Govern Claude Code, Cursor, Codex CLI, Gemini CLI

Surfaces used: coding assistant hooks Modes supported: Local Hosted Hybrid Tiers: Free (individual) Teams (org-wide enrollment)

What you'll do

Put a policy guardrail in front of every shell command, file write, and API call your AI coding assistant wants to make. The assistant keeps working the way your developers expect; dangerous actions get blocked before they execute, and every decision lands in an audit trail.

Why this is the right path for you

If your developers use Claude Code, Cursor, Codex CLI, or Gemini CLI and you want to stop rm -rf, secret exfiltration, or production database writes, this is for you.
If you are one developer wanting to protect yourself, use Local mode -- no signup, no account.
If you are a Teams admin wanting the same policy across every laptop, enroll devices and deploy a signed policy bundle.
If you are building your own AI app in Python or Node, see Govern an AI app I'm building in Python or Node.js instead.
If you want Claude itself to manage policy state via tool calls, see the MCP server.

When NOT to use this approach

caution

Coding hooks govern the assistant's local tool use. They do not govern:

API calls your agents make in production -> use the gateway.
Chat traffic in browser UIs like claude.ai or ChatGPT -> use the browser extension.
Code an agent is about to commit -> pair hooks with a CI policy scanner.

5-minute setup

Single developer (Local mode)

No signup. No account. Everything stays on your laptop.

pip install control-zero
controlzero install claude-code

Expected output:

[Control Zero] Installed hook for Claude Code at ~/.config/claude-code/hooks/
[Control Zero] Default policy loaded from ~/.controlzero/policy.yaml
[Control Zero] Audit log: ~/.controlzero/audit.log

Open Claude Code and try a blocked action:

> run rm -rf /
[Control Zero] Denied: destructive_shell_command matched rule "block_rm_rf"

Teams (org-wide enrollment)

From an admin laptop already signed into Control Zero:

controlzero install claude-code --api-key cz_live_xxxxxxxxxxxx

Or distribute via your MDM with CONTROLZERO_API_KEY pre-set in the environment. The hook pulls a signed policy bundle on startup and keeps it current.

Verifying it's working

Tail the audit log:
```
tail -f ~/.controlzero/audit.log
```
In your coding assistant, ask it to run any shell command. You should see a JSON entry land with decision: allow or decision: deny, the tool name, arguments (redacted where DLP triggered), and policy rule that matched.
If you enrolled the device, open the dashboard -> Audit and confirm events flowing in.

Common follow-ups

"I want custom rules for my repo" -> Visual policy builder
"I want to block secrets in prompts" -> DLP coverage
"How do I scale this to my whole team?" -> Device enrollment
"I want CI to also scan for policy violations" -> CI policy scanner
"I want to notify Slack on denies" -> Alert channels

Reference

Surface page: Coding assistant hooks
Concepts: Policies, Projects
API: API reference

What you'll do​

Why this is the right path for you​

When NOT to use this approach​

5-minute setup​

Single developer (Local mode)​

Teams (org-wide enrollment)​

Verifying it's working​

Common follow-ups​

Reference​