agent-builder/scripts/templates/pre-tool-use.sh

#!/bin/bash
# PreToolUse hook: Block dangerous shell commands before execution.
#
# How it works:
# - Claude Code calls this script BEFORE executing any Bash command
# - If the script exits with code 2, the command is BLOCKED
# - Exit 0 allows the command to proceed
#
# Customize: Add or remove patterns in the blocked_patterns array.
# All patterns are matched case-insensitively against the full command.

input=$(cat)
tool_name=$(echo "$input" | python3 -c "import sys,json; print(json.load(sys.stdin).get('tool_name',''))" 2>/dev/null)
command=$(echo "$input" | python3 -c "import sys,json; print(json.load(sys.stdin).get('tool_input',{}).get('command',''))" 2>/dev/null)

# Only check Bash commands
if [ "$tool_name" != "Bash" ]; then
  exit 0
fi

# Blocked patterns -- customize this list for your use case
blocked_patterns=(
  "rm -rf /"
  "rm -rf ~"
  "rm -rf \$HOME"
  "mkfs"
  "dd if="
  ":(){:|:&};:"
  "chmod -R 777 /"
  "curl.*|.*bash"
  "wget.*|.*bash"
  "curl.*|.*sh"
  "wget.*|.*sh"
  "> /dev/sda"
  "sudo rm"
  "shutdown"
  "reboot"
  "init 0"
  "init 6"
)

for pattern in "${blocked_patterns[@]}"; do
  if echo "$command" | grep -qi "$pattern"; then
    echo '{"decision": "block", "reason": "Blocked by security hook: command matches dangerous pattern '"'$pattern'"'"}'
    exit 2
  fi
done

# Allow everything else
exit 0