[BUG] SessionStart hooks blocked by workspace trust despite accepting prompt and .claude.json config (v2.0.37)

Resolved 💬 4 comments Opened Nov 12, 2025 by chrismcowden Closed Nov 16, 2025

Bug Description

SessionStart hooks are blocked by workspace trust even after accepting workspace trust prompt and creating ~/.claude/.claude.json with trusted workspace configuration.

Environment

  • Claude Code Version: 2.0.37
  • OS: macOS (Darwin 23.5.0)
  • Working Directory: /Users/chriscowden (home directory)

Steps to Reproduce

  1. Configure SessionStart hooks in ~/.claude/settings.local.json:
{
  "hooks": {
    "SessionStart": [
      {
        "matcher": "*",
        "hooks": [
          {
            "type": "command",
            "command": "/Users/chriscowden/.claude/hooks/session_start_agent_routing.sh"
          }
        ]
      }
    ]
  }
}
  1. Accept workspace trust prompt when Claude Code starts: "Do you want to work in this folder? Yes, continue"
  1. Create ~/.claude/.claude.json with workspace trust configuration:
{
  "projects": {
    "/Users/chriscowden": {
      "allowedTools": []
    }
  }
}
  1. Restart Claude Code

Expected Behavior

SessionStart hooks should execute when session starts, injecting context via hookSpecificOutput.additionalContext.

Actual Behavior

Hooks are blocked at execution time. Debug log shows:

[DEBUG] Skipping SessionStart:startup hook execution - workspace trust not accepted

Evidence

  • Hooks are properly configured in settings.local.json ✅
  • Hook scripts exist and are executable ✅
  • Hook scripts produce valid JSON output when tested manually ✅
  • Workspace trust prompt was accepted ✅
  • .claude.json created with trusted workspace configuration ✅
  • But hooks still blocked by "workspace trust not accepted"

Manual Hook Test (Works)

echo '{"cwd": "/Users/chriscowden"}' | ~/.claude/hooks/session_start_agent_routing.sh | jq .
# Returns valid JSON with hookSpecificOutput.additionalContext

Debug Log Evidence

From ~/.claude/debug/latest:

[DEBUG] Getting matching hook commands for SessionStart with query: startup
[DEBUG] Found 2 hook matchers in settings
[DEBUG] Matched 3 unique hooks for query "startup"
[DEBUG] Skipping SessionStart:startup hook execution - workspace trust not accepted

Related Issues

This appears related to:

  • #9113 - Workspace Trust Dialog Not Respecting Pre-configured ~/.claude/.claude.json
  • #10409 - Using dangerously-skip-permissions breaks hooks

Impact

SessionStart hooks are effectively non-functional when workspace trust system blocks execution even after:

  1. User accepts trust prompt
  2. Workspace is pre-configured in .claude.json
  3. Hooks are properly formatted

This makes SessionStart hooks unreliable for injecting session context, forcing workarounds like UserPromptSubmit hooks.

Workaround

Using UserPromptSubmit hooks instead of SessionStart as a temporary solution.

Request

Please fix workspace trust system to:

  1. Respect ~/.claude/.claude.json trusted workspace configuration
  2. Not block hooks after user accepts workspace trust prompt
  3. Provide clear error messages if hooks are blocked and why
  4. Add claude trust status command to show current trust state

Thank you!

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗