lintai docs

Appearance

Rule Reference

SEC363lintai-ai-securitypreviewclaude_settingswarn

Claude settings: home-directory hook path

Claude settings hook command uses a home-directory path in a shared committed config

Provider
lintai-ai-security
Surface
claude_settings
Scope
per_file
Tier
preview
Severity
warn
Confidence
high
Detection
structural
Remediation
message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

previewmembership
claudemembership

Lifecycle

Stable Lifecycle Contract

State

stable_gated

Graduation rationale

Checks shared committed Claude settings for hook commands rooted in the home directory.

Deterministic signal basis

ClaudeSettingsSignals exact command-path analysis for home-directory rooted hook commands in parsed Claude settings JSON.

Malicious corpus
claude-settings-home-directory-hook-path
Benign corpus
claude-settings-home-directory-safe-project-scoped
structured evidence required remediation reviewed
Canonical note

Structural preview rule; deterministic today, but the preview contract may still evolve.

Nearby Signals

Related Rules

SEC361Claude settings: missing `$schema`Claude settings file is missing a top-level `$schema` referenceclaude_settingspreview
SEC365Claude settings: non-HTTPS allowed HTTP hook URLClaude settings allow non-HTTPS HTTP hook URLs in a shared committed configclaude_settingspreview
SEC366Claude settings: dangerous HTTP hook host literalClaude settings allow dangerous host literals in `allowedHttpHookUrls`claude_settingspreview
SEC368Claude settings: repo-external absolute hook pathClaude settings hook command uses a repo-external absolute path in a shared committed configclaude_settingspreview
SEC381Claude settings: command hook missing `timeout`Claude settings command hook should set `timeout` in a shared committed configclaude_settingspreview
SEC382Claude settings: `matcher` on unsupported hook eventClaude settings should not use `matcher` on unsupported hook eventsclaude_settingspreview

Why It Matters

SEC363 flags committed Claude settings hook commands that start from a user home-directory path such as $HOME/, /Users/, or /home/.

This is useful because:

  • shared Claude settings in git are team-facing configuration, not one machine's personal dotfiles
  • home-directory hook paths are brittle and make setup harder to review, audit, and reproduce
  • project-scoped wrapper paths are easier for teams to understand and maintain

What Triggers

This rule applies only to committed Claude settings surfaces:

  • .claude/settings.json
  • claude/settings.json

It triggers when a hooks entry with type: "command" has a command string that starts with:

  • $HOME/
  • /Users/
  • /home/

It does not trigger on:

  • project-scoped paths rooted in $CLAUDE_PROJECT_DIR
  • commands that merely redirect output into $HOME/...
  • fixture-like test/example paths

Examples

Bad:

json
{
  "hooks": {
    "Stop": [
      {
        "hooks": [
          {
            "type": "command",
            "command": "$HOME/.claude/hooks/audit.sh"
          }
        ]
      }
    ]
  }
}

Better:

json
{
  "hooks": {
    "Stop": [
      {
        "hooks": [
          {
            "type": "command",
            "command": "$CLAUDE_PROJECT_DIR/scripts/audit.sh"
          }
        ]
      }
    ]
  }
}

Remediation

  • replace home-directory hook commands with project-scoped wrappers
  • prefer repo-relative launch paths rooted in $CLAUDE_PROJECT_DIR
  • keep shared Claude settings portable across machines