Open-source trust scoring hook for Claude Code monitors sessions, blocks protected paths

What this tool does

A developer has released an open-source trust scoring hook for Claude Code that provides visibility into AI agent sessions by scoring them across three dimensions and implementing security controls.

Key features from the source

The hook scores every Claude Code session on three specific dimensions:

• Reliability: Tool success rate
• Scope: Whether Claude Code stayed within allowed tools and paths
• Cost: Number of tool calls relative to task complexity

At the end of each session, you get output like:

[authe.me] Trust Score: 92 (reliability=100 | scope=75 | cost=100)
[authe.me] tools=14 violations=1 failed=0

Security and implementation details

The tool includes several security features:

• Blocks access to protected paths like .env and secret keys via PreToolUse hooks
• Hash-chains every event for tamper detection
• Configure tool allowlist and protected paths in ~/.authe/config.json

The implementation is a single Python file with zero dependencies, free and open source. The developer used Claude to architect the hook system, including figuring out which events to listen to, how to pass state between PostToolUse and Stop events, writing the scoring logic and hash chaining, and iterating on the PreToolUse blocking behavior.

Development and testing

The developer tested edge cases with Claude, including .env access and tool failure detection. The repository is available at https://github.com/autheme/claude-code-hook.

Who it's for

Developers running Claude Code in production who need visibility into agent behavior and security controls.