ReddRadar
Agent skill
enforcement
Use when implementing hooks that BLOCK invalid actions, creating quality gates for state transitions, or enforcing tested:true verification. Load when designing enforcement mechanisms. Uses exit code 2 to block, JSON permissionDecision:deny, or updatedInput modification. Rules are instructions; hooks are enforcement.
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/enforcement
SKILL.md
Enforcement
Runtime mechanisms that block invalid actions.
Core Principle
"Rules are instructions, not enforcements. Systems need verification gates, not more documentation."
Instructions
- Identify what needs enforcement (not just documentation)
- Choose hook timing: PreToolUse, PermissionRequest, SubagentStop
- Implement blocking logic:
scripts/block-*.sh - Test with invalid action → verify block
Blocking Mechanisms
| Mechanism | How | Effect |
|---|---|---|
| Exit code 2 | exit 2 + stderr |
Blocks, feeds stderr to Claude |
| JSON deny | "permissionDecision": "deny" |
Structured blocking |
| Stop block | "decision": "block" |
Forces agent to continue |
Hook Timing
| Event | Can Block? | Use Case |
|---|---|---|
| PreToolUse | Yes | Validate before execution |
| PermissionRequest | Yes | Custom approval logic |
| SubagentStop | Yes | Force quality gates |
| PostToolUse | No | Feedback only |
References
| File | Load When |
|---|---|
| references/blocking-hooks.md | Implementing hook mechanisms |
| references/quality-gates.md | Designing verification loops |
| references/hook-templates.md | Writing hook code |
| references/agent-harness-hooks.md | Agent-harness specific patterns |
| references/sandbox-runtime.md | OS-level MCP server isolation |
| references/sandbox-fast-path.md | Hybrid security (allowlist + sandbox for 2-3x speed) |
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?