claude-dev-env 1.0.0

package/hooks/blocking/hedging-language-blocker.py

@@ -0,0 +1,130 @@
+#!/usr/bin/env python3
+"""
+Stop hook that blocks Claude responses containing hedging language.
+
+Words like "likely", "probably", "presumably" signal unverified claims.
+When detected, Claude is forced to re-check and respond with verified facts.
+"""
+
+import json
+import os
+import re
+import sys
+
+PLUGIN_ROOT = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
+
+RESEARCH_MODE_SKILL_SEARCH_PATHS = [
+    os.path.join(PLUGIN_ROOT, "skills", "research-mode", "SKILL.md"),
+    os.path.join(os.path.expanduser("~"), ".claude", "skills", "research-mode", "SKILL.md"),
+    os.path.join(os.path.expanduser("~"), ".claude", "plugins", "marketplaces", "claude-deep-research", "skills", "research-mode", "SKILL.md"),
+]
+
+HEDGING_WORDS = [
+    r"\blikely\b",
+    r"\bunlikely\b",
+    r"\bprobably\b",
+    r"\bprobable\b",
+    r"\bpresumably\b",
+    r"\bperhaps\b",
+    r"\bpossibly\b",
+    r"\bseemingly\b",
+    r"\bapparently\b",
+    r"\barguably\b",
+    r"\bsupposedly\b",
+    r"\bostensibly\b",
+    r"\bconceivably\b",
+    r"\bplausibly\b",
+]
+
+HEDGING_PHRASES = [
+    r"\bmight be\b",
+    r"\bcould be\b",
+    r"\bseems to be\b",
+    r"\bappears to be\b",
+    r"\bin all likelihood\b",
+    r"\bmore likely than not\b",
+    r"\bit.s possible that\b",
+]
+
+ALL_HEDGING_PATTERNS = [
+    re.compile(pattern, re.IGNORECASE) for pattern in HEDGING_WORDS + HEDGING_PHRASES
+]
+
+CODE_BLOCK_PATTERN = re.compile(r"```[\s\S]*?```", re.MULTILINE)
+INLINE_CODE_PATTERN = re.compile(r"`[^`]+`")
+QUOTED_BLOCK_PATTERN = re.compile(r"^>.*$", re.MULTILINE)
+
+
+def strip_code_and_quotes(text: str) -> str:
+    """Remove code blocks, inline code, and blockquotes to avoid false positives."""
+    text = CODE_BLOCK_PATTERN.sub("", text)
+    text = INLINE_CODE_PATTERN.sub("", text)
+    text = QUOTED_BLOCK_PATTERN.sub("", text)
+    return text
+
+
+def find_hedging_words(text: str) -> list[str]:
+    """Return all hedging words/phrases found in the text."""
+    prose_text = strip_code_and_quotes(text)
+    matched_terms = []
+
+    for pattern in ALL_HEDGING_PATTERNS:
+        all_matches = pattern.findall(prose_text)
+        for each_match in all_matches:
+            normalized_term = each_match.strip().lower()
+            if normalized_term not in matched_terms:
+                matched_terms.append(normalized_term)
+
+    return matched_terms
+
+
+def main() -> None:
+    try:
+        hook_input = json.load(sys.stdin)
+    except json.JSONDecodeError:
+        sys.exit(0)
+
+    if hook_input.get("stop_hook_active", False):
+        sys.exit(0)
+
+    assistant_message = hook_input.get("last_assistant_message", "")
+
+    if not assistant_message:
+        sys.exit(0)
+
+    found_hedging_terms = find_hedging_words(assistant_message)
+
+    if not found_hedging_terms:
+        sys.exit(0)
+
+    formatted_term_list = ", ".join(f'"{term}"' for term in found_hedging_terms)
+
+    research_mode_content = "(Could not load research-mode skill file)"
+    for each_skill_path in RESEARCH_MODE_SKILL_SEARCH_PATHS:
+        try:
+            with open(each_skill_path, encoding="utf-8") as skill_file:
+                research_mode_content = skill_file.read()
+                break
+        except OSError:
+            continue
+
+    block_response = {
+        "decision": "block",
+        "reason": (
+            f"ANTI-HALLUCINATION GUARDRAIL: Your response contains hedging language: "
+            f"{formatted_term_list}. "
+            f"These words signal unverified claims. You MUST rewrite your response "
+            f"with these constraints active:\n\n"
+            f"{research_mode_content}\n\n"
+            f"Do NOT simply remove the hedging word and keep the unverified claim. "
+            f"Either VERIFY it with a source or replace it with 'I don't know'.\n\n"
+            f"You MUST re-output the complete, revised response with the corrections applied."
+        ),
+    }
+
+    print(json.dumps(block_response))
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()

package/hooks/blocking/parallel-task-blocker.py

@@ -0,0 +1,69 @@
+#!/usr/bin/env python3
+"""PreToolUse:Task hook — suggests team orchestration for parallel Task spawning.
+
+Detects parallel Task/Agent calls without team_name and injects a suggestion
+into the conversation context. Does NOT block — the tool call proceeds.
+
+Uses atomic file creation (O_CREAT | O_EXCL) to detect concurrent calls.
+Lock auto-expires after 3 seconds to avoid false positives on sequential calls.
+"""
+
+import json
+import os
+import sys
+import tempfile
+import time
+
+LOCK_FILE = os.path.join(tempfile.gettempdir(), "claude-parallel-task-guard.lock")
+LOCK_MAX_AGE_SECONDS = 3
+
+SUGGESTION_MESSAGE = (
+    "SUGGESTION: Multiple parallel agents detected without team orchestration. "
+    "Consider using TeamCreate + team_name for better coordination, "
+    "progress tracking, and file ownership management. "
+    "This is optional — parallel agents will proceed without it."
+)
+
+
+def main() -> None:
+    try:
+        input_data = json.load(sys.stdin)
+    except json.JSONDecodeError:
+        sys.exit(0)
+
+    tool_name = input_data.get("tool_name", "")
+    tool_input = input_data.get("tool_input", {})
+
+    if tool_name not in ("Task", "Agent"):
+        sys.exit(0)
+
+    # Team-orchestrated tasks — no suggestion needed
+    if tool_input.get("team_name"):
+        sys.exit(0)
+
+    # Clean stale locks (previous turn's lock that wasn't cleaned up)
+    try:
+        if os.path.exists(LOCK_FILE):
+            lock_age = time.time() - os.path.getmtime(LOCK_FILE)
+            if lock_age > LOCK_MAX_AGE_SECONDS:
+                os.unlink(LOCK_FILE)
+    except OSError:
+        pass  # Race with another process cleaning — fine
+
+    # Atomic create: only one concurrent caller wins
+    try:
+        fd = os.open(LOCK_FILE, os.O_CREAT | os.O_EXCL | os.O_WRONLY)
+        os.write(fd, str(time.time()).encode())
+        os.close(fd)
+        # First Task in this turn — no suggestion
+        sys.exit(0)
+    except FileExistsError:
+        pass  # Another Task already holds the lock
+
+    # Second+ parallel Task without team → suggest (not block)
+    print(SUGGESTION_MESSAGE, file=sys.stderr)
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()

package/hooks/blocking/pr-description-enforcer.py

@@ -0,0 +1,87 @@
+import json
+import re
+import sys
+
+
+def main():
+    try:
+        input_data = json.load(sys.stdin)
+    except json.JSONDecodeError:
+        sys.exit(0)
+
+    tool_name = input_data.get("tool_name", "")
+    if tool_name != "Bash":
+        sys.exit(0)
+
+    command = input_data.get("tool_input", {}).get("command", "")
+    if not command:
+        sys.exit(0)
+
+    is_pr_create = "gh pr create" in command and ("--body" in command or "-b " in command)
+    is_pr_edit = "gh pr edit" in command and "--body" in command
+    is_commit = re.search(r'git commit\b', command) and ("-m " in command or "-m\"" in command or "-m'" in command)
+
+    if not (is_pr_create or is_pr_edit or is_commit):
+        sys.exit(0)
+
+    body = ""
+    if is_pr_create or is_pr_edit:
+        body_match = re.search(r'--body\s+"([^"]*)"', command) or re.search(r"--body\s+'([^']*)'", command)
+        if body_match:
+            body = body_match.group(1)
+        heredoc_match = re.search(r'--body\s+"\$\(cat <<', command)
+        if heredoc_match:
+            body = command[heredoc_match.start():]
+
+    if is_commit:
+        msg_match = re.search(r'-m\s+"([^"]*)"', command) or re.search(r"-m\s+'([^']*)'", command)
+        if msg_match:
+            body = msg_match.group(1)
+        heredoc_match = re.search(r'-m\s+"\$\(cat <<', command)
+        if heredoc_match:
+            body = command[heredoc_match.start():]
+
+    if not body:
+        sys.exit(0)
+
+    violations = []
+
+    if is_pr_create or is_pr_edit:
+        if "## Summary" not in body and "## summary" not in body.lower():
+            violations.append("Missing '## Summary' section")
+
+        has_file_bold = bool(re.search(r'\*\*\w+\.\w+\*\*', body))
+        has_bullet_section = bool(re.search(r'###.*(?:test|config|fix)', body, re.IGNORECASE))
+
+        if not has_file_bold and not has_bullet_section:
+            violations.append("Production changes must be grouped by file with **filename** bold headers explaining WHY")
+
+        jargon_patterns = [
+            (r'\bDexie\b', "Dexie (say 'database' or 'local database')"),
+            (r'\bReact Query\b', "React Query (say 'cache' or 'data cache')"),
+            (r'\bsyncStatus\b', "syncStatus (describe the behavior, not the field)"),
+            (r'\blocalUpdatedAt\b', "localUpdatedAt (describe the behavior, not the field)"),
+            (r'\bpullStartedAt\b', "pullStartedAt (describe the behavior, not the field)"),
+            (r'\buseMutation\b', "useMutation (describe what it does for the user)"),
+        ]
+        for pattern, name in jargon_patterns:
+            if re.search(pattern, body):
+                violations.append(f"Jargon detected: {name}")
+
+    if violations:
+        violation_list = "; ".join(violations)
+        result = {
+            "hookSpecificOutput": {
+                "hookEventName": "PreToolUse",
+                "permissionDecision": "deny",
+                "permissionDecisionReason": f"BLOCKED: [PR_DESCRIPTION_STYLE] {violation_list}. Use the pr-description-writer custom agent: Agent(subagent_type=\"pr-description-writer\", team_name=\"your-team\", prompt=\"Write PR description for the current branch\").",
+            }
+        }
+        print(json.dumps(result))
+        sys.stdout.flush()
+
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()

package/hooks/blocking/pyautogui-scroll-blocker.py

@@ -0,0 +1,74 @@
+#!/usr/bin/env python3
+"""
+Block pyautogui mousewheel scroll usage - guide Claude to use pynput instead.
+
+pyautogui's scroll implementation uses incorrect delta values with SendInput API.
+pynput uses the same SendInput API but sends correct delta values.
+"""
+import json
+import re
+import sys
+
+PYAUTOGUI_SCROLL_PATTERNS = [
+    r'pyautogui\.scroll\s*\(',
+    r'pyautogui\.hscroll\s*\(',
+    r'pyautogui\.vscroll\s*\(',
+]
+
+COMPILED_PATTERNS = [re.compile(pattern) for pattern in PYAUTOGUI_SCROLL_PATTERNS]
+
+
+def check_for_pyautogui_scroll(content: str) -> list[str]:
+    """Check for pyautogui scroll function usage."""
+    violations = []
+    lines = content.split('\n')
+
+    for line_num, line in enumerate(lines, 1):
+        for pattern in COMPILED_PATTERNS:
+            if pattern.search(line):
+                violations.append(f"Line {line_num}: {line.strip()}")
+                break
+
+    return violations
+
+
+def main() -> None:
+    try:
+        input_data = json.load(sys.stdin)
+    except json.JSONDecodeError:
+        sys.exit(0)
+
+    tool_input = input_data.get("tool_input", {})
+    file_path = tool_input.get("file_path", "")
+
+    if not file_path:
+        sys.exit(0)
+
+    # Only check Python files
+    if not file_path.endswith('.py'):
+        sys.exit(0)
+
+    content = tool_input.get("content", "") or tool_input.get("new_string", "")
+
+    if not content:
+        sys.exit(0)
+
+    violations = check_for_pyautogui_scroll(content)
+
+    if violations:
+        violation_list = "\n".join(f"  • {v}" for v in violations[:5])
+        result = {
+            "hookSpecificOutput": {
+                "hookEventName": "PreToolUse",
+                "permissionDecision": "deny",
+                "permissionDecisionReason": f"BLOCKED: pyautogui scroll() is broken on Windows (incorrect delta values). Use pynput instead: from pynput.mouse import Controller; mouse = Controller(); mouse.scroll(0, -3) for scrolling down 3 clicks."
+            }
+        }
+        print(json.dumps(result))
+        sys.stdout.flush()
+
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()

package/hooks/blocking/sensitive-file-protector.py

@@ -0,0 +1,70 @@
+#!/usr/bin/env python3
+import fnmatch
+import json
+import os
+import sys
+
+SENSITIVE_PATTERNS = [
+    ".env",
+    ".env.*",
+    "*.env",
+    "*.pem",
+    "*.key",
+    "*.p12",
+    "*.pfx",
+    "credentials.json",
+    "secrets.json",
+    "id_rsa",
+    "id_ed25519",
+    "package-lock.json",
+    "yarn.lock",
+    "Pipfile.lock",
+    "poetry.lock",
+    "pnpm-lock.yaml",
+    "composer.lock",
+]
+
+WRITE_EDIT_TOOLS = {"Write", "Edit"}
+
+
+def is_sensitive_file(file_path: str) -> str | None:
+    filename = os.path.basename(file_path)
+    for each_pattern in SENSITIVE_PATTERNS:
+        if fnmatch.fnmatch(filename, each_pattern):
+            return each_pattern
+    return None
+
+
+def main() -> None:
+    try:
+        hook_input = json.load(sys.stdin)
+    except json.JSONDecodeError:
+        sys.exit(0)
+
+    tool_name = hook_input.get("tool_name", "")
+    tool_input = hook_input.get("tool_input", {})
+
+    if tool_name not in WRITE_EDIT_TOOLS:
+        sys.exit(0)
+
+    file_path = tool_input.get("file_path", "")
+    if not file_path:
+        sys.exit(0)
+
+    matched_pattern = is_sensitive_file(file_path)
+
+    if matched_pattern is not None:
+        deny_response = {
+            "hookSpecificOutput": {
+                "hookEventName": "PreToolUse",
+                "permissionDecision": "deny",
+                "permissionDecisionReason": f"BLOCKED: Sensitive file '{os.path.basename(file_path)}' (pattern: '{matched_pattern}'). Edit manually outside Claude Code."
+            }
+        }
+        print(json.dumps(deny_response))
+
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()

package/hooks/blocking/tdd-enforcer.py

@@ -0,0 +1,62 @@
+#!/usr/bin/env python3
+"""
+TDD enforcement hook.
+
+Prompts confirmation when writing/editing production code files.
+Skips: Test files, config files, documentation.
+"""
+import json
+import sys
+from pathlib import Path
+
+PRODUCTION_EXTENSIONS = {'.py', '.ts', '.tsx', '.js', '.jsx'}
+SKIP_PATTERNS = {
+    'test_', '_test.', '.test.', 'tests/', '__tests__/',
+    'conftest', 'fixture', 'mock', 'stub'
+}
+SKIP_EXTENSIONS = {'.md', '.json', '.yaml', '.yml', '.toml', '.ini', '.cfg', '.txt'}
+
+
+def main() -> None:
+    try:
+        input_data = json.load(sys.stdin)
+    except json.JSONDecodeError:
+        sys.exit(0)
+
+    tool_input = input_data.get("tool_input", {})
+    file_path = tool_input.get("file_path", "")
+
+    if not file_path:
+        sys.exit(0)
+
+    path = Path(file_path)
+    ext = path.suffix.lower()
+
+    # Skip config/docs
+    if ext in SKIP_EXTENSIONS:
+        sys.exit(0)
+
+    # Skip non-production code files
+    if ext not in PRODUCTION_EXTENSIONS:
+        sys.exit(0)
+
+    # Skip test files
+    name_lower = path.name.lower()
+    path_str = str(path).lower()
+    if any(pattern in name_lower or pattern in path_str for pattern in SKIP_PATTERNS):
+        sys.exit(0)
+
+    # Block production code - require confirmation
+    result = {
+        "hookSpecificOutput": {
+            "hookEventName": "PreToolUse",
+            "permissionDecision": "allow",
+            "additionalContext": "[TDD] Writing production code. Confirm you have a failing test first."
+        }
+    }
+    print(json.dumps(result))
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()