Skip to content
| Marketplace
Sign in
Visual Studio Code>Other>lazyperm - Claude Code HookNew to Visual Studio Code? Get it now.
lazyperm - Claude Code Hook

lazyperm - Claude Code Hook

lahonsourav

|
1 install
| (0) | Free
Auto-allow read-only Claude Code shell commands — no more permission prompts for git status, ls, or tsc
Installation
Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.
Copied to clipboard
More Info

lazyperm

Auto-allow read-only Claude Code shell commands — no more permission prompts for git status, ls, tsc, or npx.

lazyperm installs a Claude Code PreToolUse hook that silently approves safe shell commands and blocks dangerous ones, so you only get interrupted when it actually matters.


Quick Start

Option A — VS Code Extension (this extension)

  1. Open the Command Palette (Ctrl+Shift+P)
  2. Run lazyperm: Install hook in this project
  3. Restart Claude Code
  4. Run /hooks in Claude Code to confirm PreToolUse (1) is listed

Option B — CLI (npm)

# Install in the current project
npx lazyperm

# Install globally (applies to all projects)
npx lazyperm --global

How It Works

Every time Claude Code wants to run a shell command, lazyperm intercepts it before the permission prompt appears.

Claude wants to run: git status
        │
        ▼
 deny_patterns.json   ──── match? ──→  BLOCK (permission denied)
        │
       no match
        │
        ▼
 safe_patterns.json   ──── match? ──→  ALLOW (no prompt shown)
        │
       no match
        │
        ▼
 Claude Code default  ──────────────→  PROMPT (normal behavior)

The result of every decision is written to .claude/hooks/decisions.log.


Commands

Command Description
lazyperm: Install hook in this project Copies hook files into .claude/hooks/ and patches .claude/settings.json
lazyperm: Install hook globally Installs into ~/.claude/hooks/ for all projects
lazyperm: Edit safe patterns Opens safe_patterns.json to customize auto-allowed commands
lazyperm: Edit deny patterns Opens deny_patterns.json to customize blocked commands
lazyperm: Open decisions log Opens decisions.log to audit every allow/deny decision

Default Safe Patterns (auto-allowed)

These commands are allowed without prompting by default:

Git

  • git status, git diff, git log, git branch, git show, git remote -v

File system

  • ls, dir, cat, head, tail, grep, find, echo, wc, pwd

PowerShell read-only

  • Get-ChildItem, Get-Content, Get-Item, Test-Path, Get-Location, Select-Object, Where-Object, Sort-Object, Format-Table, Format-List

Node / TypeScript

  • npx tsc, tsc --noEmit, npm run lint, npm test, npm ls, npm info, npm outdated, npm audit

Python

  • pytest, python -m pytest

By default, everything else is also allowed via a catch-all .* at the end of safe_patterns.json. Remove it to switch to an explicit allowlist mode.


Default Deny Patterns (always blocked)

These are blocked regardless of the safe list:

Pattern Blocks
rm, del, Remove-Item File deletion
git push, git reset --hard, git clean Destructive git operations
> file or >> file File overwrites/appends (but 2>&1 is allowed)
Set-Content, Out-File, Move-Item File writes
sudo Privilege escalation
DROP, DELETE FROM Destructive SQL
Invoke-Expression, iex Arbitrary code execution
-X POST/PUT/DELETE/PATCH Mutating HTTP requests
shutdown, Restart-Computer, Stop-Process System operations
Set-ExecutionPolicy, Set-ItemProperty HKLM System config changes

Customizing Patterns

Patterns are regular expressions. After installing, open the files with the Command Palette:

Add a safe pattern (lazyperm: Edit safe patterns):

[
  "^my-custom-script\\b",
  "^docker ps\\b",
  ".*"
]

Add a deny pattern (lazyperm: Edit deny patterns):

[
  "^curl\\b",
  "^wget\\b"
]

Deny patterns are checked first — if a command matches deny, it's blocked even if it also matches safe.


Files Installed

.claude/
  hooks/
    guard.py              ← the hook script
    safe_patterns.json    ← commands to auto-allow
    deny_patterns.json    ← commands to always block
    decisions.log         ← audit log (created on first run)
  settings.json           ← patched to register the hook

For project installs, these are added to .gitignore automatically so hook files aren't committed.


Uninstalling

Delete .claude/hooks/ and remove the PreToolUse entry from .claude/settings.json, then restart Claude Code.


License

MIT — github.com/lahonsourav/lazyperm

  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2026 Microsoft