[Bug] PreToolUse hooks bypassed when permission rule matches
Bug Description
Bug: PreToolUse hooks bypassed when permission rule matches
Summary:
PreToolUse hooks are not executed when a tool call matches an entry in permissions.allow, contradicting the documented behavior.
Documentation states:
"When Claude Code makes a tool call, PreToolUse hooks run before the permission system runs, and the hook output can determine whether to approve
or deny the tool call in place of the permission system."
(Source: IAM documentation)
Observed behavior:
When Bash(mysql:*) is in permissions.allow in settings.local.json, PreToolUse hooks with matcher: "Bash" are completely skipped for mysql commands.
Expected behavior:
PreToolUse hooks should run first, before permission evaluation, allowing the hook to deny or modify the permission decision even for pre-allowed
commands.
Reproduction steps:
- Create a PreToolUse hook for Bash commands (e.g., a db-safety-hook that blocks SELECT without LIMIT)
- Add Bash(mysql:*) to permissions.allow
- Run a mysql command that the hook should block
- Observe: hook never runs, command executes
Workaround:
Remove the specific permission from the allow list so the hook can intercept the command.
Impact:
Security-critical hooks (like database safety checks) can be inadvertently bypassed by permission rules.
Environment Info
- Platform: darwin
- Terminal: Apple_Terminal
- Version: 2.0.60
- Feedback ID: 27af6bef-bbfb-4c73-a02b-0cca7f83da4d
Errors
[{"error":"Error: Could not load the \"sharp\" module using the darwin-arm64 runtime\nPossible solutions:\n- Ensure optional dependencies can be installed:\n npm install --include=optional sharp\n- Ensure your package manager supports multi-platform installation:\n See https://sharp.pixelplumbing.com/install#cross-platform\n- Add platform-specific dependencies:\n npm install --os=darwin --cpu=arm64 sharp\n- Consult the installation documentation:\n See https://sharp.pixelplumbing.com/install\n at <anonymous> (/$bunfs/root/claude:834:17571)\n at <anonymous> (/$bunfs/root/claude:11:356)\n at <anonymous> (/$bunfs/root/claude:835:88)\n at <anonymous> (/$bunfs/root/claude:11:356)\n at <anonymous> (/$bunfs/root/claude:835:79804)\n at <anonymous> (/$bunfs/root/claude:11:356)\n at <anonymous> (/$bunfs/root/claude:835:79980)\n at processTicksAndRejections (native:7:39)","timestamp":"2025-12-06T15:28:38.589Z"}]This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗