eagle-mem 4.10.12 → 4.10.13

package/CHANGELOG.md

@@ -4,6 +4,18 @@ All notable changes to the **Eagle Mem** project are documented here.
 
 ---
 
+## v4.10.13 Feature Gate Monorepo Hardening
+
+This hotfix closes the feature verification gate false positives found in monorepos with repeated basenames:
+
+- **Full-Path Feature Matching**: Feature impact lookup now matches exact paths and path-boundary suffixes instead of broad basename-only `%server.js%` patterns when feature files store full paths.
+- **LIKE Escaping Hardening**: Feature path matching now treats `%`, `_`, and backslashes literally, preventing stored feature paths from becoming accidental SQL `LIKE` wildcards.
+- **Waive Safety**: Waived pending verifications are now scoped to the current change fingerprint, so a future edit to the same feature file reopens verification instead of being permanently bypassed.
+- **Release Guard Precision**: Eagle Mem state commands such as `orchestrate` and `tasks` no longer trip the release-boundary guard just because their descriptive text mentions `npm publish` or `git push`.
+- **Regression Coverage**: Added end-to-end feature gate coverage for monorepo path collisions, literal wildcard characters in paths, PreToolUse `git push` denial output, and same-fingerprint verification/waive behavior.
+
+---
+
 ## v4.10.12 Spectral Review Closure
 
 This patch closes the multi-CLI Spectral review findings on v4.10.11:

package/hooks/pre-tool-use.sh

@@ -150,9 +150,8 @@ One-off developer bypass:
                     while IFS= read -r changed_file; do
                         [ -z "$changed_file" ] && continue
                         norm_file=$(eagle_project_file_path "$cwd" "$changed_file")
-                        fname=$(basename "$norm_file")
 
-                        feature_hits=$(eagle_find_feature_for_push "$project" "$fname")
+                        feature_hits=$(eagle_find_feature_for_push "$project" "$norm_file")
 
                         while IFS='|' read -r feat_name feat_smoke feat_deps feat_verified; do
                             [ -z "$feat_name" ] && continue

package/lib/common.sh

@@ -1160,10 +1160,10 @@ eagle_is_release_boundary_command() {
             function has_dry_run_flag(line) {
                 return line ~ /(^|[[:space:]])--dry-run([[:space:]]|$|=([Tt][Rr][Uu][Ee]|1|[Yy][Ee][Ss])([[:space:]]|$))/
             }
-            function is_eagle_feature_command(line) {
-                return line ~ /(^|[[:space:]])([^[:space:]]*\/)?eagle-mem[[:space:]]+feature[[:space:]]+(verify|waive|pending|list)([[:space:]]|$)/
+            function is_eagle_state_command(line) {
+                return line ~ /(^|[[:space:]])([^[:space:]]*\/)?eagle-mem[[:space:]]+(feature[[:space:]]+(verify|waive|pending|list)|orchestrate|tasks)([[:space:]]|$)/
             }
-            is_eagle_feature_command($0) { next }
+            is_eagle_state_command($0) { next }
             /(^|[[:space:]])gh[[:space:]]+pr[[:space:]]+create([[:space:]]|$)/ ||
             /(^|[[:space:]])npm[[:space:]]+publish([[:space:]]|$)/ ||
             /(^|[[:space:]])pnpm[[:space:]]+publish([[:space:]]|$)/ ||
@@ -1185,10 +1185,10 @@ eagle_is_release_boundary_command() {
             function has_dry_run_flag(line) {
                 return line ~ /(^|[[:space:]])--dry-run([[:space:]]|$|=([Tt][Rr][Uu][Ee]|1|[Yy][Ee][Ss])([[:space:]]|$))/
             }
-            function is_eagle_feature_command(line) {
-                return line ~ /(^|[[:space:]])([^[:space:]]*\/)?eagle-mem[[:space:]]+feature[[:space:]]+(verify|waive|pending|list)([[:space:]]|$)/
+            function is_eagle_state_command(line) {
+                return line ~ /(^|[[:space:]])([^[:space:]]*\/)?eagle-mem[[:space:]]+(feature[[:space:]]+(verify|waive|pending|list)|orchestrate|tasks)([[:space:]]|$)/
             }
-            is_eagle_feature_command($0) { next }
+            is_eagle_state_command($0) { next }
             /(^|[[:space:]])git[[:space:]]+push([[:space:]]|$)/ {
                 if (!has_dry_run_flag($0)) found = 1
             }
@@ -1301,10 +1301,10 @@ eagle_fts_sanitize() {
     printf '%s' "$1" | sed 's/[^A-Za-z0-9_]/ /g' | sed 's/  */ /g; s/^ //; s/ $//'
 }
 
-# Escape SQL LIKE wildcards (% and _) so literal filenames match exactly.
+# Escape SQL LIKE wildcards and the escape character so literal filenames match exactly.
 # Apply AFTER eagle_sql_escape, since this only handles LIKE metacharacters.
 eagle_like_escape() {
-    printf '%s' "$1" | sed 's/%/\\%/g; s/_/\\_/g'
+    printf '%s' "$1" | sed 's/\\/\\\\/g; s/%/\\%/g; s/_/\\_/g'
 }
 
 # Validate a session ID is safe for use in file paths (no traversal).

package/lib/db-features.sh

@@ -58,14 +58,25 @@ eagle_verify_feature() {
         WHERE project = '$project' AND name = '$name';"
 }
 
+eagle_feature_file_match_ff_sql() {
+    local file_path="$1"
+    local file_esc; file_esc=$(eagle_sql_escape "$file_path")
+    local file_like; file_like=$(eagle_like_escape "$file_esc")
+
+    cat <<SQL
+(
+            ff.file_path = '$file_esc'
+            OR ff.file_path LIKE '%/$file_like' ESCAPE '\\'
+            OR substr('$file_esc', -length('/' || ff.file_path)) = '/' || ff.file_path
+        )
+SQL
+}
+
 eagle_find_feature_impacts_for_file() {
     local project; project=$(eagle_sql_escape "$1")
     local file_path="$2"
-    local fname; fname=$(basename "$file_path")
-    local file_esc; file_esc=$(eagle_sql_escape "$file_path")
-    local fname_esc; fname_esc=$(eagle_sql_escape "$fname")
-    local file_like; file_like=$(eagle_like_escape "$file_esc")
-    local fname_like; fname_like=$(eagle_like_escape "$fname_esc")
+    local file_match_sql
+    file_match_sql=$(eagle_feature_file_match_ff_sql "$file_path")
 
     eagle_db "SELECT DISTINCT f.id, f.name, f.description, f.last_verified_at,
         ff.file_path,
@@ -75,13 +86,7 @@ eagle_find_feature_impacts_for_file() {
         JOIN feature_files ff ON ff.feature_id = f.id
         WHERE f.project = '$project'
         AND f.status = 'active'
-        AND (
-            ff.file_path = '$file_esc'
-            OR ff.file_path LIKE '%/$file_like' ESCAPE '\\'
-            OR '$file_esc' LIKE '%' || ff.file_path ESCAPE '\\'
-            OR ff.file_path LIKE '%$fname_like' ESCAPE '\\'
-            OR ff.file_path LIKE '%$fname_like%' ESCAPE '\\'
-        )
+        AND $file_match_sql
         ORDER BY f.updated_at DESC
         LIMIT 10;"
 }
@@ -114,10 +119,8 @@ eagle_record_pending_feature_verifications() {
             WHERE project = '$p_esc'
               AND feature_id = $fid
               AND file_path = '$fp_esc'
-              AND (
-                  (change_fingerprint = '$fp_hash_esc' AND status = 'verified')
-                  OR status = 'waived'
-              )
+              AND change_fingerprint = '$fp_hash_esc'
+              AND status IN ('verified', 'waived')
             LIMIT 1;")
         [ -n "$already_resolved" ] && continue
 
@@ -341,8 +344,9 @@ eagle_count_active_features() {
 
 eagle_find_feature_for_push() {
     local project; project=$(eagle_sql_escape "$1")
-    local fname; fname=$(eagle_sql_escape "$2")
-    local fname_like; fname_like=$(eagle_like_escape "$fname")
+    local file_path="$2"
+    local file_match_sql
+    file_match_sql=$(eagle_feature_file_match_ff_sql "$file_path")
 
     eagle_db "SELECT DISTINCT f.name,
         (SELECT GROUP_CONCAT(fst.command, '; ')
@@ -354,15 +358,14 @@ eagle_find_feature_for_push() {
         JOIN feature_files ff ON ff.feature_id = f.id
         WHERE f.project = '$project'
         AND f.status = 'active'
-        AND (ff.file_path LIKE '%$fname_like' ESCAPE '\\' OR ff.file_path LIKE '%$fname_like%' ESCAPE '\\');"
+        AND $file_match_sql;"
 }
 
 eagle_find_features_for_file() {
     local project; project=$(eagle_sql_escape "$1")
     local file_path="$2"
-    local fname; fname=$(basename "$file_path")
-    local fname_esc; fname_esc=$(eagle_sql_escape "$fname")
-    local fname_like; fname_like=$(eagle_like_escape "$fname_esc")
+    local file_match_sql
+    file_match_sql=$(eagle_feature_file_match_ff_sql "$file_path")
 
     eagle_db "SELECT f.name, f.description, f.last_verified_at,
         ff.role,
@@ -376,7 +379,7 @@ eagle_find_features_for_file() {
         JOIN feature_files ff ON ff.feature_id = f.id
         WHERE f.project = '$project'
         AND f.status = 'active'
-        AND (ff.file_path LIKE '%$fname_like' ESCAPE '\\' OR ff.file_path LIKE '%$fname_like%' ESCAPE '\\')
+        AND $file_match_sql
         ORDER BY f.updated_at DESC
         LIMIT 3;"
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "eagle-mem",
-  "version": "4.10.12",
+  "version": "4.10.13",
   "description": "Shared memory, release guardrails, RTK token protection, and worker lanes for Claude Code, Codex, Grok, and Google Antigravity",
   "bin": {
     "eagle-mem": "bin/eagle-mem"

package/scripts/test.sh

@@ -54,6 +54,7 @@ run_check "Code Scan And Index (scan / index syntax)" "bash -n \"$SCRIPTS_DIR/sc
 run_check "Graph Memory Rebuild (isolated regression suite)" "bash \"$SCRIPTS_DIR/../tests/test_graph_memory.sh\""
 run_check "Dream Cycle Memory Graph Wiring (isolated regression suite)" "bash \"$SCRIPTS_DIR/../tests/test_curate_graph_memories.sh\""
 run_check "Reliability Guards (provider fallback, logs, autoscan, read scoring)" "bash \"$SCRIPTS_DIR/../tests/test_reliability_guards.sh\""
+run_check "Feature Verification Gate (monorepo path collisions)" "bash \"$SCRIPTS_DIR/../tests/test_feature_verification_gate.sh\""
 
 echo ""
 if [ "$errors" -eq 0 ]; then

package/skills/eagle-mem-feature/SKILL.md

@@ -24,7 +24,7 @@ These are semantically different operations:
 
 **Verify** = "I tested this exact change and it works." Fingerprint-specific — tied to the current diff hash. If the file changes again, a new pending verification appears.
 
-**Waive** = "I accept changes to this feature+file pair." Fingerprint-agnostic — covers the current change AND all future changes to that file for that feature. Use when the change is known-safe (e.g., comment-only edit, unrelated code path).
+**Waive** = "I accept this current pending change without running the full smoke test." Fingerprint-specific — covers the current file fingerprint only. If that file changes again, Eagle Mem creates a fresh pending verification. Use when the current change is known-safe (e.g., comment-only edit, unrelated code path).
 
 **Decision rule:** Did you run the smoke test or manually confirm behavior? Use `verify`. Is the change structurally irrelevant to the feature? Use `waive`.
 
@@ -72,7 +72,7 @@ Or waive a single pending record by ID:
 eagle-mem feature waive <id> --reason "unrelated code path"
 ```
 
-**Prefer waive-by-name** over waive-by-ID. IDs are ephemeral (new edits create new IDs), but names are stable. Waiving by name resolves all pending records for that feature at once.
+**Prefer waive-by-name** over waive-by-ID. IDs are ephemeral (new edits create new IDs), but names are stable. Waiving by name resolves all current pending records for that feature at once.
 
 A reason is always required — it's the audit trail for why verification was skipped.
 
@@ -116,7 +116,7 @@ eagle-mem feature show <name>          # files, deps, smoke tests, last verified
 | `feature show <name>` | Full detail: files, dependencies, smoke tests |
 | `feature pending` | All unresolved pending verifications |
 | `feature verify <name>` | Mark feature verified (fingerprint-specific) |
-| `feature waive <name\|id>` | Waive verification (fingerprint-agnostic for name) |
+| `feature waive <name\|id>` | Waive current pending verification(s) |
 | `feature add <name>` | Register a new feature with files/deps/tests |
 | `--notes "text"` | Attach notes to verify/waive (audit trail) |
 | `--reason "text"` | Required for waive — explains why safe |

package/tests/test_feature_verification_gate.sh

@@ -0,0 +1,230 @@
+#!/usr/bin/env bash
+# Focused feature-verification gate regressions. Runs in an isolated HOME/EAGLE_MEM_DIR.
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
+
+tmp_dir=$(mktemp -d "$ROOT_DIR/.tmp-feature-gate.XXXXXX")
+trap 'rm -rf "$tmp_dir"' EXIT
+
+export HOME="$tmp_dir/home"
+export EAGLE_MEM_DIR="$tmp_dir/eagle-mem"
+mkdir -p "$HOME" "$EAGLE_MEM_DIR"
+
+. "$ROOT_DIR/lib/common.sh"
+"$ROOT_DIR/db/migrate.sh" >/dev/null
+. "$ROOT_DIR/lib/db.sh"
+
+assert_contains() {
+    local haystack="$1" needle="$2" message="$3"
+    case "$haystack" in
+        *"$needle"*) ;;
+        *)
+            echo "$message" >&2
+            echo "Expected to find: $needle" >&2
+            echo "Actual: $haystack" >&2
+            exit 1
+            ;;
+    esac
+}
+
+assert_not_contains() {
+    local haystack="$1" needle="$2" message="$3"
+    case "$haystack" in
+        *"$needle"*)
+            echo "$message" >&2
+            echo "Did not expect to find: $needle" >&2
+            echo "Actual: $haystack" >&2
+            exit 1
+            ;;
+    esac
+}
+
+assert_not_denied() {
+    local output="$1" message="$2"
+    case "$output" in
+        *'"permissionDecision":"deny"'*)
+            echo "$message" >&2
+            echo "Actual: $output" >&2
+            exit 1
+            ;;
+    esac
+}
+
+feature_id_for() {
+    local project="$1" name="$2"
+    local id
+    id=$(eagle_get_feature_id "$project" "$name")
+    [ -n "$id" ] || {
+        echo "Missing feature id for $project/$name" >&2
+        exit 1
+    }
+    printf '%s\n' "$id"
+}
+
+project="monorepo-collision"
+eagle_upsert_feature "$project" "ussd-farm-profile-menu" "USSD app feature"
+eagle_upsert_feature "$project" "telegram-webhook-processing" "Telegram app feature"
+eagle_upsert_feature "$project" "whatsapp-webhook-processing" "WhatsApp app feature"
+
+eagle_add_feature_file "$(feature_id_for "$project" "ussd-farm-profile-menu")" "apps/ussd/src/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$project" "telegram-webhook-processing")" "apps/telegram/src/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$project" "whatsapp-webhook-processing")" "apps/whatsapp/src/server.js" "entrypoint"
+
+impacts=$(eagle_find_feature_impacts_for_file "$project" "apps/ussd/src/server.js")
+assert_contains "$impacts" "ussd-farm-profile-menu" "full-path feature match should find the USSD feature"
+assert_not_contains "$impacts" "telegram-webhook-processing" "full-path feature match should not fall back to Telegram basename"
+assert_not_contains "$impacts" "whatsapp-webhook-processing" "full-path feature match should not fall back to WhatsApp basename"
+
+impact_count=$(printf '%s\n' "$impacts" | sed '/^[[:space:]]*$/d' | wc -l | tr -d ' ')
+if [ "$impact_count" != "1" ]; then
+    echo "expected exactly one full-path feature impact, got $impact_count" >&2
+    echo "$impacts" >&2
+    exit 1
+fi
+
+eagle_record_pending_feature_verifications \
+    "$project" \
+    "apps/ussd/src/server.js" \
+    "session-feature-gate" \
+    "test" \
+    "Release boundary detected for current repository diff" \
+    "fingerprint-ussd" >/dev/null
+
+pending_rows=$(eagle_db "SELECT feature_name || '|' || file_path
+                         FROM pending_feature_verifications
+                         WHERE project = '$project'
+                           AND status = 'pending'
+                         ORDER BY feature_name;")
+assert_contains "$pending_rows" "ussd-farm-profile-menu|apps/ussd/src/server.js" "pending gate should create the matching USSD verification"
+assert_not_contains "$pending_rows" "telegram-webhook-processing" "pending gate should not create Telegram false positives"
+assert_not_contains "$pending_rows" "whatsapp-webhook-processing" "pending gate should not create WhatsApp false positives"
+
+waived=$(eagle_resolve_pending_feature_verifications "$project" "ussd-farm-profile-menu" "waived" "current change is safe" | tail -1)
+if [ "${waived:-0}" != "1" ]; then
+    echo "expected one pending verification to be waived, got ${waived:-0}" >&2
+    exit 1
+fi
+eagle_record_pending_feature_verifications \
+    "$project" \
+    "apps/ussd/src/server.js" \
+    "session-feature-gate" \
+    "test" \
+    "Release boundary detected for current repository diff" \
+    "fingerprint-ussd" >/dev/null
+same_fingerprint_pending=$(eagle_db "SELECT COUNT(*)
+                                      FROM pending_feature_verifications
+                                      WHERE project = '$project'
+                                        AND feature_name = 'ussd-farm-profile-menu'
+                                        AND file_path = 'apps/ussd/src/server.js'
+                                        AND status = 'pending';")
+if [ "$same_fingerprint_pending" != "0" ]; then
+    echo "same-fingerprint waiver should suppress the current pending record only" >&2
+    exit 1
+fi
+eagle_record_pending_feature_verifications \
+    "$project" \
+    "apps/ussd/src/server.js" \
+    "session-feature-gate" \
+    "test" \
+    "Release boundary detected for current repository diff" \
+    "fingerprint-ussd-2" >/dev/null
+new_fingerprint_pending=$(eagle_db "SELECT COUNT(*)
+                                     FROM pending_feature_verifications
+                                     WHERE project = '$project'
+                                       AND feature_name = 'ussd-farm-profile-menu'
+                                       AND file_path = 'apps/ussd/src/server.js'
+                                       AND status = 'pending';")
+if [ "$new_fingerprint_pending" != "1" ]; then
+    echo "new fingerprint should reopen a pending verification after a waiver" >&2
+    exit 1
+fi
+
+push_context=$(eagle_find_feature_for_push "$project" "apps/ussd/src/server.js")
+assert_contains "$push_context" "ussd-farm-profile-menu" "push feature reminder should find the exact full-path feature"
+assert_not_contains "$push_context" "telegram-webhook-processing" "push feature reminder should not use basename-only full-path matches"
+assert_not_contains "$push_context" "whatsapp-webhook-processing" "push feature reminder should not use basename-only full-path matches"
+
+read_context=$(eagle_find_features_for_file "$project" "apps/telegram/src/server.js")
+assert_contains "$read_context" "telegram-webhook-processing" "read feature reminder should find the exact full-path feature"
+assert_not_contains "$read_context" "ussd-farm-profile-menu" "read feature reminder should not use basename-only full-path matches"
+assert_not_contains "$read_context" "whatsapp-webhook-processing" "read feature reminder should not use basename-only full-path matches"
+
+legacy_project="bare-filename-compat"
+eagle_upsert_feature "$legacy_project" "legacy-server-feature" "Legacy bare filename feature"
+eagle_add_feature_file "$(feature_id_for "$legacy_project" "legacy-server-feature")" "server.js" "legacy"
+legacy_impacts=$(eagle_find_feature_impacts_for_file "$legacy_project" "apps/ussd/src/server.js")
+assert_contains "$legacy_impacts" "legacy-server-feature" "bare filename feature associations should still match full changed paths"
+
+wild_project="literal-like-paths"
+eagle_upsert_feature "$wild_project" "short-boundary-feature" "Boundary fixture"
+eagle_upsert_feature "$wild_project" "long-boundary-feature" "Boundary fixture"
+eagle_upsert_feature "$wild_project" "api-v1-underscore" "LIKE underscore fixture"
+eagle_upsert_feature "$wild_project" "api-xv1" "LIKE underscore fixture"
+eagle_upsert_feature "$wild_project" "api-percent-two" "LIKE percent fixture"
+eagle_upsert_feature "$wild_project" "api-z-two" "LIKE percent fixture"
+eagle_upsert_feature "$wild_project" "backslash-path" "LIKE backslash fixture"
+eagle_add_feature_file "$(feature_id_for "$wild_project" "short-boundary-feature")" "app/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$wild_project" "long-boundary-feature")" "myapp/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$wild_project" "api-v1-underscore")" "root/apps/api_v1/src/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$wild_project" "api-xv1")" "root/apps/apiXv1/src/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$wild_project" "api-percent-two")" "root/apps/api%2/src/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$wild_project" "api-z-two")" "root/apps/apiZ2/src/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$wild_project" "backslash-path")" 'root/apps/api\_v1/src/server.js' "entrypoint"
+
+boundary_hits=$(eagle_find_feature_impacts_for_file "$wild_project" "myapp/server.js")
+assert_contains "$boundary_hits" "long-boundary-feature" "boundary match should find myapp/server.js"
+assert_not_contains "$boundary_hits" "short-boundary-feature" "app/server.js should not match myapp/server.js"
+
+underscore_hits=$(eagle_find_feature_impacts_for_file "$wild_project" "apps/apiXv1/src/server.js")
+assert_contains "$underscore_hits" "api-xv1" "literal underscore fixture should find apiXv1"
+assert_not_contains "$underscore_hits" "api-v1-underscore" "stored underscore should not act as a LIKE wildcard"
+
+percent_hits=$(eagle_find_feature_impacts_for_file "$wild_project" "apps/apiZ2/src/server.js")
+assert_contains "$percent_hits" "api-z-two" "literal percent fixture should find apiZ2"
+assert_not_contains "$percent_hits" "api-percent-two" "stored percent should not act as a LIKE wildcard"
+
+backslash_hits=$(eagle_find_feature_impacts_for_file "$wild_project" 'apps/api\_v1/src/server.js')
+assert_contains "$backslash_hits" "backslash-path" "literal backslash path should match itself"
+assert_not_contains "$backslash_hits" "api-v1-underscore" "literal backslash should not turn underscore into a wildcard match"
+
+like_escaped=$(eagle_like_escape 'apps\api_v1%/server.js')
+if [ "$like_escaped" != 'apps\\api\_v1\%/server.js' ]; then
+    echo "LIKE escape should escape backslash, underscore, and percent" >&2
+    echo "Actual: $like_escaped" >&2
+    exit 1
+fi
+
+hook_project="hook-monorepo-collision"
+hook_repo="$tmp_dir/hook-repo"
+mkdir -p "$hook_repo/apps/ussd/src" "$hook_repo/apps/telegram/src" "$hook_repo/apps/whatsapp/src"
+git -C "$hook_repo" init -q
+git -C "$hook_repo" config user.email "test@example.com"
+git -C "$hook_repo" config user.name "Eagle Mem Test"
+printf 'console.log("ussd v1");\n' > "$hook_repo/apps/ussd/src/server.js"
+printf 'console.log("telegram v1");\n' > "$hook_repo/apps/telegram/src/server.js"
+printf 'console.log("whatsapp v1");\n' > "$hook_repo/apps/whatsapp/src/server.js"
+git -C "$hook_repo" add .
+git -C "$hook_repo" commit -q -m "initial app files"
+
+eagle_upsert_feature "$hook_project" "hook-ussd" "USSD hook feature"
+eagle_upsert_feature "$hook_project" "hook-telegram" "Telegram hook feature"
+eagle_upsert_feature "$hook_project" "hook-whatsapp" "WhatsApp hook feature"
+eagle_add_feature_file "$(feature_id_for "$hook_project" "hook-ussd")" "apps/ussd/src/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$hook_project" "hook-telegram")" "apps/telegram/src/server.js" "entrypoint"
+eagle_add_feature_file "$(feature_id_for "$hook_project" "hook-whatsapp")" "apps/whatsapp/src/server.js" "entrypoint"
+
+printf 'console.log("ussd v2");\n' > "$hook_repo/apps/ussd/src/server.js"
+hook_input=$(jq -nc --arg sid "session-hook-feature-gate" --arg cwd "$hook_repo" \
+    '{tool_name:"Bash",session_id:$sid,cwd:$cwd,tool_input:{command:"git push origin main"}}')
+hook_output=$(EAGLE_MEM_PROJECT="$hook_project" bash "$ROOT_DIR/hooks/pre-tool-use.sh" <<< "$hook_input")
+assert_contains "$hook_output" '"permissionDecision":"deny"' "pre-tool-use should block git push with a pending matching feature"
+assert_contains "$hook_output" "hook-ussd" "pre-tool-use denial should mention the matching USSD feature"
+assert_not_contains "$hook_output" "hook-telegram" "pre-tool-use denial should not include Telegram false positives"
+assert_not_contains "$hook_output" "hook-whatsapp" "pre-tool-use denial should not include WhatsApp false positives"
+
+eagle_resolve_pending_feature_verifications "$hook_project" "hook-ussd" "verified" "verified by hook regression" >/dev/null
+hook_after_verify=$(EAGLE_MEM_PROJECT="$hook_project" bash "$ROOT_DIR/hooks/pre-tool-use.sh" <<< "$hook_input")
+assert_not_denied "$hook_after_verify" "same-fingerprint verification should release the pre-tool-use block"
+
+echo "feature verification gate regressions passed"

package/tests/test_reliability_guards.sh

@@ -67,6 +67,26 @@ grep -q "agent_cli unsupported preferred target: grok" "$provider_home/eagle-mem
     exit 1
 }
 
+EAGLE_MEM_DIR="$provider_home" bash -c "
+    . '$ROOT_DIR/lib/common.sh'
+    if eagle_is_release_boundary_command 'eagle-mem orchestrate init \"commit and npm publish\"'; then
+        echo 'release guard should ignore Eagle Mem orchestration descriptions' >&2
+        exit 1
+    fi
+    if ! eagle_is_release_boundary_command 'npm publish'; then
+        echo 'release guard should detect npm publish' >&2
+        exit 1
+    fi
+    if ! eagle_is_release_boundary_command 'git push origin main'; then
+        echo 'release guard should detect git push' >&2
+        exit 1
+    fi
+    if eagle_is_release_boundary_command 'npm publish --dry-run'; then
+        echo 'release guard should allow npm publish --dry-run' >&2
+        exit 1
+    fi
+"
+
 # PreToolUse parsing + read scoring: repeated large read after modification should emit scored context.
 hook_home="$tmp_dir/hook-home"
 repo="$tmp_dir/repo"