@wooojin/forgen 0.1.1 → 0.2.1

package/dist/hooks/post-tool-use.js

@@ -16,8 +16,29 @@ import { saveCheckpoint } from './session-recovery.js';
 // v1: recordWriteContent (regex 선호 감지) 제거
 import { incrementFailureCounter, checkCompoundNegative, getCompoundSuccessHint } from './post-tool-handlers.js';
 import { isHookEnabled } from './hook-config.js';
-import { approve, approveWithWarning, failOpen } from './shared/hook-response.js';
+import { approve, approveWithWarning, failOpenWithTracking } from './shared/hook-response.js';
 import { STATE_DIR } from '../core/paths.js';
+import { recordHookTiming } from './shared/hook-timing.js';
+import { createDriftState, evaluateDrift } from '../core/drift-score.js';
+/** Lightweight hash for content comparison (not cryptographic) */
+function simpleHash(content) {
+    let hash = 0;
+    for (let i = 0; i < content.length; i++) {
+        const char = content.charCodeAt(i);
+        hash = ((hash << 5) - hash) + char;
+        hash |= 0; // Convert to 32-bit integer
+    }
+    return hash.toString(36);
+}
+const IMPLICIT_FEEDBACK_LOG = path.join(STATE_DIR, 'implicit-feedback.jsonl');
+/** Record implicit feedback signal to JSONL */
+function recordImplicitFeedback(entry) {
+    try {
+        fs.mkdirSync(STATE_DIR, { recursive: true });
+        fs.appendFileSync(IMPLICIT_FEEDBACK_LOG, JSON.stringify(entry) + '\n');
+    }
+    catch { /* fail-open: implicit feedback recording must not throw */ }
+}
 // ── State management ──
 function getModifiedFilesPath(sessionId) {
     return path.join(STATE_DIR, `modified-files-${sanitizeId(sessionId)}.json`);
@@ -53,6 +74,28 @@ export function detectErrorPattern(text) {
     }
     return null;
 }
+const AGENT_MIN_OUTPUT_LENGTH = 50;
+const AGENT_QUALITY_PATTERNS = [
+    { pattern: /I (?:couldn'?t|could not|was unable to|cannot) (?:find|locate|access|determine)/i, signal: 'agent_unable', severity: 'warning', message: 'Agent reported inability to complete the task' },
+    { pattern: /(?:no (?:files?|results?|matches?) found|returned? (?:no|empty|zero) results?)/i, signal: 'agent_no_results', severity: 'warning', message: 'Agent found no results' },
+    { pattern: /(?:timed? ?out|deadline exceeded|execution expired)/i, signal: 'agent_timeout', severity: 'error', message: 'Agent execution may have timed out' },
+    { pattern: /(?:context (?:window|limit) (?:exceeded|reached)|too (?:large|long) to (?:read|process))/i, signal: 'agent_context_overflow', severity: 'warning', message: 'Agent hit context limits — output may be incomplete' },
+];
+export function validateAgentOutput(toolResponse) {
+    if (!toolResponse || toolResponse.trim().length < AGENT_MIN_OUTPUT_LENGTH) {
+        return {
+            signal: 'agent_empty_output',
+            severity: 'warning',
+            message: `Agent returned minimal output (${toolResponse?.trim().length ?? 0} chars). Verify the result is usable.`,
+        };
+    }
+    for (const p of AGENT_QUALITY_PATTERNS) {
+        if (p.pattern.test(toolResponse)) {
+            return { signal: p.signal, severity: p.severity, message: p.message };
+        }
+    }
+    return null;
+}
 export function trackModifiedFile(state, filePath, toolName) {
     const existing = state.files[filePath];
     const count = (existing?.count ?? 0) + 1;
@@ -65,87 +108,157 @@ export function trackModifiedFile(state, filePath, toolName) {
 }
 // ── Main flow ──
 async function main() {
-    const data = await readStdinJSON();
-    if (!data) {
-        console.log(approve());
-        return;
-    }
-    if (!isHookEnabled('post-tool-use')) {
-        console.log(approve());
-        return;
-    }
-    const toolName = data.tool_name ?? data.toolName ?? '';
-    const toolInput = data.tool_input ?? data.toolInput ?? {};
-    const toolResponse = data.tool_response ?? data.toolOutput ?? '';
-    const sessionId = data.session_id ?? 'default';
-    const modState = loadModifiedFiles(sessionId);
-    modState.toolCallCount = (modState.toolCallCount ?? 0) + 1;
-    const messages = [];
-    // 1. Checkpoint (every 5 calls)
-    if (modState.toolCallCount % 5 === 0) {
-        try {
-            saveCheckpoint({
-                sessionId, mode: 'active',
-                modifiedFiles: Object.keys(modState.files),
-                lastToolCall: toolName,
-                toolCallCount: modState.toolCallCount,
-                timestamp: new Date().toISOString(),
-                cwd: data.cwd ?? process.env.FORGEN_CWD ?? process.env.COMPOUND_CWD ?? process.cwd(),
-            });
+    const _hookStart = Date.now();
+    try {
+        const data = await readStdinJSON();
+        if (!data) {
+            console.log(approve());
+            return;
         }
-        catch (e) {
-            log.debug('체크포인트 저장 실패', e);
+        if (!isHookEnabled('post-tool-use')) {
+            console.log(approve());
+            return;
         }
-    }
-    // 2. File change tracking (Write, Edit)
-    if (toolName === 'Write' || toolName === 'Edit') {
-        const filePath = toolInput.file_path ?? toolInput.filePath ?? '';
-        if (filePath) {
+        const toolName = data.tool_name ?? data.toolName ?? '';
+        const toolInput = data.tool_input ?? data.toolInput ?? {};
+        const toolResponse = data.tool_response ?? data.toolOutput ?? '';
+        const sessionId = data.session_id ?? 'default';
+        const modState = loadModifiedFiles(sessionId);
+        modState.toolCallCount = (modState.toolCallCount ?? 0) + 1;
+        const messages = [];
+        let revertDetected = false;
+        // 1. Checkpoint (every 5 calls)
+        if (modState.toolCallCount % 5 === 0) {
             try {
-                const { count } = trackModifiedFile(modState, filePath, toolName);
-                if (count >= 5) {
-                    messages.push(`<compound-tool-warning>\n[Forgen] ⚠ ${path.basename(filePath)} has been modified ${count} times.\nConsider redesigning the overall structure and restarting.\n</compound-tool-warning>`);
-                }
+                saveCheckpoint({
+                    sessionId, mode: 'active',
+                    modifiedFiles: Object.keys(modState.files),
+                    lastToolCall: toolName,
+                    toolCallCount: modState.toolCallCount,
+                    timestamp: new Date().toISOString(),
+                    cwd: data.cwd ?? process.env.FORGEN_CWD ?? process.env.COMPOUND_CWD ?? process.cwd(),
+                });
             }
             catch (e) {
-                log.debug('파일 변경 추적 실패', e);
+                log.debug('체크포인트 저장 실패', e);
             }
         }
-        // v1: regex 기반 write content 학습 제거. Evidence 기반으로 전환됨.
-    }
-    // 4. Bash error detection
-    if (toolName === 'Bash' && toolResponse) {
-        const errorMatch = detectErrorPattern(toolResponse);
-        if (errorMatch) {
-            incrementFailureCounter(sessionId);
-            messages.push(`<compound-tool-info>\n[Forgen] Error pattern detected in execution result: "${errorMatch.description}". Review may be needed.\n</compound-tool-info>`);
+        // 2. File change tracking (Write, Edit) + implicit feedback detection
+        if (toolName === 'Write' || toolName === 'Edit') {
+            const filePath = toolInput.file_path ?? toolInput.filePath ?? '';
+            if (filePath) {
+                try {
+                    const { count } = trackModifiedFile(modState, filePath, toolName);
+                    // Implicit feedback: repeated edit detection (5+ edits on same file)
+                    if (count >= 5) {
+                        messages.push(`<compound-tool-warning>\n[Forgen] ⚠ ${path.basename(filePath)} has been modified ${count} times.\nConsider redesigning the overall structure and restarting.\n</compound-tool-warning>`);
+                        recordImplicitFeedback({
+                            type: 'repeated_edit',
+                            file: filePath,
+                            editCount: count,
+                            at: new Date().toISOString(),
+                            sessionId,
+                        });
+                    }
+                    // Implicit feedback: revert detection
+                    // Track content hashes of recent writes to detect when content is reverted
+                    const newContent = toolInput.content ?? toolInput.new_string ?? '';
+                    if (newContent) {
+                        const hash = simpleHash(newContent);
+                        if (!modState.recentWrites)
+                            modState.recentWrites = {};
+                        const prevHashes = modState.recentWrites[filePath] ?? [];
+                        // Check if this content hash matches a previous write (revert pattern)
+                        // Skip the most recent hash (which would be the write being "reverted from")
+                        if (prevHashes.length >= 2 && prevHashes.slice(0, -1).includes(hash)) {
+                            revertDetected = true;
+                            recordImplicitFeedback({
+                                type: 'revert_detected',
+                                file: filePath,
+                                at: new Date().toISOString(),
+                                sessionId,
+                            });
+                        }
+                        // Keep last 10 hashes per file
+                        prevHashes.push(hash);
+                        if (prevHashes.length > 10)
+                            prevHashes.splice(0, prevHashes.length - 10);
+                        modState.recentWrites[filePath] = prevHashes;
+                    }
+                }
+                catch (e) {
+                    log.debug('파일 변경 추적 실패', e);
+                }
+            }
+        }
+        // 3. Drift score evaluation
+        if (toolName === 'Write' || toolName === 'Edit') {
+            if (!modState.drift)
+                modState.drift = createDriftState(sessionId);
+            const driftResult = evaluateDrift(modState.drift, true, revertDetected);
+            if (driftResult.message) {
+                messages.push(`<compound-tool-warning>\n${driftResult.message}\n</compound-tool-warning>`);
+                recordImplicitFeedback({
+                    type: driftResult.level === 'critical' || driftResult.level === 'hardcap' ? 'drift_critical' : 'drift_warning',
+                    score: driftResult.score,
+                    totalEdits: modState.drift.totalEdits,
+                    totalReverts: modState.drift.totalReverts,
+                    at: new Date().toISOString(),
+                    sessionId,
+                });
+            }
+        }
+        // 4. Agent output validation (Tier 2-F)
+        if (toolName === 'Agent') {
+            const agentResult = validateAgentOutput(toolResponse);
+            if (agentResult) {
+                messages.push(`<compound-agent-validation>\n[Forgen] ${agentResult.severity === 'error' ? '⛔' : '⚠'} ${agentResult.message}\n</compound-agent-validation>`);
+                recordImplicitFeedback({
+                    type: `agent_${agentResult.signal}`,
+                    severity: agentResult.severity,
+                    outputLength: toolResponse.trim().length,
+                    at: new Date().toISOString(),
+                    sessionId,
+                });
+            }
+        }
+        // 5. Bash error detection
+        if (toolName === 'Bash' && toolResponse) {
+            const errorMatch = detectErrorPattern(toolResponse);
+            if (errorMatch) {
+                incrementFailureCounter(sessionId);
+                messages.push(`<compound-tool-info>\n[Forgen] Error pattern detected in execution result: "${errorMatch.description}". Review may be needed.\n</compound-tool-info>`);
+            }
+        }
+        // 6. Compound negative signal (non-blocking)
+        try {
+            checkCompoundNegative(toolName, toolResponse, sessionId);
+        }
+        catch (e) {
+            log.debug('compound negative check 실패', e);
+        }
+        // 7. Compound success hint (non-blocking)
+        try {
+            const successHint = getCompoundSuccessHint(toolName, toolResponse, sessionId);
+            if (successHint)
+                messages.push(successHint);
+        }
+        catch (e) {
+            log.debug('success hint generation 실패', e);
+        }
+        saveModifiedFiles(modState);
+        if (messages.length > 0) {
+            console.log(approveWithWarning(messages.join('\n')));
+        }
+        else {
+            console.log(approve());
         }
     }
-    // 5. Compound negative signal (non-blocking)
-    try {
-        checkCompoundNegative(toolName, toolResponse, sessionId);
-    }
-    catch (e) {
-        log.debug('compound negative check 실패', e);
-    }
-    // 6. Compound success hint (non-blocking)
-    try {
-        const successHint = getCompoundSuccessHint(toolName, toolResponse, sessionId);
-        if (successHint)
-            messages.push(successHint);
-    }
-    catch (e) {
-        log.debug('success hint generation 실패', e);
-    }
-    saveModifiedFiles(modState);
-    if (messages.length > 0) {
-        console.log(approveWithWarning(messages.join('\n')));
-    }
-    else {
-        console.log(approve());
+    finally {
+        recordHookTiming('post-tool-use', Date.now() - _hookStart, 'PostToolUse');
     }
 }
 main().catch((e) => {
     process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-    console.log(failOpen());
+    console.log(failOpenWithTracking('post-tool-use'));
 });

package/dist/hooks/pre-compact.d.ts

@@ -7,4 +7,14 @@
  * - 진행 중인 작업 요약 저장
  * - handoff 파일 생성 (압축 후 복구용)
  */
-export {};
+export interface SessionBrief {
+    sessionId: string;
+    mode: string;
+    modifiedFiles: string[];
+    promptCount: number;
+    solutionsInjected: string[];
+    correctionCount: number;
+    generatedAt: string;
+}
+/** 세션 브리프 JSON 생성 */
+export declare function buildSessionBrief(sessionId: string): SessionBrief;

package/dist/hooks/pre-compact.js

@@ -12,8 +12,9 @@ import * as path from 'node:path';
 import { createLogger } from '../core/logger.js';
 import { readStdinJSON } from './shared/read-stdin.js';
 import { isHookEnabled } from './hook-config.js';
-import { approve, approveWithWarning, failOpen } from './shared/hook-response.js';
-import { HANDOFFS_DIR, ME_BEHAVIOR, STATE_DIR } from '../core/paths.js';
+import { approve, approveWithWarning, failOpenWithTracking } from './shared/hook-response.js';
+import { HANDOFFS_DIR, ME_BEHAVIOR, ME_RULES, STATE_DIR } from '../core/paths.js';
+import { sanitizeId } from './shared/sanitize-id.js';
 const log = createLogger('pre-compact');
 /** 활성 모드 상태 수집 */
 function collectActiveStates() {
@@ -40,6 +41,90 @@ function collectActiveStates() {
     }
     return active;
 }
+/** 세션 브리프 JSON 생성 */
+export function buildSessionBrief(sessionId) {
+    // modifiedFiles: read modified-files-{sessionId}.json (files field keys)
+    let modifiedFiles = [];
+    try {
+        const modPath = path.join(STATE_DIR, `modified-files-${sanitizeId(sessionId)}.json`);
+        if (fs.existsSync(modPath)) {
+            const modData = JSON.parse(fs.readFileSync(modPath, 'utf-8'));
+            if (modData.files && typeof modData.files === 'object') {
+                modifiedFiles = Object.keys(modData.files);
+            }
+            else if (Array.isArray(modData.modifiedFiles)) {
+                modifiedFiles = modData.modifiedFiles;
+            }
+            else if (Array.isArray(modData.fileEdits)) {
+                modifiedFiles = modData.fileEdits;
+            }
+        }
+    }
+    catch { /* fail-open */ }
+    // promptCount: read context-guard.json
+    let promptCount = 0;
+    try {
+        const cgPath = path.join(STATE_DIR, 'context-guard.json');
+        if (fs.existsSync(cgPath)) {
+            const cgData = JSON.parse(fs.readFileSync(cgPath, 'utf-8'));
+            if (typeof cgData.promptCount === 'number') {
+                promptCount = cgData.promptCount;
+            }
+        }
+    }
+    catch { /* fail-open */ }
+    // solutionsInjected: read injection-cache-*.json files, collect solutions[].name
+    let solutionsInjected = [];
+    try {
+        if (fs.existsSync(STATE_DIR)) {
+            for (const f of fs.readdirSync(STATE_DIR)) {
+                if (!f.startsWith('injection-cache-') || !f.endsWith('.json'))
+                    continue;
+                try {
+                    const cacheData = JSON.parse(fs.readFileSync(path.join(STATE_DIR, f), 'utf-8'));
+                    if (Array.isArray(cacheData.solutions)) {
+                        for (const sol of cacheData.solutions) {
+                            if (typeof sol.name === 'string' && !solutionsInjected.includes(sol.name)) {
+                                solutionsInjected.push(sol.name);
+                            }
+                        }
+                    }
+                }
+                catch { /* skip */ }
+            }
+        }
+    }
+    catch { /* fail-open */ }
+    // correctionCount: count files in ME_RULES with scope === 'session'
+    let correctionCount = 0;
+    try {
+        if (fs.existsSync(ME_RULES)) {
+            for (const f of fs.readdirSync(ME_RULES)) {
+                if (!f.endsWith('.json'))
+                    continue;
+                try {
+                    const rule = JSON.parse(fs.readFileSync(path.join(ME_RULES, f), 'utf-8'));
+                    if (rule.scope === 'session')
+                        correctionCount++;
+                }
+                catch { /* skip */ }
+            }
+        }
+    }
+    catch { /* fail-open */ }
+    // mode: from collectActiveStates
+    const activeStates = collectActiveStates();
+    const mode = activeStates.length > 0 ? activeStates.map(s => s.mode).join('+') : 'general';
+    return {
+        sessionId,
+        mode,
+        modifiedFiles,
+        promptCount,
+        solutionsInjected,
+        correctionCount,
+        generatedAt: new Date().toISOString(),
+    };
+}
 /** compaction 전 스냅샷 저장 */
 function saveCompactionSnapshot(sessionId) {
     const activeStates = collectActiveStates();
@@ -146,6 +231,31 @@ Rules:
 - Skip patterns that are trivially obvious ("uses TypeScript")
 - Each pattern must be specific enough to change Claude's behavior in future sessions${existingList}
 </forgen-compound-extract>`;
+    // 세션 브리프 저장
+    try {
+        const brief = buildSessionBrief(sessionId);
+        fs.mkdirSync(HANDOFFS_DIR, { recursive: true });
+        const briefTimestamp = new Date().toISOString().replace(/[:.]/g, '-');
+        const briefPath = path.join(HANDOFFS_DIR, `${briefTimestamp}-session-brief.json`);
+        let briefJson = JSON.stringify(brief, null, 2);
+        // max 1500 chars — truncate modifiedFiles and solutionsInjected if needed
+        if (briefJson.length > 1500) {
+            let truncBrief = { ...brief };
+            while (briefJson.length > 1500 && (truncBrief.modifiedFiles.length > 0 || truncBrief.solutionsInjected.length > 0)) {
+                if (truncBrief.solutionsInjected.length > 0) {
+                    truncBrief = { ...truncBrief, solutionsInjected: truncBrief.solutionsInjected.slice(0, Math.max(0, truncBrief.solutionsInjected.length - 1)) };
+                }
+                else {
+                    truncBrief = { ...truncBrief, modifiedFiles: truncBrief.modifiedFiles.slice(0, Math.max(0, truncBrief.modifiedFiles.length - 1)) };
+                }
+                briefJson = JSON.stringify(truncBrief, null, 2);
+            }
+        }
+        fs.writeFileSync(briefPath, briefJson);
+    }
+    catch (e) {
+        log.debug('세션 브리프 저장 실패', e);
+    }
     // 스냅샷 저장
     try {
         const snapshotPath = saveCompactionSnapshot(sessionId);
@@ -161,5 +271,5 @@ Rules:
 }
 main().catch((e) => {
     process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-    console.log(failOpen());
+    console.log(failOpenWithTracking('pre-compact'));
 });

package/dist/hooks/pre-tool-use.js

@@ -19,8 +19,9 @@ import { sanitizeId } from './shared/sanitize-id.js';
 import { incrementEvidence } from '../engine/solution-writer.js';
 import { isReflectionCandidate } from './compound-reflection.js';
 import { isHookEnabled } from './hook-config.js';
-import { approve, approveWithWarning, deny, failOpen } from './shared/hook-response.js';
+import { approve, approveWithWarning, deny, failOpenWithTracking } from './shared/hook-response.js';
 import { FORGEN_HOME, STATE_DIR } from '../core/paths.js';
+import { recordHookTiming } from './shared/hook-timing.js';
 const FAIL_COUNTER_PATH = path.join(STATE_DIR, 'pre-tool-fail-counter.json');
 const FAIL_CLOSE_THRESHOLD = 3; // 연속 3회 파싱 실패 시에만 reject
 /** RegExp 안전성 검증 (ReDoS 방지) — 매칭/비매칭 양쪽 모두 테스트 */
@@ -212,15 +213,33 @@ function checkCompoundReflection(toolName, toolInput, sessionId) {
             const now = new Date();
             let mutated = false;
             for (const sol of cache.solutions) {
-                if (!Array.isArray(sol.identifiers) || sol.identifiers.length === 0)
+                const hasIdentifiers = Array.isArray(sol.identifiers) && sol.identifiers.length > 0;
+                const hasTags = Array.isArray(sol.tags) && sol.tags.length > 0;
+                if (!hasIdentifiers && !hasTags)
                     continue;
-                const result = isReflectionCandidate({
-                    identifiers: sol.identifiers,
-                    code,
-                    injectedAt: sol.injectedAt ?? '',
-                    now,
-                });
-                if (result.reflected) {
+                let reflected = false;
+                if (hasIdentifiers) {
+                    const result = isReflectionCandidate({
+                        identifiers: sol.identifiers,
+                        code,
+                        injectedAt: sol.injectedAt ?? '',
+                        now,
+                    });
+                    reflected = result.reflected;
+                }
+                // Tag-based fallback: identifiers 없는 솔루션도 감지
+                // 6자 이상 non-generic 태그 2개 이상이 코드에 출현하면 반영으로 인정
+                if (!reflected && hasTags) {
+                    const genericTags = new Set(['pattern', 'solution', 'workflow', 'quality', 'best-practice', 'convention']);
+                    const eligibleTags = sol.tags.filter((t) => t.length >= 6 && !genericTags.has(t) && /^[a-zA-Z가-힣]/.test(t));
+                    const matchedTagCount = eligibleTags.filter((t) => code.toLowerCase().includes(t.toLowerCase())).length;
+                    const injectedTime = new Date(sol.injectedAt ?? '').getTime();
+                    const elapsed = now.getTime() - injectedTime;
+                    if (matchedTagCount >= 2 && elapsed <= 15 * 60 * 1000 && elapsed >= 0) {
+                        reflected = true;
+                    }
+                }
+                if (reflected) {
                     reflectedNames.push(sol.name);
                     if (!sol._sessionCounted) {
                         sol._sessionCounted = true;
@@ -262,58 +281,69 @@ export function updateSolutionEvidence(solutionName, field) {
     incrementEvidence(solutionName, field);
 }
 async function main() {
-    const data = await readStdinJSON();
-    if (!data) {
-        // graceful fail-close: consecutive failure counter.
-        // At threshold, block with a user-visible deny message (the block itself
-        // is actionable — the user needs to know why their tool call was
-        // rejected). Below threshold, pass SILENTLY via plain approve() so a
-        // transient parse glitch doesn't leak `systemMessage` noise to the
-        // user's terminal on every tool call. stderr still gets the counter
-        // for `forgen doctor` / log inspection. Mirrors `db-guard.ts:85-96`.
-        const failCount = getAndIncrementFailCount();
-        if (failCount >= FAIL_CLOSE_THRESHOLD) {
-            console.log(deny(`[Forgen] PreToolUse: stdin parse failed ${failCount} consecutive times — blocking for safety.`));
+    const _hookStart = Date.now();
+    try {
+        const data = await readStdinJSON();
+        if (!data) {
+            // graceful fail-close: consecutive failure counter.
+            // At threshold, block with a user-visible deny message (the block itself
+            // is actionable — the user needs to know why their tool call was
+            // rejected). Below threshold, pass SILENTLY via plain approve() so a
+            // transient parse glitch doesn't leak `systemMessage` noise to the
+            // user's terminal on every tool call. stderr still gets the counter
+            // for `forgen doctor` / log inspection. Mirrors `db-guard.ts:85-96`.
+            const failCount = getAndIncrementFailCount();
+            if (failCount >= FAIL_CLOSE_THRESHOLD) {
+                console.log(deny(`[Forgen] PreToolUse: stdin parse failed ${failCount} consecutive times — blocking for safety.`));
+            }
+            else {
+                process.stderr.write(`[ch-hook] pre-tool-use stdin parse failed (${failCount}/${FAIL_CLOSE_THRESHOLD})\n`);
+                console.log(approve());
+            }
+            return;
         }
-        else {
-            process.stderr.write(`[ch-hook] pre-tool-use stdin parse failed (${failCount}/${FAIL_CLOSE_THRESHOLD})\n`);
+        // 정상 파싱 성공 시 연속 실패 카운터 리셋
+        resetFailCount();
+        if (!isHookEnabled('pre-tool-use')) {
             console.log(approve());
+            return;
+        }
+        const toolName = data.tool_name ?? data.toolName ?? '';
+        const toolInput = data.tool_input ?? data.toolInput ?? {};
+        const sessionId = data.session_id ?? 'default';
+        // Bash 도구: 위험 명령어 감지
+        const check = checkDangerousCommand(toolName, toolInput);
+        if (check.action === 'block') {
+            console.log(deny(`[Forgen] Dangerous command blocked: ${check.description}\nCommand: ${check.command}`));
+            return;
+        }
+        if (check.action === 'warn') {
+            console.log(approveWithWarning(`<compound-tool-warning>\n[Forgen] ⚠ Dangerous command detected: ${check.description}\nProceed with caution.\n</compound-tool-warning>`));
+            return;
+        }
+        // Output size guard: warn when Grep is used without head_limit
+        if (toolName === 'Grep' && !toolInput?.head_limit) {
+            console.log(approveWithWarning(`<compound-tool-warning>\n[Forgen] Grep without head_limit may produce large output. Set head_limit or pipe through | head -n to limit output size.\n</compound-tool-warning>`));
+            return;
+        }
+        // Compound v3: Code Reflection check (non-blocking)
+        try {
+            checkCompoundReflection(toolName, toolInput, sessionId);
+        }
+        catch (e) {
+            log.debug('compound reflection check 실패', e);
+        }
+        // 활성 모드 리마인더 (10회 호출당 1회 — 결정적 카운터 기반)
+        const reminders = getActiveReminders();
+        if (reminders.length > 0 && shouldShowReminderIO()) {
+            console.log(approveWithWarning(`<compound-reminder>\n${reminders.join('\n')}\n</compound-reminder>`));
+            return;
         }
-        return;
-    }
-    // 정상 파싱 성공 시 연속 실패 카운터 리셋
-    resetFailCount();
-    if (!isHookEnabled('pre-tool-use')) {
         console.log(approve());
-        return;
     }
-    const toolName = data.tool_name ?? data.toolName ?? '';
-    const toolInput = data.tool_input ?? data.toolInput ?? {};
-    const sessionId = data.session_id ?? 'default';
-    // Bash 도구: 위험 명령어 감지
-    const check = checkDangerousCommand(toolName, toolInput);
-    if (check.action === 'block') {
-        console.log(deny(`[Forgen] Dangerous command blocked: ${check.description}\nCommand: ${check.command}`));
-        return;
-    }
-    if (check.action === 'warn') {
-        console.log(approveWithWarning(`<compound-tool-warning>\n[Forgen] ⚠ Dangerous command detected: ${check.description}\nProceed with caution.\n</compound-tool-warning>`));
-        return;
-    }
-    // Compound v3: Code Reflection check (non-blocking)
-    try {
-        checkCompoundReflection(toolName, toolInput, sessionId);
-    }
-    catch (e) {
-        log.debug('compound reflection check 실패', e);
-    }
-    // 활성 모드 리마인더 (10회 호출당 1회 — 결정적 카운터 기반)
-    const reminders = getActiveReminders();
-    if (reminders.length > 0 && shouldShowReminderIO()) {
-        console.log(approveWithWarning(`<compound-reminder>\n${reminders.join('\n')}\n</compound-reminder>`));
-        return;
+    finally {
+        recordHookTiming('pre-tool-use', Date.now() - _hookStart, 'PreToolUse');
     }
-    console.log(approve());
 }
 main().catch((e) => {
     const hookErr = new HookError(e instanceof Error ? e.message : String(e), {
@@ -321,5 +351,5 @@ main().catch((e) => {
     });
     process.stderr.write(`[ch-hook] ${hookErr.name}: ${hookErr.message}\n`);
     // fail-open: approve on internal error to avoid blocking all tool calls
-    console.log(failOpen());
+    console.log(failOpenWithTracking('pre-tool-use'));
 });

package/dist/hooks/rate-limiter.js

@@ -10,7 +10,7 @@ import * as path from 'node:path';
 import { readStdinJSON } from './shared/read-stdin.js';
 import { atomicWriteJSON } from './shared/atomic-write.js';
 import { isHookEnabled } from './hook-config.js';
-import { approve, deny, failOpen } from './shared/hook-response.js';
+import { approve, deny, failOpenWithTracking } from './shared/hook-response.js';
 import { STATE_DIR } from '../core/paths.js';
 const RATE_LIMIT_PATH = path.join(STATE_DIR, 'rate-limit.json');
 const DEFAULT_LIMIT = 30; // calls per minute
@@ -55,7 +55,7 @@ async function main() {
     const data = await readStdinJSON(1500); // Must finish within plugin.json timeout (2000ms)
     if (!data) {
         // stdin 파싱 실패 — 통과 (rate limiter는 fail-open)
-        console.log(failOpen());
+        console.log(failOpenWithTracking('rate-limiter'));
         return;
     }
     if (!isHookEnabled('rate-limiter')) {
@@ -82,5 +82,5 @@ async function main() {
 }
 main().catch((e) => {
     process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-    console.log(failOpen());
+    console.log(failOpenWithTracking('rate-limiter'));
 });

package/dist/hooks/secret-filter.js

@@ -8,7 +8,7 @@
 import { HookError } from '../core/errors.js';
 import { readStdinJSON } from './shared/read-stdin.js';
 import { isHookEnabled } from './hook-config.js';
-import { approve, approveWithWarning, failOpen } from './shared/hook-response.js';
+import { approve, approveWithWarning, failOpenWithTracking } from './shared/hook-response.js';
 export const SECRET_PATTERNS = [
     { name: 'API Key', pattern: /(sk|pk|api[_-]?key)[_-][\w\-.]{20,}/i },
     { name: 'AWS Access Key', pattern: /AKIA[\w]{16}/ },
@@ -61,5 +61,5 @@ main().catch((e) => {
         hookName: 'secret-filter', eventType: 'PostToolUse', cause: e,
     });
     process.stderr.write(`[ch-hook] ${hookErr.name}: ${hookErr.message}\n`);
-    console.log(failOpen());
+    console.log(failOpenWithTracking('secret-filter'));
 });