Claude Code Security Hooks

Pre-commit security hooks: secret detection, destructive command prevention

Install
cmdop skills install agensi-claude-code-security-hooks

Claude Code Security Hooks is a skill that adds programmatic pre-commit enforcement to AI coding agents. Rather than relying on prompted caution, it wires in automated checks that run locally before changes reach a remote repository.

Secret detection is handled via gitleaks scanning, which identifies API keys, tokens, and private keys in staged content. A separate credential safety layer monitors for authentication headers or OAuth tokens that might leak into console logs or stdout. For destructive Git operations such as reset —hard or push —force, the skill intercepts the command and requires explicit confirmation before proceeding, reducing the risk of overwriting a colleague’s work.

A fourth layer enforces a content quality gate across four rules covering pricing, metadata, and tone, intended for workflows that publish assets from the agent’s output.

All checks run locally, so there is no external service dependency for the core enforcement logic. The skill is published by agensi and is categorized as a skill rather than an MCP server, meaning it extends agent behavior directly rather than exposing tools over a transport protocol. It requires gitleaks to be available in the environment for secret scanning to function. Agents without access to a Git repository context will not benefit from the Git-specific guardrails.

Use cases

  • Prevent API keys and tokens from being committed by an AI coding agent
  • Block OAuth tokens or auth headers from appearing in agent-generated log output
  • Require confirmation before an agent executes git reset --hard or git push --force
  • Enforce metadata, pricing, and tone standards on assets an agent is about to publish
  • Add audit-ready, mandatory compliance checks to an automated development pipeline

When to use it

  • When an AI agent is writing and committing code and secret leakage is a concern
  • When agents are permitted to run destructive Git commands and a human confirmation step is needed
  • When published assets must meet strict metadata or tone standards enforced programmatically
  • When the development environment already has gitleaks installed or can install it

When not to use it

  • When there is no Git repository involved in the agent's workflow
  • When gitleaks cannot be installed in the target environment, as secret scanning will not function
  • When the agent operates in a read-only or non-commit context where pre-commit hooks never fire
  • When a server-side or CI-based secret scanning solution is preferred over a local pre-commit approach