Struct PreToolUseEvent 

pub struct PreToolUseEvent {
    pub tool_name: String,
    pub tool_input: Value,
    pub tool_use_id: String,
    pub history: Vec<Value>,
}

Event fired before a tool is executed, enabling validation, modification, or blocking.

This event provides complete visibility into the tool that’s about to be executed, allowing you to implement security policies, modify inputs, or collect telemetry before any potentially dangerous or expensive operations occur.

Use Cases

• Security gates: Block dangerous operations (file deletion, network access)
• Input validation: Ensure tool inputs meet schema or business rules
• Parameter injection: Add authentication tokens, user context, or default values
• Rate limiting: Track and limit tool usage per user/session
• Audit logging: Record who is calling what tools with what parameters

Fields

• tool_name: The name of the tool about to execute (e.g., “Bash”, “Read”, “WebFetch”)
• tool_input: The parameters that will be passed to the tool (as JSON)
• tool_use_id: Unique identifier for this specific tool invocation
• history: Read-only snapshot of the conversation history up to this point

Example: Security Gate

use open_agent::{PreToolUseEvent, HookDecision};
use serde_json::json;

async fn security_gate(event: PreToolUseEvent) -> Option<HookDecision> {
    // Block all Bash commands containing 'rm -rf'
    if event.tool_name == "Bash" {
        if let Some(command) = event.tool_input.get("command") {
            if command.as_str()?.contains("rm -rf") {
                return Some(HookDecision::block(
                    "Dangerous command blocked for safety"
                ));
            }
        }
    }
    None // Allow other tools
}

Example: Parameter Injection

use open_agent::{PreToolUseEvent, HookDecision};
use serde_json::json;

async fn inject_auth(event: PreToolUseEvent) -> Option<HookDecision> {
    // Add authentication header to all API calls
    if event.tool_name == "WebFetch" {
        let mut modified = event.tool_input.clone();
        modified["headers"] = json!({
            "Authorization": "Bearer secret-token"
        });
        return Some(HookDecision::modify_input(
            modified,
            "Injected auth token"
        ));
    }
    None
}

Fields

tool_name: String

Name of the tool about to be executed (e.g., “Bash”, “Read”, “Edit”)

tool_input: Value

Input parameters for the tool as a JSON value

tool_use_id: String

Unique identifier for this tool use (for correlation with PostToolUseEvent)

history: Vec<Value>

Snapshot of conversation history (read-only) - useful for context-aware decisions

Implementations

impl PreToolUseEvent

pub fn new( tool_name: String, tool_input: Value, tool_use_id: String, history: Vec<Value>, ) -> Self

Creates a new PreToolUseEvent.

This constructor is typically called by the agent runtime, not by user code. Users receive instances of this struct in their hook handlers.

Trait Implementations

impl Clone for PreToolUseEvent

fn clone(&self) -> PreToolUseEvent

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for PreToolUseEvent

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.