[FEATURE] Make `disableAllHooks` allow hooks in managed-settings.json

Resolved 💬 3 comments Opened Oct 29, 2025 by bluelight773 Closed Dec 18, 2025

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

For an enterprise setting, an enterprise may want to provide its own hooks while preventing any other hooks that may be specified elsewhere (e.g., in ~/.claude/settings.json) for security reasons. [1]

Right now, managed-settings.json can include "disableAllHooks": true, but this disables all hooks including ones set in managed-settings.json.

Proposed Solution

I think there should be a way to support scenario [1] easily. Possible implementations include:

  • Making "disableAllHooks": true not apply to hooks in managed-settings.json
  • Having a separate toggle like disableNonEnterpriseHooks

Alternative Solutions

I haven't tried any of these, but perhaps one could implement something like this though these are pretty inconvenient:

  • Delete any hooks that may appear in other settings.json files whenever claude is about to be launched
  • Prevent or make more difficult write access to any possible settings.json
  • Have a hook that blocks progress if it identifies other hooks are present by checking other settings.json files

Priority

Low - Nice to have

Feature Category

Configuration and settings

Use Case Example

_No response_

Additional Context

_No response_

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗