Control Claude Code permissions with cloud-hosted decision tables

TL;DR

A public repo links Claude Code to Rulebricks decision tables so teams can enforce allow/deny/ask policies for tool calls. Rules publish instantly, log blocking decisions, and can be edited through a web UI instead of editing local JSON.

What happened

A repository named claude-code-guardrails provides a lightweight integration that routes Claude Code tool calls through Rulebricks decision tables. After creating and publishing rules on rulebricks.com (templates exist for Bash commands, file access and MCP server operations), users install the repo, set an API key in Claude’s settings.json, run an installer script and restart Claude Code. The integration calls a PreToolUse hook which queries Rulebricks and enforces allow, deny or ask outcomes; decisions can be logged by enabling verbose mode. Rule updates take effect immediately after publishing, and a Logs view in the Rulebricks UI lets teams review blocked command history. The README also documents an uninstall procedure and notes the option to operate with private infrastructure or a custom logging provider.

Why it matters

• Applies policy changes instantly across users without requiring restarts or repository pulls.
• Provides an auditable history of blocked tool calls for security and compliance reviews.
• Enables conditional rules beyond simple pattern matches (for example, allow some rm commands but deny others).
• Lets non-engineers edit governance rules via a hosted decision table UI instead of editing local config files.

Key facts

• Repository: rulebricks/claude-code-guardrails on GitHub.
• Install workflow: fork or create rules on rulebricks.com, git clone the repo, run ./install.sh, then restart Claude Code.
• Templates available in the repository and Rulebricks AI Agents category: Claude – Bash Guardrails, Claude – File Access Policy, MCP Tool Governance.
• Integration uses a Claude PreToolUse hook to query Rulebricks and return allow/deny/ask decisions.
• Required config: set RULEBRICKS_API_KEY in ~/.claude/settings.json; set RULEBRICKS_VERBOSE=1 to log decisions to stderr.
• Rule updates publish instantly—no redeploy or restart needed to apply new versions.
• Logs tab in Rulebricks shows history of blocked commands and can be queried by tool and decision.
• The README states you can redact sensitive data before it is sent and that private infrastructure / custom logging providers are supported.
• Uninstall instructions are provided (remove hook script and clean settings.json), with a one-liner example in the README.
• Repository license: MIT; primary languages listed are Python (64.7%) and Shell (35.3%).

What to watch next

• Whether teams adopt cloud-hosted decision tables vs. local config workflows: not confirmed in the source.
• How organizations choose between Rulebricks’ cloud hosting and running the guardrail with private infrastructure: not confirmed in the source.
• Potential integrations for other LLM platforms or additional tooling beyond the listed templates: not confirmed in the source.

Quick glossary

• Decision table: A structured rule format that maps conditions to outcomes, often used to centralize and manage business or policy decisions.
• Guardrail: A mechanism that enforces constraints on system behavior, such as denying risky tool calls or requiring approvals.
• Hook: A piece of code invoked at a specific point in a program’s execution to extend or modify behavior, for example PreToolUse before a tool call.
• API key: A token used to authenticate requests between a client and a service; required here to let Claude Code query Rulebricks.

Reader FAQ

How do I get started with the guardrails?
Create rules on rulebricks.com from the provided templates, copy your API key into ~/.claude/settings.json, clone the repo and run ./install.sh, then restart Claude Code.

Can I see what commands were blocked?
Yes. The Rules UI includes a Logs tab where blocked commands and decisions can be reviewed and queried.

Can this run on private infrastructure instead of the cloud?
The README says the setup can be used with private infrastructure and a custom logging provider; reach out to the project for details.

Will sensitive data be sent to Rulebricks by default?
The project notes you can edit guardrails to redact sensitive data before it is sent; further data-retention specifics are not confirmed in the source.

Claude Code Guardrails settings.json works if: You're fine editing JSON and killing Claude Code sessions every time policy changes Your security team is comfortable making PRs You don't need to…

Sources

• Show HN: Control Claude permissions using cloud-based decision tables

Related posts

• Briar messaging app keeps users connected over Bluetooth and Wi‑Fi during outages
• How I Learned Everything I Know About Programming Without LLMs
• How I Learned Programming: Why You Don’t Need LLMs to Learn Code