Skip to main content

Crate clash

Crate clash 

Source
Expand description

Clash library — permission enforcement for Claude Code.

This crate provides the core building blocks for evaluating tool permissions, enforcing sandbox policies, and integrating with Claude Code’s hook system.

§Modules

  • hooks — Input/output types for the Claude Code hook protocol.
  • permissions — Policy-based permission evaluation for tool invocations.
  • policy — Policy YAML language, compilation, and evaluation engine.
  • handlers — Pre-built hook handlers that wire permissions, notifications, and session validation together.
  • settings — Loading and resolving clash configuration and policy files.
  • sandbox — Platform-specific (Linux/macOS) sandbox enforcement backends.
  • audit — Structured audit logging of policy decisions.
  • notifications — Desktop notifications and Zulip integration.

§Example

use clash::hooks::ToolUseHookInput;
use clash::permissions::check_permission;
use clash::settings::ClashSettings;

let settings = ClashSettings::load_or_create().unwrap();
let input = ToolUseHookInput::from_reader(std::io::stdin().lock()).unwrap();
let output = check_permission(&input, &settings).unwrap();
output.write_stdout().unwrap();

Modules§

audit
Structured audit logging for policy decisions.
cli
cmd
debug
Debug tools for understanding and inspecting clash policy enforcement.
errors
User-facing error display.
git
Git worktree detection.
handlers
Pre-built hook handlers for Claude Code integration.
hooks
network_hints
Detect network errors in sandboxed Bash output and provide actionable hints.
notifications
permissions
policy
Capability-based policy language with s-expression syntax.
sandbox
Sandbox enforcement backends.
sandbox_cmd
schema
Self-describing schema for the policy format.
session_policy
Detect permission acceptances and suggest session-level policy rules.
settings
shell
Transactional policy editor — line-oriented protocol for pipe/interactive use.
shell_complete
Tab-completion, prompt, and hinting for the interactive policy shell.
style
TTY-aware color and styling helpers for human-friendly CLI output.
tracing_init
wizard
Human-readable rule descriptions.