@etus/bhono-app 0.1.6 → 0.1.7

package/templates/base/.claude/hooks/skill-activation-prompt.ts

@@ -1,142 +1,214 @@
 #!/usr/bin/env node
+/**
+ * Skill Activation Prompt Hook (UserPromptSubmit)
+ *
+ * Analyzes user prompts and suggests relevant skills based on:
+ * - Keywords (exact match, case-insensitive)
+ * - Intent patterns (regex-based semantic matching)
+ *
+ * Features:
+ * - Skips short prompts (< 15 chars) to avoid noise
+ * - Skips slash commands (already invoking a skill)
+ * - Groups suggestions by priority level
+ * - Returns structured JSON for Claude Code
+ */
+
 import { readFileSync } from 'fs';
 import { join, dirname } from 'path';
 import { fileURLToPath } from 'url';
 
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = dirname(__filename);
+const __dirname = dirname(fileURLToPath(import.meta.url));
+
+// Minimum prompt length to trigger skill detection
+const MIN_PROMPT_LENGTH = 15;
 
 interface HookInput {
-    session_id: string;
-    transcript_path: string;
-    cwd: string;
-    permission_mode: string;
-    prompt: string;
+  session_id: string;
+  transcript_path?: string;
+  cwd?: string;
+  permission_mode?: string;
+  prompt: string;
 }
 
 interface PromptTriggers {
-    keywords?: string[];
-    intentPatterns?: string[];
+  keywords?: string[];
+  intentPatterns?: string[];
+}
+
+interface ToolGuard {
+  tool: string;
+  patterns: string[];
 }
 
 interface SkillRule {
-    type: 'guardrail' | 'domain';
-    enforcement: 'block' | 'suggest' | 'warn';
-    priority: 'critical' | 'high' | 'medium' | 'low';
-    promptTriggers?: PromptTriggers;
+  type: 'guardrail' | 'domain';
+  enforcement: 'block' | 'suggest' | 'warn';
+  priority: 'critical' | 'high' | 'medium' | 'low';
+  description?: string;
+  promptTriggers?: PromptTriggers;
+  toolGuards?: ToolGuard[];
 }
 
 interface SkillRules {
-    version: string;
-    skills: Record<string, SkillRule>;
+  version: string;
+  skills: Record<string, SkillRule>;
 }
 
 interface MatchedSkill {
-    name: string;
-    matchType: 'keyword' | 'intent';
-    config: SkillRule;
+  name: string;
+  matchType: 'keyword' | 'intent';
+  config: SkillRule;
 }
 
-async function main() {
-    try {
-        // Read input from stdin
-        const input = readFileSync(0, 'utf-8');
-        const data: HookInput = JSON.parse(input);
+function shouldSkipPrompt(prompt: string): boolean {
+  // Skip very short prompts
+  if (prompt.length < MIN_PROMPT_LENGTH) {
+    return true;
+  }
+
+  // Skip slash commands (user is already invoking a skill)
+  if (prompt.trim().startsWith('/')) {
+    return true;
+  }
+
+  // Skip common non-task prompts
+  const skipPatterns = [
+    /^(hi|hello|hey|thanks|thank you|ok|okay|yes|no|sure)[\s!.]*$/i,
+    /^(what|how|why|when|where|who|can you|could you|would you).*\?$/i, // Pure questions without action
+  ];
+
+  // Don't skip questions that imply action
+  const actionQuestionPatterns = [
+    /can you (create|build|make|implement|add|fix|update|deploy)/i,
+    /how (do i|to|can i) (create|build|make|implement|add|fix|update|deploy)/i,
+  ];
+
+  const isActionQuestion = actionQuestionPatterns.some(p => p.test(prompt));
+  if (isActionQuestion) {
+    return false;
+  }
+
+  return skipPatterns.some(p => p.test(prompt.trim()));
+}
 
-        // Handle missing or empty prompt
-        if (!data.prompt) {
-            process.exit(0);
-        }
+function findMatches(prompt: string, rules: SkillRules): MatchedSkill[] {
+  const matches: MatchedSkill[] = [];
+  const promptLower = prompt.toLowerCase();
 
-        const prompt = data.prompt.toLowerCase();
-
-        // Load skill rules
-        // From .claude/hooks, go up one level to .claude, then to skills
-        const rulesPath = join(__dirname, '..', 'skills', 'skill-rules.json');
-        const rules: SkillRules = JSON.parse(readFileSync(rulesPath, 'utf-8'));
-
-        const matchedSkills: MatchedSkill[] = [];
-
-        // Check each skill for matches
-        for (const [skillName, config] of Object.entries(rules.skills)) {
-            const triggers = config.promptTriggers;
-            if (!triggers) {
-                continue;
-            }
-
-            // Keyword matching
-            if (triggers.keywords) {
-                const keywordMatch = triggers.keywords.some(kw =>
-                    prompt.includes(kw.toLowerCase())
-                );
-                if (keywordMatch) {
-                    matchedSkills.push({ name: skillName, matchType: 'keyword', config });
-                    continue;
-                }
-            }
-
-            // Intent pattern matching
-            if (triggers.intentPatterns) {
-                const intentMatch = triggers.intentPatterns.some(pattern => {
-                    const regex = new RegExp(pattern, 'i');
-                    return regex.test(prompt);
-                });
-                if (intentMatch) {
-                    matchedSkills.push({ name: skillName, matchType: 'intent', config });
-                }
-            }
-        }
+  for (const [skillName, config] of Object.entries(rules.skills)) {
+    const triggers = config.promptTriggers;
+    if (!triggers) {
+      continue;
+    }
+
+    // Keyword matching (exact, case-insensitive)
+    if (triggers.keywords) {
+      const keywordMatch = triggers.keywords.some(kw =>
+        promptLower.includes(kw.toLowerCase())
+      );
+      if (keywordMatch) {
+        matches.push({ name: skillName, matchType: 'keyword', config });
+        continue; // Don't check patterns if keyword matched
+      }
+    }
 
-        // Generate output if matches found
-        if (matchedSkills.length > 0) {
-            let output = '━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n';
-            output += '🎯 SKILL ACTIVATION CHECK\n';
-            output += '━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n';
-
-            // Group by priority
-            const critical = matchedSkills.filter(s => s.config.priority === 'critical');
-            const high = matchedSkills.filter(s => s.config.priority === 'high');
-            const medium = matchedSkills.filter(s => s.config.priority === 'medium');
-            const low = matchedSkills.filter(s => s.config.priority === 'low');
-
-            if (critical.length > 0) {
-                output += '⚠️ CRITICAL SKILLS (REQUIRED):\n';
-                critical.forEach(s => output += `  → ${s.name}\n`);
-                output += '\n';
-            }
-
-            if (high.length > 0) {
-                output += '📚 RECOMMENDED SKILLS:\n';
-                high.forEach(s => output += `  → ${s.name}\n`);
-                output += '\n';
-            }
-
-            if (medium.length > 0) {
-                output += '💡 SUGGESTED SKILLS:\n';
-                medium.forEach(s => output += `  → ${s.name}\n`);
-                output += '\n';
-            }
-
-            if (low.length > 0) {
-                output += '📌 OPTIONAL SKILLS:\n';
-                low.forEach(s => output += `  → ${s.name}\n`);
-                output += '\n';
-            }
-
-            output += 'ACTION: Use Skill tool BEFORE responding\n';
-            output += '━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n';
-
-            console.log(output);
+    // Intent pattern matching (regex)
+    if (triggers.intentPatterns) {
+      const intentMatch = triggers.intentPatterns.some(pattern => {
+        try {
+          const regex = new RegExp(pattern, 'i');
+          return regex.test(prompt);
+        } catch {
+          return false;
         }
+      });
+      if (intentMatch) {
+        matches.push({ name: skillName, matchType: 'intent', config });
+      }
+    }
+  }
+
+  return matches;
+}
+
+function formatOutput(matches: MatchedSkill[]): string {
+  // Group by priority
+  const byPriority = {
+    critical: matches.filter(s => s.config.priority === 'critical'),
+    high: matches.filter(s => s.config.priority === 'high'),
+    medium: matches.filter(s => s.config.priority === 'medium'),
+    low: matches.filter(s => s.config.priority === 'low'),
+  };
+
+  const lines: string[] = ['🎯 SKILL ACTIVATION'];
 
-        process.exit(0);
-    } catch (err) {
-        console.error('Error in skill-activation-prompt hook:', err);
-        process.exit(1);
+  if (byPriority.critical.length > 0) {
+    lines.push(`⚠️ REQUIRED: ${byPriority.critical.map(s => s.name).join(', ')}`);
+  }
+
+  if (byPriority.high.length > 0) {
+    lines.push(`📚 RECOMMENDED: ${byPriority.high.map(s => s.name).join(', ')}`);
+  }
+
+  if (byPriority.medium.length > 0) {
+    lines.push(`💡 SUGGESTED: ${byPriority.medium.map(s => s.name).join(', ')}`);
+  }
+
+  if (byPriority.low.length > 0) {
+    lines.push(`📌 OPTIONAL: ${byPriority.low.map(s => s.name).join(', ')}`);
+  }
+
+  lines.push('→ Use Skill tool BEFORE responding');
+
+  return lines.join('\n');
+}
+
+function main() {
+  try {
+    const input = readFileSync(0, 'utf-8');
+    const data: HookInput = JSON.parse(input);
+    const prompt = data.prompt;
+
+    // Early exit conditions
+    if (shouldSkipPrompt(prompt)) {
+      process.exit(0);
     }
+
+    // Load skill rules
+    const rulesPath = join(__dirname, '..', 'skills', 'skill-rules.json');
+    let rules: SkillRules;
+
+    try {
+      rules = JSON.parse(readFileSync(rulesPath, 'utf-8'));
+    } catch {
+      // Silent exit if rules file not found
+      process.exit(0);
+    }
+
+    // Find matching skills
+    const matches = findMatches(prompt, rules);
+
+    // No matches = no output
+    if (matches.length === 0) {
+      process.exit(0);
+    }
+
+    // Format and output
+    const message = formatOutput(matches);
+
+    const output = {
+      hookSpecificOutput: {
+        hookEventName: 'UserPromptSubmit',
+        additionalContext: `<system-reminder>${message}</system-reminder>`
+      }
+    };
+
+    console.log(JSON.stringify(output));
+    process.exit(0);
+  } catch (err) {
+    // Silent failure - don't break user experience
+    process.exit(0);
+  }
 }
 
-main().catch(err => {
-    console.error('Uncaught error:', err);
-    process.exit(1);
-});
+main();

package/templates/base/.claude/hooks/skill-tool-guard.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+cd "$SCRIPT_DIR"
+cat | npx tsx skill-tool-guard.ts

package/templates/base/.claude/hooks/skill-tool-guard.ts

@@ -0,0 +1,198 @@
+#!/usr/bin/env node
+/**
+ * Skill Tool Guard Hook (PreToolUse)
+ *
+ * Recommends or blocks tool usage based on skill rules.
+ * Reads toolGuards from skill-rules.json to determine which
+ * skills should be used before specific tool patterns.
+ *
+ * Supported tools:
+ * - Bash: checks command content
+ * - Edit/Write: checks file_path
+ * - Read: checks file_path
+ * - Glob/Grep: checks pattern/path
+ * - Task: checks prompt
+ * - WebFetch: checks url
+ * - All others: checks JSON stringified input
+ */
+
+import { readFileSync } from 'fs';
+import { join, dirname } from 'path';
+import { fileURLToPath } from 'url';
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+
+interface PreToolUseInput {
+  session_id: string;
+  tool_name: string;
+  tool_input: Record<string, unknown>;
+}
+
+interface ToolGuard {
+  tool: string;
+  patterns: string[];
+}
+
+interface SkillRule {
+  type: string;
+  enforcement: 'suggest' | 'warn' | 'block';
+  priority: string;
+  description?: string;
+  toolGuards?: ToolGuard[];
+}
+
+interface SkillRules {
+  version: string;
+  skills: Record<string, SkillRule>;
+}
+
+interface MatchedGuard {
+  skillName: string;
+  enforcement: string;
+  description?: string;
+}
+
+/**
+ * Extract the content to check based on tool type
+ */
+function getContentToCheck(toolName: string, toolInput: Record<string, unknown>): string {
+  switch (toolName) {
+    case 'Bash':
+      return String(toolInput.command || '');
+
+    case 'Edit':
+    case 'Write':
+    case 'Read':
+      return String(toolInput.file_path || '');
+
+    case 'Glob':
+      return String(toolInput.pattern || '') + ' ' + String(toolInput.path || '');
+
+    case 'Grep':
+      return String(toolInput.pattern || '') + ' ' + String(toolInput.path || '');
+
+    case 'Task':
+      return String(toolInput.prompt || '') + ' ' + String(toolInput.description || '');
+
+    case 'WebFetch':
+      return String(toolInput.url || '');
+
+    case 'WebSearch':
+      return String(toolInput.query || '');
+
+    default:
+      // For unknown tools, stringify the entire input
+      return JSON.stringify(toolInput);
+  }
+}
+
+/**
+ * Check if a pattern matches the content
+ */
+function matchesPattern(content: string, pattern: string): boolean {
+  try {
+    const regex = new RegExp(pattern, 'i');
+    return regex.test(content);
+  } catch {
+    // If regex fails, try simple includes
+    return content.toLowerCase().includes(pattern.toLowerCase());
+  }
+}
+
+function main() {
+  try {
+    const input = readFileSync(0, 'utf-8');
+    const data: PreToolUseInput = JSON.parse(input);
+
+    // Load skill rules
+    const rulesPath = join(__dirname, '..', 'skills', 'skill-rules.json');
+    let rules: SkillRules;
+
+    try {
+      rules = JSON.parse(readFileSync(rulesPath, 'utf-8'));
+    } catch {
+      process.exit(0);
+    }
+
+    const contentToCheck = getContentToCheck(data.tool_name, data.tool_input);
+    const matchedGuards: MatchedGuard[] = [];
+
+    // Check each skill's toolGuards
+    for (const [skillName, config] of Object.entries(rules.skills)) {
+      const guards = config.toolGuards;
+      if (!guards || guards.length === 0) {
+        continue;
+      }
+
+      for (const guard of guards) {
+        // Check if tool matches (exact match or wildcard)
+        if (guard.tool !== data.tool_name && guard.tool !== '*') {
+          continue;
+        }
+
+        // Check if any pattern matches
+        const matched = guard.patterns.some(pattern =>
+          matchesPattern(contentToCheck, pattern)
+        );
+
+        if (matched) {
+          matchedGuards.push({
+            skillName,
+            enforcement: config.enforcement,
+            description: config.description
+          });
+          break; // Only match once per skill
+        }
+      }
+    }
+
+    // No matches = no output
+    if (matchedGuards.length === 0) {
+      process.exit(0);
+    }
+
+    // Group by enforcement level
+    const critical = matchedGuards.filter(g => g.enforcement === 'block');
+    const warnings = matchedGuards.filter(g => g.enforcement === 'warn');
+    const suggestions = matchedGuards.filter(g => g.enforcement === 'suggest');
+
+    // Build message
+    const lines: string[] = [`⚡ TOOL GUARD (${data.tool_name})`];
+
+    if (critical.length > 0) {
+      lines.push(`🚫 BLOCKED: ${critical.map(g => g.skillName).join(', ')}`);
+    }
+
+    if (warnings.length > 0) {
+      lines.push(`⚠️ WARNING: ${warnings.map(g => g.skillName).join(', ')}`);
+    }
+
+    if (suggestions.length > 0) {
+      lines.push(`💡 CONSIDER: ${suggestions.map(g => g.skillName).join(', ')}`);
+    }
+
+    lines.push('→ Use relevant skill before proceeding');
+
+    const message = lines.join('\n');
+
+    // Determine permission decision based on enforcement
+    // For now, only 'suggest' - block/warn not implemented yet
+    const permissionDecision = critical.length > 0 ? 'block' : 'allow';
+
+    const output = {
+      hookSpecificOutput: {
+        hookEventName: 'PreToolUse',
+        permissionDecision,
+        additionalContext: `<system-reminder>${message}</system-reminder>`
+      }
+    };
+
+    console.log(JSON.stringify(output));
+    process.exit(0);
+  } catch (err) {
+    // Silent failure - don't break tool execution
+    process.exit(0);
+  }
+}
+
+main();

package/templates/base/.claude/scripts/validate-skill-rules.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
-# Validates skill-rules.json structure and activation system
-# Runs on SessionStart to ensure the skill-rules activation works
+# Validates skill-rules.json structure and hook system
+# Runs on SessionStart to ensure the skill activation works
 
 set -e
 
@@ -13,21 +13,24 @@ RULES_FILE="$CLAUDE_DIR/skills/skill-rules.json"
 
 # Collect messages
 MESSAGES=""
+ERRORS=0
 
 # Install dependencies if needed (silent)
 if [ -f "$HOOKS_DIR/package.json" ] && [ ! -d "$HOOKS_DIR/node_modules" ]; then
   cd "$HOOKS_DIR" && npm install --silent >/dev/null 2>&1
 fi
 
-# Make hook executable
-if [ -f "$HOOKS_DIR/skill-activation-prompt.sh" ]; then
-  chmod +x "$HOOKS_DIR/skill-activation-prompt.sh" 2>/dev/null || true
-fi
+# Make hooks executable
+for hook in "$HOOKS_DIR"/*.sh; do
+  if [ -f "$hook" ]; then
+    chmod +x "$hook" 2>/dev/null || true
+  fi
+done
 
 # Validate skill-rules.json exists
 if [ ! -f "$RULES_FILE" ]; then
   MESSAGES+="❌ skill-rules.json not found\n"
-  MESSAGES+="   Skill activation will not work properly.\n"
+  ERRORS=$((ERRORS + 1))
 
   jq -n --arg msg "$(echo -e "$MESSAGES")" '{
     hookSpecificOutput: {
@@ -38,12 +41,12 @@ if [ ! -f "$RULES_FILE" ]; then
   exit 1
 fi
 
-# Validate skill-rules.json is valid JSON
+# Validate skill-rules.json is valid JSON and check version
 if ! command -v jq >/dev/null 2>&1; then
-  # jq not available, skip JSON validation
   MESSAGES+="⚠️  jq not found, skipping JSON validation\n"
 elif ! jq empty "$RULES_FILE" 2>/dev/null; then
   MESSAGES+="❌ skill-rules.json is not valid JSON\n"
+  ERRORS=$((ERRORS + 1))
 
   jq -n --arg msg "$(echo -e "$MESSAGES")" '{
     hookSpecificOutput: {
@@ -52,39 +55,59 @@ elif ! jq empty "$RULES_FILE" 2>/dev/null; then
     }
   }'
   exit 1
+else
+  # Check version
+  VERSION=$(jq -r '.version // "unknown"' "$RULES_FILE")
+  SKILL_COUNT=$(jq '.skills | length' "$RULES_FILE")
+  TOOLGUARDS_COUNT=$(jq '[.skills[] | select(.toolGuards != null)] | length' "$RULES_FILE")
 fi
 
-# Quick test: Run hook with mock data
-TEST_INPUT='{"session_id":"test","transcript_path":"/tmp","cwd":".","permission_mode":"auto","prompt":"test fastapi endpoint"}'
+# Test skill-activation-prompt hook
+TEST_PROMPT='{"session_id":"test","transcript_path":"/tmp","cwd":".","permission_mode":"auto","prompt":"analyze architecture of codebase"}'
 if [ -x "$HOOKS_DIR/skill-activation-prompt.sh" ]; then
-  if echo "$TEST_INPUT" | "$HOOKS_DIR/skill-activation-prompt.sh" >/dev/null 2>&1; then
-    MESSAGES+="✅ Skill-rules system validated"
+  if echo "$TEST_PROMPT" | "$HOOKS_DIR/skill-activation-prompt.sh" >/dev/null 2>&1; then
+    MESSAGES+="✅ skill-activation-prompt hook OK\n"
   else
-    MESSAGES+="⚠️  Skill activation hook test failed\n"
-    MESSAGES+="   Check that dependencies are installed in $HOOKS_DIR\n"
-
-    jq -n --arg msg "$(echo -e "$MESSAGES")" '{
-      hookSpecificOutput: {
-        hookEventName: "SessionStart",
-        additionalContext: $msg
-      }
-    }'
-    exit 1
+    MESSAGES+="⚠️  skill-activation-prompt test failed\n"
+    ERRORS=$((ERRORS + 1))
   fi
 else
-  MESSAGES+="⚠️  skill-activation-prompt.sh not found or not executable\n"
+  MESSAGES+="❌ skill-activation-prompt.sh not found or not executable\n"
+  ERRORS=$((ERRORS + 1))
+fi
 
-  jq -n --arg msg "$(echo -e "$MESSAGES")" '{
-    hookSpecificOutput: {
-      hookEventName: "SessionStart",
-      additionalContext: $msg
-    }
-  }'
-  exit 1
+# Test skill-tool-guard hook
+TEST_TOOL='{"session_id":"test","tool_name":"Bash","tool_input":{"command":"git push origin main"}}'
+if [ -x "$HOOKS_DIR/skill-tool-guard.sh" ]; then
+  if echo "$TEST_TOOL" | "$HOOKS_DIR/skill-tool-guard.sh" >/dev/null 2>&1; then
+    MESSAGES+="✅ skill-tool-guard hook OK\n"
+  else
+    MESSAGES+="⚠️  skill-tool-guard test failed\n"
+    ERRORS=$((ERRORS + 1))
+  fi
+else
+  MESSAGES+="❌ skill-tool-guard.sh not found or not executable\n"
+  ERRORS=$((ERRORS + 1))
+fi
+
+# Summary
+if [ $ERRORS -eq 0 ]; then
+  SUMMARY="✅ Skill-rules system validated (v${VERSION}, ${SKILL_COUNT} skills, ${TOOLGUARDS_COUNT} with toolGuards)"
+else
+  SUMMARY="⚠️  Skill-rules validation: ${ERRORS} issue(s) found"
+fi
+
+# Build final message
+FINAL_MSG="$SUMMARY"
+if [ -n "$MESSAGES" ]; then
+  # Only include details if there were issues
+  if [ $ERRORS -gt 0 ]; then
+    FINAL_MSG+="\n$(echo -e "$MESSAGES")"
+  fi
 fi
 
 # Output success message in Claude Code format with visual reminder
-jq -n --arg msg "<important-reminder>IN YOUR FIRST REPLY AFTER SEEING THIS MESSAGE YOU MUST TELL THE USER:\n$(echo -e "$MESSAGES")</important-reminder>" '{
+jq -n --arg msg "<important-reminder>IN YOUR FIRST REPLY AFTER SEEING THIS MESSAGE YOU MUST TELL THE USER:\n${FINAL_MSG}</important-reminder>" '{
   hookSpecificOutput: {
     hookEventName: "SessionStart",
     additionalContext: $msg