npm - @orchestrator-claude/cli - Versions diffs - 3.11.0 → 3.12.1 - Mend

@orchestrator-claude/cli 3.11.0 → 3.12.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -12,5 +12,5 @@
 /**
  * CLI version
  */
-export declare const CLI_VERSION = "3.11.0";
+export declare const CLI_VERSION = "3.12.1";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.js CHANGED Viewed

@@ -24,7 +24,7 @@ import { OutputFormatter } from './formatters/OutputFormatter.js';
 /**
  * CLI version
  */
-export const CLI_VERSION = '3.11.0';
+export const CLI_VERSION = '3.12.1';
 /**
  * Main CLI function
  */

package/dist/templates/base/CLAUDE.md.hbs CHANGED Viewed

@@ -2,330 +2,60 @@
 ## Overview
-This project uses the **Orchestrator System** for autonomous workflow management. When handling feature requests, bug fixes, or refactoring tasks, you MUST use the orchestrator workflow instead of implementing directly.
+This project uses the **Orchestrator System** for autonomous workflow management.
+Orchestration is enforced by **deterministic hooks** — you do not need to memorize the workflow protocol.
-## Critical Rule
+## Critical Rules
-**NEVER implement features directly.** Always use the orchestrator workflow:
-```
-User Request → Detect Workflow → Research (if needed) → SPECIFY → PLAN → TASKS → Implement
-```
+1. **NEVER implement features directly** — always use the orchestrator workflow
+2. **NEVER edit `.orchestrator/orchestrator-index.json`** — state is in PostgreSQL
+3. **Access artifacts via MCP tools** (`artifactStore`, `artifactRetrieve`), not filesystem paths
 ## How to Start a Workflow
-When a user requests a new feature, bug fix, or refactoring:
-### 1. Detect Workflow Type
-Use the MCP tool to detect the workflow type:
-```
-mcp__orchestrator-tools__detectWorkflow({ prompt: "user request here" })
-```
-Workflow types:
-- `feature_development` - New features, new functionality
-- `bug_fix` - Bug fixes, error corrections
-- `refactoring` - Code refactoring, improvements
-- `emergency_debug` - Urgent debugging
-### 2. Start Workflow and Get Next Step
-**MANDATORY:** After detecting workflow type, call `startWorkflow` to create the workflow:
-```
-mcp__orchestrator-tools__startWorkflow({ workflowType: "feature-development", prompt: "user request here" })
-```
-This returns a deterministic `nextStep` instruction:
-```json
-{
-  "success": true,
-  "workflowId": "wf-123",
-  "nextStep": {
-    "action": "invoke_agent",
-    "subagent_type": "orchestrator",
-    "prompt": "Start workflow feature-development (ID: wf-123) for user request: ..."
-  }
-}
-```
-### 3. Execute nextStep (Invoke Orchestrator Agent)
-**IMMEDIATELY** follow the `nextStep` instruction by invoking the orchestrator agent via Task tool:
-```
-Use the Task tool with subagent_type from nextStep.subagent_type
-Prompt: nextStep.prompt
-```
-The orchestrator agent will:
-1. Set pending actions for specialized agents
-2. Return control to CLI for Ping-Pong pattern
-3. CLI invokes agents via Task tool as directed by getNextAction()
-4. Process continues until workflow completes
-## Available MCP Tools
-### orchestrator-tools
-- `detectWorkflow` - Detect workflow type from user prompt
-- `startWorkflow` - **Create workflow and get deterministic nextStep instruction** (MANDATORY after detectWorkflow)
-- `advancePhase` - Advance to the next workflow phase
-- `evaluateGate` - Evaluate if a phase gate passes
-- `validateArtifact` - Validate artifact against schema
-- `createCheckpoint` - Create a git checkpoint
-- `getStatus` - Get current workflow status
-- `getWorkflows` - List workflows with phase configs (including `requiresApproval`)
-- `getNextAction` - Get the next pending action (Ping-Pong pattern)
-### knowledge-base
-- `search` - Search the knowledge base
-- `getDocument` - Get a specific document
-- `getConstitution` - Get the project constitution
-- `listByTier` - List documents by tier
-- `listByCategory` - List documents by category
-## Auto-Advance Behavior (requiresApproval)
-**CRITICAL**: Each workflow phase has a `requiresApproval` configuration.
-### How It Works
-1. **Load workflow config** at start using `getWorkflows`:
-   ```
-   mcp__orchestrator-tools__getWorkflows()
-   ```
-2. **Check each phase's `requiresApproval`**:
-   - `requiresApproval: false` → **AUTO-ADVANCE** after gate passes (no user interaction)
-   - `requiresApproval: true` → **PAUSE** and ask user for approval
-### Default Configuration (feature-development)
+For any feature request, bug fix, or refactoring:
 ```
-SPECIFY  → requiresApproval: false → auto-advance
-PLAN     → requiresApproval: false → auto-advance
-TASKS    → requiresApproval: false → auto-advance
-IMPLEMENT → requiresApproval: true  → PAUSE HERE
+1. mcp__orchestrator-tools__detectWorkflow({ prompt: "user request" })
+2. mcp__orchestrator-tools__startWorkflow({ workflowType: "...", prompt: "..." })
+3. Follow the nextStep returned — hooks handle the rest automatically
 ```
-### Expected Behavior
-- **DO NOT ask user** between SPECIFY → PLAN → TASKS phases
-- **Run these phases sequentially** invoking each agent automatically
-- **ONLY pause** before IMPLEMENT phase (or phases with `requiresApproval: true`)
-- This reduces unnecessary interactions and speeds up the workflow
-### Example Flow
-```
-User: "Create a calculator function"
-Claude:
-1. detectWorkflow({ prompt: "Create a calculator function" }) → feature-development
-2. startWorkflow({ workflowType: "feature-development", prompt: "..." }) → { nextStep: {...} }
-3. Execute nextStep → Invoke orchestrator agent via Task tool
-4. getNextAction() → { agent: "specifier", status: "awaiting_agent" }
-5. Invoke specifier via Task tool → spec.md created
-6. getNextAction() → { agent: "planner", status: "awaiting_agent" }
-7. Invoke planner via Task tool → plan.md created
-8. getNextAction() → { agent: "task-generator", status: "awaiting_agent" }
-9. Invoke task-generator via Task tool → tasks.md created
-10. getNextAction() → { status: "awaiting_approval" }
-11. Ask user: "Artifacts ready. Approve implementation?"
-```
-## Workflow Phases
-```
-RESEARCH (optional)
-    ↓
-  SPECIFY
-    ↓
-   PLAN
-    ↓
-  TASKS
-    ↓
-  [HUMAN APPROVAL REQUIRED]
-    ↓
-IMPLEMENT
-```
-Each phase produces artifacts stored in MinIO (object storage) and tracked in PostgreSQL:
-- `research` - Research context documents
-- `specify` - Specifications (spec.md)
-- `plan` - Technical plans (plan.md)
-- `tasks` - Task backlogs (tasks.md)
-- `implement` - Implementation reports
-**CRITICAL**: Artifacts are accessed via MCP tools (`artifactStore`, `artifactRetrieve`), NOT via filesystem paths. The `.orchestrator/artifacts/` directory does NOT exist on the filesystem.
----
+Workflow types: `feature_development`, `bug_fix`, `refactoring`, `emergency_debug`
-## Workflow Execution Pattern (Ping-Pong Híbrido)
+## What Hooks Enforce Automatically
-### Critical Rule: Always Check for Pending Actions
+| Hook | Trigger | What it does |
+|------|---------|-------------|
+| `ping-pong-enforcer` | After every Agent call | Calls `getNextAction` and injects result |
+| `gate-guardian` | Before `advancePhase` | Evaluates gate, blocks if it fails |
+| `dangling-workflow-guard` | On session Stop | Warns and completes dangling workflows |
+| `workflow-guard` | Before Write/Edit on src/ | Blocks code writes without an active workflow |
-**MANDATORY:** After EVERY Task tool invocation that involves workflow orchestration, you MUST:
+You do NOT need to manually call `getNextAction` after agents or `evaluateGate` before advancing — hooks do this deterministically.
-1. **Call `mcp__orchestrator-tools__getNextAction()`**
-2. **Analyze the response and take appropriate action**
+## Skills (On-Demand Context)
-### Status → Action Mapping
+Use skills for phase-specific guidance:
-| Status | Your Action |
-|--------|-------------|
-| `awaiting_agent` | **Immediately** invoke the specified agent via Task tool |
-| `awaiting_approval` | **Ask user** for approval, then call `approveAction()` |
-| `running` | Agent is currently executing, do nothing |
-| No pending action | Workflow is complete or paused |
+| Skill | When to use |
+|-------|------------|
+| `/workflow-status` | Check current workflow state |
+| `/artifact-production` | Phase-specific artifact formats |
+| `/tdd-discipline` | TDD protocol during IMPLEMENT |
+| `/project-conventions` | Project patterns and gotchas |
+| `/checkpoint-protocol` | When to create checkpoints |
+| `/kb-lookup` | Search project knowledge base |
-### Workflow Execution Loop
+## Creating Custom Definitions
-```typescript
-// MANDATORY PATTERN for workflow execution
+When creating agents, skills, or hooks, write to BOTH filesystem and PostgreSQL:
-// 1. Detect workflow type
-const detection = await detectWorkflow({ prompt: "Create authentication API" });
+- **Agent**: Write `.claude/agents/{slug}.md` + `createAgentDefinition` MCP tool
+- **Skill**: Write `.claude/skills/{slug}/SKILL.md` + `createSkillDefinition` MCP tool
+- **Hook**: Write `.claude/hooks/{slug}.sh` + `createHook` MCP tool
-// 2. Start workflow and get nextStep (DETERMINISTIC)
-const startResult = await startWorkflow({
-  workflowType: detection.workflowType,
-  prompt: "Create authentication API"
-});
-// 3. Execute nextStep - invoke orchestrator agent
-await invokeTool("Task", {
-  subagent_type: startResult.nextStep.subagent_type, // "orchestrator"
-  prompt: startResult.nextStep.prompt
-});
-// 4. Check for pending actions (Ping-Pong loop)
-const action = await getNextAction();
-// 5. Handle the action
-if (action.hasAction && action.pendingAction.status === "awaiting_agent") {
-  // Immediately invoke the specified agent
-  await invokeTool("Task", {
-    subagent_type: action.pendingAction.agent,
-    prompt: action.pendingAction.prompt
-  });
-  // 6. REPEAT: Check for next action after agent completes
-  const nextAction = await getNextAction();
-  // ... continue loop
-}
-if (action.hasAction && action.pendingAction.status === "awaiting_approval") {
-  // Inform user and wait for approval
-  console.log("⚠️ Workflow requires approval before continuing to IMPLEMENT phase.");
-  console.log("Review artifacts and type 'yes' to proceed.");
-  // After user approves:
-  await approveAction({ workflowId: action.workflowId });
-  // Then check for next action again
-  const nextAction = await getNextAction();
-  // ...
-}
-```
-### What NOT to Do
-- ❌ **NEVER** skip `startWorkflow` after `detectWorkflow` - it creates the workflow and returns deterministic `nextStep`
-- ❌ **NEVER** ignore `nextStep` from `startWorkflow` - it tells you exactly which agent to invoke
-- ❌ **NEVER** ignore `getNextAction()` after Task tool invocation
-- ❌ **NEVER** decide which agent to invoke without checking `pendingAction`
-- ❌ **NEVER** skip to IMPLEMENT phase without user approval
-- ❌ **NEVER** execute multiple phases in a single agent invocation
-- ❌ **NEVER** use Write/Edit tools to create artifacts during orchestration (let specialized agents do it)
-- ❌ **NEVER** invoke agents out of order defined by `pendingAction`
-### Why This Pattern?
-**Problem (LIM-001):** Context window bloat when orchestrator executes all phases internally in one invocation.
-**Solution (Ping-Pong Híbrido):** Orchestrator acts as **dispatcher**, creating `pendingActions` that guide the CLI to invoke specialized agents in separate, isolated invocations.
-**Benefits:**
-- Each agent invocation has isolated context (< 12k tokens)
-- Total token usage reduced by 40%+
-- No hallucination from massive context
-- Real agent metrics (not simulated)
-- Workflow resumable after crashes (pendingAction persists)
----
-## MANDATORY: IMPLEMENT Phase Delegation
-> **WARNING**
->
-> The IMPLEMENT phase REQUIRES delegation to the implementer subagent.
-> Direct implementation is FORBIDDEN and will break workflow governance.
-### Trigger Phrases
-When user approves implementation with ANY of these phrases:
-**English:**
-- "yes", "yes, implement", "proceed", "go ahead", "continue"
-- "start implementation", "implement it", "do it"
-**Portuguese:**
-- "sim", "prossiga", "continue", "pode implementar"
-- "manda ver", "vai la", "implementa"
-### Required Actions (IN ORDER)
-1. **ANNOUNCE DELEGATION:**
-   ```
-   I will now delegate to the implementer agent to execute the tasks.
-   ```
-2. **ADVANCE PHASE:**
-   ```
-   mcp__orchestrator-tools__advancePhase({ workflowId: "current-workflow-id" })
-   ```
-3. **INVOKE IMPLEMENTER (REQUIRED):**
-   ```
-   Use the Task tool with subagent_type="implementer"
-   Prompt:
-   Execute all tasks from .orchestrator/artifacts/tasks/tasks.md
-   Context:
-   - Specification: .orchestrator/artifacts/specify/spec.md
-   - Plan: .orchestrator/artifacts/plan/plan.md
-   - Tasks: .orchestrator/artifacts/tasks/tasks.md
-   Requirements:
-   - Follow TDD (write tests BEFORE implementation)
-   - Maintain {{coverageThreshold}}% minimum coverage
-   - Create checkpoint after every 3-5 tasks
-   - Generate implementation-report.md at the end
-   ```
-### FORBIDDEN Actions
-- Using Edit/Write tools directly for code implementation
-- Skipping Task tool invocation
-- Writing production code without implementer agent
-- Editing `.orchestrator/orchestrator-index.json` directly (state is in PostgreSQL)
-### Self-Verification Checklist
-Before proceeding, verify:
-- [ ] Did I announce delegation to the user?
-- [ ] Did I call advancePhase via MCP?
-- [ ] Did I use Task tool with subagent_type="implementer"?
-- [ ] Is the implementer prompt complete with all context?
-If ANY answer is NO -> STOP and correct before continuing.
----
+Built-in definitions are seeded on `orchestrator init` (idempotent).
 ## Quality Rules
@@ -335,33 +65,6 @@ If ANY answer is NO -> STOP and correct before continuing.
 - **Clean Architecture**: Dependencies point inward
 - **TypeScript Strict**: `strict: true` required
-## State Management
-```
-PostgreSQL (Single Source of Truth):
-├── workflows          # Workflow state, pending actions, phases
-├── artifacts          # Artifact metadata
-├── checkpoints        # Checkpoint metadata
-└── agent_invocations  # Agent invocation history
-MinIO (Object Storage):
-└── artifacts/         # Generated artifact content by phase
-.orchestrator/ (DEPRECATED - do NOT read or write directly):
-└── orchestrator-index.json  # DEPRECATED: state is in PostgreSQL
-```
-**CRITICAL**: All workflow state is in PostgreSQL. All artifact content is in MinIO. Access everything through MCP tools. NEVER edit `.orchestrator/orchestrator-index.json` directly.
-## Important Notes
-1. **Always start with workflow detection** - Don't skip this step
-2. **Let agents do their work** - Don't bypass the workflow
-3. **Validate artifacts** - Use the artifact-validator skill
-4. **Check gates** - Use phase-gate-evaluator before advancing
-5. **Create checkpoints** - After each validated artifact
-6. **Consult CONSTITUTION** - For project rules and constraints
 ---
 *This project was initialized with the Orchestrator CLI.*

package/dist/templates/base/claude/hooks/dangling-workflow-guard.sh CHANGED Viewed

@@ -1,65 +1,57 @@
 #!/bin/bash
-# dangling-workflow-guard.sh — ADR-013 Core Hook
-# Trigger: Stop (session end)
-# Purpose: Before the conversation ends, check for workflows still
-#          in "in_progress" state. Warn the user and attempt to
-#          complete the workflow automatically.
+# dangling-workflow-guard.sh — ADR-013 Phase 5 Hook (JSON Structured Output)
+# Trigger: Stop
+# Purpose: Before conversation ends, check for workflows in in_progress state.
+#          Blocks stop and instructs LLM to call completeWorkflow.
 #
-# Exit 0 always (non-blocking — we don't want to prevent session exit).
+# Output: JSON with decision: "block" + reason (forces LLM to continue)
+# Exit 0 with block JSON = prevent stop
+# Check stop_hook_active to prevent infinite loops
 set -euo pipefail
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/orch-helpers.sh"
+STDIN_DATA=$(orch_read_stdin)
 orch_log "DANGLING-GUARD: Stop hook triggered"
+# Prevent infinite loops
+STOP_ACTIVE=$(orch_json_field "$STDIN_DATA" "stop_hook_active")
+if [ "$STOP_ACTIVE" = "true" ]; then
+  orch_log "DANGLING-GUARD: stop_hook_active=true, allowing stop to prevent loop"
+  exit 0
+fi
 # Find active workflow
-WORKFLOW_ID=$(orch_get_active_workflow 2>/dev/null) || {
+WORKFLOW_ID=$(orch_get_active_workflow 2>/dev/null) || WORKFLOW_ID=""
+if [ -z "$WORKFLOW_ID" ]; then
   orch_log "DANGLING-GUARD: No active workflow, clean exit"
   exit 0
-}
-orch_log "DANGLING-GUARD: Found active workflow=$WORKFLOW_ID"
+fi
 # Get workflow status
-TOKEN=$(orch_get_token 2>/dev/null) || exit 0
+TOKEN=$(orch_get_token 2>/dev/null) || TOKEN=""
+if [ -z "$TOKEN" ]; then
+  orch_log "DANGLING-GUARD: Auth failed, allowing stop"
+  exit 0
+fi
 STATUS_RESP=$(curl -sf --max-time 5 "${API_URL}/api/v1/workflows/${WORKFLOW_ID}/status" \
   -H "Authorization: Bearer $TOKEN" \
-  -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || exit 0
-CURRENT_PHASE=$(orch_json_field "$STATUS_RESP" "currentPhase")
-WF_STATUS=$(orch_json_field "$STATUS_RESP" "status")
+  -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || STATUS_RESP=""
-orch_log "DANGLING-GUARD: status=$WF_STATUS phase=$CURRENT_PHASE"
+PHASE=$(orch_json_field "$STATUS_RESP" "currentPhase")
+STATUS=$(orch_json_field "$STATUS_RESP" "status")
-if [ "$WF_STATUS" = "in_progress" ] || [ "$WF_STATUS" = "running" ]; then
-  echo ""
-  echo "[DANGLING-GUARD] WARNING: Workflow $WORKFLOW_ID is still active (status: $WF_STATUS, phase: $CURRENT_PHASE)."
+orch_log "DANGLING-GUARD: workflow=$WORKFLOW_ID status=$STATUS phase=$PHASE"
-  # If in implement phase with no pending actions, auto-complete
-  if [ "$CURRENT_PHASE" = "implement" ]; then
-    NEXT_ACTION=$(orch_get_next_action "$WORKFLOW_ID" 2>/dev/null) || exit 0
-    HAS_ACTION=$(orch_json_field "$NEXT_ACTION" "hasAction")
-    if [ "$HAS_ACTION" != "true" ]; then
-      echo "[DANGLING-GUARD] Auto-completing workflow (implement phase, no pending actions)..."
-      curl -sf --max-time 10 -X POST "${API_URL}/api/v1/workflows/${WORKFLOW_ID}/complete" \
-        -H "Content-Type: application/json" \
-        -H "Authorization: Bearer $TOKEN" \
-        -H "X-Project-ID: $PROJECT_ID" \
-        -d "{}" >> "$DEBUG_LOG" 2>&1 || true
-      echo "[DANGLING-GUARD] Workflow completed."
-      orch_log "DANGLING-GUARD: Auto-completed workflow $WORKFLOW_ID"
-    else
-      echo "[DANGLING-GUARD] Workflow has pending actions — cannot auto-complete."
-      echo "Resume this session to continue the workflow."
-    fi
-  else
-    echo "[DANGLING-GUARD] Workflow is in '$CURRENT_PHASE' phase — not auto-completing."
-    echo "Resume this session to continue the workflow."
-  fi
+if [ "$STATUS" = "in_progress" ] || [ "$STATUS" = "awaiting_agent" ] || [ "$STATUS" = "awaiting_approval" ]; then
+  orch_log "DANGLING-GUARD: BLOCK stop (workflow still active)"
+  echo "{\"decision\":\"block\",\"reason\":\"[DANGLING-GUARD] Workflow ${WORKFLOW_ID} is still ${STATUS} (phase: ${PHASE}). You must call mcp__orchestrator-extended__completeWorkflow({ workflowId: '${WORKFLOW_ID}' }) before ending the session.\"}"
+  exit 0
 fi
+orch_log "DANGLING-GUARD: Workflow completed or not active, allowing stop"
 exit 0

package/dist/templates/base/claude/hooks/gate-guardian.sh CHANGED Viewed

@@ -1,80 +1,79 @@
 #!/bin/bash
-# gate-guardian.sh — ADR-013 Core Hook
+# gate-guardian.sh — ADR-013 Phase 5 Hook (JSON Structured Output)
 # Trigger: PreToolUse on mcp__orchestrator-tools__advancePhase
-# Purpose: Before any phase advance, evaluate the gate.
-#          BLOCKS the advance if the gate fails (exit 1).
-#          Also enforces human approval for IMPLEMENT phase.
+# Purpose: Evaluate gate before phase advance. FAIL-CLOSED: blocks when uncertain.
 #
-# Exit 0 = allow advancePhase to proceed
-# Exit 1 = BLOCK advancePhase (gate failed or approval required)
+# Output: JSON with permissionDecision (deny/allow) + additionalContext
+# Exit 0 with JSON = structured decision
 set -euo pipefail
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/orch-helpers.sh"
-# Read stdin (Claude Code passes tool input JSON)
 STDIN_DATA=$(orch_read_stdin)
 orch_log "GATE-GUARDIAN: PreToolUse advancePhase triggered"
-# Extract workflowId and targetPhase from tool input
+# Extract parameters
 WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "tool_input.workflowId")
 TARGET_PHASE=$(orch_json_field "$STDIN_DATA" "tool_input.targetPhase")
-# Fallback: try without tool_input wrapper
 [ -z "$WORKFLOW_ID" ] && WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "workflowId")
 [ -z "$TARGET_PHASE" ] && TARGET_PHASE=$(orch_json_field "$STDIN_DATA" "targetPhase")
 orch_log "GATE-GUARDIAN: workflow=$WORKFLOW_ID targetPhase=$TARGET_PHASE"
-# If we can't parse the input, allow (don't break on edge cases)
+# FAIL-CLOSED: if we can't parse input, DENY
 if [ -z "$WORKFLOW_ID" ] || [ -z "$TARGET_PHASE" ]; then
-  orch_log "GATE-GUARDIAN: Could not parse input, allowing"
+  orch_log "GATE-GUARDIAN: DENY (could not parse input)"
+  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"deny","permissionDecisionReason":"Gate Guardian: Could not parse workflowId or targetPhase.","additionalContext":"Ensure you pass both workflowId and targetPhase to advancePhase."}}'
   exit 0
 fi
-# --- IMPLEMENT phase: check for human approval ---
-TARGET_LOWER=$(echo "$TARGET_PHASE" | tr '[:upper:]' '[:lower:]')
+# Get auth token — FAIL-CLOSED on auth failure
+TOKEN=$(orch_get_token 2>/dev/null) || TOKEN=""
+if [ -z "$TOKEN" ]; then
+  orch_log "GATE-GUARDIAN: DENY (auth failed)"
+  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"deny","permissionDecisionReason":"Gate Guardian: Authentication failed.","additionalContext":"Check ORCHESTRATOR_ADMIN_EMAIL, ORCHESTRATOR_ADMIN_PASSWORD, ORCHESTRATOR_PROJECT_ID env vars."}}'
+  exit 0
+fi
+# Special handling for IMPLEMENT phase: require approval
+TARGET_LOWER=$(echo "$TARGET_PHASE" | tr '[:upper:]' '[:lower:]')
 if [ "$TARGET_LOWER" = "implement" ]; then
   orch_log "GATE-GUARDIAN: Checking approval for IMPLEMENT phase"
-  # Check pending action status
-  NEXT_ACTION=$(orch_get_next_action "$WORKFLOW_ID" 2>/dev/null) || {
-    orch_log "GATE-GUARDIAN: Could not check approval, allowing"
-    exit 0
-  }
-  STATUS=$(orch_json_field "$NEXT_ACTION" "pendingAction.status")
-  if [ "$STATUS" = "awaiting_approval" ]; then
-    echo ""
-    echo "[GATE-GUARDIAN] BLOCKED: Cannot advance to IMPLEMENT without human approval."
-    echo "The workflow requires user approval before implementation begins."
-    echo "Call mcp__orchestrator-tools__approveAction({ workflowId: '$WORKFLOW_ID' }) after user approves."
-    orch_log "GATE-GUARDIAN: BLOCKED — awaiting_approval for IMPLEMENT"
-    exit 1
+  PENDING=$(curl -sf --max-time 5 "${API_URL}/api/v1/workflows/${WORKFLOW_ID}/pending-action" \
+    -H "Authorization: Bearer $TOKEN" \
+    -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || PENDING=""
+  if [ -n "$PENDING" ]; then
+    PENDING_STATUS=$(orch_json_field "$PENDING" "status")
+    if [ "$PENDING_STATUS" != "approved" ] && [ "$PENDING_STATUS" != "awaiting_agent" ]; then
+      orch_log "GATE-GUARDIAN: DENY (IMPLEMENT requires approval, status=$PENDING_STATUS)"
+      echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"deny\",\"permissionDecisionReason\":\"Gate Guardian: IMPLEMENT requires human approval. Status: ${PENDING_STATUS}.\",\"additionalContext\":\"Ask the user for approval first. Then call mcp__orchestrator-tools__approveAction.\"}}"
+      exit 0
+    fi
   fi
 fi
-# --- All phases: evaluate gate ---
-GATE_RESULT=$(orch_evaluate_gate "$WORKFLOW_ID" "$TARGET_PHASE" 2>/dev/null) || {
-  orch_log "GATE-GUARDIAN: evaluateGate call failed, allowing (API may not support this gate)"
+# Evaluate gate via API — FAIL-CLOSED on failure
+GATE_RESULT=$(orch_evaluate_gate "$WORKFLOW_ID" "$TARGET_PHASE" 2>/dev/null) || GATE_RESULT=""
+if [ -z "$GATE_RESULT" ]; then
+  orch_log "GATE-GUARDIAN: DENY (gate evaluation failed)"
+  echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"deny\",\"permissionDecisionReason\":\"Gate Guardian: Gate evaluation failed for phase '${TARGET_PHASE}'.\",\"additionalContext\":\"Required artifacts may be missing. Complete the current phase before advancing.\"}}"
   exit 0
-}
+fi
 PASSED=$(orch_json_field "$GATE_RESULT" "passed")
-if [ "$PASSED" = "false" ]; then
-  REASONS=$(orch_json_field "$GATE_RESULT" "reasons")
-  echo ""
-  echo "[GATE-GUARDIAN] BLOCKED: Gate to '$TARGET_PHASE' did not pass."
-  echo "Reasons: $REASONS"
-  echo "Fix the issues before advancing."
-  orch_log "GATE-GUARDIAN: BLOCKED — gate failed for $TARGET_PHASE: $REASONS"
-  exit 1
+if [ "$PASSED" = "true" ]; then
+  orch_log "GATE-GUARDIAN: ALLOW (gate passed for $TARGET_PHASE)"
+  echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Gate to '${TARGET_PHASE}' passed.\"}}"
+  exit 0
 fi
-orch_log "GATE-GUARDIAN: Gate to $TARGET_PHASE PASSED"
-echo "[GATE-GUARDIAN] Gate to '$TARGET_PHASE' PASSED."
+# Gate failed
+REASONS=$(orch_json_field "$GATE_RESULT" "reasons")
+orch_log "GATE-GUARDIAN: DENY (gate failed: $REASONS)"
+echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"deny\",\"permissionDecisionReason\":\"Gate Guardian: Gate to '${TARGET_PHASE}' did not pass.\",\"additionalContext\":\"Reasons: ${REASONS}. Complete current phase requirements before advancing.\"}}"
 exit 0