Connect Claude Code to Agent Keeper
Add security hooks to your local Claude Code in under 3 minutes. Every prompt and tool call — Bash commands, file reads, writes, and web fetches — is evaluated against threat detection patterns before execution. All prompts are logged to the threat feed for full audit visibility.
What you get
- ✓Prompt scanning — UserPromptSubmit hook scans every prompt for jailbreak, injection, and social engineering attempts before Claude processes it
- ✓PreToolUse blocking — dangerous Bash commands, file writes, and web fetches blocked before execution
- ✓Prompt injection detection — scans file reads and web fetch output for hidden instructions targeting Claude
- ✓Sensitive file monitoring — alerts when Claude reads .env, SSH keys, AWS credentials, and 13 other secret paths
- ✓Session tracking & prompt logging — active sessions, tracked projects, all prompts logged to the threat feed, and full audit trail in your dashboard
- ✓Zero false positives on normal development — npm, git, file edits all pass through cleanly
Two ways to connect
Plugin (individual)
Install from the Claude Code plugin marketplace. Works instantly with no account. Best for individual developers.
Push-hooks (teams)
Commit hooks to git so every developer who pulls is covered automatically. Best for security teams.
Option A: Plugin Marketplace (Recommended)
Add the Agent Keeper marketplace
In Claude Code, run:
/plugin marketplace add agentkeeper/security
This adds the Agent Keeper plugin catalog to your Claude Code instance.
Install Agent Keeper
/plugin install agentkeeper
Claude Code registers 4 security hooks, threat detection patterns, and 9 slash commands. Hooks are written to ~/.claude/settings.json but only activate after Claude Code restarts.
/agentkeeper:audit, /agentkeeper:secrets, /agentkeeper:inspect, and 6 more security skills.Restart Claude Code
Quit Claude Code and reopen it so hooks load at startup. Without a restart, the plugin's hooks sit in settings.json but do not fire, and your dashboard stays empty.
Connect your dashboard (optional)
For dashboard visibility, run:
/agentkeeper:connect
Sign up at Agent Keeper signup (free), create an API key in Settings, and paste it when prompted.
Option B: Push-Hooks (Teams)
Sign up and create a project hook key
Sign up at Agent Keeper signup, then go to Settings and create a project hook key. Copy it — you'll need it in step 3.
Install the Agent Keeper CLI
curl -fsSL https://YOUR_AGENTKEEPER_URL/install-hooks.sh | bash
This installs the agentkeeper CLI to ~/.local/bin. Run agentkeeper --version to verify.
Initialize push-hooks
For project-level setup (recommended for teams):
agentkeeper claude-code init
Or for global setup (covers all your projects):
agentkeeper claude-code init --global
Paste your project hook key when prompted. This writes security hooks to .claude/settings.json.
.claude/settings.jsonto git. Every developer who pulls gets Agent Keeper hooks automatically — zero setup on their end.Verify it works
Open Claude Code and run any command. You should see your workstation appear in the dashboard under the Claude Code tab within seconds.
Try a safe test: ask Claude Code to run ls. It should pass through cleanly. Normal development commands are never blocked.
Explore the dashboard
Your workstation now reports to Agent Keeper. From the dashboard you can see:
- Fleet Compliance— sandbox status across your Claude Code fleet
- Threat Feed— all prompts and tool calls logged in real-time, with blocked and warned events highlighted
- Threats Blocked— real-time count of dangerous prompts and tool calls caught by the shield
- Detection Patterns— which threat categories are most common in your org
- Audit Trail— full history of every prompt and tool execution on the host detail page