Claude Code
rippy plugs into Claude Code as a
PreToolUse hook on the Bash tool. Every shell command Claude Code wants
to run is piped to rippy first; rippy approves, asks, or blocks.
One-line setup
Section titled “One-line setup”The fastest path is to let rippy edit settings.json for you:
rippy setup claude-codeThat’s it — rippy writes the hook stanza into ~/.claude/settings.json.
Run it from inside a repo to install the hook at the project level
instead of globally.
Manual setup
Section titled “Manual setup”If you prefer to edit settings.json by hand, add this block to
~/.claude/settings.json (or .claude/settings.json inside a repo for
project-scoped setup):
{ "hooks": { "PreToolUse": [ { "matcher": "Bash", "hooks": [ { "type": "command", "command": "rippy --mode claude" } ] } ] }}What happens on each call
Section titled “What happens on each call”- Claude Code serializes the
Bashtool-use payload to JSON and pipes it torippy. - rippy first checks Claude Code’s own
permissions.allow/permissions.deny/permissions.askrules in~/.claude/settings.jsonas a pre-analysis step. - If nothing matches there, rippy parses the command into an AST,
consults your
.rippy.tomlconfig, and applies its safety model. - rippy prints a JSON verdict on stdout. Exit code
0means allow,2means ask / deny,1means an internal error (rippy fails open on internal errors — see the FAQ).
Claude Code permissions are honored automatically
Section titled “Claude Code permissions are honored automatically”You do not need to duplicate Claude Code’s permissions.allow /
permissions.deny / permissions.ask rules into your .rippy.toml.
rippy reads them directly from ~/.claude/settings.json as a separate
pre-analysis step. Edit them in one place, keep both rippy and Claude
Code in sync automatically.