dual-brain 6.1.0 → 6.1.1

package/bin/dual-brain.mjs

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 // dual-brain — CLI entry point. Commands: init, go, status, remember, forget
 
-import { readFileSync } from 'node:fs';
+import { existsSync, readFileSync } from 'node:fs';
 import { join, dirname } from 'node:path';
 import { fileURLToPath } from 'node:url';
 import { execSync } from 'node:child_process';
@@ -67,7 +67,17 @@ Options:
 // ─── Card command (default) ──────────────────────────────────────────────────
 
 async function cmdCard() {
-  const cwd     = process.cwd();
+  const cwd = process.cwd();
+  const { homedir } = await import('node:os');
+  const globalPath  = join(homedir(), '.config', 'dual-brain', 'profile.json');
+  const projectPath = join(cwd, '.dualbrain', 'profile.json');
+
+  if (!existsSync(projectPath) && !existsSync(globalPath)) {
+    console.log('Welcome to dual-brain! Let\'s set up your profile.\n');
+    await cmdInit();
+    return;
+  }
+
   const repo    = loadRepoCache(cwd);
   const session = loadSession(cwd);
   const health  = getHealth(cwd);
@@ -274,6 +284,39 @@ async function cmdStatus(args = []) {
     vtrace(`Raw profile:\n${JSON.stringify(profile, null, 2)}`);
   }
 
+  // Enforcement health check
+  console.log('\nEnforcement:');
+  try {
+    const { readFileSync: rfs, existsSync: exs } = await import('node:fs');
+    const settingsFile = join(cwd, '.claude', 'settings.json');
+    if (!exs(settingsFile)) {
+      console.log('  NOT INSTALLED — run: dual-brain install');
+    } else {
+      const settings = JSON.parse(rfs(settingsFile, 'utf8'));
+      const preToolUse = settings?.hooks?.PreToolUse ?? [];
+      const guardCmd  = 'bash .claude/hooks/head-guard.sh';
+      const tierCmd   = 'node .claude/hooks/enforce-tier.mjs';
+      const hasEdit   = preToolUse.some(e => e.matcher === 'Edit'   && e.hooks?.some(h => h.command === guardCmd));
+      const hasWrite  = preToolUse.some(e => e.matcher === 'Write'  && e.hooks?.some(h => h.command === guardCmd));
+      const hasBash   = preToolUse.some(e => e.matcher === 'Bash'   && e.hooks?.some(h => h.command === guardCmd));
+      const hasAgent  = preToolUse.some(e => e.matcher === 'Agent'  && e.hooks?.some(h => h.command === tierCmd));
+      const activeCount = [hasEdit, hasWrite, hasBash, hasAgent].filter(Boolean).length;
+      if (activeCount === 4) {
+        console.log(`  active (${activeCount} guards: Edit, Write, Bash, Agent)`);
+      } else {
+        const missing = [
+          !hasEdit  && 'Edit',
+          !hasWrite && 'Write',
+          !hasBash  && 'Bash',
+          !hasAgent && 'Agent',
+        ].filter(Boolean);
+        console.log(`  PARTIAL — missing guards: ${missing.join(', ')} — run: dual-brain install`);
+      }
+    }
+  } catch {
+    console.log('  unknown (could not read .claude/settings.json)');
+  }
+
   // Update check
   try {
     const localVer  = readVersion();
@@ -320,9 +363,27 @@ function cmdCool(providerArg) {
 }
 
 async function cmdInstall() {
+  const cwd = process.cwd();
+
+  // Run the main install.mjs (orchestrator config, all hooks, CLAUDE.md, etc.)
   const { spawnSync } = await import('child_process');
-  const result = spawnSync('node', [join(__dirname, '..', 'install.mjs')], { stdio: 'inherit', cwd: process.cwd() });
-  process.exit(result.status || 0);
+  const result = spawnSync('node', [join(__dirname, '..', 'install.mjs')], { stdio: 'inherit', cwd });
+  if (result.status !== 0) { process.exit(result.status || 1); }
+
+  // Additionally merge enforcement hooks into .claude/settings.json
+  const { installHooks } = await import('../src/install-hooks.mjs');
+  const { installed, skipped } = installHooks(cwd);
+
+  if (installed.length > 0) {
+    console.log(`\nEnforcement hooks installed (${installed.length}):`);
+    for (const item of installed) console.log(`  + ${item}`);
+  }
+  if (skipped.length > 0) {
+    console.log(`Enforcement hooks already present (${skipped.length}):`);
+    for (const item of skipped) console.log(`  = ${item}`);
+  }
+
+  process.exit(0);
 }
 
 function cmdRemember(text) {

package/hooks/head-guard.sh

@@ -8,6 +8,8 @@
 # Exit 0  → allow
 # Exit 2  → block  (stderr message is shown to Claude)
 
+BLOCK_MSG='[dual-brain] HEAD cannot use this tool directly. Dispatch via: dual-brain go "task description"'
+
 # ── 1. Role check ────────────────────────────────────────────────────────────
 # Only enforce when the session has been explicitly marked as the HEAD agent.
 # If the env var is unset we allow everything (backward compat for non-dual-brain usage).
@@ -24,86 +26,14 @@ fi
 # ── 2. Tool name check ───────────────────────────────────────────────────────
 TOOL="${CLAUDE_TOOL_NAME:-}"
 
-# Block direct file-editing tools unconditionally for HEAD.
+# Block direct file-editing tools and Bash unconditionally for HEAD.
+# HEAD should use Read tool for reading and Agent (via dual-brain go) for all other work.
 case "${TOOL}" in
-    Edit|Write|NotebookEdit)
-        echo "HEAD cannot implement directly. Use: node hooks/dispatch.mjs --task \"description\"" >&2
+    Edit|Write|NotebookEdit|Bash)
+        echo "${BLOCK_MSG}" >&2
         exit 2
         ;;
 esac
 
-# ── 3. Bash content check ────────────────────────────────────────────────────
-# For Bash calls, read stdin JSON and extract the "command" field, then scan for
-# write-side shell patterns. Pure bash + standard POSIX utilities — no node
-# startup, no network.
-
-if [[ "${TOOL}" == "Bash" ]]; then
-    # Read the full JSON input from stdin.
-    INPUT="$(cat)"
-
-    # Extract the value of "command" from the JSON.
-    # Strategy: grep for the key+value pair, then strip key prefix with sed.
-    # Handles normal ASCII command strings (not escaped unicode — acceptable for a guard).
-    CMD="$(printf '%s' "${INPUT}" \
-        | grep -o '"command"[[:space:]]*:[[:space:]]*"[^"]*"' \
-        | head -1 \
-        | sed 's/^"command"[[:space:]]*:[[:space:]]*"//;s/"$//')"
-
-    # If we couldn't extract a command (unusual JSON shape), allow through.
-    if [[ -z "${CMD}" ]]; then
-        exit 0
-    fi
-
-    # ── Blocked patterns ─────────────────────────────────────────────────────
-
-    # sed with in-place flag (-i or combined flags like -ni)
-    if printf '%s' "${CMD}" | grep -qE '(^|[[:space:];|&])sed[[:space:]].*-[a-zA-Z]*i'; then
-        echo "HEAD cannot implement directly (sed -i). Use: node hooks/dispatch.mjs --task \"description\"" >&2
-        exit 2
-    fi
-
-    # Redirect-write: cat > file, echo > file, printf > file (single > only, not >>)
-    if printf '%s' "${CMD}" | grep -qE '(cat|echo|printf)[^|]*>[^>]'; then
-        echo "HEAD cannot implement directly (redirect write). Use: node hooks/dispatch.mjs --task \"description\"" >&2
-        exit 2
-    fi
-
-    # tee writing to a file path (tee /path or tee ./path or tee filename)
-    if printf '%s' "${CMD}" | grep -qE '(^|[[:space:];|&])tee[[:space:]]+[^-]'; then
-        echo "HEAD cannot implement directly (tee). Use: node hooks/dispatch.mjs --task \"description\"" >&2
-        exit 2
-    fi
-
-    # patch command
-    if printf '%s' "${CMD}" | grep -qE '(^|[[:space:];|&])patch[[:space:]]'; then
-        echo "HEAD cannot implement directly (patch). Use: node hooks/dispatch.mjs --task \"description\"" >&2
-        exit 2
-    fi
-
-    # Interpreter one-liners that can write files (node -e, python -c, perl -e, ruby -e)
-    if printf '%s' "${CMD}" | grep -qE '(^|[[:space:];|&])(node[[:space:]]+(--eval|-e)|python3?[[:space:]]+-c|perl[[:space:]]+-e|ruby[[:space:]]+-e)[[:space:]]'; then
-        echo "HEAD cannot implement directly (interpreter one-liner). Use: node hooks/dispatch.mjs --task \"description\"" >&2
-        exit 2
-    fi
-
-    # mv / cp where the destination looks like a source code file
-    if printf '%s' "${CMD}" | grep -qE '(^|[[:space:];|&])(mv|cp)[[:space:]].*\.(js|mjs|cjs|ts|tsx|py|sh|json|yaml|yml|toml|rb|go|rs|java|c|cpp|h|css|html|sql)([[:space:]]|$)'; then
-        echo "HEAD cannot implement directly (mv/cp to source file). Use: node hooks/dispatch.mjs --task \"description\"" >&2
-        exit 2
-    fi
-
-    # rm on source files
-    if printf '%s' "${CMD}" | grep -qE '(^|[[:space:];|&])rm[[:space:]].*\.(js|mjs|cjs|ts|tsx|py|sh|json|yaml|yml|toml|rb|go|rs|java|c|cpp|h|css|html|sql)([[:space:]]|$)'; then
-        echo "HEAD cannot implement directly (rm on source file). Use: node hooks/dispatch.mjs --task \"description\"" >&2
-        exit 2
-    fi
-
-    # Explicitly allowed (read-only) patterns — documented here for clarity.
-    # The checks above are specific enough that these don't need explicit allow rules,
-    # but listing them makes the intent clear:
-    #   grep, find, cat <file (no redirect), git status/log/diff/show,
-    #   node --check, ls, wc, head, tail, jq (read), curl (read), etc.
-fi
-
-# ── 4. Default: allow ────────────────────────────────────────────────────────
+# ── 3. Default: allow ────────────────────────────────────────────────────────
 exit 0

package/install.mjs

@@ -744,39 +744,50 @@ function generateSettings(workspace) {
   let existing = {};
   try { existing = JSON.parse(readFileSync(settingsPath, 'utf8')); } catch {}
 
-  const hooks = {
-    PreToolUse: [
-      {
-        matcher: 'Agent',
-        hooks: [{ type: 'command', command: 'node .claude/hooks/enforce-tier.mjs' }],
-      },
-    ],
-    PostToolUse: [
-      {
-        matcher: '',
-        hooks: [{ type: 'command', command: 'node .claude/hooks/cost-logger.mjs' }],
-      },
-      {
-        matcher: '',
-        hooks: [{ type: 'command', command: 'node .claude/hooks/auto-update-wrapper.mjs' }],
-      },
-    ],
-  };
+  const HEAD_GUARD_CMD = 'bash .claude/hooks/head-guard.sh';
+  const ENFORCE_TIER_CMD = 'node .claude/hooks/enforce-tier.mjs';
+
+  // All dual-brain PreToolUse hooks we manage
+  const DESIRED_PRE = [
+    { matcher: 'Edit',         command: HEAD_GUARD_CMD },
+    { matcher: 'Write',        command: HEAD_GUARD_CMD },
+    { matcher: 'NotebookEdit', command: HEAD_GUARD_CMD },
+    { matcher: 'Bash',         command: HEAD_GUARD_CMD },
+    { matcher: 'Agent',        command: ENFORCE_TIER_CMD },
+  ];
 
   const DUAL_BRAIN_CMDS = [
-    'node .claude/hooks/enforce-tier.mjs',
+    HEAD_GUARD_CMD,
+    ENFORCE_TIER_CMD,
     'node .claude/hooks/cost-logger.mjs',
     'node .claude/hooks/auto-update-wrapper.mjs',
   ];
 
-  const merged = { ...(existing.hooks || {}) };
-  for (const [event, entries] of Object.entries(hooks)) {
-    const existingEntries = (merged[event] || []).filter(e =>
-      !e.hooks?.some(h => DUAL_BRAIN_CMDS.includes(h.command))
-    );
-    merged[event] = [...existingEntries, ...entries];
+  // Build merged PreToolUse: keep user entries that aren't ours, then add ours
+  const existingPre = (existing.hooks?.PreToolUse || []).filter(e =>
+    !e.hooks?.some(h => DUAL_BRAIN_CMDS.includes(h.command))
+  );
+  const mergedPre = [...existingPre];
+  for (const { matcher, command } of DESIRED_PRE) {
+    mergedPre.push({ matcher, hooks: [{ type: 'command', command }] });
   }
 
+  // Build merged PostToolUse
+  const postHooks = [
+    { matcher: '', hooks: [{ type: 'command', command: 'node .claude/hooks/cost-logger.mjs' }] },
+    { matcher: '', hooks: [{ type: 'command', command: 'node .claude/hooks/auto-update-wrapper.mjs' }] },
+  ];
+  const existingPost = (existing.hooks?.PostToolUse || []).filter(e =>
+    !e.hooks?.some(h => DUAL_BRAIN_CMDS.includes(h.command))
+  );
+  const mergedPost = [...existingPost, ...postHooks];
+
+  const merged = {
+    ...(existing.hooks || {}),
+    PreToolUse: mergedPre,
+    PostToolUse: mergedPost,
+  };
+
   return { ...existing, hooks: merged };
 }
 
@@ -875,8 +886,8 @@ function install(workspace, env, mode) {
   ];
   for (const h of HOOKS) cpSync(join(__dirname, 'hooks', h), join(target, 'hooks', h));
 
-  // Copy bash hooks (auto-update.sh lives alongside .mjs hooks in the package)
-  const BASH_HOOKS = ['auto-update.sh'];
+  // Copy bash hooks (auto-update.sh and head-guard.sh live alongside .mjs hooks in the package)
+  const BASH_HOOKS = ['auto-update.sh', 'head-guard.sh'];
   for (const h of BASH_HOOKS) {
     const src = join(__dirname, 'hooks', h);
     const dst = join(target, 'hooks', h);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dual-brain",
-  "version": "6.1.0",
+  "version": "6.1.1",
   "description": "AI orchestration across Claude + OpenAI subscriptions — smart routing, budget awareness, and dual-brain collaboration",
   "type": "module",
   "bin": {

package/src/install-hooks.mjs

@@ -0,0 +1,100 @@
+/**
+ * install-hooks.mjs — Merge dual-brain PreToolUse hooks into .claude/settings.json.
+ *
+ * Exported function: installHooks(cwd)
+ * Returns: { installed: string[], skipped: string[] }
+ */
+
+import { chmodSync, cpSync, existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { join, dirname } from 'node:path';
+import { fileURLToPath } from 'node:url';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname  = dirname(__filename);
+const PKG_ROOT   = join(__dirname, '..');
+
+// The hook commands we want present in .claude/settings.json PreToolUse
+const HEAD_GUARD_CMD   = 'bash .claude/hooks/head-guard.sh';
+const ENFORCE_TIER_CMD = 'node .claude/hooks/enforce-tier.mjs';
+
+const DESIRED_HOOKS = [
+  { matcher: 'Edit',         command: HEAD_GUARD_CMD },
+  { matcher: 'Write',        command: HEAD_GUARD_CMD },
+  { matcher: 'NotebookEdit', command: HEAD_GUARD_CMD },
+  { matcher: 'Bash',         command: HEAD_GUARD_CMD },
+  { matcher: 'Agent',        command: ENFORCE_TIER_CMD },
+];
+
+/**
+ * Install dual-brain enforcement hooks into a project's .claude/settings.json.
+ *
+ * @param {string} cwd - Project root directory (where .claude/ should live)
+ * @returns {{ installed: string[], skipped: string[] }}
+ */
+export function installHooks(cwd) {
+  const claudeDir    = join(cwd, '.claude');
+  const hooksDir     = join(claudeDir, 'hooks');
+  const settingsPath = join(claudeDir, 'settings.json');
+
+  const installed = [];
+  const skipped   = [];
+
+  // Ensure directories exist
+  mkdirSync(hooksDir, { recursive: true });
+
+  // Copy hook files from package into project's .claude/hooks/
+  const filesToCopy = [
+    { name: 'head-guard.sh',    exec: true },
+    { name: 'enforce-tier.mjs', exec: false },
+  ];
+
+  for (const { name, exec } of filesToCopy) {
+    const src = join(PKG_ROOT, 'hooks', name);
+    const dst = join(hooksDir, name);
+    if (existsSync(src)) {
+      cpSync(src, dst);
+      if (exec) {
+        try { chmodSync(dst, 0o755); } catch {}
+      }
+      installed.push(`hooks/${name}`);
+    }
+  }
+
+  // Read existing settings (or start fresh)
+  let settings = {};
+  try {
+    settings = JSON.parse(readFileSync(settingsPath, 'utf8'));
+  } catch {
+    // File doesn't exist or is malformed — start empty
+  }
+
+  // Ensure hooks.PreToolUse array exists
+  if (!settings.hooks) settings.hooks = {};
+  if (!Array.isArray(settings.hooks.PreToolUse)) settings.hooks.PreToolUse = [];
+
+  const preToolUse = settings.hooks.PreToolUse;
+
+  // Merge: for each desired hook, add only if command is not already registered for that matcher
+  for (const { matcher, command } of DESIRED_HOOKS) {
+    const alreadyPresent = preToolUse.some(entry =>
+      entry.matcher === matcher &&
+      Array.isArray(entry.hooks) &&
+      entry.hooks.some(h => h.command === command)
+    );
+
+    if (alreadyPresent) {
+      skipped.push(`PreToolUse[${matcher}]`);
+    } else {
+      preToolUse.push({
+        matcher,
+        hooks: [{ type: 'command', command }],
+      });
+      installed.push(`PreToolUse[${matcher}]`);
+    }
+  }
+
+  // Write back merged settings
+  writeFileSync(settingsPath, JSON.stringify(settings, null, 2) + '\n');
+
+  return { installed, skipped };
+}