@paths.design/caws-cli 11.1.6 → 11.1.8

package/templates/hook-packs/claude-code/agent-register.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+# CAWS-MANAGED-HOOK
+# hook_pack: claude-code
+# hook_pack_version: 11
+# caws_min_major: 11
+# lineage_refs: 19
+# do_not_edit_directly: update via `caws init --agent-surface claude-code`
+#
+# SessionStart handler — agent self-registration into the .caws/leases/
+# liveness substrate (MULTI-AGENT-ACTIVITY-REGISTRY-001).
+#
+# Sourcing: invoked by dispatch/session_start.sh after parse-input.sh has
+# populated HOOK_SESSION_ID. Reads HOOK_INPUT_JSON from stdin (unused for
+# this handler beyond the parse-input contract).
+#
+# Behavior:
+#   - Refuses to run when HOOK_SESSION_ID is empty or "unknown" (the
+#     parse-input.sh fallback). A lease whose filename is "unknown.json"
+#     would collide across every session that hits the same fallback.
+#   - Invokes `caws agents register --session-id <id> --platform claude-code
+#     --reason session_start` to write the lease through the CLI.
+#   - Non-blocking. Any failure of the CLI surfaces as stderr only;
+#     SessionStart never fails on hook errors.
+#
+# IO boundary: this script is the only place that knows about Claude Code's
+# SessionStart payload. The CLI receives explicit flags and returns
+# CAWS-native JSON. The hook script does not produce additionalContext
+# at SessionStart — the parallel-agent surfacing happens at PreToolUse
+# via agent-heartbeat.sh.
+
+set -uo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+# shellcheck source=lib/parse-input.sh
+source "$SCRIPT_DIR/lib/parse-input.sh" 2>/dev/null || exit 0
+parse_hook_input || exit 0
+
+# Refuse on empty/unknown session id. Writing a lease at "unknown.json"
+# would collide across every session that hits the parse-input fallback.
+if [[ -z "${HOOK_SESSION_ID:-}" || "$HOOK_SESSION_ID" == "unknown" ]]; then
+  exit 0
+fi
+
+# Locate caws binary. Prefer a project-local install (consistent with the
+# repo's installed CLI version); fall back to PATH.
+CAWS_BIN="${CAWS_BIN:-caws}"
+if ! command -v "$CAWS_BIN" >/dev/null 2>&1; then
+  # No CAWS binary on PATH — silent skip. Liveness is best-effort.
+  exit 0
+fi
+
+# Invoke register. Send stderr to a buffer; we may want to attribute it
+# in dispatcher output (prefixed by run-handlers).
+"$CAWS_BIN" agents register \
+  --session-id "$HOOK_SESSION_ID" \
+  --platform claude-code \
+  --reason session_start \
+  >/dev/null 2>&1 || true
+
+# Never block SessionStart.
+exit 0

package/templates/hook-packs/claude-code/agent-stop.sh

@@ -0,0 +1,51 @@
+#!/bin/bash
+# CAWS-MANAGED-HOOK
+# hook_pack: claude-code
+# hook_pack_version: 11
+# caws_min_major: 11
+# lineage_refs: 19
+# do_not_edit_directly: update via `caws init --agent-surface claude-code`
+#
+# Stop handler — marks the current session's lease as stopped on clean
+# session exit (MULTI-AGENT-ACTIVITY-REGISTRY-001).
+#
+# Sourcing: invoked by dispatch/stop.sh after parse-input.sh has populated
+# HOOK_SESSION_ID.
+#
+# Behavior:
+#   - Refuses on empty/unknown HOOK_SESSION_ID.
+#   - Invokes `caws agents stop --session-id <id> --platform claude-code`
+#     which writes a mark_stopped LeasePatch (status: stopped, stopped_at
+#     timestamp). The lease file is preserved as evidence; hard deletion
+#     happens only via explicit `caws agents prune`.
+#   - Non-blocking. Stop semantics already require all handlers to be
+#     best-effort; a Stop failure is a warn, not a block.
+#
+# Note: Stop is NOT a guaranteed signal. A SIGKILL'd or crashed Claude
+# Code session never reaches Stop. The primary liveness mechanism is
+# heartbeat — Stop is the clean-exit optimization that lets observers
+# distinguish "stopped cleanly" from "went stale and is presumed dead."
+
+set -uo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+# shellcheck source=lib/parse-input.sh
+source "$SCRIPT_DIR/lib/parse-input.sh" 2>/dev/null || exit 0
+parse_hook_input || exit 0
+
+if [[ -z "${HOOK_SESSION_ID:-}" || "$HOOK_SESSION_ID" == "unknown" ]]; then
+  exit 0
+fi
+
+CAWS_BIN="${CAWS_BIN:-caws}"
+if ! command -v "$CAWS_BIN" >/dev/null 2>&1; then
+  exit 0
+fi
+
+"$CAWS_BIN" agents stop \
+  --session-id "$HOOK_SESSION_ID" \
+  --platform claude-code \
+  >/dev/null 2>&1 || true
+
+exit 0

package/templates/hook-packs/claude-code/audit.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 # CAWS-MANAGED-HOOK
 # hook_pack: claude-code
-# hook_pack_version: 2
+# hook_pack_version: 11
 # caws_min_major: 11
 # lineage_refs: 9
 # do_not_edit_directly: update via `caws init --agent-surface claude-code`

package/templates/hook-packs/claude-code/block-dangerous.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 # CAWS-MANAGED-HOOK
 # hook_pack: claude-code
-# hook_pack_version: 2
+# hook_pack_version: 11
 # caws_min_major: 11
 # lineage_refs: 1,17
 # do_not_edit_directly: update via `caws init --agent-surface claude-code`

package/templates/hook-packs/claude-code/classify_command.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # CAWS-MANAGED-HOOK
 # hook_pack: claude-code
-# hook_pack_version: 2
+# hook_pack_version: 11
 # caws_min_major: 11
 # lineage_refs: 1,17
 # do_not_edit_directly: update via `caws init --agent-surface claude-code`

package/templates/hook-packs/claude-code/cwd-guard.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+# CAWS-MANAGED-HOOK
+# hook_pack: claude-code
+# hook_pack_version: 11
+# caws_min_major: 11
+# lineage_refs: 22
+# do_not_edit_directly: update via `caws init --agent-surface claude-code`
+#
+# CWD Guard — prevents session crash when working directory is removed
+# Mitigates: https://github.com/anthropics/claude-code/issues/34344
+#
+# When a worktree directory is deleted while Claude is operating inside it,
+# any filesystem tool call crashes the session. This hook detects the missing
+# CWD before the tool executes and blocks with a recovery suggestion.
+#
+# Promoted from Sterling per CAWS-HOOK-PACK-PROMOTE-001 +
+# docs/reports/sterling_hook_port_audit_001.md.
+
+# Check if CWD still exists on disk
+if [ ! -d "$(pwd 2>/dev/null)" ] 2>/dev/null; then
+  # Try to find the repo root for a helpful recovery message
+  REPO_ROOT=$(git rev-parse --show-toplevel 2>/dev/null || echo "$HOME")
+
+  echo "BLOCKED: Working directory no longer exists (likely a removed worktree)." >&2
+  echo "" >&2
+  echo "Recovery: run 'cd $REPO_ROOT' to return to the repo root." >&2
+  exit 2
+fi
+
+exit 0

package/templates/hook-packs/claude-code/dispatch/post_tool_use.sh

@@ -1,9 +1,9 @@
 #!/bin/bash
 # CAWS-MANAGED-HOOK
 # hook_pack: claude-code
-# hook_pack_version: 2
+# hook_pack_version: 11
 # caws_min_major: 11
-# lineage_refs: 8,16
+# lineage_refs: 8,16,25,27,28,29,30,31
 # do_not_edit_directly: update via `caws init --agent-surface claude-code`
 # PostToolUse dispatcher for Claude Code hooks.
 #
@@ -53,10 +53,21 @@ source "$HOOKS_DIR/lib/run-handlers.sh" 2>/dev/null || exit 0
 HANDLERS=(
   # "quality-check.sh"
   # "validate-spec.sh"
-  # "naming-check.sh"
+  "naming-check.sh"
+  # -- QG-HOOKS-EXTRACT-001: advisory edit-time quality plane --
+  # Each self-filters by tool + file type and emits at most one
+  # additionalContext block; all are advisory (exit 0) except
+  # shortcut-language-check, which escalates via guard-strikes on the
+  # third session strike. Independent of `caws gates run` (option-C
+  # doctrine: gates run is the governed policy-gate runner; these are
+  # installed hook-pack utilities the repo tunes via env).
+  "god-object-check.sh"
+  "shortcut-language-check.sh"
+  "duplicate-export-check.sh"
+  "loc-delta-check.sh"
   # "doc-frontmatter-check.sh"
   # "audit.sh tool-use"
-  # "plan-transcript-snapshot.sh"
+  "plan-transcript-snapshot.sh"
   "session-log.sh"
 )
 

package/templates/hook-packs/claude-code/dispatch/pre_tool_use.sh

@@ -1,9 +1,9 @@
 #!/bin/bash
 # CAWS-MANAGED-HOOK
 # hook_pack: claude-code
-# hook_pack_version: 2
+# hook_pack_version: 11
 # caws_min_major: 11
-# lineage_refs: 8,11,17
+# lineage_refs: 8,11,17,19,22,23,24,26
 # do_not_edit_directly: update via `caws init --agent-surface claude-code`
 #
 # PreToolUse dispatcher for Claude Code hooks.
@@ -40,11 +40,28 @@ source "$HOOKS_DIR/lib/run-handlers.sh" 2>/dev/null || exit 0
 
 # Registered handlers in execution order. Each handler self-filters
 # on $HOOK_TOOL_NAME; non-matching cases return exit 0 cheaply.
+#
+# MULTI-AGENT-ACTIVITY-REGISTRY-001: agent-heartbeat.sh runs FIRST so the
+# lease is refreshed and parallel-agent presence is surfaced even when a
+# later guard short-circuits the chain with exit 2 (block). Heartbeat is
+# non-blocking and never produces a "block" decision — its stdout is a
+# Claude-Code additionalContext envelope (priority 1), so it does not
+# outrank a real block from scope-guard / worktree-guard. The dispatcher's
+# stdout-priority logic ensures a block from a later handler still wins.
 HANDLERS=(
+  agent-heartbeat.sh
+  cwd-guard.sh
   block-dangerous.sh
   worktree-guard.sh
   scope-guard.sh
   worktree-write-guard.sh
+  protected-paths.sh
+  scan-secrets.sh
+  # quiet-merge.sh MUST be the last interceptor: it emits
+  # updatedInput which replaces any prior hook's updatedInput.
+  # The hook itself self-filters to Bash + caws worktree merge|destroy
+  # so non-matching tool calls are cheap exits.
+  quiet-merge.sh
 )
 
 run_handlers --short-circuit-on-block "${HANDLERS[@]}"

package/templates/hook-packs/claude-code/dispatch/session_start.sh

@@ -1,9 +1,9 @@
 #!/bin/bash
 # CAWS-MANAGED-HOOK
 # hook_pack: claude-code
-# hook_pack_version: 2
+# hook_pack_version: 11
 # caws_min_major: 11
-# lineage_refs: 10,11
+# lineage_refs: 10,11,19
 # do_not_edit_directly: update via `caws init --agent-surface claude-code`
 # SessionStart dispatcher for Claude Code hooks.
 #
@@ -36,6 +36,10 @@ HANDLERS=(
   "audit.sh session-start"
   # "session-caws-status.sh session-start"
   "session-log.sh"
+  # MULTI-AGENT-ACTIVITY-REGISTRY-001: self-register into the leases
+  # substrate so other sessions can see this one. Non-blocking; refuses
+  # silently when HOOK_SESSION_ID is empty or "unknown".
+  "agent-register.sh"
 )
 
 run_handlers "${HANDLERS[@]}"

package/templates/hook-packs/claude-code/dispatch/stop.sh

@@ -1,9 +1,9 @@
 #!/bin/bash
 # CAWS-MANAGED-HOOK
 # hook_pack: claude-code
-# hook_pack_version: 2
+# hook_pack_version: 11
 # caws_min_major: 11
-# lineage_refs: 10
+# lineage_refs: 10,19,27
 # do_not_edit_directly: update via `caws init --agent-surface claude-code`
 # Stop dispatcher for Claude Code hooks.
 #
@@ -32,6 +32,11 @@ HANDLERS=(
   # "stop-worktree-check.sh"
   "plan-transcript-finalize.sh"
   "session-log.sh"
+  # MULTI-AGENT-ACTIVITY-REGISTRY-001: mark our lease as stopped so other
+  # sessions can distinguish "stopped cleanly" from "went stale and is
+  # presumed dead." Non-blocking; refuses silently when HOOK_SESSION_ID
+  # is empty or "unknown".
+  "agent-stop.sh"
 )
 
 run_handlers "${HANDLERS[@]}"

package/templates/hook-packs/claude-code/duplicate-export-check.sh

@@ -0,0 +1,156 @@
+#!/bin/bash
+# CAWS-MANAGED-HOOK
+# hook_pack: claude-code
+# hook_pack_version: 11
+# caws_min_major: 11
+# lineage_refs: 30
+# do_not_edit_directly: update via `caws init --agent-surface claude-code`
+#
+# CAWS Duplicate-Export Advisory Check (QG-HOOKS-EXTRACT-001)
+#
+# Advisory-only PostToolUse hook firing on Write (new-file creation). Flags a
+# newly-written file that exports a symbol whose name already exists as an
+# export elsewhere in the local project tree — the edit-time analogue of the
+# quality-gates functional-duplication "name/shape collision" signal
+# (packages/quality-gates/check-functional-duplication.mjs nameDuplication).
+# It re-implements the practical 80%: the most common shadow-export incident
+# is the agent CREATING a new file whose export collides with an existing one
+# (the "*-v2 / *-enhanced re-export" failure mode the naming-check covers by
+# filename; this covers it by symbol).
+#
+# v1 limitation (documented, acceptable): fires on Write only, not Edit. An
+# Edit that adds a new colliding export to an existing file is NOT caught;
+# that requires diffing the pre/post export set. The common incident is the
+# new-file create, which Write covers.
+#
+# NEVER blocks (always exit 0). NEVER mutates. NEVER imports a quality-gates
+# module. Matching is exact symbol name, not heuristic similarity.
+#
+# Lookup is bounded: the enclosing package's src tree
+# (packages/<pkg>/src or packages/<pkg>) when the file is inside a package,
+# else repo-root src/, else repo root. ripgrep when available, grep -r
+# fallback. node_modules is always excluded.
+
+set -uo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# shellcheck source=lib/parse-input.sh
+source "$SCRIPT_DIR/lib/parse-input.sh" 2>/dev/null || exit 0
+parse_hook_input || exit 0
+
+FILE_PATH="$HOOK_FILE_PATH"
+TOOL_NAME="$HOOK_TOOL_NAME"
+
+# Write only (new-file create) per the documented v1 scope.
+[[ "$TOOL_NAME" != "Write" ]] && exit 0
+[[ -z "$FILE_PATH" ]] && exit 0
+
+# Only JS/TS source files carry the export shapes we match.
+case "$(basename "$FILE_PATH")" in
+  *.js | *.jsx | *.ts | *.tsx | *.mjs | *.cjs) ;;
+  *) exit 0 ;;
+esac
+
+# Skip generated / vendored / build output and test files.
+case "$FILE_PATH" in
+  */node_modules/* | */dist/* | */build/* | */coverage/* | */.next/* | */out/* | */vendor/*)
+    exit 0
+    ;;
+  *.test.* | *.spec.* | */tests/* | */__tests__/* | */test/*)
+    exit 0
+    ;;
+esac
+case "$(basename "$FILE_PATH")" in
+  *.min.js | *.bundle.js) exit 0 ;;
+esac
+
+# Content to scan for new exports: prefer the Write payload .content.
+CONTENT=""
+if [[ -n "${HOOK_TOOL_INPUT_JSON:-}" ]] && command -v jq >/dev/null 2>&1; then
+  CONTENT=$(printf '%s' "$HOOK_TOOL_INPUT_JSON" | jq -r '.content // empty' 2>/dev/null || printf '')
+fi
+if [[ -z "$CONTENT" ]] && [[ -f "$FILE_PATH" ]]; then
+  CONTENT=$(cat "$FILE_PATH" 2>/dev/null || printf '')
+fi
+[[ -z "$CONTENT" ]] && exit 0
+
+# Extract exported symbol names. Matches:
+#   export function NAME       export class NAME
+#   export const NAME          export default function NAME
+#   export async function NAME
+NAMES=$(printf '%s' "$CONTENT" | grep -oE 'export[[:space:]]+(default[[:space:]]+)?(async[[:space:]]+)?(function|class|const|let|var)[[:space:]]+[A-Za-z_$][A-Za-z0-9_$]*' 2>/dev/null \
+  | awk '{print $NF}' | sort -u)
+
+[[ -z "$NAMES" ]] && exit 0
+
+# Generic allowlist: names too common to be meaningful collisions.
+is_allowlisted() {
+  case "$1" in
+    main | init | setup | run | handle | render | index | default) return 0 ;;
+    *) return 1 ;;
+  esac
+}
+
+# Determine the bounded search root from the file path.
+# packages/<pkg>/... -> packages/<pkg>/src (or packages/<pkg>)
+SEARCH_ROOT=""
+if [[ "$FILE_PATH" =~ (^|/)(packages/[^/]+)/ ]]; then
+  pkg="${BASH_REMATCH[2]}"
+  # Resolve relative to repo root if FILE_PATH is absolute or cwd-relative.
+  if [[ -d "$pkg/src" ]]; then
+    SEARCH_ROOT="$pkg/src"
+  elif [[ -d "$pkg" ]]; then
+    SEARCH_ROOT="$pkg"
+  fi
+fi
+if [[ -z "$SEARCH_ROOT" ]]; then
+  if [[ -d "src" ]]; then SEARCH_ROOT="src"; else SEARCH_ROOT="."; fi
+fi
+
+# Picker: ripgrep if available, else grep -r. Always exclude node_modules,
+# dist, build, and the file just written.
+search_export() {
+  local name="$1"
+  local pat="export[[:space:]]+(default[[:space:]]+)?(async[[:space:]]+)?(function|class|const|let|var)[[:space:]]+${name}([^A-Za-z0-9_$]|\$)"
+  if command -v rg >/dev/null 2>&1; then
+    rg --no-messages -l -e "$pat" "$SEARCH_ROOT" \
+      --glob '!node_modules' --glob '!dist' --glob '!build' --glob '!coverage' 2>/dev/null
+  else
+    grep -rlE "$pat" "$SEARCH_ROOT" \
+      --exclude-dir=node_modules --exclude-dir=dist --exclude-dir=build --exclude-dir=coverage 2>/dev/null
+  fi
+}
+
+# The basename of the file just written, to exclude self-matches (the search
+# root may already contain the written file on disk).
+SELF_BASENAME="$(basename "$FILE_PATH")"
+
+COLLISIONS=""
+while IFS= read -r name; do
+  [[ -z "$name" ]] && continue
+  is_allowlisted "$name" && continue
+  while IFS= read -r match_file; do
+    [[ -z "$match_file" ]] && continue
+    # Skip self (compare basenames; the written file may appear under the root).
+    [[ "$(basename "$match_file")" == "$SELF_BASENAME" ]] && continue
+    # Skip if the match is literally the same path as the written file.
+    [[ "$match_file" == "$FILE_PATH" ]] && continue
+    COLLISIONS="${COLLISIONS}  • ${name} also exported in ${match_file}"$'\n'
+  done < <(search_export "$name")
+done <<< "$NAMES"
+
+[[ -z "$COLLISIONS" ]] && exit 0
+
+MSG="Duplicate-export advisory: ${FILE_PATH} exports symbol name(s) that already exist elsewhere in this project:
+${COLLISIONS}If this is an intentional re-export or distinct concept, ignore. Otherwise consider editing the existing module in place rather than creating a parallel implementation (CAWS \"No shadow files\" doctrine). (Advisory only — never blocks.)"
+
+if command -v jq >/dev/null 2>&1; then
+  jq -n --arg msg "$MSG" '{
+    hookSpecificOutput: {
+      hookEventName: "PostToolUse",
+      additionalContext: $msg
+    }
+  }'
+fi
+
+exit 0

package/templates/hook-packs/claude-code/god-object-check.sh

@@ -0,0 +1,102 @@
+#!/bin/bash
+# CAWS-MANAGED-HOOK
+# hook_pack: claude-code
+# hook_pack_version: 11
+# caws_min_major: 11
+# lineage_refs: 28
+# do_not_edit_directly: update via `caws init --agent-surface claude-code`
+#
+# CAWS God-Object Advisory Check (QG-HOOKS-EXTRACT-001)
+#
+# Advisory-only PostToolUse hook firing on Write/Edit. Flags source files
+# whose source-lines-of-code (SLOC) exceed a configurable threshold, the
+# edit-time analogue of the quality-gates `god_object` gate
+# (packages/quality-gates/check-god-objects.mjs, which classifies at
+# warning=1750/critical=2000/severe=3000 SLOC). This hook uses a single
+# configurable warn threshold (default 2000, the critical tier) for advisory
+# simplicity — it NEVER blocks, NEVER mutates, and does NOT import or invoke
+# any quality-gates module. It re-implements the intent (large modules are a
+# refactoring signal) in self-contained bash.
+#
+# SLOC = non-blank, non-comment lines. The counter is deliberately simple
+# (strips // and # line comments and blank lines); it is an advisory signal,
+# not a precise multi-language SLOC engine.
+#
+# env:
+#   CAWS_GOD_OBJECT_LOC   warn threshold in SLOC (default 2000)
+
+set -uo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# shellcheck source=lib/parse-input.sh
+source "$SCRIPT_DIR/lib/parse-input.sh" 2>/dev/null || exit 0
+parse_hook_input || exit 0
+
+FILE_PATH="$HOOK_FILE_PATH"
+TOOL_NAME="$HOOK_TOOL_NAME"
+
+# Only act on file-mutating tools.
+case "$TOOL_NAME" in
+  Write | Edit) ;;
+  *) exit 0 ;;
+esac
+
+[[ -z "$FILE_PATH" ]] && exit 0
+
+# Skip generated / vendored / build output. Advisory hooks must never fire
+# on files the agent did not author.
+case "$FILE_PATH" in
+  */node_modules/* | */dist/* | */build/* | */coverage/* | */.next/* | */out/* | */vendor/*)
+    exit 0
+    ;;
+esac
+case "$(basename "$FILE_PATH")" in
+  *.min.js | *.bundle.js | *.map | *.lock | *-lock.json | package-lock.json)
+    exit 0
+    ;;
+esac
+
+# Only inspect real source files. If the file doesn't exist on disk (e.g. the
+# tool payload races the hook), exit silently.
+[[ -f "$FILE_PATH" ]] || exit 0
+
+THRESHOLD="${CAWS_GOD_OBJECT_LOC:-2000}"
+# Defensive: a non-numeric override falls back to the default.
+[[ "$THRESHOLD" =~ ^[0-9]+$ ]] || THRESHOLD=2000
+
+# SLOC: drop blank lines and whole-line // or # comments. awk is single-pass
+# and bounded to this one file (no whole-repo scan).
+SLOC=$(awk '
+  {
+    line = $0
+    sub(/^[ \t]+/, "", line)        # left-trim
+    if (line == "") next            # blank
+    if (line ~ /^\/\//) next        # // comment
+    if (line ~ /^#/) next           # # comment (sh/py/yaml)
+    if (line ~ /^\*/) next          # block-comment continuation
+    if (line ~ /^\/\*/) next        # /* comment open
+    count++
+  }
+  END { print count + 0 }
+' "$FILE_PATH" 2>/dev/null || echo 0)
+
+[[ "$SLOC" =~ ^[0-9]+$ ]] || exit 0
+
+if (( SLOC >= THRESHOLD )); then
+  REL="$FILE_PATH"
+  MSG="God-object advisory: ${REL} is ${SLOC} SLOC (>= ${THRESHOLD} threshold). Large single-responsibility-overloaded modules are hard to test and review. Consider splitting it into focused units. (Advisory only — set CAWS_GOD_OBJECT_LOC to tune; this never blocks.)"
+  # PostToolUse advisory: surface via additionalContext, exit 0.
+  if command -v jq >/dev/null 2>&1; then
+    jq -n --arg msg "$MSG" '{
+      hookSpecificOutput: {
+        hookEventName: "PostToolUse",
+        additionalContext: $msg
+      }
+    }'
+  else
+    printf '{"hookSpecificOutput":{"hookEventName":"PostToolUse","additionalContext":%s}}\n' \
+      "$(printf '%s' "$MSG" | sed 's/\\/\\\\/g; s/"/\\"/g' | awk '{printf "\"%s\"", $0}')"
+  fi
+fi
+
+exit 0

package/templates/hook-packs/claude-code/guard-strikes.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 # CAWS-MANAGED-HOOK
 # hook_pack: claude-code
-# hook_pack_version: 2
+# hook_pack_version: 11
 # caws_min_major: 11
 # lineage_refs: 8,16
 # do_not_edit_directly: update via `caws init --agent-surface claude-code`