hoop.dev

What is hoop.dev | Data Security in Transit?

Hoop.dev (at hoop.dev/claudecode) is a gateway that sits between Claude Code and your infrastructure. Its core purpose is to protect internal systems when an AI agent issues database queries or commands, by applying protocol-level controls before anything reaches your environment.

Hoop.dev intercepts Claude Code traffic to mask sensitive data, block destructive operations, review risky actions, and record an auditable trail of every command and response.

Key Features

• Zero-config data masking (PII/PCI/PHI): Sensitive fields such as names, emails, SSNs, and card numbers are redacted at the protocol layer so Claude Code never sees raw values.
• Destructive command blocking: Dangerous operations (for example DROP TABLE, rm -rf, and DELETE without a WHERE clause) are detected and terminated before execution, with zero rows affected.
• Command-level review with human approval: Schema changes, production writes, and risky operations are routed for human review via Slack, where approvers can approve or reject before the action proceeds.
• Full audit trail and session recording: Hoop records every command Claude Code executes, every response it receives, and every approval or rejection with full context so sessions are replayable.
• Controlled access through the gateway (no credentials in the model): Claude Code connects to internal systems through Hoop rather than directly, with access controlled at the protocol layer.

How to Use hoop.dev

1. Connect Claude Code to the Hoop gateway: Configure Claude Code to use the Hoop gateway instead of connecting directly to your infrastructure (the page describes this as done via a single environment variable and no code changes).
2. Set or enforce policies in Hoop: Enable controls such as masking sensitive data, blocking destructive commands, and routing risky operations for human review. The policies apply instantly.
3. Run Claude Code against your systems: As Claude Code issues queries or commands, Hoop intercepts them to enforce masking, blocking, and approvals as required.

Use Cases

• Limit data exposure during database querying: When Claude Code runs SQL like SELECT against tables that contain personal or payment data, Hoop redacts sensitive values in the protocol context so the model receives placeholders rather than raw data.
• Prevent accidental or unsafe destructive actions: If Claude Code attempts an operation such as dropping a production table or issuing a destructive command, Hoop blocks the operation deterministically and logs the incident.
• Require review for schema changes or production writes: For tasks like adding schema elements (e.g., adding a column) or updating production records, Hoop routes the action for Slack-based approval and only executes after approval.
• Support operational incident handling with auditability: Teams can review “last actions,” approvals/rejections, and logged command context to understand what the agent attempted and what happened.
• Use internal systems without direct model access: Instead of granting Claude Code direct connectivity and credentials to infrastructure, teams route calls through Hoop so access is mediated by protocol-level controls.

FAQ

• Does Hoop mask sensitive values automatically? Yes. The page states that PII, PCI, and PHI are redacted automatically at the protocol layer, with no schema configuration or regex rules.

• How does Hoop handle risky database operations? Dangerous operations are intercepted and terminated before execution, while schema changes and risky operations are routed for human approval before they are executed.

• Where do approvals happen? The page describes routing approvals for risky operations to Slack, where actions can be approved or rejected.

• Is there an audit log of what the model did? Yes. Hoop records every command, every response, and every approval or rejection, and the page describes this as full session recording and replayable evidence.

• Does Claude Code need to be modified to use Hoop? The page indicates that you can connect Claude Code to the Hoop gateway using a single environment variable with no code changes to Claude Code or your infrastructure.

Alternatives

• Database permission scoping (least privilege) without a gateway: You can reduce risk by restricting database roles and disallowing destructive statements. This changes permissions but does not provide protocol-level masking, command blocking, and the same command/response audit trail described here.
• In-app or middleware query filtering: Some teams place custom middleware in front of database connections to scan queries and enforce rules. Compared with hoop.dev, this may require more configuration and may not provide the same end-to-end session logging and protocol-layer masking.
• Agent/tooling frameworks with guardrails: Frameworks that wrap model tools can implement approval steps and safety checks. These are often focused on the agent runtime rather than acting as a gateway between Claude Code and infrastructure with protocol-layer controls.
• Manual human-in-the-loop execution workflows: For critical operations, teams can require human-only SQL execution or ticket-based approvals. This reduces automation but adds latency and avoids the “intercept/terminate before execution” behavior described for hoop.dev.