@paulduvall/claude-dev-toolkit 0.0.1-alpha.14 → 0.0.1-alpha.16

package/hooks/README.md

@@ -100,7 +100,7 @@ The following hooks provide logging, validation, and cleanup at various Claude C
 | `pre-commit-test-runner.sh` | PreToolUse (Bash) | Auto-detects test framework, blocks commits on failure |
 | `pre-write-security.sh` | PreToolUse (Write) | Security scan before file writes |
 | `verify-before-edit.sh` | PreToolUse (Edit/Write) | Warns about fabricated references (non-blocking) |
-| `on-error-debug.sh` | OnError | Debug context capture on errors |
+| `on-error-debug.sh` | Manual invocation | Debug context capture on errors |
 | `subagent-trigger.sh` | PostToolUse (*) | Triggers subagent workflows |
 | `subagent-trigger-simple.sh` | PostToolUse (*) | Simplified subagent trigger |
 

package/hooks/lib/argument-parser.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _ARGUMENT_PARSER_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/error-handler.sh"
 

package/hooks/lib/context-manager.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _CONTEXT_MANAGER_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/error-handler.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _ERROR_HANDLER_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 
@@ -40,7 +40,7 @@ log_message() {
 
 log_info() {
     local message="$1"
-    log_message "INFO" "$message"
+    log_message "INFO" "$message" >&2
 }
 
 log_warning() {

package/hooks/lib/execution-engine.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _EXECUTION_ENGINE_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/execution-results.sh

@@ -12,7 +12,7 @@ set -uo pipefail
 _EXECUTION_RESULTS_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/execution-simulation.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _EXECUTION_SIMULATION_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/field-validators.sh

@@ -12,7 +12,7 @@ set -uo pipefail
 _FIELD_VALIDATORS_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/error-handler.sh"
 

package/hooks/lib/file-utils.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _FILE_UTILS_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 
 ##################################

package/hooks/lib/subagent-discovery.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _SUBAGENT_DISCOVERY_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/subagent-validator.sh

@@ -11,7 +11,7 @@ set -uo pipefail
 _SUBAGENT_VALIDATOR_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/file-utils.sh"
 source "$SCRIPT_DIR/error-handler.sh"

package/hooks/lib/validation-reporter.sh

@@ -12,7 +12,7 @@ set -uo pipefail
 _VALIDATION_REPORTER_LOADED=1
 
 # Source required modules
-SCRIPT_DIR="${SCRIPT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)}"
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "$SCRIPT_DIR/config-constants.sh"
 source "$SCRIPT_DIR/error-handler.sh"
 

package/hooks/on-error-debug.sh

@@ -4,7 +4,7 @@ set -euo pipefail
 # Claude Code Hook: Error Handling Trigger
 # 
 # Purpose: Lightweight trigger for automatic debugging assistance on errors
-# Trigger: OnError events or manual invocation during debugging sessions
+# Trigger: Manual invocation or PostToolUse (no OnError hook event exists in Claude Code)
 # Approach: Capture error context and delegate to debug-specialist subagent
 #
 # This hook provides immediate debugging help by gathering error context

package/hooks/pre-commit-test-runner.sh

@@ -51,7 +51,7 @@ is_commit_command() {
 # Framework Detection
 ##################################
 detect_framework() {
-    if [[ -f "pytest.ini" ]] || [[ -f "pyproject.toml" ]] && grep -q '\[tool.pytest' pyproject.toml 2>/dev/null; then
+    if [[ -f "pytest.ini" ]] || { [[ -f "pyproject.toml" ]] && grep -q '\[tool.pytest' pyproject.toml 2>/dev/null; }; then
         echo "pytest"
     elif [[ -f "package.json" ]] && grep -q '"test"' package.json 2>/dev/null; then
         if grep -qE '"(jest|vitest)' package.json 2>/dev/null; then

package/hooks/prevent-credential-exposure.sh

@@ -134,27 +134,31 @@ scan_file_content() {
         return 0
     fi
     
-    log "Scanning file: $file_path"
-    
+    # Redirect log output to stderr so it doesn't pollute stdout
+    # (callers capture stdout via command substitution for the violation count)
+    log "Scanning file: $file_path" >&2
+
     # Check each credential pattern
     for pattern_name in "${!CREDENTIAL_PATTERNS[@]}"; do
         local pattern="${CREDENTIAL_PATTERNS[$pattern_name]}"
-        
-        if echo "$content" | grep -qiP "$pattern"; then
-            log_violation "$pattern_name detected in $file_path"
+
+        if echo "$content" | grep -qiP -e "$pattern"; then
+            log_violation "$pattern_name detected in $file_path" >&2
             violations+=("$pattern_name")
-            
+
             # Extract the matched content for logging (but redact it)
-            local matched_line=$(echo "$content" | grep -iP "$pattern" | head -1)
-            local redacted_line=$(echo "$matched_line" | sed 's/[a-zA-Z0-9+/=]\{10,\}/[REDACTED]/g')
-            
-            log_violation "Pattern: $pattern_name, Line: $redacted_line"
-            
+            local matched_line
+            matched_line=$(echo "$content" | grep -iP -e "$pattern" | head -1)
+            local redacted_line
+            redacted_line=$(echo "$matched_line" | sed 's/[a-zA-Z0-9+/=]\{10,\}/[REDACTED]/g')
+
+            log_violation "Pattern: $pattern_name, Line: $redacted_line" >&2
+
             # Notify security team
             notify_security_team "$pattern_name" "$file_path" "$redacted_line"
         fi
     done
-    
+
     # Return violation count
     echo "${#violations[@]}"
 }
@@ -165,13 +169,13 @@ check_environment_leakage() {
     
     # Check for environment variable exposure patterns
     if echo "$content" | grep -qiP 'process\.env\.[A-Z_]*(?:KEY|SECRET|PASSWORD|TOKEN)'; then
-        log_violation "Environment variable credential exposure detected"
+        log_violation "Environment variable credential exposure detected" >&2
         ((violations++))
     fi
-    
+
     # Check for hardcoded production URLs with credentials
     if echo "$content" | grep -qiP 'https?://[^:]+:[^@]+@[^/]+'; then
-        log_violation "URL with embedded credentials detected"
+        log_violation "URL with embedded credentials detected" >&2
         ((violations++))
     fi
     

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@paulduvall/claude-dev-toolkit",
-  "version": "0.0.1-alpha.14",
+  "version": "0.0.1-alpha.16",
   "description": "Custom commands toolkit for Claude Code - streamline your development workflow",
   "author": "Paul Duvall",
   "license": "MIT",

package/subagents/debug-specialist.md

@@ -1,4 +1,5 @@
 ---
+name: debug-specialist
 description: "Specialized debugging assistant with expertise in root cause analysis, error interpretation, and systematic troubleshooting"
 tags: ["debugging", "error-analysis", "troubleshooting", "performance"]
 tools: ["Read", "Bash", "Grep", "Edit", "Glob"]

package/templates/basic-settings.json

@@ -1,22 +1,14 @@
 {
-  "// Basic Claude Code settings.json template": "Copy to ~/.claude/settings.json",
-  "// Based on official Claude Code documentation": "https://docs.anthropic.com/en/docs/claude-code/settings",
-  
-  "// Core tool permissions (replaces invalid 'allowedTools')": "",
   "permissions": {
     "allow": [
-      "Edit(*)",
       "Bash(*)",
       "Read(*)",
+      "Edit(*)",
       "Write(*)",
-      "MultiEdit(*)",
       "Glob(*)",
-      "Grep(*)",
-      "LS(*)"
+      "Grep(*)"
     ]
   },
-  
-  "// Basic hooks configuration": "",
   "hooks": {
     "PreToolUse": [
       {
@@ -30,15 +22,9 @@
       }
     ]
   },
-  
-  "// Standard Claude Code environment variables": "",
   "env": {
     "DISABLE_TELEMETRY": "1"
   },
-  
-  "// Optional: Include Claude co-authorship in git commits": "",
   "includeCoAuthoredBy": true,
-  
-  "// Optional: Custom retention for chat transcripts (days)": "",
   "cleanupPeriodDays": 30
-}
+}

package/templates/comprehensive-settings.json

@@ -1,25 +1,15 @@
 {
-  "// Comprehensive Claude Code settings.json template": "Copy to ~/.claude/settings.json",
-  "// Based on official Claude Code documentation": "https://docs.anthropic.com/en/docs/claude-code/settings",
-  "// Includes all advanced features and hook events": "",
-  
-  "// Comprehensive tool permissions": "",
   "permissions": {
     "allow": [
-      "Edit(*)",
       "Bash(*)",
       "Read(*)",
+      "Edit(*)",
       "Write(*)",
-      "MultiEdit(*)",
       "Glob(*)",
       "Grep(*)",
-      "LS(*)",
-      "Task(*)",
       "WebFetch(*)",
       "WebSearch(*)",
-      "NotebookEdit(*)",
-      "BashOutput(*)",
-      "KillBash(*)"
+      "NotebookEdit(*)"
     ],
     "ask": [
       "Bash(sudo *)",
@@ -34,12 +24,10 @@
       "Edit(/etc/passwd)"
     ]
   },
-  
-  "// Comprehensive hooks covering all supported events": "",
   "hooks": {
     "PreToolUse": [
       {
-        "matcher": "Edit|Write|MultiEdit",
+        "matcher": "Edit|Write",
         "hooks": [
           {
             "type": "command",
@@ -63,41 +51,12 @@
     ],
     "PostToolUse": []
   },
-  
-  "// Standard Claude Code environment variables": "",
   "env": {
-    "// DO NOT commit real API keys. Set via: export ANTHROPIC_API_KEY=sk-ant-...": "",
-    "ANTHROPIC_API_KEY": "${ANTHROPIC_API_KEY}",
     "DISABLE_TELEMETRY": "1",
-    "ANTHROPIC_LOG": "info",
-    "CLAUDE_PROJECT_DIR": "."
+    "ANTHROPIC_LOG": "info"
   },
-  
-  "// Advanced Claude Code configuration": "",
   "includeCoAuthoredBy": true,
   "cleanupPeriodDays": 30,
-  "// Model options: claude-sonnet-4-6 (default), claude-opus-4-6 (most capable), claude-haiku-4-5-20251001 (fastest)": "",
   "model": "claude-sonnet-4-6",
-  
-  "// MCP server configuration": "",
-  "enableAllProjectMcpServers": false,
-  "enabledMcpjsonServers": [
-    "approved-server-1",
-    "approved-server-2"
-  ],
-  "disabledMcpjsonServers": [
-    "blocked-server-1"
-  ],
-  
-  "// Optional: Custom API key helper script": "",
-  "apiKeyHelper": "~/.claude/scripts/get-api-key.sh",
-  
-  "// Optional: Force specific login method": "",
-  "forceLoginMethod": "api-key",
-  
-  "// Optional: Custom status line configuration": "",
-  "statusLine": {
-    "enabled": true,
-    "format": "Claude Code - Project: {project} | Model: {model} | Tools: {tools_count}"
-  }
-}
+  "enableAllProjectMcpServers": false
+}

package/templates/hybrid-hook-config.yaml

@@ -28,12 +28,11 @@ hooks_configuration:
           blocking: false
           description: "Log file modifications"
 
-  OnError:
-    - hooks:
-        - command: "~/.claude/hooks/on-error-debug.sh"
-          blocking: false
-          description: "Automatic debugging via debug-specialist subagent"
-          
+  # NOTE: There is no "OnError" hook event in Claude Code's schema.
+  # Valid hook events: PreToolUse, PostToolUse, Notification, Stop,
+  # SubagentStop, UserPromptSubmit, PreCompact, SessionStart, SessionEnd.
+  # Use on-error-debug.sh via manual invocation or PostToolUse instead.
+
   custom:
     pre-commit:
       command: "~/.claude/hooks/pre-commit-quality.sh"

package/templates/security-focused-settings.json

@@ -1,9 +1,4 @@
 {
-  "// Security-focused Claude Code settings.json template": "Copy to ~/.claude/settings.json",
-  "// Based on official Claude Code documentation": "https://docs.anthropic.com/en/docs/claude-code/settings",
-  "// Includes comprehensive security controls and governance": "",
-  
-  "// Restrictive tool permissions for security": "",
   "permissions": {
     "allow": [
       "Read(*)",
@@ -16,7 +11,8 @@
       "Bash(npm run *)",
       "Bash(python -m *)",
       "Bash(node *)",
-      "MultiEdit(*)"
+      "Glob(*)",
+      "Grep(*)"
     ],
     "deny": [
       "Bash(curl *)",
@@ -35,12 +31,10 @@
       "Read(~/.ssh/id_*)"
     ]
   },
-  
-  "// Comprehensive security hooks": "",
   "hooks": {
     "PreToolUse": [
       {
-        "matcher": "Edit|Write|MultiEdit",
+        "matcher": "Edit|Write",
         "hooks": [
           {
             "type": "command",
@@ -63,17 +57,11 @@
       }
     ]
   },
-  
-  "// Standard Claude Code environment variables": "",
   "env": {
     "DISABLE_TELEMETRY": "1",
     "ANTHROPIC_LOG": "error"
   },
-  
-  "// Security-focused settings": "",
   "includeCoAuthoredBy": false,
   "cleanupPeriodDays": 7,
-  
-  "// Disable auto-approval of MCP servers for security": "",
   "enableAllProjectMcpServers": false
-}
+}