zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-03-30 13:43:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add block-no-verify hook for Claude Code and Cursor (#649)

Browse Source 
Adds npx block-no-verify@1.1.2 as a PreToolUse Bash hook in hooks/hooks.json
and a beforeShellExecution hook in .cursor/hooks.json to prevent AI agents
from bypassing git hooks via the hook-bypass flag.

This closes the last enforcement gap in the ECC security stack — the bypass
flag silently skips pre-commit, commit-msg, and pre-push hooks.

Closes #648

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Ofek Gabay
2026-03-20 15:50:31 +07:00
committed by GitHub
parent 8511d84042
commit c8f631b046
2 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.cursor/hooks.json
View File

@@ -15,6 +15,11 @@
} }
], ],
"beforeShellExecution": [ "beforeShellExecution": [
{
"command": "npx block-no-verify@1.1.2",
"event": "beforeShellExecution",
"description": "Block git hook-bypass flag to protect pre-commit, commit-msg, and pre-push hooks from being skipped"
},
{ {
"command": "node .cursor/hooks/before-shell-execution.js", "command": "node .cursor/hooks/before-shell-execution.js",
"event": "beforeShellExecution", "event": "beforeShellExecution",

10
hooks/hooks.json
View File

@@ -2,6 +2,16 @@
"$schema": "https://json.schemastore.org/claude-code-settings.json", "$schema": "https://json.schemastore.org/claude-code-settings.json",
"hooks": { "hooks": {
"PreToolUse": [ "PreToolUse": [
{
"matcher": "Bash",
"hooks": [
{
"type": "command",
"command": "npx block-no-verify@1.1.2"
}
],
"description": "Block git hook-bypass flag to protect pre-commit, commit-msg, and pre-push hooks from being skipped"
},
{ {
"matcher": "Bash", "matcher": "Bash",
"hooks": [ "hooks": [