aw-ecc 1.4.21

package/scripts/hooks/config-protection.js

@@ -0,0 +1,125 @@
+#!/usr/bin/env node
+/**
+ * Config Protection Hook
+ *
+ * Blocks modifications to linter/formatter config files.
+ * Agents frequently modify these to make checks pass instead of fixing
+ * the actual code. This hook steers the agent back to fixing the source.
+ *
+ * Exit codes:
+ *   0 = allow (not a config file)
+ *   2 = block (config file modification attempted)
+ */
+
+'use strict';
+
+const path = require('path');
+
+const MAX_STDIN = 1024 * 1024;
+let raw = '';
+
+const PROTECTED_FILES = new Set([
+  // ESLint (legacy + v9 flat config, JS/TS/MJS/CJS)
+  '.eslintrc',
+  '.eslintrc.js',
+  '.eslintrc.cjs',
+  '.eslintrc.json',
+  '.eslintrc.yml',
+  '.eslintrc.yaml',
+  'eslint.config.js',
+  'eslint.config.mjs',
+  'eslint.config.cjs',
+  'eslint.config.ts',
+  'eslint.config.mts',
+  'eslint.config.cts',
+  // Prettier (all config variants including ESM)
+  '.prettierrc',
+  '.prettierrc.js',
+  '.prettierrc.cjs',
+  '.prettierrc.json',
+  '.prettierrc.yml',
+  '.prettierrc.yaml',
+  'prettier.config.js',
+  'prettier.config.cjs',
+  'prettier.config.mjs',
+  // Biome
+  'biome.json',
+  'biome.jsonc',
+  // Ruff (Python)
+  '.ruff.toml',
+  'ruff.toml',
+  // Note: pyproject.toml is intentionally NOT included here because it
+  // contains project metadata alongside linter config. Blocking all edits
+  // to pyproject.toml would prevent legitimate dependency changes.
+  // Shell / Style / Markdown
+  '.shellcheckrc',
+  '.stylelintrc',
+  '.stylelintrc.json',
+  '.stylelintrc.yml',
+  '.markdownlint.json',
+  '.markdownlint.yaml',
+  '.markdownlintrc',
+]);
+
+/**
+ * Exportable run() for in-process execution via run-with-flags.js.
+ * Avoids the ~50-100ms spawnSync overhead when available.
+ */
+function run(input) {
+  const filePath = input?.tool_input?.file_path || input?.tool_input?.file || '';
+  if (!filePath) return { exitCode: 0 };
+
+  const basename = path.basename(filePath);
+  if (PROTECTED_FILES.has(basename)) {
+    return {
+      exitCode: 2,
+      stderr:
+        `BLOCKED: Modifying ${basename} is not allowed. ` +
+        `Fix the source code to satisfy linter/formatter rules instead of ` +
+        `weakening the config. If this is a legitimate config change, ` +
+        `disable the config-protection hook temporarily.`,
+    };
+  }
+
+  return { exitCode: 0 };
+}
+
+module.exports = { run };
+
+// Stdin fallback for spawnSync execution
+let truncated = false;
+process.stdin.setEncoding('utf8');
+process.stdin.on('data', chunk => {
+  if (raw.length < MAX_STDIN) {
+    const remaining = MAX_STDIN - raw.length;
+    raw += chunk.substring(0, remaining);
+    if (chunk.length > remaining) truncated = true;
+  } else {
+    truncated = true;
+  }
+});
+
+process.stdin.on('end', () => {
+  // If stdin was truncated, the JSON is likely malformed. Fail open but
+  // log a warning so the issue is visible. The run() path (used by
+  // run-with-flags.js in-process) is not affected by this.
+  if (truncated) {
+    process.stderr.write('[config-protection] Warning: stdin exceeded 1MB, skipping check\n');
+    process.stdout.write(raw);
+    return;
+  }
+
+  try {
+    const input = raw.trim() ? JSON.parse(raw) : {};
+    const result = run(input);
+
+    if (result.exitCode === 2) {
+      process.stderr.write(result.stderr + '\n');
+      process.exit(2);
+    }
+  } catch {
+    // Keep hook non-blocking on parse errors.
+  }
+
+  process.stdout.write(raw);
+});

package/scripts/hooks/cost-tracker.js

@@ -0,0 +1,78 @@
+#!/usr/bin/env node
+/**
+ * Cost Tracker Hook
+ *
+ * Appends lightweight session usage metrics to ~/.claude/metrics/costs.jsonl.
+ */
+
+'use strict';
+
+const path = require('path');
+const {
+  ensureDir,
+  appendFile,
+  getClaudeDir,
+} = require('../lib/utils');
+
+const MAX_STDIN = 1024 * 1024;
+let raw = '';
+
+function toNumber(value) {
+  const n = Number(value);
+  return Number.isFinite(n) ? n : 0;
+}
+
+function estimateCost(model, inputTokens, outputTokens) {
+  // Approximate per-1M-token blended rates. Conservative defaults.
+  const table = {
+    'haiku': { in: 0.8, out: 4.0 },
+    'sonnet': { in: 3.0, out: 15.0 },
+    'opus': { in: 15.0, out: 75.0 },
+  };
+
+  const normalized = String(model || '').toLowerCase();
+  let rates = table.sonnet;
+  if (normalized.includes('haiku')) rates = table.haiku;
+  if (normalized.includes('opus')) rates = table.opus;
+
+  const cost = (inputTokens / 1_000_000) * rates.in + (outputTokens / 1_000_000) * rates.out;
+  return Math.round(cost * 1e6) / 1e6;
+}
+
+process.stdin.setEncoding('utf8');
+process.stdin.on('data', chunk => {
+  if (raw.length < MAX_STDIN) {
+    const remaining = MAX_STDIN - raw.length;
+    raw += chunk.substring(0, remaining);
+  }
+});
+
+process.stdin.on('end', () => {
+  try {
+    const input = raw.trim() ? JSON.parse(raw) : {};
+    const usage = input.usage || input.token_usage || {};
+    const inputTokens = toNumber(usage.input_tokens || usage.prompt_tokens || 0);
+    const outputTokens = toNumber(usage.output_tokens || usage.completion_tokens || 0);
+
+    const model = String(input.model || input._cursor?.model || process.env.CLAUDE_MODEL || 'unknown');
+    const sessionId = String(process.env.CLAUDE_SESSION_ID || 'default');
+
+    const metricsDir = path.join(getClaudeDir(), 'metrics');
+    ensureDir(metricsDir);
+
+    const row = {
+      timestamp: new Date().toISOString(),
+      session_id: sessionId,
+      model,
+      input_tokens: inputTokens,
+      output_tokens: outputTokens,
+      estimated_cost_usd: estimateCost(model, inputTokens, outputTokens),
+    };
+
+    appendFile(path.join(metricsDir, 'costs.jsonl'), `${JSON.stringify(row)}\n`);
+  } catch {
+    // Keep hook non-blocking.
+  }
+
+  process.stdout.write(raw);
+});

package/scripts/hooks/doc-file-warning.js

@@ -0,0 +1,63 @@
+#!/usr/bin/env node
+/**
+ * Doc file warning hook (PreToolUse - Write)
+ * Warns about non-standard documentation files.
+ * Exit code 0 always (warns only, never blocks).
+ */
+
+'use strict';
+
+const path = require('path');
+
+const MAX_STDIN = 1024 * 1024;
+let data = '';
+
+function isAllowedDocPath(filePath) {
+  const normalized = filePath.replace(/\\/g, '/');
+  const basename = path.basename(filePath);
+
+  if (!/\.(md|txt)$/i.test(filePath)) return true;
+
+  if (/^(README|CLAUDE|AGENTS|CONTRIBUTING|CHANGELOG|LICENSE|SKILL|MEMORY|WORKLOG)\.md$/i.test(basename)) {
+    return true;
+  }
+
+  if (/\.claude\/(commands|plans|projects)\//.test(normalized)) {
+    return true;
+  }
+
+  if (/(^|\/)(docs|skills|\.history|memory)\//.test(normalized)) {
+    return true;
+  }
+
+  if (/\.plan\.md$/i.test(basename)) {
+    return true;
+  }
+
+  return false;
+}
+
+process.stdin.setEncoding('utf8');
+process.stdin.on('data', c => {
+  if (data.length < MAX_STDIN) {
+    const remaining = MAX_STDIN - data.length;
+    data += c.substring(0, remaining);
+  }
+});
+
+process.stdin.on('end', () => {
+  try {
+    const input = JSON.parse(data);
+    const filePath = String(input.tool_input?.file_path || '');
+
+    if (filePath && !isAllowedDocPath(filePath)) {
+      console.error('[Hook] WARNING: Non-standard documentation file detected');
+      console.error(`[Hook] File: ${filePath}`);
+      console.error('[Hook] Consider consolidating into README.md or docs/ directory');
+    }
+  } catch {
+    // ignore parse errors
+  }
+
+  process.stdout.write(data);
+});

package/scripts/hooks/evaluate-session.js

@@ -0,0 +1,100 @@
+#!/usr/bin/env node
+/**
+ * Continuous Learning - Session Evaluator
+ *
+ * Cross-platform (Windows, macOS, Linux)
+ *
+ * Runs on Stop hook to extract reusable patterns from Claude Code sessions.
+ * Reads transcript_path from stdin JSON (Claude Code hook input).
+ *
+ * Why Stop hook instead of UserPromptSubmit:
+ * - Stop runs once at session end (lightweight)
+ * - UserPromptSubmit runs every message (heavy, adds latency)
+ */
+
+const path = require('path');
+const fs = require('fs');
+const {
+  getLearnedSkillsDir,
+  ensureDir,
+  readFile,
+  countInFile,
+  log
+} = require('../lib/utils');
+
+// Read hook input from stdin (Claude Code provides transcript_path via stdin JSON)
+const MAX_STDIN = 1024 * 1024;
+let stdinData = '';
+process.stdin.setEncoding('utf8');
+
+process.stdin.on('data', chunk => {
+  if (stdinData.length < MAX_STDIN) {
+    const remaining = MAX_STDIN - stdinData.length;
+    stdinData += chunk.substring(0, remaining);
+  }
+});
+
+process.stdin.on('end', () => {
+  main().catch(err => {
+    console.error('[ContinuousLearning] Error:', err.message);
+    process.exit(0);
+  });
+});
+
+async function main() {
+  // Parse stdin JSON to get transcript_path
+  let transcriptPath = null;
+  try {
+    const input = JSON.parse(stdinData);
+    transcriptPath = input.transcript_path;
+  } catch {
+    // Fallback: try env var for backwards compatibility
+    transcriptPath = process.env.CLAUDE_TRANSCRIPT_PATH;
+  }
+
+  // Get script directory to find config
+  const scriptDir = __dirname;
+  const configFile = path.join(scriptDir, '..', '..', 'skills', 'continuous-learning', 'config.json');
+
+  // Default configuration
+  let minSessionLength = 10;
+  let learnedSkillsPath = getLearnedSkillsDir();
+
+  // Load config if exists
+  const configContent = readFile(configFile);
+  if (configContent) {
+    try {
+      const config = JSON.parse(configContent);
+      minSessionLength = config.min_session_length ?? 10;
+
+      if (config.learned_skills_path) {
+        // Handle ~ in path
+        learnedSkillsPath = config.learned_skills_path.replace(/^~/, require('os').homedir());
+      }
+    } catch (err) {
+      log(`[ContinuousLearning] Failed to parse config: ${err.message}, using defaults`);
+    }
+  }
+
+  // Ensure learned skills directory exists
+  ensureDir(learnedSkillsPath);
+
+  if (!transcriptPath || !fs.existsSync(transcriptPath)) {
+    process.exit(0);
+  }
+
+  // Count user messages in session (allow optional whitespace around colon)
+  const messageCount = countInFile(transcriptPath, /"type"\s*:\s*"user"/g);
+
+  // Skip short sessions
+  if (messageCount < minSessionLength) {
+    log(`[ContinuousLearning] Session too short (${messageCount} messages), skipping`);
+    process.exit(0);
+  }
+
+  // Signal to Claude that session should be evaluated for extractable patterns
+  log(`[ContinuousLearning] Session has ${messageCount} messages - evaluate for extractable patterns`);
+  log(`[ContinuousLearning] Save learned skills to: ${learnedSkillsPath}`);
+
+  process.exit(0);
+}

package/scripts/hooks/governance-capture.js

@@ -0,0 +1,280 @@
+#!/usr/bin/env node
+/**
+ * Governance Event Capture Hook
+ *
+ * PreToolUse/PostToolUse hook that detects governance-relevant events
+ * and writes them to the governance_events table in the state store.
+ *
+ * Captured event types:
+ *   - secret_detected: Hardcoded secrets in tool input/output
+ *   - policy_violation: Actions that violate configured policies
+ *   - security_finding: Security-relevant tool invocations
+ *   - approval_requested: Operations requiring explicit approval
+ *
+ * Enable: Set ECC_GOVERNANCE_CAPTURE=1
+ * Configure session: Set ECC_SESSION_ID for session correlation
+ */
+
+'use strict';
+
+const crypto = require('crypto');
+
+const MAX_STDIN = 1024 * 1024;
+
+// Patterns that indicate potential hardcoded secrets
+const SECRET_PATTERNS = [
+  { name: 'aws_key', pattern: /(?:AKIA|ASIA)[A-Z0-9]{16}/i },
+  { name: 'generic_secret', pattern: /(?:secret|password|token|api[_-]?key)\s*[:=]\s*["'][^"']{8,}/i },
+  { name: 'private_key', pattern: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/ },
+  { name: 'jwt', pattern: /eyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}/ },
+  { name: 'github_token', pattern: /gh[pousr]_[A-Za-z0-9_]{36,}/ },
+];
+
+// Tool names that represent security-relevant operations
+const SECURITY_RELEVANT_TOOLS = new Set([
+  'Bash', // Could execute arbitrary commands
+]);
+
+// Commands that require governance approval
+const APPROVAL_COMMANDS = [
+  /git\s+push\s+.*--force/,
+  /git\s+reset\s+--hard/,
+  /rm\s+-rf?\s/,
+  /DROP\s+(?:TABLE|DATABASE)/i,
+  /DELETE\s+FROM\s+\w+\s*(?:;|$)/i,
+];
+
+// File patterns that indicate policy-sensitive paths
+const SENSITIVE_PATHS = [
+  /\.env(?:\.|$)/,
+  /credentials/i,
+  /secrets?\./i,
+  /\.pem$/,
+  /\.key$/,
+  /id_rsa/,
+];
+
+/**
+ * Generate a unique event ID.
+ */
+function generateEventId() {
+  return `gov-${Date.now()}-${crypto.randomBytes(4).toString('hex')}`;
+}
+
+/**
+ * Scan text content for hardcoded secrets.
+ * Returns array of { name, match } for each detected secret.
+ */
+function detectSecrets(text) {
+  if (!text || typeof text !== 'string') return [];
+
+  const findings = [];
+  for (const { name, pattern } of SECRET_PATTERNS) {
+    if (pattern.test(text)) {
+      findings.push({ name });
+    }
+  }
+  return findings;
+}
+
+/**
+ * Check if a command requires governance approval.
+ */
+function detectApprovalRequired(command) {
+  if (!command || typeof command !== 'string') return [];
+
+  const findings = [];
+  for (const pattern of APPROVAL_COMMANDS) {
+    if (pattern.test(command)) {
+      findings.push({ pattern: pattern.source });
+    }
+  }
+  return findings;
+}
+
+/**
+ * Check if a file path is policy-sensitive.
+ */
+function detectSensitivePath(filePath) {
+  if (!filePath || typeof filePath !== 'string') return false;
+
+  return SENSITIVE_PATHS.some(pattern => pattern.test(filePath));
+}
+
+/**
+ * Analyze a hook input payload and return governance events to capture.
+ *
+ * @param {Object} input - Parsed hook input (tool_name, tool_input, tool_output)
+ * @param {Object} [context] - Additional context (sessionId, hookPhase)
+ * @returns {Array<Object>} Array of governance event objects
+ */
+function analyzeForGovernanceEvents(input, context = {}) {
+  const events = [];
+  const toolName = input.tool_name || '';
+  const toolInput = input.tool_input || {};
+  const toolOutput = typeof input.tool_output === 'string' ? input.tool_output : '';
+  const sessionId = context.sessionId || null;
+  const hookPhase = context.hookPhase || 'unknown';
+
+  // 1. Secret detection in tool input content
+  const inputText = typeof toolInput === 'object'
+    ? JSON.stringify(toolInput)
+    : String(toolInput);
+
+  const inputSecrets = detectSecrets(inputText);
+  const outputSecrets = detectSecrets(toolOutput);
+  const allSecrets = [...inputSecrets, ...outputSecrets];
+
+  if (allSecrets.length > 0) {
+    events.push({
+      id: generateEventId(),
+      sessionId,
+      eventType: 'secret_detected',
+      payload: {
+        toolName,
+        hookPhase,
+        secretTypes: allSecrets.map(s => s.name),
+        location: inputSecrets.length > 0 ? 'input' : 'output',
+        severity: 'critical',
+      },
+      resolvedAt: null,
+      resolution: null,
+    });
+  }
+
+  // 2. Approval-required commands (Bash only)
+  if (toolName === 'Bash') {
+    const command = toolInput.command || '';
+    const approvalFindings = detectApprovalRequired(command);
+
+    if (approvalFindings.length > 0) {
+      events.push({
+        id: generateEventId(),
+        sessionId,
+        eventType: 'approval_requested',
+        payload: {
+          toolName,
+          hookPhase,
+          command: command.slice(0, 200),
+          matchedPatterns: approvalFindings.map(f => f.pattern),
+          severity: 'high',
+        },
+        resolvedAt: null,
+        resolution: null,
+      });
+    }
+  }
+
+  // 3. Policy violation: writing to sensitive paths
+  const filePath = toolInput.file_path || toolInput.path || '';
+  if (filePath && detectSensitivePath(filePath)) {
+    events.push({
+      id: generateEventId(),
+      sessionId,
+      eventType: 'policy_violation',
+      payload: {
+        toolName,
+        hookPhase,
+        filePath: filePath.slice(0, 200),
+        reason: 'sensitive_file_access',
+        severity: 'warning',
+      },
+      resolvedAt: null,
+      resolution: null,
+    });
+  }
+
+  // 4. Security-relevant tool usage tracking
+  if (SECURITY_RELEVANT_TOOLS.has(toolName) && hookPhase === 'post') {
+    const command = toolInput.command || '';
+    const hasElevated = /sudo\s/.test(command) || /chmod\s/.test(command) || /chown\s/.test(command);
+
+    if (hasElevated) {
+      events.push({
+        id: generateEventId(),
+        sessionId,
+        eventType: 'security_finding',
+        payload: {
+          toolName,
+          hookPhase,
+          command: command.slice(0, 200),
+          reason: 'elevated_privilege_command',
+          severity: 'medium',
+        },
+        resolvedAt: null,
+        resolution: null,
+      });
+    }
+  }
+
+  return events;
+}
+
+/**
+ * Core hook logic — exported so run-with-flags.js can call directly.
+ *
+ * @param {string} rawInput - Raw JSON string from stdin
+ * @returns {string} The original input (pass-through)
+ */
+function run(rawInput) {
+  // Gate on feature flag
+  if (String(process.env.ECC_GOVERNANCE_CAPTURE || '').toLowerCase() !== '1') {
+    return rawInput;
+  }
+
+  try {
+    const input = JSON.parse(rawInput);
+    const sessionId = process.env.ECC_SESSION_ID || null;
+    const hookPhase = process.env.CLAUDE_HOOK_EVENT_NAME || 'unknown';
+
+    const events = analyzeForGovernanceEvents(input, {
+      sessionId,
+      hookPhase: hookPhase.startsWith('Pre') ? 'pre' : 'post',
+    });
+
+    if (events.length > 0) {
+      // Write events to stderr as JSON-lines for the caller to capture.
+      // The state store write is async and handled by a separate process
+      // to avoid blocking the hook pipeline.
+      for (const event of events) {
+        process.stderr.write(
+          `[governance] ${JSON.stringify(event)}\n`
+        );
+      }
+    }
+  } catch {
+    // Silently ignore parse errors — never block the tool pipeline.
+  }
+
+  return rawInput;
+}
+
+// ── stdin entry point ────────────────────────────────
+if (require.main === module) {
+  let raw = '';
+  process.stdin.setEncoding('utf8');
+  process.stdin.on('data', chunk => {
+    if (raw.length < MAX_STDIN) {
+      const remaining = MAX_STDIN - raw.length;
+      raw += chunk.substring(0, remaining);
+    }
+  });
+
+  process.stdin.on('end', () => {
+    const result = run(raw);
+    process.stdout.write(result);
+  });
+}
+
+module.exports = {
+  APPROVAL_COMMANDS,
+  SECRET_PATTERNS,
+  SECURITY_RELEVANT_TOOLS,
+  SENSITIVE_PATHS,
+  analyzeForGovernanceEvents,
+  detectApprovalRequired,
+  detectSecrets,
+  detectSensitivePath,
+  generateEventId,
+  run,
+};