Post

Off the Hook: Agents That Validate Themselves

Posted
By Aman Kumar
5 min read
Off the Hook: Agents That Validate Themselves

The paradigm of agentic engineering is shifting, from “vibe-coding” to deterministic system design. The recent release of specialized hooks in Claude Code enables a critical capability: specialized self-validation.

The Hook Mechanism

Claude Code permits the embedding of lifecycle hooks directly within prompts, sub-agents, and custom slash commands. These hooks act as the gatekeepers of agentic output, letting you intercept execution at precise moments in the agent’s lifecycle.

There are three hook types, each with a distinct role:

Post-Tool Use Hooks - triggered immediately after an agent executes a command. Ideal for validating file modifications or data entry in real-time.

Stop Hooks - executed when the agent finishes its task. Used for global validation: running linters, formatters, or integrity checks across an entire directory.

Pre-Tool Use Hooks - run prior to tool invocation to enforce safety constraints or verify context requirements are met.

Hooks are registered in your project’s .claude/settings.json:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

{
  "hooks": {
    "PostToolUse": [
      {
        "matcher": "Write",
        "hooks": [
          {
            "type": "command",
            "command": "node scripts/validate_output.js \"$CLAUDE_TOOL_RESULT_FILE_PATH\""
          }
        ]
      }
    ],
    "Stop": [
      {
        "hooks": [
          {
            "type": "command",
            "command": "eslint src/ --max-warnings 0"
          }
        ]
      }
    ]
  }
}

The hook receives the tool’s output via environment variables, giving your validation script full context on what the agent just did.

From “Vibe Coding” to Engineering

Relying solely on a model’s internal reasoning is insufficient for high-stakes engineering. A model can be confident and wrong. Self-validation introduces a deterministic layer into the workflow that does not depend on the model’s judgment.

Focused Specialization

A specialized agent with a single purpose and a dedicated validator will consistently outperform a general-purpose agent. Instead of one agent that writes, validates, formats, and summarizes; compose discrete agents, each with a narrow responsibility.

1
2
3
4
5
6
7
8
9
10
11

# sub-agent definition: json-processor
system_prompt: |
  You are a data ingestion agent. Your only task is to transform
  raw transaction records into the canonical JSON schema defined in
  schema/transactions.schema.json. Write the output to data/out/.
  Do not summarize. Do not explain. Only produce valid JSON.

hooks:
  PostToolUse:
    - matcher: "Write"
      command: "node scripts/validate_json.js $CLAUDE_TOOL_RESULT_FILE_PATH"

Narrow scope + explicit schema + immediate validation = predictable output.

The Closed-Loop Prompt

When a hook identifies an error (a malformed JSON payload, a missing required field, a type mismatch), it feeds the specific failure back to the agent. The agent performs an immediate correction and re-validates. This creates a self-healing loop that requires no human intervention for well-defined failure modes.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

// scripts/validate_json.js
const fs = require("fs");

const REQUIRED_FIELDS = { id: "string", amount: "number", currency: "string", timestamp: "string" };

function validate(filePath) {
  let raw;
  try {
    raw = fs.readFileSync(filePath, "utf8");
  } catch (e) {
    process.stderr.write(`VALIDATION FAILED: could not read file: ${e.message}\n`);
    process.exit(1);
  }

  let data;
  try {
    data = JSON.parse(raw);
  } catch (e) {
    // Non-zero exit signals the hook to surface the error to the agent
    process.stderr.write(`VALIDATION FAILED: invalid JSON — ${e.message}\n`);
    process.exit(1);
  }

  const records = Array.isArray(data) ? data : [data];

  for (const [i, record] of records.entries()) {
    for (const [field, expectedType] of Object.entries(REQUIRED_FIELDS)) {
      if (!(field in record)) {
        process.stderr.write(`VALIDATION FAILED: record[${i}] missing required field "${field}"\n`);
        process.exit(1);
      }
      if (typeof record[field] !== expectedType) {
        process.stderr.write(
          `VALIDATION FAILED: record[${i}].${field} expected ${expectedType}, got ${typeof record[field]}\n`
        );
        process.exit(1);
      }
    }
  }

  process.stdout.write(`VALIDATION PASSED: ${records.length} record(s) OK\n`);
  process.exit(0);
}

validate(process.argv[2]);

A non-zero exit code from any hook causes Claude Code to surface the stderr output directly back to the agent as an error, triggering re-attempt. No scaffolding required.

Trust through Proof

Validation scripts produce logged evidence that output meets a defined standard. Instead of asking a senior engineer to review every generated file, they review the validator once, and then trust the log.

1
2
3
4
5
6
7

# stop hook: generate a validation report for the session
#!/bin/bash
echo "=== Session Validation Report ===" > reports/validation.log
echo "Timestamp: $(date -u +%Y-%m-%dT%H:%M:%SZ)" >> reports/validation.log
echo "Files written: $(git diff --name-only | wc -l)" >> reports/validation.log
echo "Lint status:" >> reports/validation.log
eslint src/ --format compact 2>&1 | tail -5 >> reports/validation.log

The artifact becomes the audit trail.

Strategic Implementation: The “Core Four”

Success in this environment requires deliberate control of four variables: Context, Model, Prompt, and Tools. Hooks extend the fourth dimension: they are the deterministic tool layer that wraps every other tool the agent uses.

By instrumenting tool use with hooks, the engineer’s role evolves from writing application code to designing the agentic infrastructure that manages the codebase. The code becomes a second-order concern.

Practical Application: Parallelized Pipelines

Hooks compose cleanly with sub-agents, enabling parallelization of complex tasks without sacrificing correctness. In a financial processing pipeline, individual sub-agents can operate on separate files simultaneously. Each sub-agent runs its own PostToolUse hook to validate data integrity before the result is merged downstream.

1
2
3
4
5
6
7
8

Pipeline Orchestrator
├── sub-agent: process transactions_jan.json  →  validate_json.js  ✓
├── sub-agent: process transactions_feb.json  →  validate_json.js  ✓
└── sub-agent: process transactions_mar.json  →  validate_json.js  ✗ (retrying)
                                                       ↑
                                                 error fed back
                                                 to agent: record[12].amount
                                                 expected number, got string

Scale does not come at the cost of accuracy when validation is colocated with execution.

Conclusion

The future of engineering lies in building the ring around the codebase: the agents that run the application, not just the application itself.

Simple automation breaks under entropy. Specialized, self-validating systems do not. The goal is what I’d call model obsolescence through user self-sufficiency: building systems so reliable they no longer require constant intervention. The model becomes infrastructure. The engineer becomes the architect of the loop.

Hooks are not a convenience feature. They are the foundation of that architecture.

Technology
ai claude-code hooks agentic-workflow
This post is licensed under CC BY 4.0 by the author.