@lannguyensi/harness 0.7.0 → 0.8.1

package/dist/cli/pack/hook-pre-tool-use.d.ts

@@ -0,0 +1,32 @@
+import { type LedgerEntry } from "../../policies/index.js";
+import { type ApprovalCheckResult } from "../../policy-packs/builtin/understanding-before-execution-runtime.js";
+import type { Manifest } from "../../schema/index.js";
+import { type LoaderOptions } from "../loader.js";
+export interface PackHookPreToolUseOptions extends LoaderOptions {
+    /** Pack name to evaluate. Defaults to understanding-before-execution. */
+    pack?: string;
+    /** Override report directory (test injection). */
+    reportsDir?: string;
+    /** Override timeout per ledger call. */
+    ledgerTimeoutMs?: number;
+    /** Defaults to process.stdin. */
+    stdin?: NodeJS.ReadableStream;
+    /** Defaults to process.stdout. */
+    stdout?: NodeJS.WritableStream;
+    /** Defaults to process.stderr. */
+    stderr?: NodeJS.WritableStream;
+    /** Inject an alternate manifest (test). */
+    manifest?: Manifest;
+    /** Inject a fake ledger query (test). */
+    ledgerQuery?: (sessionId: string) => Promise<LedgerEntry[] | {
+        degraded: string;
+    }>;
+}
+export interface PackHookPreToolUseResult {
+    exitCode: number;
+    blocked: boolean;
+    approvalCheck: ApprovalCheckResult;
+    /** Diagnostic line emitted to stderr (always; even on allow). */
+    diagnostic: string;
+}
+export declare function runPackHookPreToolUseCli(opts?: PackHookPreToolUseOptions): Promise<PackHookPreToolUseResult>;

package/dist/cli/pack/hook-pre-tool-use.js

@@ -0,0 +1,181 @@
+// Phase 6 #4 — `harness pack hook pre-tool-use [--pack <name>]` runtime verb.
+//
+// PreToolUse blocker for pack-driven gates. Wired by the
+// understanding-before-execution pack's hook contribution; receives the
+// Claude Code event JSON on stdin, consults the two approval sources
+// (evidence ledger via grounding-mcp, persisted JSON report under
+// `.understanding-gate/reports/`), emits a `{decision: "block"}` JSON to
+// stdout when neither source has approved.
+//
+// Why a new CLI verb (vs reusing `harness policy intercept`): the
+// existing intercept layer evaluates `policies[]` against `requires`,
+// which is purely ledger-based. The Understanding Gate has a second
+// source-of-truth (the persisted JSON report), and bolting a fallback
+// into the requires evaluator would leak pack-specific semantics into
+// the generic policy layer. This verb lives next to the pack instead.
+//
+// Failure mode: any error in load / parse / ledger / report scan
+// resolves to ALLOW (exit 0, silent). The Understanding Gate is opt-in;
+// turning a bug in this code into a session-wide tool block would be
+// hostile. The npm package's own standalone blocker still runs as a
+// secondary safety net for solo users, and `harness explain --trace`
+// (Phase 4 #6) surfaces the runtime audit trail when configured.
+import { queryLedgerByTag, } from "../../policies/index.js";
+import { checkPersistedReport, defaultReportsDir, matchLedgerEntries, } from "../../policy-packs/builtin/understanding-before-execution-runtime.js";
+import { loadManifest } from "../loader.js";
+const PACK_NAME = "understanding-before-execution";
+async function readStdin(stream) {
+    return new Promise((resolve, reject) => {
+        let data = "";
+        stream.setEncoding("utf8");
+        stream.on("data", (chunk) => {
+            data += chunk;
+        });
+        stream.on("end", () => resolve(data));
+        stream.on("error", (err) => reject(err));
+    });
+}
+function findGroundingMcp(manifest) {
+    return manifest.tools.mcp.find((m) => m.name === "grounding-mcp") ?? null;
+}
+function blockJson(toolName, reason) {
+    return JSON.stringify({
+        decision: "block",
+        reason: `Understanding Gate: ${reason}. Tool: ${toolName}. Run \`harness approve understanding\` once you have produced and confirmed an Understanding Report.`,
+    });
+}
+async function checkLedger(manifest, sessionId, opts) {
+    if (opts.ledgerQuery) {
+        const result = await opts.ledgerQuery(sessionId);
+        if ("degraded" in result) {
+            return { matched: false, detail: `ledger degraded (${result.degraded})` };
+        }
+        return matchLedgerEntries(result, sessionId);
+    }
+    const server = findGroundingMcp(manifest);
+    if (!server) {
+        return { matched: false, detail: "grounding-mcp not declared in manifest" };
+    }
+    const command = Array.isArray(server.command)
+        ? server.command
+        : server.command.trim().split(/\s+/);
+    const env = server.env ?? undefined;
+    const timeoutMs = opts.ledgerTimeoutMs ?? server.health?.timeout_ms ?? 5_000;
+    const result = await queryLedgerByTag({
+        mcpCommand: command,
+        ...(env && { mcpEnv: env }),
+        sessionId,
+        timeoutMs,
+    });
+    if (result.kind === "degraded") {
+        return { matched: false, detail: `ledger degraded (${result.reason})` };
+    }
+    return matchLedgerEntries(result.entries, sessionId);
+}
+export async function runPackHookPreToolUseCli(opts = {}) {
+    const stdin = opts.stdin ?? process.stdin;
+    const stdout = opts.stdout ?? process.stdout;
+    const stderr = opts.stderr ?? process.stderr;
+    const packName = opts.pack ?? PACK_NAME;
+    // Read stdin defensively. Bad JSON falls through to allow (matches
+    // policy intercept's failure mode).
+    const raw = await readStdin(stdin);
+    let event = {};
+    try {
+        event = JSON.parse(raw.trim() || "{}");
+    }
+    catch {
+        /* allow on malformed input */
+    }
+    const sessionId = (typeof event.session_id === "string" ? event.session_id : undefined) ??
+        process.env.CLAUDE_SESSION_ID ??
+        "";
+    const toolName = typeof event.tool_name === "string" ? event.tool_name : "(unknown)";
+    // Load manifest (or use injection). Bail to allow on any failure so a
+    // missing harness install never bricks the session.
+    let manifest;
+    try {
+        manifest = opts.manifest ?? loadManifest(opts).manifest;
+    }
+    catch (err) {
+        const diagnostic = `harness pack hook: manifest load failed (${err.message}), allowing.`;
+        stderr.write(`${diagnostic}\n`);
+        return {
+            exitCode: 0,
+            blocked: false,
+            approvalCheck: { approved: true, source: "none", detail: diagnostic },
+            diagnostic,
+        };
+    }
+    // Confirm the pack is enabled. A pack that isn't even declared in the
+    // manifest means the operator wired this hook directly into
+    // settings.json without `harness apply` — odd but harmless; allow.
+    const declared = manifest.policy_packs.find((p) => p.name === packName);
+    if (!declared) {
+        const diagnostic = `harness pack hook: pack "${packName}" not declared in manifest, allowing.`;
+        stderr.write(`${diagnostic}\n`);
+        return {
+            exitCode: 0,
+            blocked: false,
+            approvalCheck: { approved: true, source: "none", detail: diagnostic },
+            diagnostic,
+        };
+    }
+    if (!declared.enabled) {
+        const diagnostic = `harness pack hook: pack "${packName}" is enabled:false, allowing.`;
+        stderr.write(`${diagnostic}\n`);
+        return {
+            exitCode: 0,
+            blocked: false,
+            approvalCheck: { approved: true, source: "none", detail: diagnostic },
+            diagnostic,
+        };
+    }
+    if (sessionId === "") {
+        const diagnostic = 'harness pack hook: no session_id resolvable from input or $CLAUDE_SESSION_ID, allowing.';
+        stderr.write(`${diagnostic}\n`);
+        return {
+            exitCode: 0,
+            blocked: false,
+            approvalCheck: { approved: true, source: "none", detail: diagnostic },
+            diagnostic,
+        };
+    }
+    // Source 1: ledger.
+    const ledger = await checkLedger(manifest, sessionId, opts);
+    if (ledger.matched) {
+        const diagnostic = `harness pack hook: ${ledger.detail}, allowing.`;
+        stderr.write(`${diagnostic}\n`);
+        return {
+            exitCode: 0,
+            blocked: false,
+            approvalCheck: { approved: true, source: "ledger", detail: ledger.detail },
+            diagnostic,
+        };
+    }
+    // Source 2: persisted report.
+    const reportsDir = opts.reportsDir ?? defaultReportsDir();
+    const report = checkPersistedReport(reportsDir, sessionId);
+    if (report.approved) {
+        const diagnostic = `harness pack hook: ${report.detail}, allowing.`;
+        stderr.write(`${diagnostic}\n`);
+        return {
+            exitCode: 0,
+            blocked: false,
+            approvalCheck: { approved: true, source: "persisted-report", detail: report.detail },
+            diagnostic,
+        };
+    }
+    // Neither source approved.
+    const reason = `${ledger.detail}; ${report.detail}`;
+    const diagnostic = `harness pack hook: BLOCK — ${reason}`;
+    stderr.write(`${diagnostic}\n`);
+    stdout.write(`${blockJson(toolName, "no approved Understanding Report for this session")}\n`);
+    return {
+        exitCode: 0,
+        blocked: true,
+        approvalCheck: { approved: false, source: "none", detail: reason },
+        diagnostic,
+    };
+}
+//# sourceMappingURL=hook-pre-tool-use.js.map

package/dist/cli/pack/hook-pre-tool-use.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hook-pre-tool-use.js","sourceRoot":"","sources":["../../../src/cli/pack/hook-pre-tool-use.ts"],"names":[],"mappings":"AAAA,8EAA8E;AAC9E,EAAE;AACF,yDAAyD;AACzD,wEAAwE;AACxE,qEAAqE;AACrE,kEAAkE;AAClE,yEAAyE;AACzE,2CAA2C;AAC3C,EAAE;AACF,kEAAkE;AAClE,sEAAsE;AACtE,oEAAoE;AACpE,sEAAsE;AACtE,sEAAsE;AACtE,sEAAsE;AACtE,EAAE;AACF,iEAAiE;AACjE,wEAAwE;AACxE,qEAAqE;AACrE,oEAAoE;AACpE,qEAAqE;AACrE,iEAAiE;AAEjE,OAAO,EACL,gBAAgB,GAEjB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,kBAAkB,GAEnB,MAAM,sEAAsE,CAAC;AAE9E,OAAO,EAAE,YAAY,EAAsB,MAAM,cAAc,CAAC;AAEhE,MAAM,SAAS,GAAG,gCAAgC,CAAC;AAkCnD,KAAK,UAAU,SAAS,CAAC,MAA6B;IACpD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC3B,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YAClC,IAAI,IAAI,KAAK,CAAC;QAChB,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACtC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAkB;IAC1C,OAAO,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,IAAI,IAAI,CAAC;AAC5E,CAAC;AAED,SAAS,SAAS,CAAC,QAAgB,EAAE,MAAc;IACjD,OAAO,IAAI,CAAC,SAAS,CAAC;QACpB,QAAQ,EAAE,OAAO;QACjB,MAAM,EAAE,uBAAuB,MAAM,WAAW,QAAQ,uGAAuG;KAChK,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,WAAW,CACxB,QAAkB,EAClB,SAAiB,EACjB,IAA+B;IAE/B,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,UAAU,IAAI,MAAM,EAAE,CAAC;YACzB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,MAAM,CAAC,QAAQ,GAAG,EAAE,CAAC;QAC5E,CAAC;QACD,OAAO,kBAAkB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC/C,CAAC;IACD,MAAM,MAAM,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,wCAAwC,EAAE,CAAC;IAC9E,CAAC;IACD,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;QAC3C,CAAC,CAAC,MAAM,CAAC,OAAO;QAChB,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,SAAS,CAAC;IACpC,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,IAAI,MAAM,CAAC,MAAM,EAAE,UAAU,IAAI,KAAK,CAAC;IAC7E,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;QACpC,UAAU,EAAE,OAAO;QACnB,GAAG,CAAC,GAAG,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;QAC3B,SAAS;QACT,SAAS;KACV,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC;IAC1E,CAAC;IACD,OAAO,kBAAkB,CAAC,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,OAAkC,EAAE;IAEpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC;IAC1C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IAC7C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,IAAI,SAAS,CAAC;IAExC,mEAAmE;IACnE,oCAAoC;IACpC,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,KAAK,CAAC,CAAC;IACnC,IAAI,KAAK,GAAkB,EAAE,CAAC;IAC9B,IAAI,CAAC;QACH,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,IAAI,CAAkB,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,8BAA8B;IAChC,CAAC;IAED,MAAM,SAAS,GACb,CAAC,OAAO,KAAK,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;QACrE,OAAO,CAAC,GAAG,CAAC,iBAAiB;QAC7B,EAAE,CAAC;IACL,MAAM,QAAQ,GAAG,OAAO,KAAK,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC;IAErF,sEAAsE;IACtE,oDAAoD;IACpD,IAAI,QAAkB,CAAC;IACvB,IAAI,CAAC;QACH,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC;IAC1D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,UAAU,GAAG,4CAChB,GAAa,CAAC,OACjB,cAAc,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,GAAG,UAAU,IAAI,CAAC,CAAC;QAChC,OAAO;YACL,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,KAAK;YACd,aAAa,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE;YACrE,UAAU;SACX,CAAC;IACJ,CAAC;IAED,sEAAsE;IACtE,4DAA4D;IAC5D,mEAAmE;IACnE,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;IACxE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,UAAU,GAAG,4BAA4B,QAAQ,uCAAuC,CAAC;QAC/F,MAAM,CAAC,KAAK,CAAC,GAAG,UAAU,IAAI,CAAC,CAAC;QAChC,OAAO;YACL,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,KAAK;YACd,aAAa,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE;YACrE,UAAU;SACX,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QACtB,MAAM,UAAU,GAAG,4BAA4B,QAAQ,+BAA+B,CAAC;QACvF,MAAM,CAAC,KAAK,CAAC,GAAG,UAAU,IAAI,CAAC,CAAC;QAChC,OAAO;YACL,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,KAAK;YACd,aAAa,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE;YACrE,UAAU;SACX,CAAC;IACJ,CAAC;IAED,IAAI,SAAS,KAAK,EAAE,EAAE,CAAC;QACrB,MAAM,UAAU,GACd,yFAAyF,CAAC;QAC5F,MAAM,CAAC,KAAK,CAAC,GAAG,UAAU,IAAI,CAAC,CAAC;QAChC,OAAO;YACL,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,KAAK;YACd,aAAa,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE;YACrE,UAAU;SACX,CAAC;IACJ,CAAC;IAED,oBAAoB;IACpB,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IAC5D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,MAAM,UAAU,GAAG,sBAAsB,MAAM,CAAC,MAAM,aAAa,CAAC;QACpE,MAAM,CAAC,KAAK,CAAC,GAAG,UAAU,IAAI,CAAC,CAAC;QAChC,OAAO;YACL,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,KAAK;YACd,aAAa,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE;YAC1E,UAAU;SACX,CAAC;IACJ,CAAC;IAED,8BAA8B;IAC9B,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,iBAAiB,EAAE,CAAC;IAC1D,MAAM,MAAM,GAAG,oBAAoB,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IAC3D,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpB,MAAM,UAAU,GAAG,sBAAsB,MAAM,CAAC,MAAM,aAAa,CAAC;QACpE,MAAM,CAAC,KAAK,CAAC,GAAG,UAAU,IAAI,CAAC,CAAC;QAChC,OAAO;YACL,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,KAAK;YACd,aAAa,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE;YACpF,UAAU;SACX,CAAC;IACJ,CAAC;IAED,2BAA2B;IAC3B,MAAM,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,EAAE,CAAC;IACpD,MAAM,UAAU,GAAG,8BAA8B,MAAM,EAAE,CAAC;IAC1D,MAAM,CAAC,KAAK,CAAC,GAAG,UAAU,IAAI,CAAC,CAAC;IAChC,MAAM,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,QAAQ,EAAE,mDAAmD,CAAC,IAAI,CAAC,CAAC;IAC9F,OAAO;QACL,QAAQ,EAAE,CAAC;QACX,OAAO,EAAE,IAAI;QACb,aAAa,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE;QAClE,UAAU;KACX,CAAC;AACJ,CAAC"}

package/dist/cli/pack/index.d.ts

@@ -0,0 +1,4 @@
+export { packAdd, type PackAddOptions, type PackAddResult } from "./add.js";
+export { packRemove, type PackRemoveOptions, type PackRemoveResult } from "./remove.js";
+export { packList, type PackListOptions, type PackListResult } from "./list.js";
+export { applyPackAdd, applyPackRemove, planPackRemove, type PackAddEntry, type PackRemovePlan, } from "./mutate.js";

package/dist/cli/pack/index.js

@@ -0,0 +1,5 @@
+export { packAdd } from "./add.js";
+export { packRemove } from "./remove.js";
+export { packList } from "./list.js";
+export { applyPackAdd, applyPackRemove, planPackRemove, } from "./mutate.js";
+//# sourceMappingURL=index.js.map

package/dist/cli/pack/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/cli/pack/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAA2C,MAAM,UAAU,CAAC;AAC5E,OAAO,EAAE,UAAU,EAAiD,MAAM,aAAa,CAAC;AACxF,OAAO,EAAE,QAAQ,EAA6C,MAAM,WAAW,CAAC;AAChF,OAAO,EACL,YAAY,EACZ,eAAe,EACf,cAAc,GAGf,MAAM,aAAa,CAAC"}

package/dist/cli/pack/list.d.ts

@@ -0,0 +1,10 @@
+import { type LoaderOptions } from "../loader.js";
+export interface PackListOptions extends LoaderOptions {
+    enabledOnly?: boolean;
+    json?: boolean;
+}
+export interface PackListResult {
+    output: string;
+    rows: Record<string, unknown>[];
+}
+export declare function packList(opts?: PackListOptions): PackListResult;

package/dist/cli/pack/list.js

@@ -0,0 +1,43 @@
+// `harness pack list` — flat read of policy_packs[] for shell consumption.
+//
+// Output rows match the existing `harness list <category>` shape so the
+// rendering helper (renderText vs JSON) stays consistent across categories.
+// Today the columns are: name, source, enabled, mode, description.
+import { loadManifest } from "../loader.js";
+function modeOf(pack) {
+    const raw = pack.config["mode"];
+    return typeof raw === "string" ? raw : "";
+}
+function buildRows(manifest, opts) {
+    let entries = manifest.policy_packs;
+    if (opts.enabledOnly)
+        entries = entries.filter((p) => p.enabled);
+    return entries.map((p) => ({
+        name: p.name,
+        source: p.source,
+        enabled: p.enabled,
+        mode: modeOf(p),
+        description: p.description ?? "",
+    }));
+}
+function renderText(rows) {
+    if (rows.length === 0)
+        return "(no entries)\n";
+    const headers = Object.keys(rows[0]);
+    const widths = headers.map((h) => Math.max(h.length, ...rows.map((r) => String(r[h] ?? "").length)));
+    const pad = (s, w) => s.padEnd(w, " ");
+    const lines = [];
+    lines.push(headers.map((h, i) => pad(h, widths[i])).join("  "));
+    lines.push(headers.map((_, i) => "-".repeat(widths[i])).join("  "));
+    for (const row of rows) {
+        lines.push(headers.map((h, i) => pad(String(row[h] ?? ""), widths[i])).join("  "));
+    }
+    return `${lines.join("\n")}\n`;
+}
+export function packList(opts = {}) {
+    const { manifest } = loadManifest(opts);
+    const rows = buildRows(manifest, opts);
+    const output = opts.json ? `${JSON.stringify(rows, null, 2)}\n` : renderText(rows);
+    return { output, rows };
+}
+//# sourceMappingURL=list.js.map

package/dist/cli/pack/list.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"list.js","sourceRoot":"","sources":["../../../src/cli/pack/list.ts"],"names":[],"mappings":"AAAA,2EAA2E;AAC3E,EAAE;AACF,wEAAwE;AACxE,4EAA4E;AAC5E,mEAAmE;AAGnE,OAAO,EAAE,YAAY,EAAsB,MAAM,cAAc,CAAC;AAYhE,SAAS,MAAM,CAAC,IAAsC;IACpD,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAChC,OAAO,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC5C,CAAC;AAED,SAAS,SAAS,CAAC,QAAkB,EAAE,IAAqB;IAC1D,IAAI,OAAO,GAAG,QAAQ,CAAC,YAAY,CAAC;IACpC,IAAI,IAAI,CAAC,WAAW;QAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IACjE,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACzB,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;QACf,WAAW,EAAE,CAAC,CAAC,WAAW,IAAI,EAAE;KACjC,CAAC,CAAC,CAAC;AACN,CAAC;AAED,SAAS,UAAU,CAAC,IAA+B;IACjD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,gBAAgB,CAAC;IAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;IACtC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC/B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAClE,CAAC;IACF,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACvD,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACjE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACrE,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACtF,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,OAAwB,EAAE;IACjD,MAAM,EAAE,QAAQ,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACxC,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACvC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACnF,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;AAC1B,CAAC"}

package/dist/cli/pack/mutate.d.ts

@@ -0,0 +1,14 @@
+export interface PackAddEntry {
+    name: string;
+    source?: string;
+    enabled?: boolean;
+    description?: string;
+    config?: Record<string, unknown>;
+}
+export interface PackRemovePlan {
+    found: boolean;
+    availableNames: string[];
+}
+export declare function applyPackAdd(yamlText: string, entry: PackAddEntry): string;
+export declare function planPackRemove(yamlText: string, name: string): PackRemovePlan;
+export declare function applyPackRemove(yamlText: string, name: string): string;

package/dist/cli/pack/mutate.js

@@ -0,0 +1,76 @@
+// YAML-document mutators for `harness pack` add/remove. Pure functions over
+// the on-disk `harness.yaml` text, mirroring src/cli/add/mutate.ts and
+// src/cli/remove/mutate.ts.
+import { isMap, isSeq, parseDocument } from "yaml";
+export function applyPackAdd(yamlText, entry) {
+    const doc = parseDocument(yamlText);
+    // Build a YAML-friendly plain object. Only emit fields the caller set so the
+    // resulting manifest stays minimal (the schema fills in defaults at parse
+    // time).
+    const plain = { name: entry.name };
+    if (entry.source !== undefined)
+        plain["source"] = entry.source;
+    if (entry.enabled !== undefined)
+        plain["enabled"] = entry.enabled;
+    if (entry.description !== undefined)
+        plain["description"] = entry.description;
+    if (entry.config !== undefined && Object.keys(entry.config).length > 0) {
+        plain["config"] = entry.config;
+    }
+    const node = doc.getIn(["policy_packs"]);
+    if (node === undefined || node === null) {
+        // setIn with `[plain]` materialises a YAML Seq containing the entry.
+        // Doing setIn(path, []) followed by getIn(path) returns the JS array
+        // unchanged — same footgun src/cli/add/mutate.ts already navigates
+        // around. Match that pattern: create-with-entry in one step.
+        doc.setIn(["policy_packs"], [plain]);
+    }
+    else if (isSeq(node)) {
+        node.add(plain);
+    }
+    else {
+        throw new Error(`expected a YAML sequence at policy_packs, got ${typeof node}`);
+    }
+    return doc.toString({ flowCollectionPadding: false, lineWidth: 0 });
+}
+export function planPackRemove(yamlText, name) {
+    const doc = parseDocument(yamlText);
+    const node = doc.getIn(["policy_packs"]);
+    if (!isSeq(node)) {
+        return { found: false, availableNames: [] };
+    }
+    const names = [];
+    let found = false;
+    for (const item of node.items) {
+        if (!isMap(item))
+            continue;
+        const itemName = item.get("name");
+        if (typeof itemName !== "string")
+            continue;
+        names.push(itemName);
+        if (itemName === name)
+            found = true;
+    }
+    return { found, availableNames: names };
+}
+export function applyPackRemove(yamlText, name) {
+    const doc = parseDocument(yamlText);
+    const node = doc.getIn(["policy_packs"]);
+    if (!isSeq(node))
+        return yamlText;
+    for (let i = 0; i < node.items.length; i++) {
+        const item = node.items[i];
+        if (!isMap(item))
+            continue;
+        const itemName = item.get("name");
+        if (typeof itemName === "string" && itemName === name) {
+            node.delete(i);
+            // If the array became empty, leave it as `policy_packs: []` rather
+            // than removing the key entirely. Keeping the key surface visible
+            // helps the next `harness pack add` round-trip cleanly.
+            return doc.toString({ flowCollectionPadding: false, lineWidth: 0 });
+        }
+    }
+    return yamlText;
+}
+//# sourceMappingURL=mutate.js.map

package/dist/cli/pack/mutate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mutate.js","sourceRoot":"","sources":["../../../src/cli/pack/mutate.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,uEAAuE;AACvE,4BAA4B;AAE5B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,MAAM,CAAC;AAenD,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,KAAmB;IAChE,MAAM,GAAG,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACpC,6EAA6E;IAC7E,0EAA0E;IAC1E,SAAS;IACT,MAAM,KAAK,GAA4B,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC;IAC5D,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS;QAAE,KAAK,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC;IAC/D,IAAI,KAAK,CAAC,OAAO,KAAK,SAAS;QAAE,KAAK,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC;IAClE,IAAI,KAAK,CAAC,WAAW,KAAK,SAAS;QAAE,KAAK,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,WAAW,CAAC;IAC9E,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvE,KAAK,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC;IACjC,CAAC;IACD,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;IACzC,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;QACxC,qEAAqE;QACrE,qEAAqE;QACrE,mEAAmE;QACnE,6DAA6D;QAC7D,GAAG,CAAC,KAAK,CAAC,CAAC,cAAc,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;IACvC,CAAC;SAAM,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAClB,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,iDAAiD,OAAO,IAAI,EAAE,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC,EAAE,qBAAqB,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,EAAE,CAAC,CAAC;AACtE,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,QAAgB,EAAE,IAAY;IAC3D,MAAM,GAAG,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;IACzC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACjB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,CAAC;IAC9C,CAAC;IACD,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,KAAK,GAAG,KAAK,CAAC;IAClB,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QAC9B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,SAAS;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAClC,IAAI,OAAO,QAAQ,KAAK,QAAQ;YAAE,SAAS;QAC3C,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrB,IAAI,QAAQ,KAAK,IAAI;YAAE,KAAK,GAAG,IAAI,CAAC;IACtC,CAAC;IACD,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE,CAAC;AAC1C,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,QAAgB,EAAE,IAAY;IAC5D,MAAM,GAAG,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC;IACzC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;QAAE,OAAO,QAAQ,CAAC;IAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,SAAS;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAClC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtD,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACf,mEAAmE;YACnE,kEAAkE;YAClE,wDAAwD;YACxD,OAAO,GAAG,CAAC,QAAQ,CAAC,EAAE,qBAAqB,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,EAAE,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/cli/pack/remove.d.ts

@@ -0,0 +1,15 @@
+export interface PackRemoveOptions {
+    configPath?: string;
+    homeDir?: string;
+    dryRun?: boolean;
+    force?: boolean;
+}
+export interface PackRemoveResult {
+    path: string;
+    name: string;
+    diff: string;
+    applied: boolean;
+    /** Pack files that were (or would be) deleted because of --force. */
+    cleanedFiles: string[];
+}
+export declare function packRemove(name: string, opts?: PackRemoveOptions): Promise<PackRemoveResult>;

package/dist/cli/pack/remove.js

@@ -0,0 +1,153 @@
+// `harness pack remove <name>` — managed remove from policy_packs[].
+//
+// Reference-checked: refuses (without --force) when `.last-apply` records
+// files under `policy-packs/<name>/`, on the theory that `harness apply`
+// has run with this pack present and removing it without telling apply
+// would leave orphan files in `harness.generated/`. With --force, the
+// manifest entry is removed AND the orphan files are deleted AND the
+// `.last-apply` file entries are pruned, so the next `harness apply` is
+// a clean no-op.
+import * as fs from "node:fs";
+import * as os from "node:os";
+import * as path from "node:path";
+import { parse as parseYaml } from "yaml";
+import { atomicWriteFile } from "../../io/atomic-write.js";
+import { writeLastApply } from "../../io/last-apply.js";
+import { LAST_APPLY_BASENAME, readLastApply, } from "../../io/last-apply.js";
+import { withFileLock } from "../../io/lock.js";
+import { unifiedDiff } from "../../io/patch.js";
+import { formatValidationErrors, validateBeforeWrite, } from "../../io/validate-before-write.js";
+import { EX_FAIL, EX_NOINPUT, HarnessExitError } from "../exit-codes.js";
+import { applyPackRemove, planPackRemove } from "./mutate.js";
+const DEFAULT_BASENAME = "harness.yaml";
+const LOCK_BASENAME = ".harness.lock";
+const GENERATED_DIRNAME = "harness.generated";
+function resolveTargetPath(opts) {
+    if (opts.configPath)
+        return path.resolve(opts.configPath);
+    return path.join(opts.homeDir ?? path.join(os.homedir(), ".claude"), DEFAULT_BASENAME);
+}
+function resolveGeneratedDir(opts, manifestPath) {
+    if (opts.homeDir !== undefined)
+        return path.join(opts.homeDir, GENERATED_DIRNAME);
+    return path.join(path.dirname(manifestPath), GENERATED_DIRNAME);
+}
+function packFileKeys(record, packName) {
+    if (!record)
+        return [];
+    const prefix = `policy-packs/${packName}/`;
+    return Object.keys(record.files)
+        .filter((k) => k.startsWith(prefix))
+        .sort();
+}
+function pruneRecord(record, packName) {
+    const out = {
+        files: {},
+        ...(record.manifest !== undefined ? { manifest: record.manifest } : {}),
+        ...(record.memoryDirs !== undefined ? { memoryDirs: record.memoryDirs } : {}),
+    };
+    const prefix = `policy-packs/${packName}/`;
+    for (const [key, entry] of Object.entries(record.files)) {
+        if (!key.startsWith(prefix))
+            out.files[key] = entry;
+    }
+    return out;
+}
+function formatNameList(names) {
+    if (names.length === 0)
+        return "(none declared)";
+    return names.map((n) => `  - ${n}`).join("\n");
+}
+// Belt-and-braces defense against a path-traversal `name` reaching the
+// filesystem cleanup. The schema regex on PolicyPackSchema.name catches
+// this at parseManifest time, but planPackRemove reads the YAML
+// directly (not via the schema), so a malformed manifest could still
+// surface a bad name here. Refuse rather than rmSync into the void.
+const SAFE_PACK_NAME_RE = /^[a-zA-Z0-9][a-zA-Z0-9._-]*$/;
+export async function packRemove(name, opts = {}) {
+    const target = resolveTargetPath(opts);
+    if (!fs.existsSync(target)) {
+        throw new HarnessExitError(`harness manifest not found at ${target}; run \`harness init\` first`, EX_NOINPUT);
+    }
+    if (!SAFE_PACK_NAME_RE.test(name)) {
+        throw new HarnessExitError(`policy_pack name ${JSON.stringify(name)} contains path separators or other unsafe characters; refusing to operate on it. Allowed: [A-Za-z0-9._-], leading char alphanumeric.`, EX_FAIL);
+    }
+    const original = fs.readFileSync(target, "utf8");
+    const plan = planPackRemove(original, name);
+    if (!plan.found) {
+        throw new HarnessExitError(`policy_packs entry "${name}" not found. Available entries:\n${formatNameList(plan.availableNames)}`, EX_FAIL);
+    }
+    const generatedDir = resolveGeneratedDir(opts, target);
+    const lastApply = readLastApply(generatedDir);
+    const trackedFiles = packFileKeys(lastApply, name);
+    if (trackedFiles.length > 0 && !opts.force) {
+        const list = trackedFiles.map((f) => `  - ${f}`).join("\n");
+        throw new HarnessExitError(`pack "${name}" has applied state present in ${LAST_APPLY_BASENAME}:\n${list}\n` +
+            `Pass --force to remove the manifest entry and clean up these generated files. ` +
+            `(Without cleanup, a subsequent \`harness apply\` would not delete them.)`, EX_FAIL);
+    }
+    const proposed = applyPackRemove(original, name);
+    const diff = unifiedDiff({
+        fileName: path.basename(target),
+        oldText: original,
+        newText: proposed,
+        oldHeader: "current",
+        newHeader: "proposed",
+    });
+    const schemaResult = validateBeforeWrite(parseYaml(proposed));
+    if (!schemaResult.ok) {
+        throw new HarnessExitError(`proposed manifest fails schema validation:\n${formatValidationErrors(schemaResult.errors)}`, EX_FAIL);
+    }
+    if (opts.dryRun) {
+        // On dry-run, surface what --force WOULD clean up so the user can
+        // sanity-check the blast radius before committing.
+        return {
+            path: target,
+            name,
+            diff,
+            applied: false,
+            cleanedFiles: opts.force ? trackedFiles : [],
+        };
+    }
+    const lockPath = path.join(path.dirname(target), LOCK_BASENAME);
+    const cleanedFiles = [];
+    await withFileLock(lockPath, () => {
+        const current = fs.readFileSync(target, "utf8");
+        const next = applyPackRemove(current, name);
+        const recheck = validateBeforeWrite(parseYaml(next));
+        if (!recheck.ok) {
+            throw new HarnessExitError(`proposed manifest fails schema validation after lock acquisition:\n${formatValidationErrors(recheck.errors)}`, EX_FAIL);
+        }
+        atomicWriteFile(target, next);
+        // Best-effort cleanup under --force. We do this AFTER the manifest
+        // write has succeeded so a partial cleanup never leaves the manifest
+        // in a confusing half-state. Each fs operation is wrapped: a missing
+        // file is a no-op, not a failure (the user may have deleted it
+        // manually since the last apply).
+        if (opts.force && trackedFiles.length > 0) {
+            const packDir = path.join(generatedDir, "policy-packs", name);
+            try {
+                fs.rmSync(packDir, { recursive: true, force: true });
+            }
+            catch {
+                // ignore — best-effort
+            }
+            // Update .last-apply so the next `harness apply` no-ops cleanly
+            // instead of detecting the now-missing files as drift.
+            const fresh = readLastApply(generatedDir);
+            if (fresh) {
+                const pruned = pruneRecord(fresh, name);
+                writeLastApply(generatedDir, pruned);
+            }
+            cleanedFiles.push(...trackedFiles);
+        }
+    });
+    return {
+        path: target,
+        name,
+        diff,
+        applied: true,
+        cleanedFiles,
+    };
+}
+//# sourceMappingURL=remove.js.map

package/dist/cli/pack/remove.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"remove.js","sourceRoot":"","sources":["../../../src/cli/pack/remove.ts"],"names":[],"mappings":"AAAA,qEAAqE;AACrE,EAAE;AACF,0EAA0E;AAC1E,yEAAyE;AACzE,uEAAuE;AACvE,sEAAsE;AACtE,qEAAqE;AACrE,wEAAwE;AACxE,iBAAiB;AAEjB,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,KAAK,IAAI,SAAS,EAAE,MAAM,MAAM,CAAC;AAC1C,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EACL,mBAAmB,EACnB,aAAa,GAEd,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EACL,sBAAsB,EACtB,mBAAmB,GACpB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAkB9D,MAAM,gBAAgB,GAAG,cAAc,CAAC;AACxC,MAAM,aAAa,GAAG,eAAe,CAAC;AACtC,MAAM,iBAAiB,GAAG,mBAAmB,CAAC;AAE9C,SAAS,iBAAiB,CAAC,IAAuB;IAChD,IAAI,IAAI,CAAC,UAAU;QAAE,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1D,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,EAAE,gBAAgB,CAAC,CAAC;AACzF,CAAC;AAED,SAAS,mBAAmB,CAAC,IAAuB,EAAE,YAAoB;IACxE,IAAI,IAAI,CAAC,OAAO,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;IAClF,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,iBAAiB,CAAC,CAAC;AAClE,CAAC;AAED,SAAS,YAAY,CAAC,MAA8B,EAAE,QAAgB;IACpE,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,CAAC;IACvB,MAAM,MAAM,GAAG,gBAAgB,QAAQ,GAAG,CAAC;IAC3C,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;SAC7B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;SACnC,IAAI,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,WAAW,CAAC,MAAuB,EAAE,QAAgB;IAC5D,MAAM,GAAG,GAAoB;QAC3B,KAAK,EAAE,EAAE;QACT,GAAG,CAAC,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,GAAG,CAAC,MAAM,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC9E,CAAC;IACF,MAAM,MAAM,GAAG,gBAAgB,QAAQ,GAAG,CAAC;IAC3C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QACxD,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC;YAAE,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IACtD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,cAAc,CAAC,KAAe;IACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,iBAAiB,CAAC;IACjD,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACjD,CAAC;AAED,uEAAuE;AACvE,wEAAwE;AACxE,gEAAgE;AAChE,qEAAqE;AACrE,oEAAoE;AACpE,MAAM,iBAAiB,GAAG,8BAA8B,CAAC;AAEzD,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,IAAY,EACZ,OAA0B,EAAE;IAE5B,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACvC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,gBAAgB,CACxB,iCAAiC,MAAM,8BAA8B,EACrE,UAAU,CACX,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,gBAAgB,CACxB,oBAAoB,IAAI,CAAC,SAAS,CAChC,IAAI,CACL,sIAAsI,EACvI,OAAO,CACR,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjD,MAAM,IAAI,GAAG,cAAc,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAE5C,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QAChB,MAAM,IAAI,gBAAgB,CACxB,uBAAuB,IAAI,oCAAoC,cAAc,CAC3E,IAAI,CAAC,cAAc,CACpB,EAAE,EACH,OAAO,CACR,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC;IAC9C,MAAM,YAAY,GAAG,YAAY,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IAEnD,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QAC3C,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5D,MAAM,IAAI,gBAAgB,CACxB,SAAS,IAAI,kCAAkC,mBAAmB,MAAM,IAAI,IAAI;YAC9E,gFAAgF;YAChF,0EAA0E,EAC5E,OAAO,CACR,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACjD,MAAM,IAAI,GAAG,WAAW,CAAC;QACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QAC/B,OAAO,EAAE,QAAQ;QACjB,OAAO,EAAE,QAAQ;QACjB,SAAS,EAAE,SAAS;QACpB,SAAS,EAAE,UAAU;KACtB,CAAC,CAAC;IAEH,MAAM,YAAY,GAAG,mBAAmB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC9D,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC;QACrB,MAAM,IAAI,gBAAgB,CACxB,+CAA+C,sBAAsB,CAAC,YAAY,CAAC,MAAM,CAAC,EAAE,EAC5F,OAAO,CACR,CAAC;IACJ,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,kEAAkE;QAClE,mDAAmD;QACnD,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,IAAI;YACJ,IAAI;YACJ,OAAO,EAAE,KAAK;YACd,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE;SAC7C,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,aAAa,CAAC,CAAC;IAChE,MAAM,YAAY,GAAa,EAAE,CAAC;IAElC,MAAM,YAAY,CAAC,QAAQ,EAAE,GAAG,EAAE;QAChC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAChD,MAAM,IAAI,GAAG,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAC5C,MAAM,OAAO,GAAG,mBAAmB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;YAChB,MAAM,IAAI,gBAAgB,CACxB,sEAAsE,sBAAsB,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAC9G,OAAO,CACR,CAAC;QACJ,CAAC;QACD,eAAe,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAE9B,mEAAmE;QACnE,qEAAqE;QACrE,qEAAqE;QACrE,+DAA+D;QAC/D,kCAAkC;QAClC,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;YAC9D,IAAI,CAAC;gBACH,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;YACvD,CAAC;YAAC,MAAM,CAAC;gBACP,uBAAuB;YACzB,CAAC;YACD,gEAAgE;YAChE,uDAAuD;YACvD,MAAM,KAAK,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC;YAC1C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;gBACxC,cAAc,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;YACvC,CAAC;YACD,YAAY,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;QACrC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,IAAI;QACJ,IAAI;QACJ,OAAO,EAAE,IAAI;QACb,YAAY;KACb,CAAC;AACJ,CAAC"}

package/dist/cli/policy/intercept.js

@@ -156,6 +156,17 @@ export async function runInterceptCli(opts = {}) {
     if (result.blockJson) {
         stdout.write(`${JSON.stringify(result.blockJson)}\n`);
     }
+    // No-match diagnostic. Always (not gated on --verbose) when the
+    // manifest has at least one policy but none of them matched this
+    // event. Catches the common debug footgun where an operator probes
+    // `harness policy intercept` by hand and forgets `hook_event_name`,
+    // making the engine return exit 0 + empty stdout. The probe then
+    // looks like "policy did not load", when in fact the trigger filter
+    // simply rejected the input. Emits to stderr so the Claude Code
+    // hook contract on stdout is preserved.
+    if (result.decisions.length === 0 && manifest.policies.length > 0) {
+        stderr.write(formatNoMatchHint(event, manifest));
+    }
     if (verbose) {
         for (const decision of result.decisions) {
             if (decision.outcome === "allow")
@@ -169,4 +180,17 @@ export async function runInterceptCli(opts = {}) {
         blocked: result.blockJson !== null,
     };
 }
+function formatNoMatchHint(event, manifest) {
+    const observedEvent = typeof event.hook_event_name === "string" && event.hook_event_name.length > 0
+        ? `"${event.hook_event_name}"`
+        : "(missing)";
+    const observedTool = typeof event.tool_name === "string" && event.tool_name.length > 0
+        ? `"${event.tool_name}"`
+        : "(missing)";
+    const registeredEvents = Array.from(new Set(manifest.policies.map((p) => p.trigger.event))).sort();
+    return (`harness policy intercept: no policy matched event ` +
+        `hook_event_name=${observedEvent} tool_name=${observedTool} ` +
+        `(registered policy events: ${registeredEvents.join(", ")}). ` +
+        `If probing by hand, ensure stdin includes hook_event_name (e.g. "PreToolUse" for tool gates).\n`);
+}
 //# sourceMappingURL=intercept.js.map