Governance hooks for AI coding agents — enforce safety, git hygiene, and project rules via Claude Code hooks.
Project description
hapax-agentgov
Governance hooks for AI coding agents. Extracted from a production system running 47 hooks across 200+ agents.
Works with Claude Code hooks. Enforces safety, git hygiene, and project rules automatically — before the agent acts, not after.
Quick start
pip install hapax-agentgov
cd your-project
agentgov init
This scaffolds .claude/hooks/ with safety hooks and registers them in .claude/settings.local.json.
What it does
Hooks intercept Claude Code tool calls (file edits, bash commands) and block dangerous actions before they execute:
| Hook | Category | What it blocks |
|---|---|---|
pii-guard |
safety | Email addresses, SSNs, phone numbers, home directory paths in tracked files |
secrets-guard |
safety | AWS keys, GitHub tokens, API keys, private keys |
conflict-marker-scan |
safety | Warns when <<<<<<< markers appear after git merge/rebase |
safe-stash-guard |
git | git stash pop (use apply + drop instead — pop can't recover from conflicts) |
push-gate |
git | Autonomous git push, gh pr create/merge without user approval |
no-stale-branches |
git | Creating new branches when unmerged work exists |
work-resolution-gate |
workflow | Editing code on branches with no open PR |
pkg-manager-guard |
tooling | Direct pip install (enforces uv or poetry) |
protected-paths |
workflow | Writes to *.pem, *.key, and other sensitive file patterns |
CLI
agentgov init
Scaffold hooks into your project.
agentgov init # "safe" preset (recommended 6 hooks)
agentgov init --preset strict # all 9 hooks
agentgov init --preset minimal # just pii-guard + conflict-marker-scan
agentgov init --force # overwrite existing hook scripts
agentgov check
Validate your hook configuration.
agentgov check
# agentgov: 6 hooks configured and valid
# OK pii-guard.sh (PreToolUse)
# OK secrets-guard.sh (PreToolUse)
# ...
agentgov report
Show governance coverage.
agentgov report
# agentgov: 6/9 hooks active (67% coverage)
#
# Active:
# [safety] pii-guard: Block writes that introduce PII patterns
# [safety] secrets-guard: Block writes containing API keys and tokens
# ...
agentgov report --json # machine-readable output
How hooks work
Claude Code hooks are shell scripts that run before (PreToolUse) or after (PostToolUse) tool calls. They receive the tool name and input as JSON on stdin:
{
"tool_name": "Edit",
"tool_input": {
"file_path": "/path/to/file.py",
"new_string": "API_KEY = 'sk-abc123...'"
}
}
A hook exits 0 to allow, exits 2 to block (with a message on stderr).
Writing custom hooks
Drop any .sh script in .claude/hooks/ and register it in .claude/settings.local.json:
{
"hooks": {
"PreToolUse": [
{
"matcher": "Edit|Write",
"hooks": [{ "type": "command", "command": ".claude/hooks/my-hook.sh" }]
}
]
}
}
Origin
Extracted from hapax-council, a personal operating environment running 200+ AI agents with 47 governance hooks enforcing safety, privacy, git discipline, and project rules across all agent sessions.
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hapax_agentgov-0.3.0.tar.gz.
File metadata
- Download URL: hapax_agentgov-0.3.0.tar.gz
- Upload date:
- Size: 21.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.9 {"installer":{"name":"uv","version":"0.10.9","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"CachyOS Linux","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c06b4b6d8c647800ddb3b49700dbfe8ef43807e220352ce48fb0def4bb24a199
|
|
| MD5 |
8b2e4e7047a3f6e2db2f031bf351d609
|
|
| BLAKE2b-256 |
0a69da9586786a3821588d8b83d6950f8764596401efac4a356efcf93e43588f
|
File details
Details for the file hapax_agentgov-0.3.0-py3-none-any.whl.
File metadata
- Download URL: hapax_agentgov-0.3.0-py3-none-any.whl
- Upload date:
- Size: 17.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.9 {"installer":{"name":"uv","version":"0.10.9","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"CachyOS Linux","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
45613dbc691079ac20459444c17aa1e3fd9bd7219f893b183321fa7eadf4cedf
|
|
| MD5 |
43b782f239864e71aa3c7921db40d4d9
|
|
| BLAKE2b-256 |
be593f0a0e65fa61173184ae779bd26620b82e1a96ae6a1db943152ba87ec8bc
|
