PreToolUse hook input JSON currently contains hook_event_name, tool_name, tool_input, cwd, and session_id. There's no field indicating whether the tool call originates from the main agent or a subagent.
This matters for hook handlers that want to provide different guidance depending on context. For example, when denying a Bash call and redirecting to an MCP resource, the main agent can read the resource directly via ReadMcpResourceTool, but subagents must use a resource-read tool wrapper since they don't have access to MCP resources.
Currently we include both instructions in every denial message, which is noisy. A field like agent_type or is_subagent in the hook input would allow targeted messages.
PreToolUse hook input JSON currently contains
hook_event_name,tool_name,tool_input,cwd, andsession_id. There's no field indicating whether the tool call originates from the main agent or a subagent.This matters for hook handlers that want to provide different guidance depending on context. For example, when denying a Bash call and redirecting to an MCP resource, the main agent can read the resource directly via
ReadMcpResourceTool, but subagents must use aresource-readtool wrapper since they don't have access to MCP resources.Currently we include both instructions in every denial message, which is noisy. A field like
agent_typeoris_subagentin the hook input would allow targeted messages.