slavaspitsyn

slavaspitsyn / claude-code-security-hooks

Public

7 layers of defense against prompt injection in Claude Code. Security hooks, read guards, canary files, and self-protection.

13
1
100% credibility
Found Mar 24, 2026 at 13 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Shell
AI Summary

Security guards for AI coding tools that block access to private credential files and detect suspicious commands to prevent prompt injection attacks.

How It Works

1
😟 Worry about AI safety

You hear stories of AI helpers accidentally grabbing your private passwords and keys from your computer.

2
🔍 Find protective shields

You discover a simple tool that adds layers of protection to stop sneaky tricks on your AI coding buddy.

3
🛡️ Run the easy setup

With one quick click, you launch the friendly installer that sets up all the safety guards automatically.

4
📋 Follow simple guide

It shows you exactly what to copy into your AI settings to turn on the protections.

5
⚠️ Add warning notes

Special alert files get placed in your private folders so the AI knows to stop if something fishy happens.

6
🔍 Check for risks

The tool scans your current setup and warns you about any loose permissions that could be dangerous.

AI is now secure

You can now use your AI coding assistant confidently, knowing it's shielded from secret-stealing attacks.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 13 to 13 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is claude-code-security-hooks?

This Shell project delivers seven layers of defense in depth against prompt injection attacks in Claude Code, Anthropic's AI coding agent. It blocks the AI from reading sensitive files like SSH keys, AWS credentials, or GCP tokens via Read and Bash tools, stops exfiltration attempts with curl or wget to untrusted domains, and deploys canary files that alert the AI to manipulations. Users get a one-command installer that sets up hooks in Claude's settings.json and audits permissions for risks like broad Bash(curl *) allowances.

Why is it gaining traction?

In a world of layers of defense cybersecurity, it stands out with targeted blocks on credential-network combos, POST whitelists for api.github.com and similar, and self-protection against hook tampering—catches 99% of straightforward prompt injections without slowing workflows. Devs love the quick start: clone, run install.sh, paste JSON, done. No alternatives match this Claude-specific depth for securing local AI agents with shell access.

Who should use this?

DevOps engineers letting Claude Code run Bash on machines with SSH keys or AWS layers. Backend devs using AI for cloud scripts who fear webpage-hidden injections exfiltrating .aws/credentials. Security-conscious coders auditing permissions before allowing Read on ~/.ssh/.

Verdict

Grab it if you're deep into Claude Code—solid docs, MIT license, and real protection layers against prompt injection, despite 13 stars and 1.0% credibility score signaling early maturity. Test in a sandbox first; pair with passphrase keys for max security. (187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.