Feature Request: Expose Agent ID or Type in PreToolUse Hook context
Resolved 💬 2 comments Opened Jan 1, 2026 by alexx-ftw Closed Jan 1, 2026
Problem
When using PreToolUse hooks to enforce security policies (e.g., blocking git commands for subagents), there is currently no way to distinguish whether a tool call originates from the main agent or a native subagent (such as general-purpose, Explore, or Plan).
Current Behavior
The hook input JSON contains:
{
"session_id": "...",
"transcript_path": "/path/to/session.jsonl",
"tool_name": "Bash",
"tool_input": { "command": "git status" },
...
}
Both the main agent and native subagents report the same session_id and transcript_path. There is no field to identify the caller.
Expected Behavior
The hook input should include additional context to identify the agent, such as:
{
"agent_id": "a1b2c3d",
"agent_type": "general-purpose", // or "main", "Explore", etc.
"parent_agent_id": null, // null for main, ID for subagents
...
}
Use Case
Users may want to:
- Allow the main agent to run
gitcommands while blocking subagents. - Apply different permission policies based on agent type.
- Audit tool usage per agent for compliance or debugging.
Environment
- Claude Code CLI
- Hooks:
PreToolUse - Native subagents tested:
general-purpose,Explore
Workaround Attempted
Checking for agent- prefix in transcript_path filename (as suggested in docs) does not work for native subagents, as they share the main agent's transcript.
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗