@doingdev/opencode-claude-manager-plugin 0.1.35 → 0.1.43

package/dist/src/prompts/registry.js

@@ -0,0 +1,260 @@
+/**
+ * Compose a wrapper agent prompt from the base prompt plus discovered
+ * project Claude files. Returns the base prompt unchanged when no
+ * files are provided.
+ *
+ * Each file is rendered under a clear path-labeled section so the
+ * wrapper agent knows exactly where each instruction came from.
+ */
+export function composeWrapperPrompt(basePrompt, claudeFiles) {
+    if (claudeFiles.length === 0) {
+        return basePrompt;
+    }
+    const sections = claudeFiles.map((f) => `### ${f.relativePath}\n${f.content}`).join('\n\n');
+    return `${basePrompt}\n\n## Project Claude Files\nThe following project-level instructions were discovered from the repository.\n\n${sections}`;
+}
+export const managerPromptRegistry = {
+    ctoSystemPrompt: [
+        'You are a staff+ technical owner who uses Claude Code better than anyone.',
+        'You own the outcome — discover the right problem before solving it.',
+        '',
+        '## Core principle: delegation-first',
+        'Your default action is to delegate. Do not do broad repo exploration yourself',
+        'when an engineer can do it. Direct read/grep/glob is allowed only for:',
+        '- Spot-checks to sharpen a delegation.',
+        '- Verifying a result after an engineer returns.',
+        '- Resolving one high-leverage ambiguity before dispatching.',
+        'If you need more than 2 direct read/grep/glob lookups, stop and delegate',
+        'the investigation to `engineer_plan` instead.',
+        '',
+        '## Core principle: technical ownership',
+        'You are not a ticket-taker. Before acting, look for:',
+        '- Hidden assumptions and missing constraints.',
+        '- Ownership issues, abstraction leaks, and better boundaries.',
+        '- Root causes — prefer fixing root causes over patching symptoms.',
+        '',
+        '## Core principle: verification-first',
+        'Every delegation MUST include how to verify success.',
+        'Tests, expected outputs, lint/typecheck commands, or before/after behavior.',
+        'This is the single highest-leverage thing you do.',
+        'Never delegate without telling the engineer how to prove it worked.',
+        '',
+        '## Right-size your approach',
+        'Not every task needs a plan. Assess complexity, then act:',
+        '',
+        '**Simple tasks** (typo, rename, add a log line, one-file fix):',
+        '  Skip investigation. Delegate directly with specific context.',
+        '',
+        '**Medium+ tasks** (bug fix, feature, refactor, architecture change):',
+        '  Before delegating, determine:',
+        '  1. What the user asked vs. what is actually needed.',
+        '  2. What is underspecified or conflicting.',
+        '  3. What the cleanest architecture is.',
+        '  4. What should be clarified before proceeding.',
+        '  Prefer spawning `engineer_plan` for repo exploration rather than reading',
+        '  code yourself. Use at most 1-2 spot-check reads to sharpen the delegation.',
+        '  Then delegate with file paths, line numbers, patterns, and verification.',
+        '',
+        '**Complex tasks** (multi-file feature, large refactor):',
+        '  1. Spawn `engineer_plan` to explore the repo, map dependencies, and analyze impact.',
+        '  2. If requirements are unclear, ask the user ONE high-leverage question —',
+        '     only when it materially changes architecture, ownership, or destructive behavior.',
+        '     Prefer the question tool when discrete options exist.',
+        '  3. Write a plan to the todo list (todowrite). Share it with the user.',
+        '  4. Execute steps sequentially, committing after each.',
+        '',
+        '## Missed-opportunity check',
+        'Before finalizing any medium+ delegation, check:',
+        '- One cleaner alternative you considered.',
+        '- One risk the current approach carries.',
+        '- One thing the requester likely missed.',
+        'If any of these materially improve the outcome, surface them.',
+        '',
+        '## How to delegate effectively',
+        'The engineer does not have your context. Every instruction must be self-contained.',
+        'Include:',
+        '- Exact files, functions, and line numbers to change.',
+        '- Current behavior and desired behavior.',
+        '- Code snippets showing the pattern or convention to follow.',
+        '- How to verify: "Run `npm test`, expect all green." or',
+        '  "The function should return null instead of throwing."',
+        '',
+        'Bad:  "Fix the auth bug"',
+        'Good: "In src/auth/session.ts, `validateToken` (line 42) throws on expired',
+        '       tokens instead of returning null. Change it to return null.',
+        '       Update the caller in src/routes/login.ts:87.',
+        '       Follow the pattern in src/auth/refresh.ts:23.',
+        '       Run `npm test -- --grep auth` to verify. All tests should pass."',
+        '',
+        '## Review every change',
+        'After each delegation:',
+        '1. git_diff — read the FULL diff. Check for unintended changes, missing tests,',
+        '   style violations.',
+        '2. If correct: spawn `engineer_build` to run tests/lint/typecheck.',
+        '3. If tests pass: git_commit to checkpoint.',
+        '4. If wrong: spawn `engineer_build` with a specific correction.',
+        '   On second failure: git_reset and rewrite the prompt from scratch.',
+        '   Never send three corrections for the same problem.',
+        '',
+        '## Engineers (via the Task tool)',
+        '- `engineer_plan` — read-only investigation. Use for: exploring unfamiliar code,',
+        '  mapping dependencies, analyzing impact, asking "how does X work?"',
+        '- `engineer_build` — implementation. Use for: all code changes, test runs, fixes.',
+        '- If steps are independent, spawn multiple engineers in parallel.',
+        '',
+        '## Context efficiency',
+        '- Use `engineer_plan` for broad exploration so your own context stays clean.',
+        '- When spawning engineers for unrelated tasks, tell them to use freshSession:true.',
+        '- Keep delegations focused — one concern per engineer invocation.',
+        '',
+        '## What you must NOT do',
+        '- Do NOT call any engineer_* tools directly. Use the Task tool.',
+        '- Do NOT edit files or run bash commands yourself.',
+        '- Do NOT skip review — always git_diff after delegation.',
+        '- Do NOT delegate without verification criteria.',
+        '',
+        '## Tools reference',
+        'todowrite / todoread — track multi-step work',
+        'question             — ask the user structured questions with options',
+        'git_diff             — review all uncommitted changes',
+        'git_commit           — stage all + commit',
+        'git_reset            — hard reset + clean (destructive)',
+        'approval_policy      — view tool approval rules',
+        'approval_decisions   — view recent approval decisions',
+        'approval_update      — modify tool approval policy',
+        '',
+        '## Autonomy blockers',
+        'Surface these to the user immediately:',
+        '- Credentials, API keys, or secrets you do not have.',
+        '- Architectural decisions with trade-offs the user should weigh.',
+        '- Destructive actions on shared state (deploy, publish, force-push).',
+        'State the blocker, what you need, and a concrete suggestion to unblock.',
+    ].join('\n'),
+    engineerPlanPrompt: [
+        'You are a staff engineer managing a Claude Code session for read-only investigation.',
+        'You are not a forwarding layer — interpret the task in repo context before delegating.',
+        '',
+        '## Staff-level framing',
+        '- Identify the real problem, not just the stated request.',
+        '- Look for missing architecture, ownership, or precedence issues before delegating.',
+        '- Rewrite weak or underspecified requests into precise prompts for the engineer.',
+        '- For medium+ tasks, determine: the actual problem, the cleanest architecture,',
+        '  and what needs clarification before work begins.',
+        '- Ask ONE clarification first if it materially improves architecture.',
+        '',
+        '## Repo-context investigation',
+        '- Use read/grep/glob sparingly — only for spot-checks to sharpen a delegation.',
+        '- If more than 2 lookups are needed, send the investigation to the engineer.',
+        '- Do NOT implement changes yourself — investigation only.',
+        '',
+        '## Behavior',
+        '- Send the objective to the engineer using explore.',
+        "- Return the engineer's response verbatim. Do not summarize.",
+        '- Use freshSession:true on explore when the task is unrelated to prior work.',
+        '',
+        '## Context management',
+        '- Check session_health before sending.',
+        '- Under 50%: proceed. Over 70%: compact_context. Over 85%: clear_session.',
+        '',
+        '## Model selection',
+        '- claude-opus-4-6 + high: complex analysis (default).',
+        '- claude-sonnet-4-6: lighter analysis.',
+        '- effort "medium": simple lookups.',
+        '',
+        '## Using appended Project Claude Files',
+        '- Treat appended Project Claude Files as project guidance for the engineer.',
+        '- Extract only the rules relevant to the current task when delegating.',
+        '- Prefer guidance from more specific/nested paths over root-level guidance on conflict.',
+        '- Direct user instructions override Claude-file guidance.',
+        '- Keep delegated instructions tight; do not dump the full file corpus unless needed.',
+        '- Cite file paths (e.g. "per packages/core/CLAUDE.md") when the source matters.',
+        '',
+        '## What you must NOT do',
+        '- Do NOT call git_*, approval_*, or any non-engineer tools.',
+        '- Do NOT add commentary to the engineer response.',
+    ].join('\n'),
+    engineerBuildPrompt: [
+        'You are a staff engineer managing a Claude Code session for implementation.',
+        'You are not a forwarding layer — interpret the task in repo context before delegating.',
+        '',
+        '## Staff-level framing',
+        '- Identify the real problem, not just the stated request.',
+        '- Look for missing architecture, ownership, or precedence issues before delegating.',
+        '- Rewrite weak or underspecified requests into precise prompts for the engineer.',
+        '- For medium+ tasks, determine: the actual problem, the cleanest architecture,',
+        '  and what needs clarification before work begins.',
+        '- Ask ONE clarification first if it materially improves architecture.',
+        '',
+        '## Repo-context investigation',
+        '- Use read/grep/glob sparingly — only for spot-checks to sharpen a delegation.',
+        '- If more than 2 lookups are needed, send the investigation to the engineer.',
+        '- Do NOT implement changes yourself — investigation only.',
+        '',
+        '## Behavior',
+        '- Send the objective to the engineer using implement.',
+        "- Return the engineer's response verbatim. Do not summarize.",
+        '- Use freshSession:true on implement when the task is unrelated to prior work.',
+        '',
+        '## Context management',
+        '- Check session_health before sending.',
+        '- Under 50%: proceed. Over 70%: compact_context. Over 85%: clear_session.',
+        '',
+        '## Model selection',
+        '- claude-opus-4-6 + high: most coding tasks (default).',
+        '- claude-sonnet-4-6: simple renames, formatting, scaffolding.',
+        '- effort "max": complex refactors, subtle bugs, cross-cutting changes.',
+        '',
+        '## Using appended Project Claude Files',
+        '- Treat appended Project Claude Files as project guidance for the engineer.',
+        '- Extract only the rules relevant to the current task when delegating.',
+        '- Prefer guidance from more specific/nested paths over root-level guidance on conflict.',
+        '- Direct user instructions override Claude-file guidance.',
+        '- Keep delegated instructions tight; do not dump the full file corpus unless needed.',
+        '- Cite file paths (e.g. "per packages/core/CLAUDE.md") when the source matters.',
+        '',
+        '## What you must NOT do',
+        '- Do NOT call git_*, approval_*, or any non-engineer tools.',
+        '- Do NOT add commentary to the engineer response.',
+    ].join('\n'),
+    engineerSessionPrompt: [
+        'You are an expert engineer. Execute instructions precisely.',
+        '',
+        '## Rules',
+        '- Execute directly. No preamble, no restating the task.',
+        '- Prefer targeted file reads over reading entire files.',
+        '- Use subagents for independent parallel work.',
+        '- Follow existing repo conventions (naming, style, patterns).',
+        '',
+        '## Verification',
+        '- Always verify your own work before reporting done.',
+        '- Run tests, lint, or typecheck when the instruction says to.',
+        '- If no verification was specified, still run relevant tests if they exist.',
+        '- Report exact output on failure.',
+        '',
+        '## Git boundary — do NOT run:',
+        'git commit, git push, git reset, git checkout, git stash.',
+        'Git operations are handled externally.',
+        '',
+        '## Reporting',
+        '- End with: what was done, what was verified, what passed/failed.',
+        '- Report blockers immediately with specifics: file, line, error.',
+        '- If partially complete, state exactly what remains.',
+    ].join('\n'),
+    modePrefixes: {
+        plan: [
+            '[PLAN MODE] Read-only. Do NOT create or edit any files.',
+            'Do NOT use ExitPlanMode or write artifacts to disk.',
+            'Use read, grep, glob, and search tools only.',
+            'Analyze the codebase and produce a detailed implementation plan:',
+            'files to change, functions to modify, new files to create, test strategy,',
+            'and risks. End with a numbered step-by-step plan.',
+            'Return the entire plan inline in your response.',
+        ].join(' '),
+        free: '',
+    },
+    contextWarnings: {
+        moderate: 'Session context is filling up ({percent}% estimated). Consider whether a fresh session would be more efficient.',
+        high: 'Session context is heavy ({percent}% estimated, {turns} turns, ${cost}). Start a new session or compact first.',
+        critical: 'Session context is near capacity ({percent}% estimated). Clear the session immediately before continuing.',
+    },
+};

package/dist/src/state/file-run-state-store.d.ts

@@ -0,0 +1,14 @@
+import type { PersistentRunRecord } from '../types/contracts.js';
+export declare class FileRunStateStore {
+    private readonly baseDirectoryName;
+    private readonly writeQueues;
+    constructor(baseDirectoryName?: string);
+    saveRun(run: PersistentRunRecord): Promise<void>;
+    getRun(cwd: string, runId: string): Promise<PersistentRunRecord | null>;
+    listRuns(cwd: string): Promise<PersistentRunRecord[]>;
+    updateRun(cwd: string, runId: string, update: (run: PersistentRunRecord) => PersistentRunRecord): Promise<PersistentRunRecord>;
+    private getRunKey;
+    private getRunsDirectory;
+    private getRunPath;
+    private enqueueWrite;
+}

package/dist/src/state/file-run-state-store.js

@@ -0,0 +1,85 @@
+import { promises as fs } from 'node:fs';
+import path from 'node:path';
+import { isFileNotFoundError, writeJsonAtomically } from '../util/fs-helpers.js';
+export class FileRunStateStore {
+    baseDirectoryName;
+    writeQueues = new Map();
+    constructor(baseDirectoryName = '.claude-manager') {
+        this.baseDirectoryName = baseDirectoryName;
+    }
+    async saveRun(run) {
+        await this.enqueueWrite(this.getRunKey(run.cwd, run.id), async () => {
+            const runPath = this.getRunPath(run.cwd, run.id);
+            await fs.mkdir(path.dirname(runPath), { recursive: true });
+            await writeJsonAtomically(runPath, run);
+        });
+    }
+    async getRun(cwd, runId) {
+        const runPath = this.getRunPath(cwd, runId);
+        try {
+            const content = await fs.readFile(runPath, 'utf8');
+            return JSON.parse(content);
+        }
+        catch (error) {
+            if (isFileNotFoundError(error)) {
+                return null;
+            }
+            throw error;
+        }
+    }
+    async listRuns(cwd) {
+        const runsDirectory = this.getRunsDirectory(cwd);
+        try {
+            const entries = await fs.readdir(runsDirectory);
+            const runs = await Promise.all(entries
+                .filter((entry) => entry.endsWith('.json'))
+                .map(async (entry) => {
+                const content = await fs.readFile(path.join(runsDirectory, entry), 'utf8');
+                return JSON.parse(content);
+            }));
+            return runs.sort((left, right) => right.updatedAt.localeCompare(left.updatedAt));
+        }
+        catch (error) {
+            if (isFileNotFoundError(error)) {
+                return [];
+            }
+            throw error;
+        }
+    }
+    async updateRun(cwd, runId, update) {
+        return this.enqueueWrite(this.getRunKey(cwd, runId), async () => {
+            const existingRun = await this.getRun(cwd, runId);
+            if (!existingRun) {
+                throw new Error(`Run ${runId} does not exist.`);
+            }
+            const updatedRun = update(existingRun);
+            const runPath = this.getRunPath(cwd, runId);
+            await fs.mkdir(path.dirname(runPath), { recursive: true });
+            await writeJsonAtomically(runPath, updatedRun);
+            return updatedRun;
+        });
+    }
+    getRunKey(cwd, runId) {
+        return `${cwd}:${runId}`;
+    }
+    getRunsDirectory(cwd) {
+        return path.join(cwd, this.baseDirectoryName, 'runs');
+    }
+    getRunPath(cwd, runId) {
+        return path.join(this.getRunsDirectory(cwd), `${runId}.json`);
+    }
+    async enqueueWrite(key, operation) {
+        const previousOperation = this.writeQueues.get(key) ?? Promise.resolve();
+        const resultPromise = previousOperation.catch(() => undefined).then(operation);
+        const settledPromise = resultPromise.then(() => undefined, () => undefined);
+        this.writeQueues.set(key, settledPromise);
+        try {
+            return await resultPromise;
+        }
+        finally {
+            if (this.writeQueues.get(key) === settledPromise) {
+                this.writeQueues.delete(key);
+            }
+        }
+    }
+}

package/dist/src/state/transcript-store.d.ts

@@ -0,0 +1,15 @@
+import type { ClaudeSessionEvent } from '../types/contracts.js';
+export declare class TranscriptStore {
+    private readonly baseDirectoryName;
+    constructor(baseDirectoryName?: string);
+    /**
+     * Append new events to the transcript file for the given session.
+     * Creates the file if it does not exist. Strips trailing partials before persisting.
+     */
+    appendEvents(cwd: string, sessionId: string, newEvents: ClaudeSessionEvent[]): Promise<void>;
+    /**
+     * Read all persisted transcript events for a session.
+     */
+    readEvents(cwd: string, sessionId: string): Promise<ClaudeSessionEvent[]>;
+    private getTranscriptPath;
+}

package/dist/src/state/transcript-store.js

@@ -0,0 +1,44 @@
+import { promises as fs } from 'node:fs';
+import path from 'node:path';
+import { appendTranscriptEvents, stripTrailingPartials } from '../util/transcript-append.js';
+import { isFileNotFoundError, writeJsonAtomically } from '../util/fs-helpers.js';
+export class TranscriptStore {
+    baseDirectoryName;
+    constructor(baseDirectoryName = '.claude-manager') {
+        this.baseDirectoryName = baseDirectoryName;
+    }
+    /**
+     * Append new events to the transcript file for the given session.
+     * Creates the file if it does not exist. Strips trailing partials before persisting.
+     */
+    async appendEvents(cwd, sessionId, newEvents) {
+        if (newEvents.length === 0) {
+            return;
+        }
+        const filePath = this.getTranscriptPath(cwd, sessionId);
+        const existing = await this.readEvents(cwd, sessionId);
+        const merged = appendTranscriptEvents(existing, newEvents);
+        const cleaned = stripTrailingPartials(merged);
+        await fs.mkdir(path.dirname(filePath), { recursive: true });
+        await writeJsonAtomically(filePath, cleaned);
+    }
+    /**
+     * Read all persisted transcript events for a session.
+     */
+    async readEvents(cwd, sessionId) {
+        const filePath = this.getTranscriptPath(cwd, sessionId);
+        try {
+            const content = await fs.readFile(filePath, 'utf8');
+            return JSON.parse(content);
+        }
+        catch (error) {
+            if (isFileNotFoundError(error)) {
+                return [];
+            }
+            throw error;
+        }
+    }
+    getTranscriptPath(cwd, sessionId) {
+        return path.join(cwd, this.baseDirectoryName, 'transcripts', `${sessionId}.json`);
+    }
+}

package/dist/src/types/contracts.d.ts

@@ -0,0 +1,200 @@
+export interface ManagerPromptRegistry {
+    ctoSystemPrompt: string;
+    engineerPlanPrompt: string;
+    engineerBuildPrompt: string;
+    engineerSessionPrompt: string;
+    modePrefixes: {
+        plan: string;
+        free: string;
+    };
+    contextWarnings: {
+        moderate: string;
+        high: string;
+        critical: string;
+    };
+}
+export type SessionMode = 'plan' | 'free';
+export interface ClaudeCommandMetadata {
+    name: string;
+    description: string;
+    argumentHint?: string;
+    source: 'sdk' | 'skill' | 'command';
+    path?: string;
+}
+export interface ClaudeAgentMetadata {
+    name: string;
+    description: string;
+    model?: string;
+    source: 'sdk' | 'filesystem';
+}
+export interface ClaudeSessionEvent {
+    type: 'init' | 'assistant' | 'partial' | 'user' | 'tool_call' | 'tool_progress' | 'tool_summary' | 'status' | 'system' | 'result' | 'error';
+    sessionId?: string;
+    text: string;
+    turns?: number;
+    totalCostUsd?: number;
+    /** Present on live SDK-normalized events; omitted when compact-persisted to save space. */
+    rawType?: string;
+}
+export interface RunClaudeSessionInput {
+    cwd: string;
+    prompt: string;
+    systemPrompt?: string;
+    model?: string;
+    effort?: 'low' | 'medium' | 'high' | 'max';
+    mode?: SessionMode;
+    permissionMode?: 'default' | 'acceptEdits' | 'plan' | 'dontAsk';
+    /** Merged with `Skill` by the SDK adapter unless `Skill` appears in `disallowedTools`. */
+    allowedTools?: string[];
+    disallowedTools?: string[];
+    continueSession?: boolean;
+    resumeSessionId?: string;
+    forkSession?: boolean;
+    persistSession?: boolean;
+    includePartialMessages?: boolean;
+    settingSources?: Array<'user' | 'project' | 'local'>;
+    maxTurns?: number;
+    abortSignal?: AbortSignal;
+}
+export interface ClaudeSessionRunResult {
+    sessionId?: string;
+    events: ClaudeSessionEvent[];
+    finalText: string;
+    turns?: number;
+    totalCostUsd?: number;
+    inputTokens?: number;
+    outputTokens?: number;
+    contextWindowSize?: number;
+}
+export interface ClaudeSessionSummary {
+    sessionId: string;
+    summary: string;
+    cwd?: string;
+    gitBranch?: string;
+    createdAt?: number;
+    lastModified: number;
+}
+export interface ClaudeSessionTranscriptMessage {
+    role: 'user' | 'assistant';
+    sessionId: string;
+    messageId: string;
+    text: string;
+}
+export interface ClaudeCapabilitySnapshot {
+    commands: ClaudeCommandMetadata[];
+    agents: ClaudeAgentMetadata[];
+    models: string[];
+}
+export type ContextWarningLevel = 'ok' | 'moderate' | 'high' | 'critical';
+export interface SessionContextSnapshot {
+    sessionId: string | null;
+    totalTurns: number;
+    totalCostUsd: number;
+    latestInputTokens: number | null;
+    latestOutputTokens: number | null;
+    contextWindowSize: number | null;
+    estimatedContextPercent: number | null;
+    warningLevel: ContextWarningLevel;
+    compactionCount: number;
+}
+export interface GitDiffResult {
+    hasDiff: boolean;
+    diffText: string;
+    stats: {
+        filesChanged: number;
+        insertions: number;
+        deletions: number;
+    };
+}
+export interface GitOperationResult {
+    success: boolean;
+    output: string;
+    error?: string;
+}
+export interface ActiveSessionState {
+    sessionId: string;
+    cwd: string;
+    startedAt: string;
+    totalTurns: number;
+    totalCostUsd: number;
+    estimatedContextPercent: number | null;
+    contextWindowSize: number | null;
+    latestInputTokens: number | null;
+}
+export type PersistentRunStatus = 'running' | 'completed' | 'failed';
+export interface PersistentRunMessageRecord {
+    timestamp: string;
+    direction: 'sent' | 'received';
+    text: string;
+    turns?: number;
+    totalCostUsd?: number;
+    inputTokens?: number;
+    outputTokens?: number;
+}
+export interface PersistentRunActionRecord {
+    timestamp: string;
+    type: 'git_diff' | 'git_commit' | 'git_reset' | 'compact' | 'clear';
+    result: string;
+}
+export interface PersistentRunRecord {
+    id: string;
+    cwd: string;
+    task: string;
+    status: PersistentRunStatus;
+    createdAt: string;
+    updatedAt: string;
+    sessionId: string | null;
+    sessionHistory: string[];
+    messages: PersistentRunMessageRecord[];
+    actions: PersistentRunActionRecord[];
+    commits: string[];
+    context: SessionContextSnapshot;
+    finalSummary?: string;
+}
+export interface PersistentRunResult {
+    run: PersistentRunRecord;
+}
+export interface LiveTailEvent {
+    type: 'line' | 'error' | 'end';
+    sessionId: string;
+    data?: unknown;
+    rawLine?: string;
+    error?: string;
+}
+export interface ToolOutputPreview {
+    toolUseId: string;
+    content: string;
+    isError: boolean;
+}
+export interface DiscoveredClaudeFile {
+    /** Relative path from the project root (forward slashes, deterministic order). */
+    relativePath: string;
+    /** Trimmed UTF-8 text content. */
+    content: string;
+}
+export interface ToolApprovalRule {
+    id: string;
+    description?: string;
+    /** Tool name — exact match or glob with * wildcard */
+    toolPattern: string;
+    /** Optional substring match against JSON-serialized tool input */
+    inputPattern?: string;
+    action: 'allow' | 'deny';
+    denyMessage?: string;
+}
+export interface ToolApprovalPolicy {
+    rules: ToolApprovalRule[];
+    defaultAction: 'allow' | 'deny';
+    defaultDenyMessage?: string;
+    enabled: boolean;
+}
+export interface ToolApprovalDecision {
+    timestamp: string;
+    toolName: string;
+    inputPreview: string;
+    title?: string;
+    matchedRuleId: string;
+    action: 'allow' | 'deny';
+    denyMessage?: string;
+    agentId?: string;
+}

package/dist/src/types/contracts.js

@@ -0,0 +1 @@
+export {};

package/dist/src/util/fs-helpers.d.ts

@@ -0,0 +1,2 @@
+export declare function writeJsonAtomically(filePath: string, data: unknown): Promise<void>;
+export declare function isFileNotFoundError(error: unknown): error is NodeJS.ErrnoException;

package/dist/src/util/fs-helpers.js

@@ -0,0 +1,10 @@
+import { randomUUID } from 'node:crypto';
+import { promises as fs } from 'node:fs';
+export async function writeJsonAtomically(filePath, data) {
+    const tempPath = `${filePath}.${randomUUID()}.tmp`;
+    await fs.writeFile(tempPath, `${JSON.stringify(data, null, 2)}\n`, 'utf8');
+    await fs.rename(tempPath, filePath);
+}
+export function isFileNotFoundError(error) {
+    return (error instanceof Error && 'code' in error && error.code === 'ENOENT');
+}

package/dist/src/util/project-context.d.ts

@@ -0,0 +1,10 @@
+import type { DiscoveredClaudeFile } from '../types/contracts.js';
+/**
+ * Recursively discover all project-level Claude files:
+ *   - every `CLAUDE.md` found anywhere in the repo tree
+ *   - every file under `.claude/` recursively
+ *
+ * Returns a de-duplicated, deterministically sorted array of
+ * { relativePath, content } entries. Empty/blank files are skipped.
+ */
+export declare function discoverProjectClaudeFiles(cwd: string): Promise<DiscoveredClaudeFile[]>;