mstro-app 0.3.1 → 0.3.5

package/bin/configure-claude.js

@@ -1,298 +0,0 @@
-#!/usr/bin/env node
-// Copyright (c) 2025-present Mstro, Inc. All rights reserved.
-// Licensed under the MIT License. See LICENSE file for details.
-
-/**
- * Mstro Claude Configuration Tool
- *
- * Automatically configures ~/.claude/settings.json and installs
- * the bouncer hook for Claude Code integration.
- *
- * Usage:
- *   npx mstro configure-hooks
- *   node bin/configure-claude.js
- */
-
-import { chmodSync, existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
-import { homedir } from 'node:os';
-import { dirname, join, resolve } from 'node:path';
-import { createInterface } from 'node:readline';
-import { fileURLToPath } from 'node:url';
-
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = dirname(__filename);
-const MSTRO_ROOT = resolve(__dirname, '..');
-
-const CLAUDE_DIR = join(homedir(), '.claude');
-const CLAUDE_HOOKS_DIR = join(CLAUDE_DIR, 'hooks');
-const CLAUDE_SETTINGS_FILE = join(CLAUDE_DIR, 'settings.json');
-const _BOUNCER_HOOK_SOURCE = join(MSTRO_ROOT, 'hooks', 'bouncer.sh');
-const BOUNCER_CLI_PATH = join(MSTRO_ROOT, 'server', 'mcp', 'bouncer-cli.ts');
-const TSX_PATH = join(MSTRO_ROOT, 'node_modules', '.bin', 'tsx');
-
-// ANSI colors
-const colors = {
-  reset: '\x1b[0m',
-  bold: '\x1b[1m',
-  green: '\x1b[32m',
-  yellow: '\x1b[33m',
-  blue: '\x1b[34m',
-  red: '\x1b[31m',
-  dim: '\x1b[2m',
-};
-
-function log(msg, color = '') {
-  console.log(`${color}${msg}${colors.reset}`);
-}
-
-function prompt(question) {
-  const rl = createInterface({ input: process.stdin, output: process.stdout });
-  return new Promise((resolve) => {
-    rl.question(question, (answer) => {
-      rl.close();
-      resolve(answer.trim().toLowerCase());
-    });
-  });
-}
-
-/**
- * Generate the bouncer hook script with embedded paths
- * This ensures the hook knows where to find the bouncer CLI regardless of
- * how/where mstro was installed (npm global, npx, etc.)
- */
-function generateBouncerHook(tsxPath, bouncerCliPath) {
-  return `#!/usr/bin/env bash
-#
-# Mstro Bouncer Gate - Claude Code Hook
-#
-# This hook intercepts Claude Code tool calls and routes them through
-# the Mstro bouncer for security analysis before execution.
-#
-# Generated by: npx mstro configure-hooks
-# Dependencies: Node.js (no jq or bun required)
-#
-
-set -euo pipefail
-
-# Paths configured at install time
-TSX_PATH="${tsxPath}"
-BOUNCER_CLI="${bouncerCliPath}"
-
-# User-configurable settings
-BOUNCER_TIMEOUT="\${BOUNCER_TIMEOUT:-10}"
-BOUNCER_LOG="\${BOUNCER_LOG:-$HOME/.claude/logs/bouncer.log}"
-
-# Ensure log directory exists
-mkdir -p "$(dirname "$BOUNCER_LOG")"
-
-# Read hook input from stdin
-INPUT=$(cat)
-
-# Run the bouncer via tsx (handles TypeScript execution)
-if [ -x "$TSX_PATH" ] && [ -f "$BOUNCER_CLI" ]; then
-  RESULT=$(echo "$INPUT" | timeout "$BOUNCER_TIMEOUT" "$TSX_PATH" "$BOUNCER_CLI" 2>> "$BOUNCER_LOG" || echo '{"decision": "allow", "reason": "Bouncer timeout or error"}')
-  echo "$RESULT"
-else
-  # Fallback: use inline Node.js for basic pattern matching
-  node --input-type=module -e "
-const input = JSON.parse(process.argv[1]);
-const toolName = input.tool_name || input.toolName || 'unknown';
-const toolInput = input.input || input.toolInput || {};
-
-// Quick allow for read-only operations
-const readOnly = ['Read', 'Glob', 'Grep', 'Search', 'List', 'WebFetch', 'WebSearch'];
-if (readOnly.includes(toolName)) {
-  console.log(JSON.stringify({ decision: 'allow', reason: 'Read-only operation' }));
-  process.exit(0);
-}
-
-// Build operation string
-let op = toolName + ': ';
-if (toolName === 'Bash') op += toolInput.command || '';
-else if (['Write', 'Edit'].includes(toolName)) op += toolInput.file_path || toolInput.filePath || '';
-else op += JSON.stringify(toolInput);
-
-// Critical threat patterns
-const threats = [
-  [/rm\\s+-rf\\s+(\\/|~)(\\$|\\s)/, 'recursive delete of root/home'],
-  [/:\\(\\)\\{.*\\}/, 'fork bomb'],
-  [/dd\\s+if=\\/dev\\/zero\\s+of=\\/dev\\/sd/, 'disk overwrite'],
-  [/mkfs\\s+\\/dev\\/sd/, 'filesystem format'],
-];
-
-for (const [pattern, reason] of threats) {
-  if (pattern.test(op)) {
-    console.log(JSON.stringify({ decision: 'deny', reason: 'Critical threat: ' + reason }));
-    process.exit(0);
-  }
-}
-
-console.log(JSON.stringify({ decision: 'allow', reason: 'Fallback: basic check passed' }));
-" "$INPUT"
-fi
-`;
-}
-
-function ensureDirectories() {
-  log('Step 1: Checking ~/.claude directory structure...', colors.bold);
-
-  for (const dir of [CLAUDE_DIR, CLAUDE_HOOKS_DIR, join(CLAUDE_DIR, 'logs')]) {
-    if (!existsSync(dir)) {
-      log(`  Creating ${dir}`, colors.dim);
-      mkdirSync(dir, { recursive: true });
-    } else {
-      log(`  ${dir} exists`, colors.green);
-    }
-  }
-
-  log('  Done!\n', colors.green);
-}
-
-async function installBouncerHook(forceYes, isInteractive) {
-  log('Step 2: Installing bouncer hook...', colors.bold);
-
-  const hookDest = join(CLAUDE_HOOKS_DIR, 'bouncer.sh');
-  const hookContent = generateBouncerHook(TSX_PATH, BOUNCER_CLI_PATH);
-  const hookExists = existsSync(hookDest);
-
-  if (hookExists) {
-    log(`  Hook already exists at ${hookDest}`, colors.yellow);
-    let overwrite = forceYes;
-
-    if (!forceYes && isInteractive) {
-      const answer = await prompt('  Overwrite existing hook? [y/N]: ');
-      overwrite = answer === 'y' || answer === 'yes';
-    }
-
-    if (!overwrite) {
-      log('  Skipping hook installation', colors.dim);
-      log('  Done!\n', colors.green);
-      return hookDest;
-    }
-  }
-
-  writeFileSync(hookDest, hookContent);
-  chmodSync(hookDest, 0o755);
-  log(`  ${hookExists ? 'Overwrote' : 'Installed'} ${hookDest}`, colors.green);
-  log('  Done!\n', colors.green);
-  return hookDest;
-}
-
-function loadSettings() {
-  if (!existsSync(CLAUDE_SETTINGS_FILE)) {
-    return {};
-  }
-  try {
-    const content = readFileSync(CLAUDE_SETTINGS_FILE, 'utf-8');
-    const settings = JSON.parse(content);
-    log(`  Loaded existing settings from ${CLAUDE_SETTINGS_FILE}`, colors.dim);
-    return settings;
-  } catch (err) {
-    log(`  Warning: Could not parse existing settings.json: ${err.message}`, colors.yellow);
-    log('  Will create new settings file', colors.dim);
-    return {};
-  }
-}
-
-async function configureSettings(hookDest, forceYes, isInteractive) {
-  log('Step 3: Configuring settings.json...', colors.bold);
-
-  const settings = loadSettings();
-  if (!settings.hooks) {
-    settings.hooks = {};
-  }
-
-  const bouncerHook = { type: 'command', command: hookDest, timeout: 10000 };
-  const bouncerHookConfig = [
-    { matcher: 'Bash', hooks: [bouncerHook] },
-    { matcher: 'Write', hooks: [bouncerHook] },
-    { matcher: 'Edit', hooks: [bouncerHook] }
-  ];
-
-  const existingPreToolUse = settings.hooks.PreToolUse;
-
-  if (existingPreToolUse) {
-    log('  Existing PreToolUse hook configuration found:', colors.yellow);
-    log(`    ${JSON.stringify(existingPreToolUse, null, 2).split('\n').join('\n    ')}`, colors.dim);
-
-    let update = forceYes;
-    if (!forceYes && isInteractive) {
-      const answer = await prompt('  Update PreToolUse hook to use Mstro bouncer? [y/N]: ');
-      update = answer === 'y' || answer === 'yes';
-    }
-
-    if (!update) {
-      log('  Keeping existing PreToolUse configuration', colors.dim);
-    } else {
-      settings.hooks.PreToolUse = bouncerHookConfig;
-      log('  Updated PreToolUse hook configuration', colors.green);
-    }
-  } else {
-    settings.hooks.PreToolUse = bouncerHookConfig;
-    log('  Added PreToolUse hook configuration', colors.green);
-  }
-
-  const settingsContent = JSON.stringify(settings, null, 2);
-  const settingsExists = existsSync(CLAUDE_SETTINGS_FILE);
-
-  if (settingsExists) {
-    const currentContent = readFileSync(CLAUDE_SETTINGS_FILE, 'utf-8');
-    if (currentContent === settingsContent) {
-      log('  No changes needed to settings.json', colors.dim);
-    } else {
-      const backupPath = `${CLAUDE_SETTINGS_FILE}.backup.${Date.now()}`;
-      writeFileSync(backupPath, currentContent);
-      log(`  Backed up existing settings to ${backupPath}`, colors.dim);
-      writeFileSync(CLAUDE_SETTINGS_FILE, settingsContent);
-      log(`  Updated ${CLAUDE_SETTINGS_FILE}`, colors.green);
-    }
-  } else {
-    writeFileSync(CLAUDE_SETTINGS_FILE, settingsContent);
-    log(`  Created ${CLAUDE_SETTINGS_FILE}`, colors.green);
-  }
-
-  log('  Done!\n', colors.green);
-  return settingsContent;
-}
-
-function printSummary(hookDest, settingsContent) {
-  log('=== Configuration Complete ===\n', colors.bold + colors.green);
-  log('The following files have been configured:', colors.bold);
-  log(`  ${CLAUDE_SETTINGS_FILE}`, colors.dim);
-  log(`  ${hookDest}`, colors.dim);
-  log('');
-  log('Your settings.json now contains:', colors.bold);
-  log(`${settingsContent.split('\n').map(l => `  ${l}`).join('\n')}`, colors.dim);
-  log('');
-  log('How the bouncer works:', colors.bold);
-  log('');
-  log('  Mstro sessions (headless): Full 2-layer security', colors.green);
-  log('    Layer 1: Pattern matching (<5ms) - instant allow/deny for known operations', colors.dim);
-  log('    Layer 2: AI analysis (~200-500ms) - context-aware review of ambiguous operations', colors.dim);
-  log('');
-  log('  Claude Code terminal REPL (claude): 1-layer security', colors.yellow);
-  log('    Layer 1: Pattern matching only - blocks critical threats (fork bombs,', colors.dim);
-  log('    destructive commands), allows everything else', colors.dim);
-  log('    The AI analysis layer requires a running mstro server.', colors.dim);
-  log('');
-  log('To disable the bouncer hook, remove the PreToolUse entry from', colors.dim);
-  log(`${CLAUDE_SETTINGS_FILE}`, colors.dim);
-  log('');
-}
-
-async function main() {
-  log('\n=== Mstro Claude Configuration ===\n', colors.bold + colors.blue);
-
-  const isInteractive = process.stdin.isTTY;
-  const forceYes = process.argv.includes('--yes') || process.argv.includes('-y');
-
-  ensureDirectories();
-  const hookDest = await installBouncerHook(forceYes, isInteractive);
-  const settingsContent = await configureSettings(hookDest, forceYes, isInteractive);
-  printSummary(hookDest, settingsContent);
-}
-
-main().catch((err) => {
-  log(`\nError: ${err.message}`, colors.red);
-  process.exit(1);
-});

package/dist/server/mcp/bouncer-cli.d.ts

@@ -1,3 +0,0 @@
-#!/usr/bin/env node
-export {};
-//# sourceMappingURL=bouncer-cli.d.ts.map

package/dist/server/mcp/bouncer-cli.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"bouncer-cli.d.ts","sourceRoot":"","sources":["../../../server/mcp/bouncer-cli.ts"],"names":[],"mappings":""}

package/dist/server/mcp/bouncer-cli.js

@@ -1,138 +0,0 @@
-#!/usr/bin/env node
-// Copyright (c) 2025-present Mstro, Inc. All rights reserved.
-// Licensed under the MIT License. See LICENSE file for details.
-/**
- * Bouncer CLI - Shell-callable wrapper for Mstro security bouncer
- *
- * This CLI reads Claude Code hook input from stdin and returns a security decision.
- * It's designed to be called from bouncer.sh.
- *
- * Input (stdin): Claude Code PreToolUse hook JSON payload
- * Output (stdout): JSON decision { decision: "allow"|"deny", reason: string }
- *
- * The hook payload includes conversation context that we pass to the bouncer
- * so it can make context-aware decisions.
- */
-import { reviewOperation } from './bouncer-integration.js';
-/**
- * Read all data from stdin (Node.js compatible)
- */
-async function readStdin() {
-    return new Promise((resolve, reject) => {
-        const chunks = [];
-        process.stdin.on('data', (chunk) => chunks.push(chunk));
-        process.stdin.on('end', () => resolve(Buffer.concat(chunks).toString('utf-8').trim()));
-        process.stdin.on('error', reject);
-    });
-}
-function buildOperationString(toolName, toolInput) {
-    if (toolName === 'Bash' && toolInput.command) {
-        return `${toolName}: ${toolInput.command}`;
-    }
-    if (['Write', 'Edit', 'Read'].includes(toolName)) {
-        const filePath = toolInput.file_path || toolInput.filePath || toolInput.path;
-        return filePath ? `${toolName}: ${filePath}` : `${toolName}: ${JSON.stringify(toolInput)}`;
-    }
-    return `${toolName}: ${JSON.stringify(toolInput)}`;
-}
-/**
- * Detect whether the caller is Claude Code (vs mstro).
- * Claude Code includes hook_event_name in its payload.
- */
-function isClaudeCodeHook(hookInput) {
-    return hookInput.hook_event_name === 'PreToolUse';
-}
-/**
- * Format a bouncer decision for the calling system.
- * Claude Code expects: { hookSpecificOutput: { permissionDecision, ... } }
- * Mstro expects: { decision, reason, confidence, threatLevel, alternative }
- */
-function formatDecisionOutput(decision, claudeCode) {
-    const mappedDecision = decision.decision === 'deny' ? 'deny' : 'allow';
-    if (claudeCode) {
-        return JSON.stringify({
-            hookSpecificOutput: {
-                hookEventName: 'PreToolUse',
-                permissionDecision: mappedDecision,
-                permissionDecisionReason: decision.reasoning,
-            },
-        });
-    }
-    return JSON.stringify({
-        decision: mappedDecision,
-        reason: decision.reasoning,
-        confidence: decision.confidence,
-        threatLevel: decision.threatLevel,
-        alternative: decision.alternative,
-    });
-}
-function formatSimpleOutput(d, reason, claudeCode) {
-    if (claudeCode) {
-        return JSON.stringify({
-            hookSpecificOutput: {
-                hookEventName: 'PreToolUse',
-                permissionDecision: d,
-                permissionDecisionReason: reason,
-            },
-        });
-    }
-    return JSON.stringify({ decision: d, reason });
-}
-function extractConversationContext(hookInput) {
-    const lastUserMessage = hookInput.conversation?.last_user_message;
-    if (lastUserMessage)
-        return `User's request: "${lastUserMessage}"`;
-    const recentMessages = hookInput.conversation?.messages?.slice(-5);
-    if (recentMessages?.length) {
-        return `Recent conversation:\n${recentMessages.map(m => `${m.role}: ${m.content}`).join('\n')}`;
-    }
-    return undefined;
-}
-async function main() {
-    const inputStr = await readStdin();
-    if (!inputStr) {
-        // Can't detect caller without input — output both-compatible allow
-        console.log(JSON.stringify({ decision: 'allow', reason: 'Empty input, allowing' }));
-        process.exit(0);
-    }
-    let hookInput;
-    try {
-        hookInput = JSON.parse(inputStr);
-    }
-    catch (e) {
-        console.error('[bouncer-cli] Failed to parse input JSON:', e);
-        console.log(JSON.stringify({ decision: 'allow', reason: 'Invalid JSON input, allowing' }));
-        process.exit(0);
-    }
-    const claudeCode = isClaudeCodeHook(hookInput);
-    const toolName = hookInput.tool_name || hookInput.toolName || 'unknown';
-    // Claude Code: tool_input, mstro: input/toolInput
-    const toolInput = hookInput.tool_input || hookInput.input || hookInput.toolInput || {};
-    const userRequestContext = extractConversationContext(hookInput);
-    const lastUserMessage = hookInput.conversation?.last_user_message;
-    const recentMessages = hookInput.conversation?.messages?.slice(-5);
-    const bouncerRequest = {
-        operation: buildOperationString(toolName, toolInput),
-        context: {
-            purpose: userRequestContext || 'Tool use request from Claude',
-            // Claude Code: cwd, mstro: working_directory
-            workingDirectory: hookInput.cwd || hookInput.working_directory || process.cwd(),
-            toolName,
-            toolInput,
-            userRequest: lastUserMessage,
-            conversationHistory: recentMessages?.map(m => `${m.role}: ${m.content}`),
-            sessionId: hookInput.session_id,
-        },
-    };
-    try {
-        const decision = await reviewOperation(bouncerRequest);
-        console.log(formatDecisionOutput(decision, claudeCode));
-    }
-    catch (error) {
-        const message = error instanceof Error ? error.message : String(error);
-        console.error('[bouncer-cli] Error:', message);
-        console.log(formatSimpleOutput('allow', `Bouncer error: ${message}. Allowing to avoid blocking.`, claudeCode));
-    }
-}
-main();
-//# sourceMappingURL=bouncer-cli.js.map

package/dist/server/mcp/bouncer-cli.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"bouncer-cli.js","sourceRoot":"","sources":["../../../server/mcp/bouncer-cli.ts"],"names":[],"mappings":";AACA,8DAA8D;AAC9D,gEAAgE;AAEhE;;;;;;;;;;;GAWG;AAEH,OAAO,EAA6B,eAAe,EAAE,MAAM,0BAA0B,CAAC;AA6BtF;;GAEG;AACH,KAAK,UAAU,SAAS;IACtB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QACxD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACvF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAgB,EAAE,SAAkC;IAChF,IAAI,QAAQ,KAAK,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QAC7C,OAAO,GAAG,QAAQ,KAAK,SAAS,CAAC,OAAO,EAAE,CAAC;IAC7C,CAAC;IACD,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjD,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,IAAI,SAAS,CAAC,QAAQ,IAAI,SAAS,CAAC,IAAI,CAAC;QAC7E,OAAO,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,KAAK,QAAQ,EAAE,CAAC,CAAC,CAAC,GAAG,QAAQ,KAAK,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;IAC7F,CAAC;IACD,OAAO,GAAG,QAAQ,KAAK,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;AACrD,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,SAAoB;IAC5C,OAAO,SAAS,CAAC,eAAe,KAAK,YAAY,CAAC;AACpD,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAC3B,QAAkH,EAClH,UAAmB;IAEnB,MAAM,cAAc,GAAG,QAAQ,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;IACvE,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,kBAAkB,EAAE;gBAClB,aAAa,EAAE,YAAY;gBAC3B,kBAAkB,EAAE,cAAc;gBAClC,wBAAwB,EAAE,QAAQ,CAAC,SAAS;aAC7C;SACF,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC;QACpB,QAAQ,EAAE,cAAc;QACxB,MAAM,EAAE,QAAQ,CAAC,SAAS;QAC1B,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,WAAW,EAAE,QAAQ,CAAC,WAAW;QACjC,WAAW,EAAE,QAAQ,CAAC,WAAW;KAClC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,kBAAkB,CAAC,CAAmB,EAAE,MAAc,EAAE,UAAmB;IAClF,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,kBAAkB,EAAE;gBAClB,aAAa,EAAE,YAAY;gBAC3B,kBAAkB,EAAE,CAAC;gBACrB,wBAAwB,EAAE,MAAM;aACjC;SACF,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;AACjD,CAAC;AAED,SAAS,0BAA0B,CAAC,SAAoB;IACtD,MAAM,eAAe,GAAG,SAAS,CAAC,YAAY,EAAE,iBAAiB,CAAC;IAClE,IAAI,eAAe;QAAE,OAAO,oBAAoB,eAAe,GAAG,CAAC;IAEnE,MAAM,cAAc,GAAG,SAAS,CAAC,YAAY,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACnE,IAAI,cAAc,EAAE,MAAM,EAAE,CAAC;QAC3B,OAAO,yBAAyB,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;IAClG,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,QAAQ,GAAG,MAAM,SAAS,EAAE,CAAC;IAEnC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,mEAAmE;QACnE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC,CAAC,CAAC;QACpF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,SAAoB,CAAC;IACzB,IAAI,CAAC;QACH,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,2CAA2C,EAAE,CAAC,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,8BAA8B,EAAE,CAAC,CAAC,CAAC;QAC3F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,UAAU,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;IAC/C,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,IAAI,SAAS,CAAC,QAAQ,IAAI,SAAS,CAAC;IACxE,kDAAkD;IAClD,MAAM,SAAS,GAAG,SAAS,CAAC,UAAU,IAAI,SAAS,CAAC,KAAK,IAAI,SAAS,CAAC,SAAS,IAAI,EAAE,CAAC;IACvF,MAAM,kBAAkB,GAAG,0BAA0B,CAAC,SAAS,CAAC,CAAC;IACjE,MAAM,eAAe,GAAG,SAAS,CAAC,YAAY,EAAE,iBAAiB,CAAC;IAClE,MAAM,cAAc,GAAG,SAAS,CAAC,YAAY,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAEnE,MAAM,cAAc,GAAyB;QAC3C,SAAS,EAAE,oBAAoB,CAAC,QAAQ,EAAE,SAAS,CAAC;QACpD,OAAO,EAAE;YACP,OAAO,EAAE,kBAAkB,IAAI,8BAA8B;YAC7D,6CAA6C;YAC7C,gBAAgB,EAAE,SAAS,CAAC,GAAG,IAAI,SAAS,CAAC,iBAAiB,IAAI,OAAO,CAAC,GAAG,EAAE;YAC/E,QAAQ;YACR,SAAS;YACT,WAAW,EAAE,eAAe;YAC5B,mBAAmB,EAAE,cAAc,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;YACxE,SAAS,EAAE,SAAS,CAAC,UAAU;SAChC;KACF,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,cAAc,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC;IAC1D,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,OAAO,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,OAAO,EAAE,kBAAkB,OAAO,+BAA+B,EAAE,UAAU,CAAC,CAAC,CAAC;IACjH,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC"}

package/hooks/bouncer.sh

@@ -1,159 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) 2025-present Mstro, Inc. All rights reserved.
-# Licensed under the MIT License. See LICENSE file for details.
-
-#
-# Mstro Bouncer Gate - Claude Code Hook
-#
-# This hook intercepts Claude Code tool calls and routes them through
-# the Mstro bouncer for security analysis before execution.
-#
-# Installation:
-#   Run: npx mstro --configure-hooks
-#
-# Dependencies: Node.js (no jq or bun required)
-#
-
-set -euo pipefail
-
-# Configuration - MSTRO_BOUNCER_CLI is set by configure-claude.js
-BOUNCER_CLI="${MSTRO_BOUNCER_CLI:-}"
-BOUNCER_TIMEOUT="${BOUNCER_TIMEOUT:-10}"
-BOUNCER_LOG="${BOUNCER_LOG:-$HOME/.claude/logs/bouncer.log}"
-
-# Ensure log directory exists
-mkdir -p "$(dirname "$BOUNCER_LOG")"
-
-# Read hook input from stdin (JSON format from Claude Code)
-INPUT=$(cat)
-
-# Use Node.js inline to parse JSON and handle logic (eliminates jq dependency)
-RESULT=$(node --input-type=module -e "
-import { spawn } from 'child_process';
-import { appendFileSync } from 'fs';
-
-const input = JSON.parse(process.argv[1]);
-const bouncerCli = process.argv[2];
-const timeout = parseInt(process.argv[3], 10) * 1000;
-const logFile = process.argv[4];
-
-const toolName = input.tool_name || input.toolName || 'unknown';
-// Claude Code: tool_input, mstro: input/toolInput
-const toolInput = input.tool_input || input.input || input.toolInput || {};
-const isClaudeCode = input.hook_event_name === 'PreToolUse';
-
-function log(msg) {
-  const timestamp = new Date().toISOString();
-  appendFileSync(logFile, \`[\${timestamp}] \${msg}\n\`);
-}
-
-function output(decision, reason) {
-  if (isClaudeCode) {
-    console.log(JSON.stringify({
-      hookSpecificOutput: {
-        hookEventName: 'PreToolUse',
-        permissionDecision: decision,
-        permissionDecisionReason: reason,
-      },
-    }));
-  } else {
-    console.log(JSON.stringify({ decision, reason }));
-  }
-}
-
-// Quick path for read-only and side-effect-free operations
-const safeOps = ['Read', 'Glob', 'Grep', 'Search', 'List', 'WebFetch', 'WebSearch',
-  'ExitPlanMode', 'EnterPlanMode', 'TodoWrite', 'AskUserQuestion'];
-if (safeOps.includes(toolName)) {
-  output('allow', 'Safe operation (no dangerous side effects)');
-  process.exit(0);
-}
-
-// Quick path for malformed tool calls with empty params (no-ops)
-if (Object.keys(toolInput).length === 0 && ['Edit', 'Write'].includes(toolName)) {
-  output('allow', 'Empty parameters - no-op');
-  process.exit(0);
-}
-
-// Build operation string for logging
-let operation = toolName + ': ';
-if (toolName === 'Bash' && toolInput.command) {
-  operation += toolInput.command;
-} else if (['Write', 'Edit'].includes(toolName)) {
-  operation += toolInput.file_path || toolInput.filePath || toolInput.path || JSON.stringify(toolInput);
-} else {
-  operation += JSON.stringify(toolInput);
-}
-
-log('Analyzing: ' + toolName);
-
-// Check if bouncer CLI is available
-if (bouncerCli) {
-  try {
-    const child = spawn('node', [bouncerCli], {
-      stdio: ['pipe', 'pipe', 'pipe'],
-      timeout: timeout
-    });
-
-    let stdout = '';
-    let stderr = '';
-
-    child.stdout.on('data', (data) => { stdout += data; });
-    child.stderr.on('data', (data) => { stderr += data; });
-
-    child.stdin.write(JSON.stringify(input));
-    child.stdin.end();
-
-    child.on('close', (code) => {
-      if (stderr) log('Bouncer stderr: ' + stderr);
-
-      if (code === 0 && stdout.trim()) {
-        try {
-          const result = JSON.parse(stdout.trim());
-          const d = result.decision || result.hookSpecificOutput?.permissionDecision || 'unknown';
-          const r = result.reason || result.hookSpecificOutput?.permissionDecisionReason || '';
-          log(d + ': ' + operation + ' - ' + r);
-          console.log(stdout.trim());
-        } catch {
-          log('allow (parse error): ' + operation);
-          output('allow', 'Bouncer response parse error, allowing');
-        }
-      } else {
-        log('allow (bouncer error): ' + operation);
-        output('allow', 'Bouncer error, allowing');
-      }
-    });
-
-    child.on('error', (err) => {
-      log('allow (spawn error): ' + operation + ' - ' + err.message);
-      output('allow', 'Bouncer spawn error, allowing');
-    });
-
-  } catch (err) {
-    log('allow (exception): ' + operation + ' - ' + err.message);
-    output('allow', 'Bouncer exception, allowing');
-  }
-} else {
-  // Fallback: critical threat pattern matching only
-  const criticalPatterns = [
-    { pattern: /rm\s+-rf\s+(\/|~)(\$|\s)/, reason: 'Critical threat: recursive delete of root or home' },
-    { pattern: /:\(\)\{.*\}|:\(\)\{.*:\|:/, reason: 'Critical threat: fork bomb detected' },
-    { pattern: /dd\s+if=\/dev\/zero\s+of=\/dev\/sd/, reason: 'Critical threat: disk overwrite' },
-    { pattern: /mkfs\s+\/dev\/sd/, reason: 'Critical threat: filesystem format' },
-    { pattern: />\s*\/dev\/sd/, reason: 'Critical threat: direct disk write' },
-  ];
-
-  for (const { pattern, reason } of criticalPatterns) {
-    if (pattern.test(operation)) {
-      log('DENIED: ' + operation + ' - ' + reason);
-      output('deny', reason);
-      process.exit(0);
-    }
-  }
-
-  log('allow (fallback): ' + operation);
-  output('allow', 'Basic pattern check passed');
-}
-" "$INPUT" "$BOUNCER_CLI" "$BOUNCER_TIMEOUT" "$BOUNCER_LOG" 2>> "$BOUNCER_LOG")
-
-echo "$RESULT"