agileflow 2.94.1 → 2.95.1

package/scripts/archive-completed-stories.sh

@@ -105,13 +105,87 @@ echo -e "${BLUE}Cutoff date: $CUTOFF_DATE${NC}"
 
 # Archive using Node.js (more reliable for JSON manipulation)
 if command -v node &> /dev/null; then
-  STATUS_FILE="$STATUS_FILE" ARCHIVE_DIR="$ARCHIVE_DIR" CUTOFF_DATE="$CUTOFF_DATE" node <<'EOF'
+  STATUS_FILE="$STATUS_FILE" ARCHIVE_DIR="$ARCHIVE_DIR" CUTOFF_DATE="$CUTOFF_DATE" PROJECT_ROOT="$PROJECT_ROOT" node <<'EOF'
 const fs = require('fs');
 const path = require('path');
 
 const statusFile = process.env.STATUS_FILE;
 const archiveDir = process.env.ARCHIVE_DIR;
 const cutoffDate = process.env.CUTOFF_DATE;
+const projectRoot = process.env.PROJECT_ROOT;
+
+// =============================================================================
+// Security: Inline validatePath equivalent (US-0188)
+// =============================================================================
+
+/**
+ * Validate a path is safe and within the base directory.
+ * Rejects direct symlinks within the path but allows symlinked parent directories
+ * (needed for git worktrees where docs/ is often symlinked).
+ * @param {string} inputPath - Path to validate
+ * @param {string} baseDir - Allowed base directory
+ * @returns {{ ok: boolean, resolvedPath?: string, realPath?: string, error?: string }}
+ */
+function validatePath(inputPath, baseDir) {
+  if (!inputPath || typeof inputPath !== 'string') {
+    return { ok: false, error: 'Path is required and must be a string' };
+  }
+  if (!baseDir || typeof baseDir !== 'string') {
+    return { ok: false, error: 'Base directory is required' };
+  }
+
+  // Resolve to absolute path
+  const resolvedPath = path.resolve(baseDir, inputPath);
+  const resolvedBase = path.resolve(baseDir);
+
+  // Check path stays within base directory (path traversal prevention)
+  if (!resolvedPath.startsWith(resolvedBase + path.sep) && resolvedPath !== resolvedBase) {
+    return { ok: false, error: `Path traversal detected: ${inputPath} escapes ${baseDir}` };
+  }
+
+  // Check if the final target path itself is a symlink (allowSymlinks: false for target)
+  // Note: We allow parent directories to be symlinks (needed for git worktrees)
+  try {
+    const stats = fs.lstatSync(resolvedPath);
+    if (stats.isSymbolicLink()) {
+      // The actual file/directory we're writing to is a symlink - reject
+      return { ok: false, error: `Target path is a symlink: ${resolvedPath}` };
+    }
+  } catch (e) {
+    // Path doesn't exist yet, that's OK for new files
+    if (e.code !== 'ENOENT') {
+      return { ok: false, error: `Cannot stat path: ${e.message}` };
+    }
+  }
+
+  // Use fs.realpathSync() to get the actual path after symlink resolution
+  let realPath = resolvedPath;
+  try {
+    realPath = fs.realpathSync(resolvedPath);
+    // We don't restrict realPath to baseDir because parent directories may be
+    // symlinked (e.g., git worktrees). The key protection is:
+    // 1. path.resolve() prevents ../../ traversal in the input
+    // 2. lstatSync() above prevents the target itself from being a symlink
+  } catch (e) {
+    // Path doesn't exist yet, use resolved path
+    if (e.code !== 'ENOENT') {
+      return { ok: false, error: `Cannot resolve real path: ${e.message}` };
+    }
+    realPath = resolvedPath;
+  }
+
+  return { ok: true, resolvedPath, realPath };
+}
+
+// =============================================================================
+// Validate archive directory (US-0188)
+// =============================================================================
+
+const archiveDirValidation = validatePath(archiveDir, projectRoot);
+if (!archiveDirValidation.ok) {
+  console.error(`\x1b[31mSecurity: ${archiveDirValidation.error}. Aborting.\x1b[0m`);
+  process.exit(1);
+}
 
 // Read status.json
 const status = JSON.parse(fs.readFileSync(statusFile, 'utf8'));
@@ -146,7 +220,7 @@ for (const [storyId, story] of Object.entries(toArchive)) {
   const date = new Date(story.completed_at);
   const monthKey = `${date.getFullYear()}-${String(date.getMonth() + 1).padStart(2, '0')}`;
 
-  // Security: Validate monthKey matches expected format (YYYY-MM) to prevent path traversal
+  // Security: Validate monthKey matches expected format (YYYY-MM) to prevent path traversal (US-0188 AC)
   if (!/^\d{4}-\d{2}$/.test(monthKey)) {
     console.error(`\x1b[31mSkipping story ${storyId}: invalid date format\x1b[0m`);
     continue;
@@ -165,27 +239,28 @@ for (const [storyId, story] of Object.entries(toArchive)) {
 
 // Write archive files
 for (const [monthKey, archiveData] of Object.entries(byMonth)) {
-  const archiveFile = path.join(archiveDir, `${monthKey}.json`);
+  const archiveFile = `${monthKey}.json`;
 
-  // Security: Verify resolved path stays within archive directory
-  const resolvedPath = path.resolve(archiveFile);
-  const resolvedArchiveDir = path.resolve(archiveDir);
-  if (!resolvedPath.startsWith(resolvedArchiveDir + path.sep) && resolvedPath !== resolvedArchiveDir) {
-    console.error(`\x1b[31mSecurity: Archive path ${archiveFile} escapes archive directory. Skipping.\x1b[0m`);
+  // Security: Use validatePath() with allowSymlinks: false (US-0188 AC)
+  const validation = validatePath(archiveFile, archiveDir);
+  if (!validation.ok) {
+    console.error(`\x1b[31mSecurity: ${validation.error}. Skipping ${monthKey}.\x1b[0m`);
     continue;
   }
 
+  const finalPath = validation.resolvedPath;
+
   // Merge with existing archive if it exists
-  if (fs.existsSync(archiveFile)) {
+  if (fs.existsSync(finalPath)) {
     try {
-      const existing = JSON.parse(fs.readFileSync(archiveFile, 'utf8'));
+      const existing = JSON.parse(fs.readFileSync(finalPath, 'utf8'));
       archiveData.stories = { ...existing.stories, ...archiveData.stories };
     } catch (e) {
       console.error(`\x1b[31mWarning: Could not parse existing ${monthKey}.json, will overwrite\x1b[0m`);
     }
   }
 
-  fs.writeFileSync(archiveFile, JSON.stringify(archiveData, null, 2));
+  fs.writeFileSync(finalPath, JSON.stringify(archiveData, null, 2));
   const count = Object.keys(archiveData.stories).length;
   console.log(`\x1b[32m✓ Archived ${count} stories to ${monthKey}.json\x1b[0m`);
 }

package/scripts/babysit-context-restore.js

@@ -0,0 +1,89 @@
+#!/usr/bin/env node
+/**
+ * babysit-context-restore.js - UserPromptSubmit hook
+ *
+ * Backup mechanism to restore babysit context after plan mode clears context.
+ * When user selects "Clear context and bypass permissions" after ExitPlanMode,
+ * this hook fires on the next user prompt and reminds Claude of babysit rules.
+ *
+ * The primary mechanism is embedding rules in the plan file (Rule #6).
+ * This hook is a backup for edge cases where plan file approach might miss.
+ *
+ * Usage: Called automatically as UserPromptSubmit hook
+ */
+
+const fs = require('fs');
+const path = require('path');
+
+// Find session-state.json - try multiple locations
+function findSessionState() {
+  const locations = [
+    'docs/09-agents/session-state.json',
+    path.join(process.env.CLAUDE_PROJECT_DIR || '.', 'docs/09-agents/session-state.json'),
+  ];
+
+  for (const loc of locations) {
+    if (fs.existsSync(loc)) {
+      return loc;
+    }
+  }
+  return null;
+}
+
+function main() {
+  const sessionStatePath = findSessionState();
+  if (!sessionStatePath) return;
+
+  try {
+    const state = JSON.parse(fs.readFileSync(sessionStatePath, 'utf8'));
+
+    // Check if restoration is pending
+    if (!state.babysit_pending_restore) return;
+
+    // Output restoration context
+    console.log('');
+    console.log('\x1b[36m╔══════════════════════════════════════════════════════════════╗\x1b[0m');
+    console.log(
+      '\x1b[36m║\x1b[0m  \x1b[1m\x1b[33m/babysit CONTEXT RESTORED\x1b[0m                                   \x1b[36m║\x1b[0m'
+    );
+    console.log('\x1b[36m╠══════════════════════════════════════════════════════════════╣\x1b[0m');
+    console.log(
+      '\x1b[36m║\x1b[0m  /agileflow:babysit was active before context clear.         \x1b[36m║\x1b[0m'
+    );
+    console.log(
+      '\x1b[36m║\x1b[0m  These rules are MANDATORY:                                  \x1b[36m║\x1b[0m'
+    );
+    console.log(
+      '\x1b[36m║\x1b[0m                                                              \x1b[36m║\x1b[0m'
+    );
+    console.log(
+      '\x1b[36m║\x1b[0m  1. ALWAYS end responses with AskUserQuestion tool           \x1b[36m║\x1b[0m'
+    );
+    console.log(
+      '\x1b[36m║\x1b[0m  2. Use EnterPlanMode before non-trivial tasks               \x1b[36m║\x1b[0m'
+    );
+    console.log(
+      '\x1b[36m║\x1b[0m  3. Delegate complex work to domain experts                  \x1b[36m║\x1b[0m'
+    );
+    console.log(
+      '\x1b[36m║\x1b[0m  4. Track progress with TodoWrite for 3+ step tasks          \x1b[36m║\x1b[0m'
+    );
+    console.log(
+      '\x1b[36m║\x1b[0m                                                              \x1b[36m║\x1b[0m'
+    );
+    console.log(
+      '\x1b[36m║\x1b[0m  For full context: /agileflow:babysit                        \x1b[36m║\x1b[0m'
+    );
+    console.log('\x1b[36m╚══════════════════════════════════════════════════════════════╝\x1b[0m');
+    console.log('');
+
+    // Clear the flag (one-time restoration)
+    state.babysit_pending_restore = false;
+    state.babysit_restored_at = new Date().toISOString();
+    fs.writeFileSync(sessionStatePath, JSON.stringify(state, null, 2) + '\n');
+  } catch (e) {
+    // Silently fail - don't break user's workflow
+  }
+}
+
+main();

package/scripts/claude-tmux.sh

@@ -5,28 +5,125 @@
 #   ./claude-tmux.sh              # Start in tmux with default session
 #   ./claude-tmux.sh --no-tmux    # Start without tmux (regular claude)
 #   ./claude-tmux.sh -n           # Same as --no-tmux
+#   ./claude-tmux.sh --rescue     # Kill frozen session and restart fresh
+#   ./claude-tmux.sh --kill       # Kill existing session completely
+#   ./claude-tmux.sh --help       # Show help with keybinds
 #
 # When already in tmux: Just runs claude normally
 # When not in tmux: Creates a tmux session and runs claude inside it
+#
+# FREEZE RECOVERY:
+#   If Claude freezes inside tmux, use these keybinds:
+#   - Alt+k     Send Ctrl+C twice (soft interrupt)
+#   - Alt+K     Force kill the pane immediately
+#   - Alt+R     Respawn pane with fresh shell
+#   - Alt+q     Detach from tmux (session stays alive)
 
 set -e
 
-# Check for --no-tmux flag
+# Parse arguments
 NO_TMUX=false
+RESCUE=false
+KILL_SESSION=false
+SHOW_HELP=false
+
 for arg in "$@"; do
   case $arg in
     --no-tmux|-n)
       NO_TMUX=true
       shift
       ;;
+    --rescue|-r)
+      RESCUE=true
+      shift
+      ;;
+    --kill)
+      KILL_SESSION=true
+      shift
+      ;;
+    --help|-h)
+      SHOW_HELP=true
+      shift
+      ;;
   esac
 done
 
+# Show help
+if [ "$SHOW_HELP" = true ]; then
+  cat << 'EOF'
+AgileFlow Claude tmux Wrapper
+
+USAGE:
+  af [options] [claude-args...]
+  agileflow [options] [claude-args...]
+
+OPTIONS:
+  --no-tmux, -n    Run claude without tmux
+  --rescue, -r     Kill frozen session and restart fresh
+  --kill           Kill existing session completely
+  --help, -h       Show this help
+
+TMUX KEYBINDS:
+  Alt+1-9          Switch to window N
+  Alt+c            Create new window
+  Alt+n/p          Next/previous window
+  Alt+d            Split horizontally
+  Alt+s            Split vertically
+  Alt+arrows       Navigate panes
+  Alt+z            Zoom/unzoom pane
+  Alt+[            Enter copy mode (scroll)
+  Alt+r            Rename window
+  Alt+x            Close pane
+  Alt+w            Close window
+  Alt+q            Detach from tmux
+
+FREEZE RECOVERY:
+  Alt+k            Send Ctrl+C twice (soft interrupt)
+  Alt+K            Force kill pane immediately
+  Alt+R            Respawn pane with fresh shell
+
+If Claude is completely frozen and keybinds don't work:
+  1. Open a new terminal
+  2. Run: af --rescue   (kills and restarts)
+  3. Or:  af --kill     (just kills, doesn't restart)
+EOF
+  exit 0
+fi
+
 # If --no-tmux was specified, just run claude directly
 if [ "$NO_TMUX" = true ]; then
   exec claude "$@"
 fi
 
+# Generate session name based on current directory (needed for rescue/kill)
+DIR_NAME=$(basename "$(pwd)")
+SESSION_NAME="claude-${DIR_NAME}"
+
+# Handle --kill flag
+if [ "$KILL_SESSION" = true ]; then
+  if tmux has-session -t "$SESSION_NAME" 2>/dev/null; then
+    echo "Killing session: $SESSION_NAME"
+    tmux kill-session -t "$SESSION_NAME"
+    echo "Session killed."
+  else
+    echo "No session named '$SESSION_NAME' found."
+  fi
+  exit 0
+fi
+
+# Handle --rescue flag (kill and restart)
+if [ "$RESCUE" = true ]; then
+  if tmux has-session -t "$SESSION_NAME" 2>/dev/null; then
+    echo "Killing frozen session: $SESSION_NAME"
+    tmux kill-session -t "$SESSION_NAME"
+    echo "Session killed. Restarting..."
+    sleep 0.5
+  else
+    echo "No existing session to rescue. Starting fresh..."
+  fi
+  # Continue to create new session below
+fi
+
 # Check if tmux auto-spawn is disabled in config
 METADATA_FILE="docs/00-meta/agileflow-metadata.json"
 if [ -f "$METADATA_FILE" ]; then
@@ -62,9 +159,7 @@ if ! command -v tmux &> /dev/null; then
   exec claude "$@"
 fi
 
-# Generate session name based on current directory
-DIR_NAME=$(basename "$(pwd)")
-SESSION_NAME="claude-${DIR_NAME}"
+# SESSION_NAME already generated above (needed for --rescue and --kill)
 
 # Check if session already exists
 if tmux has-session -t "$SESSION_NAME" 2>/dev/null; then
@@ -102,7 +197,8 @@ tmux set-option -t "$SESSION_NAME" status 2
 tmux set-option -t "$SESSION_NAME" status-style "bg=#1a1b26,fg=#a9b1d6"
 
 # Line 0 (top): Session name (stripped of claude- prefix) + Keybinds + Git branch
-tmux set-option -t "$SESSION_NAME" status-format[0] "#[bg=#1a1b26]  #[fg=#e8683a bold]#{s/claude-//:session_name}  #[fg=#3b4261]·  #[fg=#7aa2f7]󰘬 #(git branch --show-current 2>/dev/null || echo '-')  #[align=right]#[fg=#7a7e8a]Alt+1-9 tabs  Alt+x close  Alt+q detach  "
+# Shows freeze recovery keys: Alt+k (soft kill), Alt+K (hard kill)
+tmux set-option -t "$SESSION_NAME" status-format[0] "#[bg=#1a1b26]  #[fg=#e8683a bold]#{s/claude-//:session_name}  #[fg=#3b4261]·  #[fg=#7aa2f7]󰘬 #(git branch --show-current 2>/dev/null || echo '-')  #[align=right]#[fg=#7a7e8a]Alt+k freeze  Alt+x close  Alt+q detach  "
 
 # Line 1 (bottom): Window tabs with smart truncation and brand color
 # - Active window: full name (max 15 chars), brand orange highlight
@@ -163,6 +259,16 @@ tmux bind-key -n M-z resize-pane -Z
 # Alt+[ to enter copy mode (for scrolling)
 tmux bind-key -n M-[ copy-mode
 
+# ─── Freeze Recovery Keybindings ─────────────────────────────────────────────
+# Alt+k to send Ctrl+C twice (soft interrupt for frozen processes)
+tmux bind-key -n M-k run-shell "tmux send-keys C-c; sleep 0.5; tmux send-keys C-c"
+
+# Alt+K (shift+k) to force-kill pane immediately (nuclear option for hard freezes)
+tmux bind-key -n M-K kill-pane
+
+# Alt+R (shift+r) to respawn the pane (restart with a fresh shell)
+tmux bind-key -n M-R respawn-pane -k
+
 # Send the claude command to the first window
 CLAUDE_CMD="claude"
 if [ $# -gt 0 ]; then

package/scripts/damage-control/bash-tool-damage-control.js

@@ -1,258 +1,22 @@
 #!/usr/bin/env node
 
 /**
- * bash-tool-damage-control.js - Validate bash commands against security patterns
+ * bash-tool-damage-control.js - PreToolUse hook for Bash tool
  *
- * This PreToolUse hook runs before every Bash tool execution.
- * It checks the command against patterns.yaml to block or ask for
- * confirmation on dangerous commands.
+ * Validates bash commands against patterns in damage-control-patterns.yaml
+ * before execution. Part of AgileFlow's damage control system.
  *
  * Exit codes:
- *   0 = Allow command to proceed (or ask with JSON output)
- *   2 = Block command
+ *   0 - Allow command (or ask via JSON output)
+ *   2 - Block command
  *
- * For ask confirmation, outputs JSON:
- *   {"result": "ask", "message": "Reason for asking"}
+ * For "ask" response, output JSON to stdout:
+ *   { "result": "ask", "message": "Confirm this action?" }
  *
- * Usage (as PreToolUse hook):
- *   node .claude/hooks/damage-control/bash-tool-damage-control.js
- *
- * Environment:
- *   CLAUDE_TOOL_INPUT - JSON string with tool input (contains "command")
- *   CLAUDE_PROJECT_DIR - Project root directory
- */
-
-const fs = require('fs');
-const path = require('path');
-
-// ANSI colors for output
-const c = {
-  reset: '\x1b[0m',
-  bold: '\x1b[1m',
-  red: '\x1b[31m',
-  yellow: '\x1b[33m',
-  cyan: '\x1b[36m',
-};
-
-// Exit codes
-const EXIT_ALLOW = 0;
-const EXIT_BLOCK = 2;
-
-/**
- * Load patterns from YAML file
- * Falls back to built-in patterns if YAML parsing fails
- */
-function loadPatterns(projectDir) {
-  const locations = [
-    path.join(projectDir, '.claude/hooks/damage-control/patterns.yaml'),
-    path.join(projectDir, '.agileflow/hooks/damage-control/patterns.yaml'),
-    path.join(projectDir, 'patterns.yaml'),
-  ];
-
-  for (const loc of locations) {
-    if (fs.existsSync(loc)) {
-      try {
-        const content = fs.readFileSync(loc, 'utf8');
-        // Simple YAML parsing for our specific structure
-        return parseSimpleYaml(content);
-      } catch (e) {
-        console.error(`Warning: Could not parse ${loc}: ${e.message}`);
-      }
-    }
-  }
-
-  // Return built-in defaults if no file found
-  return getDefaultPatterns();
-}
-
-/**
- * Simple YAML parser for patterns.yaml structure
- * Only handles the specific structure we use (arrays of objects with pattern/reason/ask)
- */
-function parseSimpleYaml(content) {
-  const patterns = {
-    bashToolPatterns: [],
-    askPatterns: [],
-    agileflowPatterns: [],
-  };
-
-  let currentSection = null;
-  let currentItem = null;
-
-  const lines = content.split('\n');
-
-  for (const line of lines) {
-    // Skip comments and empty lines
-    if (line.trim().startsWith('#') || line.trim() === '') continue;
-
-    // Check for section headers
-    if (line.match(/^bashToolPatterns:/)) {
-      currentSection = 'bashToolPatterns';
-      continue;
-    }
-    if (line.match(/^askPatterns:/)) {
-      currentSection = 'askPatterns';
-      continue;
-    }
-    if (line.match(/^agileflowPatterns:/)) {
-      currentSection = 'agileflowPatterns';
-      continue;
-    }
-    if (line.match(/^(zeroAccessPaths|readOnlyPaths|noDeletePaths|config):/)) {
-      currentSection = null; // Skip non-pattern sections
-      continue;
-    }
-
-    // Parse pattern items
-    if (currentSection && patterns[currentSection]) {
-      const patternMatch = line.match(/^\s+-\s*pattern:\s*['"]?(.+?)['"]?\s*$/);
-      if (patternMatch) {
-        currentItem = { pattern: patternMatch[1] };
-        patterns[currentSection].push(currentItem);
-        continue;
-      }
-
-      const reasonMatch = line.match(/^\s+reason:\s*['"]?(.+?)['"]?\s*$/);
-      if (reasonMatch && currentItem) {
-        currentItem.reason = reasonMatch[1];
-        continue;
-      }
-
-      const askMatch = line.match(/^\s+ask:\s*(true|false)\s*$/);
-      if (askMatch && currentItem) {
-        currentItem.ask = askMatch[1] === 'true';
-        continue;
-      }
-    }
-  }
-
-  return patterns;
-}
-
-/**
- * Built-in default patterns (used if patterns.yaml not found)
- */
-function getDefaultPatterns() {
-  return {
-    bashToolPatterns: [
-      { pattern: '\\brm\\s+-[rRf]', reason: 'rm with recursive or force flags' },
-      { pattern: 'DROP\\s+(TABLE|DATABASE)', reason: 'DROP commands are destructive' },
-      { pattern: 'DELETE\\s+FROM\\s+\\w+\\s*;', reason: 'DELETE without WHERE clause' },
-      { pattern: 'TRUNCATE\\s+(TABLE\\s+)?\\w+', reason: 'TRUNCATE removes all data' },
-      {
-        pattern: 'git\\s+push\\s+.*--force',
-        reason: 'Force push can overwrite history',
-        ask: true,
-      },
-      { pattern: 'git\\s+reset\\s+--hard', reason: 'Hard reset discards changes', ask: true },
-    ],
-    askPatterns: [
-      { pattern: 'DELETE\\s+FROM\\s+\\w+\\s+WHERE', reason: 'Confirm record deletion' },
-      { pattern: 'npm\\s+publish', reason: 'Publishing to npm is permanent' },
-    ],
-    agileflowPatterns: [
-      { pattern: 'rm.*\\.agileflow', reason: 'Deleting .agileflow breaks installation' },
-      { pattern: 'rm.*\\.claude', reason: 'Deleting .claude breaks configuration' },
-    ],
-  };
-}
-
-/**
- * Check command against patterns
- * Returns: { blocked: boolean, ask: boolean, reason: string }
- */
-function checkCommand(command, patterns) {
-  // Combine all pattern sources
-  const allPatterns = [...(patterns.bashToolPatterns || []), ...(patterns.agileflowPatterns || [])];
-
-  // Check block/ask patterns
-  for (const p of allPatterns) {
-    try {
-      const regex = new RegExp(p.pattern, 'i');
-      if (regex.test(command)) {
-        if (p.ask) {
-          return { blocked: false, ask: true, reason: p.reason };
-        }
-        return { blocked: true, ask: false, reason: p.reason };
-      }
-    } catch (e) {
-      // Invalid regex, skip
-      console.error(`Warning: Invalid regex pattern: ${p.pattern}`);
-    }
-  }
-
-  // Check ask-only patterns
-  for (const p of patterns.askPatterns || []) {
-    try {
-      const regex = new RegExp(p.pattern, 'i');
-      if (regex.test(command)) {
-        return { blocked: false, ask: true, reason: p.reason };
-      }
-    } catch (e) {
-      // Invalid regex, skip
-    }
-  }
-
-  return { blocked: false, ask: false, reason: null };
-}
-
-/**
- * Main entry point
+ * Usage: Configured as PreToolUse hook in .claude/settings.json
  */
-function main() {
-  // Get tool input from environment
-  const toolInput = process.env.CLAUDE_TOOL_INPUT;
-  const projectDir = process.env.CLAUDE_PROJECT_DIR || process.cwd();
-
-  if (!toolInput) {
-    // No input, allow by default
-    process.exit(EXIT_ALLOW);
-  }
-
-  let input;
-  try {
-    input = JSON.parse(toolInput);
-  } catch (e) {
-    console.error('Error parsing CLAUDE_TOOL_INPUT:', e.message);
-    process.exit(EXIT_ALLOW);
-  }
-
-  const command = input.command;
-  if (!command) {
-    process.exit(EXIT_ALLOW);
-  }
-
-  // Load patterns
-  const patterns = loadPatterns(projectDir);
-
-  // Check command
-  const result = checkCommand(command, patterns);
-
-  if (result.blocked) {
-    // Block the command
-    console.error(`${c.red}${c.bold}BLOCKED${c.reset}: ${result.reason}`);
-    console.error(`${c.yellow}Command: ${command}${c.reset}`);
-    console.error(`${c.cyan}This command was blocked by damage control.${c.reset}`);
-    process.exit(EXIT_BLOCK);
-  }
-
-  if (result.ask) {
-    // Ask for confirmation
-    const response = {
-      result: 'ask',
-      message: `${result.reason}\n\nCommand: ${command}\n\nProceed with this command?`,
-    };
-    console.log(JSON.stringify(response));
-    process.exit(EXIT_ALLOW);
-  }
-
-  // Allow the command
-  process.exit(EXIT_ALLOW);
-}
 
-// Run if called directly
-if (require.main === module) {
-  main();
-}
+const { createBashHook } = require('../lib/damage-control-utils');
 
-module.exports = { checkCommand, loadPatterns, parseSimpleYaml };
+// Run the hook using factory
+createBashHook()();