Feature Request: Expose Active Permission Mode to `PreToolUse` Hook
Currently, the PreToolUse hook in Claude Code provides information such as tool_name and tool_input. However, it does not expose the active permission mode that Claude is operating under (e.g., "default", "acceptEdits", "plan", "bypassPermissions"). This limits the ability of external systems, such as the Serena MCP server mentioned, to implement more granular and context-aware approval workflows for tool execution.
As a user of Serena MCP server with Claude Code, I am consistently prompted for approval for file editing tools. The only alternative is to permanently approve them, which is not ideal for security and control. If the PreToolUse hook could expose the active permission mode, I could potentially configure the approval system to behave differently based on the current mode, allowing for more intelligent and less intrusive prompts.
Describe the solution you'd like
I propose adding a new field, for example, active_permission_mode, to the JSON data passed to the PreToolUse hook. This field would indicate the permission mode Claude Code is currently operating in.
Example of desired PreToolUse input:
{
"session_id": "abc123",
"transcript_path": "/Users/.../.claude/projects/.../00893aaf-19fa-41d2-8238-13269b9b3ca0.jsonl",
"cwd": "/Users/...",
"hook_event_name": "PreToolUse",
"tool_name": "Write",
"tool_input": {
"file_path": "/path/to/file.txt",
"content": "file content"
},
"active_permission_mode": "default" // New field
}
Describe alternatives you've considered
Currently, to manage different behaviors, I am using an edit_mode variable defined inside my PreToolUse hook definition, which I manually set to reflect the desired behavior. This approach is prone to manual error and requires constant manual adjustment, making it less efficient and scalable.
Other alternatives include:
- Constantly approving tool uses, which leads to "approval fatigue" and reduced security.
- Keeping tools always approved, which is not ideal for secure environments.
None of these provide the desired flexibility or control compared to having the active permission mode directly available.
Additional context
Exposing the active permission mode would allow developers to create more sophisticated and user-friendly PreToolUse hook implementations, enabling conditional approval logic based on the session's permission context. This would enhance security and improve the user experience, especially in environments where fine-grained control over tool execution is critical.
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗