These 3 hooks auto-approve safe operations while keeping guardrails on dangerous ones. The result: ~60% fewer permission prompts without sacrificing safety.
Note: These work alongside safety hooks, not instead of them. Install npx cc-safe-setup first for baseline protection, then add these for speed.
What it does: Automatically approves read-only and low-risk git operations: git status, git log, git diff, git branch, git stash, and compound commands like cd project && git status.
What it blocks: Still requires approval for git push, git reset, git clean, and anything that modifies remote state.
#!/bin/bash
# auto-approve-safe-git.sh
# Trigger: PreToolUse Matcher: Bash
INPUT=$(cat)
CMD=$(echo "$INPUT" | jq -r '.tool_input.command // empty')
[ -z "$CMD" ] && exit 0
# Strip safe prefixes (cd, &&) to get the core command
CORE=$(echo "$CMD" | sed 's/.*&&\s*//' | sed 's/^\s*(cd [^;]*;\s*)//')
# Auto-approve read-only git operations
if echo "$CORE" | grep -qE '^\s*git\s+(status|log|diff|show|branch|tag|stash|remote|fetch|ls-files|rev-parse)'; then
echo '{"decision":"APPROVE","reason":"Read-only git operation"}'
exit 0
fi
Impact: In a typical coding session, this eliminates 15-25 permission prompts for git operations alone.
What it does: Approves Read tool calls when the target file is inside the current project directory. Claude reads dozens of files per session — each one currently requires your approval.
What it blocks: Still requires approval for reads outside the project (system files, ~/.ssh, /etc, other projects).
#!/bin/bash
# auto-approve-project-reads.sh
# Trigger: PreToolUse Matcher: Read
INPUT=$(cat)
FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty')
[ -z "$FILE" ] && exit 0
# Get project root (git root or CWD)
PROJECT=$(git rev-parse --show-toplevel 2>/dev/null || pwd)
# Resolve to absolute path
ABS_FILE=$(realpath "$FILE" 2>/dev/null || echo "$FILE")
# Auto-approve if file is inside project
if [[ "$ABS_FILE" == "$PROJECT"* ]]; then
echo '{"decision":"APPROVE","reason":"File is inside project directory"}'
exit 0
fi
Impact: Eliminates 20-40 permission prompts per session for in-project file reads.
What it does: Approves common test runners: npm test, pytest, go test, cargo test, and similar. Tests are read-heavy, side-effect-free operations that don't need human gatekeeping.
#!/bin/bash
# auto-approve-tests.sh
# Trigger: PreToolUse Matcher: Bash
INPUT=$(cat)
CMD=$(echo "$INPUT" | jq -r '.tool_input.command // empty')
[ -z "$CMD" ] && exit 0
# Auto-approve common test runners
if echo "$CMD" | grep -qE '^\s*(npm\s+test|npx\s+(jest|vitest|mocha)|pytest|python\s+-m\s+(pytest|unittest)|go\s+test|cargo\s+test|bundle\s+exec\s+r(spec|ake)|php\s+artisan\s+test|dotnet\s+test)'; then
echo '{"decision":"APPROVE","reason":"Test command — safe to run"}'
exit 0
fi
Impact: During TDD cycles, this saves 5-10 approvals per iteration. Over a session with 20 test runs, that's 100+ clicks avoided.
npx cc-safe-setup # Safety first (8 core hooks) npx cc-safe-setup --install-example auto-approve-compound-git npx cc-safe-setup --install-example auto-approve-project-reads npx cc-safe-setup --install-example auto-approve-test-runners
Or browse all 707 hook examples with npx cc-safe-setup --examples.
Speed hooks reduce friction. Token hooks reduce cost. If your Claude Code quota drains faster than expected, the issue is usually invisible: broken prompt cache, compaction loops, or subagent sprawl.
The Token Checkup (free, 30 seconds) tells you which type of waste you have. The Token Book ($17) gives you the full diagnostic framework — 46 documented symptoms with copy-paste fixes.