[BUG] PostToolUse Hooks Not Receiving Task Tool Outputs

Resolved 💬 3 comments Opened Jul 26, 2025 by coygeek Closed Aug 22, 2025

PostToolUse Hooks Not Receiving Task Tool Outputs

Description

PostToolUse hooks configured to monitor the Task tool (used for multi-agent delegation) receive empty tool_response fields. This prevents proper validation and monitoring of sub-agent outputs, breaking the ability to implement security checks, compliance monitoring, or quality gates on delegated tasks.

Environment

  • Claude Code version: [Latest]
  • Operating System: macOS Darwin 24.6.0
  • Hook configuration: PostToolUse hook for Task tool

Current Behavior

When a PostToolUse hook is configured for the Task tool, it receives:

{
  "tool_name": "Task",
  "tool_parameters": {
    "agent": "coder",
    "task": "Implement user authentication",
    "context": {...}
  },
  "tool_response": {},  // Empty - this is the bug
  "timestamp": "2025-07-26T17:00:00Z",
  "session_id": "abc123"
}

Expected Behavior

PostToolUse hooks should receive the complete response from the Task tool:

{
  "tool_name": "Task",
  "tool_parameters": {
    "agent": "coder",
    "task": "Implement user authentication",
    "context": {...}
  },
  "tool_response": {
    "status": "SUCCESS",
    "agent": "coder",
    "task_id": "auth_implementation",
    "results": {
      "implemented_files": [
        "/src/auth/login.py",
        "/src/auth/jwt_handler.py"
      ],
      "features_implemented": [...]
    },
    "errors": [],
    "metadata": {
      "duration_ms": 5432,
      "tools_used": ["Read", "MultiEdit", "Bash"],
      "files_modified": 2
    }
  },
  "timestamp": "2025-07-26T17:00:00Z",
  "session_id": "abc123"
}

Steps to Reproduce

  1. Configure a PostToolUse hook for the Task tool in settings.json:
{
  "hooks": {
    "PostToolUse": [
      {
        "name": "task_output_validator",
        "tools": ["Task"],
        "command": "python /path/to/validator.py"
      }
    ]
  }
}
  1. Create a validator script that logs the received data:
#!/usr/bin/env python3
import json
import sys

data = json.load(sys.stdin)
tool_response = data.get("tool_response", {})

if not tool_response:
    sys.stderr.write("ERROR: Empty tool_response received!\n")
else:
    sys.stderr.write(f"SUCCESS: Got {len(tool_response)} fields\n")

print(json.dumps({"decision": "allow"}))
  1. Execute a command that triggers multi-agent delegation:
claude-code "Use the coder agent to implement user authentication"
  1. Observe that the hook receives empty tool_response data

Impact

This bug severely limits the ability to:

  • Security: Cannot validate that sub-agents aren't producing malicious code or accessing unauthorized resources
  • Compliance: Cannot ensure sub-agent outputs comply with organizational policies
  • Quality Assurance: Cannot automatically check delegated work meets standards
  • Debugging: Makes it difficult to trace issues in multi-agent workflows
  • Monitoring: Cannot track performance or success rates of delegated tasks

Additional Context

  • This issue affects all versions that support multi-agent workflows
  • Other tools (Write, Edit, Bash, etc.) correctly pass responses to PostToolUse hooks
  • The SubagentStop hook only provides a transcript_path, requiring complex file parsing instead of direct access to the output
  • This is blocking our ability to implement security validation for AI-generated code

Proposed Solution

The Task tool should capture and pass through the complete sub-agent response to PostToolUse hooks. This requires:

  1. Modifying the Task tool implementation to preserve sub-agent outputs
  2. Ensuring the hook pipeline receives the full response data
  3. Maintaining backward compatibility for existing hooks

Reproduction Code

I've created a complete demonstration that shows both the bug and expected behavior. The key test:

# Test showing the bug
buggy_hook_data = {
    "tool_name": "Task",
    "tool_parameters": {...},
    "tool_response": {},  # Empty in current implementation
}

# Hook cannot validate
result = hook.validate(buggy_hook_data)
# Returns: "ERROR: Cannot validate Task output - no response data"

Full reproduction code available at: [gist link or attachment]

Priority

High - This is a critical gap in the security and monitoring capabilities of multi-agent systems, affecting enterprise users who need to audit and validate all AI-generated code.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗