PreToolUse hook blocking causes API 400 concurrency errors #85
Description
The security-guidance plugin's PreToolUse hook uses sys.exit(2) to block tool execution when security patterns are detected. This causes API Error: 400 due to tool use concurrency issues when Claude makes parallel tool calls (Edit/Write/MultiEdit).
Root Cause:
When multiple tools are called in parallel and one gets blocked mid-request by exit code 2, the API request state becomes inconsistent, triggering a 400 error.
File: hooks/security_reminder_hook.py line 273
Current code:
print(reminder, file=sys.stderr)
sys.exit(2) # Block tool execution
Suggested fix:
print(reminder, file=sys.stderr)
sys.exit(0) # Allow execution, warning still shown via stderr
This preserves the security warning functionality while avoiding the concurrency issue.
Reproduction: Enable the plugin and edit files containing patterns like eval(, .innerHTML =, or GitHub workflow files while Claude is making parallel tool calls.