@orchestrator-claude/cli 3.17.0 → 3.17.1

package/dist/index.d.ts

@@ -12,5 +12,5 @@
 /**
  * CLI version
  */
-export declare const CLI_VERSION = "3.17.0";
+export declare const CLI_VERSION = "3.17.1";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.js

@@ -24,7 +24,7 @@ import { OutputFormatter } from './formatters/OutputFormatter.js';
 /**
  * CLI version
  */
-export const CLI_VERSION = '3.17.0';
+export const CLI_VERSION = '3.17.1';
 /**
  * Main CLI function
  */

package/dist/templates/base/CLAUDE.md.hbs

@@ -35,6 +35,7 @@ Workflow types: `feature_development`, `bug_fix`, `refactoring`, `emergency_debu
 |------|---------|-------------|
 | `ping-pong-enforcer` | After every Agent call | Calls `getNextAction` and injects result |
 | `gate-guardian` | Before `advancePhase` | Evaluates gate, blocks if it fails |
+| `approval-guardian` | Before `approveAction`/`completeWorkflow` | Blocks auto-approve when workflow awaiting_approval |
 | `workflow-guard` | Before Write/Edit on src/ | Blocks code writes without an active workflow |
 | `dangling-workflow-guard` | On session Stop | Warns and completes dangling workflows |
 | `session-orchestrator` | On session Start | Injects workflow status context |

package/dist/templates/base/claude/hooks/approval-guardian.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+# approval-guardian.sh — TD-128 F-09 Hook
+# Trigger: PreToolUse on mcp__orchestrator-tools__approveAction and mcp__orchestrator-extended__completeWorkflow
+# Purpose: Block auto-approve and auto-complete when workflow is awaiting_approval.
+#          Requires explicit human confirmation before proceeding.
+#
+# Output: JSON with permissionDecision (deny/allow)
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+source "$SCRIPT_DIR/orch-helpers.sh"
+
+STDIN_DATA=$(orch_read_stdin)
+TOOL_NAME=$(orch_json_field "$STDIN_DATA" "tool_name")
+orch_log "APPROVAL-GUARDIAN: PreToolUse $TOOL_NAME triggered"
+
+# Extract workflow ID from tool_input
+WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "tool_input.workflowId")
+[ -z "$WORKFLOW_ID" ] && WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "workflowId")
+
+if [ -z "$WORKFLOW_ID" ]; then
+  # No workflow ID — allow (fail-open for non-workflow calls)
+  orch_log "APPROVAL-GUARDIAN: ALLOW (no workflowId)"
+  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"No workflowId found, allowing."}}'
+  exit 0
+fi
+
+# Get auth token
+TOKEN=$(orch_get_token 2>/dev/null) || TOKEN=""
+if [ -z "$TOKEN" ]; then
+  # Can't check status — fail-open (auth issues shouldn't block workflow completion)
+  orch_log "APPROVAL-GUARDIAN: ALLOW (auth failed, fail-open)"
+  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"Auth failed, allowing."}}'
+  exit 0
+fi
+
+# Get workflow status
+STATUS=$(curl -sf --max-time 5 "${API_URL}/api/v1/workflows/${WORKFLOW_ID}" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || STATUS=""
+
+if [ -z "$STATUS" ]; then
+  orch_log "APPROVAL-GUARDIAN: ALLOW (could not fetch workflow status)"
+  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"Could not fetch workflow status, allowing."}}'
+  exit 0
+fi
+
+WORKFLOW_STATUS=$(orch_json_field "$STATUS" "status")
+orch_log "APPROVAL-GUARDIAN: workflow=$WORKFLOW_ID status=$WORKFLOW_STATUS tool=$TOOL_NAME"
+
+# Block approveAction AND completeWorkflow when awaiting_approval
+if [ "$WORKFLOW_STATUS" = "awaiting_approval" ]; then
+  orch_log "APPROVAL-GUARDIAN: DENY (workflow awaiting_approval — human confirmation required for $TOOL_NAME)"
+  echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"deny\",\"permissionDecisionReason\":\"Approval Guardian: Workflow is awaiting human approval. You MUST ask the user for explicit confirmation before calling ${TOOL_NAME}.\",\"additionalContext\":\"Present the workflow summary to the user and ask: 'Do you approve advancing to IMPLEMENT?' Wait for their response. Do NOT auto-approve or auto-complete.\"}}"
+  exit 0
+fi
+
+# All other statuses: ALLOW
+orch_log "APPROVAL-GUARDIAN: ALLOW ($TOOL_NAME, status=$WORKFLOW_STATUS)"
+echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"${TOOL_NAME} allowed (status=${WORKFLOW_STATUS}).\"}}"
+exit 0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@orchestrator-claude/cli",
-  "version": "3.17.0",
+  "version": "3.17.1",
   "description": "Orchestrator CLI - Project scaffolding, migration and management",
   "type": "module",
   "main": "dist/index.js",

package/templates/base/CLAUDE.md.hbs

@@ -35,6 +35,7 @@ Workflow types: `feature_development`, `bug_fix`, `refactoring`, `emergency_debu
 |------|---------|-------------|
 | `ping-pong-enforcer` | After every Agent call | Calls `getNextAction` and injects result |
 | `gate-guardian` | Before `advancePhase` | Evaluates gate, blocks if it fails |
+| `approval-guardian` | Before `approveAction`/`completeWorkflow` | Blocks auto-approve when workflow awaiting_approval |
 | `workflow-guard` | Before Write/Edit on src/ | Blocks code writes without an active workflow |
 | `dangling-workflow-guard` | On session Stop | Warns and completes dangling workflows |
 | `session-orchestrator` | On session Start | Injects workflow status context |

package/templates/base/claude/hooks/approval-guardian.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+# approval-guardian.sh — TD-128 F-09 Hook
+# Trigger: PreToolUse on mcp__orchestrator-tools__approveAction and mcp__orchestrator-extended__completeWorkflow
+# Purpose: Block auto-approve and auto-complete when workflow is awaiting_approval.
+#          Requires explicit human confirmation before proceeding.
+#
+# Output: JSON with permissionDecision (deny/allow)
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+source "$SCRIPT_DIR/orch-helpers.sh"
+
+STDIN_DATA=$(orch_read_stdin)
+TOOL_NAME=$(orch_json_field "$STDIN_DATA" "tool_name")
+orch_log "APPROVAL-GUARDIAN: PreToolUse $TOOL_NAME triggered"
+
+# Extract workflow ID from tool_input
+WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "tool_input.workflowId")
+[ -z "$WORKFLOW_ID" ] && WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "workflowId")
+
+if [ -z "$WORKFLOW_ID" ]; then
+  # No workflow ID — allow (fail-open for non-workflow calls)
+  orch_log "APPROVAL-GUARDIAN: ALLOW (no workflowId)"
+  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"No workflowId found, allowing."}}'
+  exit 0
+fi
+
+# Get auth token
+TOKEN=$(orch_get_token 2>/dev/null) || TOKEN=""
+if [ -z "$TOKEN" ]; then
+  # Can't check status — fail-open (auth issues shouldn't block workflow completion)
+  orch_log "APPROVAL-GUARDIAN: ALLOW (auth failed, fail-open)"
+  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"Auth failed, allowing."}}'
+  exit 0
+fi
+
+# Get workflow status
+STATUS=$(curl -sf --max-time 5 "${API_URL}/api/v1/workflows/${WORKFLOW_ID}" \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || STATUS=""
+
+if [ -z "$STATUS" ]; then
+  orch_log "APPROVAL-GUARDIAN: ALLOW (could not fetch workflow status)"
+  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"Could not fetch workflow status, allowing."}}'
+  exit 0
+fi
+
+WORKFLOW_STATUS=$(orch_json_field "$STATUS" "status")
+orch_log "APPROVAL-GUARDIAN: workflow=$WORKFLOW_ID status=$WORKFLOW_STATUS tool=$TOOL_NAME"
+
+# Block approveAction AND completeWorkflow when awaiting_approval
+if [ "$WORKFLOW_STATUS" = "awaiting_approval" ]; then
+  orch_log "APPROVAL-GUARDIAN: DENY (workflow awaiting_approval — human confirmation required for $TOOL_NAME)"
+  echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"deny\",\"permissionDecisionReason\":\"Approval Guardian: Workflow is awaiting human approval. You MUST ask the user for explicit confirmation before calling ${TOOL_NAME}.\",\"additionalContext\":\"Present the workflow summary to the user and ask: 'Do you approve advancing to IMPLEMENT?' Wait for their response. Do NOT auto-approve or auto-complete.\"}}"
+  exit 0
+fi
+
+# All other statuses: ALLOW
+orch_log "APPROVAL-GUARDIAN: ALLOW ($TOOL_NAME, status=$WORKFLOW_STATUS)"
+echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"${TOOL_NAME} allowed (status=${WORKFLOW_STATUS}).\"}}"
+exit 0