@praxis.guard/auditor-cli 0.0.32 → 0.0.34

package/dist/hooks/run-before-mcp.js

@@ -3,77 +3,13 @@ import { appendAuditJsonl } from "../audit/jsonl.js";
 import { getInstallId } from "../cli/install-id.js";
 import { evaluateMcpProposal } from "../shell/evaluate.js";
 import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
-import { tryConsumeExecutionTicket } from "../bridge/execution-ticket.js";
-import { tryHookInlineApprovalRequest } from "../approval/hook-inline-approval.js";
-import { readPendingApprovalIndex } from "../bridge/pending-approval-index.js";
-import { argvSha256 } from "../approval/argv-fingerprint.js";
 import { toolInputSha256 } from "../approval/fingerprint.js";
-import { resolveMutateApproval } from "../approval/mcp-flow.js";
 import { formatHookAllowViaCredentialMessage, formatHookDenyMessages, } from "./agent-message.js";
-import { randomUUID } from "node:crypto";
 import { sendGuardEvent } from "../telemetry/guard-events.js";
-function tierToPermission(tier) {
-    if (tier === "READ")
-        return "allow";
-    return "deny";
-}
-function stringifyToolInput(raw) {
-    if (raw === undefined || raw === null)
-        return "";
-    if (typeof raw === "string")
-        return raw;
-    try {
-        return JSON.stringify(raw);
-    }
-    catch {
-        return String(raw);
-    }
-}
-/**
- * When Cursor encodes MCP tools as `MCP:<server>:<tool>` (see Cursor hooks docs / preToolUse), split into
- * server + bare tool name for policy rows under `policies.mcp.<server>.<tool>`.
- */
-export function splitMcpToolName(raw) {
-    const t = raw.trim();
-    if (!t)
-        return { serverGuess: null, tool: "_" };
-    if (t.startsWith("MCP:")) {
-        const body = t.slice(4).trim();
-        const idx = body.lastIndexOf(":");
-        if (idx !== -1) {
-            const serverPart = body.slice(0, idx).trim();
-            const toolPart = body.slice(idx + 1).trim();
-            if (serverPart && toolPart)
-                return { serverGuess: serverPart, tool: toolPart };
-        }
-    }
-    return { serverGuess: null, tool: t };
-}
-/**
- * Maps hook payload → argv for `policies.v1.json` under tool key `mcp`.
- * Omits raw `tool_input` from argv tokens so JSON metacharacters do not trip shell metachar heuristics.
- */
-export function mcpHookArgvFromPayload(payload) {
-    const rawName = typeof payload.tool_name === "string" ? payload.tool_name.trim() : "";
-    const { serverGuess, tool } = splitMcpToolName(rawName);
-    let server = "stdio";
-    if (typeof payload.url === "string" && payload.url.trim()) {
-        const u = payload.url.trim();
-        try {
-            server = new URL(u).host || u;
-        }
-        catch {
-            server = u;
-        }
-    }
-    else if (serverGuess) {
-        server = serverGuess;
-    }
-    else if (typeof payload.command === "string" && payload.command.trim()) {
-        server = payload.command.trim().slice(0, 400);
-    }
-    return ["mcp", server, tool || "_"];
-}
+import { mcpHookArgvFromPayload, preferredHookCwd, stringifyToolInput, } from "./before-mcp-argv.js";
+import { resolveMutateHookPermission } from "./before-mcp-mutate.js";
+import { handleSkippedMcpHook } from "./before-mcp-skipped.js";
+export { mcpHookArgvFromPayload, splitMcpToolName } from "./before-mcp-argv.js";
 async function readStdinJson() {
     return await new Promise((resolve, reject) => {
         let data = "";
@@ -89,14 +25,10 @@ async function readStdinJson() {
         });
     });
 }
-async function tryAppendAuditEvent(evt, auditLogRoot) {
-    try {
-        await appendAuditJsonl(evt, auditLogRoot);
-    }
-    catch (e) {
-        const msg = e instanceof Error ? e.message : String(e);
-        process.stderr.write(`[auditor] audit log append failed: ${msg}\n`);
-    }
+function tierToPermission(tier) {
+    if (tier === "READ")
+        return "allow";
+    return "deny";
 }
 /**
  * Cursor `beforeMCPExecution`: stdin JSON → stdout JSON (`permission` only contract).
@@ -119,121 +51,45 @@ export async function runBeforeMcpHookFromStdin() {
     const [policy, policyRevision] = await Promise.all([loadPoliciesV1(), readPoliciesV1Revision()]);
     const { skipped, evaluation } = evaluateMcpProposal(policy, argv);
     const { classification, flags, tier } = evaluation;
-    const reasons = evaluation.reasons.map((r) => r.message);
-    const preferredCwd = typeof payload.cwd === "string"
-        ? payload.cwd
-        : Array.isArray(payload.workspace_roots) &&
-            typeof payload.workspace_roots[0] === "string"
-            ? payload.workspace_roots[0]
-            : undefined;
-    const storageRoot = resolveGuardStorageRoot(preferredCwd);
+    const initialReasons = evaluation.reasons.map((r) => r.message);
+    const storageRoot = resolveGuardStorageRoot(preferredHookCwd(payload));
     const auditLogRoot = storageRoot;
     const toolInputHash = toolInputSha256(payload.tool_input);
     if (skipped) {
-        const latency_ms = performance.now() - decisionStarted;
-        const toolInputStr = stringifyToolInput(payload.tool_input);
-        await tryAppendAuditEvent({
-            ts: new Date().toISOString(),
-            hook: "beforeMCPExecution",
-            tool_name: rawToolName,
-            bare_tool: bareTool,
-            tool_input: toolInputStr.slice(0, 8000),
+        await handleSkippedMcpHook({
+            payload,
+            rawToolName,
+            bareTool,
             argv,
-            status: "skipped",
-            skipped: true,
-            skip_reason: "mcp_policy_unmatched",
-            tier,
-            permission: "allow",
-            ticketConsumed: false,
-            reasons,
-            latency_ms,
-        }, auditLogRoot);
-        const skipResponse = { permission: "allow" };
-        process.stdout.write(JSON.stringify(skipResponse, null, 2));
-        await sendGuardEvent({
-            ts: new Date().toISOString(),
-            status: "skipped",
-            skipped: true,
-            skip_reason: "mcp_policy_unmatched",
-            tool: "auditor-hook-mcp",
-            command_path: argv[1] ?? null,
-            verb: argv[2] ?? null,
-            resource: toolInputStr ? toolInputStr.slice(0, 500) : null,
-            reason: reasons[0] ?? "mcp_policy_unmatched",
-            cmd: `${rawToolName}`,
             tier,
-            decision: "allow",
-            latency_ms,
-            installId: getInstallId(),
-            kind: "mcp",
-            ...(policyRevision !== null ? { policy_revision: policyRevision } : {}),
-            meta: {
-                hook: "beforeMCPExecution",
-                ticketConsumed: false,
-            },
+            reasons: initialReasons,
+            policyRevision,
+            auditLogRoot,
+            decisionStarted,
         });
         return;
     }
     let permission = tierToPermission(tier);
     let ticketConsumed = false;
+    let inlineApproval = null;
     let approvalFlowSignal = null;
+    let reasons = initialReasons;
     if (permission === "deny" && tier === "MUTATE") {
-        ticketConsumed = await tryConsumeExecutionTicket(argv, {
+        const mutate = await resolveMutateHookPermission({
+            argv,
+            tier,
             storageRoot,
-            kind: "mcp",
-            tool_input_sha256: toolInputHash,
+            toolInputHash,
+            rawToolName,
+            toolInputPreview: stringifyToolInput(payload.tool_input).slice(0, 200),
+            policyRevision,
+            initialReasons,
         });
-        if (ticketConsumed)
-            permission = "allow";
-    }
-    let inlineApproval = null;
-    if (permission === "deny" && tier === "MUTATE") {
-        const hash = argvSha256(argv);
-        const pending = await readPendingApprovalIndex(hash, { storageRoot });
-        if (pending) {
-            const autoRedeem = await resolveMutateApproval({
-                argv: [...argv],
-                proposalKind: "mcp",
-                storageRoot,
-                rawDisplay: `${rawToolName} ${stringifyToolInput(payload.tool_input).slice(0, 200)}`,
-                eventId: randomUUID(),
-                policyRevision,
-                reasons,
-                approval: { request_id: pending.request_id },
-                waitMs: 0,
-                tool_input_sha256: toolInputHash,
-            });
-            if (autoRedeem.kind === "allow" && autoRedeem.ticketRecorded) {
-                ticketConsumed = await tryConsumeExecutionTicket(argv, {
-                    storageRoot,
-                    kind: "mcp",
-                    tool_input_sha256: toolInputHash,
-                });
-                if (ticketConsumed) {
-                    permission = "allow";
-                }
-            }
-            if (permission === "deny") {
-                approvalFlowSignal = "retry_without_guard_wait_resolve";
-                reasons.push("retry_without_guard_wait_resolve");
-                inlineApproval = { request_id: pending.request_id, open_url: pending.open_url };
-            }
-        }
-        else {
-            const created = await tryHookInlineApprovalRequest({
-                argv: [...argv],
-                kind: "mcp",
-                rawDisplay: `${rawToolName} ${stringifyToolInput(payload.tool_input).slice(0, 200)}`,
-                policyRevision,
-                reasons,
-                eventId: randomUUID(),
-                storageRoot,
-                tool_input_sha256: toolInputHash,
-            });
-            if (created) {
-                inlineApproval = { request_id: created.request_id, open_url: created.open_url };
-            }
-        }
+        permission = mutate.permission;
+        ticketConsumed = mutate.ticketConsumed;
+        inlineApproval = mutate.inlineApproval;
+        approvalFlowSignal = mutate.approvalFlowSignal;
+        reasons = mutate.reasons;
     }
     const latency_ms = performance.now() - decisionStarted;
     const toolInputStr = stringifyToolInput(payload.tool_input);
@@ -258,24 +114,30 @@ export async function runBeforeMcpHookFromStdin() {
             user_message: denyMessages.user_message,
             agent_message: denyMessages.agent_message,
         };
-    await tryAppendAuditEvent({
-        ts: new Date().toISOString(),
-        hook: "beforeMCPExecution",
-        tool_name: rawToolName,
-        bare_tool: bareTool,
-        tool_input: toolInputStr.slice(0, 8000),
-        argv,
-        classification,
-        flags,
-        tier,
-        permission,
-        ticketConsumed,
-        inline_request_id: inlineApproval?.request_id ?? null,
-        tool_input_sha256: toolInputHash,
-        reasons,
-        approval_flow_signal: approvalFlowSignal,
-        latency_ms,
-    }, auditLogRoot);
+    try {
+        await appendAuditJsonl({
+            ts: new Date().toISOString(),
+            hook: "beforeMCPExecution",
+            tool_name: rawToolName,
+            bare_tool: bareTool,
+            tool_input: toolInputStr.slice(0, 8000),
+            argv,
+            classification,
+            flags,
+            tier,
+            permission,
+            ticketConsumed,
+            inline_request_id: inlineApproval?.request_id ?? null,
+            tool_input_sha256: toolInputHash,
+            reasons,
+            approval_flow_signal: approvalFlowSignal,
+            latency_ms,
+        }, auditLogRoot);
+    }
+    catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        process.stderr.write(`[auditor] audit log append failed: ${msg}\n`);
+    }
     process.stdout.write(JSON.stringify(response, null, 2));
     const status = permission === "allow" ? "passed" : "blocked";
     await sendGuardEvent({

package/dist/hooks/run-before-mcp.js.map

@@ -1 +1 @@
-{"version":3,"file":"run-before-mcp.js","sourceRoot":"","sources":["../../src/hooks/run-before-mcp.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAa,MAAM,oBAAoB,CAAC;AAEvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,4BAA4B,EAAE,MAAM,qCAAqC,CAAC;AACnF,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EACL,mCAAmC,EACnC,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAkB9D,SAAS,gBAAgB,CAAC,IAAU;IAClC,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,OAAO,CAAC;IACpC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAY;IACtC,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,EAAE,CAAC;IACjD,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC;IACxC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IACrB,IAAI,CAAC,CAAC;QAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;IAChD,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;YACf,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,UAAU,IAAI,QAAQ;gBAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;QACjF,CAAC;IACH,CAAC;IACD,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAkC;IACvE,MAAM,OAAO,GAAG,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACtF,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAExD,IAAI,MAAM,GAAG,OAAO,CAAC;IACrB,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC;QAC1D,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,GAAG,CAAC,CAAC;QACb,CAAC;IACH,CAAC;SAAM,IAAI,WAAW,EAAE,CAAC;QACvB,MAAM,GAAG,WAAW,CAAC;IACvB,CAAC;SAAM,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACzE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,IAAI,GAAG,CAAC,CAAC;AACtC,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,OAAO,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC3C,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAClC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YAC3B,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,CAAC,CAAC,CAAC,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,mBAAmB,CAAC,GAA4B,EAAE,YAAqB;IACpF,IAAI,CAAC;QACH,MAAM,gBAAgB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IAC5C,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,GAAG,IAAI,CAAC,CAAC;IACtE,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB;IAC7C,MAAM,OAAO,GAAG,MAAM,aAAa,EAA6B,CAAC;IACjE,MAAM,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAE1C,MAAM,WAAW,GAAG,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1F,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,QAAQ,GAA+B;YAC3C,UAAU,EAAE,MAAM;YAClB,YAAY,EAAE,yDAAyD;YACvE,aAAa,EAAE,+DAA+D;SAC/E,CAAC;QACF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACxD,OAAO;IACT,CAAC;IAED,MAAM,IAAI,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;IAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC;IAEhC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,cAAc,EAAE,EAAE,sBAAsB,EAAE,CAAC,CAAC,CAAC;IACjG,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,mBAAmB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAClE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC;IACnD,MAAM,OAAO,GAAa,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAEnE,MAAM,YAAY,GAChB,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC7B,CAAC,CAAC,OAAO,CAAC,GAAG;QACb,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC;YACpC,OAAO,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,KAAK,QAAQ;YAChD,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC;YAC5B,CAAC,CAAC,SAAS,CAAC;IAClB,MAAM,WAAW,GAAG,uBAAuB,CAAC,YAAY,CAAC,CAAC;IAC1D,MAAM,YAAY,GAAG,WAAW,CAAC;IACjC,MAAM,aAAa,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE1D,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC;QACvD,MAAM,YAAY,GAAG,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC5D,MAAM,mBAAmB,CACvB;YACE,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5B,IAAI,EAAE,oBAAoB;YAC1B,SAAS,EAAE,WAAW;YACtB,SAAS,EAAE,QAAQ;YACnB,UAAU,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;YACvC,IAAI;YACJ,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,sBAAsB;YACnC,IAAI;YACJ,UAAU,EAAE,OAAO;YACnB,cAAc,EAAE,KAAK;YACrB,OAAO;YACP,UAAU;SACX,EACD,YAAY,CACb,CAAC;QAEF,MAAM,YAAY,GAA+B,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC;QACzE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAE5D,MAAM,cAAc,CAAC;YACnB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5B,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,sBAAsB;YACnC,IAAI,EAAE,kBAAkB;YACxB,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YAC7B,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YACrB,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;YAC1D,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,sBAAsB;YAC5C,GAAG,EAAE,GAAG,WAAW,EAAE;YACrB,IAAI;YACJ,QAAQ,EAAE,OAAO;YACjB,UAAU;YACV,SAAS,EAAE,YAAY,EAAE;YACzB,IAAI,EAAE,KAAK;YACX,GAAG,CAAC,cAAc,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,IAAI,EAAE;gBACJ,IAAI,EAAE,oBAAoB;gBAC1B,cAAc,EAAE,KAAK;aACtB;SACF,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,IAAI,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACxC,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,IAAI,kBAAkB,GAAkB,IAAI,CAAC;IAC7C,IAAI,UAAU,KAAK,MAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/C,cAAc,GAAG,MAAM,yBAAyB,CAAC,IAAI,EAAE;YACrD,WAAW;YACX,IAAI,EAAE,KAAK;YACX,iBAAiB,EAAE,aAAa;SACjC,CAAC,CAAC;QACH,IAAI,cAAc;YAAE,UAAU,GAAG,OAAO,CAAC;IAC3C,CAAC;IAED,IAAI,cAAc,GAAoD,IAAI,CAAC;IAC3E,IAAI,UAAU,KAAK,MAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/C,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,OAAO,GAAG,MAAM,wBAAwB,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,CAAC,CAAC;QACtE,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,UAAU,GAAG,MAAM,qBAAqB,CAAC;gBAC7C,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC;gBACf,YAAY,EAAE,KAAK;gBACnB,WAAW;gBACX,UAAU,EAAE,GAAG,WAAW,IAAI,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACpF,OAAO,EAAE,UAAU,EAAE;gBACrB,cAAc;gBACd,OAAO;gBACP,QAAQ,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE;gBAC5C,MAAM,EAAE,CAAC;gBACT,iBAAiB,EAAE,aAAa;aACjC,CAAC,CAAC;YACH,IAAI,UAAU,CAAC,IAAI,KAAK,OAAO,IAAI,UAAU,CAAC,cAAc,EAAE,CAAC;gBAC7D,cAAc,GAAG,MAAM,yBAAyB,CAAC,IAAI,EAAE;oBACrD,WAAW;oBACX,IAAI,EAAE,KAAK;oBACX,iBAAiB,EAAE,aAAa;iBACjC,CAAC,CAAC;gBACH,IAAI,cAAc,EAAE,CAAC;oBACnB,UAAU,GAAG,OAAO,CAAC;gBACvB,CAAC;YACH,CAAC;YACD,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;gBAC1B,kBAAkB,GAAG,kCAAkC,CAAC;gBACxD,OAAO,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;gBACjD,cAAc,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;YAClF,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,OAAO,GAAG,MAAM,4BAA4B,CAAC;gBACjD,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC;gBACf,IAAI,EAAE,KAAK;gBACX,UAAU,EAAE,GAAG,WAAW,IAAI,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACpF,cAAc;gBACd,OAAO;gBACP,OAAO,EAAE,UAAU,EAAE;gBACrB,WAAW;gBACX,iBAAiB,EAAE,aAAa;aACjC,CAAC,CAAC;YACH,IAAI,OAAO,EAAE,CAAC;gBACZ,cAAc,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;YAClF,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC;IACvD,MAAM,YAAY,GAAG,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE5D,MAAM,YAAY,GAAG,mCAAmC,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;IAC7E,MAAM,YAAY,GAChB,UAAU,KAAK,MAAM;QACnB,CAAC,CAAC,sBAAsB,CAAC;YACrB,IAAI,EAAE,oBAAoB;YAC1B,IAAI;YACJ,IAAI;YACJ,OAAO;YACP,QAAQ,EAAE,WAAW;YACrB,cAAc;SACf,CAAC;QACJ,CAAC,CAAC,IAAI,CAAC;IAEX,MAAM,QAAQ,GACZ,UAAU,KAAK,OAAO;QACpB,CAAC,CAAC;YACE,UAAU;YACV,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACzD;QACH,CAAC,CAAC;YACE,UAAU;YACV,YAAY,EAAE,YAAa,CAAC,YAAY;YACxC,aAAa,EAAE,YAAa,CAAC,aAAa;SAC3C,CAAC;IAER,MAAM,mBAAmB,CACvB;QACE,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,IAAI,EAAE,oBAAoB;QAC1B,SAAS,EAAE,WAAW;QACtB,SAAS,EAAE,QAAQ;QACnB,UAAU,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;QACvC,IAAI;QACJ,cAAc;QACd,KAAK;QACL,IAAI;QACJ,UAAU;QACV,cAAc;QACd,iBAAiB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;QACrD,iBAAiB,EAAE,aAAa;QAChC,OAAO;QACP,oBAAoB,EAAE,kBAAkB;QACxC,UAAU;KACX,EACD,YAAY,CACb,CAAC;IAEF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAExD,MAAM,MAAM,GAAG,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IAC7D,MAAM,cAAc,CAAC;QACnB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,MAAM;QACN,IAAI,EAAE,kBAAkB;QACxB,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QAC7B,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QACrB,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC1D,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI;QAC1B,GAAG,EAAE,GAAG,WAAW,EAAE;QACrB,IAAI;QACJ,QAAQ,EAAE,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;QACpD,UAAU;QACV,SAAS,EAAE,YAAY,EAAE;QACzB,IAAI,EAAE,KAAK;QACX,GAAG,CAAC,cAAc,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,IAAI,EAAE;YACJ,IAAI,EAAE,oBAAoB;YAC1B,cAAc;YACd,mBAAmB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;YACvD,oBAAoB,EAAE,kBAAkB;SACzC;KACF,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oCAAoC,CAAC,GAAY;IAC/D,OAAO;QACL,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,yDAAyD;QACvE,aAAa,EAAE,0CAA0C,MAAM,CAAC,GAAG,CAAC,EAAE;KACvE,CAAC;AACJ,CAAC"}
+{"version":3,"file":"run-before-mcp.js","sourceRoot":"","sources":["../../src/hooks/run-before-mcp.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAa,MAAM,oBAAoB,CAAC;AAEvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EACL,mCAAmC,EACnC,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EACL,sBAAsB,EACtB,gBAAgB,EAEhB,kBAAkB,GACnB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,2BAA2B,EAAE,MAAM,wBAAwB,CAAC;AACrE,OAAO,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AAO/D,OAAO,EAAE,sBAAsB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAEhF,KAAK,UAAU,aAAa;IAC1B,OAAO,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC3C,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAClC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YAC3B,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,CAAC,CAAC,CAAC,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAU;IAClC,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,OAAO,CAAC;IACpC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB;IAC7C,MAAM,OAAO,GAAG,MAAM,aAAa,EAA6B,CAAC;IACjE,MAAM,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAE1C,MAAM,WAAW,GAAG,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1F,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,QAAQ,GAA+B;YAC3C,UAAU,EAAE,MAAM;YAClB,YAAY,EAAE,yDAAyD;YACvE,aAAa,EAAE,+DAA+D;SAC/E,CAAC;QACF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACxD,OAAO;IACT,CAAC;IAED,MAAM,IAAI,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;IAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC;IAEhC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,cAAc,EAAE,EAAE,sBAAsB,EAAE,CAAC,CAAC,CAAC;IACjG,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,mBAAmB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAClE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC;IACnD,MAAM,cAAc,GAAa,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAE1E,MAAM,WAAW,GAAG,uBAAuB,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;IACvE,MAAM,YAAY,GAAG,WAAW,CAAC;IACjC,MAAM,aAAa,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE1D,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,oBAAoB,CAAC;YACzB,OAAO;YACP,WAAW;YACX,QAAQ;YACR,IAAI;YACJ,IAAI;YACJ,OAAO,EAAE,cAAc;YACvB,cAAc;YACd,YAAY;YACZ,eAAe;SAChB,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,IAAI,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACxC,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,IAAI,cAAc,GAAoD,IAAI,CAAC;IAC3E,IAAI,kBAAkB,GAAkB,IAAI,CAAC;IAC7C,IAAI,OAAO,GAAG,cAAc,CAAC;IAE7B,IAAI,UAAU,KAAK,MAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/C,MAAM,MAAM,GAAG,MAAM,2BAA2B,CAAC;YAC/C,IAAI;YACJ,IAAI;YACJ,WAAW;YACX,aAAa;YACb,WAAW;YACX,gBAAgB,EAAE,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;YACtE,cAAc;YACd,cAAc;SACf,CAAC,CAAC;QACH,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;QAC/B,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QACvC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QACvC,kBAAkB,GAAG,MAAM,CAAC,kBAAkB,CAAC;QAC/C,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;IAC3B,CAAC;IAED,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC;IACvD,MAAM,YAAY,GAAG,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE5D,MAAM,YAAY,GAAG,mCAAmC,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;IAC7E,MAAM,YAAY,GAChB,UAAU,KAAK,MAAM;QACnB,CAAC,CAAC,sBAAsB,CAAC;YACrB,IAAI,EAAE,oBAAoB;YAC1B,IAAI;YACJ,IAAI;YACJ,OAAO;YACP,QAAQ,EAAE,WAAW;YACrB,cAAc;SACf,CAAC;QACJ,CAAC,CAAC,IAAI,CAAC;IAEX,MAAM,QAAQ,GACZ,UAAU,KAAK,OAAO;QACpB,CAAC,CAAC;YACE,UAAU;YACV,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACzD;QACH,CAAC,CAAC;YACE,UAAU;YACV,YAAY,EAAE,YAAa,CAAC,YAAY;YACxC,aAAa,EAAE,YAAa,CAAC,aAAa;SAC3C,CAAC;IAER,IAAI,CAAC;QACH,MAAM,gBAAgB,CACpB;YACE,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5B,IAAI,EAAE,oBAAoB;YAC1B,SAAS,EAAE,WAAW;YACtB,SAAS,EAAE,QAAQ;YACnB,UAAU,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;YACvC,IAAI;YACJ,cAAc;YACd,KAAK;YACL,IAAI;YACJ,UAAU;YACV,cAAc;YACd,iBAAiB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;YACrD,iBAAiB,EAAE,aAAa;YAChC,OAAO;YACP,oBAAoB,EAAE,kBAAkB;YACxC,UAAU;SACX,EACD,YAAY,CACb,CAAC;IACJ,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,GAAG,IAAI,CAAC,CAAC;IACtE,CAAC;IAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAExD,MAAM,MAAM,GAAG,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IAC7D,MAAM,cAAc,CAAC;QACnB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,MAAM;QACN,IAAI,EAAE,kBAAkB;QACxB,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QAC7B,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QACrB,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC1D,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI;QAC1B,GAAG,EAAE,GAAG,WAAW,EAAE;QACrB,IAAI;QACJ,QAAQ,EAAE,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;QACpD,UAAU;QACV,SAAS,EAAE,YAAY,EAAE;QACzB,IAAI,EAAE,KAAK;QACX,GAAG,CAAC,cAAc,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,IAAI,EAAE;YACJ,IAAI,EAAE,oBAAoB;YAC1B,cAAc;YACd,mBAAmB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;YACvD,oBAAoB,EAAE,kBAAkB;SACzC;KACF,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oCAAoC,CAAC,GAAY;IAC/D,OAAO;QACL,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,yDAAyD;QACvE,aAAa,EAAE,0CAA0C,MAAM,CAAC,GAAG,CAAC,EAAE;KACvE,CAAC;AACJ,CAAC"}

package/dist/hooks/run-before-shell.d.ts

@@ -1,13 +1,5 @@
-export type BeforeShellExecutionPayload = {
-    command: string;
-    cwd?: string;
-    sandbox?: boolean;
-};
-export type BeforeShellExecutionResponse = {
-    permission: "allow" | "deny" | "ask";
-    user_message?: string;
-    agent_message?: string;
-};
+import type { BeforeShellExecutionResponse } from "./before-shell-types.js";
+export type { BeforeShellExecutionPayload, BeforeShellExecutionResponse } from "./before-shell-types.js";
 /**
  * Cursor `beforeShellExecution` contract: read one JSON object from stdin, write one JSON object to stdout.
  */

package/dist/hooks/run-before-shell.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"run-before-shell.d.ts","sourceRoot":"","sources":["../../src/hooks/run-before-shell.ts"],"names":[],"mappings":"AAoBA,MAAM,MAAM,2BAA2B,GAAG;IACxC,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG;IACzC,UAAU,EAAE,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC;IACrC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AA+BF;;GAEG;AACH,wBAAsB,2BAA2B,IAAI,OAAO,CAAC,IAAI,CAAC,CAyMjE;AAED,wBAAgB,2BAA2B,CAAC,GAAG,EAAE,OAAO,GAAG,4BAA4B,CAMtF"}
+{"version":3,"file":"run-before-shell.d.ts","sourceRoot":"","sources":["../../src/hooks/run-before-shell.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAA+B,4BAA4B,EAAE,MAAM,yBAAyB,CAAC;AAEzG,YAAY,EAAE,2BAA2B,EAAE,4BAA4B,EAAE,MAAM,yBAAyB,CAAC;AAOzG;;GAEG;AACH,wBAAsB,2BAA2B,IAAI,OAAO,CAAC,IAAI,CAAC,CAsJjE;AAED,wBAAgB,2BAA2B,CAAC,GAAG,EAAE,OAAO,GAAG,4BAA4B,CAMtF"}

package/dist/hooks/run-before-shell.js

@@ -1,168 +1,87 @@
-import { classifyArgv, loadPoliciesV1, readPoliciesV1Revision } from "../policy/index.js";
-import { appendAuditJsonl } from "../audit/jsonl.js";
+import { loadPoliciesV1, readPoliciesV1Revision } from "../policy/index.js";
 import { getInstallId } from "../cli/install-id.js";
-import { DEFAULT_GOVERNED_SHELL_TOOLS } from "../shell/governed-tools.js";
-import { parseCommandToArgv } from "../shell/parse.js";
-import { stripTrailingBenignShellRedirectsForMetacharCheck } from "../shell/strip-trailing-benign-shell-redirs.js";
+import { analyzeShellCommand } from "../shell/analyze-command.js";
+import { commandMayContainGovernedTool } from "../shell/governed-tools.js";
 import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
-import { tryConsumeExecutionTicket } from "../bridge/execution-ticket.js";
-import { tryHookInlineApprovalRequest } from "../approval/hook-inline-approval.js";
-import { readPendingApprovalIndex } from "../bridge/pending-approval-index.js";
-import { argvSha256 } from "../approval/argv-fingerprint.js";
-import { resolveMutateApproval } from "../approval/mcp-flow.js";
-import { formatHookAllowViaCredentialMessage, formatHookDenyMessages, } from "./agent-message.js";
-import { randomUUID } from "node:crypto";
 import { sendGuardEvent } from "../telemetry/guard-events.js";
+import { resolveShellMutateHookPermission } from "./before-shell-mutate.js";
+import { readStdinJson, tryAppendAuditEvent } from "./before-shell-io.js";
+import { handleSkippedShellHook } from "./before-shell-skipped.js";
+import { formatHookAllowViaCredentialMessage, formatHookDenyMessages, } from "./agent-message.js";
 function tierToPermission(tier) {
     if (tier === "READ")
         return "allow";
     return "deny";
 }
-async function readStdinJson() {
-    return await new Promise((resolve, reject) => {
-        let data = "";
-        process.stdin.setEncoding("utf8");
-        process.stdin.on("data", (chunk) => (data += chunk));
-        process.stdin.on("end", () => {
-            try {
-                resolve(JSON.parse(data));
-            }
-            catch (e) {
-                reject(e);
-            }
-        });
-    });
-}
-async function tryAppendAuditEvent(evt, auditLogRoot) {
-    try {
-        await appendAuditJsonl(evt, auditLogRoot);
-    }
-    catch (e) {
-        const msg = e instanceof Error ? e.message : String(e);
-        process.stderr.write(`[auditor] audit log append failed: ${msg}\n`);
-    }
-}
 /**
  * Cursor `beforeShellExecution` contract: read one JSON object from stdin, write one JSON object to stdout.
  */
 export async function runBeforeShellHookFromStdin() {
     const payload = await readStdinJson();
     const decisionStarted = performance.now();
-    const argv = parseCommandToArgv(payload.command);
-    const commandForRawMeta = stripTrailingBenignShellRedirectsForMetacharCheck(payload.command);
-    const rawMetacharacters = /(;|&&|\|\||\||`|>|<|\$\()/.test(commandForRawMeta);
-    const tool = argv[0];
-    if (!tool || !DEFAULT_GOVERNED_SHELL_TOOLS.includes(tool)) {
-        const skipReason = !tool ? "no_command" : "ungoverned_shell_tool";
+    const command = payload.command;
+    if (!commandMayContainGovernedTool(command)) {
+        const skipReason = command.trim() ? "no_governed_invocation" : "no_command";
         const auditLogRoot = typeof payload.cwd === "string" && payload.cwd.trim() ? payload.cwd.trim() : undefined;
-        // Decision is known here; do not await policy meta read before NET decision latency.
-        const latency_ms = performance.now() - decisionStarted;
-        await tryAppendAuditEvent({
-            ts: new Date().toISOString(),
-            hook: "beforeShellExecution",
-            cwd: payload.cwd,
-            command: payload.command,
-            argv,
-            status: "skipped",
-            skipped: true,
-            skip_reason: skipReason,
-            tier: "READ",
-            permission: "allow",
-            ticketConsumed: false,
-            reasons: [`${skipReason}(policy_not_evaluated)`],
-            latency_ms,
-        }, auditLogRoot);
-        const response = { permission: "allow" };
-        process.stdout.write(JSON.stringify(response, null, 2));
         const policyRevision = await readPoliciesV1Revision();
-        await sendGuardEvent({
-            ts: new Date().toISOString(),
-            status: "skipped",
-            skipped: true,
-            skip_reason: skipReason,
-            tool: "auditor-hook",
-            command_path: argv[0] ?? null,
-            verb: argv[1] ?? null,
-            resource: argv.length > 2 ? argv.slice(2).join(" ") : null,
-            reason: skipReason,
-            cmd: payload.command,
-            tier: "READ",
-            decision: "allow",
-            latency_ms,
-            installId: getInstallId(),
-            kind: "shell",
-            ...(policyRevision !== null ? { policy_revision: policyRevision } : {}),
-            meta: {
-                hook: "beforeShellExecution",
-                ticketConsumed: false,
-            },
+        await handleSkippedShellHook({
+            payload,
+            skipReason,
+            policyRevision,
+            auditLogRoot: auditLogRoot ?? "",
+            decisionStarted,
         });
         return;
     }
     const [policy, policyRevision] = await Promise.all([loadPoliciesV1(), readPoliciesV1Revision()]);
-    const { classification, flags } = classifyArgv(policy, argv);
-    let tier = classification.tier;
+    const analysis = analyzeShellCommand(command, policy);
+    const storageRoot = resolveGuardStorageRoot(typeof payload.cwd === "string" ? payload.cwd : undefined);
+    if (analysis.skipped) {
+        await handleSkippedShellHook({
+            payload,
+            skipReason: "no_governed_invocation",
+            policyRevision,
+            auditLogRoot: storageRoot,
+            decisionStarted,
+            analysis,
+        });
+        return;
+    }
+    const argv = analysis.primary.canonical_argv;
+    const evaluation = analysis.primary.evaluation;
+    const tier = analysis.tier;
     const reasons = [];
-    if (!classification.matched)
+    if (!evaluation.classification.matched)
         reasons.push("unknown_command(default_deny)");
-    if (flags.metacharacters || rawMetacharacters)
+    if (evaluation.flags.metacharacters || analysis.raw_metacharacters)
         reasons.push("metacharacters");
-    if (flags.dangerous_flags)
+    if (evaluation.flags.dangerous_flags)
         reasons.push("dangerous_flags");
-    if ((flags.metacharacters || rawMetacharacters) && tier === "READ")
-        tier = "MUTATE";
-    if (flags.dangerous_flags)
-        tier = "DESTRUCTIVE";
-    const storageRoot = resolveGuardStorageRoot(typeof payload.cwd === "string" ? payload.cwd : undefined);
+    if (analysis.fail_closed)
+        reasons.push("unparseable(fail_closed)");
+    if (analysis.invocations.length > 1) {
+        reasons.push(`multiple_governed_invocations(${analysis.invocations.length})`);
+    }
     let permission = tierToPermission(tier);
     let ticketConsumed = false;
     let approvalFlowSignal = null;
-    if (permission === "deny" && tier === "MUTATE") {
-        ticketConsumed = await tryConsumeExecutionTicket(argv, { storageRoot, kind: "shell" });
-        if (ticketConsumed)
-            permission = "allow";
-    }
     let inlineApproval = null;
     if (permission === "deny" && tier === "MUTATE") {
-        const pending = await readPendingApprovalIndex(argvSha256(argv), { storageRoot });
-        if (pending) {
-            const autoRedeem = await resolveMutateApproval({
-                argv: [...argv],
-                proposalKind: "shell",
-                storageRoot,
-                rawDisplay: payload.command,
-                eventId: randomUUID(),
-                policyRevision,
-                reasons,
-                approval: { request_id: pending.request_id },
-                waitMs: 0,
-            });
-            if (autoRedeem.kind === "allow" && autoRedeem.ticketRecorded) {
-                ticketConsumed = await tryConsumeExecutionTicket(argv, { storageRoot, kind: "shell" });
-                if (ticketConsumed) {
-                    permission = "allow";
-                }
-            }
-            if (permission === "deny") {
-                approvalFlowSignal = "retry_without_guard_wait_resolve";
-                reasons.push("retry_without_guard_wait_resolve");
-                inlineApproval = { request_id: pending.request_id, open_url: pending.open_url };
-            }
-        }
-        else {
-            const created = await tryHookInlineApprovalRequest({
-                argv: [...argv],
-                kind: "shell",
-                rawDisplay: payload.command,
-                policyRevision,
-                reasons,
-                eventId: randomUUID(),
-                storageRoot,
-            });
-            if (created) {
-                inlineApproval = { request_id: created.request_id, open_url: created.open_url };
-            }
-        }
+        const mutate = await resolveShellMutateHookPermission({
+            tier,
+            argv,
+            analysis,
+            storageRoot,
+            rawDisplay: payload.command,
+            policyRevision,
+            initialReasons: reasons,
+        });
+        permission = mutate.permission;
+        ticketConsumed = mutate.ticketConsumed;
+        approvalFlowSignal = mutate.approvalFlowSignal;
+        inlineApproval = mutate.inlineApproval;
+        reasons.length = 0;
+        reasons.push(...mutate.reasons);
     }
     const allowMessage = formatHookAllowViaCredentialMessage({ ticketConsumed });
     const denyMessages = permission === "deny"
@@ -184,7 +103,6 @@ export async function runBeforeShellHookFromStdin() {
             user_message: denyMessages.user_message,
             agent_message: denyMessages.agent_message,
         };
-    const auditLogRoot = storageRoot;
     const latency_ms = performance.now() - decisionStarted;
     await tryAppendAuditEvent({
         ts: new Date().toISOString(),
@@ -192,8 +110,12 @@ export async function runBeforeShellHookFromStdin() {
         cwd: payload.cwd,
         command: payload.command,
         argv,
-        classification,
-        flags,
+        governed_argv: argv,
+        invocation_count: analysis.invocations.length,
+        segments: analysis.segments,
+        operators: analysis.operators,
+        classification: evaluation.classification,
+        flags: evaluation.flags,
         tier,
         permission,
         ticketConsumed,
@@ -201,10 +123,8 @@ export async function runBeforeShellHookFromStdin() {
         reasons,
         approval_flow_signal: approvalFlowSignal,
         latency_ms,
-    }, auditLogRoot);
-    // Write stdout immediately so Cursor gets the response without waiting for network.
+    }, storageRoot);
     process.stdout.write(JSON.stringify(response, null, 2));
-    // Upload event to backend (keep process alive until done).
     const status = permission === "allow" ? "passed" : "blocked";
     await sendGuardEvent({
         ts: new Date().toISOString(),
@@ -226,6 +146,7 @@ export async function runBeforeShellHookFromStdin() {
             ticketConsumed,
             approval_request_id: inlineApproval?.request_id ?? null,
             approval_flow_signal: approvalFlowSignal,
+            invocation_count: analysis.invocations.length,
         },
     });
 }