Developers relying solely on PreToolUse hooks to protect secrets or restrict Claude Code agents should audit their threat model immediately — hooks only cover anticipated tool-call vectors, and a defense-in-depth approach with container isolation and secret brokers is required for meaningful containment.