This is an opt-in example pack, not a built-in pi-yaml-hooks feature. Copy or adapt the snippets below into your own hooks.yaml.
Use this pack when you want fast checks before PI runs tools that can mutate a project.
| Hook | Use it when |
|---|---|
guard-risky-bash |
You want to block obviously dangerous shell commands before they run. |
guard-protected-write |
You want to stop direct writes to secrets, certificates, keys, and local environment files. |
guard-protected-edit |
You want the same protection for edit-based file changes. |
guard-package-install |
You want package installs and dependency updates to be explicit human actions. |
Copy hooks.yaml into your global hook file or a trusted project hook file.
If you keep the script in this repository, run PI from the repository root or update this path in hooks.yaml:
bash: 'node ./examples/pre-tool-developer-guards/pre-tool-policy.mjs'For another project, copy pre-tool-policy.mjs into that project and point the YAML at the copied path.
- Exit code
2blocks the matching pre-tool call. - These hooks inspect the tool payload before execution; they do not run on
tool.after.*. - The risky-bash regex matches commands following whitespace, start-of-string, or a shell separator (
;,&,|,`,(). It is a coarse heuristic, not a security boundary; quoting, env var indirection,eval, and aliasing can all defeat it. Use OS-level controls if you need real isolation. isProtectedPathruns a path-segment check, soconfig/.env,app/secrets/db.yml, andhome/.ssh/id_rsaare all protected.
- Add the hooks.
- Ask PI to run
git reset --hard. - Confirm the bash tool call is blocked.
- Ask PI to write
.env. - Confirm the write tool call is blocked.
- Ask PI to run
npm install left-pad. - Confirm the package install is blocked.
- Ask PI to run a harmless command like
pwd. - Confirm it still runs.