How to install hookify-rules
npx skills add https://github.com/affaan-m/everything-claude-code --skill hookify-rulesFull instructions (SKILL.md)
Source of truth, from affaan-m/everything-claude-code.
name: hookify-rules description: This skill should be used when the user asks to create a hookify rule, write a hook rule, configure hookify, add a hookify rule, or needs guidance on hookify rule syntax and patterns.
Writing Hookify Rules
Overview
Hookify rules are markdown files with YAML frontmatter that define patterns to watch for and messages to show when those patterns match. Rules are stored in .claude/hookify.{rule-name}.local.md files.
Rule File Format
Basic Structure
---
name: rule-identifier
enabled: true
event: bash|file|stop|prompt|all
pattern: regex-pattern-here
---
Message to show Claude when this rule triggers.
Can include markdown formatting, warnings, suggestions, etc.
Frontmatter Fields
| Field | Required | Values | Description |
|---|---|---|---|
| name | Yes | kebab-case string | Unique identifier (verb-first: warn-, block-, require-*) |
| enabled | Yes | true/false | Toggle without deleting |
| event | Yes | bash/file/stop/prompt/all | Which hook event triggers this |
| action | No | warn/block | warn (default) shows message; block prevents operation |
| pattern | Yes* | regex string | Pattern to match (*or use conditions for complex rules) |
Advanced Format (Multiple Conditions)
---
name: warn-env-api-keys
enabled: true
event: file
conditions:
- field: file_path
operator: regex_match
pattern: \.env$
- field: new_text
operator: contains
pattern: API_KEY
---
You're adding an API key to a .env file. Ensure this file is in .gitignore!
Condition fields by event:
- bash:
command - file:
file_path,new_text,old_text,content - prompt:
user_prompt
Operators: regex_match, contains, equals, not_contains, starts_with, ends_with
All conditions must match for rule to trigger.
Event Type Guide
bash Events
Match Bash command patterns:
- Dangerous commands:
rm\s+-rf,dd\s+if=,mkfs - Privilege escalation:
sudo\s+,su\s+ - Permission issues:
chmod\s+777
file Events
Match Edit/Write/MultiEdit operations:
- Debug code:
console\.log\(,debugger - Security risks:
eval\(,innerHTML\s*= - Sensitive files:
\.env$,credentials,\.pem$
stop Events
Completion checks and reminders. Pattern .* matches always.
prompt Events
Match user prompt content for workflow enforcement.
Pattern Writing Tips
Regex Basics
- Escape special chars:
.to\.,(to\( \swhitespace,\ddigit,\wword char+one or more,*zero or more,?optional|OR operator
Common Pitfalls
- Too broad:
logmatches "login", "dialog" — useconsole\.log\( - Too specific:
rm -rf /tmp— userm\s+-rf - YAML escaping: Use unquoted patterns; quoted strings need
\\s
Testing
python3 -c "import re; print(re.search(r'your_pattern', 'test text'))"
File Organization
- Location:
.claude/directory in project root - Naming:
.claude/hookify.{descriptive-name}.local.md - Gitignore: Add
.claude/*.local.mdto.gitignore
Commands
/hookify [description]- Create new rules (auto-analyzes conversation if no args)/hookify-list- View all rules in table format/hookify-configure- Toggle rules on/off interactively/hookify-help- Full documentation
Quick Reference
Minimum viable rule:
---
name: my-rule
enabled: true
event: bash
pattern: dangerous_command
---
Warning message here
Related skills
More from affaan-m/everything-claude-code and the wider catalog.
security-review
Security checklist and patterns for authentication, input validation, secrets, and sensitive features.
golang-patterns
Idiomatic Go patterns, best practices, and conventions for building robust, efficient, and maintainable applications.
coding-standards
Baseline cross-project coding conventions for naming, readability, immutability, and code-quality review. Use detailed frontend or backend skills for framework-specific patterns.
frontend-patterns
Frontend development patterns for React, Next.js, state management, performance optimization, and UI best practices.
backend-patterns
Backend architecture patterns, API design, database optimization, and server-side best practices for Node.js, Express, and Next.js API routes.
golang-testing
Go testing patterns including table-driven tests, subtests, benchmarks, fuzzing, and test coverage. Follows TDD methodology with idiomatic Go practices.