gsd-cc 1.3.2 → 1.4.0

package/bin/install.js

@@ -157,19 +157,21 @@ function install(isGlobal) {
 
   // 5. Install hooks
   const hooksSrc = path.join(__dirname, '..', 'hooks');
-  const hooksDest = path.join(skillsBase, 'gsd-cc-shared', 'hooks');
+  const hooksBase = isGlobal
+    ? path.join(os.homedir(), '.claude', 'hooks')
+    : path.join(process.cwd(), '.claude', 'hooks');
   if (fs.existsSync(hooksSrc)) {
-    copyDir(hooksSrc, hooksDest);
+    copyDir(hooksSrc, hooksBase);
     // Make hooks executable
-    const hookFiles = fs.readdirSync(hooksDest);
+    const hookFiles = fs.readdirSync(hooksBase);
     for (const f of hookFiles) {
-      fs.chmodSync(path.join(hooksDest, f), 0o755);
+      fs.chmodSync(path.join(hooksBase, f), 0o755);
     }
     fileCount += hookFiles.length;
   }
 
   // 6. Configure hooks in settings.json
-  installHooks(isGlobal, hooksDest);
+  installHooks(isGlobal, hooksBase);
 
   console.log(`  ${green}✓${reset} Installed ${fileCount} files to ${label}`);
 }
@@ -217,22 +219,19 @@ function installHooks(isGlobal, hooksDir) {
     ]
   });
 
-  // PostToolUse: context monitor (all tools) + workflow guard (Edit/Write)
+  // PostToolUse: context monitor + statusline (all tools) + workflow guard (Edit/Write)
   if (!settings.hooks.PostToolUse) settings.hooks.PostToolUse = [];
   settings.hooks.PostToolUse.push({
-    hooks: [{ type: 'command', command: contextMonitor, timeout: 5000 }]
+    hooks: [
+      { type: 'command', command: contextMonitor, timeout: 5000 },
+      { type: 'command', command: statusline, timeout: 3000 }
+    ]
   });
   settings.hooks.PostToolUse.push({
     matcher: 'Edit|Write',
     hooks: [{ type: 'command', command: workflowGuard, timeout: 5000 }]
   });
 
-  // Notification: statusline
-  if (!settings.hooks.Notification) settings.hooks.Notification = [];
-  settings.hooks.Notification.push({
-    hooks: [{ type: 'command', command: statusline, timeout: 3000 }]
-  });
-
   fs.mkdirSync(path.dirname(settingsPath), { recursive: true });
   fs.writeFileSync(settingsPath, JSON.stringify(settings, null, 2) + '\n');
   console.log(`  ${green}✓${reset} Hooks configured in ${settingsPath.replace(os.homedir(), '~').replace(process.cwd(), '.')}`);

package/hooks/gsd-prompt-guard.sh

@@ -55,21 +55,22 @@ if echo "$CONTENT" | grep -iqE '(show|reveal|print|output|display) (your|the|sys
   REASON="Detected system prompt extraction attempt"
 fi
 
-# Pattern 4: Invisible Unicode characters (zero-width spaces, RTL override, etc.)
-if echo "$CONTENT" | grep -qP '[\x{200B}\x{200C}\x{200D}\x{FEFF}\x{202A}-\x{202E}\x{2066}-\x{2069}]' 2>/dev/null; then
-  SUSPICIOUS=true
-  REASON="Detected invisible Unicode characters"
-fi
-
-# Pattern 5: Base64-encoded instructions
-if echo "$CONTENT" | grep -qE '[A-Za-z0-9+/]{50,}={0,2}'; then
-  # Only flag if it's in a suspicious context (not normal code)
-  if echo "$CONTENT" | grep -iqE '(decode|eval|execute|base64).*[A-Za-z0-9+/]{50,}'; then
+# Pattern 4: Invisible Unicode characters (macOS-compatible using perl)
+if command -v perl >/dev/null 2>&1; then
+  if echo "$CONTENT" | perl -ne 'exit 1 if /[\x{200B}\x{200C}\x{200D}\x{FEFF}\x{202A}-\x{202E}\x{2066}-\x{2069}]/' 2>/dev/null; then
+    : # no match
+  else
     SUSPICIOUS=true
-    REASON="Detected potentially encoded instructions"
+    REASON="Detected invisible Unicode characters"
   fi
 fi
 
+# Pattern 5: Base64-encoded instructions in suspicious context
+if echo "$CONTENT" | grep -iqE '(decode|eval|execute|base64).*[A-Za-z0-9+/]{50,}'; then
+  SUSPICIOUS=true
+  REASON="Detected potentially encoded instructions"
+fi
+
 # Pattern 6: HTML/script injection in markdown
 if echo "$CONTENT" | grep -iqE '<script|javascript:|on(load|error|click)='; then
   SUSPICIOUS=true

package/hooks/gsd-statusline.sh

@@ -1,7 +1,8 @@
 #!/bin/bash
-# GSD-CC Statusline — Notification hook
-# Renders project status in the terminal statusline.
-# Shows: current phase, milestone/slice/task position, and project type.
+# GSD-CC Statusline — PostToolUse hook
+# Injects current project status as additionalContext after each tool use.
+# This keeps Claude aware of the current position in the project.
+# Also writes a bridge file for other hooks to read.
 
 INPUT=$(cat)
 CWD=$(echo "$INPUT" | jq -r '.cwd')
@@ -12,12 +13,23 @@ if [ ! -f "$STATE_FILE" ]; then
   exit 0
 fi
 
+# Debounce: only inject status every 10 tool calls
+DEBOUNCE_FILE="/tmp/gsd-cc-statusline-$(echo "$CWD" | cksum | cut -d' ' -f1)"
+COUNTER=0
+if [ -f "$DEBOUNCE_FILE" ]; then
+  COUNTER=$(cat "$DEBOUNCE_FILE")
+fi
+COUNTER=$((COUNTER + 1))
+echo "$COUNTER" > "$DEBOUNCE_FILE"
+if [ $((COUNTER % 10)) -ne 0 ]; then
+  exit 0
+fi
+
 # Parse STATE.md frontmatter
 PHASE=$(grep '^phase:' "$STATE_FILE" | head -1 | sed 's/phase: *//')
 MILESTONE=$(grep '^milestone:' "$STATE_FILE" | head -1 | sed 's/milestone: *//')
 SLICE=$(grep '^current_slice:' "$STATE_FILE" | head -1 | sed 's/current_slice: *//')
 TASK=$(grep '^current_task:' "$STATE_FILE" | head -1 | sed 's/current_task: *//')
-RIGOR=$(grep '^rigor:' "$STATE_FILE" | head -1 | sed 's/rigor: *//')
 
 # Build position string
 POSITION="$MILESTONE"
@@ -28,46 +40,20 @@ if [ "$TASK" != "—" ] && [ -n "$TASK" ]; then
   POSITION="$POSITION / $TASK"
 fi
 
-# Map phase to display name
-case "$PHASE" in
-  "seed") PHASE_DISPLAY="Seed" ;;
-  "seed-complete") PHASE_DISPLAY="Seed ✓" ;;
-  "stack-complete") PHASE_DISPLAY="Stack ✓" ;;
-  "roadmap-complete") PHASE_DISPLAY="Roadmap ✓" ;;
-  "discuss-complete") PHASE_DISPLAY="Discuss ✓" ;;
-  "plan-complete") PHASE_DISPLAY="Plan ✓" ;;
-  "planning") PHASE_DISPLAY="Planning..." ;;
-  "applying") PHASE_DISPLAY="Executing..." ;;
-  "apply-complete") PHASE_DISPLAY="UNIFY required" ;;
-  "unified") PHASE_DISPLAY="Unified ✓" ;;
-  *) PHASE_DISPLAY="$PHASE" ;;
-esac
-
 # Count progress
 TOTAL_SLICES=$(grep -c '| S[0-9]' "$STATE_FILE" 2>/dev/null || echo "0")
-DONE_SLICES=$(grep '| done' "$STATE_FILE" | wc -l | xargs)
+DONE_SLICES=$(grep '| done' "$STATE_FILE" 2>/dev/null | wc -l | xargs)
 
-# Write status to bridge file for other hooks
-BRIDGE_FILE="/tmp/gsd-cc-status-$(echo "$CWD" | md5sum 2>/dev/null | cut -c1-8 || echo "default").json"
+# Write bridge file for other hooks
+BRIDGE_FILE="/tmp/gsd-cc-bridge-$(echo "$CWD" | cksum | cut -d' ' -f1).json"
 jq -n \
   --arg phase "$PHASE" \
   --arg position "$POSITION" \
-  --arg rigor "$RIGOR" \
   --arg total "$TOTAL_SLICES" \
   --arg done "$DONE_SLICES" \
-  '{phase: $phase, position: $position, rigor: $rigor, total_slices: ($total|tonumber), done_slices: ($done|tonumber)}' \
+  '{phase: $phase, position: $position, total_slices: ($total|tonumber), done_slices: ($done|tonumber)}' \
   > "$BRIDGE_FILE" 2>/dev/null
 
-# Output statusline data
-jq -n \
-  --arg pos "$POSITION" \
-  --arg phase "$PHASE_DISPLAY" \
-  --arg rigor "$RIGOR" \
-  --arg progress "${DONE_SLICES}/${TOTAL_SLICES}" \
-  '{
-    "hookSpecificOutput": {
-      "hookEventName": "Notification",
-      "additionalContext": ("GSD-CC: " + $pos + " | " + $phase + " | " + $rigor + " | " + $progress + " slices")
-    }
-  }'
+# No additionalContext output — this hook is silent.
+# It only maintains the bridge file for cross-hook communication.
 exit 0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gsd-cc",
-  "version": "1.3.2",
+  "version": "1.4.0",
   "description": "Get Shit Done on Claude Code — structured AI development with your Max plan",
   "author": "Philipp Briese (https://github.com/0ui-labs)",
   "homepage": "https://github.com/0ui-labs/GSD-CC#readme",