@orchestrator-claude/cli 3.12.1 → 3.12.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/index.d.ts +1 -1
  2. package/dist/index.js +1 -1
  3. package/dist/templates/base/claude/hooks/workflow-guard.sh +28 -2
  4. package/dist/templates/base/claude/settings.json +15 -13
  5. package/package.json +1 -1
  6. package/templates/base/claude/hooks/workflow-guard.sh +28 -2
  7. package/templates/base/claude/settings.json +15 -13
package/dist/index.d.ts CHANGED
@@ -12,5 +12,5 @@
12
12
  /**
13
13
  * CLI version
14
14
  */
15
- export declare const CLI_VERSION = "3.12.1";
15
+ export declare const CLI_VERSION = "3.12.3";
16
16
  //# sourceMappingURL=index.d.ts.map
package/dist/index.js CHANGED
@@ -24,7 +24,7 @@ import { OutputFormatter } from './formatters/OutputFormatter.js';
24
24
  /**
25
25
  * CLI version
26
26
  */
27
- export const CLI_VERSION = '3.12.1';
27
+ export const CLI_VERSION = '3.12.3';
28
28
  /**
29
29
  * Main CLI function
30
30
  */
package/dist/templates/base/claude/hooks/workflow-guard.sh CHANGED
@@ -20,6 +20,13 @@ FILE_PATH=$(orch_json_field "$STDIN_DATA" "tool_input.file_path")
20
20
 
21
21
  orch_log "workflow-guard: file_path=$FILE_PATH"
22
22
 
23
+ # Explicit bypass via env var (for direct implementation without dogfooding)
24
+ if [ "${SKIP_WORKFLOW_GUARD:-}" = "true" ]; then
25
+ orch_log "workflow-guard: ALLOW (SKIP_WORKFLOW_GUARD=true)"
26
+ echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"Workflow guard bypassed via SKIP_WORKFLOW_GUARD=true."}}'
27
+ exit 0
28
+ fi
29
+
23
30
  # Only guard src/ and tests/ paths (production code)
24
31
  case "$FILE_PATH" in
25
32
  */src/*|*/tests/*)
@@ -42,8 +49,27 @@ esac
42
49
  WORKFLOW_ID=$(orch_get_active_workflow 2>/dev/null) || WORKFLOW_ID=""
43
50
 
44
51
  if [ -n "$WORKFLOW_ID" ]; then
45
- orch_log "workflow-guard: ALLOW (active workflow: $WORKFLOW_ID)"
46
- echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Active workflow: ${WORKFLOW_ID}. Write allowed.\"}}"
52
+ # Check if running inside a sub-agent (agent_id present) or main agent (absent)
53
+ AGENT_ID=$(orch_json_field "$STDIN_DATA" "agent_id")
54
+
55
+ if [ -n "$AGENT_ID" ]; then
56
+ # Sub-agent writing — ALLOW
57
+ AGENT_TYPE=$(orch_json_field "$STDIN_DATA" "agent_type")
58
+ orch_log "workflow-guard: ALLOW (sub-agent: ${AGENT_TYPE:-unknown}, workflow: $WORKFLOW_ID)"
59
+ echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Active workflow: ${WORKFLOW_ID}. Sub-agent ${AGENT_TYPE:-unknown} write allowed.\"}}"
60
+ exit 0
61
+ fi
62
+
63
+ # Main agent writing directly — check if SKIP_SUBAGENT_GUARD allows it
64
+ if [ "${SKIP_SUBAGENT_GUARD:-}" = "true" ]; then
65
+ orch_log "workflow-guard: ALLOW (SKIP_SUBAGENT_GUARD=true, workflow: $WORKFLOW_ID)"
66
+ echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Active workflow: ${WORKFLOW_ID}. Direct write allowed via SKIP_SUBAGENT_GUARD.\"}}"
67
+ exit 0
68
+ fi
69
+
70
+ # Main agent writing directly — DENY, must use sub-agent
71
+ orch_log "workflow-guard: DENY (main agent direct write, no sub-agent invocation)"
72
+ echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"deny\",\"permissionDecisionReason\":\"Workflow Guard: Direct code writes are blocked. You must invoke a sub-agent (e.g. implementer) to write code. The sub-agent will have write access.\",\"additionalContext\":\"Use the Agent tool to spawn an implementer sub-agent for code changes. The workflow-guard allows writes only from sub-agents (identified by agent_id in hook input).\"}}"
47
73
  exit 0
48
74
  fi
49
75
 
package/dist/templates/base/claude/settings.json CHANGED
@@ -64,17 +64,6 @@
64
64
  }
65
65
  ],
66
66
  "PreToolUse": [
67
- {
68
- "matcher": "Task",
69
- "hooks": [
70
- {
71
- "type": "command",
72
- "command": ".claude/hooks/track-agent-invocation.sh start",
73
- "timeout": 5000,
74
- "on_failure": "ignore"
75
- }
76
- ]
77
- },
78
67
  {
79
68
  "matcher": "mcp__orchestrator-tools__advancePhase",
80
69
  "hooks": [
@@ -98,9 +87,22 @@
98
87
  ]
99
88
  }
100
89
  ],
101
- "PostToolUse": [
90
+ "SubagentStart": [
91
+ {
92
+ "matcher": "implementer|specifier|planner|task-generator|reviewer|researcher|orchestrator",
93
+ "hooks": [
94
+ {
95
+ "type": "command",
96
+ "command": ".claude/hooks/track-agent-invocation.sh start",
97
+ "timeout": 5000,
98
+ "on_failure": "ignore"
99
+ }
100
+ ]
101
+ }
102
+ ],
103
+ "SubagentStop": [
102
104
  {
103
- "matcher": "Task",
105
+ "matcher": "implementer|specifier|planner|task-generator|reviewer|researcher|orchestrator",
104
106
  "hooks": [
105
107
  {
106
108
  "type": "command",
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@orchestrator-claude/cli",
3
- "version": "3.12.1",
3
+ "version": "3.12.3",
4
4
  "description": "Orchestrator CLI - Project scaffolding, migration and management",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",
package/templates/base/claude/hooks/workflow-guard.sh CHANGED
@@ -20,6 +20,13 @@ FILE_PATH=$(orch_json_field "$STDIN_DATA" "tool_input.file_path")
20
20
 
21
21
  orch_log "workflow-guard: file_path=$FILE_PATH"
22
22
 
23
+ # Explicit bypass via env var (for direct implementation without dogfooding)
24
+ if [ "${SKIP_WORKFLOW_GUARD:-}" = "true" ]; then
25
+ orch_log "workflow-guard: ALLOW (SKIP_WORKFLOW_GUARD=true)"
26
+ echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"Workflow guard bypassed via SKIP_WORKFLOW_GUARD=true."}}'
27
+ exit 0
28
+ fi
29
+
23
30
  # Only guard src/ and tests/ paths (production code)
24
31
  case "$FILE_PATH" in
25
32
  */src/*|*/tests/*)
@@ -42,8 +49,27 @@ esac
42
49
  WORKFLOW_ID=$(orch_get_active_workflow 2>/dev/null) || WORKFLOW_ID=""
43
50
 
44
51
  if [ -n "$WORKFLOW_ID" ]; then
45
- orch_log "workflow-guard: ALLOW (active workflow: $WORKFLOW_ID)"
46
- echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Active workflow: ${WORKFLOW_ID}. Write allowed.\"}}"
52
+ # Check if running inside a sub-agent (agent_id present) or main agent (absent)
53
+ AGENT_ID=$(orch_json_field "$STDIN_DATA" "agent_id")
54
+
55
+ if [ -n "$AGENT_ID" ]; then
56
+ # Sub-agent writing — ALLOW
57
+ AGENT_TYPE=$(orch_json_field "$STDIN_DATA" "agent_type")
58
+ orch_log "workflow-guard: ALLOW (sub-agent: ${AGENT_TYPE:-unknown}, workflow: $WORKFLOW_ID)"
59
+ echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Active workflow: ${WORKFLOW_ID}. Sub-agent ${AGENT_TYPE:-unknown} write allowed.\"}}"
60
+ exit 0
61
+ fi
62
+
63
+ # Main agent writing directly — check if SKIP_SUBAGENT_GUARD allows it
64
+ if [ "${SKIP_SUBAGENT_GUARD:-}" = "true" ]; then
65
+ orch_log "workflow-guard: ALLOW (SKIP_SUBAGENT_GUARD=true, workflow: $WORKFLOW_ID)"
66
+ echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Active workflow: ${WORKFLOW_ID}. Direct write allowed via SKIP_SUBAGENT_GUARD.\"}}"
67
+ exit 0
68
+ fi
69
+
70
+ # Main agent writing directly — DENY, must use sub-agent
71
+ orch_log "workflow-guard: DENY (main agent direct write, no sub-agent invocation)"
72
+ echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"deny\",\"permissionDecisionReason\":\"Workflow Guard: Direct code writes are blocked. You must invoke a sub-agent (e.g. implementer) to write code. The sub-agent will have write access.\",\"additionalContext\":\"Use the Agent tool to spawn an implementer sub-agent for code changes. The workflow-guard allows writes only from sub-agents (identified by agent_id in hook input).\"}}"
47
73
  exit 0
48
74
  fi
49
75
 
package/templates/base/claude/settings.json CHANGED
@@ -64,17 +64,6 @@
64
64
  }
65
65
  ],
66
66
  "PreToolUse": [
67
- {
68
- "matcher": "Task",
69
- "hooks": [
70
- {
71
- "type": "command",
72
- "command": ".claude/hooks/track-agent-invocation.sh start",
73
- "timeout": 5000,
74
- "on_failure": "ignore"
75
- }
76
- ]
77
- },
78
67
  {
79
68
  "matcher": "mcp__orchestrator-tools__advancePhase",
80
69
  "hooks": [
@@ -98,9 +87,22 @@
98
87
  ]
99
88
  }
100
89
  ],
101
- "PostToolUse": [
90
+ "SubagentStart": [
91
+ {
92
+ "matcher": "implementer|specifier|planner|task-generator|reviewer|researcher|orchestrator",
93
+ "hooks": [
94
+ {
95
+ "type": "command",
96
+ "command": ".claude/hooks/track-agent-invocation.sh start",
97
+ "timeout": 5000,
98
+ "on_failure": "ignore"
99
+ }
100
+ ]
101
+ }
102
+ ],
103
+ "SubagentStop": [
102
104
  {
103
- "matcher": "Task",
105
+ "matcher": "implementer|specifier|planner|task-generator|reviewer|researcher|orchestrator",
104
106
  "hooks": [
105
107
  {
106
108
  "type": "command",