@wooojin/forgen 0.4.0 → 0.4.1

package/dist/core/stats-cli.js

@@ -6,13 +6,15 @@
  * working between Claude sessions.
  */
 import * as fs from 'node:fs';
-import * as os from 'node:os';
 import * as path from 'node:path';
 import { loadAllRules } from '../store/rule-store.js';
-import { loadRecentEvidence } from '../store/evidence-store.js';
-const ENFORCEMENT_DIR = path.join(os.homedir(), '.forgen', 'state', 'enforcement');
-const LIFECYCLE_DIR = path.join(os.homedir(), '.forgen', 'state', 'lifecycle');
-const STATE_DIR = path.join(os.homedir(), '.forgen', 'state');
+import { loadAllEvidence } from '../store/evidence-store.js';
+import { STATE_DIR, ME_DIR } from './paths.js';
+// v0.4.1 격리 fix: 이전에는 os.homedir() 직접 사용해서 FORGEN_HOME env 로
+// 홈 격리해도 이 파일의 경로는 여전히 실 홈 가리켰음. paths.ts 상수 import.
+const ENFORCEMENT_DIR = path.join(STATE_DIR, 'enforcement');
+const LIFECYCLE_DIR = path.join(STATE_DIR, 'lifecycle');
+const SOLUTIONS_DIR = path.join(ME_DIR, 'solutions');
 const MS_PER_DAY = 24 * 60 * 60 * 1000;
 function readJsonl(p) {
     if (!fs.existsSync(p))
@@ -61,12 +63,23 @@ function readLifecycleRetired(days) {
     return n;
 }
 function readLastExtraction() {
-    const p = path.join(STATE_DIR, 'last-extraction.json');
-    if (!fs.existsSync(p))
+    // v0.4.1 파일명 정합: auto-compound-runner 는 last-auto-compound.json 에 기록.
+    // 이전 코드가 last-extraction.json 을 찾아 "never" 가 만성적으로 표시됨 —
+    // 실은 매 auto-compound 세션마다 값이 업데이트되고 있는데도 stats 에 반영 X.
+    const candidates = ['last-auto-compound.json', 'last-extraction.json'];
+    let p = null;
+    for (const name of candidates) {
+        const candidate = path.join(STATE_DIR, name);
+        if (fs.existsSync(candidate)) {
+            p = candidate;
+            break;
+        }
+    }
+    if (!p)
         return 'never';
     try {
         const data = JSON.parse(fs.readFileSync(p, 'utf-8'));
-        const ts = data.timestamp ?? data.date;
+        const ts = data.completedAt ?? data.timestamp ?? data.date;
         if (!ts)
             return 'never';
         const diffDays = Math.floor((Date.now() - Date.parse(ts)) / MS_PER_DAY);
@@ -81,17 +94,90 @@ function readLastExtraction() {
         return 'unknown';
     }
 }
+/** H3: 오늘 (local midnight ~ now) 기준 assist 카운트. */
+function computeAssistToday() {
+    const startOfDay = new Date();
+    startOfDay.setHours(0, 0, 0, 0);
+    const cutoffMs = startOfDay.getTime();
+    // recall hits: match-eval-log 의 오늘 entries
+    const matchLog = readJsonl(path.join(STATE_DIR, 'match-eval-log.jsonl'));
+    let recallHits = 0;
+    for (const e of matchLog) {
+        const ts = typeof e.ts === 'string' ? Date.parse(e.ts) : NaN;
+        if (Number.isFinite(ts) && ts >= cutoffMs)
+            recallHits++;
+    }
+    // surfaced + referenced — 같은 스트림 1회 loop 로.
+    const feedback = readJsonl(path.join(STATE_DIR, 'implicit-feedback.jsonl'));
+    let surfaced = 0;
+    let referenced = 0;
+    for (const e of feedback) {
+        const ts = typeof e.at === 'string' ? Date.parse(e.at) : NaN;
+        if (!Number.isFinite(ts) || ts < cutoffMs)
+            continue;
+        if (e.type === 'recommendation_surfaced')
+            surfaced++;
+        else if (e.type === 'recall_referenced')
+            referenced++;
+    }
+    // extracted today: solutions dir 에서 오늘 mtime 인 .md 파일
+    let extractedToday = 0;
+    try {
+        if (fs.existsSync(SOLUTIONS_DIR)) {
+            for (const f of fs.readdirSync(SOLUTIONS_DIR)) {
+                if (!f.endsWith('.md'))
+                    continue;
+                const stat = fs.statSync(path.join(SOLUTIONS_DIR, f));
+                if (stat.mtimeMs >= cutoffMs)
+                    extractedToday++;
+            }
+        }
+    }
+    catch { /* fail-open */ }
+    return { recallHits, surfaced, referenced, extractedToday };
+}
+/** v0.4.1: forge-profile 에서 고도화 지표 추출. 파일 없거나 깨지면 undefined. */
+function computePhilosophy() {
+    try {
+        const profilePath = path.join(ME_DIR, 'forge-profile.json');
+        if (!fs.existsSync(profilePath))
+            return undefined;
+        const d = JSON.parse(fs.readFileSync(profilePath, 'utf-8'));
+        const axisScores = {};
+        for (const [k, v] of Object.entries(d.axes ?? {})) {
+            if (v && typeof v.score === 'number')
+                axisScores[k] = v.score;
+        }
+        return {
+            basePacks: Object.values(d.base_packs ?? {}),
+            trustPolicy: d.trust_preferences?.desired_policy ?? 'unknown',
+            axisScores,
+            lastReclassification: d.metadata?.last_reclassification_at ?? null,
+        };
+    }
+    catch {
+        return undefined;
+    }
+}
 export function computeStats() {
     const rules = loadAllRules();
     const activeRules = rules.filter((r) => r.status === 'active').length;
     const suppressedRules = rules.filter((r) => r.status === 'suppressed').length;
-    const evidence = loadRecentEvidence(500);
+    // v0.4.1 정확도 수정: loadRecentEvidence(500) 제한은 "Corrections (total)"
+    // 라벨과 모순 — 실 behavior 618건 중 118건 누락됐음. 전체 evidence 스캔으로
+    // 교체. explicit_correction 만 filter 이므로 memory overhead 는 N * ~1KB 수준.
+    const evidence = loadAllEvidence();
     const corrections = evidence.filter((e) => e.type === 'explicit_correction');
     const correctionsTotal = corrections.length;
     const cutoff7d = Date.now() - 7 * MS_PER_DAY;
     const corrections7d = corrections.filter((e) => Date.parse(e.timestamp) >= cutoff7d).length;
     const violations = readJsonl(path.join(ENFORCEMENT_DIR, 'violations.jsonl'));
-    const bypass = readJsonl(path.join(ENFORCEMENT_DIR, 'bypass.jsonl'));
+    // v0.4.1 historical false-positive 제거: pre-0.4.1 bypass-detector 가 Write/Edit
+    // content 의 quote 본문까지 raw 매칭해서 bypass 로 오기록. 실 관찰: L1-no-rm-rf
+    // -unconfirmed bypass 20건 중 Write/Edit 15건. stats 표시는 **실 실행 맥락** 인
+    // Bash/Agent/기타만 집계 — 앞으로의 시계열 일관성 + 과거 noise 제거.
+    const bypassRaw = readJsonl(path.join(ENFORCEMENT_DIR, 'bypass.jsonl'));
+    const bypass = bypassRaw.filter((e) => e.tool !== 'Write' && e.tool !== 'Edit');
     const drift = readJsonl(path.join(ENFORCEMENT_DIR, 'drift.jsonl'));
     const acks = readJsonl(path.join(ENFORCEMENT_DIR, 'acknowledgments.jsonl'));
     // R9-PA2: violations 는 'block' (stop-guard/post-tool) + 'deny' (pre-tool Mech-A)
@@ -109,6 +195,8 @@ export function computeStats() {
         drift7d: countWithin(drift, 7),
         retired7d: readLifecycleRetired(7),
         lastExtraction: readLastExtraction(),
+        assistToday: computeAssistToday(),
+        philosophy: computePhilosophy(),
     };
 }
 function padNum(n, width = 4) {
@@ -133,6 +221,29 @@ export function renderStats(s) {
     lines.push(`    Drift events        ${padNum(s.drift7d)}    — stuck-loop force-approves`);
     lines.push(`    Retired rules       ${padNum(s.retired7d)}    — superseded or timed out`);
     lines.push('');
+    // H3: Assist 축 — enforcement 옆에 나란히 가시화.
+    lines.push('  Today (assist)');
+    lines.push(`    Recall hits         ${padNum(s.assistToday.recallHits)}    — compound 매칭 시도 수`);
+    lines.push(`    Surfaced            ${padNum(s.assistToday.surfaced)}    — 실제 주입된 솔루션 수`);
+    const ratio = s.assistToday.surfaced > 0
+        ? ` (${Math.round(100 * s.assistToday.referenced / s.assistToday.surfaced)}% referenced)`
+        : '';
+    lines.push(`    Referenced          ${padNum(s.assistToday.referenced)}    — Claude 응답에 인용됨${ratio}`);
+    lines.push(`    Extracted           ${padNum(s.assistToday.extractedToday)}    — 오늘 새로 저장된 패턴`);
+    lines.push('');
+    // v0.4.1 철학 고도화 단면 — "개인화가 어디까지 학습됐나" 1섹션.
+    if (s.philosophy) {
+        lines.push('  Philosophy (learned)');
+        lines.push(`    Base packs          ${s.philosophy.basePacks.join(' / ')}`);
+        lines.push(`    Trust policy        ${s.philosophy.trustPolicy}`);
+        const scores = Object.entries(s.philosophy.axisScores)
+            .map(([k, v]) => `${k}:${v.toFixed(2)}`)
+            .join('  ');
+        if (scores)
+            lines.push(`    Axis scores         ${scores}`);
+        lines.push(`    Last reclass        ${s.philosophy.lastReclassification ?? 'never'}`);
+        lines.push('');
+    }
     lines.push(`  Last extraction: ${s.lastExtraction}`);
     lines.push('');
     return lines.join('\n');

package/dist/core/uninstall.js

@@ -321,7 +321,8 @@ export async function handleUninstall(cwd, options) {
     cleanPluginArtifacts();
     if (options.purge) {
         try {
-            const forgenHome = path.join(os.homedir(), '.forgen');
+            const { FORGEN_HOME } = await import('./paths.js');
+            const forgenHome = FORGEN_HOME;
             if (fs.existsSync(forgenHome)) {
                 fs.rmSync(forgenHome, { recursive: true, force: true });
                 console.log('  ✓ Deleted ~/.forgen/ (all rules, state, solutions, behavior)');

package/dist/engine/compound-cli.js

@@ -65,6 +65,7 @@ export function listSolutions() {
     }
     const order = ['mature', 'verified', 'candidate', 'experiment', 'retired'];
     console.log('\n  Compound Entries\n');
+    console.log('  (inj: 누적 주입, ref: 명시 참조, neg: 부정 피드백 — ref 측정은 v0.4.1+ 부터 시작됨)\n');
     let total = 0;
     for (const status of order) {
         const group = groups[status];

package/dist/engine/compound-export.js

@@ -33,14 +33,19 @@ export function isPathInside(parentWithSep, candidate) {
     return resolved.startsWith(parentWithSep) && resolved !== parentWithSep;
 }
 /**
- * Count .md files in a directory (non-recursive).
- * Returns 0 if the directory does not exist.
+ * Count knowledge files in a directory (non-recursive). `.md` (solutions) + `.json`
+ * (rules, behavior, evidence) 둘 다 포함.
+ *
+ * v0.4.1 (2026-04-24): 이전에는 `.md` 만 세서 rules/*.json 전부가 count=0, export
+ * 대상에서도 제외됐다. 실증: `forgen compound export` 결과 rules 0, behavior 18
+ * (618건의 .json 누락). 사용자 철학의 **핵심**인 rules 가 하네스에서 빠진 상태
+ * 라 "나와 같은 데이터 하네스" 비전이 반쪽이었다.
  */
 function countFiles(dir) {
     try {
         if (!fs.existsSync(dir))
             return 0;
-        return fs.readdirSync(dir).filter(f => f.endsWith('.md')).length;
+        return fs.readdirSync(dir).filter(f => f.endsWith('.md') || f.endsWith('.json')).length;
     }
     catch {
         return 0;

package/dist/engine/learn-cli.js

@@ -1,14 +1,11 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
-import * as os from 'node:os';
 import { fixupSolutions } from './solution-fixup.js';
 import { listQuarantined, pruneQuarantine } from './solution-quarantine.js';
 import { computeFitness } from './solution-fitness.js';
 import { buildWeaknessReport, saveWeaknessReport } from './solution-weakness.js';
 import { listCandidates, promoteCandidate, rollbackSince } from './solution-candidate.js';
-const ME_SOLUTIONS = path.join(os.homedir(), '.forgen', 'me', 'solutions');
-const STATE_DIR = path.join(os.homedir(), '.forgen', 'state');
-const OUTCOMES_DIR = path.join(STATE_DIR, 'outcomes');
+import { ME_SOLUTIONS, OUTCOMES_DIR } from '../core/paths.js';
 export async function handleLearn(args) {
     const sub = args[0];
     if (sub === 'fix-up')

package/dist/engine/lifecycle/lifecycle-cli.js

@@ -5,8 +5,8 @@
  * default dry-run, --apply 시 rule 파일에 상태 전이 반영.
  */
 import * as path from 'node:path';
-import * as os from 'node:os';
 import { loadAllRules, saveRule } from '../../store/rule-store.js';
+import { STATE_DIR } from '../../core/paths.js';
 import { collectSignals, readJsonlSafe } from './signals.js';
 import { detect as detectT2 } from './trigger-t2-violation.js';
 import { detect as detectT3 } from './trigger-t3-bypass.js';
@@ -14,7 +14,7 @@ import { detect as detectT4 } from './trigger-t4-decay.js';
 import { detect as detectT5 } from './trigger-t5-conflict.js';
 import { scanDriftForDemotion, applyDemotion, scanSignalsForPromotion, applyPromotion, readDriftEntries, appendLifecycleEvents, } from './meta-reclassifier.js';
 import { foldEvents } from './orchestrator.js';
-const LIFECYCLE_DIR = path.join(os.homedir(), '.forgen', 'state', 'lifecycle');
+const LIFECYCLE_DIR = path.join(STATE_DIR, 'lifecycle');
 export async function handleLifecycleScan(args) {
     const apply = args.includes('--apply');
     const now = Date.now();
@@ -23,8 +23,8 @@ export async function handleLifecycleScan(args) {
         console.log('\n  No rules in ~/.forgen/me/rules. Nothing to scan.\n');
         return;
     }
-    const violations = readJsonlSafe(path.join(os.homedir(), '.forgen', 'state', 'enforcement', 'violations.jsonl'));
-    const bypass = readJsonlSafe(path.join(os.homedir(), '.forgen', 'state', 'enforcement', 'bypass.jsonl'));
+    const violations = readJsonlSafe(path.join(STATE_DIR, 'enforcement', 'violations.jsonl'));
+    const bypass = readJsonlSafe(path.join(STATE_DIR, 'enforcement', 'bypass.jsonl'));
     const drift = readDriftEntries();
     const signals = new Map();
     for (const r of rules)

package/dist/engine/lifecycle/meta-reclassifier.js

@@ -16,12 +16,12 @@
  *   - 30 일 쿨다운.
  */
 import * as fs from 'node:fs';
-import * as os from 'node:os';
 import * as path from 'node:path';
 import { initLifecycle } from '../../store/rule-lifecycle.js';
 import { loadAllRules, saveRule } from '../../store/rule-store.js';
-const DRIFT_LOG_PATH = path.join(os.homedir(), '.forgen', 'state', 'enforcement', 'drift.jsonl');
-const LIFECYCLE_DIR = path.join(os.homedir(), '.forgen', 'state', 'lifecycle');
+import { STATE_DIR } from '../../core/paths.js';
+const DRIFT_LOG_PATH = path.join(STATE_DIR, 'enforcement', 'drift.jsonl');
+const LIFECYCLE_DIR = path.join(STATE_DIR, 'lifecycle');
 const DEFAULT_WINDOW_DAYS = 7;
 const DEFAULT_THRESHOLD = 3;
 /** R8-A1: Meta 재분류 쿨다운 (일). 최근 이 기간 내 변경된 rule 은 다시 재분류 금지. */

package/dist/engine/lifecycle/orchestrator.js

@@ -21,15 +21,15 @@
  *   promote/demote_mech → phase 유지, meta_promotions 는 meta-reclassifier 가 직접 기록
  */
 import * as fs from 'node:fs';
-import * as os from 'node:os';
 import * as path from 'node:path';
+import { STATE_DIR } from '../../core/paths.js';
 /**
  * R5-B1: rule 이 inactive 상태로 전이될 때 block-count 디렉터리의 잔여 파일 정리.
  * phantom stuck-loop (retired 된 rule 이 다시 GC 전까지 counter 에 반영되는 문제) 차단.
  */
 function sweepBlockCountsForRule(ruleId) {
     try {
-        const dir = path.join(os.homedir(), '.forgen', 'state', 'enforcement', 'block-count');
+        const dir = path.join(STATE_DIR, 'enforcement', 'block-count');
         if (!fs.existsSync(dir))
             return;
         const safeRuleId = String(ruleId).replace(/[^a-zA-Z0-9_.-]/g, '_');

package/dist/engine/lifecycle/signals.js

@@ -9,11 +9,11 @@
  * 모든 IO 는 이 파일에 한정. 트리거들은 pure — collectSignals() 결과를 받아 detect().
  */
 import * as fs from 'node:fs';
-import * as os from 'node:os';
 import * as path from 'node:path';
-const STATE_DIR = path.join(os.homedir(), '.forgen', 'state', 'enforcement');
-const VIOLATIONS_PATH = path.join(STATE_DIR, 'violations.jsonl');
-const BYPASS_PATH = path.join(STATE_DIR, 'bypass.jsonl');
+import { STATE_DIR as FORGEN_STATE_DIR } from '../../core/paths.js';
+const ENFORCEMENT_DIR = path.join(FORGEN_STATE_DIR, 'enforcement');
+const VIOLATIONS_PATH = path.join(ENFORCEMENT_DIR, 'violations.jsonl');
+const BYPASS_PATH = path.join(ENFORCEMENT_DIR, 'bypass.jsonl');
 const ROLLING_N = 20;
 const VIOLATION_WINDOW_DAYS = 30;
 const BYPASS_WINDOW_DAYS = 7;
@@ -59,7 +59,7 @@ export function readJsonlSafe(p) {
 }
 export function recordViolation(entry) {
     try {
-        fs.mkdirSync(STATE_DIR, { recursive: true });
+        fs.mkdirSync(ENFORCEMENT_DIR, { recursive: true });
         rotateIfBig(VIOLATIONS_PATH);
         const full = { at: new Date().toISOString(), ...entry };
         fs.appendFileSync(VIOLATIONS_PATH, JSON.stringify(full) + '\n');
@@ -73,7 +73,7 @@ export function recordViolation(entry) {
 }
 export function recordBypass(entry) {
     try {
-        fs.mkdirSync(STATE_DIR, { recursive: true });
+        fs.mkdirSync(ENFORCEMENT_DIR, { recursive: true });
         rotateIfBig(BYPASS_PATH);
         const full = { at: new Date().toISOString(), ...entry };
         fs.appendFileSync(BYPASS_PATH, JSON.stringify(full) + '\n');

package/dist/engine/meta-learning/session-quality-scorer.d.ts

@@ -12,6 +12,7 @@
  *   - state/sessions/{sessionId}.json  → session metadata
  */
 import type { SessionQualityScore } from './types.js';
+import { type ImplicitFeedbackEntry } from '../../store/implicit-feedback-store.js';
 interface InjectionCacheData {
     injected: string[];
     totalInjectedChars: number;
@@ -29,12 +30,6 @@ interface DriftState {
     lastCriticalAt: number | null;
     hardCapReached: boolean;
 }
-interface ImplicitFeedbackEntry {
-    type: string;
-    sessionId?: string;
-    at: string;
-    [key: string]: unknown;
-}
 export declare function loadInjectionCache(sessionId: string): InjectionCacheData | null;
 export declare function loadDriftState(sessionId: string): DriftState | null;
 export declare function loadImplicitFeedback(sessionId: string): ImplicitFeedbackEntry[];

package/dist/engine/meta-learning/session-quality-scorer.js

@@ -15,6 +15,7 @@ import * as fs from 'node:fs';
 import * as path from 'node:path';
 import { ME_BEHAVIOR, STATE_DIR } from '../../core/paths.js';
 import { safeReadJSON } from '../../hooks/shared/atomic-write.js';
+import { loadImplicitFeedback as loadImplicitFeedbackFromStore, } from '../../store/implicit-feedback-store.js';
 function sanitizeId(id) {
     return id.replace(/[^a-zA-Z0-9_-]/g, '_');
 }
@@ -32,27 +33,7 @@ export function loadDriftState(sessionId) {
     return data?.drift ?? null;
 }
 export function loadImplicitFeedback(sessionId) {
-    const logPath = path.join(STATE_DIR, 'implicit-feedback.jsonl');
-    try {
-        if (!fs.existsSync(logPath))
-            return [];
-        const lines = fs.readFileSync(logPath, 'utf-8').split('\n').filter(Boolean);
-        const entries = [];
-        for (const line of lines) {
-            try {
-                const entry = JSON.parse(line);
-                if (entry.sessionId === sessionId)
-                    entries.push(entry);
-            }
-            catch {
-                /* skip malformed lines */
-            }
-        }
-        return entries;
-    }
-    catch {
-        return [];
-    }
+    return loadImplicitFeedbackFromStore(sessionId);
 }
 export function loadSessionCorrections(sessionId) {
     try {

package/dist/engine/skill-promoter.js

@@ -6,15 +6,12 @@
  */
 import * as fs from 'node:fs';
 import * as path from 'node:path';
-import * as os from 'node:os';
 import { parseSolutionV3 } from './solution-format.js';
 import { createLogger } from '../core/logger.js';
+import { ME_SOLUTIONS, ME_SKILLS, CLAUDE_DIR } from '../core/paths.js';
 const log = createLogger('skill-promoter');
-const FORGEN_HOME = path.join(os.homedir(), '.forgen');
-const ME_SOLUTIONS = path.join(FORGEN_HOME, 'me', 'solutions');
-const ME_SKILLS = path.join(FORGEN_HOME, 'me', 'skills');
-// Claude Code가 자동 인식하는 글로벌 스킬 경로
-const CLAUDE_SKILLS = path.join(os.homedir(), '.claude', 'skills');
+// Claude Code가 자동 인식하는 글로벌 스킬 경로 (~/.claude/skills)
+const CLAUDE_SKILLS = path.join(CLAUDE_DIR, 'skills');
 // 일반적인 태그 제외 (트리거로 부적합)
 const GENERIC_TAGS = new Set([
     'typescript', 'javascript', 'react', 'node', 'error', 'fix', 'code',

package/dist/hooks/context-guard.js

@@ -408,6 +408,6 @@ function saveHandoff(sessionId, reason, detail) {
 if (process.argv[1] && fs.realpathSync(path.resolve(process.argv[1])) === fileURLToPath(import.meta.url)) {
     main().catch((e) => {
         process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-        console.log(failOpenWithTracking('context-guard'));
+        console.log(failOpenWithTracking('context-guard', e));
     });
 }

package/dist/hooks/dangerous-patterns.json

@@ -1,5 +1,5 @@
 [
-  { "pattern": "rm\\s+(-rf|-fr)\\s+[/~]", "description": "rm -rf on root/home path", "severity": "block" },
+  { "pattern": "rm\\s+(-rf|-fr)\\s+(\\/(?!tmp\\b|var\\/folders\\b|var\\/tmp\\b)|~)", "description": "rm -rf on root/home path", "severity": "block" },
   { "pattern": "rm\\s+(-rf|-fr)\\s+\\.\\s", "description": "rm -rf on current directory", "severity": "block" },
   { "pattern": "git\\s+push\\s+.*--force(?!-)", "description": "git push --force", "severity": "warn" },
   { "pattern": "git\\s+reset\\s+--hard", "description": "git reset --hard", "severity": "warn" },
@@ -9,10 +9,10 @@
   { "pattern": ">\\s*\\/dev\\/sd[a-z]", "description": "write to block device", "severity": "block" },
   { "pattern": "mkfs\\s", "description": "mkfs (format filesystem)", "severity": "block" },
   { "pattern": ":\\(\\)\\s*\\{\\s*:\\|:&\\s*\\}\\s*;:", "description": "fork bomb", "severity": "block" },
-  { "pattern": "\\beval\\s+[\"'`]", "description": "eval with string (injection risk)", "severity": "warn" },
+  { "pattern": "\\beval\\s+[\"'`]", "description": "eval with string (injection risk)", "severity": "warn", "match_target": "raw" },
   { "pattern": "curl\\s+.*\\|\\s*(ba)?sh", "description": "curl pipe to shell", "severity": "block" },
   { "pattern": "wget\\s+.*\\|\\s*(ba)?sh", "description": "wget pipe to shell", "severity": "block" },
-  { "pattern": "python[23]?\\s+-c\\s+['\"].*(?:import\\s+os|subprocess|exec|eval)", "description": "python -c with dangerous imports", "severity": "warn" },
+  { "pattern": "python[23]?\\s+-c\\s+['\"].*(?:import\\s+os|subprocess|exec|eval)", "description": "python -c with dangerous imports", "severity": "warn", "match_target": "raw" },
   { "pattern": "\\bchmod\\s+[0-7]*777\\b", "description": "chmod 777 (overly permissive)", "severity": "warn" },
   { "pattern": "\\bdd\\s+.*of=\\/dev\\/", "description": "dd write to device", "severity": "block" }
 ]

package/dist/hooks/db-guard.js

@@ -11,6 +11,7 @@ import { atomicWriteJSON } from './shared/atomic-write.js';
 import { isHookEnabled } from './hook-config.js';
 import { approve, approveWithWarning, deny, failOpenWithTracking } from './shared/hook-response.js';
 import { STATE_DIR } from '../core/paths.js';
+import { preprocessForMatch } from './shared/command-parser.js';
 const FAIL_COUNTER_PATH = path.join(STATE_DIR, 'db-guard-fail-counter.json');
 const FAIL_CLOSE_THRESHOLD = 3;
 export const DANGEROUS_SQL_PATTERNS = [
@@ -27,8 +28,23 @@ export function checkDangerousSql(toolName, toolInput) {
     const command = typeof toolInput === 'string'
         ? toolInput
         : (toolInput.command ?? '');
+    // TEST-6 확장 (2026-04-24): DB CLI allowlist 기반 quote-aware 전처리.
+    //
+    // 결함: 이전에는 raw command 를 직접 매칭해 `git commit -m "... DROP TABLE ..."`
+    // 같은 quote 안 SQL 키워드까지 block (실증: 이번 세션 내 release 커밋 메시지 차단).
+    //
+    // 단순히 masked 만 쓰면 `psql -c "DROP TABLE users"` 같은 실 DB 실행의 True-Positive
+    // 까지 놓친다. 해법: masked 처리 후에도 **DB CLI 토큰** 이 보이면 진짜 실행 의도
+    // 라고 판단해 raw 를 검사, 아니면 masked 를 검사.
+    //   - `psql -c "DROP TABLE"` → masked: `psql -c ""` → psql 존재 → raw 검사 → block
+    //   - `git commit -m "DROP TABLE"` → masked: `git commit -m ""` → psql 없음 → masked 검사 → pass
+    //   - `DROP DATABASE production` (direct SQL) → masked 그대로 (quote 없음) → block
+    const maskedCommand = preprocessForMatch(command, 'masked');
+    const dbCliRe = /\b(psql|mysql|sqlite3?|pg_restore|mongosh|mysqldump|cockroach\s+sql|redis-cli)\b/i;
+    const hasDbCli = dbCliRe.test(maskedCommand);
+    const scanCommand = hasDbCli ? command : maskedCommand;
     // 주석 제거 후 SQL에 대해 패턴 매칭 (주석 안 키워드 오차단 방지)
-    const sqlWithoutComments = command
+    const sqlWithoutComments = scanCommand
         .replace(/--[^\n]*/g, '') // 라인 주석 제거
         .replace(/\/\*[\s\S]*?\*\//g, ''); // 블록 주석 제거
     for (const { pattern, description, severity } of DANGEROUS_SQL_PATTERNS) {
@@ -101,5 +117,5 @@ async function main() {
 }
 main().catch((e) => {
     process.stderr.write(`[ch-hook] DB Guard error: ${e instanceof Error ? e.message : String(e)}\n`);
-    console.log(failOpenWithTracking('db-guard'));
+    console.log(failOpenWithTracking('db-guard', e));
 });

package/dist/hooks/intent-classifier.js

@@ -83,5 +83,5 @@ async function main() {
 }
 main().catch((e) => {
     process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-    console.log(failOpenWithTracking('intent-classifier'));
+    console.log(failOpenWithTracking('intent-classifier', e));
 });

package/dist/hooks/keyword-detector.js

@@ -308,6 +308,6 @@ async function main() {
 if (process.argv[1] && fs.realpathSync(path.resolve(process.argv[1])) === fileURLToPath(import.meta.url)) {
     main().catch((e) => {
         process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-        console.log(failOpenWithTracking('keyword-detector'));
+        console.log(failOpenWithTracking('keyword-detector', e));
     });
 }

package/dist/hooks/notepad-injector.js

@@ -50,5 +50,5 @@ async function main() {
 }
 main().catch((e) => {
     process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-    console.log(failOpenWithTracking('notepad-injector'));
+    console.log(failOpenWithTracking('notepad-injector', e));
 });

package/dist/hooks/permission-handler.js

@@ -129,5 +129,5 @@ async function main() {
 }
 main().catch((e) => {
     process.stderr.write(`[ch-hook] ${e instanceof Error ? e.message : String(e)}\n`);
-    console.log(failOpenWithTracking('permission-handler'));
+    console.log(failOpenWithTracking('permission-handler', e));
 });

package/dist/hooks/post-tool-failure.js

@@ -127,5 +127,5 @@ main().catch((e) => {
         hookName: 'post-tool-failure', eventType: 'PostToolUseFailure', cause: e,
     });
     process.stderr.write(`[ch-hook] ${hookErr.name}: ${hookErr.message}\n`);
-    console.log(failOpenWithTracking('post-tool-failure'));
+    console.log(failOpenWithTracking('post-tool-failure', e));
 });

package/dist/hooks/post-tool-use.d.ts

@@ -18,6 +18,12 @@ interface ModifiedFilesState {
     recentWrites?: Record<string, string[]>;
     /** Drift detection state */
     drift?: DriftState;
+    /**
+     * TEST-2 support: 최근 N개 tool 이름 (가장 최근이 마지막). 세션 시작 이래 누적된
+     * 도구 이름을 그대로 끝까지 보관하면 메모리 낭비이므로 slice window.
+     * stop-guard 가 "측정 도구 호출 수" 를 빠르게 계산.
+     */
+    recentToolNames?: string[];
 }
 export declare const ERROR_PATTERNS: Array<{
     pattern: RegExp;