The Automation Glue for AI Agents

Most people think of AI agents as a single prompt that generates code. But generating code is the easy part. The hard part is everything around it: loading context, enforcing quality, gating destructive actions, and capturing what was learned so the next session is better than the last.

That is what hooks do. They are the invisible glue that turns a one-shot AI session into a repeatable, self-improving workflow. Without hooks, every session starts from scratch. With hooks, every session builds on the last one.

Hooks are what separate a developer who uses AI from a developer who has built an AI-powered engineering system.

What Are Hooks?

A hook is code that runs automatically at a specific trigger point in the agent lifecycle. You do not call hooks manually. They fire when a particular event occurs:

  • Before a session starts — load context, check pending work, set up the environment.
  • After a task completes — run quality checks, enforce review rules, validate output.
  • When a tool is called — gate destructive actions, log tool usage, inject permissions.
  • After confirmation or approval — capture learnings, update documentation, close the feedback loop.

Hooks are not unique to AI. If you have used Git hooks (pre-commit, post-merge), CI/CD pipelines, or middleware in Express.js, you already understand the concept. The difference is that AI agent hooks operate at a higher level: they govern an entire autonomous workflow, not just a single command.

Hook 1: PreSession — Loading the Right Context

The PreSession hook fires before the agent begins any work. Its job is to make sure the agent starts with the right context, not a blank slate.

What a PreSession hook typically does:

  • Loads the orchestration skill or planner skill relevant to the current project.
  • Checks for pending work — are there open tickets, unfinished tasks, or blocked items?
  • Reads the project state file to understand what was done in previous sessions.
  • Sets environment variables or configuration that the agent will need.

Without a PreSession hook, you start every session by manually explaining context. With one, the agent picks up where it left off. This is the difference between a tool and a system.

The best PreSession hook makes the agent feel like it has memory, even though every session is stateless.

Hook 2: PostTask — Enforcing Quality at the Gate

The PostTask hook fires after the agent finishes a unit of work. This is where quality enforcement happens automatically, without you having to remember to check.

The most important rule a PostTask hook enforces:

The reviewer must not be the implementer.

This principle applies to human teams and it applies to AI agents. If the same model instance that wrote the code also reviews the code, you get confirmation bias, not quality assurance. The PostTask hook can:

  • Route the output to a separate review agent or a different model entirely.
  • Run automated checks — linting, type checking, test execution.
  • Verify that acceptance criteria from the spec have been met.
  • Block the task from moving to "done" until review passes.

This is how you prevent the most common failure mode of AI-assisted development: code that looks correct but was never actually validated by an independent eye.

Hook 3: PostToolUse — The Permission Gate

The PostToolUse hook fires every time the agent calls a tool. This is your permission gate for destructive or sensitive actions.

Consider what an AI agent can do with tool access: it can delete files, run shell commands, push to Git, modify databases, and call external APIs. Not all of these actions should happen without oversight.

A PostToolUse hook can:

  • Block destructive actions (force push, hard reset, file deletion) unless explicitly approved.
  • Require human confirmation for actions that affect production systems.
  • Log every tool call for audit trails.
  • Inject safety checks — for example, preventing commits that contain secrets or credentials.

This is human-in-the-loop by automation. You do not need to watch every action the agent takes. You define the rules once, and the hook enforces them every time. The agent operates freely within safe boundaries, and you only get pulled in when something crosses a threshold.

PostToolUse hooks let you give the agent autonomy without giving it unchecked power.

Hook 4: PostApproval — Closing the Learning Loop

The PostApproval hook fires after you approve a completed task. This is the most underrated hook because it is what makes your system self-improving.

What a PostApproval hook does:

  • Captures learnings from the session back into CLAUDE.md, knowledge files, or project documentation.
  • Updates the project state so the next session knows what was accomplished.
  • Records API quirks, configuration gotchas, or pitfalls encountered during implementation.
  • Logs architecture decisions that were made and why.

Without this hook, every useful insight discovered during a session is lost when the session ends. With it, your system accumulates institutional knowledge automatically. The tenth session is smarter than the first. The hundredth session has a deep knowledge base that no single developer could maintain manually.

This is self-learning by default. You do not need to remember to document what happened. The hook does it for you, every time, without exception.

How to Set Up Hooks

Hooks are configured in two places:

1. The settings file: .claude/settings.json defines which hooks are active and what triggers them. This is where you declare the hook type (PreSession, PostTask, PostToolUse, PostApproval) and point to the script that runs.

2. The hooks directory: hooks/ contains the actual shell scripts or executables that run when a hook fires. Each script receives context about the current event — what tool was called, what task completed, what was approved.

A typical hooks directory looks like this:

  • hooks/pre-session.sh — loads skill, checks pending work, sets context.
  • hooks/post-task.sh — runs quality checks, routes to reviewer.
  • hooks/post-tool-use.sh — gates destructive actions, logs tool calls.
  • hooks/post-approval.sh — captures learnings, updates project state.

The scripts are simple. Most are under 50 lines of bash. The power comes from the fact that they run automatically, consistently, and without human intervention. You write them once and they enforce your workflow forever.

Bottom Line

Hooks are what Level 5 (Harness Builder) looks like in practice. At Level 5, you are not just using AI to write code. You have built a system where AI operates within defined boundaries, enforces quality automatically, gates dangerous actions, and learns from every session.

The four hooks — PreSession, PostTask, PostToolUse, PostApproval — are the minimum viable automation layer for any serious AI-assisted engineering workflow.

Without hooks, you are supervising every step. With hooks, the system supervises itself and only pulls you in when it matters. That is the difference between using AI and building with AI.