FR: Add decision: ask support for PreToolUse hooks #3596
Description
Feature Request: Add decision: ask support for PreToolUse hooks
Summary
Add support for a decision: ask response in PreToolUse hooks that prompts the user for confirmation before executing a tool, similar to Claude Code's hook system.
Motivation
Currently, PreToolUse hooks only support two outcomes:
- Exit 0: Allow tool execution
- Exit 2: Block tool execution (returns STDERR to LLM)
There's no way for a hook to trigger an interactive user confirmation prompt. This limits the ability to implement "soft" security policies where certain commands (e.g., sudo) should require explicit user approval rather than being outright blocked.
Proposed Solution
Allow hooks to output a JSON response to STDOUT with decision: ask:
{
"decision": "ask",
"message": "⚠️ This command uses sudo:\n\n sudo apt update\n\nAllow execution?"
}When the CLI receives this response:
- Display the
messageto the user - Prompt for confirmation (y/n)
- If approved, proceed with tool execution
- If denied, return denial to the LLM
Proposed Hook Output Behavior
| Exit Code | STDOUT | Behavior |
|---|---|---|
| 0 | Empty | Allow |
| 0 | {"decision": "ask", "message": "..."} |
Prompt user |
| 2 | - | Block (STDERR to LLM) |
| Other | - | Warning, allow |
Use Case Example
A security hook that prompts for sudo commands instead of blocking them:
#!/usr/bin/env python3
import json, sys, re
input_data = json.load(sys.stdin)
command = input_data.get("tool_input", {}).get("command", "")
if re.search(r'(^|;|&&|\|\||\|)\s*sudo(\s|$)', command):
print(json.dumps({
"decision": "ask",
"message": f"⚠️ This command uses sudo:\n\n {command}\n\nAllow execution?"
}))
sys.exit(0)Prior Art
- Claude Code hooks support
decision: askfor interactive approval flows
Additional Context
This feature would enable more flexible security policies where users can make case-by-case decisions rather than having blanket allow/deny rules.