@trac3er/oh-my-god 2.0.0 → 2.0.2

package/hooks/post-write.py

@@ -0,0 +1,219 @@
+#!/usr/bin/env python3
+"""
+PostToolUse Hook (Write/Edit/MultiEdit): Auto-Format + Secret Scan (Enterprise)
+1. Auto-format written files if opted-in via .omg/state/quality-gate.json (non-blocking)
+2. Scan written content for hardcoded secrets (blocking: exit 2)
+"""
+import json, sys, os, re, subprocess
+import contextlib
+import importlib.util
+from datetime import datetime, timezone
+
+
+def _load_local_attr(module_name, filename, attr_name):
+    module_path = os.path.join(os.path.dirname(__file__), filename)
+    spec = importlib.util.spec_from_file_location(module_name, module_path)
+    if spec is None or spec.loader is None:
+        raise ImportError(f"Unable to load {filename}")
+    module = importlib.util.module_from_spec(spec)
+    spec.loader.exec_module(module)
+    return getattr(module, attr_name)
+
+
+_resolve_project_dir = _load_local_attr("omg_hooks_common", "_common.py", "_resolve_project_dir")
+resolve_state_file = _load_local_attr("omg_hooks_state_migration", "state_migration.py", "resolve_state_file")
+detect_high_entropy_strings = _load_local_attr("omg_hooks_post_write", "post_write.py", "detect_high_entropy_strings")
+
+try:
+    data = json.load(sys.stdin)
+except (json.JSONDecodeError, EOFError):
+    sys.exit(0)
+
+file_path = data.get("tool_input", {}).get("file_path", "")
+if not file_path:
+    sys.exit(0)
+
+# Resolve relative paths against project dir
+project_dir = _resolve_project_dir()
+if not os.path.isabs(file_path):
+    file_path = os.path.join(project_dir, file_path)
+
+if not os.path.exists(file_path):
+    sys.exit(0)
+
+ext = os.path.splitext(file_path)[1].lower()
+
+# ── 1. AUTO-FORMAT (opt-in via quality-gate.json, non-blocking) ──
+# §4.4: Auto-format only runs if the project has opted in via quality-gate.json.
+# This avoids unintended tool execution (supply-chain risk) on projects without
+# explicit formatter configuration.
+format_enabled = False
+qg_path = resolve_state_file(project_dir, "state/quality-gate.json", "quality-gate.json")
+with contextlib.suppress(Exception):  # intentional: cleanup — format stays disabled on config error
+    if os.path.exists(qg_path):
+        with open(qg_path, "r") as f:
+            qg = json.load(f)
+        # "format" key must exist and not be null/empty
+        if qg.get("format"):
+            format_enabled = True
+
+FORMAT_MAP = {
+    ".ts":  ["npx", "--no-install", "prettier", "--write"],
+    ".tsx": ["npx", "--no-install", "prettier", "--write"],
+    ".js":  ["npx", "--no-install", "prettier", "--write"],
+    ".jsx": ["npx", "--no-install", "prettier", "--write"],
+    ".css": ["npx", "--no-install", "prettier", "--write"],
+    ".json": ["npx", "--no-install", "prettier", "--write"],
+    ".py": ["ruff", "format"], ".go": ["gofmt", "-w"], ".rs": ["rustfmt"],
+}
+if format_enabled and ext in FORMAT_MAP:
+    fmt_cmd = FORMAT_MAP[ext]
+    # Validate formatter binary exists before running (supply-chain defense)
+    import shutil
+    if shutil.which(fmt_cmd[0]):
+        try:
+            subprocess.run(fmt_cmd + [file_path], capture_output=True, timeout=15, cwd=project_dir)
+        except (FileNotFoundError, subprocess.TimeoutExpired, OSError):
+            pass
+
+# ── 2. SECRET SCAN (blocking) ──
+# Skip binary files and very large files
+try:
+    file_size = os.path.getsize(file_path)
+    if file_size > 1_000_000:  # 1MB limit
+        sys.exit(0)
+    with open(file_path, "r", encoding="utf-8", errors="ignore") as f:
+        content = f.read()
+except Exception as e:
+    print(f"[OMG] post-write.py: {type(e).__name__}: {e}", file=sys.stderr)
+    sys.exit(0)
+
+# Skip known non-secret file types
+SKIP_EXTENSIONS = {".lock", ".sum", ".svg", ".png", ".jpg", ".gif", ".ico", ".woff", ".woff2", ".ttf"}
+if ext in SKIP_EXTENSIONS:
+    sys.exit(0)
+
+SECRET_PATTERNS = [
+    # AWS
+    (r"AKIA[0-9A-Z]{16}", "AWS Access Key ID"),
+    (r"(?:aws_secret_access_key|AWS_SECRET)\s*[:=]\s*['\"]?[A-Za-z0-9/+=]{40}['\"]?", "AWS Secret Key"),
+    # Private keys
+    (r"-----BEGIN (RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----", "Private Key"),
+    # Generic API keys/tokens (in assignment context)
+    (r"""(?:api[_-]?key|api[_-]?secret|auth[_-]?token|access[_-]?token|secret[_-]?key)\s*[:=]\s*['"][A-Za-z0-9+/=_\-.]{20,}['"]""", "Hardcoded API Key/Token"),
+    # GitHub
+    (r"gh[ps]_[A-Za-z0-9_]{36,}", "GitHub Token"),
+    (r"github_pat_[A-Za-z0-9_]{22,}", "GitHub Fine-grained PAT"),
+    # Slack
+    (r"xoxb-[0-9]{10,}-[A-Za-z0-9]{20,}", "Slack Bot Token"),
+    (r"xoxp-[0-9]{10,}-[0-9]{10,}-[A-Za-z0-9]{20,}", "Slack User Token"),
+    # Stripe
+    (r"sk_live_[A-Za-z0-9]{20,}", "Stripe Live Secret Key"),
+    (r"rk_live_[A-Za-z0-9]{20,}", "Stripe Restricted Key"),
+    (r"pk_live_[A-Za-z0-9]{20,}", "Stripe Live Publishable Key (should use env)"),
+    # Supabase / Firebase
+    (r"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\.[A-Za-z0-9_-]{20,}", "Supabase/Firebase Service Key"),
+    # Google
+    (r"AIza[A-Za-z0-9_-]{35}", "Google API Key"),
+    # Twilio
+    (r"SK[A-Za-z0-9]{32}", "Twilio API Key"),
+    # SendGrid
+    (r"SG\.[A-Za-z0-9_-]{22}\.[A-Za-z0-9_-]{43}", "SendGrid API Key"),
+    # Passwords in config
+    (r"""(?:password|passwd|pwd)\s*[:=]\s*['"][^'"]{8,}['"]""", "Hardcoded Password"),
+    # Generic secret in env-like format
+    (r"""(?:SECRET|TOKEN|PRIVATE_KEY|ENCRYPTION_KEY)\s*=\s*['"]?[A-Za-z0-9+/=_\-.]{16,}['"]?""", "Hardcoded Secret"),
+    # Database connection strings with credentials
+    (r"(?:postgres|mysql|mongodb|redis)://[^:]+:[^@]+@", "Database URL with credentials"),
+    # JWT tokens (3 base64 segments separated by dots)
+    (r"eyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}", "JWT Token"),
+    # Hardcoded URLs with credentials
+    (r"https?://[^:]+:[^@]+@", "URL with embedded credentials"),
+    # Webhook URLs (often secret)
+    (r"""(?:webhook[_-]?url|slack[_-]?webhook|discord[_-]?webhook)\s*[:=]\s*['"]https?://""", "Hardcoded Webhook URL"),
+]
+
+# URI / Security anti-patterns (WARNING, not blocking)
+SECURITY_WARNINGS = [
+    (r"cors\s*\(\s*\{[^}]*origin\s*:\s*['\"]?\*['\"]?", "CORS wildcard origin in code — use whitelist in production"),
+    (r"httpOnly\s*:\s*false", "Cookie httpOnly disabled — session cookies should be httpOnly"),
+    (r"secure\s*:\s*false", "Cookie secure flag disabled — use HTTPS in production"),
+    (r"eval\s*\(", "eval() usage — potential code injection risk"),
+    (r"innerHTML\s*=", "innerHTML assignment — potential XSS risk"),
+    (r"dangerouslySetInnerHTML", "dangerouslySetInnerHTML — verify input is sanitized"),
+]
+
+findings = []
+patterns_matched = []
+lowpath = file_path.lower()
+is_test_file = any(d in lowpath for d in ["/__tests__/", "/test/", "/tests/"])
+if not is_test_file:
+    basename = os.path.basename(file_path).lower()
+    is_test_file = any(p in basename for p in [".test.", ".spec."])
+
+for i, line in enumerate(content.split("\n"), 1):
+    stripped = line.strip()
+    # Skip lines that are entirely comments (bare "*" removed — too broad)
+    if stripped.startswith(("#", "//", "/*", "* ", "<!--", "%", ";")):
+        continue
+    if is_test_file:
+        continue
+    for pattern, label in SECRET_PATTERNS:
+        if re.search(pattern, line, re.IGNORECASE):
+            findings.append(f"  Line {i}: {label}")
+            if label not in patterns_matched:
+                patterns_matched.append(label)
+            break  # One finding per line is enough
+
+    entropy_matches = detect_high_entropy_strings(line)
+    if entropy_matches:
+        findings.append(f"  Line {i}: High-entropy potential secret")
+        if "High-entropy potential secret" not in patterns_matched:
+            patterns_matched.append("High-entropy potential secret")
+
+if findings:
+    try:
+        proj_dir = _resolve_project_dir()
+        state_dir = os.path.join(proj_dir, ".omg", "state")
+        os.makedirs(state_dir, exist_ok=True)
+        signal_path = os.path.join(state_dir, "secret-detected.json")
+        signal_payload = {
+            "timestamp": datetime.now(timezone.utc).isoformat(),
+            "file": file_path,
+            "patterns_matched": patterns_matched,
+            "action": "blocked",
+        }
+        with open(signal_path, "w", encoding="utf-8") as f:
+            json.dump(signal_payload, f)
+    except Exception as e:
+        print(f"[OMG] post-write.py: {type(e).__name__}: {e}", file=sys.stderr)
+    print(
+        f"⚠ SECRET DETECTED in {file_path}. Signal written to .omg/state/secret-detected.json",
+        file=sys.stderr,
+    )
+    msg = f"SECRET DETECTED in {file_path}:\n" + "\n".join(findings[:10])
+    if len(findings) > 10:
+        msg += f"\n  ... and {len(findings) - 10} more"
+    msg += "\n\nRemove hardcoded secrets. Use environment variables or a secret manager."
+    print(msg, file=sys.stderr)
+    # NOTE: exit(0), not exit(2). Non-zero exits crash sibling hooks
+    # ("Sibling tool call errored"). The warning in stderr is still visible.
+    sys.exit(0)
+
+# ── 3. SECURITY WARNING SCAN (non-blocking, advisory) ──
+sec_warnings = []
+for i, line in enumerate(content.split("\n"), 1):
+    stripped = line.strip()
+    if stripped.startswith(("#", "//", "/*", "*", "<!--")):
+        continue
+    for pattern, label in SECURITY_WARNINGS:
+        if re.search(pattern, line, re.IGNORECASE):
+            sec_warnings.append(f"  Line {i}: ⚠ {label}")
+            break
+
+if sec_warnings:
+    msg = f"SECURITY WARNINGS in {file_path}:\n" + "\n".join(sec_warnings[:5])
+    msg += "\n\nConsider running /OMG:security-review for a full audit."
+    print(msg, file=sys.stderr)
+
+sys.exit(0)

package/hooks/post_write.py

@@ -0,0 +1,46 @@
+from __future__ import annotations
+
+import math
+import re
+from collections import Counter
+from typing import cast
+
+_CANDIDATE_PATTERN = re.compile(r"[A-Za-z0-9+/=_\-.]{21,}")
+_UUID_PATTERN = re.compile(
+    r"^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$",
+    re.IGNORECASE,
+)
+_HEX_HASH_PATTERN = re.compile(r"^[0-9a-f]{32,64}$", re.IGNORECASE)
+
+
+def _shannon_entropy(value: str) -> float:
+    if not value:
+        return 0.0
+    counts = Counter(value)
+    length = len(value)
+    return -sum((count / length) * math.log2(count / length) for count in counts.values())
+
+
+def _is_allowlisted_candidate(candidate: str) -> bool:
+    lowered = candidate.lower()
+    if lowered.startswith("data:image/"):
+        return True
+    if _UUID_PATTERN.match(candidate):
+        return True
+    if _HEX_HASH_PATTERN.match(candidate):
+        return True
+    return False
+
+
+def detect_high_entropy_strings(text: str, entropy_threshold: float = 4.5, min_length: int = 21) -> list[str]:
+    findings: list[str] = []
+    seen: set[str] = set()
+    for candidate in cast(list[str], _CANDIDATE_PATTERN.findall(text)):
+        if candidate in seen:
+            continue
+        seen.add(candidate)
+        if len(candidate) < min_length or _is_allowlisted_candidate(candidate):
+            continue
+        if _shannon_entropy(candidate) > entropy_threshold:
+            findings.append(candidate)
+    return findings

package/hooks/pre-compact.py

@@ -0,0 +1,398 @@
+#!/usr/bin/env python3
+"""PreCompact Hook — OMG Standalone state preservation.
+
+1) Snapshot key files from .omg/state (fallback .omc via migration)
+2) Auto-generate handoff files in .omg/state
+3) JetBrains hybrid summarization (feature-flagged: CONTEXT_MANAGER)
+"""
+import json
+import importlib
+import math
+import os
+import re
+import shutil
+import subprocess
+import sys
+from datetime import datetime
+
+try:
+    from hooks.state_migration import resolve_state_file, resolve_state_dir
+    from hooks._common import _resolve_project_dir, get_feature_flag
+    from hooks._protected_context import collect_protected_context
+except ImportError:
+    _state_migration = importlib.import_module("state_migration")
+    _common = importlib.import_module("_common")
+    resolve_state_file = _state_migration.resolve_state_file
+    resolve_state_dir = _state_migration.resolve_state_dir
+    _resolve_project_dir = _common._resolve_project_dir
+    get_feature_flag = _common.get_feature_flag
+    try:
+        _protected_ctx = importlib.import_module("_protected_context")
+        collect_protected_context = _protected_ctx.collect_protected_context
+    except Exception:
+        collect_protected_context = None
+
+
+MAX_SNAPSHOT_BYTES = int(os.environ.get("OMG_PRECOMPACT_MAX_SNAPSHOT_BYTES", "262144"))
+GIT_DIFF_TIMEOUT_SEC = int(os.environ.get("OMG_PRECOMPACT_GIT_DIFF_TIMEOUT_SEC", "1"))
+
+
+# ---------------------------------------------------------------------------
+# Pure utility functions (importable for testing)
+# ---------------------------------------------------------------------------
+
+def read_file(path, max_lines=None):
+    try:
+        if not os.path.exists(path):
+            return None
+        with open(path, "r", encoding="utf-8", errors="ignore") as f:
+            content = f.read().strip()
+        if not content:
+            return None
+        if max_lines:
+            return "\n".join(content.split("\n")[:max_lines])
+        return content
+    except Exception:
+        return None
+
+
+def read_cache(paths):
+    cache = {}
+    for path in paths:
+        cache[path] = read_file(path)
+    return cache
+
+
+def first_lines(text, max_lines):
+    if not text:
+        return None
+    if not max_lines:
+        return text
+    return "\n".join(text.splitlines()[:max_lines])
+
+
+def snapshot_file(src_path, dst_path, max_bytes):
+    os.makedirs(os.path.dirname(dst_path), exist_ok=True)
+    try:
+        size = os.path.getsize(src_path)
+    except OSError:
+        return False
+
+    if max_bytes <= 0 or size <= max_bytes:
+        shutil.copy2(src_path, dst_path)
+        return True
+
+    with open(src_path, "rb") as src_f:
+        raw = src_f.read(max_bytes)
+    note = (
+        f"\n\n[TRUNCATED by pre-compact: original_bytes={size}, kept_bytes={len(raw)}]"
+    ).encode("utf-8")
+    with open(dst_path, "wb") as dst_f:
+        dst_f.write(raw)
+        dst_f.write(note)
+    return True
+
+
+# ---------------------------------------------------------------------------
+# JetBrains hybrid summarization (Dec 2025 empirical strategy)
+# ---------------------------------------------------------------------------
+
+# Regex for common source file extensions
+_FILE_PATH_RE = re.compile(
+    r"(?:[\w./-]+/)?[\w.-]+\."
+    r"(?:py|ts|js|tsx|jsx|json|yaml|yml|md|txt|sh|toml|cfg|ini|sql|html|css|go|rs|java|rb|c|h|cpp)"
+)
+
+# Keywords indicating causal relationships / decisions
+_CAUSAL_RE = re.compile(
+    r"\b(?:decided|chose|because|therefore|fixed|resolved|implemented|"
+    r"created|added|removed|deleted|changed|updated|refactored)\b",
+    re.IGNORECASE,
+)
+
+
+def _extract_entities(text):
+    """Extract file paths and causal decision sentences from text.
+
+    Returns (file_paths: list[str], decisions: list[str]).
+    """
+    files = list(dict.fromkeys(_FILE_PATH_RE.findall(text)))  # dedupe, preserve order
+    sentences = re.split(r"[.!?\n]", text)
+    decisions = [
+        s.strip()
+        for s in sentences
+        if _CAUSAL_RE.search(s) and len(s.strip()) > 5
+    ]
+    return files, decisions
+
+
+def _summarize_batch(batch, batch_num, start_idx, end_idx):
+    """Summarize a batch of turns into a single string.
+
+    Format: "Batch N (turns X-Y): [files] [decisions]"
+    """
+    combined_text = " ".join(t.get("content", "") for t in batch)
+    files, decisions = _extract_entities(combined_text)
+
+    parts = [f"Batch {batch_num} (turns {start_idx}-{end_idx}):"]
+    if files:
+        parts.append(f"[files: {', '.join(files[:10])}]")
+    if decisions:
+        # Keep at most 3 decision excerpts, truncated
+        excerpts = [d[:80] for d in decisions[:3]]
+        parts.append(f"[decisions: {'; '.join(excerpts)}]")
+    if not files and not decisions:
+        parts.append("[no notable entities]")
+
+    return " ".join(parts)
+
+
+def _apply_hybrid_summarization(turns, config):
+    """Apply JetBrains hybrid summarization strategy.
+
+    Args:
+        turns: List of turn dicts (index 0 = newest), each with 'role' and 'content'.
+        config: Dict with keys:
+            - full_turns: Number of most-recent turns to keep verbatim (default 10)
+            - summarize_turns: Max turn index for summarization window (default 50)
+            - batch_size: Number of turns per summary batch (default 21)
+
+    Returns:
+        Dict with:
+            - full_turns: List of turn dicts kept verbatim
+            - summaries: List of batch summary strings
+            - discarded_count: Number of turns beyond the summarization window
+    """
+    full_n = config.get("full_turns", 10)
+    summarize_n = config.get("summarize_turns", 50)
+    batch_size = config.get("batch_size", 21)
+
+    total = len(turns)
+
+    if total == 0:
+        return {"full_turns": [], "summaries": [], "discarded_count": 0}
+
+    # Latest turns kept verbatim
+    full_end = min(full_n, total)
+    full_turns = turns[:full_end]
+
+    # Middle range to summarize: turns[full_end:summarize_n]
+    summarize_end = min(summarize_n, total)
+    middle_turns = turns[full_end:summarize_end]
+
+    # Discarded: turns[summarize_n:]
+    discarded_count = max(0, total - summarize_n)
+
+    # Batch the middle turns
+    summaries = []
+    if middle_turns and batch_size > 0:
+        num_batches = math.ceil(len(middle_turns) / batch_size)
+        for b in range(num_batches):
+            batch_start = b * batch_size
+            batch_end = min((b + 1) * batch_size, len(middle_turns))
+            batch = middle_turns[batch_start:batch_end]
+
+            # Absolute indices (relative to original turns list)
+            abs_start = full_end + batch_start
+            abs_end = full_end + batch_end - 1
+
+            summary = _summarize_batch(batch, b + 1, abs_start, abs_end)
+            summaries.append(summary)
+
+    return {
+        "full_turns": full_turns,
+        "summaries": summaries,
+        "discarded_count": discarded_count,
+    }
+
+
+def _load_context_budget_config(project_dir):
+    """Load context_budget config from settings.json, with defaults."""
+    defaults = {"full_turns": 10, "summarize_turns": 50, "batch_size": 21}
+    try:
+        settings_path = os.path.join(project_dir, "settings.json")
+        if os.path.exists(settings_path):
+            with open(settings_path, "r", encoding="utf-8") as f:
+                settings = json.load(f)
+            budget = settings.get("_omg", {}).get("context_budget", {})
+            return {
+                "full_turns": budget.get("full_turns", defaults["full_turns"]),
+                "summarize_turns": budget.get("summarize_turns", defaults["summarize_turns"]),
+                "batch_size": budget.get("batch_size", defaults["batch_size"]),
+            }
+    except Exception:
+        pass
+    return defaults
+
+
+# ---------------------------------------------------------------------------
+# Main hook execution (side-effects — only runs when invoked as script)
+# ---------------------------------------------------------------------------
+
+def main():
+    try:
+        data = json.load(sys.stdin)
+    except (json.JSONDecodeError, EOFError):
+        sys.exit(0)
+
+    project_dir = _resolve_project_dir()
+    ts = datetime.now().strftime("%Y%m%d_%H%M%S")
+    state_dir = resolve_state_dir(project_dir, "state", "")
+    snapshot_dir = os.path.join(state_dir, "snapshots", ts)
+
+    snapshot_files = [
+        resolve_state_file(project_dir, "state/profile.yaml", "profile.yaml"),
+        resolve_state_file(project_dir, "state/working-memory.md", "working-memory.md"),
+        resolve_state_file(project_dir, "state/_plan.md", "_plan.md"),
+        resolve_state_file(project_dir, "state/_checklist.md", "_checklist.md"),
+        resolve_state_file(project_dir, "state/quality-gate.json", "quality-gate.json"),
+        resolve_state_file(project_dir, "state/ledger/tool-ledger.jsonl", "ledger/tool-ledger.jsonl"),
+        resolve_state_file(project_dir, "state/ledger/failure-tracker.json", "ledger/failure-tracker.json"),
+        resolve_state_file(project_dir, "state/ralph-loop.json", "ralph-loop.json"),
+    ]
+    cached = read_cache(snapshot_files)
+    saved = []
+    for src in snapshot_files:
+        if cached.get(src) is not None:
+            dst = os.path.join(snapshot_dir, os.path.basename(src))
+            if snapshot_file(src, dst, MAX_SNAPSHOT_BYTES):
+                saved.append(os.path.basename(src))
+
+    profile = first_lines(cached.get(resolve_state_file(project_dir, "state/profile.yaml", "profile.yaml")), 20)
+    wm = first_lines(cached.get(resolve_state_file(project_dir, "state/working-memory.md", "working-memory.md")), 15)
+    plan = first_lines(cached.get(resolve_state_file(project_dir, "state/_plan.md", "_plan.md")), 10)
+    checklist = first_lines(cached.get(resolve_state_file(project_dir, "state/_checklist.md", "_checklist.md")), 50)
+    tracker = cached.get(resolve_state_file(project_dir, "state/ledger/failure-tracker.json", "ledger/failure-tracker.json"))
+    ralph_loop = cached.get(resolve_state_file(project_dir, "state/ralph-loop.json", "ralph-loop.json"))
+
+    parts = [
+        f"# Handoff -- {datetime.now().strftime('%Y-%m-%d %H:%M')}",
+        "Auto-generated before context compaction.",
+    ]
+    if profile:
+        parts.append("<!-- section: working-state -->")
+        parts.append("## Project\n" + profile)
+    if wm:
+        parts.append("## Working State\n" + wm)
+    if plan:
+        parts.append("## Plan\n" + plan)
+    if checklist:
+        lines = checklist.split("\n")
+        done = sum(1 for l in lines if "[x]" in l.lower())
+        total = sum(1 for l in lines if l.strip().startswith(("[", "- [")))
+        pending = [l.strip() for l in lines if "[ ]" in l][:3]
+        parts.append("<!-- section: progress -->")
+        parts.append(f"## Progress: {done}/{total}")
+        if pending:
+            parts.append("Next:\n" + "\n".join(pending))
+    if tracker:
+        try:
+            t = json.loads(tracker)
+            active = {k: v for k, v in t.items() if isinstance(v, dict) and v.get("count", 0) >= 2}
+            if active:
+                warns = [f"- {k}: {v['count']}x" for k, v in list(active.items())[:5]]
+                parts.append("## Failed Approaches\n" + "\n".join(warns))
+        except Exception:
+            pass
+    if ralph_loop:
+        try:
+            rl = json.loads(ralph_loop)
+            if rl.get("active"):
+                rl_iter = rl.get("iteration", 0)
+                rl_max = rl.get("max_iterations", 50)
+                rl_goal = rl.get("original_prompt", "")[:80]
+                parts.append(f"## Ralph Loop\nIteration: {rl_iter}/{rl_max} | Goal: {rl_goal}")
+        except Exception:
+            pass
+
+    try:
+        diff_names = subprocess.run(
+            ["git", "diff", "--name-only"],
+            capture_output=True,
+            text=True,
+            timeout=GIT_DIFF_TIMEOUT_SEC,
+            cwd=project_dir,
+        )
+        changed = [l for l in diff_names.stdout.strip().split("\n") if l]
+        if changed:
+            parts.append("## Uncommitted\n" + "\n".join(f"- {x}" for x in changed[:5]))
+    except Exception:
+        pass
+
+    parts.append("## Resume Instructions")
+    parts.append("Read .omg/state/profile.yaml + this file.")
+    parts.append("\n---\n*Auto-generated before context compaction.*")
+    handoff = "\n\n".join(parts)
+    handoff_lines = handoff.split("\n")
+    if len(handoff_lines) > 120:
+        handoff = "\n".join(handoff_lines[:120]) + "\n\n(truncated)"
+
+    os.makedirs(state_dir, exist_ok=True)
+    with open(os.path.join(state_dir, "handoff.md"), "w", encoding="utf-8") as f:
+        f.write(handoff)
+
+    portable = handoff + "\n\nSelf-contained handoff for other platforms."
+    portable_lines = portable.split("\n")
+    if len(portable_lines) > 150:
+        portable = "\n".join(portable_lines[:150]) + "\n\n(truncated)"
+    with open(os.path.join(state_dir, "handoff-portable.md"), "w", encoding="utf-8") as f:
+        f.write(portable)
+
+    # Keep latest 5 snapshots
+    snapshots_parent = os.path.join(state_dir, "snapshots")
+    try:
+        if os.path.isdir(snapshots_parent):
+            entries = sorted(
+                [d for d in os.listdir(snapshots_parent) if os.path.isdir(os.path.join(snapshots_parent, d))]
+            )
+            for old in entries[:-5]:
+                shutil.rmtree(os.path.join(snapshots_parent, old), ignore_errors=True)
+    except Exception:
+        pass
+
+    print(f"[OMG pre-compact] Snapshotted {len(saved)} files -> {snapshot_dir}", file=sys.stderr)
+
+    # --- Protected context registry (feature-flagged under CONTEXT_MANAGER) ---
+    try:
+        if collect_protected_context is not None and get_feature_flag("CONTEXT_MANAGER", default=False):
+            protected = collect_protected_context(project_dir, context_text=handoff)
+            if protected:
+                json.dump({"additionalContext": protected}, sys.stdout)
+                print(f"[OMG pre-compact] Protected context injected ({len(protected)} chars)", file=sys.stderr)
+    except Exception:
+        pass  # crash isolation: never fail on protected context
+
+    # --- Hybrid summarization (feature-flagged under CONTEXT_MANAGER) ---
+    try:
+        if get_feature_flag("CONTEXT_MANAGER", default=False):
+            turns = data.get("conversation", [])
+            if turns:
+                config = _load_context_budget_config(project_dir)
+                result = _apply_hybrid_summarization(turns, config)
+                # Format as additionalContext supplement
+                summary_parts = []
+                if result["summaries"]:
+                    summary_parts.append("## Conversation Context (Hybrid Summary)")
+                    for s in result["summaries"]:
+                        summary_parts.append(s)
+                    if result["discarded_count"] > 0:
+                        summary_parts.append(
+                            f"({result['discarded_count']} oldest turns discarded — see memory/handoff)"
+                        )
+                    summary_text = "\n".join(summary_parts)
+                    # Output as JSON if no protected context was already output
+                    print(
+                        f"[OMG pre-compact] Hybrid summarization: "
+                        f"{len(result['full_turns'])} full, "
+                        f"{len(result['summaries'])} batches, "
+                        f"{result['discarded_count']} discarded",
+                        file=sys.stderr,
+                    )
+    except Exception:
+        pass  # crash isolation: never fail on hybrid summarization
+
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()