npm - @ebowwa/coder - Versions diffs - 0.7.63 → 0.7.64 - Mend

@ebowwa/coder 0.7.63 → 0.7.64

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (341) hide show

package/dist/core/__tests__/permissions.test.d.ts +12 -0
package/dist/core/__tests__/permissions.test.d.ts.map +1 -0
package/dist/core/__tests__/permissions.test.js +851 -0
package/dist/core/agent-loop/__tests__/compaction.test.d.ts +5 -0
package/dist/core/agent-loop/__tests__/compaction.test.d.ts.map +1 -0
package/dist/core/agent-loop/__tests__/compaction.test.js +209 -0
package/dist/core/agent-loop/__tests__/formatters.test.d.ts +5 -0
package/dist/core/agent-loop/__tests__/formatters.test.d.ts.map +1 -0
package/dist/core/agent-loop/__tests__/formatters.test.js +195 -0
package/dist/core/agent-loop/__tests__/index.test.d.ts +5 -0
package/dist/core/agent-loop/__tests__/index.test.d.ts.map +1 -0
package/dist/core/agent-loop/__tests__/index.test.js +121 -0
package/dist/core/agent-loop/__tests__/loop-state.test.d.ts +5 -0
package/dist/core/agent-loop/__tests__/loop-state.test.d.ts.map +1 -0
package/dist/core/agent-loop/__tests__/loop-state.test.js +340 -0
package/dist/core/agent-loop/__tests__/message-builder.test.d.ts +5 -0
package/dist/core/agent-loop/__tests__/message-builder.test.d.ts.map +1 -0
package/dist/core/agent-loop/__tests__/message-builder.test.js +178 -0
package/dist/core/agent-loop/__tests__/tool-executor.test.d.ts +5 -0
package/dist/core/agent-loop/__tests__/tool-executor.test.d.ts.map +1 -0
package/dist/core/agent-loop/__tests__/tool-executor.test.js +331 -0
package/dist/core/agent-loop/compaction.d.ts +39 -0
package/dist/core/agent-loop/compaction.d.ts.map +1 -0
package/dist/core/agent-loop/compaction.js +51 -0
package/dist/core/agent-loop/formatters.d.ts +21 -0
package/dist/core/agent-loop/formatters.d.ts.map +1 -0
package/dist/core/agent-loop/formatters.js +42 -0
package/dist/core/agent-loop/index.d.ts +25 -0
package/dist/core/agent-loop/index.d.ts.map +1 -0
package/dist/core/agent-loop/index.js +83 -0
package/dist/core/agent-loop/loop-state.d.ts +74 -0
package/dist/core/agent-loop/loop-state.d.ts.map +1 -0
package/dist/core/agent-loop/loop-state.js +147 -0
package/dist/core/agent-loop/message-builder.d.ts +13 -0
package/dist/core/agent-loop/message-builder.d.ts.map +1 -0
package/dist/core/agent-loop/message-builder.js +49 -0
package/dist/core/agent-loop/tool-executor.d.ts +23 -0
package/dist/core/agent-loop/tool-executor.d.ts.map +1 -0
package/dist/core/agent-loop/tool-executor.js +152 -0
package/dist/core/agent-loop/turn-executor.d.ts +57 -0
package/dist/core/agent-loop/turn-executor.d.ts.map +1 -0
package/dist/core/agent-loop/turn-executor.js +124 -0
package/dist/core/agent-loop/types.d.ts +141 -0
package/dist/core/agent-loop/types.d.ts.map +1 -0
package/dist/core/agent-loop/types.js +4 -0
package/dist/core/agent-loop.d.ts +17 -0
package/dist/core/agent-loop.d.ts.map +1 -0
package/dist/core/agent-loop.js +16 -0
package/dist/core/api-client-impl.d.ts +62 -0
package/dist/core/api-client-impl.d.ts.map +1 -0
package/dist/core/api-client-impl.js +479 -0
package/dist/core/api-client.d.ts +6 -0
package/dist/core/api-client.d.ts.map +1 -0
package/dist/core/api-client.js +5 -0
package/dist/core/checkpoints.d.ts +128 -0
package/dist/core/checkpoints.d.ts.map +1 -0
package/dist/core/checkpoints.js +438 -0
package/dist/core/claude-md.d.ts +71 -0
package/dist/core/claude-md.d.ts.map +1 -0
package/dist/core/claude-md.js +198 -0
package/dist/core/cognitive-security/hooks.d.ts +138 -0
package/dist/core/cognitive-security/hooks.d.ts.map +1 -0
package/dist/core/cognitive-security/hooks.js +389 -0
package/dist/core/cognitive-security/index.d.ts +751 -0
package/dist/core/cognitive-security/index.d.ts.map +1 -0
package/dist/core/cognitive-security/index.js +1123 -0
package/dist/core/cognitive-security/middleware.d.ts +136 -0
package/dist/core/cognitive-security/middleware.d.ts.map +1 -0
package/dist/core/cognitive-security/middleware.js +376 -0
package/dist/core/config-loader.d.ts +127 -0
package/dist/core/config-loader.d.ts.map +1 -0
package/dist/core/config-loader.js +219 -0
package/dist/core/context-compaction.d.ts +87 -0
package/dist/core/context-compaction.d.ts.map +1 -0
package/dist/core/context-compaction.js +428 -0
package/dist/core/git-status.d.ts +25 -0
package/dist/core/git-status.d.ts.map +1 -0
package/dist/core/git-status.js +204 -0
package/dist/core/image.d.ts +69 -0
package/dist/core/image.d.ts.map +1 -0
package/dist/core/image.js +290 -0
package/dist/core/image.test.d.ts +2 -0
package/dist/core/image.test.d.ts.map +1 -0
package/dist/core/image.test.js +149 -0
package/dist/core/models.d.ts +123 -0
package/dist/core/models.d.ts.map +1 -0
package/dist/core/models.js +325 -0
package/dist/core/permissions.d.ts +81 -0
package/dist/core/permissions.d.ts.map +1 -0
package/dist/core/permissions.js +327 -0
package/dist/core/retry.d.ts +25 -0
package/dist/core/retry.d.ts.map +1 -0
package/dist/core/retry.js +121 -0
package/dist/core/session-store.d.ts +9 -0
package/dist/core/session-store.d.ts.map +1 -0
package/dist/core/session-store.js +10 -0
package/dist/core/sessions/export.d.ts +47 -0
package/dist/core/sessions/export.d.ts.map +1 -0
package/dist/core/sessions/export.js +256 -0
package/dist/core/sessions/index.d.ts +132 -0
package/dist/core/sessions/index.d.ts.map +1 -0
package/dist/core/sessions/index.js +442 -0
package/dist/core/sessions/metadata.d.ts +77 -0
package/dist/core/sessions/metadata.d.ts.map +1 -0
package/dist/core/sessions/metadata.js +233 -0
package/dist/core/sessions/persistence.d.ts +72 -0
package/dist/core/sessions/persistence.d.ts.map +1 -0
package/dist/core/sessions/persistence.js +201 -0
package/dist/core/sessions/types.d.ts +110 -0
package/dist/core/sessions/types.d.ts.map +1 -0
package/dist/core/sessions/types.js +4 -0
package/dist/core/stream-highlighter.d.ts +18 -0
package/dist/core/stream-highlighter.d.ts.map +1 -0
package/dist/core/stream-highlighter.js +916 -0
package/dist/core/system-reminders.d.ts +89 -0
package/dist/core/system-reminders.d.ts.map +1 -0
package/dist/core/system-reminders.js +285 -0
package/dist/ecosystem/hooks/__tests__/index.test.d.ts +5 -0
package/dist/ecosystem/hooks/__tests__/index.test.d.ts.map +1 -0
package/dist/ecosystem/hooks/__tests__/index.test.js +458 -0
package/dist/ecosystem/hooks/index.d.ts +59 -0
package/dist/ecosystem/hooks/index.d.ts.map +1 -0
package/dist/ecosystem/hooks/index.js +294 -0
package/dist/ecosystem/hooks/prompt-evaluator.d.ts +32 -0
package/dist/ecosystem/hooks/prompt-evaluator.d.ts.map +1 -0
package/dist/ecosystem/hooks/prompt-evaluator.js +229 -0
package/dist/ecosystem/skills/index.d.ts +55 -0
package/dist/ecosystem/skills/index.d.ts.map +1 -0
package/dist/ecosystem/skills/index.js +258 -0
package/dist/ecosystem/tools/__tests__/index.test.d.ts +7 -0
package/dist/ecosystem/tools/__tests__/index.test.d.ts.map +1 -0
package/dist/ecosystem/tools/__tests__/index.test.js +856 -0
package/dist/ecosystem/tools/index.d.ts +24 -0
package/dist/ecosystem/tools/index.d.ts.map +1 -0
package/dist/ecosystem/tools/index.js +1709 -0
package/dist/index.d.ts +24 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +32 -52192
package/dist/interfaces/mcp/client.d.ts +40 -0
package/dist/interfaces/mcp/client.d.ts.map +1 -0
package/dist/interfaces/mcp/client.js +309 -0
package/dist/interfaces/ui/index.d.ts +36 -0
package/dist/interfaces/ui/index.d.ts.map +1 -0
package/dist/interfaces/ui/index.js +61 -0
package/dist/interfaces/ui/spinner.d.ts +140 -0
package/dist/interfaces/ui/spinner.d.ts.map +1 -0
package/dist/interfaces/ui/spinner.js +342 -0
package/dist/interfaces/ui/terminal/cli/index.d.ts +12 -0
package/dist/interfaces/ui/terminal/cli/index.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/cli/index.js +159 -52768
package/dist/interfaces/ui/terminal/shared/args.d.ts +39 -0
package/dist/interfaces/ui/terminal/shared/args.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/shared/args.js +176 -0
package/dist/interfaces/ui/terminal/shared/index.d.ts +11 -0
package/dist/interfaces/ui/terminal/shared/index.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/shared/index.js +16 -0
package/dist/interfaces/ui/terminal/shared/loading-state.d.ts +124 -0
package/dist/interfaces/ui/terminal/shared/loading-state.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/shared/loading-state.js +246 -0
package/dist/interfaces/ui/terminal/shared/query.d.ts +22 -0
package/dist/interfaces/ui/terminal/shared/query.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/shared/query.js +100 -0
package/dist/interfaces/ui/terminal/shared/setup.d.ts +33 -0
package/dist/interfaces/ui/terminal/shared/setup.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/shared/setup.js +226 -0
package/dist/interfaces/ui/terminal/shared/status-line.d.ts +117 -0
package/dist/interfaces/ui/terminal/shared/status-line.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/shared/status-line.js +267 -0
package/dist/interfaces/ui/terminal/shared/system-prompt.d.ts +38 -0
package/dist/interfaces/ui/terminal/shared/system-prompt.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/shared/system-prompt.js +102 -0
package/dist/interfaces/ui/terminal/tui/HelpPanel.d.ts +39 -0
package/dist/interfaces/ui/terminal/tui/HelpPanel.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/HelpPanel.js +215 -0
package/dist/interfaces/ui/terminal/tui/InputContext.d.ts +91 -0
package/dist/interfaces/ui/terminal/tui/InputContext.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/InputContext.js +154 -0
package/dist/interfaces/ui/terminal/tui/InputField.d.ts +18 -0
package/dist/interfaces/ui/terminal/tui/InputField.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/InputField.js +41 -0
package/dist/interfaces/ui/terminal/tui/InteractiveTUI.d.ts +16 -0
package/dist/interfaces/ui/terminal/tui/InteractiveTUI.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/InteractiveTUI.js +451 -0
package/dist/interfaces/ui/terminal/tui/MessageArea.d.ts +10 -0
package/dist/interfaces/ui/terminal/tui/MessageArea.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/MessageArea.js +91 -0
package/dist/interfaces/ui/terminal/tui/MessageStore.d.ts +48 -0
package/dist/interfaces/ui/terminal/tui/MessageStore.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/MessageStore.js +151 -0
package/dist/interfaces/ui/terminal/tui/StatusBar.d.ts +9 -0
package/dist/interfaces/ui/terminal/tui/StatusBar.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/StatusBar.js +36 -0
package/dist/interfaces/ui/terminal/tui/commands.d.ts +21 -0
package/dist/interfaces/ui/terminal/tui/commands.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/commands.js +359 -0
package/dist/interfaces/ui/terminal/tui/components/InteractiveElements.d.ts +115 -0
package/dist/interfaces/ui/terminal/tui/components/InteractiveElements.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/components/InteractiveElements.js +306 -0
package/dist/interfaces/ui/terminal/tui/components/MultilineInput.d.ts +92 -0
package/dist/interfaces/ui/terminal/tui/components/MultilineInput.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/components/MultilineInput.js +399 -0
package/dist/interfaces/ui/terminal/tui/components/PaneManager.d.ts +59 -0
package/dist/interfaces/ui/terminal/tui/components/PaneManager.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/components/PaneManager.js +139 -0
package/dist/interfaces/ui/terminal/tui/components/Sidebar.d.ts +68 -0
package/dist/interfaces/ui/terminal/tui/components/Sidebar.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/components/Sidebar.js +340 -0
package/dist/interfaces/ui/terminal/tui/components/index.d.ts +23 -0
package/dist/interfaces/ui/terminal/tui/components/index.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/components/index.js +51 -0
package/dist/interfaces/ui/terminal/tui/console.d.ts +20 -0
package/dist/interfaces/ui/terminal/tui/console.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/console.js +46 -0
package/dist/interfaces/ui/terminal/tui/index.d.ts +20 -0
package/dist/interfaces/ui/terminal/tui/index.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/index.js +28 -0
package/dist/interfaces/ui/terminal/tui/run.d.ts +13 -0
package/dist/interfaces/ui/terminal/tui/run.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/run.js +31 -0
package/dist/interfaces/ui/terminal/tui/spinner.d.ts +44 -0
package/dist/interfaces/ui/terminal/tui/spinner.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/spinner.js +59 -0
package/dist/interfaces/ui/terminal/tui/tui-app.d.ts +39 -0
package/dist/interfaces/ui/terminal/tui/tui-app.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/tui-app.js +198 -0
package/dist/interfaces/ui/terminal/tui/tui-footer.d.ts +167 -0
package/dist/interfaces/ui/terminal/tui/tui-footer.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/tui-footer.js +330 -0
package/dist/interfaces/ui/terminal/tui/types.d.ts +165 -0
package/dist/interfaces/ui/terminal/tui/types.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/types.js +5 -0
package/dist/interfaces/ui/terminal/tui/useInputHandler.d.ts +23 -0
package/dist/interfaces/ui/terminal/tui/useInputHandler.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/useInputHandler.js +72 -0
package/dist/interfaces/ui/terminal/tui/useNativeInput.d.ts +90 -0
package/dist/interfaces/ui/terminal/tui/useNativeInput.d.ts.map +1 -0
package/dist/interfaces/ui/terminal/tui/useNativeInput.js +188 -0
package/dist/native/index.d.ts +480 -0
package/dist/native/index.d.ts.map +1 -0
package/dist/native/index.js +1625 -0
package/dist/teammates/index.d.ts +161 -0
package/dist/teammates/index.d.ts.map +1 -0
package/dist/teammates/index.js +827 -0
package/dist/types/index.d.ts +482 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +52 -0
package/package.json +4 -2
package/packages/src/core/__tests__/permissions.test.ts +1091 -0
package/packages/src/core/agent-loop/__tests__/compaction.test.ts +280 -0
package/packages/src/core/agent-loop/__tests__/formatters.test.ts +234 -0
package/packages/src/core/agent-loop/__tests__/index.test.ts +162 -0
package/packages/src/core/agent-loop/__tests__/loop-state.test.ts +413 -0
package/packages/src/core/agent-loop/__tests__/message-builder.test.ts +229 -0
package/packages/src/core/agent-loop/__tests__/tool-executor.test.ts +457 -0
package/packages/src/core/agent-loop/compaction.ts +88 -0
package/packages/src/core/agent-loop/formatters.ts +50 -0
package/packages/src/core/agent-loop/index.ts +135 -0
package/packages/src/core/agent-loop/loop-state.ts +187 -0
package/packages/src/core/agent-loop/message-builder.ts +62 -0
package/packages/src/core/agent-loop/tool-executor.ts +211 -0
package/packages/src/core/agent-loop/turn-executor.ts +222 -0
package/packages/src/core/agent-loop/types.ts +148 -0
package/packages/src/core/agent-loop.ts +18 -0
package/packages/src/core/api-client-impl.ts +619 -0
package/packages/src/core/api-client.ts +6 -0
package/packages/src/core/checkpoints.ts +606 -0
package/packages/src/core/claude-md.ts +272 -0
package/packages/src/core/cognitive-security/hooks.ts +590 -0
package/packages/src/core/cognitive-security/index.ts +2041 -0
package/packages/src/core/cognitive-security/middleware.ts +536 -0
package/packages/src/core/config-loader.ts +324 -0
package/packages/src/core/context-compaction.ts +578 -0
package/packages/src/core/git-status.ts +262 -0
package/packages/src/core/image.test.ts +180 -0
package/packages/src/core/image.ts +350 -0
package/packages/src/core/lmdb.db +0 -0
package/packages/src/core/lmdb.db-lock +0 -0
package/packages/src/core/models.ts +430 -0
package/packages/src/core/normalizers/todo +4 -0
package/packages/src/core/permissions.ts +431 -0
package/packages/src/core/retry.ts +170 -0
package/packages/src/core/session-store.ts +36 -0
package/packages/src/core/sessions/export.ts +329 -0
package/packages/src/core/sessions/index.ts +587 -0
package/packages/src/core/sessions/metadata.ts +309 -0
package/packages/src/core/sessions/persistence.ts +244 -0
package/packages/src/core/sessions/types.ts +169 -0
package/packages/src/core/stream-highlighter.ts +1123 -0
package/packages/src/core/system-reminders.ts +402 -0
package/packages/src/core/todo +8 -0
package/packages/src/ecosystem/hooks/__tests__/index.test.ts +561 -0
package/packages/src/ecosystem/hooks/index.ts +341 -0
package/packages/src/ecosystem/hooks/prompt-evaluator.ts +300 -0
package/packages/src/ecosystem/skills/index.ts +295 -0
package/packages/src/ecosystem/tools/__tests__/index.test.ts +1335 -0
package/packages/src/ecosystem/tools/index.ts +1877 -0
package/packages/src/index.ts +120 -0
package/packages/src/interfaces/mcp/client.ts +389 -0
package/packages/src/interfaces/ui/Screenshot 2026-03-02 at 9.23.10/342/200/257PM.png +0 -0
package/packages/src/interfaces/ui/Screenshot 2026-03-03 at 10.55.11/342/200/257AM.png +0 -0
package/packages/src/interfaces/ui/index.ts +161 -0
package/packages/src/interfaces/ui/lmdb.db +0 -0
package/packages/src/interfaces/ui/lmdb.db-lock +0 -0
package/packages/src/interfaces/ui/spinner.ts +451 -0
package/packages/src/interfaces/ui/terminal/cli/index.ts +228 -0
package/packages/src/interfaces/ui/terminal/lmdb.db +0 -0
package/packages/src/interfaces/ui/terminal/lmdb.db-lock +0 -0
package/packages/src/interfaces/ui/terminal/shared/args.ts +222 -0
package/packages/src/interfaces/ui/terminal/shared/index.ts +71 -0
package/packages/src/interfaces/ui/terminal/shared/loading-state.ts +322 -0
package/packages/src/interfaces/ui/terminal/shared/query.ts +146 -0
package/packages/src/interfaces/ui/terminal/shared/setup.ts +295 -0
package/packages/src/interfaces/ui/terminal/shared/status-line.ts +358 -0
package/packages/src/interfaces/ui/terminal/shared/system-prompt.ts +146 -0
package/packages/src/interfaces/ui/terminal/tui/HelpPanel.tsx +262 -0
package/packages/src/interfaces/ui/terminal/tui/InputContext.tsx +232 -0
package/packages/src/interfaces/ui/terminal/tui/InputField.tsx +62 -0
package/packages/src/interfaces/ui/terminal/tui/InteractiveTUI.tsx +537 -0
package/packages/src/interfaces/ui/terminal/tui/MessageArea.tsx +107 -0
package/packages/src/interfaces/ui/terminal/tui/MessageStore.tsx +240 -0
package/packages/src/interfaces/ui/terminal/tui/StatusBar.tsx +54 -0
package/packages/src/interfaces/ui/terminal/tui/commands.ts +438 -0
package/packages/src/interfaces/ui/terminal/tui/components/InteractiveElements.tsx +584 -0
package/packages/src/interfaces/ui/terminal/tui/components/MultilineInput.tsx +614 -0
package/packages/src/interfaces/ui/terminal/tui/components/PaneManager.tsx +333 -0
package/packages/src/interfaces/ui/terminal/tui/components/Sidebar.tsx +604 -0
package/packages/src/interfaces/ui/terminal/tui/components/index.ts +118 -0
package/packages/src/interfaces/ui/terminal/tui/console.ts +49 -0
package/packages/src/interfaces/ui/terminal/tui/index.ts +90 -0
package/packages/src/interfaces/ui/terminal/tui/run.tsx +42 -0
package/packages/src/interfaces/ui/terminal/tui/spinner.ts +69 -0
package/packages/src/interfaces/ui/terminal/tui/tui-app.tsx +390 -0
package/packages/src/interfaces/ui/terminal/tui/tui-footer.ts +422 -0
package/packages/src/interfaces/ui/terminal/tui/types.ts +186 -0
package/packages/src/interfaces/ui/terminal/tui/useInputHandler.ts +104 -0
package/packages/src/interfaces/ui/terminal/tui/useNativeInput.ts +239 -0
package/packages/src/lmdb.db +0 -0
package/packages/src/lmdb.db-lock +0 -0
package/packages/src/native/index.ts +2345 -0
package/packages/src/teammates/index.ts +982 -0
package/packages/src/types/index.ts +722 -0

package/packages/src/core/cognitive-security/hooks.ts ADDED Viewed

@@ -0,0 +1,590 @@
+/**
+ * Cognitive Security Hooks
+ *
+ * Automatic security checks integrated into the agent lifecycle.
+ * No manual calls needed - hooks intercept all operations.
+ */
+import type { HookInput, HookOutput } from "../../types/index.js";
+import {
+  classifyData,
+  classifyOperation,
+  scoreAlignment,
+  createFlowPolicyEngine,
+  createFlowTracker,
+  createLeakPrevention,
+  createTaintTracker,
+  type FlowPolicyEngineHandle,
+  type FlowTrackerHandle,
+  type LeakPreventionHandle,
+  type TaintTrackerHandle,
+  type AgentIntent,
+  type ActionContext,
+} from "./index.js";
+/**
+ * Security configuration for hooks
+ */
+export interface SecurityHookConfig {
+  /** Enable all security checks */
+  enabled: boolean;
+  /** Check intent alignment before actions */
+  checkIntentAlignment: boolean;
+  /** Enforce flow policies */
+  enforceFlowPolicies: boolean;
+  /** Check for data leaks */
+  preventLeaks: boolean;
+  /** Track taint propagation */
+  trackTaints: boolean;
+  /** Log security events */
+  logEvents: boolean;
+  /** Block on violations (false = log only) */
+  blockOnViolation: boolean;
+  /** Minimum alignment score to allow (0-1) */
+  minAlignmentScore: number;
+  /** Sensitivities that require approval */
+  approvalRequiredSensitivities: string[];
+  /** Domains that require signed actions (every action cryptographically signed) */
+  requireSignedActions: string[];
+  /** Threshold for drift detection (0-1, higher = more strict) */
+  driftThreshold: number;
+  /** Enable immutable directives (cryptographically signed rules outside AI context) */
+  enableImmutableDirectives: boolean;
+  /** Require approval for operations above this sensitivity level */
+  approvalSensitivityLevel: string;
+}
+export const DEFAULT_SECURITY_CONFIG: SecurityHookConfig = {
+  enabled: true,
+  checkIntentAlignment: true,
+  enforceFlowPolicies: true,
+  preventLeaks: true,
+  trackTaints: true,
+  logEvents: true,
+  blockOnViolation: true,
+  minAlignmentScore: 0.5,
+  approvalRequiredSensitivities: ["secret", "top_secret"],
+  // Domains requiring cryptographic action signing
+  requireSignedActions: ["financial", "external", "credentials"],
+  // Drift detection threshold - flag when behavior deviates > 30%
+  driftThreshold: 0.3,
+  // Enable immutable directives from secure storage
+  enableImmutableDirectives: true,
+  // Sensitivity level requiring explicit user approval
+  approvalSensitivityLevel: "confidential",
+};
+/**
+ * Security event for logging
+ */
+export interface SecurityEvent {
+  timestamp: number;
+  hook: string;
+  tool?: string;
+  action: "check" | "allow" | "deny" | "sanitize";
+  reason?: string;
+  sensitivity?: string;
+  category?: string;
+  alignmentScore?: number;
+  dataId?: string;
+}
+/**
+ * Cognitive Security Hook Handler
+ *
+ * Maintains state across hooks and provides security check methods.
+ */
+export class CognitiveSecurityHooks {
+  private config: SecurityHookConfig;
+  private intent: AgentIntent | null = null;
+  private policyEngine: FlowPolicyEngineHandle | null = null;
+  private flowTracker: FlowTrackerHandle | null = null;
+  private leakPrevention: LeakPreventionHandle | null = null;
+  private taintTracker: TaintTrackerHandle | null = null;
+  private events: SecurityEvent[] = [];
+  private initialized = false;
+  private sessionId: string | null = null;
+  constructor(config: Partial<SecurityHookConfig> = {}) {
+    this.config = { ...DEFAULT_SECURITY_CONFIG, ...config };
+  }
+  /**
+   * Initialize security components (called on SessionStart)
+   */
+  private async initialize(): Promise<void> {
+    if (this.initialized) return;
+    try {
+      if (this.config.enforceFlowPolicies) {
+        this.policyEngine = await createFlowPolicyEngine();
+      }
+      if (this.config.trackTaints) {
+        this.flowTracker = await createFlowTracker();
+        this.taintTracker = await createTaintTracker();
+      }
+      if (this.config.preventLeaks) {
+        this.leakPrevention = await createLeakPrevention();
+      }
+      this.initialized = true;
+      this.log("SessionStart", undefined, "check", "Security hooks initialized");
+    } catch (error) {
+      this.log("SessionStart", undefined, "check", `Init failed: ${error}`);
+    }
+  }
+  /**
+   * Set the agent intent for alignment checking
+   */
+  setIntent(intent: AgentIntent): void {
+    this.intent = intent;
+    this.log("SessionStart", undefined, "check", `Intent loaded: ${intent.identity.name}`);
+  }
+  /**
+   * SessionStart hook - Initialize security and load intent
+   */
+  async onSessionStart(input: HookInput): Promise<HookOutput> {
+    await this.initialize();
+    this.sessionId = input.session_id || null;
+    // Intent should be set externally before session starts
+    // This is just initialization
+    return { decision: "allow" };
+  }
+  /**
+   * PreToolUse hook - Check intent, classify action, enforce policies
+   */
+  async onPreToolUse(input: HookInput): Promise<HookOutput> {
+    if (!this.config.enabled) {
+      return { decision: "allow" };
+    }
+    await this.initialize();
+    const toolName = input.tool_name || "unknown";
+    const toolInput = input.tool_input || {};
+    // 1. Classify the operation
+    const actionContext: ActionContext = {
+      actionType: this.inferActionType(toolName),
+      domain: this.inferDomain(toolName),
+      operation: toolName,
+      target: typeof toolInput.file_path === "string" ? toolInput.file_path : undefined,
+      params: toolInput,
+      reasoning: `Tool: ${toolName}`,
+    };
+    try {
+      const classifiedAction = await classifyOperation(
+        toolName,
+        actionContext.domain,
+        actionContext.target,
+        actionContext.reasoning
+      );
+      // 2. Check intent alignment
+      if (this.config.checkIntentAlignment && this.intent) {
+        const alignment = await scoreAlignment(actionContext, this.intent);
+        this.log("PreToolUse", toolName, "check",
+          `Alignment: ${alignment.score.toFixed(2)}`,
+          undefined, undefined, alignment.score
+        );
+        if (alignment.shouldBlock || alignment.score < this.config.minAlignmentScore) {
+          const reason = alignment.boundaryConcerns.length > 0
+            ? `Boundary concerns: ${alignment.boundaryConcerns.join(", ")}`
+            : `Low alignment score: ${alignment.score.toFixed(2)}`;
+          this.log("PreToolUse", toolName, "deny", reason);
+          if (this.config.blockOnViolation) {
+            return {
+              decision: "deny",
+              reason: `[Security] ${reason}`,
+            };
+          }
+        }
+      }
+      // 3. Check flow policy
+      if (this.config.enforceFlowPolicies && this.policyEngine) {
+        // Extract content for classification
+        const content = this.extractContent(toolInput);
+        const classified = await classifyData(content, actionContext.domain, [toolName]);
+        this.log("PreToolUse", toolName, "check",
+          `Classified: ${classified.sensitivity}/${classified.category}`,
+          classified.sensitivity, classified.category
+        );
+        // Determine target domain
+        const targetDomain = this.isExternalTool(toolName) ? "external" : "internal";
+        const flowResult = this.policyEngine.evaluate(
+          classified,
+          actionContext.domain,
+          targetDomain
+        );
+        if (!flowResult.allowed) {
+          this.log("PreToolUse", toolName, "deny", flowResult.reason);
+          if (this.config.blockOnViolation) {
+            return {
+              decision: "deny",
+              reason: `[Security] Flow policy violation: ${flowResult.reason}`,
+            };
+          }
+        }
+        // Check if approval required
+        if (flowResult.requireApproval ||
+            this.config.approvalRequiredSensitivities.includes(classified.sensitivity)) {
+          // For now, just log - in full implementation would prompt user
+          this.log("PreToolUse", toolName, "check", "Approval recommended");
+        }
+      }
+      this.log("PreToolUse", toolName, "allow", "Checks passed");
+      return { decision: "allow" };
+    } catch (error) {
+      const msg = error instanceof Error ? error.message : String(error);
+      this.log("PreToolUse", toolName, "check", `Error: ${msg}`);
+      // On error, allow but log
+      return { decision: "allow" };
+    }
+  }
+  /**
+   * PostToolUse hook - Check output for leaks, track flows
+   */
+  async onPostToolUse(input: HookInput): Promise<HookOutput> {
+    if (!this.config.enabled) {
+      return { decision: "allow" };
+    }
+    await this.initialize();
+    const toolName = input.tool_name || "unknown";
+    const toolResult = input.tool_result || "";
+    const toolIsError = input.tool_result_is_error || false;
+    // Skip error results
+    if (toolIsError) {
+      return { decision: "allow" };
+    }
+    try {
+      // 1. Classify output
+      const content = typeof toolResult === "string" ? toolResult : JSON.stringify(toolResult);
+      const classified = await classifyData(content, "agent", [toolName, "output"]);
+      this.log("PostToolUse", toolName, "check",
+        `Output: ${classified.sensitivity}/${classified.category}`,
+        classified.sensitivity, classified.category
+      );
+      // 2. Check for leaks
+      if (this.config.preventLeaks && this.leakPrevention) {
+        const channel = this.isExternalTool(toolName) ? "external" : "internal";
+        const leakCheck = this.leakPrevention.check(content, channel);
+        if (leakCheck.action === "block") {
+          const patterns = leakCheck.detections.map(d => d.pattern_name).join(", ");
+          this.log("PostToolUse", toolName, "sanitize", `Leaks detected: ${patterns}`);
+          if (this.config.blockOnViolation) {
+            // Sanitize the output
+            const sanitized = this.leakPrevention.sanitize(content);
+            this.log("PostToolUse", toolName, "sanitize", "Output sanitized");
+            return {
+              decision: "allow",
+              modified_input: {
+                tool_result: sanitized,
+              },
+            };
+          }
+        }
+      }
+      // 3. Track flow
+      if (this.config.trackTaints && this.flowTracker && this.policyEngine) {
+        const sourceDomain = "agent";
+        const targetDomain = this.isExternalTool(toolName) ? "external" : "internal";
+        const flowResult = this.policyEngine.evaluate(
+          classified,
+          sourceDomain,
+          targetDomain
+        );
+        this.flowTracker.record(
+          classified,
+          sourceDomain,
+          targetDomain,
+          this.isExternalTool(toolName) ? "outbound" : "internal",
+          flowResult,
+          this.sessionId,
+          null
+        );
+        this.log("PostToolUse", toolName, "check", "Flow tracked");
+      }
+      this.log("PostToolUse", toolName, "allow", "Output checks passed");
+      return { decision: "allow" };
+    } catch (error) {
+      const msg = error instanceof Error ? error.message : String(error);
+      this.log("PostToolUse", toolName, "check", `Error: ${msg}`);
+      return { decision: "allow" };
+    }
+  }
+  /**
+   * UserPromptSubmit hook - Check user input for injection attempts
+   */
+  async onUserPromptSubmit(input: HookInput): Promise<HookOutput> {
+    if (!this.config.enabled) {
+      return { decision: "allow" };
+    }
+    const prompt = input.prompt || "";
+    await this.initialize();
+    try {
+      // Check for potential injection patterns
+      const suspiciousPatterns = [
+        /ignore (all )?(previous|above) instructions/i,
+        /you are now/i,
+        /disregard (all )?(rules|policies)/i,
+        /system:? prompt/i,
+        /\[system\]/i,
+        /<\|.*?\|>/,
+      ];
+      for (const pattern of suspiciousPatterns) {
+        if (pattern.test(prompt)) {
+          this.log("UserPromptSubmit", undefined, "check", "Suspicious pattern detected");
+          if (this.config.blockOnViolation) {
+            return {
+              decision: "deny",
+              reason: "[Security] Prompt contains potentially unsafe patterns",
+            };
+          }
+        }
+      }
+      // Classify user input
+      const classified = await classifyData(prompt, "user_input", []);
+      this.log("UserPromptSubmit", undefined, "check",
+        `Input: ${classified.sensitivity}`,
+        classified.sensitivity
+      );
+      return { decision: "allow" };
+    } catch (error) {
+      return { decision: "allow" };
+    }
+  }
+  /**
+   * SessionEnd hook - Generate security report
+   */
+  async onSessionEnd(_input: HookInput): Promise<HookOutput> {
+    const stats = this.getStats();
+    this.log("SessionEnd", undefined, "check",
+      `Session ended - ${stats.totalEvents} events, ${stats.deniedCount} denied`
+    );
+    return { decision: "allow" };
+  }
+  // ============================================
+  // Utility Methods
+  // ============================================
+  private inferActionType(toolName: string): string {
+    const typeMap: Record<string, string> = {
+      Read: "observe",
+      Glob: "observe",
+      Grep: "observe",
+      Write: "modify",
+      Edit: "modify",
+      MultiEdit: "modify",
+      Bash: "execute",
+      NotebookEdit: "modify",
+    };
+    return typeMap[toolName] || "observe";
+  }
+  private inferDomain(toolName: string): string {
+    const domainMap: Record<string, string> = {
+      Read: "filesystem",
+      Write: "filesystem",
+      Edit: "filesystem",
+      Glob: "filesystem",
+      Grep: "filesystem",
+      Bash: "shell",
+      MultiEdit: "filesystem",
+    };
+    return domainMap[toolName] || "agent";
+  }
+  private isExternalTool(toolName: string): boolean {
+    const externalTools = ["Bash", "Write", "Edit", "MultiEdit", "NotebookEdit"];
+    return externalTools.includes(toolName);
+  }
+  private extractContent(input: Record<string, unknown>): string {
+    const parts: string[] = [];
+    for (const [key, value] of Object.entries(input)) {
+      if (typeof value === "string") {
+        parts.push(value);
+      } else if (typeof value === "object" && value !== null) {
+        parts.push(JSON.stringify(value));
+      }
+    }
+    return parts.join(" ");
+  }
+  private log(
+    hook: string,
+    tool: string | undefined,
+    action: SecurityEvent["action"],
+    reason: string,
+    sensitivity?: string,
+    category?: string,
+    alignmentScore?: number
+  ): void {
+    const event: SecurityEvent = {
+      timestamp: Date.now(),
+      hook,
+      tool,
+      action,
+      reason,
+      sensitivity,
+      category,
+      alignmentScore,
+    };
+    this.events.push(event);
+    if (this.config.logEvents) {
+      const prefix = action === "deny" ? "\x1b[31m[Security]\x1b[0m" : "\x1b[90m[Security]\x1b[0m";
+      const toolStr = tool ? ` ${tool}:` : "";
+      console.log(`${prefix}${toolStr} ${reason}`);
+    }
+  }
+  /**
+   * Get all security events
+   */
+  getEvents(): SecurityEvent[] {
+    return [...this.events];
+  }
+  /**
+   * Get security statistics
+   */
+  getStats(): {
+    totalEvents: number;
+    allowedCount: number;
+    deniedCount: number;
+    sanitizedCount: number;
+    bySensitivity: Record<string, number>;
+    avgAlignmentScore: number;
+  } {
+    const allowedCount = this.events.filter(e => e.action === "allow").length;
+    const deniedCount = this.events.filter(e => e.action === "deny").length;
+    const sanitizedCount = this.events.filter(e => e.action === "sanitize").length;
+    const bySensitivity: Record<string, number> = {};
+    for (const event of this.events) {
+      if (event.sensitivity) {
+        bySensitivity[event.sensitivity] = (bySensitivity[event.sensitivity] || 0) + 1;
+      }
+    }
+    const alignmentScores = this.events
+      .filter(e => e.alignmentScore !== undefined)
+      .map(e => e.alignmentScore!);
+    const avgAlignmentScore = alignmentScores.length > 0
+      ? alignmentScores.reduce((a, b) => a + b, 0) / alignmentScores.length
+      : 0;
+    return {
+      totalEvents: this.events.length,
+      allowedCount,
+      deniedCount,
+      sanitizedCount,
+      bySensitivity,
+      avgAlignmentScore,
+    };
+  }
+  /**
+   * Clear event history
+   */
+  clearEvents(): void {
+    this.events = [];
+  }
+}
+// Singleton instance
+let globalHooks: CognitiveSecurityHooks | null = null;
+/**
+ * Get global security hooks instance
+ */
+export function getSecurityHooks(
+  config?: Partial<SecurityHookConfig>
+): CognitiveSecurityHooks {
+  if (!globalHooks) {
+    globalHooks = new CognitiveSecurityHooks(config);
+  }
+  return globalHooks;
+}
+/**
+ * Create hook handlers for HookManager
+ */
+export function createSecurityHookHandlers(
+  config?: Partial<SecurityHookConfig>
+): {
+  SessionStart: (input: HookInput) => Promise<HookOutput>;
+  PreToolUse: (input: HookInput) => Promise<HookOutput>;
+  PostToolUse: (input: HookInput) => Promise<HookOutput>;
+  UserPromptSubmit: (input: HookInput) => Promise<HookOutput>;
+  SessionEnd: (input: HookInput) => Promise<HookOutput>;
+} {
+  const hooks = new CognitiveSecurityHooks(config);
+  return {
+    SessionStart: (input) => hooks.onSessionStart(input),
+    PreToolUse: (input) => hooks.onPreToolUse(input),
+    PostToolUse: (input) => hooks.onPostToolUse(input),
+    UserPromptSubmit: (input) => hooks.onUserPromptSubmit(input),
+    SessionEnd: (input) => hooks.onSessionEnd(input),
+  };
+}