[FEATURE] PermissionRequest hook: allow setting custom description when returning permissionDecision: "ask"
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
When a PermissionRequest hook returns permissionDecision: "ask", the user sees the native Claude Code permission prompt — but the prompt only shows the tool name and input. The hook has no way to inject context explaining why it escalated this specific request for human approval.
This makes hooks that conditionally escalate feel opaque to the user. Example hook response:
{ "permissionDecision": "ask" }
The user sees a generic Allow bash command? dialog with no context about which hook matched or why it flagged the command. For hooks that guard a broad pattern (e.g., kubectl delete, systemctl stop, terraform apply -destroy), the raw tool input alone isn't enough for an informed decision.
Proposed Solution
Allow the hook response to include an optional description (or reason) field that gets surfaced in the permission prompt when permissionDecision: "ask":
{
"permissionDecision": "ask",
"description": "This command matches the 'kubectl delete' guard. Confirm you intend to delete a live cluster resource."
}
The permission prompt would display this description below the tool input — giving the user the hook author's context before approving or denying.
I prefer deterministic with my hook instead of auto mode, sorry about that 😅
Mockup:
Allow bash command?
kubectl delete pod my-pod -n production
⚠ Hook: This command matches the 'kubectl delete' guard.
Confirm you intend to delete a live cluster resource.
[ Allow ] [ Deny ]
Alternative Solutions
- No workaround — currently there's no way to customize the permission prompt copy from a hook.
Use Case Example
- I have a
PermissionRequesthook that matches anyterraform applycommand containing-destroy. - The hook returns
permissionDecision: "ask"so I must explicitly approve. - Without
description, I see a generic prompt — I have to read the raw command to understand what I'm approving. - With
description, the prompt immediately says: "Flagged by destroy-guard hook: this will permanently delete infrastructure. Approve only if you have reviewed the plan output." - Especially useful in multi-hook setups where multiple rules can escalate and the user needs to know which rule fired.
<img width="445" height="205" alt="Image" src="https://github.com/user-attachments/assets/7ea37c8c-59ae-4ed8-9ab8-a527e3481cbe" />
I want to customize this message Destroy all terraform-managed infrastructure.
Additional Context
Priority: Medium — Would be very helpful
Feature Category: Configuration and settings
Related issues:
- #46996 — hookify plugin requesting same
askaction (third-party, but same root need) - #29782 — custom message on deny side
This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗