block-no-verify
v1.3.0
Published
CLI tool to block --no-verify flag in git commands. Prevents AI agents from bypassing git hooks.
Maintainers
Readme
block-no-verify
A security tool that blocks ways AI agents can bypass local git hooks. It flags the --no-verify flag, core.hooksPath overrides, and GitHub MCP tool calls that write through the GitHub API.
Powered by @polyhook/sdk — write the hook once, run it everywhere.
Why?
When using AI coding assistants like Claude Code, Cursor, Windsurf, Cline, or Amp, you might have git hooks (pre-commit, pre-push) that enforce code quality, run tests, or perform security checks. Agents can side-step those hooks in three common ways:
- passing
--no-verifyto a git command, - overriding
core.hooksPath(e.g.git -c core.hooksPath=/dev/null ...), - calling GitHub MCP tools such as
mcp__github__push_filesthat commit or merge directly through the GitHub API, skipping the local hook chain entirely.
This package provides a CLI that blocks all three, working with any AI tool that supports command / tool-use hooks.
Used By
Supported Agents
See polyhook's supported tools list.
Installation
Add as a dev dependency to ensure a consistent, pinned version:
pnpm add -D block-no-verify
# or
npm install --save-dev block-no-verifyThen use it with pnpm exec block-no-verify or npm exec block-no-verify.
Platform Integration
Claude Code
Add to your .claude/settings.json. The first matcher handles shell commands (--no-verify, core.hooksPath); the second matches any GitHub MCP tool so direct-to-API writes are also blocked:
{
"hooks": {
"PreToolUse": [
{
"matcher": "Bash",
"hooks": [
{
"type": "command",
"command": "pnpm exec block-no-verify"
}
]
},
{
"matcher": "mcp__github__.*",
"hooks": [
{
"type": "command",
"command": "pnpm exec block-no-verify"
}
]
}
]
}
}Cursor
Cursor 1.7+ supports hooks via .cursor/hooks.json. The beforeShellExecution hook runs before any shell command.
Create .cursor/hooks.json in your project root:
{
"version": 1,
"hooks": {
"beforeShellExecution": [
{
"command": "pnpm exec block-no-verify"
}
]
}
}Note: Cursor hooks are in beta. See Cursor Hooks Documentation for the latest information.
Windsurf
Add to your .windsurf/settings.json:
{
"hooks": {
"PreToolUse": [
{
"matcher": ".*",
"hooks": [
{
"type": "command",
"command": "pnpm exec block-no-verify"
}
]
}
]
}
}Gemini CLI
Add to your .gemini/settings.json:
{
"hooks": {
"BeforeTool": [
{
"matcher": "run_shell_command",
"hooks": [
{
"name": "block-no-verify",
"type": "command",
"command": "pnpm exec block-no-verify",
"timeout": 5000
}
]
}
]
}
}Note: Hooks are disabled by default in Gemini CLI. See Gemini CLI Hooks Documentation for details.
Supported Git Commands
The following git commands are monitored for --no-verify:
git commitgit pushgit mergegit cherry-pickgit rebasegit am
Blocked GitHub MCP Tools
The following GitHub MCP tools are blocked because they write through the GitHub API and therefore skip local git hooks:
mcp__github__create_or_update_filemcp__github__delete_filemcp__github__push_filesmcp__github__merge_pull_requestmcp__github__update_pull_request_branch
Read-only GitHub MCP tools (e.g. mcp__github__get_file_contents, mcp__github__list_pull_requests) are not blocked.
Behavior
| Command | Blocked? | Notes |
| ------------------------ | -------- | --------------------------------------------- |
| git commit --no-verify | Yes | |
| git commit -n | Yes | -n is shorthand for --no-verify in commit |
| git push --no-verify | Yes | |
| git push -n | No | -n means --dry-run in push |
| git merge --no-verify | Yes | |
| git merge -n | No | -n means --no-commit in merge |
| git commit -m "msg" | No | No --no-verify flag |
Contributing
See CONTRIBUTING.md for development setup and guidelines.
License
MIT
