Setting Up GuardClaw for Claude Code

Claude Code is one of the most capable coding agents available. It reads your codebase, writes code, runs tests, executes shell commands, and manages files. It’s fast, and it’s good at what it does.

It’s also working with full access to your terminal and file system. Every tool call it makes — every file read, every shell command, every API request — executes with your permissions. If something goes wrong, it goes wrong as you.

GuardClaw integrates with Claude Code through hooks. Every tool call passes through GuardClaw’s security gate before it executes. This post shows you how to set it up.

How the integration works

Claude Code supports hooks — functions that run before and after every tool call. GuardClaw uses these hooks to intercept actions before they execute.

The flow is simple:

1. Claude Code decides to take an action (read a file, run a command, etc.)
2. Before the action executes, Claude Code calls the GuardClaw hook
3. GuardClaw evaluates the action against the security policy and 1,000+ detection patterns
4. If it’s safe, GuardClaw says “allow” and the action runs normally
5. If it’s dangerous, GuardClaw says “deny” and Claude Code receives an error response
6. Either way, a receipt is logged

Claude Code doesn’t know the difference between a GuardClaw denial and a normal error. It adapts and tries something else. Your workflow doesn’t change.

Step 1: Install the hook

If you haven’t installed GuardClaw yet, start with the Getting Started guide.

To set up the Claude Code integration, run:

guardclaw init --target claude-code

This adds GuardClaw as a hook in your Claude Code configuration. It modifies the .claude/settings.local.json file in your current project directory.

If you want the hook active across all your projects (not just the current one), use the global flag:

guardclaw init --target claude-code --global

This writes to ~/.claude/settings.json instead, which applies to every project you open with Claude Code.

Step 2: Verify the hook is registered

Run the health check to confirm the hook is in place:

guardclaw doctor

Look for this line in the output:

Checking Claude Code hooks... OK

If you see WARN (not found) instead, the hook didn’t install correctly. Check that you ran the init command from the right directory, and that Claude Code’s configuration file exists.

Step 3: Use Claude Code normally

That’s it for setup. Start Claude Code the way you normally do. GuardClaw runs in the background — you won’t see it unless it blocks something.

When it does block something, you’ll see a denial in Claude Code’s output:

[DENY] Bash: path traversal detected
  Policy: filesystem-boundary
  Action: blocked

Claude Code treats this like any other tool error and moves on. Your session continues without interruption.

Global vs. per-project

The choice between global and per-project installation depends on your workflow:

Global (--global) means every project you open in Claude Code gets GuardClaw protection automatically. Good for individual developers who want consistent security across everything they work on.

Per-project (default) means each project has its own security rules. Good for teams where different codebases need different policies — your production API server might have stricter rules than your documentation site.

You can use both. Global rules apply everywhere. Per-project rules override the global ones for that specific project.

What gets checked

Every action Claude Code takes passes through the hook:

• File reads: Is this file within the project boundary? Is it a sensitive file (.env, credentials, SSH keys)?
• File writes: Is the agent writing to a system file? Is it modifying its own configuration (a self-protection concern)?
• Shell commands: Does this command contain injection patterns? Is it trying to pipe data to an external server? Is it using encoding to hide what it’s doing?
• MCP tool calls: Is this a known dangerous tool? Does the input contain injection patterns?

The detection engine runs locally. No network calls. The latency is sub-millisecond — you won’t notice it.

Adjusting for your workflow

If GuardClaw blocks something Claude Code legitimately needs to do, you have two options:

1. Check the audit trail (guardclaw doctor or the dashboard) to see exactly what was blocked and why.
2. Update your policy following the guide in Writing Your First Security Policy to allow that specific action.

The goal is to find the balance where your agent can do its job and can’t do things it shouldn’t. The audit trail shows you where that balance is.

Next post: the same setup process for Cursor, if that’s the agent you’re working with.