Question 2
Domain 1A team adds the rule 'never push to main without code review' to CLAUDE.md as a single sentence. Six months later, an investigation finds the model occasionally pushes to main when running long autonomous tasks. What is the *structural* fix?
Correct answer: D
Explanation
CLAUDE.md is only advisory, so a model can ignore or rationalize around a single sentence during long autonomous runs. A PreToolUse hook is the structural control because it intercepts the action itself; pattern-matching "git push.*main" and refusing enforces the rule at execution time rather than relying on the model’s memory or judgment.
Why each option is right or wrong
A. Reword the CLAUDE.md sentence in stronger language.
Stronger wording is still prompt-level guidance, not a hard execution control.
B. Delete the CLAUDE.md rule and rely on GitHub branch protection alone.
Branch protection helps repository safety, but removes the model-side structural guardrail.
C. Switch to a more capable model.
Better models may comply more often, but capability does not guarantee policy enforcement.
D. Move the rule to a PreToolUse hook that pattern-matches `git push.*main` and refuses; CLAUDE.md is advisory and the model can rationalise around it.
CLAUDE.md is not an enforcement mechanism; it is just prompt context, so a single sentence can be overridden, forgotten, or rationalized away during extended autonomous execution. The structural control is a PreToolUse hook, because it intercepts the tool invocation before execution; matching `git push.*main` and denying the call blocks the prohibited action at the point of use rather than depending on model compliance.