TL;DR
A public repository wires Rulebricks decision-table rules into Claude Code via a PreToolUse hook, letting teams allow, deny or request approval for tool calls. Installation uses an install script and a small hook; rule changes publish immediately and decisions can be logged and inspected.
What happened
Rulebricks published a repository that integrates cloud-hosted decision tables with Anthropic's Claude Code by adding a PreToolUse hook. The repo supplies a hook script, an installer and templates for common policies — examples include Bash command guardrails, file access controls and MCP server governance. Setup requires creating rules on rulebricks.com, publishing a version, copying an API key into ~/.claude/settings.json, cloning the repository and running the provided install.sh. Claude Code detects the published rules automatically once the hook is installed; the README instructs users to restart Claude Code to complete installation. Rules take effect instantly when a new version is published; decisions (allow/deny/ask) can be logged and reviewed in a Logs tab. The project also describes how to redact sensitive data before it leaves the guardrail platform and offers guidance for uninstalling the hook and removing configuration entries.
Why it matters
- Applies policy changes instantly without requiring git pulls or service restarts for rule updates.
- Provides an auditable history of blocked or moderated tool calls, useful for security and compliance reviews.
- Enables conditional, fine-grained decisions such as permitting specific destructive commands only in narrow contexts.
- Allows non-developer users to edit governance rules via a decision-table UI instead of changing config files or PRs.
Key facts
- Repository name: rulebricks/claude-code-guardrails on GitHub, licensed under MIT.
- Installation flow: create rules on rulebricks.com, publish, clone the repo and run ./install.sh.
- Templates provided include: Claude – Bash Guardrails, Claude – File Access Policy, and MCP Tool Governance.
- Integration point: a PreToolUse hook for Claude Code that queries the Rulebricks API to allow/deny/ask.
- Configuration requires adding RULEBRICKS_API_KEY (required) and optional RULEBRICKS_VERBOSE to ~/.claude/settings.json.
- Setting RULEBRICKS_VERBOSE to 1 enables decision logging to stderr; a Logs tab on the platform can be queried by tool and decision.
- The README documents an uninstall procedure including deletion of the hook script and removal of RULEBRICKS_* env vars.
- Repository metadata in the source lists 4 stars, 0 forks and primary languages as Python and Shell.
What to watch next
- Whether the project will publish formal releases or versioned tags for enterprise deployments — not confirmed in the source.
- Adoption by teams operating Claude at scale and any third-party security audits or reviews — not confirmed in the source.
- Plans for additional templates, broader agent integrations or native on-prem offerings beyond the note about private infrastructure — not confirmed in the source.
Quick glossary
- Decision table: A structured rule representation that maps inputs and conditions to outcomes, used for policy or access decisions.
- Hook: A small piece of code inserted into an application lifecycle to intercept events or calls and run custom logic.
- Guardrail: A policy mechanism that prevents or modifies risky behaviour by enforcing rules at runtime.
- PreToolUse: A hook point that runs before a tool or external call is executed, enabling approval or blocking logic.
Reader FAQ
How do I install these guardrails?
Create rules on rulebricks.com, publish them, clone the repo and run ./install.sh; then restart Claude Code as instructed in the README.
Do rule changes require restarting Claude Code?
No — published rule updates apply immediately; the README does recommend restarting Claude Code after the initial install.
Is an API key required?
Yes. The README shows RULEBRICKS_API_KEY in ~/.claude/settings.json as required.
Can I run logging and the guardrail on private infrastructure?
The README says you can run it with private infrastructure and your own logging provider and suggests contacting them for that setup.
Claude Code Guardrails settings.json works if: You're fine editing JSON and killing Claude Code sessions every time policy changes Your security team is comfortable making PRs You don't need to…
Sources
Related posts
- OpenAI Joins Seed Round for Merge Labs, Co-founded by Sam Altman
- Grok undressed the mother of one of Elon Musk’s kids — and now she’s suing
- Browser agent adds embedded 3MB Postgres (PGLite) as local relational memory