Claude Code

Vectimus governs Claude Code through its native PreToolUse hook system. Every tool call is intercepted and evaluated against Cedar policies before execution.

Setup

vectimus init

If Claude Code is detected (the claude binary is on your PATH or ~/.claude/ exists), vectimus init writes the hook configuration automatically.

The generated config lives at .claude/settings.json in your project directory:

{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "",
        "hooks": [
          {
            "type": "command",
            "command": "vectimus hook --source claude-code"
          }
        ]
      }
    ]
  }
}

If you already have hooks in .claude/settings.json, Vectimus merges its hook with your existing ones. Your custom hooks are preserved.

How it works

Claude Code fires the PreToolUse hook before every tool call
The hook sends the tool name and arguments to vectimus hook via stdin as JSON
Vectimus normalises the payload, evaluates it against Cedar policies and returns a decision
On deny, Vectimus returns {"hookSpecificOutput": {"permissionDecision": "deny", ...}} with exit code 0
Claude Code blocks the tool call and shows the deny reason to the user

Supported tools

Claude Code tool	Vectimus action type
`Bash`	`shell_command` (further classified to `git_operation`, `infrastructure`, `package_operation` based on command)
`Write`	`file_write`
`Edit`	`file_write`
`Read`	`file_read`
`Glob`	`file_read`
`Grep`	`file_read`
`WebFetch`	`web_request`
`Agent`	`agent_spawn`
`mcp__*`	`mcp_tool`

Claude Agent SDK

Claude Agent SDK shares the same hook mechanism as Claude Code. See Claude Agent SDK for SDK-specific setup.

Observe mode

To trial Vectimus without blocking:

vectimus observe on

All decisions are logged to ~/.vectimus/logs/ but tool calls proceed normally. Review the audit log, then switch to enforcement:

vectimus observe off

Performance and audit

The evaluation daemon auto-starts on the first hook call and keeps the Cedar engine warm in memory, reducing latency from ~200ms to under 10ms. Every evaluation produces an Ed25519-signed governance receipt stored in .vectimus/receipts/. Receipts are retained for 7 days by default (configurable via [receipts] retention_days in config). Use vectimus verify to validate receipts offline and vectimus receipts prune for manual cleanup.

Remove hooks

vectimus remove

This strips Vectimus entries from .claude/settings.json while preserving your other hooks.