Tell HN: Claude 4.7 is ignoring stop hooks
TL;DR Highlight
Anthropic’s Claude Code reveals a security feature designed to ignore instructions within tool results inadvertently disables stop hooks, prompting workarounds and bug reports.
Who Should Read
Developers building automated workflows with Claude Code, or those controlling agent behavior with stop hooks/lifecycle hooks.
Core Mechanics
- Claude Code’s stop hook operates in two distinct ways: a ‘true control’ method using exit code 2 + stderr, and a method outputting JSON to stdout, which differ fundamentally.
- The stdout JSON method feeds into the model’s tool result context, an area Anthropic intentionally trained the model to disregard instructions within for prompt injection defense—meaning hook commands are designed to be ignored.
- Claude correctly ignores content in the tool result context as a security measure, preventing prompt injection attacks, but this also affects hook commands.
- Solutions include delivering hooks via user context instead of tool results, or adding explicit instructions to the system prompt stating specific hooks are trustworthy.
- Using exit code 2 provides deterministic control outside the agent’s inference layer, ensuring the model cannot ignore the signal; this is the preferred method for critical flow control.
- Claude Code documentation specifies that the `cat` command always exits with code 0, necessitating exit code 2 for forced interruption in stop hooks.
- A Claude Code team member (Thariq) requested users experiencing this issue to submit a ‘stop hook not firing’ report via the /feedback command, confirming the bug is acknowledged.
- Changes to the stop hook schema are suspected; one user observed Opus 4.7 ignoring hook responses while Claude 4.6 responded appropriately, suggesting a potential schema alteration.
Evidence
- "Claude Code team member Thariq confirmed awareness of the issue and requested bug reports via the /feedback command. A developer’s deep testing revealed Claude 4.6’s sensitivity to hooks contrasted with Opus 4.7’s complete disregard, potentially due to a schema change. Analysis suggests ignoring instructions in the tool result context is an intentional, trained behavior for prompt injection defense, though the side effect is undesirable. Some users reported overall reduced response quality in Claude 4.7 and considered migrating to Claude 5.5, with one criticizing the current hook/skill system as a temporary fix."
How to Apply
- "To reliably interrupt execution in Claude Code’s stop hook, use exit code 2 instead of the stdout JSON method. If implementing hooks as requests to the model, supplement with explicit instructions in the system prompt to trust those specific hook directives. Report malfunctioning stop hooks via the /feedback command with the message ‘stop hook not firing’. For automated tasks like test execution or file validation, execute commands directly within the hook script rather than requesting the model to perform them, ensuring deterministic execution."
Terminology
Related Papers
Show HN: ctx – Search the coding agent history already on your machine
Claude Code, Cursor, Codex 등 코딩 에이전트가 이전 세션의 논의·결정·실패 시도를 잊지 않도록 SQLite로 인덱싱해 재사용할 수 있게 해주는 오픈소스 CLI 도구다.
Micro-Agent: Beat Frontier Models with Collaboration Inside Model API
vLLM 팀이 단일 모델 API 호출 뒤에서 여러 모델이 협업하는 'Micro-Agent' 개념을 공개했습니다. 별도의 에이전트 코드 없이 라우터 레이어에서 모델 조합을 실행해 GPT-4급 결과를 더 저렴하게 낼 수 있다는 아이디어입니다.
Ornith-1.0: self-improving open-source models for agentic coding
Gemma 4와 Qwen 3.5를 기반으로 파인튜닝한 코딩 특화 오픈소스 모델로, RL(강화학습)을 통해 스캐폴드(에이전트 실행 구조)까지 함께 최적화하는 방식을 주장하지만, 커뮤니티에서는 벤치마크 과최적화에 불과하다는 의심을 받고 있다.
Entity Binding Failures in Tool-Augmented Agents
AI 에이전트가 올바른 도구를 선택해도 잘못된 대상에 실행하는 'Entity Binding 실패' 문제를 정의하고, 이를 막는 실행 정책을 평가한 논문.
Herdr: Agent multiplexer that lives in your terminal
여러 AI 코딩 에이전트(Claude, Codex 등)를 하나의 터미널에서 동시에 실행·관리할 수 있는 Rust 기반 오픈소스 툴로, tmux처럼 세션이 유지되고 SSH로 원격 접속도 가능해 멀티 에이전트 워크플로우를 크게 단순화해준다.
Ornith-1.0: Self-scaffolding LLMs for agentic coding
모델이 문제 풀이 전략(scaffold)을 직접 생성하고 개선하는 자기강화 학습 프레임워크를 적용한 오픈소스 코딩 특화 LLM으로, 9B 소형 모델부터 397B 대형 모델까지 라인업을 갖추고 SWE-Bench 등 주요 벤치마크에서 Claude Opus 4.7을 능가하는 성능을 보여줬다.