[BUG] SessionStart hooks blocked by workspace trust despite accepting prompt and .claude.json config (v2.0.37)
Bug Description
SessionStart hooks are blocked by workspace trust even after accepting workspace trust prompt and creating ~/.claude/.claude.json with trusted workspace configuration.
Environment
- Claude Code Version: 2.0.37
- OS: macOS (Darwin 23.5.0)
- Working Directory:
/Users/chriscowden(home directory)
Steps to Reproduce
- Configure SessionStart hooks in
~/.claude/settings.local.json:
{
"hooks": {
"SessionStart": [
{
"matcher": "*",
"hooks": [
{
"type": "command",
"command": "/Users/chriscowden/.claude/hooks/session_start_agent_routing.sh"
}
]
}
]
}
}
- Accept workspace trust prompt when Claude Code starts: "Do you want to work in this folder? Yes, continue"
- Create
~/.claude/.claude.jsonwith workspace trust configuration:
{
"projects": {
"/Users/chriscowden": {
"allowedTools": []
}
}
}
- Restart Claude Code
Expected Behavior
SessionStart hooks should execute when session starts, injecting context via hookSpecificOutput.additionalContext.
Actual Behavior
Hooks are blocked at execution time. Debug log shows:
[DEBUG] Skipping SessionStart:startup hook execution - workspace trust not accepted
Evidence
- Hooks are properly configured in settings.local.json ✅
- Hook scripts exist and are executable ✅
- Hook scripts produce valid JSON output when tested manually ✅
- Workspace trust prompt was accepted ✅
.claude.jsoncreated with trusted workspace configuration ✅- But hooks still blocked by "workspace trust not accepted" ❌
Manual Hook Test (Works)
echo '{"cwd": "/Users/chriscowden"}' | ~/.claude/hooks/session_start_agent_routing.sh | jq .
# Returns valid JSON with hookSpecificOutput.additionalContext
Debug Log Evidence
From ~/.claude/debug/latest:
[DEBUG] Getting matching hook commands for SessionStart with query: startup
[DEBUG] Found 2 hook matchers in settings
[DEBUG] Matched 3 unique hooks for query "startup"
[DEBUG] Skipping SessionStart:startup hook execution - workspace trust not accepted
Related Issues
This appears related to:
- #9113 - Workspace Trust Dialog Not Respecting Pre-configured ~/.claude/.claude.json
- #10409 - Using dangerously-skip-permissions breaks hooks
Impact
SessionStart hooks are effectively non-functional when workspace trust system blocks execution even after:
- User accepts trust prompt
- Workspace is pre-configured in .claude.json
- Hooks are properly formatted
This makes SessionStart hooks unreliable for injecting session context, forcing workarounds like UserPromptSubmit hooks.
Workaround
Using UserPromptSubmit hooks instead of SessionStart as a temporary solution.
Request
Please fix workspace trust system to:
- Respect
~/.claude/.claude.jsontrusted workspace configuration - Not block hooks after user accepts workspace trust prompt
- Provide clear error messages if hooks are blocked and why
- Add
claude trust statuscommand to show current trust state
Thank you!
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗