@windyroad/voice-tone 0.5.14-preview.762 → 0.6.0-preview.763

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/.claude-plugin/plugin.json +1 -1
  2. package/hooks/external-comms-gate.sh +8 -7
  3. package/package.json +1 -1
package/.claude-plugin/plugin.json CHANGED
@@ -123,5 +123,5 @@
123
123
  }
124
124
  },
125
125
  "name": "wr-voice-tone",
126
- "version": "0.5.14"
126
+ "version": "0.6.0"
127
127
  }
package/hooks/external-comms-gate.sh CHANGED
@@ -24,7 +24,7 @@
24
24
  # PreToolUse, nothing to read.)
25
25
  #
26
26
  # Gate behaviour:
27
- # 1. BYPASS_RISK_GATE=1 short-circuits the gate (consistent with git-push-gate.sh).
27
+ # 1. (removed P377/RFC-029) — BYPASS_RISK_GATE env override no longer exists; the gate is cleared only by delegating to the reviewer.
28
28
  # 2. POLICY_FILE absent → advisory-only mode (permits with systemMessage).
29
29
  # 3. Hybrid leak-pattern pre-filter (lib/leak-detect.sh) hard-fails on
30
30
  # credentials, prod-URL prefixes, business-context-paired financial figures,
@@ -97,10 +97,11 @@ EXTERNAL_COMMS_POLICY_FILE="${EXTERNAL_COMMS_POLICY_FILE:-RISK-POLICY.md}"
97
97
  EXTERNAL_COMMS_LEAK_PREFILTER="${EXTERNAL_COMMS_LEAK_PREFILTER:-yes}"
98
98
  EXTERNAL_COMMS_SKIP_SURFACES="${EXTERNAL_COMMS_SKIP_SURFACES:-}"
99
99
 
100
- # ---------- Bypass ----------
101
- if [ "${BYPASS_RISK_GATE:-0}" = "1" ]; then
102
- exit 0
103
- fi
100
+ # P377/RFC-029: the BYPASS_RISK_GATE=1 env override is REMOVED (never
101
+ # authorised). There is no env escape from the external-comms gate — clear it
102
+ # by delegating to the wr-risk-scorer:external-comms reviewer (the gate marks
103
+ # the draft reviewed on a PASS verdict). A genuine gate misfire is recovered
104
+ # per ADR-048 (documented recovery), not an env bypass.
104
105
 
105
106
  INPUT=$(cat)
106
107
 
@@ -316,7 +317,7 @@ fi
316
317
  # EXTERNAL_COMMS_LEAK_PREFILTER=yes (risk) or =no (voice-tone).
317
318
  if [ "$EXTERNAL_COMMS_LEAK_PREFILTER" = "yes" ]; then
318
319
  if ! leak_detect_scan "$DRAFT"; then
319
- REASON=$(printf 'BLOCKED (external-comms gate / %s evaluator): %s on %s. Remove the leak before retrying. Override only if intentional (pre-session env): BYPASS_RISK_GATE=1.' \
320
+ REASON=$(printf 'BLOCKED (external-comms gate / %s evaluator): %s on %s. Remove the leak before retrying. There is no env override (P377/RFC-029 BYPASS_RISK_GATE removed).' \
320
321
  "$EXTERNAL_COMMS_EVALUATOR_ID" "$LEAK_DETECT_REASON" "$SURFACE")
321
322
  deny_with_reason "$REASON"
322
323
  exit 0
@@ -386,7 +387,7 @@ fi
386
387
  # PostToolUse mark hook can derive the canonical marker key locally
387
388
  # (sha256(DRAFT + '\n' + SURFACE)). Single fire per gate cycle.
388
389
  VERDICT_PREFIX="${EXTERNAL_COMMS_VERDICT_PREFIX:-EXTERNAL_COMMS_${EXTERNAL_COMMS_EVALUATOR_ID^^}}"
389
- REASON=$(printf 'BLOCKED (external-comms gate / %s evaluator): %s draft has not been reviewed by %s. Delegate to %s (subagent_type: '"'"'%s'"'"') with a prompt that starts with the line `SURFACE: %s` and wraps the draft body verbatim inside `<draft>...</draft>` markers (for the changeset-author surface the body is the changeset summary WITHOUT the leading `---` frontmatter block — the gate strips frontmatter before hashing the marker key). The PostToolUse hook derives the marker key from that structure and marks the draft reviewed when the subagent emits %s_VERDICT: PASS — single fire suffices. Use %s for an interactive walkthrough. Override only when intentional (pre-session env): BYPASS_RISK_GATE=1.' \
390
+ REASON=$(printf 'BLOCKED (external-comms gate / %s evaluator): %s draft has not been reviewed by %s. Delegate to %s (subagent_type: '"'"'%s'"'"') with a prompt that starts with the line `SURFACE: %s` and wraps the draft body verbatim inside `<draft>...</draft>` markers (for the changeset-author surface the body is the changeset summary WITHOUT the leading `---` frontmatter block — the gate strips frontmatter before hashing the marker key). The PostToolUse hook derives the marker key from that structure and marks the draft reviewed when the subagent emits %s_VERDICT: PASS — single fire suffices. Use %s for an interactive walkthrough. There is no env override (P377/RFC-029 BYPASS_RISK_GATE removed).' \
390
391
  "$EXTERNAL_COMMS_EVALUATOR_ID" "$SURFACE" "$EXTERNAL_COMMS_SUBAGENT_TYPE" "$EXTERNAL_COMMS_SUBAGENT_TYPE" "$EXTERNAL_COMMS_SUBAGENT_TYPE" "$SURFACE" "$VERDICT_PREFIX" "$EXTERNAL_COMMS_ASSESS_SKILL")
391
392
  deny_with_reason "$REASON"
392
393
  exit 0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@windyroad/voice-tone",
3
- "version": "0.5.14-preview.762",
3
+ "version": "0.6.0-preview.763",
4
4
  "description": "Voice and tone enforcement for user-facing copy",
5
5
  "bin": {
6
6
  "windyroad-voice-tone": "./bin/install.mjs"