@orchestrator-claude/cli 3.17.1 → 3.19.0

package/templates/base/claude/settings.json

@@ -39,11 +39,11 @@
   "hooks": {
     "SessionStart": [
       {
-        "matcher": "startup",
+        "matcher": "startup|resume",
         "hooks": [
           {
             "type": "command",
-            "command": ".claude/hooks/session-orchestrator.sh",
+            "command": "npx tsx .claude/hooks/session-start.ts",
             "timeout": 10000,
             "on_failure": "ignore"
           }
@@ -56,7 +56,7 @@
         "hooks": [
           {
             "type": "command",
-            "command": ".claude/hooks/prompt-orchestrator.sh",
+            "command": "npx tsx .claude/hooks/user-prompt.ts",
             "timeout": 10000,
             "on_failure": "ignore"
           }
@@ -69,7 +69,7 @@
         "hooks": [
           {
             "type": "command",
-            "command": ".claude/hooks/gate-guardian.sh",
+            "command": "npx tsx .claude/hooks/gate-guardian.ts",
             "timeout": 15000,
             "on_failure": "warn"
           }
@@ -80,7 +80,7 @@
         "hooks": [
           {
             "type": "command",
-            "command": ".claude/hooks/workflow-guard.sh",
+            "command": "npx tsx .claude/hooks/workflow-guard.ts",
             "timeout": 10000,
             "on_failure": "warn"
           }
@@ -89,12 +89,12 @@
     ],
     "SubagentStart": [
       {
-        "matcher": "implementer|specifier|planner|task-generator|reviewer|researcher|orchestrator",
+        "matcher": "implementer|specifier|planner|task-generator|reviewer|researcher",
         "hooks": [
           {
             "type": "command",
-            "command": ".claude/hooks/track-agent-invocation.sh start",
-            "timeout": 5000,
+            "command": "npx tsx .claude/hooks/subagent-start.ts",
+            "timeout": 10000,
             "on_failure": "ignore"
           }
         ]
@@ -102,37 +102,38 @@
     ],
     "SubagentStop": [
       {
-        "matcher": "implementer|specifier|planner|task-generator|reviewer|researcher|orchestrator",
+        "matcher": "implementer|specifier|planner|task-generator|reviewer|researcher",
         "hooks": [
           {
             "type": "command",
-            "command": ".claude/hooks/track-agent-invocation.sh complete",
-            "timeout": 5000,
+            "command": "npx tsx .claude/hooks/subagent-stop.ts",
+            "timeout": 30000,
             "on_failure": "ignore"
-          },
+          }
+        ]
+      }
+    ],
+    "Stop": [
+      {
+        "matcher": "",
+        "hooks": [
           {
             "type": "command",
-            "command": ".claude/hooks/ping-pong-enforcer.sh",
+            "command": "npx tsx .claude/hooks/dangling-guard.ts",
             "timeout": 15000,
-            "on_failure": "warn"
-          },
-          {
-            "type": "command",
-            "command": ".claude/hooks/post-phase-checkpoint.sh",
-            "timeout": 30000,
             "on_failure": "ignore"
           }
         ]
       }
     ],
-    "Stop": [
+    "PostCompact": [
       {
         "matcher": "",
         "hooks": [
           {
             "type": "command",
-            "command": ".claude/hooks/dangling-workflow-guard.sh",
-            "timeout": 15000,
+            "command": "npx tsx .claude/hooks/post-compact.ts",
+            "timeout": 5000,
             "on_failure": "ignore"
           }
         ]

package/templates/base/claude/skills/orchestrator/SKILL.md

@@ -0,0 +1,108 @@
+---
+name: orchestrator
+description: Workflow coordination — phase dispatch, sub-agent management, gate checks. Use when starting features/bugs/refactoring, or when the user invokes /orchestrator. The session greeting is handled by CLAUDE.md Rule #1 + hook data, NOT by this skill.
+---
+
+# Skill: /orchestrator
+
+You are the **workflow orchestrator**. The main conversation coordinates all phases directly — no orchestrator sub-agent needed. Sub-agents (specifier, planner, implementer, etc.) are dispatched via the Agent tool from this conversation.
+
+**Note:** The session greeting (AskUserQuestion on start) is handled by CLAUDE.md Rule #1 using hook-injected data. This skill is loaded only when the user chooses to start or continue a workflow.
+
+## Step 1: Start Workflow
+
+```
+mcp__orchestrator-tools__detectWorkflow({ prompt: "user's request" })
+mcp__orchestrator-tools__startWorkflow({ type: "feature_development|bug_fix|refactoring", prompt: "..." })
+```
+
+Workflow types: `feature_development`, `bug_fix`, `refactoring`, `emergency_debug`
+
+## Step 4: Phase Dispatch Loop
+
+For each phase in the workflow, follow this cycle:
+
+### 4a. Dispatch Phase Sub-Agent
+
+| Phase | Agent | What it produces |
+|-------|-------|-----------------|
+| research | researcher | Research findings |
+| specify | specifier | spec.md → artifactStore |
+| plan | planner | plan.md → artifactStore |
+| tasks | task-generator | tasks.md → artifactStore |
+| implement | implementer | Code + tests |
+| review | reviewer | Review feedback |
+
+Dispatch the appropriate sub-agent:
+
+```
+Agent(subagent_type: "{phase_agent}", prompt: "
+  [Workflow] Type: {type}, Phase: {phase}, Project: {projectId}
+  [Previous artifact] {summary of previous phase artifact, if any}
+  [Task] {phase-specific instructions from user's original request}
+")
+```
+
+**Critical:** Sub-agents MUST use `artifactStore` to persist artifacts to MinIO. Include this instruction in every sub-agent prompt:
+> Store your output artifact via mcp__orchestrator-extended__artifactStore with workflowId, type (spec|plan|tasks), and content.
+
+### 4b. Gate Check via AskUserQuestion
+
+After each sub-agent completes, present the artifact summary and ask for approval:
+
+```
+AskUserQuestion({
+  question: "Phase '{phase}' complete.\n\n{artifact_summary}\n\nApprove to proceed to next phase?",
+  options: ["Approve", "Request changes", "Abort workflow"]
+})
+```
+
+- **Approve**: Call `advancePhase` and dispatch next phase agent
+- **Request changes**: Re-dispatch the same sub-agent with feedback
+- **Abort**: Call `completeWorkflow` with cancelled status
+
+### 4c. Advance Phase
+
+```
+mcp__orchestrator-tools__advancePhase({ workflowId: "..." })
+```
+
+Then loop back to 4a for the next phase.
+
+## Step 5: Complete Workflow
+
+After all phases are done:
+
+```
+ToolSearch("select:mcp__orchestrator-extended__completeWorkflow")
+mcp__orchestrator-extended__completeWorkflow({ workflowId: "..." })
+```
+
+Summarize what was accomplished and any follow-up items.
+
+## Rules
+
+1. **YOU are the orchestrator** — dispatch sub-agents via Agent tool, do NOT invoke Agent(subagent_type: "orchestrator")
+2. **Every gate uses AskUserQuestion** — NEVER auto-approve phase transitions
+3. **Artifacts go to MinIO** — sub-agents MUST call artifactStore
+4. **MCP tools are deferred** — call ToolSearch before first use of any mcp__* tool
+5. **Keep sub-agent prompts focused** — include workflow context + previous artifact summary + task description
+6. **Summarize, don't dump** — when presenting gate checks, show a concise summary of the artifact, not the full content
+
+## Phase-Specific Skills
+
+Load these skills for phase-specific guidance when needed:
+
+| Skill | When |
+|-------|------|
+| `/artifact-production` | Before dispatching specify/plan/tasks agents |
+| `/tdd-discipline` | Before dispatching implementer |
+| `/project-conventions` | Before any implementation work |
+| `/checkpoint-protocol` | After completing task groups |
+
+## Error Recovery
+
+- **Sub-agent fails**: Read the error, fix the issue, re-dispatch
+- **MCP tool not found**: Call ToolSearch to load the schema, then retry
+- **Workflow stuck**: Call `getStatus` to diagnose, present options to user via AskUserQuestion
+- **Context getting large**: Sub-agents handle heavy work; main conversation stays lean with summaries

package/dist/templates/base/claude/hooks/approval-guardian.sh

@@ -1,62 +0,0 @@
-#!/bin/bash
-# approval-guardian.sh — TD-128 F-09 Hook
-# Trigger: PreToolUse on mcp__orchestrator-tools__approveAction and mcp__orchestrator-extended__completeWorkflow
-# Purpose: Block auto-approve and auto-complete when workflow is awaiting_approval.
-#          Requires explicit human confirmation before proceeding.
-#
-# Output: JSON with permissionDecision (deny/allow)
-
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-source "$SCRIPT_DIR/orch-helpers.sh"
-
-STDIN_DATA=$(orch_read_stdin)
-TOOL_NAME=$(orch_json_field "$STDIN_DATA" "tool_name")
-orch_log "APPROVAL-GUARDIAN: PreToolUse $TOOL_NAME triggered"
-
-# Extract workflow ID from tool_input
-WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "tool_input.workflowId")
-[ -z "$WORKFLOW_ID" ] && WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "workflowId")
-
-if [ -z "$WORKFLOW_ID" ]; then
-  # No workflow ID — allow (fail-open for non-workflow calls)
-  orch_log "APPROVAL-GUARDIAN: ALLOW (no workflowId)"
-  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"No workflowId found, allowing."}}'
-  exit 0
-fi
-
-# Get auth token
-TOKEN=$(orch_get_token 2>/dev/null) || TOKEN=""
-if [ -z "$TOKEN" ]; then
-  # Can't check status — fail-open (auth issues shouldn't block workflow completion)
-  orch_log "APPROVAL-GUARDIAN: ALLOW (auth failed, fail-open)"
-  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"Auth failed, allowing."}}'
-  exit 0
-fi
-
-# Get workflow status
-STATUS=$(curl -sf --max-time 5 "${API_URL}/api/v1/workflows/${WORKFLOW_ID}" \
-  -H "Authorization: Bearer $TOKEN" \
-  -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || STATUS=""
-
-if [ -z "$STATUS" ]; then
-  orch_log "APPROVAL-GUARDIAN: ALLOW (could not fetch workflow status)"
-  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow","additionalContext":"Could not fetch workflow status, allowing."}}'
-  exit 0
-fi
-
-WORKFLOW_STATUS=$(orch_json_field "$STATUS" "status")
-orch_log "APPROVAL-GUARDIAN: workflow=$WORKFLOW_ID status=$WORKFLOW_STATUS tool=$TOOL_NAME"
-
-# Block approveAction AND completeWorkflow when awaiting_approval
-if [ "$WORKFLOW_STATUS" = "awaiting_approval" ]; then
-  orch_log "APPROVAL-GUARDIAN: DENY (workflow awaiting_approval — human confirmation required for $TOOL_NAME)"
-  echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"deny\",\"permissionDecisionReason\":\"Approval Guardian: Workflow is awaiting human approval. You MUST ask the user for explicit confirmation before calling ${TOOL_NAME}.\",\"additionalContext\":\"Present the workflow summary to the user and ask: 'Do you approve advancing to IMPLEMENT?' Wait for their response. Do NOT auto-approve or auto-complete.\"}}"
-  exit 0
-fi
-
-# All other statuses: ALLOW
-orch_log "APPROVAL-GUARDIAN: ALLOW ($TOOL_NAME, status=$WORKFLOW_STATUS)"
-echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"${TOOL_NAME} allowed (status=${WORKFLOW_STATUS}).\"}}"
-exit 0

package/dist/templates/base/claude/hooks/dangling-workflow-guard.sh

@@ -1,57 +0,0 @@
-#!/bin/bash
-# dangling-workflow-guard.sh — ADR-013 Phase 5 Hook (JSON Structured Output)
-# Trigger: Stop
-# Purpose: Before conversation ends, check for workflows in in_progress state.
-#          Blocks stop and instructs LLM to call completeWorkflow.
-#
-# Output: JSON with decision: "block" + reason (forces LLM to continue)
-# Exit 0 with block JSON = prevent stop
-# Check stop_hook_active to prevent infinite loops
-
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-source "$SCRIPT_DIR/orch-helpers.sh"
-
-STDIN_DATA=$(orch_read_stdin)
-orch_log "DANGLING-GUARD: Stop hook triggered"
-
-# Prevent infinite loops
-STOP_ACTIVE=$(orch_json_field "$STDIN_DATA" "stop_hook_active")
-if [ "$STOP_ACTIVE" = "true" ]; then
-  orch_log "DANGLING-GUARD: stop_hook_active=true, allowing stop to prevent loop"
-  exit 0
-fi
-
-# Find active workflow
-WORKFLOW_ID=$(orch_get_active_workflow 2>/dev/null) || WORKFLOW_ID=""
-
-if [ -z "$WORKFLOW_ID" ]; then
-  orch_log "DANGLING-GUARD: No active workflow, clean exit"
-  exit 0
-fi
-
-# Get workflow status
-TOKEN=$(orch_get_token 2>/dev/null) || TOKEN=""
-if [ -z "$TOKEN" ]; then
-  orch_log "DANGLING-GUARD: Auth failed, allowing stop"
-  exit 0
-fi
-
-STATUS_RESP=$(curl -sf --max-time 5 "${API_URL}/api/v1/workflows/${WORKFLOW_ID}/status" \
-  -H "Authorization: Bearer $TOKEN" \
-  -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || STATUS_RESP=""
-
-PHASE=$(orch_json_field "$STATUS_RESP" "currentPhase")
-STATUS=$(orch_json_field "$STATUS_RESP" "status")
-
-orch_log "DANGLING-GUARD: workflow=$WORKFLOW_ID status=$STATUS phase=$PHASE"
-
-if [ "$STATUS" = "in_progress" ] || [ "$STATUS" = "awaiting_agent" ] || [ "$STATUS" = "awaiting_approval" ]; then
-  orch_log "DANGLING-GUARD: BLOCK stop (workflow still active)"
-  echo "{\"decision\":\"block\",\"reason\":\"[DANGLING-GUARD] Workflow ${WORKFLOW_ID} is still ${STATUS} (phase: ${PHASE}). You must call mcp__orchestrator-extended__completeWorkflow({ workflowId: '${WORKFLOW_ID}' }) before ending the session.\"}"
-  exit 0
-fi
-
-orch_log "DANGLING-GUARD: Workflow completed or not active, allowing stop"
-exit 0

package/dist/templates/base/claude/hooks/gate-guardian.sh

@@ -1,84 +0,0 @@
-#!/bin/bash
-# gate-guardian.sh — ADR-013 Phase 5 Hook (JSON Structured Output)
-# Trigger: PreToolUse on mcp__orchestrator-tools__advancePhase
-# Purpose: Guard IMPLEMENT phase advance (requires human approval). ALLOWs all other phases.
-# Note: POST /gate/evaluate endpoint removed (TD-127). Phase transitions are now handled
-# atomically by setPendingAction() via the ping-pong-enforcer hook.
-#
-# Output: JSON with permissionDecision (deny/allow) + additionalContext
-# Exit 0 with JSON = structured decision
-
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-source "$SCRIPT_DIR/orch-helpers.sh"
-
-STDIN_DATA=$(orch_read_stdin)
-orch_log "GATE-GUARDIAN: PreToolUse advancePhase triggered"
-
-# Extract parameters
-WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "tool_input.workflowId")
-TARGET_PHASE=$(orch_json_field "$STDIN_DATA" "tool_input.targetPhase")
-[ -z "$WORKFLOW_ID" ] && WORKFLOW_ID=$(orch_json_field "$STDIN_DATA" "workflowId")
-[ -z "$TARGET_PHASE" ] && TARGET_PHASE=$(orch_json_field "$STDIN_DATA" "targetPhase")
-
-orch_log "GATE-GUARDIAN: workflow=$WORKFLOW_ID targetPhase=$TARGET_PHASE"
-
-# ADR-013 Phase 6: Check workflow mode before gate evaluation
-# quick and interactive modes skip gate evaluation entirely
-if [ -n "$WORKFLOW_ID" ]; then
-  MODE=$(orch_get_workflow_mode "$WORKFLOW_ID" 2>/dev/null) || MODE=""
-  orch_log "GATE-GUARDIAN: workflow=$WORKFLOW_ID mode=${MODE:-legacy}"
-
-  if [ "$MODE" = "quick" ]; then
-    orch_log "GATE-GUARDIAN: ALLOW (quick mode skips gate evaluation)"
-    echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Gate to '${TARGET_PHASE}' allowed: quick mode skips gate evaluation.\"}}"
-    exit 0
-  fi
-
-  if [ "$MODE" = "interactive" ]; then
-    orch_log "GATE-GUARDIAN: ALLOW (interactive mode skips gate evaluation, artifact gates not required)"
-    echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Gate to '${TARGET_PHASE}' allowed: interactive mode skips artifact gate evaluation.\"}}"
-    exit 0
-  fi
-fi
-
-# FAIL-CLOSED: if we can't parse input, DENY
-if [ -z "$WORKFLOW_ID" ] || [ -z "$TARGET_PHASE" ]; then
-  orch_log "GATE-GUARDIAN: DENY (could not parse input)"
-  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"deny","permissionDecisionReason":"Gate Guardian: Could not parse workflowId or targetPhase.","additionalContext":"Ensure you pass both workflowId and targetPhase to advancePhase."}}'
-  exit 0
-fi
-
-# Get auth token — FAIL-CLOSED on auth failure
-TOKEN=$(orch_get_token 2>/dev/null) || TOKEN=""
-if [ -z "$TOKEN" ]; then
-  orch_log "GATE-GUARDIAN: DENY (auth failed)"
-  echo '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"deny","permissionDecisionReason":"Gate Guardian: Authentication failed.","additionalContext":"Check ORCHESTRATOR_ADMIN_EMAIL, ORCHESTRATOR_ADMIN_PASSWORD, ORCHESTRATOR_PROJECT_ID env vars."}}'
-  exit 0
-fi
-
-# Special handling for IMPLEMENT phase: require approval
-TARGET_LOWER=$(echo "$TARGET_PHASE" | tr '[:upper:]' '[:lower:]')
-if [ "$TARGET_LOWER" = "implement" ]; then
-  orch_log "GATE-GUARDIAN: Checking approval for IMPLEMENT phase"
-
-  PENDING=$(curl -sf --max-time 5 "${API_URL}/api/v1/workflows/${WORKFLOW_ID}/pending-action" \
-    -H "Authorization: Bearer $TOKEN" \
-    -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || PENDING=""
-
-  if [ -n "$PENDING" ]; then
-    PENDING_STATUS=$(orch_json_field "$PENDING" "status")
-    if [ "$PENDING_STATUS" != "approved" ] && [ "$PENDING_STATUS" != "awaiting_agent" ]; then
-      orch_log "GATE-GUARDIAN: DENY (IMPLEMENT requires approval, status=$PENDING_STATUS)"
-      echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"deny\",\"permissionDecisionReason\":\"Gate Guardian: IMPLEMENT requires human approval. Status: ${PENDING_STATUS}.\",\"additionalContext\":\"Ask the user for approval first. Then call mcp__orchestrator-tools__approveAction.\"}}"
-      exit 0
-    fi
-  fi
-fi
-
-# Non-IMPLEMENT phases: ALLOW directly.
-# Phase transitions are handled atomically by setPendingAction() via ping-pong-enforcer.
-orch_log "GATE-GUARDIAN: ALLOW (non-IMPLEMENT phase, no gate evaluation required)"
-echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PreToolUse\",\"permissionDecision\":\"allow\",\"additionalContext\":\"Gate to '${TARGET_PHASE}' allowed.\"}}"
-exit 0

package/dist/templates/base/claude/hooks/orch-helpers.sh

@@ -1,135 +0,0 @@
-#!/bin/bash
-# orch-helpers.sh — Shared helper functions for Orchestrator hooks
-# ADR-013: Deterministic Orchestration
-# Sourced by all hooks. NOT called directly.
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
-STATE_DIR="$PROJECT_ROOT/.orchestrator/.state"
-DEBUG_LOG="$STATE_DIR/hook-debug.log"
-
-# API Configuration (from .env or defaults)
-API_URL="${ORCHESTRATOR_API_URL:-http://localhost:3001}"
-AUTH_EMAIL="${ORCHESTRATOR_ADMIN_EMAIL:-${ORCHESTRATOR_AUTH_EMAIL:-admin@orchestrator.local}}"
-AUTH_PASSWORD="${ORCHESTRATOR_ADMIN_PASSWORD:-${ORCHESTRATOR_AUTH_PASSWORD:-admin123}}"
-PROJECT_ID="${ORCHESTRATOR_PROJECT_ID}"
-
-mkdir -p "$STATE_DIR"
-
-orch_log() {
-  echo "[$(date -u +%Y-%m-%dT%H:%M:%SZ)] $*" >> "$DEBUG_LOG" 2>/dev/null || true
-}
-
-# Read stdin (Claude Code passes JSON via stdin)
-orch_read_stdin() {
-  if [ ! -t 0 ]; then
-    cat
-  else
-    echo ""
-  fi
-}
-
-# Get cached JWT token (login if expired)
-orch_get_token() {
-  local cached="$STATE_DIR/jwt-token"
-  if [ -f "$cached" ]; then
-    local age
-    age=$(( $(date +%s) - $(stat -c%Y "$cached" 2>/dev/null || stat -f%m "$cached" 2>/dev/null || echo 0) ))
-    if [ "$age" -lt 3500 ]; then
-      cat "$cached"
-      return
-    fi
-  fi
-
-  [ -z "$PROJECT_ID" ] && return 1
-
-  local resp
-  resp=$(curl -sf --max-time 5 -X POST "${API_URL}/api/v1/auth/login" \
-    -H "Content-Type: application/json" \
-    -H "X-Project-ID: $PROJECT_ID" \
-    -d "{\"email\":\"${AUTH_EMAIL}\",\"password\":\"${AUTH_PASSWORD}\"}" 2>/dev/null) || return 1
-
-  local token
-  token=$(echo "$resp" | node -e "let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>{try{const j=JSON.parse(d);console.log(j.accessToken||j.data?.accessToken||'')}catch{console.log('')}})" 2>/dev/null)
-
-  if [ -n "$token" ] && [ "$token" != "" ]; then
-    echo "$token" > "$cached"
-    echo "$token"
-  else
-    return 1
-  fi
-}
-
-# Get the active (non-terminal) workflow ID
-# Checks in_progress, awaiting_agent, and awaiting_approval statuses
-orch_get_active_workflow() {
-  local token
-  token=$(orch_get_token) || return 1
-
-  local status id
-  for status in in_progress awaiting_agent awaiting_approval; do
-    local resp
-    resp=$(curl -sf --max-time 3 "${API_URL}/api/v1/workflows?status=${status}&limit=1" \
-      -H "Authorization: Bearer $token" \
-      -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || continue
-
-    id=$(echo "$resp" | node -e "
-      let d='';
-      process.stdin.on('data',c=>d+=c);
-      process.stdin.on('end',()=>{
-        try {
-          const j=JSON.parse(d);
-          const wfs=j.data||j;
-          const wf=Array.isArray(wfs)?wfs[0]:wfs;
-          const id=wf?.id||'';
-          if(id) console.log(id); else process.exit(1);
-        } catch { process.exit(1); }
-      });" 2>/dev/null) && [ -n "$id" ] && echo "$id" && return 0
-  done
-  return 1
-}
-
-# Call getNextAction for a workflow
-orch_get_next_action() {
-  local workflow_id="$1"
-  local token
-  token=$(orch_get_token) || return 1
-
-  curl -sf --max-time 5 "${API_URL}/api/v1/workflows/${workflow_id}/pending-action" \
-    -H "Authorization: Bearer $token" \
-    -H "X-Project-ID: $PROJECT_ID" 2>/dev/null
-}
-
-# ADR-013 Phase 6: Get the mode of a workflow (quick/standard/full/interactive)
-# Returns the mode string, or empty string for legacy workflows (mode=null)
-# Returns exit code 1 on network/auth error
-orch_get_workflow_mode() {
-  local workflow_id="$1"
-  local token
-  token=$(orch_get_token) || return 1
-
-  local resp
-  resp=$(curl -sf --max-time 3 "${API_URL}/api/v1/workflows/${workflow_id}/status" \
-    -H "Authorization: Bearer $token" \
-    -H "X-Project-ID: $PROJECT_ID" 2>/dev/null) || return 1
-
-  orch_json_field "$resp" "mode"
-}
-
-# Extract a field from JSON string using node
-orch_json_field() {
-  local json="$1"
-  local field="$2"
-  echo "$json" | node -e "
-    let d='';
-    process.stdin.on('data',c=>d+=c);
-    process.stdin.on('end',()=>{
-      try {
-        const j=JSON.parse(d);
-        const parts='${field}'.split('.');
-        let v=j;
-        for(const p of parts) v=v?.[p];
-        console.log(v||'');
-      } catch { console.log(''); }
-    });" 2>/dev/null
-}

package/dist/templates/base/claude/hooks/ping-pong-enforcer.sh

@@ -1,58 +0,0 @@
-#!/bin/bash
-# ping-pong-enforcer.sh — ADR-013 Phase 5 Hook (JSON Structured Output)
-# Trigger: PostToolUse on Task (Agent tool)
-# Purpose: After ANY sub-agent returns, call getNextAction and inject
-#          the result as additionalContext into the main conversation.
-#
-# Output: JSON with additionalContext containing next action instructions
-
-set -euo pipefail
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-source "$SCRIPT_DIR/orch-helpers.sh"
-
-orch_log "PING-PONG: PostToolUse Agent triggered"
-
-# Find active workflow
-WORKFLOW_ID=$(orch_get_active_workflow 2>/dev/null) || WORKFLOW_ID=""
-
-if [ -z "$WORKFLOW_ID" ]; then
-  orch_log "PING-PONG: No active workflow, skipping"
-  exit 0
-fi
-
-orch_log "PING-PONG: Active workflow=$WORKFLOW_ID"
-
-# Call getNextAction
-NEXT_ACTION=$(orch_get_next_action "$WORKFLOW_ID" 2>/dev/null) || NEXT_ACTION=""
-
-if [ -z "$NEXT_ACTION" ]; then
-  orch_log "PING-PONG: getNextAction failed or empty"
-  echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PostToolUse\",\"additionalContext\":\"[PING-PONG] Workflow ${WORKFLOW_ID} is active but getNextAction returned empty. Check workflow status with mcp__orchestrator-tools__getStatus.\"}}"
-  exit 0
-fi
-
-# Extract key fields for the context message
-HAS_ACTION=$(orch_json_field "$NEXT_ACTION" "hasAction")
-AGENT=$(orch_json_field "$NEXT_ACTION" "pendingAction.agent")
-STATUS=$(orch_json_field "$NEXT_ACTION" "pendingAction.status")
-PROMPT=$(orch_json_field "$NEXT_ACTION" "pendingAction.prompt")
-
-orch_log "PING-PONG: hasAction=$HAS_ACTION agent=$AGENT status=$STATUS"
-
-if [ "$HAS_ACTION" = "true" ]; then
-  if [ "$STATUS" = "awaiting_agent" ]; then
-    CONTEXT="[PING-PONG] Next action for workflow ${WORKFLOW_ID}: Invoke agent '${AGENT}' via Agent tool. Status: awaiting_agent."
-    [ -n "$PROMPT" ] && CONTEXT="${CONTEXT} Prompt: ${PROMPT}"
-  elif [ "$STATUS" = "awaiting_approval" ]; then
-    CONTEXT="[PING-PONG] Workflow ${WORKFLOW_ID} requires human approval before continuing. Ask the user to approve, then call mcp__orchestrator-tools__approveAction."
-  else
-    CONTEXT="[PING-PONG] Workflow ${WORKFLOW_ID} pending action: agent=${AGENT}, status=${STATUS}."
-  fi
-else
-  CONTEXT="[PING-PONG] No pending actions for workflow ${WORKFLOW_ID}. If current phase is implement, call mcp__orchestrator-extended__completeWorkflow to finalize."
-fi
-
-# Output structured JSON
-echo "{\"hookSpecificOutput\":{\"hookEventName\":\"PostToolUse\",\"additionalContext\":$(echo "$CONTEXT" | node -e "let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.stringify(d)))" 2>/dev/null)}}"
-exit 0