Skip to content

RichAyotte/rich-blocks-claude

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
install.sh
install.sh
 
 
settings.sample.json
settings.sample.json
 
 

Repository files navigation

rich-blocks-claude

MIT License

Safety and productivity hooks for Claude Code.

What it does

A hook system that intercepts Claude Code's PreToolUse, PostToolUse, and Notification events to enforce safe coding practices, block dangerous operations, and provide desktop integration. Written in Rust for minimal latency on every tool call.

Features

  • Dangerous command blocking — prevents sudo, destructive rm, chmod 777, dd to block devices, mkfs/wipefs, fork bombs, and more
  • Tool enforcement — blocks grep/find/cat and suggests rg/fd/dedicated tools; blocks hardcoded /tmp paths (use mktemp); blocks useless cat patterns
  • Sensitive file protection — guards SSH keys, cloud credentials, .env files, GPG keyrings, shell history, password databases, and more across Read/Write/Edit/Grep/Bash tools
  • Python prevention — blocks .py file creation and inline python usage
  • Desktop notifications — Hyprland-aware notifications via notify-send when Claude finishes work in an unfocused window
  • Shell syntax checking — validates commands with bash -n, shellcheck, and shfmt before execution
  • File operation sandboxing — restricts rm/mv/cp to project directories, ~/.claude/, and /tmp/
  • Cargo auto-approval — allows cargo commands to proceed without prompting

Requirements

Optional (Hyprland-only):

  • hyprctl and notify-send — desktop notifications when Claude finishes work in an unfocused window. Requires Hyprland for window-focus detection.

Installation

Install script (recommended) — auto-detects architecture and installs to ~/.local/bin:

curl -fsSL https://raw.githubusercontent.com/RichAyotte/rich-blocks-claude/main/install.sh | sh

Set INSTALL_DIR to change the install location:

curl -fsSL https://raw.githubusercontent.com/RichAyotte/rich-blocks-claude/main/install.sh | INSTALL_DIR=/usr/local/bin sh

Build from source:

cargo install --git https://github.com/RichAyotte/rich-blocks-claude

Then register the plugin manually:

claude plugin marketplace add RichAyotte/claude-plugins
claude plugin install rich-blocks-claude@rich-plugins --scope user

The install script handles this automatically; these commands are only needed for build-from-source installs.

Settings file

Behavior can be customized via ~/.config/rich-blocks-claude/settings.json (or $XDG_CONFIG_HOME/rich-blocks-claude/settings.json). All fields are optional — missing fields use defaults, and a missing or malformed file uses all defaults.

{
  "notify_cmd": "notify-send",
  "file_ops_allowed": ["$HOME/.claude/", "/tmp/", "./src/", "./tests/", "./target/", "./docs/"],
  "shellcheck_exclude": "SC1091,SC2086,SC2046,SC2035",
  "auto_approve_prefixes": ["cargo clippy", "cargo check", "cargo fmt", "cargo test", "cargo build", "cargo run", "cargo doc", "cargo clean", "cargo update", "cargo tree", "cargo metadata"]
}
Field Default Description
notify_cmd "notify-send" Command used for desktop notifications. Set to "" to disable.
file_ops_allowed (see above) Paths where rm/mv/cp are permitted. $HOME is expanded.
shellcheck_exclude "SC1091,SC2086,SC2046,SC2035" Comma-separated shellcheck error codes to suppress.
auto_approve_prefixes (see above) Commands matching these prefixes skip the permission prompt.

About

Claude Code hooks in Rust — safety guardrails, smart notifications, and workflow enforcement

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

v0.3.0 Latest
Mar 6, 2026
+ 1 release

Packages

 
 
 

Contributors

Languages