ###    #   #  ###  #   #  ######
##  ##  ##      ##  ##  ## ##   #   #   #   #   #  ##
#####   ####    #####   #   #   #   #   #   #   #  ####
##  #   ##      ##      ## ##    # #    #    # #   ##
##   #  ######  ##       ###      #    ###    #    ######

$ curl repovive.com/roadmaps/claude-code/claude-md-skills-hooks-mcp/pretooluse-hooks-block-before-acting

Repovive

PreToolUse Hooks: Block Before Acting - CLAUDE.md, Skills, Hooks & MCP | Claude Code | Repovive

Repovive.

Claude Code7 sections · 136 units8h total

Open in Course

PreToolUse Hooks: Block Before Acting

Exit code 2 stops the action

A PreToolUse hook runs before a tool executes. Exit with code $2$ to block the action entirely, and Claude receives your stderr as feedback explaining why.

Here's a hook that blocks any edit to .env files:

#!/bin/bash
INPUT=$(cat)
FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty')
if [[ "$FILE" == *".env"* ]]; then
  echo "Blocked: never edit .env files" >&2
  exit 2
fi

The hook receives JSON on stdin with session_id, cwd, tool_name, and tool_input. Use jq to extract what you need. Exit $0$ to proceed. The matcher field in your config filters which tools trigger the hook. I'll show you how to combine hooks with deny rules to build defense in depth.