enforcement
Enforcement
Runtime mechanisms that block invalid actions.
Core Principle
"Rules are instructions, not enforcements. Systems need verification gates, not more documentation."
Instructions
- Identify what needs enforcement (not just documentation)
- Choose hook timing: PreToolUse, PermissionRequest, SubagentStop
- Implement blocking logic:
scripts/block-*.sh - Test with invalid action → verify block
Blocking Mechanisms
| Mechanism | How | Effect |
|---|---|---|
| Exit code 2 | exit 2 + stderr |
Blocks, feeds stderr to Claude |
| JSON deny | "permissionDecision": "deny" |
Structured blocking |
| Stop block | "decision": "block" |
Forces agent to continue |
Hook Timing
| Event | Can Block? | Use Case |
|---|---|---|
| PreToolUse | Yes | Validate before execution |
| PermissionRequest | Yes | Custom approval logic |
| SubagentStop | Yes | Force quality gates |
| PostToolUse | No | Feedback only |
References
| File | Load When |
|---|---|
| references/blocking-hooks.md | Implementing hook mechanisms |
| references/quality-gates.md | Designing verification loops |
| references/hook-templates.md | Writing hook code |
| references/agent-harness-hooks.md | Agent-harness specific patterns |
| references/sandbox-runtime.md | OS-level MCP server isolation |
| references/sandbox-fast-path.md | Hybrid security (allowlist + sandbox for 2-3x speed) |
More from ingpoc/skills
scroll-storyteller
Use when creating interactive scroll-based storytelling experiences with mouse-following spotlight effects, animated SVG art, and the Anthropic design language. Load for explainer pages, product showcases, visual narratives, or any content needing immersive scroll storytelling with organic shapes and smooth animations. Supports GSAP-powered or lightweight CSS-only animations.
124terminal-ui-design
Use when creating CLI tools, terminal user interfaces (TUI), or any command-line applications. Load for terminal UI design, ASCII art, color schemes, box drawing characters, and polished terminal output. Also use for refactoring boring CLIs into distinctive experiences.
34browser-testing
Use when testing web applications, debugging browser console errors, automating form interactions, or verifying UI implementations. Load for localhost testing, authenticated app testing (Gmail, Notion), or recording demo GIFs. Requires Chrome extension 1.0.36+, Claude Code 2.0.73+, paid plan.
21tufte-slide-design
This skill applies Edward Tufte's data visualization principles from "The Visual Display of Quantitative Information" to create high-impact slides. Use when designing presentations, creating charts/graphs, reviewing slides for clarity, or transforming data into visual displays. Triggers on phrases like "make a slide", "create presentation", "design chart", "visualize data", "review my slides", or "make this more impactful".
20postgresql-skill
This skill provides PostgreSQL-specific patterns for database design, optimization, and transaction management
13token-efficient
Use when processing 50+ items, analyzing CSV/log files, executing code in sandbox, or searching for tools. Load for data processing tasks. Achieves 98%+ token savings via in-sandbox execution, progressive disclosure, and pagination. Supports heredocs for multi-line bash.
12