[BUG/ENHANCEMENT] Hooks added to settings.json mid-session aren't enforced until restart; no durable session-scoped hook state

Open 💬 3 comments Opened Jun 6, 2026 by ktimesk1776

[BUG/ENHANCEMENT] Hooks added to settings.json mid-session aren't enforced until restart; no durable session-scoped hook state

Companion to the behavioral issues #65951 (workflow step-skipping) and #65952 (rationalized skipping). Those describe why users need mechanical process-gates; this describes why the gates are unreliable to build.

Environment

  • Claude Code 2.1.140
  • Model: claude-opus-4-8

Summary

Two reliability gaps make user-authored PreToolUse "process gates" unreliable in the very session where they matter:
(a) a hook added to settings.json mid-session is not active until Claude Code restarts, and (b) there is no durable, session-scoped place for a hook to keep state, so /tmp marker files are the only option and are not reliable for a whole session.

What happened

We use PreToolUse hooks to hard-block code edits until a workflow precondition is met (e.g. "a workflow doc has actually been opened this session"). We built such a gate mid-session:

  • The enforcing half (a PreToolUse script, re-read from disk each call) took effect immediately.
  • The creating half (a new PostToolUse-on-Read hook + a SessionStart hook -- both new settings.json entries) did not load until a restart. So within that session the marker could never be created by the intended mechanism -- the gate could enforce but the legitimate path to satisfy it didn't exist. (Net effect: it blocked the author's own valid edit and forced a manual bypass.)
  • Separately, the /tmp marker we relied on vanished mid-session (no explicit delete), silently disabling the gate until we noticed.

Impact

A team that builds an enforcement hook to stop the agent skipping a step cannot trust it in the same session, and cannot rely on /tmp markers as durable session state. Everyone is pushed toward fragile workarounds -- which undercuts the only thing that currently works against the behavioral problems in #65951/#65952.

Recommendation

  1. Hot-reload settings.json hooks (or a documented reload command) so newly-added hooks apply without a full restart.
  2. Provide a hook-accessible, session-scoped key/value store keyed to the Claude Code session id, with a documented lifetime (created at SessionStart, cleared at session end), so a hook can persist a flag for the session without /tmp fragility. Expose the session id to hooks via env var.
  3. Document the load-time semantics of each hook type (which take effect immediately vs. on restart).

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗