Hooks & settings.json Recipes

🟡Intermediate

✅

Last verified: 2026-06-20.

Settings/hook keys evolve — confirm the current schema in the official Claude Code settings & hooks docs.

Confirm against the official source.

Drop-in recipes for settings.json, permissions, and hooks. Adapt commands to your stack.

Starter project settings.json

.claude/settings.json (committed, team-wide):

{
  "permissions": {
    "allow": [
      "Read",
      "Bash(npm run test:*)",
      "Bash(npm run lint)",
      "Bash(git status)",
      "Bash(git diff:*)"
    ],
    "ask": ["Bash(npm install:*)", "Write"],
    "deny": ["Read(./.env)", "Read(./**/*.pem)", "Bash(git push --force:*)"]
  }
}

Put personal/machine-specific overrides in .claude/settings.local.json (git-ignored).

Auto-format after edits

{
  "hooks": {
    "PostToolUse": [
      {
        "matcher": "Edit|Write",
        "hooks": [
          { "type": "command", "command": "npx prettier --write \"$CLAUDE_FILE_PATH\" 2>/dev/null || true" }
        ]
      }
    ]
  }
}

Quality gate before finishing

Block "done" until tests pass (conceptual — wire to a Stop/pre-finish event per the docs):

{
  "hooks": {
    "Stop": [
      { "hooks": [ { "type": "command", "command": "npm test --silent" } ] }
    ]
  }
}

Safety guard (block editing protected paths)

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Edit|Write",
        "hooks": [
          { "type": "command", "command": "case \"$CLAUDE_FILE_PATH\" in *secrets*|*.env|*/vendor/*) echo 'blocked: protected path'; exit 1;; esac" }
        ]
      }
    ]
  }
}

:::tip Keep hooks fast and idempotent They run constantly. Make them quick, safe to re-run, and loud only on real problems. :::

Next

• Permissions & Permission Modes
• Hooks: Deterministic Automation
• Slash Command Library