@tekmidian/pai 0.3.2 → 0.5.0

package/src/hooks/ts/pre-tool-use/security-validator.ts

@@ -0,0 +1,258 @@
+#!/usr/bin/env node
+
+/**
+ * security-validator.ts - PreToolUse Security Validation Hook
+ *
+ * Fast pattern-based security validation for Bash commands.
+ * Blocks commands matching known attack patterns before execution.
+ *
+ * Design Principles:
+ * - Fast path: Most commands allowed with minimal processing
+ * - Pre-compiled regex patterns at module load
+ * - Only log/block on high-confidence attack detection
+ * - Fail open on errors (don't break legitimate work)
+ *
+ * CUSTOMIZATION REQUIRED:
+ * This template includes basic examples. Add your own security patterns
+ * based on your threat model and environment.
+ */
+
+import { appendFileSync, mkdirSync, existsSync } from 'fs';
+import { dirname } from 'path';
+
+// ============================================================================
+// ATTACK PATTERNS - CUSTOMIZE THESE FOR YOUR ENVIRONMENT
+// ============================================================================
+
+// Example: Reverse Shell Patterns (BLOCK - rarely legitimate)
+const REVERSE_SHELL_PATTERNS: RegExp[] = [
+  /\/dev\/(tcp|udp)\/[0-9]/,                    // Bash TCP/UDP device
+  /bash\s+-i\s+>&?\s*\/dev\//,                  // Interactive bash redirect
+  // Add your own reverse shell patterns here
+];
+
+// Example: Instruction Override (BLOCK - prompt injection)
+const INSTRUCTION_OVERRIDE_PATTERNS: RegExp[] = [
+  /ignore\s+(all\s+)?previous\s+instructions?/i,
+  /disregard\s+(all\s+)?(prior|previous)\s+(instructions?|rules?)/i,
+  // Add your own prompt injection patterns here
+];
+
+// Example: Catastrophic Deletion Patterns (BLOCK - filesystem destruction)
+const CATASTROPHIC_DELETION_PATTERNS: RegExp[] = [
+  // Trailing tilde bypass
+  /\s+~\/?(\s*$|\s+)/,                              // Space then ~/ at end
+  /\brm\s+(-[rfivd]+\s+)*\S+\s+~\/?/,               // rm something ~/
+
+  // Relative path recursive deletion
+  /\brm\s+(-[rfivd]+\s+)*\.\/\s*$/,                 // rm -rf ./
+  /\brm\s+(-[rfivd]+\s+)*\.\.\/\s*$/,               // rm -rf ../
+
+  // Add your own dangerous deletion patterns here
+];
+
+// Example: Dangerous File Operations (BLOCK - data destruction)
+const DANGEROUS_FILE_OPS_PATTERNS: RegExp[] = [
+  /\bchmod\s+(-R\s+)?0{3,}/,                        // chmod 000
+  // Add your own dangerous file operation patterns here
+];
+
+// OPTIONAL: Operations that require confirmation instead of blocking
+const DANGEROUS_GIT_PATTERNS: RegExp[] = [
+  /\bgit\s+push\s+.*(-f\b|--force)/i,               // git push --force
+  /\bgit\s+reset\s+--hard/i,                        // git reset --hard
+  // Add your own git safety patterns here
+];
+
+// Combined patterns for fast iteration
+const ALL_BLOCK_PATTERNS: { category: string; patterns: RegExp[] }[] = [
+  { category: 'reverse_shell', patterns: REVERSE_SHELL_PATTERNS },
+  { category: 'instruction_override', patterns: INSTRUCTION_OVERRIDE_PATTERNS },
+  { category: 'catastrophic_deletion', patterns: CATASTROPHIC_DELETION_PATTERNS },
+  { category: 'dangerous_file_ops', patterns: DANGEROUS_FILE_OPS_PATTERNS },
+];
+
+const CONFIRM_PATTERNS: { category: string; patterns: RegExp[] }[] = [
+  { category: 'dangerous_git', patterns: DANGEROUS_GIT_PATTERNS },
+];
+
+// ============================================================================
+// TYPES
+// ============================================================================
+
+interface HookInput {
+  session_id: string;
+  tool_name: string;
+  tool_input: Record<string, unknown> | string;
+}
+
+interface HookOutput {
+  permissionDecision: 'allow' | 'deny';
+  additionalContext?: string;
+  feedback?: string;
+}
+
+// ============================================================================
+// DETECTION LOGIC
+// ============================================================================
+
+interface DetectionResult {
+  blocked: boolean;
+  requiresConfirmation?: boolean;
+  category?: string;
+  pattern?: string;
+}
+
+function detectAttack(content: string): DetectionResult {
+  // First check for hard blocks
+  for (const { category, patterns } of ALL_BLOCK_PATTERNS) {
+    for (const pattern of patterns) {
+      if (pattern.test(content)) {
+        return { blocked: true, category, pattern: pattern.source };
+      }
+    }
+  }
+
+  // Then check for confirmation-required patterns
+  for (const { category, patterns } of CONFIRM_PATTERNS) {
+    for (const pattern of patterns) {
+      if (pattern.test(content)) {
+        return { blocked: false, requiresConfirmation: true, category, pattern: pattern.source };
+      }
+    }
+  }
+
+  return { blocked: false };
+}
+
+// ============================================================================
+// ASYNC LOGGING (fire-and-forget on block only)
+// ============================================================================
+
+function logSecurityEvent(event: Record<string, unknown>): void {
+  const logPath = `${process.env.PAI_DIR || '~/.claude'}/history/security/security-events.jsonl`;
+  const entry = JSON.stringify({ timestamp: new Date().toISOString(), ...event }) + '\n';
+
+  try {
+    const dir = dirname(logPath);
+    if (!existsSync(dir)) {
+      mkdirSync(dir, { recursive: true });
+    }
+    appendFileSync(logPath, entry);
+  } catch {
+    // Silently fail - logging should never break the hook
+  }
+}
+
+// ============================================================================
+// MAIN HOOK LOGIC
+// ============================================================================
+
+async function main(): Promise<void> {
+  let input: HookInput;
+
+  try {
+    // Read stdin
+    const chunks: Buffer[] = [];
+    const timeoutPromise = new Promise<Buffer[]>((_, reject) =>
+      setTimeout(() => reject(new Error('timeout')), 100)
+    );
+    const readPromise = (async () => {
+      for await (const chunk of process.stdin) {
+        chunks.push(chunk);
+      }
+      return chunks;
+    })();
+
+    let text = '';
+    try {
+      const result = await Promise.race([readPromise, timeoutPromise]);
+      text = Buffer.concat(result).toString('utf-8');
+    } catch {
+      console.log(JSON.stringify({ permissionDecision: 'allow' }));
+      return;
+    }
+
+    if (!text.trim()) {
+      console.log(JSON.stringify({ permissionDecision: 'allow' }));
+      return;
+    }
+
+    input = JSON.parse(text);
+  } catch {
+    // Parse error or timeout - fail open
+    console.log(JSON.stringify({ permissionDecision: 'allow' }));
+    return;
+  }
+
+  // Only validate Bash commands
+  if (input.tool_name !== 'Bash') {
+    console.log(JSON.stringify({ permissionDecision: 'allow' }));
+    return;
+  }
+
+  // Extract command string
+  const command = typeof input.tool_input === 'string'
+    ? input.tool_input
+    : (input.tool_input?.command as string) || '';
+
+  if (!command) {
+    console.log(JSON.stringify({ permissionDecision: 'allow' }));
+    return;
+  }
+
+  // Check all patterns
+  const result = detectAttack(command);
+
+  if (result.blocked) {
+    // Log and block
+    logSecurityEvent({
+      type: 'attack_blocked',
+      category: result.category,
+      pattern: result.pattern,
+      command: command.slice(0, 200), // Truncate for log
+      session_id: input.session_id,
+    });
+
+    const output: HookOutput = {
+      permissionDecision: 'deny',
+      additionalContext: `SECURITY: Blocked ${result.category} pattern`,
+      feedback: `This command matched a security pattern (${result.category}). If this is legitimate, please rephrase the command.`,
+    };
+
+    console.log(JSON.stringify(output));
+    process.exit(2); // Exit 2 = blocking error
+  }
+
+  if (result.requiresConfirmation) {
+    // Log warning and require confirmation
+    logSecurityEvent({
+      type: 'confirmation_required',
+      category: result.category,
+      pattern: result.pattern,
+      command: command.slice(0, 200),
+      session_id: input.session_id,
+    });
+
+    const output: HookOutput = {
+      permissionDecision: 'deny',
+      additionalContext: `DANGEROUS: ${result.category} operation requires confirmation`,
+      feedback: `This is a dangerous operation (${command.slice(0, 50)}...). This can cause data loss. If you're sure, explicitly confirm this command.`,
+    };
+
+    console.log(JSON.stringify(output));
+    process.exit(2); // Exit 2 = requires user confirmation
+  }
+
+  // Allow - no logging, immediate exit
+  console.log(JSON.stringify({ permissionDecision: 'allow' }));
+}
+
+// ============================================================================
+// RUN
+// ============================================================================
+
+main().catch(() => {
+  // On any error, fail open
+  console.log(JSON.stringify({ permissionDecision: 'allow' }));
+});

package/src/hooks/ts/session-end/capture-session-summary.ts

@@ -0,0 +1,185 @@
+#!/usr/bin/env node
+
+/**
+ * SessionEnd Hook - Captures session summary for UOCS
+ *
+ * Generates a session summary document when a Claude Code session ends,
+ * documenting what was accomplished during the session.
+ */
+
+import { writeFileSync, mkdirSync, existsSync, readFileSync, readdirSync } from 'fs';
+import { join } from 'path';
+import { PAI_DIR, HISTORY_DIR } from '../lib/pai-paths';
+
+interface SessionData {
+  conversation_id: string;
+  timestamp: string;
+  [key: string]: any;
+}
+
+async function main() {
+  try {
+    // Read input from stdin
+    const chunks: Buffer[] = [];
+    for await (const chunk of process.stdin) {
+      chunks.push(chunk);
+    }
+    const input = Buffer.concat(chunks).toString('utf-8');
+    if (!input || input.trim() === '') {
+      process.exit(0);
+    }
+
+    const data: SessionData = JSON.parse(input);
+
+    // Generate timestamp for filename
+    const now = new Date();
+    const timestamp = now.toISOString()
+      .replace(/:/g, '')
+      .replace(/\..+/, '')
+      .replace('T', '-'); // YYYY-MM-DD-HHMMSS
+
+    const yearMonth = timestamp.substring(0, 7); // YYYY-MM
+
+    // Try to extract session info from raw outputs
+    const sessionInfo = await analyzeSession(data.conversation_id, yearMonth);
+
+    // Generate filename
+    const filename = `${timestamp}_SESSION_${sessionInfo.focus}.md`;
+
+    // Ensure directory exists
+    const sessionDir = join(HISTORY_DIR, 'sessions', yearMonth);
+    if (!existsSync(sessionDir)) {
+      mkdirSync(sessionDir, { recursive: true });
+    }
+
+    // Generate session document
+    const sessionDoc = formatSessionDocument(timestamp, data, sessionInfo);
+
+    // Write session file
+    writeFileSync(join(sessionDir, filename), sessionDoc);
+
+    // Exit successfully
+    process.exit(0);
+  } catch (error) {
+    // Silent failure - don't disrupt workflow
+    console.error(`[UOCS] SessionEnd hook error: ${error}`);
+    process.exit(0);
+  }
+}
+
+async function analyzeSession(conversationId: string, yearMonth: string): Promise<any> {
+  // Try to read raw outputs for this session
+  const rawOutputsDir = join(HISTORY_DIR, 'raw-outputs', yearMonth);
+
+  let filesChanged: string[] = [];
+  let commandsExecuted: string[] = [];
+  let toolsUsed: Set<string> = new Set();
+
+  try {
+    if (existsSync(rawOutputsDir)) {
+      const files = readdirSync(rawOutputsDir).filter(f => f.endsWith('.jsonl'));
+
+      for (const file of files) {
+        const filePath = join(rawOutputsDir, file);
+        const content = readFileSync(filePath, 'utf-8');
+        const lines = content.split('\n').filter(l => l.trim());
+
+        for (const line of lines) {
+          try {
+            const entry = JSON.parse(line);
+            if (entry.session === conversationId) {
+              toolsUsed.add(entry.tool);
+
+              // Extract file changes
+              if (entry.tool === 'Edit' || entry.tool === 'Write') {
+                if (entry.input?.file_path) {
+                  filesChanged.push(entry.input.file_path);
+                }
+              }
+
+              // Extract bash commands
+              if (entry.tool === 'Bash' && entry.input?.command) {
+                commandsExecuted.push(entry.input.command);
+              }
+            }
+          } catch (e) {
+            // Skip invalid JSON lines
+          }
+        }
+      }
+    }
+  } catch (error) {
+    // Silent failure
+  }
+
+  return {
+    focus: 'general-work',
+    filesChanged: [...new Set(filesChanged)].slice(0, 10), // Unique, max 10
+    commandsExecuted: commandsExecuted.slice(0, 10), // Max 10
+    toolsUsed: Array.from(toolsUsed),
+    duration: 0 // Unknown
+  };
+}
+
+function formatSessionDocument(timestamp: string, data: SessionData, info: any): string {
+  const date = timestamp.substring(0, 10); // YYYY-MM-DD
+  const time = timestamp.substring(11).replace(/-/g, ':'); // HH:MM:SS
+  const da = process.env.DA || 'PAI';
+
+  return `---
+capture_type: SESSION
+timestamp: ${new Date().toISOString()}
+session_id: ${data.conversation_id}
+duration_minutes: ${info.duration}
+executor: ${da}
+---
+
+# Session: ${info.focus}
+
+**Date:** ${date}
+**Time:** ${time}
+**Session ID:** ${data.conversation_id}
+
+---
+
+## Session Overview
+
+**Focus:** General development work
+**Duration:** ${info.duration > 0 ? `${info.duration} minutes` : 'Unknown'}
+
+---
+
+## Tools Used
+
+${info.toolsUsed.length > 0 ? info.toolsUsed.map((t: string) => `- ${t}`).join('\n') : '- None recorded'}
+
+---
+
+## Files Modified
+
+${info.filesChanged.length > 0 ? info.filesChanged.map((f: string) => `- \`${f}\``).join('\n') : '- None recorded'}
+
+**Total Files Changed:** ${info.filesChanged.length}
+
+---
+
+## Commands Executed
+
+${info.commandsExecuted.length > 0 ? '```bash\n' + info.commandsExecuted.join('\n') + '\n```' : 'None recorded'}
+
+---
+
+## Notes
+
+This session summary was automatically generated by the UOCS SessionEnd hook.
+
+For detailed tool outputs, see: \`\${PAI_DIR}/History/raw-outputs/${timestamp.substring(0, 7)}/\`
+
+---
+
+**Session Outcome:** Completed
+**Generated:** ${new Date().toISOString()}
+`;
+}
+
+main();

package/src/hooks/ts/session-start/initialize-session.ts

@@ -0,0 +1,155 @@
+#!/usr/bin/env node
+
+/**
+ * initialize-session.ts
+ *
+ * Main session initialization hook that runs at the start of every Claude Code session.
+ *
+ * What it does:
+ * - Checks if this is a subagent session (skips for subagents)
+ * - Tests that stop-hook is properly configured
+ * - Sets initial terminal tab title
+ * - Sends ntfy.sh notification for global PAI system initialization
+ *
+ * Setup:
+ * 1. Set environment variables in settings.json:
+ *    - DA: Your AI's name (e.g., "Kai", "Nova", "Assistant")
+ *    - PAI_DIR: Path to your PAI directory (defaults to $HOME/.claude)
+ * 2. Ensure load-core-context.ts exists in hooks/session-start/ directory
+ * 3. Add all three SessionStart hooks to settings.json in this order:
+ *    initialize-session.ts, load-core-context.ts, load-project-context.ts
+ */
+
+import { existsSync, statSync, readFileSync, writeFileSync } from 'fs';
+import { join } from 'path';
+import { tmpdir } from 'os';
+import { PAI_DIR } from '../lib/pai-paths';
+import { sendNtfyNotification, isWhatsAppEnabled } from '../lib/project-utils';
+
+// Debounce duration in milliseconds (prevents duplicate SessionStart events)
+const DEBOUNCE_MS = 2000;
+const LOCKFILE = join(tmpdir(), 'pai-session-start.lock');
+
+/**
+ * Check if we're within the debounce window to prevent duplicate notifications
+ * from the IDE firing multiple SessionStart events
+ */
+function shouldDebounce(): boolean {
+  try {
+    if (existsSync(LOCKFILE)) {
+      const lockContent = readFileSync(LOCKFILE, 'utf-8');
+      const lockTime = parseInt(lockContent, 10);
+      const now = Date.now();
+
+      if (now - lockTime < DEBOUNCE_MS) {
+        // Within debounce window, skip this notification
+        return true;
+      }
+    }
+
+    // Update lockfile with current timestamp
+    writeFileSync(LOCKFILE, Date.now().toString());
+    return false;
+  } catch (error) {
+    // If any error, just proceed (don't break session start)
+    try {
+      writeFileSync(LOCKFILE, Date.now().toString());
+    } catch {}
+    return false;
+  }
+}
+
+async function testStopHook() {
+  const stopHookPath = join(PAI_DIR, 'hooks/stop-hook.ts');
+
+  console.error('\nTesting stop-hook configuration...');
+
+  // Check if stop-hook exists
+  if (!existsSync(stopHookPath)) {
+    console.error('Stop-hook NOT FOUND at:', stopHookPath);
+    return false;
+  }
+
+  // Check if stop-hook is executable
+  try {
+    const stats = statSync(stopHookPath);
+    const isExecutable = (stats.mode & 0o111) !== 0;
+
+    if (!isExecutable) {
+      console.error('Stop-hook exists but is NOT EXECUTABLE');
+      return false;
+    }
+
+    console.error('Stop-hook found and is executable');
+
+    // Set initial tab title (customize with your AI's name via DA env var)
+    const daName = process.env.DA || 'AI Assistant';
+    const tabTitle = `${daName} Ready`;
+
+    process.stderr.write(`\x1b]0;${tabTitle}\x07`);
+    process.stderr.write(`\x1b]2;${tabTitle}\x07`);
+    process.stderr.write(`\x1b]30;${tabTitle}\x07`);
+    console.error(`Set initial tab title: "${tabTitle}"`);
+
+    return true;
+  } catch (e) {
+    console.error('Error checking stop-hook:', e);
+    return false;
+  }
+}
+
+async function main() {
+  try {
+    // Check if this is a subagent session - if so, exit silently
+    const claudeProjectDir = process.env.CLAUDE_PROJECT_DIR || '';
+    const isSubagent = claudeProjectDir.includes('/.claude/agents/') ||
+                      process.env.CLAUDE_AGENT_TYPE !== undefined;
+
+    if (isSubagent) {
+      // This is a subagent session - exit silently without notification
+      console.error('Subagent session detected - skipping session initialization');
+      process.exit(0);
+    }
+
+    // Check debounce to prevent duplicate notifications
+    // (IDE extension can fire multiple SessionStart events)
+    if (shouldDebounce()) {
+      console.error('Debouncing duplicate SessionStart event');
+      process.exit(0);
+    }
+
+    // Check if WhatsApp (Whazaa) is configured as enabled MCP server
+    // Detection is config-based: reads enabledMcpjsonServers from settings.json
+    // No flag files — uses standard ~/.claude/settings.json
+    if (isWhatsAppEnabled()) {
+      console.error('WhatsApp (Whazaa) enabled in MCP config');
+      console.log(`<system-reminder>
+WHATSAPP MODE ACTIVE — Whazaa MCP server is enabled. See the Whazaa MCP server instructions for message routing rules ([Whazaa] / [Whazaa:voice] prefixes). ntfy.sh is automatically skipped.
+</system-reminder>`);
+    }
+
+    // Test stop-hook first (only for main sessions)
+    const stopHookOk = await testStopHook();
+
+    const daName = process.env.DA || 'AI Assistant';
+
+    if (!stopHookOk) {
+      console.error('\nSTOP-HOOK ISSUE DETECTED - Tab titles may not update automatically');
+    }
+
+    // Note: PAI core context loading is handled by load-core-context.ts hook
+    // which should run AFTER this hook in settings.json SessionStart hooks
+
+    // Send ntfy.sh notification (MANDATORY - never skip this)
+    // Note: load-project-context.ts also sends a project-specific notification
+    // This one is for the global PAI system initialization
+    await sendNtfyNotification(`${daName} ready`);
+
+    process.exit(0);
+  } catch (error) {
+    console.error('SessionStart hook error:', error);
+    process.exit(1);
+  }
+}
+
+main();

package/src/hooks/ts/session-start/load-core-context.ts

@@ -0,0 +1,104 @@
+#!/usr/bin/env node
+
+/**
+ * load-core-context.ts
+ *
+ * Automatically loads your CORE skill context at session start by reading and injecting
+ * the CORE SKILL.md file contents directly into Claude's context as a system-reminder.
+ *
+ * Purpose:
+ * - Read CORE SKILL.md file content
+ * - Output content as system-reminder for Claude to process
+ * - Ensure complete context (contacts, preferences, security, identity) available at session start
+ * - Bypass skill activation logic by directly injecting context
+ *
+ * Setup:
+ * 1. Customize your ${PAI_DIR}/skills/CORE/SKILL.md with your personal context
+ * 2. Add this hook to settings.json SessionStart hooks
+ * 3. Ensure PAI_DIR environment variable is set (defaults to $HOME/.claude)
+ *
+ * How it works:
+ * - Runs at the start of every Claude Code session
+ * - Skips execution for subagent sessions (they don't need CORE context)
+ * - Reads your CORE SKILL.md file
+ * - Injects content as <system-reminder> which Claude processes automatically
+ * - Gives your AI immediate access to your complete personal context
+ */
+
+import { readFileSync, existsSync } from 'fs';
+import { join } from 'path';
+import { PAI_DIR, SKILLS_DIR } from '../lib/pai-paths';
+
+async function main() {
+  try {
+    // Check if this is a subagent session - if so, exit silently
+    const claudeProjectDir = process.env.CLAUDE_PROJECT_DIR || '';
+    const isSubagent = claudeProjectDir.includes('/.claude/agents/') ||
+                      process.env.CLAUDE_AGENT_TYPE !== undefined;
+
+    if (isSubagent) {
+      // Subagent sessions don't need CORE context loading
+      console.error('Subagent session - skipping CORE context loading');
+      process.exit(0);
+    }
+
+    // Get CORE skill path using PAI paths library
+    const coreSkillPath = join(SKILLS_DIR, 'CORE/SKILL.md');
+
+    // Verify CORE skill file exists
+    if (!existsSync(coreSkillPath)) {
+      console.error(`CORE skill not found at: ${coreSkillPath}`);
+      console.error(`Ensure CORE/SKILL.md exists or check PAI_DIR environment variable`);
+      process.exit(1);
+    }
+
+    console.error('Reading CORE context from skill file...');
+
+    // Read the CORE SKILL.md file content
+    let coreContent = readFileSync(coreSkillPath, 'utf-8');
+
+    // Perform Dynamic Variable Substitution
+    // This allows SKILL.md to be generic while the session is personalized
+    const daName = process.env.DA || 'PAI';
+    const daColor = process.env.DA_COLOR || 'blue';
+    const engineerName = process.env.ENGINEER_NAME || '';
+
+    // Replace placeholders {{DA}}, {{DA_COLOR}}, {{ENGINEER_NAME}}
+    coreContent = coreContent
+      .replace(/\{\{DA\}\}/g, daName)
+      .replace(/\{\{DA_COLOR\}\}/g, daColor)
+      .replace(/\{\{ENGINEER_NAME\}\}/g, engineerName);
+
+    console.error(`Read ${coreContent.length} characters from CORE SKILL.md (Personalized for ${engineerName} & ${daName})`);
+
+    // Determine the local timezone dynamically
+    const localTimeZone = process.env.TIME_ZONE || Intl.DateTimeFormat().resolvedOptions().timeZone;
+
+    // Output the CORE content as a system-reminder
+    // This will be injected into Claude's context at session start
+    const message = `<system-reminder>
+PAI CORE CONTEXT (Auto-loaded at Session Start)
+
+CURRENT DATE/TIME: ${new Date().toLocaleString('en-US', { timeZone: localTimeZone, year: 'numeric', month: '2-digit', day: '2-digit', hour: '2-digit', minute: '2-digit', second: '2-digit', hour12: false, timeZoneName: 'short' })}
+
+The following context has been loaded from ${coreSkillPath}:
+
+---
+${coreContent}
+---
+
+This context is now active for this session. Follow all instructions, preferences, and guidelines contained above.
+</system-reminder>`;
+
+    // Write to stdout (will be captured by Claude Code)
+    console.log(message);
+
+    console.error('CORE context injected into session');
+    process.exit(0);
+  } catch (error) {
+    console.error('Error in load-core-context hook:', error);
+    process.exit(1);
+  }
+}
+
+main();