Claude Code hooks and AI agent governance: what teams are missing

TL;DR: Claude Code agents can already read files, run commands, and chain tool calls, but local hooks alone leave no central audit trail or enforceable policy layer, according to Cerbos. The real governance gap is assumption collapse: access review and IAM controls were built for stable identities, not per-tool decisions made at runtime by agentic workflows.

NHIMG editorial — based on content published by Cerbos: Claude Code hooks, policy enforcement, and AI agent governance

By the numbers:

• Only 13% of organisations feel extremely prepared for the reality of agentic AI despite the majority racing toward autonomous adoption.
• Systems with least-privileged AI access had a 17% incident rate vs 76% for over-privileged systems.

Questions worth separating out

Q: How should security teams govern AI agent tool calls in development environments?

A: Treat each tool call as an authorisation event, not a generic automation step.

Q: What breaks when Claude Code hooks are left as local developer settings?

A: Governance becomes optional and uneven.

Q: How do you know if AI agent access controls are actually working?

A: Look for complete decision logs, central policy distribution, and consistent enforcement across every managed device.

Practitioner guidance

• Map agent tool calls to policy decisions Classify every Claude Code action that can read, write, or execute as an authorisation request with a principal, resource, and action.
• Enforce hooks through managed settings Push hook configuration through MDM or managed config so developers cannot remove or bypass the policy check locally.
• Start with an observe-only rollout Collect allow, deny, and no-match telemetry before writing enforcement rules.

What's in the full article

Cerbos's full article covers the operational detail this post intentionally leaves for the source:

• The exact Synapse hook configuration and route extension setup for Claude Code.
• Step-by-step examples of managed settings delivered through Jamf, Intune, or managed config files.
• Policy examples for file-path denial, role-based tool access, and command-level guardrails.
• The observe-then-enforce rollout pattern with audit logging and policy distribution through Hub.

👉 Read Cerbos's analysis of Claude Code hook enforcement and AI agent governance →

Claude Code hooks and AI agent governance: what teams are missing?

Explore further

View Full Forum →  |  NHI Foundation Course →