@wooojin/forgen 0.2.0 → 0.3.0

package/dist/hooks/keyword-detector.js

@@ -23,12 +23,13 @@ import { ALL_MODES, FORGEN_HOME, ME_DIR, PACKS_DIR, STATE_DIR } from '../core/pa
 import { atomicWriteJSON } from './shared/atomic-write.js';
 import { escapeAllXmlTags } from './prompt-injection-filter.js';
 import { getSkillConflicts } from '../core/plugin-detector.js';
-import { approve, approveWithContext, failOpen } from './shared/hook-response.js';
+import { approve, approveWithContext, failOpenWithTracking } from './shared/hook-response.js';
+import { recordHookTiming } from './shared/hook-timing.js';
 /** Escape a string for safe use in XML attribute values */
 function escapeXmlAttr(s) {
     return s.replace(/&/g, '&amp;').replace(/"/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
 }
-const WORKFLOW_TRACKED_INJECTS = new Set(['benchmark']);
+const WORKFLOW_TRACKED_INJECTS = new Set();
 export function shouldTrackWorkflowActivation(match) {
     if (match.type === 'inject')
         return WORKFLOW_TRACKED_INJECTS.has(match.keyword);
@@ -51,23 +52,19 @@ export const KEYWORD_PATTERNS = [
     { pattern: /\bralplan\b/i, keyword: 'ralplan', type: 'skill', skill: 'ralplan' },
     { pattern: /\bdeep[- ]?interview\b/i, keyword: 'deep-interview', type: 'skill', skill: 'deep-interview' },
     { pattern: /\bpipeline\b/i, keyword: 'pipeline', type: 'skill', skill: 'pipeline' },
-    { pattern: /\b(ecomode|에코\s*모드|토큰\s*절약)\b/i, keyword: 'ecomode', type: 'skill', skill: 'ecomode' },
     // 인젝션 모드
     { pattern: /\bultrathink\b/i, keyword: 'ultrathink', type: 'inject' },
     { pattern: /\bdeepsearch\b/i, keyword: 'deepsearch', type: 'inject' },
-    { pattern: /(?:^|\s)tdd(?:\s+(?:모드|mode|방식|으로|해|해줘|시작|적용)|\s*$)/im, keyword: 'tdd', type: 'skill', skill: 'tdd' },
     { pattern: /(?:code[- ]?review|코드\s*리뷰)\s*(?:해|해줘|시작|해봐|부탁|mode|모드)/i, keyword: 'code-review', type: 'skill', skill: 'code-review' },
-    { pattern: /(?:security[- ]?review|보안\s*리뷰|보안\s*검토)\s*(?:해|해줘|시작|해봐|부탁|mode|모드)/i, keyword: 'security-review', type: 'skill', skill: 'security-review' },
-    // 실용 스킬 — 명시적 모드 호출만 매칭 (일상 단어 false positive 방지)
-    { pattern: /\bgit[- ]?master\b/i, keyword: 'git-master', type: 'skill', skill: 'git-master' },
-    { pattern: /\b(benchmark|벤치마크)\s*(?:mode|모드|해|해줘|시작|실행|돌려)|성능\s*측정/i, keyword: 'benchmark', type: 'inject' },
-    { pattern: /\b(migrate|마이그레이션)\s*(?:mode|모드|해|해줘|시작|실행|진행)/i, keyword: 'migrate', type: 'skill', skill: 'migrate' },
-    { pattern: /\b(debug[- ]?detective|디버그\s*탐정|체계적\s*디버깅)\b/i, keyword: 'debug-detective', type: 'skill', skill: 'debug-detective' },
-    { pattern: /\b(refactor|리팩토링|리팩터)\s*(?:mode|모드|해|해줘|시작|실행|진행)/i, keyword: 'refactor', type: 'skill', skill: 'refactor' },
+    // forgen 핵심 스킬
+    { pattern: /\b(forge[- ]?loop|포지[- ]?루프)\b|(?:^|\s)(끝까지|don'?t\s*stop)(?:\s|$)/im, keyword: 'forge-loop', type: 'skill', skill: 'forge-loop' },
+    { pattern: /(?:^|\s)ship(?:\s|$)|(?:^|\s)(배포|릴리스)\s*(?:해|해줘|하자|시작|진행)/im, keyword: 'ship', type: 'skill', skill: 'ship' },
+    { pattern: /\bretro\b|(?:^|\s)(회고|돌아보기)(?:\s|$)/im, keyword: 'retro', type: 'skill', skill: 'retro' },
+    { pattern: /(?:^|\s)learn\s+(?:search|prune|stats|export)|(?:^|\s)(학습\s*관리|compound\s*정리|솔루션\s*정리)/im, keyword: 'learn', type: 'skill', skill: 'learn' },
+    { pattern: /\bcalibrate\b|(?:^|\s)(캘리브|프로필\s*보정|프로필\s*조정|프로필\s*확인)(?:\s|$)/im, keyword: 'calibrate', type: 'skill', skill: 'calibrate' },
 ];
-// ── 인젝션 메시지 (폴백 전용) ──
-// commands/*.md 파일이 없을 때만 사용. commands/*.md가 단일 진실 공급원.
-const FALLBACK_INJECT_MESSAGES = {
+// ── 인젝션 메시지 ──
+const INJECT_MESSAGES = {
     ultrathink: `<compound-think-mode>
 EXTENDED THINKING MODE ACTIVATED.
 Before responding, engage in deep, thorough reasoning. Consider multiple approaches,
@@ -83,98 +80,12 @@ Perform comprehensive codebase exploration before answering:
 4. Cross-reference findings across files
 5. Present a complete, evidence-based analysis
 </compound-deepsearch>`,
-    tdd: `<compound-tdd>
-TDD MODE ACTIVATED.
-Follow strict Test-Driven Development:
-1. Write the failing test FIRST (Red)
-2. Write the minimum code to pass (Green)
-3. Refactor while keeping tests green (Refactor)
-4. Repeat for each requirement
-Never write implementation before tests.
-</compound-tdd>`,
-    'code-review': `<compound-code-review>
-CODE REVIEW MODE ACTIVATED.
-Perform thorough code review with severity ratings:
-- 🔴 CRITICAL: Security vulnerabilities, data loss risks, crashes
-- 🟡 MAJOR: Logic errors, performance issues, missing error handling
-- 🔵 MINOR: Style, naming, documentation improvements
-- 💡 SUGGESTION: Optional enhancements
-Provide file:line references for every finding.
-</compound-code-review>`,
-    'security-review': `<compound-security-review>
-SECURITY REVIEW MODE ACTIVATED.
-Check for OWASP Top 10 and common vulnerabilities:
-1. Injection (SQL, XSS, Command)
-2. Broken Authentication / Authorization
-3. Sensitive Data Exposure
-4. Security Misconfiguration
-5. Insecure Dependencies
-6. Secrets in code (API keys, tokens, passwords)
-7. Input validation gaps
-8. Unsafe deserialization
-Rate each finding: CRITICAL / HIGH / MEDIUM / LOW
-</compound-security-review>`,
-    'git-master': `<compound-git-master>
-GIT MASTER MODE ACTIVATED.
-Apply atomic commit strategy and clean history management:
-1. One commit = one logical change (atomic)
-2. Follow Conventional Commits: feat/fix/refactor/docs/chore(<scope>): <subject>
-3. Use interactive rebase (git rebase -i) to clean up WIP commits before pushing
-4. Never force-push to shared branches (main, develop)
-5. Use git bisect for systematic bug hunt across commits
-Commit message format: <type>(<scope>): <subject> — imperative, 50 chars max
-</compound-git-master>`,
-    benchmark: `<compound-benchmark>
-BENCHMARK MODE ACTIVATED.
-Measure performance with statistical rigor:
-1. Collect baseline metrics FIRST (before any changes)
-2. Run minimum 30 iterations (skip first 5 as warmup)
-3. Calculate: avg, p95, p99, min, max
-4. Measure: execution time (performance.now()), memory (process.memoryUsage()), bundle size
-5. Output before/after comparison table with delta percentages
-6. Use same environment for both measurements to ensure validity
-</compound-benchmark>`,
-    migrate: `<compound-migrate>
-MIGRATION MODE ACTIVATED.
-Follow the 5-phase safe migration workflow:
-1. ANALYZE: Document current state, identify breaking changes, map affected files
-2. PLAN: Decompose into atomic steps, define rollback triggers (error rate > N%)
-3. BACKUP: Create DB dump + git tag as restore point before any changes
-4. EXECUTE: Apply Expand-Contract pattern for zero-downtime DB changes
-5. VERIFY: Run E2E tests, check data integrity, validate performance regression
-Rollback criteria: error rate spike, latency > 2x baseline, data inconsistency
-</compound-migrate>`,
-    'debug-detective': `<compound-debug-detective>
-DEBUG DETECTIVE MODE ACTIVATED.
-Follow the Reproduce → Isolate → Fix → Verify loop:
-1. REPRODUCE: Document exact conditions, input, expected vs actual, reproduction rate
-2. ISOLATE: Classify error type (runtime/type/logic/async), use git bisect for regression
-3. FIX: Address root cause (not symptoms), minimize change scope
-4. VERIFY: Add regression test, confirm fix in staging before production
-Error classification:
-- Runtime: TypeError/ReferenceError → trace stack
-- Logic: wrong output → add intermediate logging
-- Async: race condition → check Promise chain, event ordering
-Never guess — always reproduce first.
-</compound-debug-detective>`,
-    refactor: `<compound-refactor>
-REFACTOR MODE ACTIVATED.
-Safe refactoring with test-first approach:
-1. SECURE TESTS: Characterization tests for untested code before touching anything
-2. IDENTIFY SMELLS: Long functions (>50 lines), duplication, deep nesting (>3), magic numbers
-3. APPLY SOLID: Single responsibility, Open-closed, Liskov, Interface segregation, Dependency inversion
-4. REFACTOR CATALOG: Extract Method, Move Method, Replace Conditional with Polymorphism
-5. VERIFY: Run full test suite after each refactoring step
-Rules:
-- Never mix refactoring + feature changes in the same commit
-- One refactoring pattern per commit
-- Keep tests green at all times
-</compound-refactor>`,
 };
 // ── 스킬 파일 로드 ──
 function loadSkillContent(skillName) {
-    // 스킬 파일 검색 순서: 프로젝트 > 연결된 팩 > 글로벌 팩 > 글로벌 > 패키지 내장
+    // 스킬 파일 검색 순서: 프로젝트 .forgen > 프로젝트 .compound > 팩 > 개인 > 글로벌 > 패키지 내장
     const searchPaths = [
+        path.join(process.cwd(), '.forgen', 'skills', `${skillName}.md`),
         path.join(process.cwd(), '.compound', 'skills', `${skillName}.md`),
         path.join(process.cwd(), 'skills', `${skillName}.md`),
     ];
@@ -227,11 +138,10 @@ export function detectKeyword(prompt) {
                 return { type: 'cancel', keyword: entry.keyword, message: '[Forgen] Mode cancelled.' };
             }
             if (entry.type === 'inject') {
-                const fileContent = loadSkillContent(entry.keyword);
                 return {
                     type: 'inject',
                     keyword: entry.keyword,
-                    message: fileContent ?? FALLBACK_INJECT_MESSAGES[entry.keyword] ?? '',
+                    message: INJECT_MESSAGES[entry.keyword] ?? '',
                 };
             }
             return {
@@ -270,122 +180,134 @@ function cleanSkillCaches() {
 }
 // ── 메인 ──
 async function main() {
-    const input = await readStdinJSON();
-    if (!isHookEnabled('keyword-detector')) {
-        console.log(approve());
-        return;
-    }
-    if (!input?.prompt) {
-        console.log(approve());
-        return;
-    }
-    const match = detectKeyword(input.prompt);
-    const sessionId = input.session_id ?? 'unknown';
-    // v1: regex 기반 prompt 학습 제거. Evidence 기반으로 전환됨.
-    if (!match) {
-        console.log(approve());
-        return;
-    }
-    // Cache conflict map once for the duration of this hook execution
-    const skillConflicts = getSkillConflicts(input.cwd ?? process.env.FORGEN_CWD ?? process.env.COMPOUND_CWD ?? process.cwd());
-    if (match.type === 'cancel') {
-        const cancelCwd = input.cwd ?? process.env.FORGEN_CWD ?? process.env.COMPOUND_CWD ?? process.cwd();
-        if (match.keyword === 'cancel-ralph') {
-            // ralph만 취소
-            clearState('ralph-state');
-            const ralphLoopState = path.join(cancelCwd, '.claude', 'ralph-loop.local.md');
-            try {
-                fs.unlinkSync(ralphLoopState);
-            }
-            catch { /* 파일 없으면 무시 */ }
-        }
-        else {
-            // 모든 모드 상태 초기화 (ralplan, deep-interview 포함)
-            for (const mode of ALL_MODES) {
-                clearState(`${mode}-state`);
-            }
-            const ralphLoopState = path.join(cancelCwd, '.claude', 'ralph-loop.local.md');
-            try {
-                fs.unlinkSync(ralphLoopState);
-            }
-            catch { /* 파일 없으면 무시 */ }
-        }
-        // skill-cache 파일도 정리 (재주입 가능하도록)
-        cleanSkillCaches();
-        console.log(approveWithContext(match.message ?? '[Forgen] Mode cancelled.', 'UserPromptSubmit'));
-        return;
-    }
-    if (match.type === 'inject') {
-        // Plugin conflict check: inject 타입도 다른 플러그인과 충돌하면 스킵
-        // (tdd, code-review 등이 OMC/superpowers와 이중 실행되는 것을 방지)
-        const conflictPlugin = skillConflicts.get(match.keyword);
-        if (conflictPlugin) {
-            log.debug(`Skipping inject "${match.keyword}" — provided by ${conflictPlugin}`);
+    const _hookStart = Date.now();
+    try {
+        const input = await readStdinJSON();
+        if (!isHookEnabled('keyword-detector')) {
             console.log(approve());
             return;
         }
-        if (shouldTrackWorkflowActivation(match)) {
-            try { /* v1: recordModeUsage 제거 */ }
-            catch { /* noop */ }
+        if (!input?.prompt) {
+            console.log(approve());
+            return;
         }
-        console.log(approveWithContext(match.message ?? `[Forgen] ${match.keyword} mode activated.`, 'UserPromptSubmit'));
-        return;
-    }
-    // 스킬 주입
-    if (match.skill) {
-        // Plugin conflict check: if a plugin already provides this skill, skip injection
-        const conflictPlugin = skillConflicts.get(match.skill);
-        if (conflictPlugin) {
-            log.debug(`Skipping keyword "${match.keyword}" — skill provided by ${conflictPlugin}`);
+        const match = detectKeyword(input.prompt);
+        const sessionId = input.session_id ?? 'unknown';
+        // v1: regex 기반 prompt 학습 제거. Evidence 기반으로 전환됨.
+        if (!match) {
             console.log(approve());
             return;
         }
-        // Compound: mode usage 기록
-        // v1: recordModeUsage 제거
-        const skillContent = loadSkillContent(match.skill);
-        const effectiveCwd = input.cwd ?? process.env.FORGEN_CWD ?? process.env.COMPOUND_CWD ?? process.cwd();
-        // 상태 저장
-        saveState(`${match.skill}-state`, {
-            active: true,
-            startedAt: new Date().toISOString(),
-            prompt: match.prompt,
-            sessionId: input.session_id,
-        });
-        // ralph 스킬 활성화 시 ralph-loop 플러그인 상태 파일도 생성
-        if (match.skill === 'ralph') {
-            const ralphLoopDir = path.join(effectiveCwd, '.claude');
-            const ralphLoopState = path.join(ralphLoopDir, 'ralph-loop.local.md');
-            fs.mkdirSync(ralphLoopDir, { recursive: true });
-            const frontmatter = [
-                '---',
-                'active: true',
-                'iteration: 1',
-                `session_id: ${input.session_id ?? ''}`,
-                'max_iterations: 0',
-                'completion_promise: "TASK COMPLETE"',
-                `started_at: "${new Date().toISOString()}"`,
-                '---',
-                '',
-                match.prompt ?? input.prompt,
-            ].join('\n');
-            fs.writeFileSync(ralphLoopState, frontmatter);
+        // Cache conflict map once for the duration of this hook execution
+        const skillConflicts = getSkillConflicts(input.cwd ?? process.env.FORGEN_CWD ?? process.env.COMPOUND_CWD ?? process.cwd());
+        if (match.type === 'cancel') {
+            const cancelCwd = input.cwd ?? process.env.FORGEN_CWD ?? process.env.COMPOUND_CWD ?? process.cwd();
+            if (match.keyword === 'cancel-ralph') {
+                // ralph만 취소
+                clearState('ralph-state');
+                const ralphLoopState = path.join(cancelCwd, '.claude', 'ralph-loop.local.md');
+                try {
+                    fs.unlinkSync(ralphLoopState);
+                }
+                catch { /* 파일 없으면 무시 */ }
+            }
+            else {
+                // 모든 모드 상태 초기화 (ralplan, deep-interview, forge-loop 등 포함)
+                for (const mode of ALL_MODES) {
+                    clearState(`${mode}-state`);
+                }
+                const ralphLoopState = path.join(cancelCwd, '.claude', 'ralph-loop.local.md');
+                try {
+                    fs.unlinkSync(ralphLoopState);
+                }
+                catch { /* 파일 없으면 무시 */ }
+                // forge-loop 상태 파일도 명시적으로 삭제 (Stop 훅 차단 해제)
+                const forgeLoopState = path.join(STATE_DIR, 'forge-loop.json');
+                try {
+                    fs.unlinkSync(forgeLoopState);
+                }
+                catch { /* 파일 없으면 무시 */ }
+            }
+            // skill-cache 파일도 정리 (재주입 가능하도록)
+            cleanSkillCaches();
+            console.log(approveWithContext(match.message ?? '[Forgen] Mode cancelled.', 'UserPromptSubmit'));
+            return;
         }
-        if (skillContent) {
-            const truncatedContent = truncateContent(skillContent, INJECTION_CAPS.skillContentMax);
-            console.log(approveWithContext(`<compound-skill name="${escapeXmlAttr(match.skill)}">\n${escapeAllXmlTags(truncatedContent)}\n</compound-skill>\n\nUser request: ${match.prompt}`, 'UserPromptSubmit'));
+        if (match.type === 'inject') {
+            // Plugin conflict check: inject 타입도 다른 플러그인과 충돌하면 스킵
+            // (tdd, code-review 등이 OMC/superpowers와 이중 실행되는 것을 방지)
+            const conflictPlugin = skillConflicts.get(match.keyword);
+            if (conflictPlugin) {
+                log.debug(`Skipping inject "${match.keyword}" — provided by ${conflictPlugin}`);
+                console.log(approve());
+                return;
+            }
+            if (shouldTrackWorkflowActivation(match)) {
+                try { /* v1: recordModeUsage 제거 */ }
+                catch { /* noop */ }
+            }
+            console.log(approveWithContext(match.message ?? `[Forgen] ${match.keyword} mode activated.`, 'UserPromptSubmit'));
+            return;
         }
-        else {
-            console.log(approveWithContext(`[Forgen] ${match.keyword} mode activated.\n\nUser request: ${match.prompt}`, 'UserPromptSubmit'));
+        // 스킬 주입
+        if (match.skill) {
+            // Plugin conflict check: if a plugin already provides this skill, skip injection
+            const conflictPlugin = skillConflicts.get(match.skill);
+            if (conflictPlugin) {
+                log.debug(`Skipping keyword "${match.keyword}" — skill provided by ${conflictPlugin}`);
+                console.log(approve());
+                return;
+            }
+            // Compound: mode usage 기록
+            // v1: recordModeUsage 제거
+            const skillContent = loadSkillContent(match.skill);
+            const effectiveCwd = input.cwd ?? process.env.FORGEN_CWD ?? process.env.COMPOUND_CWD ?? process.cwd();
+            // 상태 저장
+            saveState(`${match.skill}-state`, {
+                active: true,
+                startedAt: new Date().toISOString(),
+                prompt: match.prompt,
+                sessionId: input.session_id,
+            });
+            // ralph 스킬 활성화 시 ralph-loop 플러그인 상태 파일도 생성
+            if (match.skill === 'ralph') {
+                const ralphLoopDir = path.join(effectiveCwd, '.claude');
+                const ralphLoopState = path.join(ralphLoopDir, 'ralph-loop.local.md');
+                fs.mkdirSync(ralphLoopDir, { recursive: true });
+                const frontmatter = [
+                    '---',
+                    'active: true',
+                    'iteration: 1',
+                    `session_id: ${input.session_id ?? ''}`,
+                    'max_iterations: 0',
+                    'completion_promise: "TASK COMPLETE"',
+                    `started_at: "${new Date().toISOString()}"`,
+                    '---',
+                    '',
+                    match.prompt ?? input.prompt,
+                ].join('\n');
+                fs.writeFileSync(ralphLoopState, frontmatter);
+            }
+            if (skillContent) {
+                const truncatedContent = truncateContent(skillContent, INJECTION_CAPS.skillContentMax);
+                console.log(approveWithContext(`<compound-skill name="${escapeXmlAttr(match.skill)}">\n${escapeAllXmlTags(truncatedContent)}\n</compound-skill>\n\nUser request: ${match.prompt}`, 'UserPromptSubmit'));
+            }
+            else {
+                console.log(approveWithContext(`[Forgen] ${match.keyword} mode activated.\n\nUser request: ${match.prompt}`, 'UserPromptSubmit'));
+            }
+            return;
         }
-        return;
+        console.log(approve());
+    }
+    finally {
+        recordHookTiming('keyword-detector', Date.now() - _hookStart, 'UserPromptSubmit');
     }
-    console.log(approve());
 }
 // ESM main guard: 다른 모듈에서 import 시 main() 실행 방지
 // realpathSync로 symlink 해석 (플러그인 캐시가 symlink일 때 경로 불일치 방지)
 if (process.argv[1] && fs.realpathSync(path.resolve(process.argv[1])) === fileURLToPath(import.meta.url)) {
     main().catch((e) => {
         process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-        console.log(failOpen());
+        console.log(failOpenWithTracking('keyword-detector'));
     });
 }

package/dist/hooks/notepad-injector.js

@@ -20,7 +20,7 @@ import { readNotepad } from '../core/notepad.js';
 import { isHookEnabled } from './hook-config.js';
 import { truncateContent } from './shared/injection-caps.js';
 import { calculateBudget } from './shared/context-budget.js';
-import { approve, approveWithContext, failOpen } from './shared/hook-response.js';
+import { approve, approveWithContext, failOpenWithTracking } from './shared/hook-response.js';
 // ── 메인 ──
 async function main() {
     const input = await readStdinJSON();
@@ -47,5 +47,5 @@ async function main() {
 }
 main().catch((e) => {
     process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-    console.log(failOpen());
+    console.log(failOpenWithTracking('notepad-injector'));
 });

package/dist/hooks/permission-handler.js

@@ -13,7 +13,7 @@ const log = createLogger('permission-handler');
 import { readStdinJSON } from './shared/read-stdin.js';
 import { sanitizeId } from './shared/sanitize-id.js';
 import { isHookEnabled } from './hook-config.js';
-import { approve, approveWithWarning, failOpen } from './shared/hook-response.js';
+import { approve, approveWithWarning, failOpenWithTracking } from './shared/hook-response.js';
 import { STATE_DIR } from '../core/paths.js';
 /** 자동 승인 가능한 안전 도구 목록 */
 export const SAFE_TOOLS = new Set([
@@ -110,5 +110,5 @@ async function main() {
 }
 main().catch((e) => {
     process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-    console.log(failOpen());
+    console.log(failOpenWithTracking('permission-handler'));
 });

package/dist/hooks/post-tool-failure.js

@@ -15,7 +15,7 @@ import { readStdinJSON } from './shared/read-stdin.js';
 import { isHookEnabled } from './hook-config.js';
 import { sanitizeId } from './shared/sanitize-id.js';
 import { atomicWriteJSON } from './shared/atomic-write.js';
-import { approve, approveWithWarning, failOpen } from './shared/hook-response.js';
+import { approve, approveWithWarning, failOpenWithTracking } from './shared/hook-response.js';
 import { STATE_DIR } from '../core/paths.js';
 function getFailureStatePath(sessionId) {
     return path.join(STATE_DIR, `tool-failures-${sanitizeId(sessionId)}.json`);
@@ -58,11 +58,14 @@ export function getRecoverySuggestion(error, toolName) {
     if (/timeout|timed out/.test(lower)) {
         return 'Timeout occurred. Split into smaller units and retry.';
     }
+    if (/old_string.*not found|not found in file|not unique|multiple matches/i.test(lower)) {
+        return 'The old_string matched multiple locations. Include more surrounding context to make it unique, or use replace_all: true if all occurrences should change.';
+    }
     if (/enoent|no such file|not found/.test(lower)) {
-        return 'File/path does not exist. Check the path.';
+        return 'File/path does not exist. Use Glob to search for similar file names, then retry with the correct path.';
     }
     if (/eacces|permission denied/.test(lower)) {
-        return 'Permission denied. Check file permissions.';
+        return 'Permission denied. Check file permissions with `ls -la` and fix with `chmod` if needed.';
     }
     if (/syntax error|syntaxerror/.test(lower)) {
         return 'Syntax error. Review the code again.';
@@ -70,8 +73,11 @@ export function getRecoverySuggestion(error, toolName) {
     if (/enospc|no space/.test(lower)) {
         return 'Disk space is insufficient.';
     }
-    if (/old_string.*not found|not unique/i.test(lower)) {
-        return 'Edit tool old_string not found in file. Use Read to check the current file content and retry.';
+    if (/stale|file has been modified|changed since/i.test(lower)) {
+        return 'File content has changed since last read. Use Read to get the current content, then retry the edit with updated old_string.';
+    }
+    if (/binary|encoding|invalid utf|ucs-2/i.test(lower)) {
+        return "File may be binary or use non-UTF-8 encoding. Verify encoding with 'file <path>' command.";
     }
     return `${toolName} tool failed. Try a different approach.`;
 }
@@ -114,5 +120,5 @@ main().catch((e) => {
         hookName: 'post-tool-failure', eventType: 'PostToolUseFailure', cause: e,
     });
     process.stderr.write(`[ch-hook] ${hookErr.name}: ${hookErr.message}\n`);
-    console.log(failOpen());
+    console.log(failOpenWithTracking('post-tool-failure'));
 });

package/dist/hooks/post-tool-handlers.d.ts

@@ -4,7 +4,7 @@
  * Compound negative/success 신호 감지, 컨텍스트 실패 카운터,
  * 솔루션 negative evidence 업데이트 등 post-tool 분석 핸들러.
  */
-/** 세션의 실패 카운터 증가 (컨텍스트 신호 수집) */
+/** 세션의 실패 카운터 증가 (컨텍스트 신호 수집, lock 보호) */
 export declare function incrementFailureCounter(sessionId: string): void;
 /** Compound v3: detect negative signals after tool execution */
 export declare function checkCompoundNegative(toolName: string, toolResponse: string, sessionId: string): void;

package/dist/hooks/post-tool-handlers.js

@@ -8,6 +8,7 @@ import * as fs from 'node:fs';
 import * as path from 'node:path';
 import { createLogger } from '../core/logger.js';
 import { atomicWriteJSON } from './shared/atomic-write.js';
+import { withFileLockSync } from './shared/file-lock.js';
 import { sanitizeId } from './shared/sanitize-id.js';
 import { incrementEvidence } from '../engine/solution-writer.js';
 import { classifyMatch, shouldAttribute } from '../engine/term-matcher.js';
@@ -15,19 +16,21 @@ import { detectErrorPattern } from './post-tool-use.js';
 import { STATE_DIR } from '../core/paths.js';
 const log = createLogger('post-tool-handlers');
 const CONTEXT_SIGNALS_PATH = path.join(STATE_DIR, 'context-signals.json');
-/** 세션의 실패 카운터 증가 (컨텍스트 신호 수집) */
+/** 세션의 실패 카운터 증가 (컨텍스트 신호 수집, lock 보호) */
 export function incrementFailureCounter(sessionId) {
     try {
-        let signals = {};
-        if (fs.existsSync(CONTEXT_SIGNALS_PATH)) {
-            signals = JSON.parse(fs.readFileSync(CONTEXT_SIGNALS_PATH, 'utf-8'));
-            if (signals.sessionId !== sessionId)
-                signals = {};
-        }
-        signals.sessionId = sessionId;
-        signals.previousFailures = (signals.previousFailures ?? 0) + 1;
-        signals.updatedAt = new Date().toISOString();
-        atomicWriteJSON(CONTEXT_SIGNALS_PATH, signals);
+        withFileLockSync(CONTEXT_SIGNALS_PATH, () => {
+            let signals = {};
+            if (fs.existsSync(CONTEXT_SIGNALS_PATH)) {
+                signals = JSON.parse(fs.readFileSync(CONTEXT_SIGNALS_PATH, 'utf-8'));
+                if (signals.sessionId !== sessionId)
+                    signals = {};
+            }
+            signals.sessionId = sessionId;
+            signals.previousFailures = (signals.previousFailures ?? 0) + 1;
+            signals.updatedAt = new Date().toISOString();
+            atomicWriteJSON(CONTEXT_SIGNALS_PATH, signals);
+        });
     }
     catch (e) {
         log.debug('context signals write failed — failure count may be lost', e);

package/dist/hooks/post-tool-use.d.ts

@@ -5,6 +5,7 @@
  * 도구 실행 후 결과 검증 + 파일 변경 추적.
  * Compound/workflow 핸들러는 ./post-tool-handlers.ts에 분리.
  */
+import { type DriftState } from '../core/drift-score.js';
 interface ModifiedFilesState {
     sessionId: string;
     files: Record<string, {
@@ -13,6 +14,10 @@ interface ModifiedFilesState {
         tool: string;
     }>;
     toolCallCount: number;
+    /** Track recent write content hashes for revert detection */
+    recentWrites?: Record<string, string[]>;
+    /** Drift detection state */
+    drift?: DriftState;
 }
 export declare const ERROR_PATTERNS: Array<{
     pattern: RegExp;
@@ -22,6 +27,12 @@ export declare function detectErrorPattern(text: string): {
     pattern: RegExp;
     description: string;
 } | null;
+export interface AgentValidationResult {
+    signal: string;
+    severity: 'info' | 'warning' | 'error';
+    message: string;
+}
+export declare function validateAgentOutput(toolResponse: string): AgentValidationResult | null;
 export declare function trackModifiedFile(state: ModifiedFilesState, filePath: string, toolName: string): {
     state: ModifiedFilesState;
     count: number;