Inside Claude Code: Undocumented Hook Fields, YOLO Classifier, and Hidden Config

A deep read of the Claude Code npm package (version 2.1.87) surfaces a substantial set of configuration options Anthropic’s official docs never mention. The auto-mode permission system is internally called the YOLO Classifier and accepts plain-English environment descriptions to guide auto-approval decisions. Hooks, in particular, are far more powerful than documented: PreToolUse hooks can emit JSON on stdout with fields like updatedInput to rewrite tool invocations mid-flight, permissionDecision to bypass user prompts, and additionalContext to inject conversation context. SessionStart and PostToolUse events expose their own undocumented fields including watchPaths for automatic file watching and updatedMCPToolOutput for filtering MCP responses.

Three extra hook-config flags also work but aren’t documented: once for self-removing first-run setup, async for non-blocking fire-and-forget jobs, and asyncRewake, which runs in the background but can wake the model and block the operation if it exits with code 2. The author demonstrates practical uses including silently appending —dry-run to git push commands, auto-approving safe read-only bash, logging every command to an audit JSONL, and scanning written files for hardcoded secrets. Skill frontmatter likewise accepts six additional fields beyond the documented set, including a model override so individual skills can be pinned to Haiku or Opus based on cost and complexity.

The practical takeaway: Claude Code’s real surface area is significantly larger than its docs suggest, and the source ships openly in node_modules for anyone willing to read it. Because these capabilities are undocumented and some are flagged EXPERIMENTAL by Anthropic engineers, they can shift between releases, so teams adopting them should pin versions and treat the behavior as a moving target rather than a stable contract.