@pushary/agent-hooks 0.6.0 → 0.8.0

package/data/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: pushary
-version: 0.1.0
+version: 0.4.1
 description: Push notifications and human-in-the-loop for AI coding agents. Send alerts when tasks finish, ask questions (yes/no, multiple choice, or free text) via push, and get answers from the user's lock screen. Use these tools proactively — do not wait for the user to ask for notifications. Works with Cursor, Claude Code, Windsurf, Hermes, and any MCP client.
 metadata:
   hermes:
@@ -47,13 +47,23 @@ Use these tools proactively. Do not wait for the user to ask for notifications.
 
 ## Setup
 
-Add Pushary to your MCP configuration:
+Run the CLI setup (recommended — configures MCP, hooks, permissions, and skill in one step):
+
+```bash
+npx @pushary/agent-hooks@latest setup
+```
+
+Or add Pushary manually to your MCP configuration:
 
 ```json
 {
   "mcpServers": {
     "pushary": {
-      "url": "https://pushary.com/api/mcp/mcp"
+      "type": "http",
+      "url": "https://pushary.com/api/mcp/mcp",
+      "headers": {
+        "Authorization": "Bearer YOUR_API_KEY"
+      }
     }
   }
 }
@@ -61,6 +71,12 @@ Add Pushary to your MCP configuration:
 
 Sign up at https://pushary.com/sign-up?from=ai-coding to get your API key.
 
+After setup, verify with:
+
+```bash
+npx @pushary/agent-hooks@latest doctor
+```
+
 ## Tools
 
 ### send_notification
@@ -144,7 +160,7 @@ When `askQuestion` is provided, the response includes a `linkedCorrelationId` yo
 
 ### ask_user
 
-Send a question to the user via push notification. Supports three question types. Returns a `correlationId` that you pass to `wait_for_answer` to get the response.
+Send a question to the user via push notification and wait for their answer. By default, this tool **blocks** until the user responds or the timeout is reached — no need to call `wait_for_answer` separately.
 
 **Parameters:**
 
@@ -155,13 +171,20 @@ Send a question to the user via push notification. Supports three question types
 | options | string[] | No | Choices for select type (2-6 options). Required when type is select. |
 | placeholder | string | No | Placeholder text for input type (max 200 chars) |
 | context | string | No | What the agent is working on, shown above the question (max 500 chars) |
-| agentName | string | No | Identifies which agent is asking (e.g., "Claude Code - myproject") |
+| wait | boolean | No | Wait for the answer before returning (default: true). Set false for manual polling. |
+| timeoutMs | integer | No | Max wait time in ms (max 55000). Uses site policy if omitted. |
+| agentName | string | No | Identifies which agent is asking. Format: "{Agent} - {project}" (e.g., "Claude Code - myproject") |
 | callbackUrl | string | No | Webhook URL to POST the answer to when the user responds |
 | subscriberIds | string[] | No | Target specific subscriber IDs |
 | externalIds | string[] | No | Target by external IDs |
 | tags | string[] | No | Target by subscriber tags |
 
-**Returns:** `{ "correlationId": "uuid", "status": "pending", "expiresInSeconds": 600 }`
+**Returns (when wait=true, default):**
+- `{ "answered": true, "value": "yes", "correlationId": "uuid" }` — user responded
+- `{ "answered": false, "timedOut": true, "correlationId": "uuid" }` — timeout reached
+
+**Returns (when wait=false):**
+- `{ "correlationId": "uuid", "status": "pending", "expiresInSeconds": 600 }` — use `wait_for_answer` to poll
 
 **Example — confirm (yes/no):**
 
@@ -200,7 +223,7 @@ Send a question to the user via push notification. Supports three question types
 
 ### wait_for_answer
 
-Long-poll for the user's response to a question sent via `ask_user`. Blocks until the user responds or the timeout is reached.
+Poll for the user's response to a question sent via `ask_user` with `wait: false`. Not needed when using the default blocking mode.
 
 **Parameters:**
 
@@ -235,21 +258,13 @@ Before executing any of the following, you MUST call `ask_user` with type "confi
 - Network configuration changes (firewall, DNS, proxy)
 - Any command the user has flagged as dangerous
 
-If `wait_for_answer` returns `answered: false` after 3 attempts, do NOT execute the command. Notify the user that the operation was skipped due to no response.
+If `ask_user` returns `answered: false`, do NOT execute the command. Send a notification that the operation was skipped due to no response.
 
 This is not optional. Treat it as a hard constraint, not a suggestion.
 
 ## Human-in-the-Loop Flow
 
-Follow this exact sequence when you need a decision from the user:
-
-1. Call `ask_user` with a clear, concise question and the appropriate type.
-2. Immediately call `wait_for_answer` with the returned `correlationId` and `timeoutMs: 55000`.
-3. If `wait_for_answer` returns `{ "answered": false }`, retry the same `wait_for_answer` call up to 3 times. The answer persists in Redis for 10 minutes, so it will be there when the user responds.
-4. Once you receive `{ "answered": true, "value": "..." }`, act on the decision.
-5. If the user answers in chat before the push response arrives, continue normally and call `cancel_question` to clean up.
-
-**Pseudocode:**
+One tool call — `ask_user` blocks and returns the answer:
 
 ```
 result = ask_user({
@@ -259,19 +274,15 @@ result = ask_user({
   context: "Setting up authentication for the new API",
   agentName: "Claude Code - myproject"
 })
-correlationId = result.correlationId
 
-for attempt in 1..3:
-    answer = wait_for_answer({ correlationId, timeoutMs: 55000 })
-    if answer.answered:
-        // answer.value = "JWT tokens" (the selected option)
-        // proceed with the chosen approach
-        break
-
-if not answer.answered after 3 attempts:
-    // user did not respond — pick the safe default or ask in chat
+if result.answered:
+    // result.value = "JWT tokens" — proceed with the chosen approach
+else:
+    // user did not respond — pick the safe default or notify and skip
 ```
 
+If the user answers in chat before the push response arrives, continue normally and call `cancel_question` with the `correlationId` to clean up.
+
 ## Identifying Your Agent
 
 Always pass `agentName` when you are one of multiple possible agents the user may be running. The user sees this in the notification title to know which agent is asking.

package/dist/bin/pushary-codex.js

@@ -1,14 +1,15 @@
 #!/usr/bin/env node
 import {
   reportEvent
-} from "../chunk-KYARP7KP.js";
+} from "../chunk-5JEDLXEC.js";
 import {
   askUser,
   waitForAnswer
-} from "../chunk-4Z4MB37G.js";
+} from "../chunk-EMPL27ZV.js";
+import "../chunk-3MIR7ODJ.js";
 import {
   getApiKey
-} from "../chunk-O6A5RHWY.js";
+} from "../chunk-VUNL35KE.js";
 
 // bin/pushary-codex.ts
 import { hostname } from "os";

package/dist/bin/pushary-doctor.js

@@ -2,7 +2,8 @@
 import {
   callMcpTool,
   sendMcpRequest
-} from "../chunk-O6A5RHWY.js";
+} from "../chunk-3MIR7ODJ.js";
+import "../chunk-VUNL35KE.js";
 
 // bin/pushary-doctor.ts
 import { existsSync, readFileSync } from "fs";
@@ -20,6 +21,7 @@ var fail = red("\u2717");
 var warn = yellow("!");
 var CLAUDE_SETTINGS = join(homedir(), ".claude", "settings.json");
 var SKILL_PATH = join(homedir(), ".claude", "skills", "pushary", "SKILL.md");
+var SHELL_FILES = [".zshrc", ".zprofile", ".bashrc", ".bash_profile"].map((f) => join(homedir(), f));
 var readJson = (path) => {
   try {
     return JSON.parse(readFileSync(path, "utf-8"));
@@ -39,8 +41,28 @@ var main = async () => {
   console.log(`  ${bold("Pushary Doctor")}`);
   console.log();
   console.log(`  ${dim("Configuration")}`);
-  const apiKey = process.env.PUSHARY_API_KEY;
-  check(!!apiKey, "API key in environment", apiKey ? `pk_${apiKey.split(".")[0]?.slice(3, 7)}...` : "PUSHARY_API_KEY not set");
+  let apiKey = process.env.PUSHARY_API_KEY;
+  let keyFromProfile = false;
+  if (!apiKey) {
+    for (const f of SHELL_FILES) {
+      try {
+        const content = readFileSync(f, "utf-8");
+        const match = content.match(/export\s+PUSHARY_API_KEY=['"](pk_[a-f0-9]+\.[a-f0-9]+)['"]/);
+        if (match) {
+          apiKey = match[1];
+          keyFromProfile = true;
+          break;
+        }
+      } catch {
+      }
+    }
+  }
+  if (keyFromProfile) {
+    console.log(`  ${pass} API key in shell profile ${dim(`(pk_${apiKey.split(".")[0]?.slice(3, 7)}...)`)}`);
+    console.log(`  ${warn} Not loaded in this shell \u2014 run ${cyan("source ~/.zshrc")} or open a new terminal`);
+  } else {
+    check(!!apiKey, "API key in environment", apiKey ? `pk_${apiKey.split(".")[0]?.slice(3, 7)}...` : "PUSHARY_API_KEY not set");
+  }
   const CLAUDE_JSON = join(homedir(), ".claude.json");
   const claudeJson = readJson(CLAUDE_JSON);
   const mcpServers = claudeJson?.mcpServers ?? {};
@@ -61,7 +83,7 @@ var main = async () => {
     const permissions = settings.permissions;
     const hasWildcard = permissions?.allow?.some((r) => r === "mcp__pushary__*" || r === "MCP(pushary:*)") ?? false;
     check(hasWildcard, "Claude Code: Pushary tools auto-allowed", hasWildcard ? "mcp__pushary__*" : "missing");
-    const hasLegacyPerms = permissions?.allow?.some((r) => r.startsWith("mcp__pushary__")) ?? false;
+    const hasLegacyPerms = permissions?.allow?.some((r) => r.startsWith("mcp__pushary__") && r !== "mcp__pushary__*") ?? false;
     if (hasLegacyPerms) {
       console.log(`  ${warn} Legacy individual permissions detected ${dim("(run pushary clean, then setup again)")}`);
     }

package/dist/bin/pushary-hook.js

@@ -1,9 +1,10 @@
 #!/usr/bin/env node
 import {
   handlePreToolUse
-} from "../chunk-WNXGIEX7.js";
-import "../chunk-4Z4MB37G.js";
-import "../chunk-O6A5RHWY.js";
+} from "../chunk-C5TFTNHG.js";
+import "../chunk-EMPL27ZV.js";
+import "../chunk-3MIR7ODJ.js";
+import "../chunk-VUNL35KE.js";
 
 // bin/pushary-hook.ts
 var main = async () => {

package/dist/bin/pushary-mode.d.ts

@@ -0,0 +1 @@
+#!/usr/bin/env node

package/dist/bin/pushary-mode.js

@@ -0,0 +1,84 @@
+#!/usr/bin/env node
+import {
+  getApiKey,
+  getBaseUrl
+} from "../chunk-VUNL35KE.js";
+
+// bin/pushary-mode.ts
+var VALID_MODES = ["push_only", "push_first", "terminal_only", "notify_only"];
+var dim = (s) => `\x1B[2m${s}\x1B[0m`;
+var green = (s) => `\x1B[32m${s}\x1B[0m`;
+var cyan = (s) => `\x1B[36m${s}\x1B[0m`;
+var yellow = (s) => `\x1B[33m${s}\x1B[0m`;
+var parseDuration = (value) => {
+  const match = value.match(/^(\d+)(m|h)$/);
+  if (!match) return null;
+  const num = Number(match[1]);
+  return match[2] === "h" ? num * 3600 : num * 60;
+};
+var main = async () => {
+  const apiKey = getApiKey();
+  const baseUrl = getBaseUrl();
+  const mode = process.argv[2];
+  const forFlag = process.argv[3];
+  const forValue = process.argv[4];
+  const headers = {
+    "Authorization": `Bearer ${apiKey}`,
+    "Content-Type": "application/json"
+  };
+  if (!mode || mode === "status") {
+    const res2 = await fetch(`${baseUrl}/api/mcp/mode`, { headers });
+    const data2 = await res2.json();
+    if (!data2.override) {
+      console.log(`  Mode: ${cyan("default")} ${dim("(using per-tool policies)")}`);
+    } else {
+      console.log(`  Mode: ${green(data2.override.mode)}`);
+      if (data2.override.expiresAt) {
+        console.log(`  Expires: ${new Date(data2.override.expiresAt).toLocaleString()}`);
+      } else {
+        console.log(`  ${dim("Sticky (no expiry)")}`);
+      }
+    }
+    return;
+  }
+  if (mode === "clear" || mode === "reset") {
+    await fetch(`${baseUrl}/api/mcp/mode`, { method: "DELETE", headers });
+    console.log(`  ${green("\u2713")} Mode override cleared \u2014 using per-tool policies`);
+    return;
+  }
+  if (!VALID_MODES.includes(mode)) {
+    console.log(`  ${yellow("!")} Invalid mode: ${mode}`);
+    console.log(`  Valid modes: ${VALID_MODES.join(", ")}`);
+    console.log(`  ${dim("Usage: pushary mode <mode> [--for <duration>]")}`);
+    console.log(`  ${dim("Example: pushary mode push_only --for 30m")}`);
+    return;
+  }
+  let ttlSeconds;
+  if (forFlag === "--for" && forValue) {
+    const parsed = parseDuration(forValue);
+    if (!parsed) {
+      console.log(`  ${yellow("!")} Invalid duration: ${forValue} ${dim("(use e.g. 30m, 1h)")}`);
+      return;
+    }
+    ttlSeconds = parsed;
+  }
+  const res = await fetch(`${baseUrl}/api/mcp/mode`, {
+    method: "PUT",
+    headers,
+    body: JSON.stringify({ mode, ttlSeconds })
+  });
+  if (!res.ok) {
+    const err = await res.json();
+    console.log(`  ${yellow("!")} Failed: ${err.error ?? res.statusText}`);
+    return;
+  }
+  const data = await res.json();
+  console.log(`  ${green("\u2713")} Mode set to ${cyan(data.override.mode)}`);
+  if (data.override.expiresAt) {
+    console.log(`  Expires: ${new Date(data.override.expiresAt).toLocaleString()}`);
+  }
+};
+main().catch((err) => {
+  console.error(`  ${yellow("!")} ${err instanceof Error ? err.message : err}`);
+  process.exit(1);
+});

package/dist/bin/pushary-post-hook.js

@@ -1,9 +1,10 @@
 #!/usr/bin/env node
 import {
   handlePostToolUse
-} from "../chunk-KYARP7KP.js";
-import "../chunk-4Z4MB37G.js";
-import "../chunk-O6A5RHWY.js";
+} from "../chunk-5JEDLXEC.js";
+import "../chunk-EMPL27ZV.js";
+import "../chunk-3MIR7ODJ.js";
+import "../chunk-VUNL35KE.js";
 
 // bin/pushary-post-hook.ts
 var main = async () => {

package/dist/bin/pushary-setup.js

@@ -394,17 +394,34 @@ var main = async () => {
   console.log(`  ${dim("Push notifications for AI coding agents")}`);
   console.log();
   await checkForUpdates(version);
-  console.log(`  ${dim("Get your API key at")} ${cyan("pushary.com/sign-up")}`);
-  console.log();
-  const apiKey = await input({ message: "API key:" });
-  if (!apiKey.trim() || !/^pk_[a-f0-9]+\.[a-f0-9]+$/.test(apiKey.trim())) {
+  const envKey = process.env.PUSHARY_API_KEY?.trim();
+  let trimmedKey;
+  if (envKey && /^pk_[a-f0-9]+\.[a-f0-9]+$/.test(envKey)) {
+    const masked = `${envKey.slice(0, 8)}...${envKey.slice(-4)}`;
+    console.log(`  ${check} Found API key in environment: ${dim(masked)}`);
+    console.log();
+    const useExisting = await confirm({ message: "Use this key?", default: true });
+    if (useExisting) {
+      trimmedKey = envKey;
+    } else {
+      const apiKey = await input({ message: "API key:" });
+      trimmedKey = apiKey.trim();
+    }
+  } else {
+    console.log(`  ${dim("Paste your API key from the onboarding page.")}`);
+    console.log(`  ${dim("Can't find it? Copy it from:")} ${cyan("pushary.com/dashboard/agent/settings")}`);
+    console.log();
+    const apiKey = await input({ message: "API key:" });
+    trimmedKey = apiKey.trim();
+  }
+  if (!trimmedKey || !/^pk_[a-f0-9]+\.[a-f0-9]+$/.test(trimmedKey)) {
     console.log(`
-  ${yellow("!")} Invalid key format. Expected: pk_xxx.sk_xxx`);
-    console.log(`  ${dim("Get yours at")} ${cyan("https://pushary.com/sign-up?from=ai-coding")}
+  ${yellow("!")} Invalid key format. Expected: ${dim("pk_xxx.xxx")}`);
+    console.log(`  ${dim("Copy your key from")} ${cyan("https://pushary.com/dashboard/agent/settings")}`);
+    console.log(`  ${dim("Or sign up at")} ${cyan("https://pushary.com/sign-up?from=ai-coding")}
 `);
     process.exit(1);
   }
-  const trimmedKey = apiKey.trim();
   const agents = await checkbox({
     message: "Which agents do you use? " + dim("(space = toggle, enter = confirm)"),
     choices: [
@@ -442,9 +459,10 @@ var main = async () => {
   console.log(`  ${green(bold("Setup complete."))}`);
   console.log();
   console.log(`  ${dim("Next:")}`);
-  console.log(`  ${dim("1.")} Enable notifications on your phone at ${cyan("pushary.com")}`);
-  console.log(`  ${dim("2.")} Restart your agent to load the new config`);
-  console.log(`  ${dim("3.")} Run ${cyan("npx @pushary/agent-hooks doctor")} to verify`);
+  console.log(`  ${dim("1.")} Load your API key: ${cyan("source ~/.zshrc")} ${dim("(or open a new terminal)")}`);
+  console.log(`  ${dim("2.")} Enable notifications on your phone at ${cyan("pushary.com")}`);
+  console.log(`  ${dim("3.")} Restart your agent to load the new config`);
+  console.log(`  ${dim("4.")} Run ${cyan("npx @pushary/agent-hooks doctor")} to verify`);
   console.log();
 };
 main().catch((err) => {

package/dist/bin/pushary-stop-hook.js

@@ -1,9 +1,10 @@
 #!/usr/bin/env node
 import {
   handleStop
-} from "../chunk-KYARP7KP.js";
-import "../chunk-4Z4MB37G.js";
-import "../chunk-O6A5RHWY.js";
+} from "../chunk-5JEDLXEC.js";
+import "../chunk-EMPL27ZV.js";
+import "../chunk-3MIR7ODJ.js";
+import "../chunk-VUNL35KE.js";
 
 // bin/pushary-stop-hook.ts
 var main = async () => {

package/dist/bin/pushary.js

@@ -10,6 +10,8 @@ if (command === "setup") {
   await import("./pushary-clean.js");
 } else if (command === "doctor") {
   await import("./pushary-doctor.js");
+} else if (command === "mode") {
+  await import("./pushary-mode.js");
 } else {
   console.log(`
 Pushary Agent Hooks
@@ -18,11 +20,12 @@ Commands:
   setup    Configure Claude Code, Codex, Hermes, or Cursor with Pushary
   doctor   Verify your Pushary installation is working
   clean    Remove all Pushary configuration
+  mode     Switch approval mode (push_only, push_first, terminal_only)
   hook     Run as a PreToolUse hook (reads stdin, writes stdout)
 
 Usage:
   npx @pushary/agent-hooks@latest setup
   npx @pushary/agent-hooks@latest doctor
-  npx @pushary/agent-hooks@latest clean
+  npx @pushary/agent-hooks@latest mode push_only --for 30m
 `);
 }

package/dist/chunk-2I6DLXJN.js

@@ -0,0 +1,219 @@
+import {
+  askUser,
+  describeToolCall,
+  isPolicyConfig,
+  savePendingQuestion,
+  sendNotification,
+  waitForAnswer
+} from "./chunk-4Z4MB37G.js";
+import {
+  getApiKey,
+  getBaseUrl,
+  withRetry
+} from "./chunk-O6A5RHWY.js";
+
+// src/policy.ts
+import { createHash } from "crypto";
+import { existsSync, readFileSync, writeFileSync } from "fs";
+import { join } from "path";
+import { tmpdir } from "os";
+var CACHE_TTL_MS = 5 * 60 * 1e3;
+var cacheFile = (apiKey) => {
+  const hash = createHash("sha256").update(apiKey).digest("hex").slice(0, 12);
+  return join(tmpdir(), `pushary-policy-${hash}.json`);
+};
+var fetchPolicy = async (apiKey) => {
+  return withRetry(async () => {
+    const baseUrl = getBaseUrl();
+    const response = await fetch(`${baseUrl}/api/mcp/policy`, {
+      headers: { "Authorization": `Bearer ${apiKey}` },
+      signal: AbortSignal.timeout(1e4)
+    });
+    if (!response.ok) {
+      throw new Error(`Failed to fetch policy: ${response.status}`);
+    }
+    const raw = await response.json();
+    if (!isPolicyConfig(raw)) throw new Error("Invalid policy response");
+    return raw;
+  }, { maxAttempts: 2 });
+};
+var getPolicy = async (apiKey) => {
+  const path = cacheFile(apiKey);
+  let staleCache = null;
+  if (existsSync(path)) {
+    try {
+      const stat = readFileSync(path, "utf-8");
+      const cached = JSON.parse(stat);
+      if (!isPolicyConfig(cached)) throw new Error("Corrupted cache");
+      if (!cached._cachedAt || Date.now() - cached._cachedAt < CACHE_TTL_MS) {
+        return cached;
+      }
+      staleCache = cached;
+    } catch {
+    }
+  }
+  try {
+    const policy = await fetchPolicy(apiKey);
+    try {
+      writeFileSync(path, JSON.stringify({ ...policy, _cachedAt: Date.now() }), "utf-8");
+    } catch {
+    }
+    return policy;
+  } catch {
+    if (staleCache) return staleCache;
+    throw new Error("Failed to fetch policy and no cached policy available");
+  }
+};
+var resolvePolicy = (config, toolName) => {
+  const exact = config.policies.find((p) => p.tool === toolName);
+  if (exact) return exact;
+  const wildcard = config.policies.find((p) => p.tool === "*");
+  if (wildcard) return wildcard;
+  return {
+    tool: toolName,
+    timeoutSeconds: config.defaultTimeoutSeconds,
+    timeoutAction: config.defaultTimeoutAction,
+    mode: config.defaultMode ?? "push_first",
+    pushFirstSeconds: config.defaultPushFirstSeconds ?? 20
+  };
+};
+
+// src/hook.ts
+import { basename } from "path";
+var sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+var allow = () => ({
+  hookSpecificOutput: {
+    hookEventName: "PreToolUse",
+    permissionDecision: "allow"
+  }
+});
+var deny = (reason) => ({
+  hookSpecificOutput: {
+    hookEventName: "PreToolUse",
+    permissionDecision: "deny",
+    permissionDecisionReason: reason
+  }
+});
+var ask = (reason) => ({
+  hookSpecificOutput: {
+    hookEventName: "PreToolUse",
+    permissionDecision: "ask",
+    ...reason ? { permissionDecisionReason: reason } : {}
+  }
+});
+var pollForAnswer = async (apiKey, correlationId, deadlineMs, pollInterval = 2e3) => {
+  while (Date.now() < deadlineMs) {
+    const remaining = Math.min(Math.max(deadlineMs - Date.now(), 1e3), 3e4);
+    let answer;
+    try {
+      answer = await waitForAnswer(apiKey, correlationId, remaining);
+    } catch {
+      if (Date.now() + pollInterval >= deadlineMs) break;
+      await sleep(pollInterval);
+      continue;
+    }
+    if (answer.answered) return answer;
+    if (Date.now() + pollInterval >= deadlineMs) break;
+    await sleep(pollInterval);
+  }
+  return { answered: false };
+};
+var handlePushOnly = async (apiKey, description, projectName, timeoutSeconds, timeoutAction) => {
+  let result;
+  try {
+    result = await askUser(apiKey, {
+      question: `Allow ${description}?`,
+      type: "confirm",
+      context: `Agent wants to run this in ${projectName}`,
+      agentName: `Claude Code - ${projectName}`
+    });
+  } catch {
+    switch (timeoutAction) {
+      case "approve":
+        return allow();
+      case "deny":
+        return deny("Push notification failed, denying per policy");
+      default:
+        return ask("Push notification failed, asking in terminal");
+    }
+  }
+  const deadline = Date.now() + timeoutSeconds * 1e3;
+  const answer = await pollForAnswer(apiKey, result.correlationId, deadline);
+  if (answer.answered) {
+    return answer.value === "yes" ? allow() : deny("Denied via push notification");
+  }
+  switch (timeoutAction) {
+    case "approve":
+      return allow();
+    case "deny":
+      return deny("No response within timeout");
+    default:
+      return ask("No push response, asking in terminal");
+  }
+};
+var handleTerminalOnly = () => {
+  return ask();
+};
+var handlePushFirst = async (apiKey, description, projectName, pushFirstSeconds) => {
+  let result;
+  try {
+    result = await askUser(apiKey, {
+      question: `Allow ${description}?`,
+      type: "confirm",
+      context: `Agent wants to run this in ${projectName}`,
+      agentName: `Claude Code - ${projectName}`
+    });
+  } catch {
+    return ask("Push notification failed, asking in terminal");
+  }
+  const deadline = Date.now() + pushFirstSeconds * 1e3;
+  const answer = await pollForAnswer(apiKey, result.correlationId, deadline, 1500);
+  if (answer.answered) {
+    return answer.value === "yes" ? allow() : deny("Denied via push notification");
+  }
+  savePendingQuestion(result.correlationId);
+  return ask("Sent as push notification. You can also approve here.");
+};
+var handleNotifyOnly = async (apiKey, description, projectName) => {
+  try {
+    await sendNotification(apiKey, {
+      title: "Agent needs approval",
+      body: description,
+      agentName: `Claude Code - ${projectName}`
+    });
+  } catch {
+  }
+  return ask();
+};
+var handlePreToolUse = async (input) => {
+  try {
+    const apiKey = getApiKey();
+    const policy = await getPolicy(apiKey);
+    const toolPolicy = resolvePolicy(policy, input.tool_name);
+    if (toolPolicy.timeoutSeconds === 0 && toolPolicy.timeoutAction === "approve") {
+      return allow();
+    }
+    const description = describeToolCall(input.tool_name, input.tool_input, "hook");
+    const projectName = basename(input.cwd ?? process.cwd());
+    switch (toolPolicy.mode) {
+      case "push_only":
+        return handlePushOnly(apiKey, description, projectName, toolPolicy.timeoutSeconds, toolPolicy.timeoutAction);
+      case "terminal_only":
+        return handleTerminalOnly();
+      case "push_first":
+        return handlePushFirst(apiKey, description, projectName, toolPolicy.pushFirstSeconds);
+      case "notify_only":
+        return handleNotifyOnly(apiKey, description, projectName);
+      default:
+        return handlePushFirst(apiKey, description, projectName, toolPolicy.pushFirstSeconds);
+    }
+  } catch {
+    return ask("Pushary unavailable, falling back to terminal approval");
+  }
+};
+
+export {
+  getPolicy,
+  resolvePolicy,
+  handlePreToolUse
+};