Security reminder should return explicit PreToolUse denial output
Resolved 💬 2 comments Opened Jan 16, 2026 by MaxMiksa Closed Feb 27, 2026
Summary
The security reminder hook blocks via stderr + exit code but does not emit a hookSpecificOutput.permissionDecision per the documented PreToolUse contract.
Steps to Reproduce
- Trigger a security reminder (e.g., edit a workflow file).
- Observe hook output in PreToolUse.
Expected Behavior
Hook output includes permissionDecision: "deny" and a systemMessage explaining the block.
Actual Behavior
Only stderr output and exit code are used.
Proposed Fix
Emit structured JSON with hookSpecificOutput.permissionDecision: "deny" and systemMessage when blocking.
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗