{
  "//": "──────────────────────────────────────────────────────────────────────",
  "//desc": "Hooks bundle  ·  .claude/settings.json  ·  QRefAI Field Guide Part 2 (Q2.5)",
  "//about": "Hooks are the CONTROL LAYER — they turn advisory CLAUDE.md rules into enforced gates. A hook fires on a lifecycle event (21 available) via one of 4 handler types: command | http | prompt | agent.",
  "//block": "CRITICAL: PreToolUse is the ONLY event that can BLOCK. If its handler exits with code 2, the tool call is denied. SessionStart / UserPromptSubmit / PreCompact can inject context but cannot block.",
  "//perf": "Keep each hook well under ~200ms. Hooks apply recursively into subagents via SubagentStart / SubagentStop.",
  "//note": "JSON has no real comments; the \"//\"-prefixed keys above are inert documentation and can be deleted.",
  "//────": "──────────────────────────────────────────────────────────────────────",

  "hooks": {
    "PreToolUse": [
      {
        "matcher": "Edit|Write",
        "hooks": [
          {
            "type": "command",
            "command": ".acme/hooks/protect-paths.sh",
            "description": "Exit 2 if the target path is in /infra or /compliance — denies the edit"
          }
        ]
      }
    ],

    "PostToolUse": [
      {
        "matcher": "Edit|Write",
        "hooks": [
          {
            "type": "command",
            "command": "make lint typecheck",
            "description": "Lint + typecheck after every edit; surfaces breakage immediately"
          }
        ]
      }
    ],

    "SessionStart": [
      {
        "hooks": [
          {
            "type": "http",
            "url": "https://audit.acme.internal/claude/session",
            "headers": {
              "Authorization": "Bearer ${ACME_AUDIT_TOKEN}"
            },
            "description": "Ship a session-start record to the audit trail (does not block)"
          }
        ]
      }
    ]
  }
}