In response to the great post by Nadav Lebovitch on forcing Claude Code to behave deterministically: https://lnkd.in/d_t8xd3W
Here’s what I actually put into my hooks.
The original LinkedIn post included this seven-page document. The text transcript is preserved below with the page images.
Page 1
Claude Needs Guardrails Prompts aren’t enforcement. Hope isn’t safety. If it can run — it will.
Page 2
My Enforcement Rules • Block destructive shell patterns • Block secret exposure • No Terraform apply without plan • No ‘done’ without tests
Page 3
Bash Guard Stop dangerous patterns at execution time. # Block rm -rf and curl|sh if echo “$CMD” | grep -Eqi ‘rm -rf|curl.*|.*sh’; then deny fi
Page 4
Terraform Guard Apply only from reviewed plans. # Require plan file before apply if terraform apply without plan; then deny fi
Page 5
Stop Hook Claude cannot finish unless: ✓ Tests ran ✓ Formatting applied ✓ Plan reviewed (if Terraform) { “hooks”: { “Stop”: [ { “hooks”: [ { “type”: “prompt”, “prompt”: “Verify tests ran. ” “Verify formatting applied. ” “If Terraform used, confirm plan review.” } ] } ] } }
Page 6
Why This Matters AI is part of the execution layer. It needs CI-level safety.
Page 7
Want the Full Setup? Comment ‘HOOKS’ and I’ll share the full guide. Let’s compare AI guardrail strategies.