claude-dev-env 1.72.0 → 1.74.0

package/hooks/blocking/test_send_user_file_open_locally_blocker.py

@@ -0,0 +1,114 @@
+"""Unit tests for the send-user-file-open-locally PreToolUse hook."""
+
+import importlib.util
+import io
+import json
+import pathlib
+import sys
+from unittest import mock
+
+_HOOK_DIR = pathlib.Path(__file__).parent
+if str(_HOOK_DIR) not in sys.path:
+    sys.path.insert(0, str(_HOOK_DIR))
+
+hook_spec = importlib.util.spec_from_file_location(
+    "send_user_file_open_locally_blocker",
+    _HOOK_DIR / "send_user_file_open_locally_blocker.py",
+)
+assert hook_spec is not None
+assert hook_spec.loader is not None
+hook_module = importlib.util.module_from_spec(hook_spec)
+hook_spec.loader.exec_module(hook_module)
+
+_should_block = hook_module._should_block
+
+from hooks_constants.send_user_file_open_locally_blocker_constants import (
+    CORRECTIVE_MESSAGE,
+    PROACTIVE_STATUS,
+    TOOL_NAME,
+)
+
+
+def test_blocks_normal_status() -> None:
+    assert _should_block("normal") is True
+
+
+def test_blocks_empty_status() -> None:
+    assert _should_block("") is True
+
+
+def test_blocks_unknown_status() -> None:
+    assert _should_block("whatever") is True
+
+
+def test_allows_proactive_status() -> None:
+    assert _should_block(PROACTIVE_STATUS) is False
+
+
+def test_corrective_message_points_to_show_asset() -> None:
+    assert "Show-Asset.ps1" in CORRECTIVE_MESSAGE
+
+
+def test_corrective_message_names_proactive_escape_hatch() -> None:
+    assert PROACTIVE_STATUS in CORRECTIVE_MESSAGE
+
+
+def _run_main_with_io(input_text: str) -> str:
+    with mock.patch("sys.stdin", io.StringIO(input_text)):
+        with mock.patch("sys.stdout", new_callable=io.StringIO) as mock_stdout:
+            try:
+                hook_module.main()
+            except SystemExit:
+                pass
+            return mock_stdout.getvalue()
+
+
+def test_main_blocks_normal_attach() -> None:
+    hook_input = {
+        "tool_name": TOOL_NAME,
+        "tool_input": {"files": ["report.html"], "status": "normal"},
+    }
+    output_text = _run_main_with_io(json.dumps(hook_input))
+    output = json.loads(output_text)
+    assert output["hookSpecificOutput"]["permissionDecision"] == "deny"
+    assert "Show-Asset.ps1" in output["hookSpecificOutput"]["permissionDecisionReason"]
+
+
+def test_main_allows_proactive_attach() -> None:
+    hook_input = {
+        "tool_name": TOOL_NAME,
+        "tool_input": {"files": ["report.html"], "status": "proactive"},
+    }
+    assert _run_main_with_io(json.dumps(hook_input)) == ""
+
+
+def test_main_blocks_when_status_missing() -> None:
+    hook_input = {
+        "tool_name": TOOL_NAME,
+        "tool_input": {"files": ["report.html"]},
+    }
+    output_text = _run_main_with_io(json.dumps(hook_input))
+    output = json.loads(output_text)
+    assert output["hookSpecificOutput"]["permissionDecision"] == "deny"
+
+
+def test_main_blocks_when_tool_input_is_null() -> None:
+    hook_input = {
+        "tool_name": TOOL_NAME,
+        "tool_input": None,
+    }
+    output_text = _run_main_with_io(json.dumps(hook_input))
+    output = json.loads(output_text)
+    assert output["hookSpecificOutput"]["permissionDecision"] == "deny"
+
+
+def test_main_passes_wrong_tool_name() -> None:
+    hook_input = {
+        "tool_name": "Write",
+        "tool_input": {"files": ["report.html"], "status": "normal"},
+    }
+    assert _run_main_with_io(json.dumps(hook_input)) == ""
+
+
+def test_main_passes_malformed_json() -> None:
+    assert _run_main_with_io("not valid json {{{") == ""

package/hooks/blocking/test_shared_stdin_adoption.py

@@ -0,0 +1,208 @@
+"""Same-decision tests for hooks converted to the shared stdin parser.
+
+Each converted hook reads its PreToolUse payload through
+``hooks_constants.pre_tool_use_stdin.read_hook_input_dictionary_from_stdin``
+rather than a hand-rolled ``json.load(sys.stdin)`` plus ``isinstance(dict)``
+guard. The shared parser fails open on empty stdin, malformed JSON, and a
+non-object JSON root by returning ``None``; the hand-rolled form these hooks
+carried failed open on the same three cases by exiting zero. These tests drive
+each real hook script through its production ``__main__`` stdin path over a
+corpus that pins those fail-soft edges plus a representative allow payload, so a
+conversion that changes any decision is caught.
+
+The deterministic deny payloads for the two Write/Edit blockers whose triggers
+need no filesystem or state setup (``md_to_html_blocker``,
+``open_questions_in_plans_blocker``) are exercised here too; each remaining
+hook's full deny coverage stays in its own suite, which also drives the real
+``main()`` and so re-proves the decision after the parser swap.
+"""
+
+import json
+import os
+import subprocess
+import sys
+from pathlib import Path
+
+import pytest
+
+_BLOCKING_DIRECTORY = Path(__file__).resolve().parent
+
+ALL_CONVERTED_HOOK_FILENAMES = (
+    "md_to_html_blocker.py",
+    "open_questions_in_plans_blocker.py",
+    "claude_md_orphan_file_blocker.py",
+    "pr_converge_bugteam_enforcer.py",
+    "verdict_directory_write_blocker.py",
+    "package_inventory_stale_blocker.py",
+)
+
+EMPTY_STDIN_PAYLOAD = ""
+WHITESPACE_STDIN_PAYLOAD = "   \n\t  "
+MALFORMED_JSON_PAYLOAD = "{not valid json"
+NON_OBJECT_JSON_ARRAY_PAYLOAD = "[1, 2, 3]"
+NON_OBJECT_JSON_SCALAR_PAYLOAD = "42"
+
+ALL_FAIL_SOFT_PAYLOADS = (
+    EMPTY_STDIN_PAYLOAD,
+    WHITESPACE_STDIN_PAYLOAD,
+    MALFORMED_JSON_PAYLOAD,
+    NON_OBJECT_JSON_ARRAY_PAYLOAD,
+    NON_OBJECT_JSON_SCALAR_PAYLOAD,
+)
+
+
+def _run_hook_script(hook_filename: str, stdin_text: str) -> subprocess.CompletedProcess:
+    hook_script_path = _BLOCKING_DIRECTORY / hook_filename
+    return subprocess.run(
+        [sys.executable, str(hook_script_path)],
+        input=stdin_text,
+        capture_output=True,
+        text=True,
+        check=False,
+        cwd=str(Path.home()),
+    )
+
+
+def _decision_from_stdout(completed: subprocess.CompletedProcess) -> str | None:
+    if not completed.stdout.strip():
+        return None
+    parsed_output = json.loads(completed.stdout)
+    return parsed_output["hookSpecificOutput"]["permissionDecision"]
+
+
+@pytest.mark.parametrize("hook_filename", ALL_CONVERTED_HOOK_FILENAMES)
+@pytest.mark.parametrize("stdin_text", ALL_FAIL_SOFT_PAYLOADS)
+def test_fail_soft_payload_exits_zero_with_no_decision(hook_filename: str, stdin_text: str) -> None:
+    completed = _run_hook_script(hook_filename, stdin_text)
+    assert completed.returncode == 0, (
+        f"{hook_filename} must exit zero on fail-soft stdin; "
+        f"got code {completed.returncode}, stderr {completed.stderr!r}"
+    )
+    assert _decision_from_stdout(completed) is None, (
+        f"{hook_filename} must emit no decision on fail-soft stdin; got stdout {completed.stdout!r}"
+    )
+
+
+def test_md_to_html_blocker_still_denies_relative_markdown_write() -> None:
+    payload = json.dumps(
+        {
+            "tool_name": "Write",
+            "tool_input": {"file_path": "notes/topic.md", "content": "# Topic"},
+        }
+    )
+    completed = _run_hook_script("md_to_html_blocker.py", payload)
+    assert completed.returncode == 0
+    assert _decision_from_stdout(completed) == "deny"
+
+
+def test_md_to_html_blocker_still_allows_non_markdown_write() -> None:
+    payload = json.dumps(
+        {
+            "tool_name": "Write",
+            "tool_input": {"file_path": "notes/topic.txt", "content": "plain"},
+        }
+    )
+    completed = _run_hook_script("md_to_html_blocker.py", payload)
+    assert completed.returncode == 0
+    assert _decision_from_stdout(completed) is None
+
+
+def test_open_questions_blocker_still_denies_plan_with_open_questions(
+    tmp_path: Path,
+) -> None:
+    plan_directory = tmp_path / "docs" / "plans"
+    plan_directory.mkdir(parents=True)
+    plan_path = plan_directory / "feature.md"
+    plan_body = "# Feature Plan\n\n## Open Questions\n\n- What endpoint do we call?\n"
+    payload = json.dumps(
+        {
+            "tool_name": "Write",
+            "tool_input": {"file_path": str(plan_path), "content": plan_body},
+        }
+    )
+    completed = _run_hook_script("open_questions_in_plans_blocker.py", payload)
+    assert completed.returncode == 0
+    assert _decision_from_stdout(completed) == "deny"
+
+
+def test_open_questions_blocker_still_allows_plan_without_open_questions(
+    tmp_path: Path,
+) -> None:
+    plan_directory = tmp_path / "docs" / "plans"
+    plan_directory.mkdir(parents=True)
+    plan_path = plan_directory / "feature.md"
+    plan_body = "# Feature Plan\n\n## Approach\n\nBuild the thing.\n"
+    payload = json.dumps(
+        {
+            "tool_name": "Write",
+            "tool_input": {"file_path": str(plan_path), "content": plan_body},
+        }
+    )
+    completed = _run_hook_script("open_questions_in_plans_blocker.py", payload)
+    assert completed.returncode == 0
+    assert _decision_from_stdout(completed) is None
+
+
+def test_package_inventory_blocker_still_denies_uninventoried_new_file(
+    tmp_path: Path,
+) -> None:
+    inventory_body = "# package\n\n| File | Role |\n|---|---|\n| `alpha.py` | A |\n| `beta.py` | B |\n"
+    (tmp_path / "README.md").write_text(inventory_body, encoding="utf-8")
+    (tmp_path / "alpha.py").write_text("x = 1\n", encoding="utf-8")
+    (tmp_path / "beta.py").write_text("x = 1\n", encoding="utf-8")
+    new_file_path = tmp_path / "gamma.py"
+    payload = json.dumps(
+        {
+            "tool_name": "Write",
+            "tool_input": {"file_path": str(new_file_path), "content": "x = 1\n"},
+        }
+    )
+    completed = _run_hook_script("package_inventory_stale_blocker.py", payload)
+    assert completed.returncode == 0
+    assert _decision_from_stdout(completed) == "deny"
+
+
+def test_package_inventory_blocker_still_allows_inventoried_new_file(
+    tmp_path: Path,
+) -> None:
+    inventory_body = (
+        "# package\n\n| File | Role |\n|---|---|\n"
+        "| `alpha.py` | A |\n| `beta.py` | B |\n| `gamma.py` | G |\n"
+    )
+    (tmp_path / "README.md").write_text(inventory_body, encoding="utf-8")
+    (tmp_path / "alpha.py").write_text("x = 1\n", encoding="utf-8")
+    (tmp_path / "beta.py").write_text("x = 1\n", encoding="utf-8")
+    new_file_path = tmp_path / "gamma.py"
+    payload = json.dumps(
+        {
+            "tool_name": "Write",
+            "tool_input": {"file_path": str(new_file_path), "content": "x = 1\n"},
+        }
+    )
+    completed = _run_hook_script("package_inventory_stale_blocker.py", payload)
+    assert completed.returncode == 0
+    assert _decision_from_stdout(completed) is None
+
+
+def test_converted_hooks_allow_unrelated_tool_name() -> None:
+    payload = json.dumps({"tool_name": "Bash", "tool_input": {"command": "ls"}})
+    for each_hook_filename in ALL_CONVERTED_HOOK_FILENAMES:
+        completed = _run_hook_script(each_hook_filename, payload)
+        assert completed.returncode == 0, (
+            f"{each_hook_filename} must exit zero on an unrelated tool; stderr {completed.stderr!r}"
+        )
+
+
+def test_every_converted_hook_imports_shared_parser() -> None:
+    for each_hook_filename in ALL_CONVERTED_HOOK_FILENAMES:
+        hook_source = (_BLOCKING_DIRECTORY / each_hook_filename).read_text(encoding="utf-8")
+        assert "read_hook_input_dictionary_from_stdin" in hook_source, (
+            f"{each_hook_filename} must read stdin through the shared parser"
+        )
+        assert "json.load(sys.stdin)" not in hook_source, (
+            f"{each_hook_filename} must not hand-roll json.load(sys.stdin)"
+        )
+
+
+def test_blocking_directory_is_resolvable() -> None:
+    assert os.path.isdir(_BLOCKING_DIRECTORY)

package/hooks/blocking/test_state_description_blocker.py

@@ -4,6 +4,21 @@ import json
 import os
 import subprocess
 import sys
+from pathlib import Path
+from unittest.mock import patch
+
+_BLOCKING_DIR = str(Path(__file__).resolve().parent)
+_HOOKS_ROOT = str(Path(__file__).resolve().parent.parent)
+if _BLOCKING_DIR not in sys.path:
+    sys.path.insert(0, _BLOCKING_DIR)
+if _HOOKS_ROOT not in sys.path:
+    sys.path.insert(0, _HOOKS_ROOT)
+
+from pre_tool_use_dispatcher import NativeHook, run_native_hook  # noqa: E402
+from state_description_blocker import (  # noqa: E402
+    build_deny_payload,
+    evaluate,
+)
 
 HOOK_SCRIPT_PATH = os.path.join(
     os.path.dirname(__file__), "state_description_blocker.py"
@@ -616,3 +631,29 @@ def test_handles_non_string_tool_name():
     )
     assert result.returncode == 0
     assert result.stdout == ""
+
+
+def test_native_dispatch_path_logs_the_block(tmp_path: Path) -> None:
+    """A deny routed through the dispatcher's native path logs one record.
+
+    hooks.json wires this hook only through pre_tool_use_dispatcher, whose
+    native path calls evaluate() and build_deny_payload() — never main(). The
+    block must still land in the hook-blocks log, so the log call lives on
+    build_deny_payload, the function the native path executes.
+    """
+    deny_payload = {
+        "tool_name": "Write",
+        "tool_input": {"file_path": "src/main.py", "content": VIOLATION_INSTEAD_OF_COMMENT},
+    }
+    native_hook = NativeHook(evaluate=evaluate, build_deny_payload=build_deny_payload)
+
+    with patch.object(Path, "home", return_value=tmp_path):
+        hosted_result = run_native_hook(native_hook, deny_payload, is_blocking=True)
+
+    assert hosted_result.captured_stdout
+    log_path = tmp_path / ".claude" / "logs" / "hook-blocks.log"
+    all_records = log_path.read_text(encoding="utf-8").strip().splitlines()
+    assert len(all_records) == 1
+    logged_record = json.loads(all_records[0])
+    assert logged_record["hook"] == "state_description_blocker.py"
+    assert logged_record["event"] == "PreToolUse"

package/hooks/blocking/test_verdict_directory_write_blocker.py

@@ -11,6 +11,8 @@ is denied, and commands that touch unrelated paths pass.
 import importlib.util
 import json
 import pathlib
+import shutil
+import subprocess
 import sys
 
 _HOOK_DIR = pathlib.Path(__file__).parent
@@ -718,3 +720,50 @@ def test_guard_is_registered_on_powershell() -> None:
         "verdict_directory_write_blocker.py" in each_command
         for each_command in _pretooluse_commands_for_matcher("PowerShell")
     )
+
+
+def test_hook_subprocess_imports_real_config_when_parent_holds_shadowing_config(
+    tmp_path: pathlib.Path,
+) -> None:
+    real_blocking_directory = pathlib.Path(__file__).resolve().parent
+    real_hooks_directory = real_blocking_directory.parent
+
+    staged_hooks_directory = tmp_path / "hooks"
+    staged_blocking_directory = staged_hooks_directory / "blocking"
+    staged_blocking_directory.mkdir(parents=True)
+
+    shutil.copy(
+        real_blocking_directory / "verdict_directory_write_blocker.py",
+        staged_blocking_directory / "verdict_directory_write_blocker.py",
+    )
+    shutil.copytree(
+        real_blocking_directory / "config",
+        staged_blocking_directory / "config",
+    )
+    shutil.copytree(
+        real_hooks_directory / "hooks_constants",
+        staged_hooks_directory / "hooks_constants",
+    )
+
+    shadowing_config_directory = staged_hooks_directory / "config"
+    shadowing_config_directory.mkdir(parents=True, exist_ok=True)
+    (shadowing_config_directory / "__init__.py").write_text("", encoding="utf-8")
+    (shadowing_config_directory / "unrelated_constants.py").write_text(
+        "UNRELATED_VALUE = 1\n", encoding="utf-8"
+    )
+
+    benign_payload = json.dumps(
+        {"tool_name": "Bash", "tool_input": {"command": "echo hello"}}
+    )
+    completed = subprocess.run(
+        [
+            sys.executable,
+            str(staged_blocking_directory / "verdict_directory_write_blocker.py"),
+        ],
+        input=benign_payload,
+        capture_output=True,
+        text=True,
+    )
+
+    assert "ModuleNotFoundError" not in completed.stderr
+    assert completed.returncode == 0

package/hooks/blocking/test_workflow_substitution_slot_blocker.py

@@ -23,7 +23,6 @@ hook_module = importlib.util.module_from_spec(hook_spec)
 hook_spec.loader.exec_module(hook_module)
 
 content_has_violation = hook_module.content_has_violation
-find_bare_index_segments = hook_module.find_bare_index_segments
 find_bare_path_segments = hook_module.find_bare_path_segments
 has_iteration_loop = hook_module.has_iteration_loop
 written_content = hook_module.written_content
@@ -47,37 +46,23 @@ _FIXED_TEMPLATE = (
 
 
 def test_detects_bare_index_in_path_segment() -> None:
-    assert find_bare_index_segments(
+    assert find_bare_path_segments(
         "render Path(r'${args.work_dir}\\\\cand_i\\\\plate.svg')"
     ) == {"cand_i"}
 
 
 def test_detects_quoted_key_when_token_also_appears_as_path_segment() -> None:
     looped_path_and_key = "write ${work}\\\\cand_i\\\\plate.svg\n{key: \"cand_i\", name}"
-    assert "cand_i" in find_bare_index_segments(looped_path_and_key)
+    assert "cand_i" in find_bare_path_segments(looped_path_and_key)
 
 
 def test_quoted_key_alone_without_path_segment_is_not_detected() -> None:
-    assert find_bare_index_segments('{key: "metric_i", name}') == set()
-
-
-def test_index_segments_equal_path_segments_for_looped_path_and_key() -> None:
-    looped_path_and_key = "write ${work}\\\\cand_i\\\\plate.svg\n{key: \"cand_i\", name}"
-    assert find_bare_index_segments(looped_path_and_key) == find_bare_path_segments(
-        looped_path_and_key
-    )
-
-
-def test_index_segments_equal_path_segments_for_quoted_only_key() -> None:
-    quoted_only_key = '{key: "metric_i", name}'
-    assert find_bare_index_segments(quoted_only_key) == find_bare_path_segments(
-        quoted_only_key
-    )
+    assert find_bare_path_segments('{key: "metric_i", name}') == set()
 
 
 def test_marked_substitution_slot_is_not_a_bare_segment() -> None:
     assert (
-        find_bare_index_segments(
+        find_bare_path_segments(
             "render Path(r'${args.work_dir}\\\\cand_<i>\\\\plate.svg')"
         )
         == set()

package/hooks/blocking/verdict_directory_write_blocker.py

@@ -37,7 +37,11 @@ blocking_directory = str(Path(__file__).resolve().parent)
 if blocking_directory not in sys.path:
     sys.path.insert(0, blocking_directory)
 
-from config.verified_commit_constants import (
+hooks_directory = str(Path(__file__).resolve().parent.parent)
+if hooks_directory not in sys.path:
+    sys.path.append(hooks_directory)
+
+from config.verified_commit_constants import (  # noqa: E402
     ALL_GATED_TOOL_NAMES,
     ALL_VERDICT_PATH_SEGMENT_BODIES,
     ALL_VERDICT_PATH_SEGMENT_NAMES,
@@ -61,11 +65,11 @@ from config.verified_commit_constants import (
     NON_REDIRECT_FILE_WRITE_PRIMITIVE_PATTERN,
     PATH_OBFUSCATION_PRIMITIVE_PATTERN,
     RELATIVE_VERDICT_DIRECTORY_PATTERN,
+    VERDICT_DIRECTORY_CHANGE_TARGET_PATTERN,
     VERDICT_DIRECTORY_GUARD_MESSAGE,
     VERDICT_DIRECTORY_NAME,
     VERDICT_DIRECTORY_NAME_SEPARATOR_PATTERN,
     VERDICT_DIRECTORY_PATH_BOUNDARY_PATTERN,
-    VERDICT_DIRECTORY_CHANGE_TARGET_PATTERN,
     VERDICT_DIRECTORY_TARGET_BOUNDARY_PATTERN,
     VERDICT_FILE_RELATIVE_REFERENCE_PATTERN,
     VERDICT_PATH_GLUE_PATTERN,
@@ -74,6 +78,11 @@ from config.verified_commit_constants import (
     WRITE_CALL_REGION_PATTERN,
 )
 
+from hooks_constants.hook_block_logger import log_hook_block  # noqa: E402
+from hooks_constants.pre_tool_use_stdin import (  # noqa: E402
+    read_hook_input_dictionary_from_stdin,
+)
+
 
 def _directory_change_verbs_pattern() -> str:
     """Build the alternation of directory-change verbs for a change matcher.
@@ -650,15 +659,20 @@ def decision_for_payload(pretooluse_payload: dict) -> dict | None:
 
 def main() -> None:
     """Read the PreToolUse payload and deny verdict-directory shell access."""
-    try:
-        pretooluse_payload = json.load(sys.stdin)
-    except json.JSONDecodeError:
-        return
-    if not isinstance(pretooluse_payload, dict):
+    pretooluse_payload = read_hook_input_dictionary_from_stdin()
+    if pretooluse_payload is None:
         return
     deny_decision = decision_for_payload(pretooluse_payload)
     if deny_decision is None:
         return
+    raw_tool_name = pretooluse_payload.get("tool_name", "")
+    tool_name_for_log = raw_tool_name if isinstance(raw_tool_name, str) else ""
+    log_hook_block(
+        calling_hook_name="verdict_directory_write_blocker.py",
+        hook_event="PreToolUse",
+        block_reason=VERDICT_DIRECTORY_GUARD_MESSAGE,
+        tool_name=tool_name_for_log,
+    )
     print(json.dumps(deny_decision))
     sys.stdout.flush()
 

package/hooks/blocking/verified_commit_gate.py

@@ -38,6 +38,10 @@ blocking_directory = str(Path(__file__).resolve().parent)
 if blocking_directory not in sys.path:
     sys.path.insert(0, blocking_directory)
 
+_hooks_dir = str(Path(__file__).resolve().parent.parent)
+if _hooks_dir not in sys.path:
+    sys.path.insert(0, _hooks_dir)
+
 from config.verified_commit_constants import (
     ALL_GIT_BINARY_NAMES,
     CORRECTIVE_MESSAGE,
@@ -55,6 +59,7 @@ from config.verified_commit_constants import (
     VERIFICATION_BYPASS_MARKER,
     WORK_TREE_OPTION,
 )
+from hooks_constants.hook_block_logger import log_hook_block  # noqa: E402
 from verification_verdict_store import (
     branch_surface_manifest,
     is_verification_exempt_diff,
@@ -543,6 +548,12 @@ def main() -> None:
                 "permissionDecisionReason": deny_reason,
             }
         }
+        log_hook_block(
+            calling_hook_name="verified_commit_gate.py",
+            hook_event="PreToolUse",
+            block_reason=deny_reason,
+            tool_name=pretooluse_payload.get("tool_name", "") if isinstance(pretooluse_payload.get("tool_name"), str) else None,
+        )
         print(json.dumps(deny_payload))
         return
 

package/hooks/blocking/verified_commit_message_accuracy_blocker.py

@@ -24,6 +24,13 @@ import json
 import os
 import re
 import sys
+from pathlib import Path
+
+_hooks_dir = str(Path(__file__).resolve().parent.parent)
+if _hooks_dir not in sys.path:
+    sys.path.insert(0, _hooks_dir)
+
+from hooks_constants.hook_block_logger import log_hook_block  # noqa: E402
 
 
 def is_guarded_file(file_path: str) -> bool:
@@ -136,13 +143,21 @@ def main() -> None:
     if not claims_blanket_comment_exemption(written_text):
         sys.exit(0)
 
+    corrective_message = build_corrective_message()
     deny_response = {
         "hookSpecificOutput": {
             "hookEventName": "PreToolUse",
             "permissionDecision": "deny",
-            "permissionDecisionReason": build_corrective_message(),
+            "permissionDecisionReason": corrective_message,
         }
     }
+    log_hook_block(
+        calling_hook_name="verified_commit_message_accuracy_blocker.py",
+        hook_event="PreToolUse",
+        block_reason=corrective_message,
+        tool_name=tool_name,
+        offending_input_preview=file_path,
+    )
     print(json.dumps(deny_response))
     sys.stdout.flush()
     sys.exit(0)

package/hooks/blocking/windows_rmtree_blocker.py

@@ -21,6 +21,7 @@ _hooks_dir = str(Path(__file__).resolve().parent.parent)
 if _hooks_dir not in sys.path:
     sys.path.insert(0, _hooks_dir)
 
+from hooks_constants.hook_block_logger import log_hook_block  # noqa: E402
 from hooks_constants.pre_tool_use_stdin import read_hook_input_dictionary_from_stdin  # noqa: E402
 from hooks_constants.windows_rmtree_blocker_constants import PYTHON_FILE_EXTENSION  # noqa: E402
 
@@ -104,6 +105,12 @@ def main() -> None:
             "permissionDecisionReason": corrective_message,
         }
     }
+    log_hook_block(
+        calling_hook_name="windows_rmtree_blocker.py",
+        hook_event="PreToolUse",
+        block_reason=corrective_message,
+        tool_name=tool_name,
+    )
     print(json.dumps(deny_response))
     sys.stdout.flush()
     sys.exit(0)

package/hooks/blocking/workflow_substitution_slot_blocker.py

@@ -40,6 +40,7 @@ _hooks_dir = str(Path(__file__).resolve().parent.parent)
 if _hooks_dir not in sys.path:
     sys.path.insert(0, _hooks_dir)
 
+from hooks_constants.hook_block_logger import log_hook_block  # noqa: E402
 from hooks_constants.workflow_substitution_slot_blocker_constants import (  # noqa: E402
     CORRECTIVE_MESSAGE,
     EDIT_TOOL_NAME,
@@ -111,16 +112,12 @@ def find_bare_path_segments(content: str) -> set[str]:
     return all_path_segments
 
 
-def find_bare_index_segments(content: str) -> set[str]:
-    return find_bare_path_segments(content)
-
-
 def content_has_violation(content: str) -> bool:
     if not uses_angle_slot_convention(content):
         return False
     if not has_iteration_loop(content):
         return False
-    return bool(find_bare_index_segments(content))
+    return bool(find_bare_path_segments(content))
 
 
 def main() -> None:
@@ -150,6 +147,14 @@ def main() -> None:
             "permissionDecisionReason": CORRECTIVE_MESSAGE,
         }
     }
+    raw_tool_name_for_log = hook_input.get("tool_name", "")
+    tool_name_for_log = raw_tool_name_for_log if isinstance(raw_tool_name_for_log, str) else ""
+    log_hook_block(
+        calling_hook_name="workflow_substitution_slot_blocker.py",
+        hook_event="PreToolUse",
+        block_reason=CORRECTIVE_MESSAGE,
+        tool_name=tool_name_for_log,
+    )
     print(json.dumps(deny_payload))
     sys.stdout.flush()
     sys.exit(0)