npm - @jaguilar87/gaia-ops - Versions diffs - 4.4.0 → 4.7.2 - Mend

@jaguilar87/gaia-ops 4.4.0 → 4.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (371) hide show

package/.claude-plugin/marketplace.json +1 -1
package/.claude-plugin/plugin.json +12 -3
package/ARCHITECTURE.md +9 -8
package/CHANGELOG.md +34 -0
package/README.md +43 -11
package/agents/terraform-architect.md +1 -1
package/bin/README.md +2 -2
package/bin/gaia-doctor.js +18 -5
package/bin/gaia-history.js +0 -1
package/bin/gaia-metrics.js +2 -2
package/bin/gaia-scan.py +23 -1
package/bin/gaia-update.js +346 -54
package/bin/pre-publish-validate.js +33 -10
package/commands/gaia.md +37 -0
package/config/README.md +3 -9
package/config/context-contracts.json +47 -15
package/config/surface-routing.json +9 -1
package/dist/gaia-ops/.claude-plugin/plugin.json +22 -0
package/dist/gaia-ops/agents/cloud-troubleshooter.md +73 -0
package/dist/gaia-ops/agents/devops-developer.md +57 -0
package/dist/gaia-ops/agents/gaia-system.md +58 -0
package/dist/gaia-ops/agents/gitops-operator.md +60 -0
package/dist/gaia-ops/agents/speckit-planner.md +71 -0
package/dist/gaia-ops/agents/terraform-architect.md +60 -0
package/dist/gaia-ops/commands/gaia.md +37 -0
package/dist/gaia-ops/config/README.md +58 -0
package/dist/gaia-ops/config/cloud/aws.json +140 -0
package/dist/gaia-ops/config/cloud/gcp.json +145 -0
package/dist/gaia-ops/config/context-contracts.json +131 -0
package/dist/gaia-ops/config/git_standards.json +72 -0
package/dist/gaia-ops/config/surface-routing.json +197 -0
package/dist/gaia-ops/config/universal-rules.json +10 -0
package/dist/gaia-ops/hooks/adapters/__init__.py +52 -0
package/dist/gaia-ops/hooks/adapters/base.py +219 -0
package/dist/gaia-ops/hooks/adapters/channel.py +17 -0
package/dist/gaia-ops/hooks/adapters/claude_code.py +1477 -0
package/dist/gaia-ops/hooks/adapters/types.py +194 -0
package/dist/gaia-ops/hooks/adapters/utils.py +25 -0
package/dist/gaia-ops/hooks/hooks.json +126 -0
package/dist/gaia-ops/hooks/modules/__init__.py +15 -0
package/dist/gaia-ops/hooks/modules/agents/__init__.py +29 -0
package/dist/gaia-ops/hooks/modules/agents/contract_validator.py +647 -0
package/dist/gaia-ops/hooks/modules/agents/response_contract.py +496 -0
package/dist/gaia-ops/hooks/modules/agents/skill_injection_verifier.py +124 -0
package/dist/gaia-ops/hooks/modules/agents/task_info_builder.py +74 -0
package/dist/gaia-ops/hooks/modules/agents/transcript_analyzer.py +458 -0
package/dist/gaia-ops/hooks/modules/agents/transcript_reader.py +152 -0
package/dist/gaia-ops/hooks/modules/audit/__init__.py +28 -0
package/dist/gaia-ops/hooks/modules/audit/event_detector.py +168 -0
package/dist/gaia-ops/hooks/modules/audit/logger.py +131 -0
package/dist/gaia-ops/hooks/modules/audit/metrics.py +134 -0
package/dist/gaia-ops/hooks/modules/audit/workflow_auditor.py +576 -0
package/dist/gaia-ops/hooks/modules/audit/workflow_recorder.py +296 -0
package/dist/gaia-ops/hooks/modules/context/__init__.py +11 -0
package/dist/gaia-ops/hooks/modules/context/anchor_tracker.py +317 -0
package/dist/gaia-ops/hooks/modules/context/compact_context_builder.py +215 -0
package/dist/gaia-ops/hooks/modules/context/context_cache.py +129 -0
package/dist/gaia-ops/hooks/modules/context/context_freshness.py +145 -0
package/dist/gaia-ops/hooks/modules/context/context_injector.py +427 -0
package/dist/gaia-ops/hooks/modules/context/context_writer.py +518 -0
package/dist/gaia-ops/hooks/modules/context/contracts_loader.py +161 -0
package/dist/gaia-ops/hooks/modules/core/__init__.py +40 -0
package/dist/gaia-ops/hooks/modules/core/hook_entry.py +78 -0
package/dist/gaia-ops/hooks/modules/core/paths.py +160 -0
package/dist/gaia-ops/hooks/modules/core/plugin_mode.py +149 -0
package/dist/gaia-ops/hooks/modules/core/plugin_setup.py +558 -0
package/dist/gaia-ops/hooks/modules/core/state.py +179 -0
package/dist/gaia-ops/hooks/modules/core/stdin.py +24 -0
package/dist/gaia-ops/hooks/modules/events/__init__.py +1 -0
package/dist/gaia-ops/hooks/modules/events/event_writer.py +210 -0
package/dist/gaia-ops/hooks/modules/identity/__init__.py +0 -0
package/dist/gaia-ops/hooks/modules/identity/identity_provider.py +21 -0
package/dist/gaia-ops/hooks/modules/identity/ops_identity.py +34 -0
package/dist/gaia-ops/hooks/modules/identity/security_identity.py +10 -0
package/dist/gaia-ops/hooks/modules/memory/__init__.py +8 -0
package/dist/gaia-ops/hooks/modules/memory/episode_writer.py +227 -0
package/dist/gaia-ops/hooks/modules/orchestrator/__init__.py +1 -0
package/dist/gaia-ops/hooks/modules/orchestrator/delegate_mode.py +128 -0
package/dist/gaia-ops/hooks/modules/scanning/__init__.py +8 -0
package/dist/gaia-ops/hooks/modules/scanning/scan_trigger.py +84 -0
package/dist/gaia-ops/hooks/modules/security/__init__.py +89 -0
package/dist/gaia-ops/hooks/modules/security/approval_cleanup.py +87 -0
package/dist/gaia-ops/hooks/modules/security/approval_constants.py +23 -0
package/dist/gaia-ops/hooks/modules/security/approval_grants.py +912 -0
package/dist/gaia-ops/hooks/modules/security/approval_messages.py +71 -0
package/dist/gaia-ops/hooks/modules/security/approval_scopes.py +153 -0
package/dist/gaia-ops/hooks/modules/security/blocked_commands.py +584 -0
package/dist/gaia-ops/hooks/modules/security/blocked_message_formatter.py +86 -0
package/dist/gaia-ops/hooks/modules/security/command_semantics.py +130 -0
package/dist/gaia-ops/hooks/modules/security/gitops_validator.py +179 -0
package/dist/gaia-ops/hooks/modules/security/mutative_verbs.py +850 -0
package/dist/gaia-ops/hooks/modules/security/prompt_validator.py +40 -0
package/dist/gaia-ops/hooks/modules/security/tiers.py +196 -0
package/dist/gaia-ops/hooks/modules/session/__init__.py +10 -0
package/dist/gaia-ops/hooks/modules/session/session_context_writer.py +100 -0
package/dist/gaia-ops/hooks/modules/session/session_event_injector.py +158 -0
package/dist/gaia-ops/hooks/modules/session/session_manager.py +31 -0
package/dist/gaia-ops/hooks/modules/tools/__init__.py +25 -0
package/dist/gaia-ops/hooks/modules/tools/bash_validator.py +708 -0
package/dist/gaia-ops/hooks/modules/tools/cloud_pipe_validator.py +181 -0
package/dist/gaia-ops/hooks/modules/tools/hook_response.py +55 -0
package/dist/gaia-ops/hooks/modules/tools/shell_parser.py +227 -0
package/dist/gaia-ops/hooks/modules/tools/task_validator.py +283 -0
package/dist/gaia-ops/hooks/modules/validation/__init__.py +23 -0
package/dist/gaia-ops/hooks/modules/validation/commit_validator.py +380 -0
package/dist/gaia-ops/hooks/post_compact.py +43 -0
package/dist/gaia-ops/hooks/post_tool_use.py +54 -0
package/dist/gaia-ops/hooks/pre_tool_use.py +383 -0
package/dist/gaia-ops/hooks/session_start.py +69 -0
package/dist/gaia-ops/hooks/stop_hook.py +69 -0
package/dist/gaia-ops/hooks/subagent_start.py +71 -0
package/dist/gaia-ops/hooks/subagent_stop.py +288 -0
package/dist/gaia-ops/hooks/task_completed.py +70 -0
package/dist/gaia-ops/hooks/user_prompt_submit.py +177 -0
package/dist/gaia-ops/settings.json +72 -0
package/dist/gaia-ops/skills/README.md +109 -0
package/dist/gaia-ops/skills/agent-protocol/SKILL.md +105 -0
package/dist/gaia-ops/skills/agent-protocol/examples.md +170 -0
package/dist/gaia-ops/skills/agent-response/SKILL.md +53 -0
package/dist/gaia-ops/skills/approval/SKILL.md +85 -0
package/dist/gaia-ops/skills/approval/examples.md +140 -0
package/dist/gaia-ops/skills/approval/reference.md +57 -0
package/dist/gaia-ops/skills/command-execution/SKILL.md +64 -0
package/dist/gaia-ops/skills/command-execution/reference.md +83 -0
package/dist/gaia-ops/skills/context-updater/SKILL.md +76 -0
package/dist/gaia-ops/skills/context-updater/examples.md +71 -0
package/dist/gaia-ops/skills/developer-patterns/SKILL.md +93 -0
package/dist/gaia-ops/skills/developer-patterns/reference.md +112 -0
package/dist/gaia-ops/skills/execution/SKILL.md +66 -0
package/dist/gaia-ops/skills/fast-queries/SKILL.md +47 -0
package/dist/gaia-ops/skills/gaia-patterns/SKILL.md +92 -0
package/dist/gaia-ops/skills/gaia-patterns/reference.md +22 -0
package/dist/gaia-ops/skills/git-conventions/SKILL.md +48 -0
package/dist/gaia-ops/skills/gitops-patterns/SKILL.md +73 -0
package/dist/gaia-ops/skills/gitops-patterns/reference.md +183 -0
package/dist/gaia-ops/skills/investigation/SKILL.md +77 -0
package/dist/gaia-ops/skills/orchestrator-approval/SKILL.md +64 -0
package/dist/gaia-ops/skills/reference.md +134 -0
package/dist/gaia-ops/skills/security-tiers/SKILL.md +61 -0
package/dist/gaia-ops/skills/security-tiers/destructive-commands-reference.md +623 -0
package/dist/gaia-ops/skills/security-tiers/reference.md +39 -0
package/dist/gaia-ops/skills/skill-creation/SKILL.md +119 -0
package/dist/gaia-ops/skills/specification/SKILL.md +186 -0
package/dist/gaia-ops/skills/speckit-workflow/SKILL.md +165 -0
package/dist/gaia-ops/skills/speckit-workflow/reference.md +117 -0
package/dist/gaia-ops/skills/terraform-patterns/SKILL.md +63 -0
package/dist/gaia-ops/skills/terraform-patterns/reference.md +93 -0
package/dist/gaia-ops/speckit/README.md +516 -0
package/dist/gaia-ops/speckit/scripts/.gitkeep +0 -0
package/dist/gaia-ops/speckit/templates/adr-template.md +118 -0
package/dist/gaia-ops/speckit/templates/agent-file-template.md +23 -0
package/dist/gaia-ops/speckit/templates/plan-template.md +227 -0
package/dist/gaia-ops/speckit/templates/spec-template.md +140 -0
package/dist/gaia-ops/speckit/templates/tasks-template.md +257 -0
package/dist/gaia-ops/tools/context/README.md +132 -0
package/dist/gaia-ops/tools/context/__init__.py +42 -0
package/dist/gaia-ops/tools/context/_paths.py +20 -0
package/dist/gaia-ops/tools/context/context_provider.py +476 -0
package/dist/gaia-ops/tools/context/context_section_reader.py +330 -0
package/dist/gaia-ops/tools/context/deep_merge.py +159 -0
package/dist/gaia-ops/tools/context/pending_updates.py +760 -0
package/dist/gaia-ops/tools/context/surface_router.py +278 -0
package/dist/gaia-ops/tools/fast-queries/README.md +65 -0
package/dist/gaia-ops/tools/fast-queries/__init__.py +30 -0
package/dist/gaia-ops/tools/fast-queries/appservices/quicktriage_devops_developer.sh +75 -0
package/dist/gaia-ops/tools/fast-queries/cloud/aws/quicktriage_aws_troubleshooter.sh +32 -0
package/dist/gaia-ops/tools/fast-queries/cloud/gcp/quicktriage_gcp_troubleshooter.sh +88 -0
package/dist/gaia-ops/tools/fast-queries/gitops/quicktriage_gitops_operator.sh +48 -0
package/dist/gaia-ops/tools/fast-queries/run_triage.sh +59 -0
package/dist/gaia-ops/tools/fast-queries/terraform/quicktriage_terraform_architect.sh +80 -0
package/dist/gaia-ops/tools/gaia_simulator/__init__.py +33 -0
package/dist/gaia-ops/tools/gaia_simulator/cli.py +354 -0
package/dist/gaia-ops/tools/gaia_simulator/extractor.py +457 -0
package/dist/gaia-ops/tools/gaia_simulator/reporter.py +258 -0
package/dist/gaia-ops/tools/gaia_simulator/routing_simulator.py +334 -0
package/dist/gaia-ops/tools/gaia_simulator/runner.py +539 -0
package/dist/gaia-ops/tools/gaia_simulator/skills_mapper.py +262 -0
package/dist/gaia-ops/tools/memory/README.md +0 -0
package/dist/gaia-ops/tools/memory/__init__.py +20 -0
package/dist/gaia-ops/tools/memory/episodic.py +1196 -0
package/dist/gaia-ops/tools/persist_transcript_analysis.py +85 -0
package/dist/gaia-ops/tools/review/__init__.py +1 -0
package/dist/gaia-ops/tools/review/review_engine.py +157 -0
package/dist/gaia-ops/tools/scan/__init__.py +35 -0
package/dist/gaia-ops/tools/scan/config.py +247 -0
package/dist/gaia-ops/tools/scan/merge.py +212 -0
package/dist/gaia-ops/tools/scan/orchestrator.py +549 -0
package/dist/gaia-ops/tools/scan/registry.py +127 -0
package/dist/gaia-ops/tools/scan/scanners/__init__.py +18 -0
package/dist/gaia-ops/tools/scan/scanners/base.py +137 -0
package/dist/gaia-ops/tools/scan/scanners/environment.py +324 -0
package/dist/gaia-ops/tools/scan/scanners/git.py +570 -0
package/dist/gaia-ops/tools/scan/scanners/infrastructure.py +875 -0
package/dist/gaia-ops/tools/scan/scanners/orchestration.py +600 -0
package/dist/gaia-ops/tools/scan/scanners/stack.py +1085 -0
package/dist/gaia-ops/tools/scan/scanners/tools.py +260 -0
package/dist/gaia-ops/tools/scan/setup.py +753 -0
package/dist/gaia-ops/tools/scan/tests/__init__.py +1 -0
package/dist/gaia-ops/tools/scan/tests/conftest.py +796 -0
package/dist/gaia-ops/tools/scan/tests/test_environment.py +323 -0
package/dist/gaia-ops/tools/scan/tests/test_git.py +419 -0
package/dist/gaia-ops/tools/scan/tests/test_infrastructure.py +382 -0
package/dist/gaia-ops/tools/scan/tests/test_integration.py +920 -0
package/dist/gaia-ops/tools/scan/tests/test_merge.py +269 -0
package/dist/gaia-ops/tools/scan/tests/test_orchestration.py +304 -0
package/dist/gaia-ops/tools/scan/tests/test_stack.py +604 -0
package/dist/gaia-ops/tools/scan/tests/test_tools.py +349 -0
package/dist/gaia-ops/tools/scan/ui.py +624 -0
package/dist/gaia-ops/tools/scan/verify.py +266 -0
package/dist/gaia-ops/tools/scan/walk.py +118 -0
package/dist/gaia-ops/tools/scan/workspace.py +85 -0
package/dist/gaia-ops/tools/validation/README.md +244 -0
package/dist/gaia-ops/tools/validation/__init__.py +17 -0
package/dist/gaia-ops/tools/validation/approval_gate.py +321 -0
package/dist/gaia-ops/tools/validation/validate_skills.py +189 -0
package/dist/gaia-security/.claude-plugin/plugin.json +22 -0
package/dist/gaia-security/config/universal-rules.json +10 -0
package/dist/gaia-security/hooks/adapters/__init__.py +52 -0
package/dist/gaia-security/hooks/adapters/base.py +219 -0
package/dist/gaia-security/hooks/adapters/channel.py +17 -0
package/dist/gaia-security/hooks/adapters/claude_code.py +1477 -0
package/dist/gaia-security/hooks/adapters/types.py +194 -0
package/dist/gaia-security/hooks/adapters/utils.py +25 -0
package/dist/gaia-security/hooks/hooks.json +57 -0
package/dist/gaia-security/hooks/modules/__init__.py +15 -0
package/dist/gaia-security/hooks/modules/agents/__init__.py +29 -0
package/dist/gaia-security/hooks/modules/agents/contract_validator.py +647 -0
package/dist/gaia-security/hooks/modules/agents/response_contract.py +496 -0
package/dist/gaia-security/hooks/modules/agents/skill_injection_verifier.py +124 -0
package/dist/gaia-security/hooks/modules/agents/task_info_builder.py +74 -0
package/dist/gaia-security/hooks/modules/agents/transcript_analyzer.py +458 -0
package/dist/gaia-security/hooks/modules/agents/transcript_reader.py +152 -0
package/dist/gaia-security/hooks/modules/audit/__init__.py +28 -0
package/dist/gaia-security/hooks/modules/audit/event_detector.py +168 -0
package/dist/gaia-security/hooks/modules/audit/logger.py +131 -0
package/dist/gaia-security/hooks/modules/audit/metrics.py +134 -0
package/dist/gaia-security/hooks/modules/audit/workflow_auditor.py +576 -0
package/dist/gaia-security/hooks/modules/audit/workflow_recorder.py +296 -0
package/dist/gaia-security/hooks/modules/context/__init__.py +11 -0
package/dist/gaia-security/hooks/modules/context/anchor_tracker.py +317 -0
package/dist/gaia-security/hooks/modules/context/compact_context_builder.py +215 -0
package/dist/gaia-security/hooks/modules/context/context_cache.py +129 -0
package/dist/gaia-security/hooks/modules/context/context_freshness.py +145 -0
package/dist/gaia-security/hooks/modules/context/context_injector.py +427 -0
package/dist/gaia-security/hooks/modules/context/context_writer.py +518 -0
package/dist/gaia-security/hooks/modules/context/contracts_loader.py +161 -0
package/dist/gaia-security/hooks/modules/core/__init__.py +40 -0
package/dist/gaia-security/hooks/modules/core/hook_entry.py +78 -0
package/dist/gaia-security/hooks/modules/core/paths.py +160 -0
package/dist/gaia-security/hooks/modules/core/plugin_mode.py +149 -0
package/dist/gaia-security/hooks/modules/core/plugin_setup.py +558 -0
package/dist/gaia-security/hooks/modules/core/state.py +179 -0
package/dist/gaia-security/hooks/modules/core/stdin.py +24 -0
package/dist/gaia-security/hooks/modules/events/__init__.py +1 -0
package/dist/gaia-security/hooks/modules/events/event_writer.py +210 -0
package/dist/gaia-security/hooks/modules/identity/__init__.py +0 -0
package/dist/gaia-security/hooks/modules/identity/identity_provider.py +21 -0
package/dist/gaia-security/hooks/modules/identity/ops_identity.py +34 -0
package/dist/gaia-security/hooks/modules/identity/security_identity.py +10 -0
package/dist/gaia-security/hooks/modules/memory/__init__.py +8 -0
package/dist/gaia-security/hooks/modules/memory/episode_writer.py +227 -0
package/dist/gaia-security/hooks/modules/orchestrator/__init__.py +1 -0
package/dist/gaia-security/hooks/modules/orchestrator/delegate_mode.py +128 -0
package/dist/gaia-security/hooks/modules/scanning/__init__.py +8 -0
package/dist/gaia-security/hooks/modules/scanning/scan_trigger.py +84 -0
package/dist/gaia-security/hooks/modules/security/__init__.py +89 -0
package/dist/gaia-security/hooks/modules/security/approval_cleanup.py +87 -0
package/dist/gaia-security/hooks/modules/security/approval_constants.py +23 -0
package/dist/gaia-security/hooks/modules/security/approval_grants.py +912 -0
package/dist/gaia-security/hooks/modules/security/approval_messages.py +71 -0
package/dist/gaia-security/hooks/modules/security/approval_scopes.py +153 -0
package/dist/gaia-security/hooks/modules/security/blocked_commands.py +584 -0
package/dist/gaia-security/hooks/modules/security/blocked_message_formatter.py +86 -0
package/dist/gaia-security/hooks/modules/security/command_semantics.py +130 -0
package/dist/gaia-security/hooks/modules/security/gitops_validator.py +179 -0
package/dist/gaia-security/hooks/modules/security/mutative_verbs.py +850 -0
package/dist/gaia-security/hooks/modules/security/prompt_validator.py +40 -0
package/dist/gaia-security/hooks/modules/security/tiers.py +196 -0
package/dist/gaia-security/hooks/modules/session/__init__.py +10 -0
package/dist/gaia-security/hooks/modules/session/session_context_writer.py +100 -0
package/dist/gaia-security/hooks/modules/session/session_event_injector.py +158 -0
package/dist/gaia-security/hooks/modules/session/session_manager.py +31 -0
package/dist/gaia-security/hooks/modules/tools/__init__.py +25 -0
package/dist/gaia-security/hooks/modules/tools/bash_validator.py +708 -0
package/dist/gaia-security/hooks/modules/tools/cloud_pipe_validator.py +181 -0
package/dist/gaia-security/hooks/modules/tools/hook_response.py +55 -0
package/dist/gaia-security/hooks/modules/tools/shell_parser.py +227 -0
package/dist/gaia-security/hooks/modules/tools/task_validator.py +283 -0
package/dist/gaia-security/hooks/modules/validation/__init__.py +23 -0
package/dist/gaia-security/hooks/modules/validation/commit_validator.py +380 -0
package/dist/gaia-security/hooks/post_tool_use.py +54 -0
package/dist/gaia-security/hooks/pre_tool_use.py +383 -0
package/dist/gaia-security/hooks/session_start.py +69 -0
package/dist/gaia-security/hooks/stop_hook.py +69 -0
package/dist/gaia-security/hooks/user_prompt_submit.py +177 -0
package/dist/gaia-security/settings.json +58 -0
package/git-hooks/commit-msg +41 -0
package/hooks/README.md +8 -6
package/hooks/adapters/channel.py +0 -25
package/hooks/adapters/claude_code.py +364 -125
package/hooks/elicitation_result.py +132 -0
package/hooks/hooks.json +10 -1
package/hooks/modules/README.md +3 -2
package/hooks/modules/agents/contract_validator.py +3 -51
package/hooks/modules/agents/response_contract.py +4 -8
package/hooks/modules/agents/transcript_reader.py +4 -5
package/hooks/modules/audit/__init__.py +4 -6
package/hooks/modules/audit/event_detector.py +0 -2
package/hooks/modules/audit/metrics.py +108 -187
package/hooks/modules/audit/workflow_auditor.py +0 -4
package/hooks/modules/audit/workflow_recorder.py +0 -5
package/hooks/modules/context/compact_context_builder.py +1 -0
package/hooks/modules/context/context_cache.py +129 -0
package/hooks/modules/context/context_injector.py +18 -40
package/hooks/modules/context/context_writer.py +1 -25
package/hooks/modules/context/contracts_loader.py +7 -10
package/hooks/modules/core/hook_entry.py +1 -0
package/hooks/modules/core/paths.py +12 -13
package/hooks/modules/core/plugin_mode.py +74 -4
package/hooks/modules/core/plugin_setup.py +395 -23
package/hooks/modules/events/__init__.py +1 -0
package/hooks/modules/events/event_writer.py +210 -0
package/hooks/modules/identity/ops_identity.py +18 -27
package/hooks/modules/memory/episode_writer.py +1 -6
package/hooks/modules/orchestrator/__init__.py +1 -0
package/hooks/modules/orchestrator/delegate_mode.py +128 -0
package/hooks/modules/security/__init__.py +2 -4
package/hooks/modules/security/approval_constants.py +5 -1
package/hooks/modules/security/approval_grants.py +189 -6
package/hooks/modules/security/approval_messages.py +9 -21
package/hooks/modules/security/blocked_commands.py +98 -34
package/hooks/modules/security/command_semantics.py +0 -4
package/hooks/modules/security/gitops_validator.py +1 -11
package/hooks/modules/security/mutative_verbs.py +179 -38
package/hooks/modules/security/tiers.py +1 -19
package/hooks/modules/session/session_event_injector.py +1 -25
package/hooks/modules/tools/bash_validator.py +310 -94
package/hooks/modules/tools/shell_parser.py +0 -1
package/hooks/modules/tools/task_validator.py +9 -29
package/hooks/post_tool_use.py +0 -72
package/hooks/pre_tool_use.py +42 -102
package/hooks/session_start.py +4 -2
package/hooks/subagent_start.py +6 -2
package/hooks/subagent_stop.py +1 -13
package/hooks/user_prompt_submit.py +119 -37
package/index.js +1 -1
package/package.json +5 -3
package/skills/README.md +3 -5
package/skills/agent-protocol/SKILL.md +17 -16
package/skills/agent-protocol/examples.md +6 -6
package/skills/agent-response/SKILL.md +11 -14
package/skills/approval/SKILL.md +28 -13
package/skills/approval/reference.md +2 -2
package/skills/execution/SKILL.md +1 -1
package/skills/gaia-patterns/SKILL.md +2 -3
package/skills/orchestrator-approval/SKILL.md +22 -50
package/skills/security-tiers/SKILL.md +1 -1
package/templates/README.md +9 -9
package/templates/managed-settings.template.json +43 -0
package/tools/gaia_simulator/runner.py +34 -1
package/tools/scan/orchestrator.py +13 -0
package/tools/scan/scanners/base.py +8 -0
package/tools/scan/scanners/git.py +78 -0
package/tools/scan/scanners/infrastructure.py +65 -0
package/tools/scan/scanners/stack.py +110 -0
package/tools/scan/setup.py +120 -13
package/tools/scan/workspace.py +85 -0
package/config/context-contracts.aws.json +0 -42
package/config/context-contracts.gcp.json +0 -39
package/skills/project-dispatch/SKILL.md +0 -34
package/templates/settings.template.json +0 -226

package/dist/gaia-ops/hooks/adapters/__init__.py ADDED Viewed

@@ -0,0 +1,52 @@
+"""
+Adapter Layer for Gaia-Ops Hooks.
+Provides CLI-agnostic normalized types and the abstract HookAdapter interface.
+Business logic modules consume and produce these types; concrete adapters
+translate between these types and CLI-specific JSON protocols.
+Modules:
+- types: Frozen dataclasses and enums for all hook event/response data
+- base: Abstract HookAdapter interface
+"""
+from .types import (
+    HookEventType,
+    PermissionDecision,
+    DistributionChannel,
+    HookEvent,
+    ValidationRequest,
+    ValidationResult,
+    ToolResult,
+    AgentCompletion,
+    CompletionResult,
+    ContextResult,
+    BootstrapResult,
+    QualityResult,
+    VerificationResult,
+    HookResponse,
+)
+from .base import HookAdapter
+from .claude_code import ClaudeCodeAdapter
+from .utils import has_stdin_data, warn_if_dual_channel
+__all__ = [
+    "HookEventType",
+    "PermissionDecision",
+    "DistributionChannel",
+    "HookEvent",
+    "ValidationRequest",
+    "ValidationResult",
+    "ToolResult",
+    "AgentCompletion",
+    "CompletionResult",
+    "ContextResult",
+    "BootstrapResult",
+    "QualityResult",
+    "VerificationResult",
+    "HookResponse",
+    "HookAdapter",
+    "ClaudeCodeAdapter",
+    "has_stdin_data",
+    "warn_if_dual_channel",
+]

package/dist/gaia-ops/hooks/adapters/base.py ADDED Viewed

@@ -0,0 +1,219 @@
+"""
+Abstract base class defining the adapter contract.
+Each CLI backend (Claude Code, future CLIs) provides a concrete implementation
+of HookAdapter. Business logic modules interact only with the normalized types;
+they never see raw CLI JSON.
+"""
+from __future__ import annotations
+from abc import ABC, abstractmethod
+from .types import (
+    AgentCompletion,
+    BootstrapResult,
+    CompletionResult,
+    ContextResult,
+    DistributionChannel,
+    HookEvent,
+    HookResponse,
+    QualityResult,
+    ValidationResult,
+    VerificationResult,
+)
+class HookAdapter(ABC):
+    """Abstract adapter between CLI-specific JSON and normalized types.
+    Invariants (from adapter-interface contract):
+    1. Business logic modules NEVER see HookResponse.
+    2. The adapter NEVER modifies business logic results -- only translates format.
+    3. Adding a new hook event requires ONLY a new adapter method.
+    """
+    @abstractmethod
+    def parse_event(self, stdin_data: str) -> HookEvent:
+        """Parse raw stdin JSON into a normalized HookEvent.
+        Preconditions:
+            - stdin_data is a valid JSON string
+            - JSON contains at minimum: hook_event_name, session_id
+        Postconditions:
+            - Returns HookEvent with event_type set to a valid HookEventType
+            - Returns HookEvent with session_id populated
+            - payload contains the full raw event data
+        Raises:
+            ValueError: If JSON is invalid or event type is unknown.
+        """
+        ...
+    @abstractmethod
+    def format_validation_response(self, result: ValidationResult) -> HookResponse:
+        """Format a ValidationResult for CLI consumption.
+        Preconditions:
+            - result.allowed is a valid boolean
+            - result.reason is a non-empty string
+        Postconditions:
+            - HookResponse.output is a valid JSON-serializable dict
+            - HookResponse.exit_code is 0 (corrective deny) or 2 (permanent block)
+            - If result.allowed is True, output contains permissionDecision: allow
+            - If result.allowed is False, output contains permissionDecision: deny
+            - If result.modified_input is set, output contains updatedInput
+        """
+        ...
+    @abstractmethod
+    def format_completion_response(self, result: CompletionResult) -> HookResponse:
+        """Format a CompletionResult for CLI consumption.
+        Postconditions:
+            - HookResponse.output contains contract_valid, anomalies_detected
+            - HookResponse.exit_code is always 0
+        """
+        ...
+    @abstractmethod
+    def format_context_response(self, result: ContextResult) -> HookResponse:
+        """Format a ContextResult for CLI consumption."""
+        ...
+    @abstractmethod
+    def format_bootstrap_response(self, result: BootstrapResult) -> HookResponse:
+        """Format a BootstrapResult for CLI consumption.
+        Returns session bootstrap status for SessionStart events.
+        """
+        ...
+    @abstractmethod
+    def adapt_session_start(self, raw: dict) -> BootstrapResult:
+        """Parse SessionStart event and return bootstrap actions.
+        Preconditions:
+            - raw is the HookEvent.payload dict for a SessionStart event
+        Postconditions:
+            - Returns BootstrapResult with should_scan and should_refresh set
+              based on session_type
+        """
+        ...
+    # ------------------------------------------------------------------ #
+    # P2 event adapters
+    # ------------------------------------------------------------------ #
+    @abstractmethod
+    def adapt_stop(self, raw: dict) -> QualityResult:
+        """Parse Stop event and assess response quality.
+        Preconditions:
+            - raw is the HookEvent.payload dict for a Stop event
+        Postconditions:
+            - Returns QualityResult with quality assessment
+        """
+        ...
+    @abstractmethod
+    def adapt_task_completed(self, raw: dict) -> VerificationResult:
+        """Parse TaskCompleted event and verify completion criteria.
+        Preconditions:
+            - raw is the HookEvent.payload dict for a TaskCompleted event
+        Postconditions:
+            - Returns VerificationResult with criteria assessment
+        """
+        ...
+    @abstractmethod
+    def adapt_subagent_start(self, raw: dict) -> ContextResult:
+        """Parse SubagentStart event and prepare agent context.
+        Preconditions:
+            - raw is the HookEvent.payload dict for a SubagentStart event
+        Postconditions:
+            - Returns ContextResult with agent-specific context
+        """
+        ...
+    # ------------------------------------------------------------------ #
+    # P2 formatters
+    # ------------------------------------------------------------------ #
+    @abstractmethod
+    def format_quality_response(self, result: QualityResult) -> HookResponse:
+        """Format a QualityResult for CLI consumption."""
+        ...
+    @abstractmethod
+    def format_verification_response(self, result: VerificationResult) -> HookResponse:
+        """Format a VerificationResult for CLI consumption."""
+        ...
+    @abstractmethod
+    def detect_channel(self) -> DistributionChannel:
+        """Detect the distribution channel (NPM or PLUGIN).
+        Checks environment variables and filesystem layout to determine
+        how gaia-ops was installed.
+        """
+        ...
+    # ------------------------------------------------------------------ #
+    # Full hook lifecycle adapters (thin-gate pattern)
+    # ------------------------------------------------------------------ #
+    @abstractmethod
+    def adapt_pre_tool_use(self, event: HookEvent) -> HookResponse:
+        """Run all pre-tool-use business logic and return a formatted response.
+        Orchestrates: routing (bash vs task), validation, state management,
+        context injection, approval handling, and response formatting.
+        Preconditions:
+            - event is a parsed HookEvent with event_type PRE_TOOL_USE
+        Postconditions:
+            - Returns HookResponse ready for stdout + sys.exit()
+        """
+        ...
+    @abstractmethod
+    def adapt_post_tool_use(self, event: HookEvent) -> HookResponse:
+        """Run all post-tool-use business logic and return a formatted response.
+        Orchestrates: state retrieval, duration computation, audit logging,
+        T3 grant confirmation, critical event detection, session context
+        writing, and state cleanup.
+        Preconditions:
+            - event is a parsed HookEvent with event_type POST_TOOL_USE
+        Postconditions:
+            - Returns HookResponse (always exit 0, post-hook never blocks)
+        """
+        ...
+    @abstractmethod
+    def adapt_subagent_stop(self, event: HookEvent) -> HookResponse:
+        """Run all subagent-stop business logic and return a formatted response.
+        Orchestrates: contract parsing and validation, approval cleanup,
+        context updates, workflow recording, response contract validation,
+        anomaly detection, episodic memory, and result assembly.
+        Preconditions:
+            - event is a parsed HookEvent with event_type SUBAGENT_STOP
+        Postconditions:
+            - Returns HookResponse (exit 0 for success, exit 2 for contract rejection)
+        """
+        ...

package/dist/gaia-ops/hooks/adapters/channel.py ADDED Viewed

@@ -0,0 +1,17 @@
+"""
+Distribution Channel Detection for Gaia-Ops.
+Utility module that detects whether gaia-ops is running as a Claude Code plugin
+or via npm. Used by entry points to log coexistence warnings and by business
+logic to adapt behavior per channel.
+"""
+import os
+from pathlib import Path
+def is_dual_channel_active() -> bool:
+    """Check if both plugin and npm installations exist simultaneously."""
+    has_plugin = bool(os.environ.get("CLAUDE_PLUGIN_ROOT"))
+    has_npm = Path(".claude/hooks").is_symlink()
+    return has_plugin and has_npm