PermissionRequest hooks not triggered for subagent permission requests in Agent Teams
Bug Description
When using Claude Code's Agent Teams (multi-agent system with Task tool and TeamCreate), permission requests from subagents do not trigger PermissionRequest hooks. Instead, they fall back to standard terminal prompts in the parent session.
This means any custom hook configured for PermissionRequest (e.g., sending notifications to Telegram, Slack, or any external service) is completely bypassed when subagents need permission.
Steps to Reproduce
- Configure a
PermissionRequesthook in~/.claude/settings.json:
``json``
{
"hooks": {
"PermissionRequest": [
{
"matcher": "",
"hooks": [
{
"type": "command",
"command": "bash ~/.claude/hooks/my_custom_hook.sh",
"timeout": 600
}
]
}
]
}
}
- Start a Claude Code session and spawn a multi-agent team using
TeamCreateandTasktool with subagents.
- When a subagent needs permission to run a command (e.g.,
curl,export ... && curl ...), the permission request appears as a standard terminal dialog ("Do you want to proceed? [y/n]") in the parent session.
- The
PermissionRequesthook is never called for the subagent's request.
Expected Behavior
PermissionRequest hooks should fire for all permission requests, including those delegated from subagents to the parent session. The hook should intercept the request before it reaches the terminal UI, regardless of whether it originates from the main session or a subagent.
Actual Behavior
- Main session permission requests → Hook fires correctly ✅
- Subagent permission requests → Hook is bypassed, terminal prompt shown ❌
Impact
This limitation breaks the use case of remote permission management. Users who set up hooks to approve/deny permissions from external services (phone notifications, Slack, Telegram, etc.) are forced back to the terminal when using Agent Teams — defeating the purpose of the hook.
With Agent Teams being a new and powerful feature, many users will want to use it alongside custom permission hooks. The current behavior makes these two features incompatible.
Workaround
Pre-approve common subagent commands in settings.json permissions so they don't need to ask:
{
"permissions": {
"allow": [
"Bash(export:*)",
"Bash(source:*)",
"Bash(curl:*)"
]
}
}
This lets subagents work autonomously but removes the ability to review their actions, which is not ideal for security-conscious users.
Environment
- Claude Code version: Latest (2026-02-07)
- OS: Linux (WSL2 on Windows)
- Hook event:
PermissionRequest
Related
We documented this limitation in our open-source project claude-telegram-hook, which sends permission requests to Telegram with inline buttons. The hook works perfectly for the main session but is completely bypassed by subagents.
This issue has 10 comments on GitHub. Read the full discussion on GitHub ↗