@clawdstrike/openclaw 0.1.0 → 0.1.2

package/dist/hooks/cua-bridge/handler.js

@@ -0,0 +1,369 @@
+/**
+ * @clawdstrike/openclaw - CUA Bridge Hook Handler
+ *
+ * Detects CUA (Computer Use Agent) actions from OpenClaw tool calls and emits
+ * canonical CUA policy events via PolicyEventFactory from adapter-core.
+ *
+ * CUA actions are identified by toolName prefix or explicit metadata. When
+ * detected, the bridge creates the appropriate canonical CUA event, evaluates
+ * it through the policy engine, and applies the decision (allow/warn/deny).
+ *
+ * Design: fail-closed on unknown CUA action types. Non-CUA tool calls are
+ * passed through unchanged (no regression on existing behavior).
+ */
+import { parseNetworkTarget, PolicyEventFactory, } from '@clawdstrike/adapter-core';
+import { initializeEngine, getSharedEngine } from '../../engine-holder.js';
+import { peekApproval } from '../approval-state.js';
+import { normalizeApprovalResource } from '../approval-utils.js';
+// ── Stable Error Codes ──────────────────────────────────────────────
+export const CUA_ERROR_CODES = {
+    UNKNOWN_ACTION: 'OCLAW_CUA_UNKNOWN_ACTION',
+    MISSING_METADATA: 'OCLAW_CUA_MISSING_METADATA',
+    SESSION_MISSING: 'OCLAW_CUA_SESSION_MISSING',
+};
+// ── CUA Action Classification ───────────────────────────────────────
+/** CUA tool name prefixes that trigger CUA bridge routing. */
+const CUA_TOOL_PREFIXES = [
+    'cua_', 'cua.', 'computer_use_', 'computer_use.',
+    'remote_desktop_', 'remote_desktop.', 'rdp_', 'rdp.',
+];
+const CUA_TOOL_NAMES = new Set(['computer', 'computer_use', 'computer.use', 'computer-use']);
+const ACTION_TOKEN_MAP = [
+    { tokens: ['connect', 'session_start', 'open', 'launch'], kind: 'connect' },
+    { tokens: ['disconnect', 'session_end', 'close', 'terminate'], kind: 'disconnect' },
+    { tokens: ['reconnect', 'session_resume', 'resume'], kind: 'reconnect' },
+    { tokens: ['click', 'type', 'key', 'mouse', 'keyboard', 'input', 'scroll', 'drag', 'move_mouse'], kind: 'input_inject' },
+    { tokens: ['clipboard_read', 'clipboard_get', 'paste_from', 'copy_from_remote'], kind: 'clipboard_read' },
+    { tokens: ['clipboard_write', 'clipboard_set', 'copy_to', 'paste_to_remote'], kind: 'clipboard_write' },
+    { tokens: ['file_upload', 'upload', 'send_file'], kind: 'file_upload' },
+    { tokens: ['file_download', 'download', 'receive_file', 'get_file'], kind: 'file_download' },
+    { tokens: ['session_share', 'share_session', 'share'], kind: 'session_share' },
+    { tokens: ['audio', 'audio_stream', 'stream_audio'], kind: 'audio' },
+    { tokens: ['drive_mapping', 'map_drive', 'mount_drive'], kind: 'drive_mapping' },
+    { tokens: ['printing', 'print', 'remote_print'], kind: 'printing' },
+];
+// ── Module State ────────────────────────────────────────────────────
+const factory = new PolicyEventFactory();
+/**
+ * Initialize the hook with configuration.
+ * Delegates to the shared engine holder so all hooks share one PolicyEngine.
+ */
+export function initialize(config) {
+    initializeEngine(config);
+}
+/**
+ * Get or create the policy engine.
+ * Delegates to the shared engine holder.
+ */
+function getEngine(config) {
+    return getSharedEngine(config);
+}
+// ── CUA Detection ───────────────────────────────────────────────────
+/**
+ * Check if a tool call is a CUA action (by prefix or explicit cua metadata).
+ */
+export function isCuaToolCall(toolName, params) {
+    const lower = toolName.toLowerCase();
+    if (CUA_TOOL_NAMES.has(lower)) {
+        return true;
+    }
+    if (CUA_TOOL_PREFIXES.some((p) => lower.startsWith(p))) {
+        return true;
+    }
+    if (params.__cua === true || params.cua_action !== undefined) {
+        return true;
+    }
+    return false;
+}
+/**
+ * Extract the CUA action token from a tool name or params.
+ */
+function extractActionToken(toolName, params) {
+    // Explicit action from params takes precedence
+    if (typeof params.cua_action === 'string' && params.cua_action.trim()) {
+        return params.cua_action.trim().toLowerCase();
+    }
+    if (CUA_TOOL_NAMES.has(toolName.toLowerCase())) {
+        if (typeof params.action === 'string' && params.action.trim()) {
+            return params.action.trim().toLowerCase();
+        }
+    }
+    // Strip known CUA prefix and use remaining as action token
+    const lower = toolName.toLowerCase();
+    for (const prefix of CUA_TOOL_PREFIXES) {
+        if (lower.startsWith(prefix)) {
+            const remainder = lower.slice(prefix.length);
+            if (remainder)
+                return remainder;
+        }
+    }
+    return null;
+}
+/**
+ * Classify a CUA action token into a known CuaActionKind.
+ * Returns null for unknown actions (fail-closed).
+ */
+function classifyCuaAction(token) {
+    for (const { tokens, kind } of ACTION_TOKEN_MAP) {
+        if (tokens.includes(token)) {
+            return kind;
+        }
+    }
+    return null;
+}
+// ── Event Building ──────────────────────────────────────────────────
+/**
+ * Build a canonical CUA PolicyEvent using the PolicyEventFactory.
+ */
+export function buildCuaEvent(sessionId, kind, params) {
+    const extraData = {};
+    if (typeof params.continuityPrevSessionHash === 'string') {
+        extraData.continuityPrevSessionHash = params.continuityPrevSessionHash;
+    }
+    if (typeof params.postconditionProbeHash === 'string') {
+        extraData.postconditionProbeHash = params.postconditionProbeHash;
+    }
+    // Preserve input_type so the InputInjectionCapabilityGuard (fail-closed on
+    // missing input_type) receives it through the canonical CUA event data.
+    const inputType = typeof params.input_type === 'string'
+        ? params.input_type
+        : typeof params.inputType === 'string'
+            ? params.inputType
+            : undefined;
+    if (typeof inputType === 'string') {
+        extraData.input_type = inputType;
+    }
+    const transferSize = coerceTransferSize(params.transfer_size ?? params.transferSize);
+    if (transferSize !== null) {
+        extraData.transfer_size = transferSize;
+    }
+    switch (kind) {
+        case 'connect': {
+            const connectMeta = extractConnectMetadata(params);
+            return factory.createCuaConnectEvent(sessionId, { ...extraData, ...connectMeta });
+        }
+        case 'disconnect':
+            return factory.createCuaDisconnectEvent(sessionId, extraData);
+        case 'reconnect':
+            return factory.createCuaReconnectEvent(sessionId, extraData);
+        case 'input_inject':
+            return factory.createCuaInputInjectEvent(sessionId, extraData);
+        case 'clipboard_read':
+            return factory.createCuaClipboardEvent(sessionId, 'read', extraData);
+        case 'clipboard_write':
+            return factory.createCuaClipboardEvent(sessionId, 'write', extraData);
+        case 'file_upload':
+            return factory.createCuaFileTransferEvent(sessionId, 'upload', extraData);
+        case 'file_download':
+            return factory.createCuaFileTransferEvent(sessionId, 'download', extraData);
+        case 'session_share':
+            return factory.createCuaSessionShareEvent(sessionId, extraData);
+        case 'audio':
+            return factory.createCuaAudioEvent(sessionId, extraData);
+        case 'drive_mapping':
+            return factory.createCuaDriveMappingEvent(sessionId, extraData);
+        case 'printing':
+            return factory.createCuaPrintingEvent(sessionId, extraData);
+    }
+}
+// ── Hook Handler ────────────────────────────────────────────────────
+function beforeToolCallBlockResult(toolEvent, blockReason) {
+    if (toolEvent.type !== 'before_tool_call') {
+        return;
+    }
+    return {
+        block: true,
+        blockReason,
+        params: toolEvent.context.toolCall.params,
+    };
+}
+/**
+ * CUA bridge hook handler for tool_call (pre-execution) events.
+ *
+ * Only activates for CUA tool calls. Non-CUA tools pass through untouched
+ * so existing preflight behavior is preserved.
+ *
+ * Fail-closed: unknown CUA action types are denied with stable error code.
+ * Missing session ID or CUA metadata also fail closed.
+ */
+const handler = async (event, hookCtx) => {
+    const isModernBeforeToolCallEvent = (value) => {
+        if (value && typeof value === 'object' && 'type' in value)
+            return false;
+        return Boolean(value &&
+            typeof value === 'object' &&
+            typeof value.toolName === 'string' &&
+            typeof value.params === 'object' &&
+            value.params !== null);
+    };
+    const isModern = isModernBeforeToolCallEvent(event);
+    if (!isModern) {
+        if (event.type !== 'tool_call' && event.type !== 'before_tool_call') {
+            return;
+        }
+    }
+    const legacyToolEvent = isModern ? null : event;
+    // Skip if already handled by another hook registration (e.g. before_tool_call + tool_call dual registration)
+    if (!isModern && legacyToolEvent.preventDefault)
+        return;
+    const toolName = isModern ? event.toolName : legacyToolEvent.context.toolCall.toolName;
+    const params = isModern ? event.params : legacyToolEvent.context.toolCall.params;
+    const sessionId = isModern
+        ? (hookCtx?.sessionKey ?? hookCtx?.agentId ?? '')
+        : legacyToolEvent.context.sessionId;
+    // Only intercept CUA tool calls
+    if (!isCuaToolCall(toolName, params)) {
+        return;
+    }
+    // Mark this event as evaluated by the CUA bridge so the general preflight
+    // handler skips it (avoids double policy evaluation).  Set this early —
+    // before any fail-closed exits — because even a CUA denial here means the
+    // tool was already handled and the preflight handler should not re-evaluate.
+    event.__cuaBridgeEvaluated = true;
+    // Fail closed: session ID required for CUA actions
+    if (!sessionId) {
+        const blockReason = `Denied ${toolName}: missing session ID (${CUA_ERROR_CODES.SESSION_MISSING})`;
+        if (isModern) {
+            return { block: true, blockReason, params };
+        }
+        legacyToolEvent.preventDefault = true;
+        legacyToolEvent.messages.push(`[clawdstrike:cua-bridge] ${blockReason}`);
+        return beforeToolCallBlockResult(legacyToolEvent, blockReason);
+    }
+    // Extract and classify the CUA action
+    const actionToken = extractActionToken(toolName, params);
+    if (!actionToken) {
+        const blockReason = `Denied ${toolName}: unable to extract CUA action from tool name or params (${CUA_ERROR_CODES.MISSING_METADATA})`;
+        if (isModern) {
+            return { block: true, blockReason, params };
+        }
+        legacyToolEvent.preventDefault = true;
+        legacyToolEvent.messages.push(`[clawdstrike:cua-bridge] ${blockReason}`);
+        return beforeToolCallBlockResult(legacyToolEvent, blockReason);
+    }
+    const kind = classifyCuaAction(actionToken);
+    if (!kind) {
+        // Fail closed on unknown CUA action type
+        const blockReason = `Denied ${toolName}: unknown CUA action '${actionToken}' (${CUA_ERROR_CODES.UNKNOWN_ACTION})`;
+        if (isModern) {
+            return { block: true, blockReason, params };
+        }
+        legacyToolEvent.preventDefault = true;
+        legacyToolEvent.messages.push(`[clawdstrike:cua-bridge] ${blockReason}`);
+        return beforeToolCallBlockResult(legacyToolEvent, blockReason);
+    }
+    // Build canonical CUA event via PolicyEventFactory
+    const cuaEvent = buildCuaEvent(sessionId, kind, params);
+    // Evaluate through policy engine first to get severity before consulting prior approvals.
+    const policyEngine = getEngine();
+    const decision = await policyEngine.evaluate(cuaEvent);
+    // Check prior approvals for non-critical denials only.
+    // Critical denials must always be re-evaluated and never short-circuited.
+    if (decision.status === 'deny' && decision.severity !== 'critical') {
+        const resource = normalizeApprovalResource(policyEngine, toolName, params);
+        const prior = peekApproval(sessionId, toolName, resource);
+        if (prior) {
+            if (!isModern) {
+                legacyToolEvent.messages.push(`[clawdstrike:cua-bridge] CUA ${kind}: using prior ${prior.resolution} approval for ${toolName}`);
+            }
+            return;
+        }
+    }
+    if (decision.status === 'deny') {
+        const blockReason = `CUA ${kind} denied${decision.guard ? ` by ${decision.guard}` : ''}${decision.reason ? `: ${decision.reason}` : ''} (${toolName})`;
+        if (isModern) {
+            return { block: true, blockReason, params };
+        }
+        legacyToolEvent.preventDefault = true;
+        legacyToolEvent.messages.push(`[clawdstrike:cua-bridge] ${blockReason}`);
+        return beforeToolCallBlockResult(legacyToolEvent, blockReason);
+    }
+    if (!isModern && decision.status === 'warn') {
+        legacyToolEvent.messages.push(`[clawdstrike:cua-bridge] CUA ${kind} warning: ${decision.message ?? decision.reason ?? 'Policy warning'} (${toolName})`);
+    }
+    // Allow: record for potential post-exec parity
+    if (!isModern && decision.status === 'allow') {
+        legacyToolEvent.messages.push(`[clawdstrike:cua-bridge] CUA ${kind} allowed (${toolName})`);
+    }
+};
+export default handler;
+// Re-export for testing
+export { classifyCuaAction, extractActionToken, };
+function coerceTransferSize(value) {
+    if (typeof value === 'number' && Number.isFinite(value) && value >= 0) {
+        return Math.trunc(value);
+    }
+    if (typeof value === 'string') {
+        const parsed = Number.parseInt(value, 10);
+        if (Number.isFinite(parsed) && parsed >= 0) {
+            return parsed;
+        }
+    }
+    return null;
+}
+function coercePort(value) {
+    if (typeof value === 'number' && Number.isFinite(value)) {
+        const port = Math.trunc(value);
+        if (port > 0 && port <= 65535)
+            return port;
+    }
+    if (typeof value === 'string') {
+        const trimmed = value.trim();
+        if (/^[0-9]+$/.test(trimmed)) {
+            const parsed = Number.parseInt(trimmed, 10);
+            if (Number.isFinite(parsed) && parsed > 0 && parsed <= 65535)
+                return parsed;
+        }
+    }
+    return null;
+}
+function firstNonEmptyString(values) {
+    for (const value of values) {
+        if (typeof value !== 'string')
+            continue;
+        const trimmed = value.trim();
+        if (trimmed.length > 0)
+            return trimmed;
+    }
+    return null;
+}
+function extractConnectMetadata(params) {
+    const url = firstNonEmptyString([
+        params.url,
+        params.endpoint,
+        params.href,
+        params.target_url,
+        params.targetUrl,
+    ]);
+    const parsed = parseNetworkTarget(url ?? '', { emptyPort: 'default' });
+    const host = firstNonEmptyString([
+        params.host,
+        params.hostname,
+        params.remote_host,
+        params.remoteHost,
+        params.destination_host,
+        params.destinationHost,
+        parsed.host,
+    ])?.toLowerCase();
+    const protocol = firstNonEmptyString([params.protocol, params.scheme])?.toLowerCase();
+    const explicitPort = coercePort(params.port
+        ?? params.remote_port
+        ?? params.remotePort
+        ?? params.destination_port
+        ?? params.destinationPort);
+    const out = {};
+    if (host)
+        out.host = host;
+    if (explicitPort !== null) {
+        out.port = explicitPort;
+    }
+    else if (parsed.host) {
+        out.port = parsed.port;
+    }
+    if (url)
+        out.url = url;
+    if (protocol)
+        out.protocol = protocol;
+    return out;
+}
+//# sourceMappingURL=handler.js.map

package/dist/hooks/cua-bridge/handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"handler.js","sourceRoot":"","sources":["../../../src/hooks/cua-bridge/handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EACL,kBAAkB,EAClB,kBAAkB,GAInB,MAAM,2BAA2B,CAAC;AAUnC,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,yBAAyB,EAAE,MAAM,sBAAsB,CAAC;AAEjE,uEAAuE;AAEvE,MAAM,CAAC,MAAM,eAAe,GAAG;IAC7B,cAAc,EAAE,0BAA0B;IAC1C,gBAAgB,EAAE,4BAA4B;IAC9C,eAAe,EAAE,2BAA2B;CACpC,CAAC;AAEX,uEAAuE;AAEvE,8DAA8D;AAC9D,MAAM,iBAAiB,GAAG;IACxB,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAChD,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,EAAE,MAAM;CAC5C,CAAC;AACX,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,cAAc,EAAE,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC;AAiB7F,MAAM,gBAAgB,GAA0E;IAC9F,EAAE,MAAM,EAAE,CAAC,SAAS,EAAE,eAAe,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE;IAC3E,EAAE,MAAM,EAAE,CAAC,YAAY,EAAE,aAAa,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE;IACnF,EAAE,MAAM,EAAE,CAAC,WAAW,EAAE,gBAAgB,EAAE,QAAQ,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE;IACxE,EAAE,MAAM,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE;IACxH,EAAE,MAAM,EAAE,CAAC,gBAAgB,EAAE,eAAe,EAAE,YAAY,EAAE,kBAAkB,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE;IACzG,EAAE,MAAM,EAAE,CAAC,iBAAiB,EAAE,eAAe,EAAE,SAAS,EAAE,iBAAiB,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE;IACvG,EAAE,MAAM,EAAE,CAAC,aAAa,EAAE,QAAQ,EAAE,WAAW,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE;IACvE,EAAE,MAAM,EAAE,CAAC,eAAe,EAAE,UAAU,EAAE,cAAc,EAAE,UAAU,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE;IAC5F,EAAE,MAAM,EAAE,CAAC,eAAe,EAAE,eAAe,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE;IAC9E,EAAE,MAAM,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE;IACpE,EAAE,MAAM,EAAE,CAAC,eAAe,EAAE,WAAW,EAAE,aAAa,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE;IAChF,EAAE,MAAM,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,cAAc,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE;CACpE,CAAC;AAEF,uEAAuE;AAEvE,MAAM,OAAO,GAAG,IAAI,kBAAkB,EAAE,CAAC;AAEzC;;;GAGG;AACH,MAAM,UAAU,UAAU,CAAC,MAAyB;IAClD,gBAAgB,CAAC,MAAM,CAAC,CAAC;AAC3B,CAAC;AAED;;;GAGG;AACH,SAAS,SAAS,CAAC,MAA0B;IAC3C,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC;AACjC,CAAC;AAKD,uEAAuE;AAEvE;;GAEG;AACH,MAAM,UAAU,aAAa,CAC3B,QAAgB,EAChB,MAA+B;IAE/B,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,IAAI,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACvD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QAC7D,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CACzB,QAAgB,EAChB,MAA+B;IAE/B,+CAA+C;IAC/C,IAAI,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ,IAAI,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC;QACtE,OAAO,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAChD,CAAC;IAED,IAAI,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC/C,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;YAC9D,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,2DAA2D;IAC3D,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,KAAK,MAAM,MAAM,IAAI,iBAAiB,EAAE,CAAC;QACvC,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7B,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YAC7C,IAAI,SAAS;gBAAE,OAAO,SAAS,CAAC;QAClC,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB,CAAC,KAAa;IACtC,KAAK,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,gBAAgB,EAAE,CAAC;QAChD,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,uEAAuE;AAEvE;;GAEG;AACH,MAAM,UAAU,aAAa,CAC3B,SAAiB,EACjB,IAAmB,EACnB,MAA+B;IAE/B,MAAM,SAAS,GAAsD,EAAE,CAAC;IAExE,IAAI,OAAO,MAAM,CAAC,yBAAyB,KAAK,QAAQ,EAAE,CAAC;QACzD,SAAS,CAAC,yBAAyB,GAAG,MAAM,CAAC,yBAAyB,CAAC;IACzE,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,sBAAsB,KAAK,QAAQ,EAAE,CAAC;QACtD,SAAS,CAAC,sBAAsB,GAAG,MAAM,CAAC,sBAAsB,CAAC;IACnE,CAAC;IACD,2EAA2E;IAC3E,wEAAwE;IACxE,MAAM,SAAS,GAAG,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ;QACrD,CAAC,CAAC,MAAM,CAAC,UAAU;QACnB,CAAC,CAAC,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ;YACpC,CAAC,CAAC,MAAM,CAAC,SAAS;YAClB,CAAC,CAAC,SAAS,CAAC;IAChB,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjC,SAAqC,CAAC,UAAU,GAAG,SAAS,CAAC;IAChE,CAAC;IAED,MAAM,YAAY,GAAG,kBAAkB,CAAC,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC;IACrF,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QACzB,SAAqC,CAAC,aAAa,GAAG,YAAY,CAAC;IACtE,CAAC;IAED,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,MAAM,WAAW,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;YACnD,OAAO,OAAO,CAAC,qBAAqB,CAAC,SAAS,EAAE,EAAE,GAAG,SAAS,EAAE,GAAG,WAAW,EAAE,CAAC,CAAC;QACpF,CAAC;QACD,KAAK,YAAY;YACf,OAAO,OAAO,CAAC,wBAAwB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QAChE,KAAK,WAAW;YACd,OAAO,OAAO,CAAC,uBAAuB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QAC/D,KAAK,cAAc;YACjB,OAAO,OAAO,CAAC,yBAAyB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACjE,KAAK,gBAAgB;YACnB,OAAO,OAAO,CAAC,uBAAuB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QACvE,KAAK,iBAAiB;YACpB,OAAO,OAAO,CAAC,uBAAuB,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QACxE,KAAK,aAAa;YAChB,OAAO,OAAO,CAAC,0BAA0B,CAAC,SAAS,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC5E,KAAK,eAAe;YAClB,OAAO,OAAO,CAAC,0BAA0B,CAAC,SAAS,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;QAC9E,KAAK,eAAe;YAClB,OAAO,OAAO,CAAC,0BAA0B,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QAClE,KAAK,OAAO;YACV,OAAO,OAAO,CAAC,mBAAmB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QAC3D,KAAK,eAAe;YAClB,OAAO,OAAO,CAAC,0BAA0B,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QAClE,KAAK,UAAU;YACb,OAAO,OAAO,CAAC,sBAAsB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IAChE,CAAC;AACH,CAAC;AAED,uEAAuE;AAEvE,SAAS,yBAAyB,CAChC,SAAwB,EACxB,WAAmB;IAEnB,IAAI,SAAS,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;QAC1C,OAAO;IACT,CAAC;IACD,OAAO;QACL,KAAK,EAAE,IAAI;QACX,WAAW;QACX,MAAM,EAAE,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM;KAC1C,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,OAAO,GAAgB,KAAK,EAChC,KAA0C,EAC1C,OAA6B,EACa,EAAE;IAC5C,MAAM,2BAA2B,GAAG,CAAC,KAA0C,EAAoC,EAAE;QACnH,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,IAAI,KAAK;YAAE,OAAO,KAAK,CAAC;QACxE,OAAO,OAAO,CACZ,KAAK;YACL,OAAO,KAAK,KAAK,QAAQ;YACzB,OAAQ,KAAgC,CAAC,QAAQ,KAAK,QAAQ;YAC9D,OAAQ,KAA8B,CAAC,MAAM,KAAK,QAAQ;YACzD,KAA8B,CAAC,MAAM,KAAK,IAAI,CAChD,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,QAAQ,GAAG,2BAA2B,CAAC,KAAK,CAAC,CAAC;IACpD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,IAAI,KAAK,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;YACpE,OAAO;QACT,CAAC;IACH,CAAC;IAED,MAAM,eAAe,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAsB,CAAC;IAEjE,6GAA6G;IAC7G,IAAI,CAAC,QAAQ,IAAI,eAAgB,CAAC,cAAc;QAAE,OAAO;IACzD,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,eAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;IACxF,MAAM,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,eAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;IAClF,MAAM,SAAS,GAAG,QAAQ;QACxB,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,IAAI,OAAO,EAAE,OAAO,IAAI,EAAE,CAAC;QACjD,CAAC,CAAC,eAAgB,CAAC,OAAO,CAAC,SAAS,CAAC;IAEvC,gCAAgC;IAChC,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,MAAM,CAAC,EAAE,CAAC;QACrC,OAAO;IACT,CAAC;IAED,0EAA0E;IAC1E,wEAAwE;IACxE,0EAA0E;IAC1E,6EAA6E;IAC5E,KAAa,CAAC,oBAAoB,GAAG,IAAI,CAAC;IAE3C,mDAAmD;IACnD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,WAAW,GAAG,UAAU,QAAQ,yBAAyB,eAAe,CAAC,eAAe,GAAG,CAAC;QAClG,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC;QAC9C,CAAC;QACD,eAAgB,CAAC,cAAc,GAAG,IAAI,CAAC;QACvC,eAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,4BAA4B,WAAW,EAAE,CAAC,CAAC;QAC1E,OAAO,yBAAyB,CAAC,eAAgB,EAAE,WAAW,CAAC,CAAC;IAClE,CAAC;IAED,sCAAsC;IACtC,MAAM,WAAW,GAAG,kBAAkB,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,WAAW,GACf,UAAU,QAAQ,4DAA4D,eAAe,CAAC,gBAAgB,GAAG,CAAC;QACpH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC;QAC9C,CAAC;QACD,eAAgB,CAAC,cAAc,GAAG,IAAI,CAAC;QACvC,eAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,4BAA4B,WAAW,EAAE,CAAC,CAAC;QAC1E,OAAO,yBAAyB,CAAC,eAAgB,EAAE,WAAW,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,IAAI,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAC5C,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,yCAAyC;QACzC,MAAM,WAAW,GACf,UAAU,QAAQ,yBAAyB,WAAW,MAAM,eAAe,CAAC,cAAc,GAAG,CAAC;QAChG,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC;QAC9C,CAAC;QACD,eAAgB,CAAC,cAAc,GAAG,IAAI,CAAC;QACvC,eAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,4BAA4B,WAAW,EAAE,CAAC,CAAC;QAC1E,OAAO,yBAAyB,CAAC,eAAgB,EAAE,WAAW,CAAC,CAAC;IAClE,CAAC;IAED,mDAAmD;IACnD,MAAM,QAAQ,GAAG,aAAa,CAAC,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;IAExD,0FAA0F;IAC1F,MAAM,YAAY,GAAG,SAAS,EAAE,CAAC;IACjC,MAAM,QAAQ,GAAa,MAAM,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAEjE,uDAAuD;IACvD,0EAA0E;IAC1E,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,IAAI,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE,CAAC;QACnE,MAAM,QAAQ,GAAG,yBAAyB,CAAC,YAAY,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC3E,MAAM,KAAK,GAAG,YAAY,CAAC,SAAS,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC1D,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,eAAgB,CAAC,QAAQ,CAAC,IAAI,CAC5B,gCAAgC,IAAI,iBAAiB,KAAK,CAAC,UAAU,iBAAiB,QAAQ,EAAE,CACjG,CAAC;YACJ,CAAC;YACD,OAAO;QACT,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/B,MAAM,WAAW,GACf,OAAO,IAAI,UAAU,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,QAAQ,GAAG,CAAC;QACrI,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC;QAC9C,CAAC;QACD,eAAgB,CAAC,cAAc,GAAG,IAAI,CAAC;QACvC,eAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,4BAA4B,WAAW,EAAE,CAAC,CAAC;QAC1E,OAAO,yBAAyB,CAAC,eAAgB,EAAE,WAAW,CAAC,CAAC;IAClE,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC5C,eAAgB,CAAC,QAAQ,CAAC,IAAI,CAC5B,gCAAgC,IAAI,aAAa,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,MAAM,IAAI,gBAAgB,KAAK,QAAQ,GAAG,CACzH,CAAC;IACJ,CAAC;IAED,+CAA+C;IAC/C,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;QAC7C,eAAgB,CAAC,QAAQ,CAAC,IAAI,CAC5B,gCAAgC,IAAI,aAAa,QAAQ,GAAG,CAC7D,CAAC;IACJ,CAAC;AACH,CAAC,CAAC;AAEF,eAAe,OAAO,CAAC;AAEvB,wBAAwB;AACxB,OAAO,EACL,iBAAiB,EACjB,kBAAkB,GAEnB,CAAC;AAEF,SAAS,kBAAkB,CAAC,KAAc;IACxC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;QACtE,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IACD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC;YAC3C,OAAO,MAAM,CAAC;QAChB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,KAAc;IAChC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC/B,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,IAAI,KAAK;YAAE,OAAO,IAAI,CAAC;IAC7C,CAAC;IACD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;QAC7B,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7B,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YAC5C,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC,IAAI,MAAM,IAAI,KAAK;gBAAE,OAAO,MAAM,CAAC;QAC9E,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAiB;IAC5C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,OAAO,KAAK,KAAK,QAAQ;YAAE,SAAS;QACxC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;QAC7B,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,OAAO,CAAC;IACzC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,sBAAsB,CAAC,MAA+B;IAC7D,MAAM,GAAG,GAAG,mBAAmB,CAAC;QAC9B,MAAM,CAAC,GAAG;QACV,MAAM,CAAC,QAAQ;QACf,MAAM,CAAC,IAAI;QACX,MAAM,CAAC,UAAU;QACjB,MAAM,CAAC,SAAS;KACjB,CAAC,CAAC;IACH,MAAM,MAAM,GAAG,kBAAkB,CAAC,GAAG,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;IACvE,MAAM,IAAI,GAAG,mBAAmB,CAAC;QAC/B,MAAM,CAAC,IAAI;QACX,MAAM,CAAC,QAAQ;QACf,MAAM,CAAC,WAAW;QAClB,MAAM,CAAC,UAAU;QACjB,MAAM,CAAC,gBAAgB;QACvB,MAAM,CAAC,eAAe;QACtB,MAAM,CAAC,IAAI;KACZ,CAAC,EAAE,WAAW,EAAE,CAAC;IAClB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,CAAC,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC;IACtF,MAAM,YAAY,GAAG,UAAU,CAC7B,MAAM,CAAC,IAAI;WACN,MAAM,CAAC,WAAW;WAClB,MAAM,CAAC,UAAU;WACjB,MAAM,CAAC,gBAAgB;WACvB,MAAM,CAAC,eAAe,CAC5B,CAAC;IAEF,MAAM,GAAG,GAA0B,EAAE,CAAC;IACtC,IAAI,IAAI;QAAG,GAA+B,CAAC,IAAI,GAAG,IAAI,CAAC;IACvD,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QACzB,GAA+B,CAAC,IAAI,GAAG,YAAY,CAAC;IACvD,CAAC;SAAM,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QACtB,GAA+B,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;IACtD,CAAC;IACD,IAAI,GAAG;QAAG,GAA+B,CAAC,GAAG,GAAG,GAAG,CAAC;IACpD,IAAI,QAAQ;QAAG,GAA+B,CAAC,QAAQ,GAAG,QAAQ,CAAC;IACnE,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/hooks/tool-guard/handler.d.ts

@@ -3,9 +3,24 @@
  *
  * Intercepts tool results and enforces security policy.
  */
-import type { HookHandler, ClawdstrikeConfig } from '../../types.js';
+import type { HookHandler, ClawdstrikeConfig, Decision } from '../../types.js';
+export declare class DecisionCache {
+    private readonly maxSize;
+    private readonly ttlMs;
+    private readonly map;
+    constructor(maxSize?: number, ttlMs?: number);
+    /** Build a cache key from event type + resource identifier + policy fingerprint. */
+    static key(eventType: string, resource: string, policyKey: string): string;
+    get(key: string): Decision | undefined;
+    set(key: string, decision: Decision): void;
+    clear(): void;
+    get size(): number;
+}
+/** Shared decision cache (reset on initialize) */
+export declare let decisionCache: DecisionCache;
 /**
- * Initialize the hook with configuration
+ * Initialize the hook with configuration.
+ * Delegates to the shared engine holder so all hooks share one PolicyEngine.
  */
 export declare function initialize(config: ClawdstrikeConfig): void;
 /**

package/dist/hooks/tool-guard/handler.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../src/hooks/tool-guard/handler.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EACV,WAAW,EAGX,iBAAiB,EAOlB,MAAM,gBAAgB,CAAC;AAMxB;;GAEG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,CAE1D;AAYD;;GAEG;AACH,QAAA,MAAM,OAAO,EAAE,WA6Gd,CAAC;AAsSF,eAAe,OAAO,CAAC"}
+{"version":3,"file":"handler.d.ts","sourceRoot":"","sources":["../../../src/hooks/tool-guard/handler.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EACV,WAAW,EAGX,iBAAiB,EACjB,QAAQ,EAET,MAAM,gBAAgB,CAAC;AAoFxB,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAS;IAC/B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAiC;gBAEzC,OAAO,SAAoB,EAAE,KAAK,SAAuB;IAKrE,oFAAoF;IACpF,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM;IAI1E,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,QAAQ,GAAG,SAAS;IAatC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,IAAI;IAS1C,KAAK,IAAI,IAAI;IAIb,IAAI,IAAI,IAAI,MAAM,CAEjB;CACF;AAOD,kDAAkD;AAClD,eAAO,IAAI,aAAa,eAAsB,CAAC;AAE/C;;;GAGG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,CAK1D;AAyCD;;GAEG;AACH,QAAA,MAAM,OAAO,EAAE,WA8Hd,CAAC;AAyPF,eAAe,OAAO,CAAC"}