#skip-bb

<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Add a Python permission hook that restricts python/python3 to scripts
inside the .claude directory. Blocks unsafe modes and command injection
to reduce risk.

- **New Features**
- Enforces: allow scripts under .claude; deny scripts outside; deny -m,
-c, and interactive; passthrough for non-python and --version/--help.
- Robust parsing of env-var prefixes, flags, quoted/unquoted paths,
relative/absolute paths, and symlinks; supports CLAUDE_PROJECT_DIR.
- Registered the hook in PreToolUse and expanded allowed tools in
settings (Bash(chmod:*), Bash(python3:*)). Added tests for allowed,
blocked, passthrough, and security-bypass commands.

<sup>Written for commit 798d1abf04cdedc5395603ce4e32b2b943be8941.
Summary will update on new commits.</sup>

<!-- End of auto-generated description by cubic. -->

---------
Co-authored-by: Claude <noreply@anthropic.com>