1.5 · D124 questions · 5 free

Agent SDK hooks & tool-call interception

Apply Agent SDK hooks for tool call interception and data normalization.

This subtopic (1.5) sits in Agentic Architecture & Orchestration (D1) on Anthropic's Claude Certified Architect — Foundations (CCA-F) exam. The bank holds 24 practice questions here — 5 easy, 11 medium, and 8 hard — with 5 free to try, answers and explanations included. 3 of the free questions are below; the rest are in the practice stream.

What the exam tests here

  • PostToolUse for data normalization — heterogeneous formats from different MCP tools
  • hooks for deterministic guarantees vs prompt instructions for probabilistic compliance
  • PostToolUse hooks — intercept tool results before model processes them
  • PreToolUse hooks — intercept outgoing tool calls to enforce compliance rules
Practice this subtopic — 5 freeFree questions with answers ↓

Free practice questions: Agent SDK hooks & tool-call interception

Question 1 of 3 · free · hard

Audit logs show your support agent occasionally calls process_refund for amounts above $500 without first invoking escalate_to_human, violating a hard policy. The agent's system prompt already states the rule. Which change most reliably prevents the violation going forward?

Show answer & explanation

Correct answer: A. Register a PreToolUse hook matched to process_refund that returns permissionDecision 'deny' when the amount exceeds $500 and no escalation occurred.

A PreToolUse hook runs before the tool executes and can inspect tool_input to deny calls deterministically, giving a hard guarantee the prompt cannot. 'Strengthen the system prompt' remains probabilistic LLM compliance, the original failure mode. 'Register a PostToolUse hook' fires after the refund already happened, so reversal is remediation not prevention. 'Add process_refund to disallowed_tools' is a static allowlist; it cannot read the amount argument.

Question 2 of 3 · free · medium

Your support agent calls get_customer and receives a 200-field JSON blob. You want to strip all fields except customer_id, account_status, and tier before the model reasons over the result. Which hook achieves this without changing the tool itself?

Show answer & explanation

Correct answer: A. A PostToolUse hook on get_customer that returns a block decision with a slimmed-down feedback string.

PostToolUse fires after the tool completes and receives tool_response; returning a block decision with a feedback string lets you inject a slimmed result for Claude to reason over. 'PreToolUse hook' fires before execution and cannot modify the tool's response. 'UserPromptSubmit hook' fires before any tool call, not after get_customer returns. 'canUseTool callback' controls permission decisions, not result content.

Question 3 of 3 · free · medium

The coordinator agent must block any web search subagent tool call whose query contains a restricted keyword before execution. Which PreToolUse hook output field enforces this at the SDK level?

Show answer & explanation

Correct answer: C. Return permissionDecision: "deny" with a permissionDecisionReason explaining the blocked keyword.

PreToolUse permissionDecision: "deny" is the only decision that hard-blocks tool execution before it runs. additionalContext is advisory, ask defers to the user rather than blocking, and updatedInput modifies input but does not prevent execution.

2 more free questions on this subtopic in the practice stream, plus 19 in the full bank. Keep practicing →

Related reading (Anthropic docs)