Connect Claude Code to AgentKeeper
Add security hooks to your local Claude Code in under 3 minutes. Every prompt and tool call — Bash commands, file reads, writes, and web fetches — is evaluated against threat detection patterns before execution. All prompts are logged to the threat feed for full audit visibility.
What you get
- ✓Prompt scanning — UserPromptSubmit hook scans every prompt for jailbreak, injection, and social engineering attempts before Claude processes it
- ✓PreToolUse blocking — dangerous Bash commands, file writes, and web fetches blocked before execution
- ✓Prompt injection detection — scans file reads and web fetch output for hidden instructions targeting Claude
- ✓Sensitive file monitoring — alerts when Claude reads .env, SSH keys, AWS credentials, and 13 other secret paths
- ✓Session tracking & prompt logging — active sessions, tracked projects, all prompts logged to the threat feed, and full audit trail in your dashboard
- ✓Zero false positives on normal development — npm, git, file edits all pass through cleanly
Two ways to connect
Plugin (individual)
Install from the Claude Code plugin marketplace. Works instantly with no account. Best for individual developers.
Push-hooks (teams)
Commit hooks to git so every developer who pulls is covered automatically. Best for security teams.
Option A: Plugin Marketplace (Recommended)
Add RAD Security's Claude Code marketplace
In Claude Code, run:
/plugin marketplace add rad-security/claude-code-plugin
This adds the AgentKeeper plugin catalog to your Claude Code instance.
Install AgentKeeper
/plugin install agentkeeper
Claude Code installs the plugin package. Reload the plugin registry next so the AgentKeeper slash commands are available immediately.
/agentkeeper:audit, /agentkeeper:secrets, /agentkeeper:inspect, and 6 more security skills.Reload plugin commands
/reload-plugins
This refreshes Claude Code's command registry so/agentkeeper:connect is available in the current session.
Connect your dashboard
For dashboard visibility, run:
/agentkeeper:connect
This opens your browser so you can approve the device. No dashboard API key needs to be pasted into Claude Code.
Restart Claude Code
Quit Claude Code and reopen it after device approval. The connect command writes HTTP hooks to settings.json, and hooks only load at startup.
Option B: Push-Hooks (Teams)
Sign up and create a project hook key
Sign up at AgentKeeper signup, then go to Settings and create a project hook key. Copy it — you'll need it in step 3.
Install the AgentKeeper CLI
curl -fsSL https://www.agentkeeper.dev/install-hooks.sh | bash
This installs the agentkeeper CLI to ~/.local/bin. Run agentkeeper --version to verify.
Initialize push-hooks
For project-level setup (recommended for teams):
agentkeeper claude-code init
Or for global setup (covers all your projects):
agentkeeper claude-code init --global
Paste your project hook key when prompted. This writes security hooks to .claude/settings.json.
.claude/settings.jsonto git. Every developer who pulls gets AgentKeeper hooks automatically — zero setup on their end.Verify it works
Open Claude Code and run any command. You should see your workstation appear in the dashboard under the Claude Code tab within seconds.
Try a safe test: ask Claude Code to run ls. It should pass through cleanly. Normal development commands are never blocked.
Explore the dashboard
Your workstation now reports to AgentKeeper. From the dashboard you can see:
- Fleet Compliance— sandbox status across your Claude Code fleet
- Threat Feed— all prompts and tool calls logged in real-time, with blocked and warned events highlighted
- Threats Blocked— real-time count of dangerous prompts and tool calls caught by the shield
- Detection Patterns— which threat categories are most common in your org
- Audit Trail— full history of every prompt and tool execution on the host detail page