oh-my-customcode 0.36.1 → 0.36.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "oh-my-customcode",
-  "version": "0.36.1",
+  "version": "0.36.2",
   "description": "Batteries-included agent harness for Claude Code",
   "type": "module",
   "bin": {

package/templates/.claude/hooks/hooks.json

@@ -72,6 +72,16 @@
         ],
         "description": "Validate file content hash before Edit — advisory staleness warning"
       },
+      {
+        "matcher": "tool == \"Write\" || tool == \"Edit\" || tool == \"Bash\"",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bash .claude/hooks/scripts/schema-validator.sh"
+          }
+        ],
+        "description": "Schema-based tool input validation — Phase 1 advisory only"
+      },
       {
         "matcher": "tool == \"Task\" || tool == \"Agent\"",
         "hooks": [
@@ -222,6 +232,26 @@
         ],
         "description": "Context budget advisor — track tool usage patterns and advise ecomode activation"
       },
+      {
+        "matcher": "tool == \"Edit\" || tool == \"Write\" || tool == \"Bash\" || tool == \"Task\" || tool == \"Agent\"",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bash .claude/hooks/scripts/stuck-detector.sh"
+          }
+        ],
+        "description": "Detect repetitive failure loops and advise recovery strategies"
+      },
+      {
+        "matcher": "tool == \"Edit\" || tool == \"Write\" || tool == \"Bash\" || tool == \"Task\" || tool == \"Agent\"",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bash .claude/hooks/scripts/cost-cap-advisor.sh"
+          }
+        ],
+        "description": "Advisory cost cap monitoring — warn when session cost approaches configurable limit"
+      },
       {
         "matcher": "tool == \"Read\"",
         "hooks": [
@@ -233,24 +263,24 @@
         "description": "Store content hashes for Read operations — enables Edit staleness detection"
       },
       {
-        "matcher": "tool == \"Edit\" || tool == \"Write\" || tool == \"Bash\" || tool == \"Task\" || tool == \"Agent\"",
+        "matcher": "tool == \"Bash\" || tool == \"Read\"",
         "hooks": [
           {
             "type": "command",
-            "command": "bash .claude/hooks/scripts/stuck-detector.sh"
+            "command": "bash .claude/hooks/scripts/secret-filter.sh"
           }
         ],
-        "description": "Detect repetitive failure loops and advise recovery strategies"
+        "description": "Detect potential secrets in Bash/Read output — advisory warning only"
       },
       {
-        "matcher": "tool == \"Edit\" || tool == \"Write\" || tool == \"Bash\" || tool == \"Task\" || tool == \"Agent\"",
+        "matcher": "tool == \"Edit\" || tool == \"Write\" || tool == \"Bash\" || tool == \"Agent\"",
         "hooks": [
           {
             "type": "command",
-            "command": "bash .claude/hooks/scripts/cost-cap-advisor.sh"
+            "command": "bash .claude/hooks/scripts/audit-log.sh"
           }
         ],
-        "description": "Advisory cost cap monitoring — warn when session cost approaches configurable limit"
+        "description": "Append-only audit log for state-changing tool operations"
       }
     ],
     "Stop": [
@@ -269,7 +299,7 @@
         "hooks": [
           {
             "type": "prompt",
-            "prompt": "Session-end memory checkpoint (R011 enforcement). Check conversation history for these 3 steps: 1) sys-memory-keeper was delegated to update MEMORY.md 2) claude-mem save was attempted via ToolSearch + mcp__plugin_claude-mem_mcp-search__save_memory 3) episodic-memory verification was attempted via ToolSearch + mcp__plugin_episodic-memory_episodic-memory__search. Decision rules: If ALL 3 were attempted (success or failure both count): approve. If MCP tools are unavailable after ToolSearch attempt: approve with note. If session had no explicit session-end signal from user (quick question, no memory work): approve. If any step was NOT attempted despite user signaling session end: block with systemMessage listing the missing steps."
+            "prompt": "Session-end memory checkpoint (R011 enforcement). Check conversation history for these 2 steps: 1) sys-memory-keeper was delegated to update MEMORY.md 2) claude-mem save was attempted via ToolSearch + mcp__plugin_claude-mem_mcp-search__save_memory. Note: episodic-memory auto-indexes after session — no manual verification needed. Decision rules: If BOTH were attempted (success or failure both count): approve. If MCP tools are unavailable after ToolSearch attempt: approve with note. If session had no explicit session-end signal from user (quick question, no memory work): approve. If any step was NOT attempted despite user signaling session end: block with systemMessage listing the missing steps."
           }
         ],
         "description": "Enforce R011 session-end memory saves — block stop if claude-mem or episodic-memory saves were skipped"

package/templates/.claude/hooks/scripts/audit-log.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+# Audit Log Hook — Append-only JSONL persistence
+# Trigger: PostToolUse on Edit, Write, Bash, Agent
+# Purpose: Persistent audit trail for security and compliance
+# Protocol: stdin JSON -> log entry -> stdout pass-through
+# Always exits 0 (advisory only)
+
+set -euo pipefail
+
+input=$(cat)
+
+# Extract fields from hook input
+tool_name=$(echo "$input" | jq -r '.tool_name // "unknown"')
+file_path=$(echo "$input" | jq -r '.tool_input.file_path // .tool_input.command // ""' | head -c 200)
+agent_type=$(echo "$input" | jq -r '.agent_type // "unknown"')
+model=$(echo "$input" | jq -r '.model // "unknown"')
+is_error=$(echo "$input" | jq -r '.tool_output.is_error // false')
+timestamp=$(date -u +%Y-%m-%dT%H:%M:%SZ)
+
+# Determine outcome
+if [ "$is_error" = "true" ]; then
+  outcome="error"
+else
+  outcome="success"
+fi
+
+# Audit log location
+AUDIT_LOG="${HOME}/.claude/audit.jsonl"
+
+# Ensure directory exists
+mkdir -p "$(dirname "$AUDIT_LOG")"
+
+# Write audit entry (append-only JSONL)
+jq -cn \
+  --arg ts "$timestamp" \
+  --arg tool "$tool_name" \
+  --arg path "$file_path" \
+  --arg agent "$agent_type" \
+  --arg model "$model" \
+  --arg outcome "$outcome" \
+  --arg ppid "${PPID}" \
+  '{timestamp: $ts, tool: $tool, path: $path, agent_type: $agent, model: $model, outcome: $outcome, session_ppid: $ppid}' \
+  >> "$AUDIT_LOG" 2>/dev/null || true
+
+# Daily rotation check (rotate if > 10MB)
+if [ -f "$AUDIT_LOG" ]; then
+  file_size=$(stat -f%z "$AUDIT_LOG" 2>/dev/null || stat -c%s "$AUDIT_LOG" 2>/dev/null || echo "0")
+  if [ "$file_size" -gt 10485760 ]; then
+    mv "$AUDIT_LOG" "${AUDIT_LOG}.$(date -u +%Y%m%d%H%M%S)" 2>/dev/null || true
+  fi
+fi
+
+# Pass through
+echo "$input"
+exit 0

package/templates/.claude/hooks/scripts/schema-validator.sh

@@ -0,0 +1,88 @@
+#!/bin/bash
+# Schema Validator Hook — PreToolUse input validation
+# Trigger: PreToolUse on Write, Edit, Bash
+# Purpose: Validate tool inputs against JSON Schema definitions
+# Phase 1: Advisory only (exit 0 with stderr warning)
+# Protocol: stdin JSON -> validate -> stdout pass-through
+
+set -euo pipefail
+
+input=$(cat)
+
+# Extract tool info
+tool_name=$(echo "$input" | jq -r '.tool_name // "unknown"')
+tool_input=$(echo "$input" | jq -r '.tool_input // {}')
+
+SCHEMA_FILE=".claude/schemas/tool-inputs.json"
+
+# Skip if schema file doesn't exist
+if [ ! -f "$SCHEMA_FILE" ]; then
+  echo "$input"
+  exit 0
+fi
+
+warnings=()
+
+case "$tool_name" in
+  "Write")
+    file_path=$(echo "$tool_input" | jq -r '.file_path // ""')
+    content=$(echo "$tool_input" | jq -r '.content // ""')
+
+    if [ -z "$file_path" ]; then
+      warnings+=("[Schema] Write: file_path is empty or missing")
+    fi
+    if [ -z "$content" ]; then
+      warnings+=("[Schema] Write: content is empty — creating empty file?")
+    fi
+    ;;
+
+  "Edit")
+    file_path=$(echo "$tool_input" | jq -r '.file_path // ""')
+    old_string=$(echo "$tool_input" | jq -r '.old_string // ""')
+    new_string=$(echo "$tool_input" | jq -r '.new_string // ""')
+
+    if [ -z "$file_path" ]; then
+      warnings+=("[Schema] Edit: file_path is empty or missing")
+    fi
+    if [ -z "$old_string" ]; then
+      warnings+=("[Schema] Edit: old_string is empty")
+    fi
+    if [ "$old_string" = "$new_string" ]; then
+      warnings+=("[Schema] Edit: old_string equals new_string — no-op edit")
+    fi
+    ;;
+
+  "Bash")
+    command=$(echo "$tool_input" | jq -r '.command // ""')
+
+    if [ -z "$command" ]; then
+      warnings+=("[Schema] Bash: command is empty")
+    fi
+
+    # Check dangerous patterns
+    if echo "$command" | grep -qE 'rm\s+-rf\s+/[^.]'; then
+      warnings+=("[Schema] Bash: DANGER — recursive delete from root detected")
+    fi
+    if echo "$command" | grep -qE '^\s*sudo\s+'; then
+      warnings+=("[Schema] Bash: elevated privilege command detected")
+    fi
+    if echo "$command" | grep -qE '> /dev/sd'; then
+      warnings+=("[Schema] Bash: direct disk write detected")
+    fi
+    if echo "$command" | grep -qE 'mkfs\.'; then
+      warnings+=("[Schema] Bash: filesystem format command detected")
+    fi
+    ;;
+esac
+
+# Output warnings (advisory only)
+if [ ${#warnings[@]} -gt 0 ]; then
+  for w in "${warnings[@]}"; do
+    echo "$w" >&2
+  done
+  echo "[Schema] Phase 1: advisory only — not blocking" >&2
+fi
+
+# Always pass through (Phase 1)
+echo "$input"
+exit 0

package/templates/.claude/hooks/scripts/secret-filter.sh

@@ -0,0 +1,67 @@
+#!/bin/bash
+# Secret Output Filter Hook — Detect potential secrets in tool output
+# Trigger: PostToolUse on Bash, Read
+# Purpose: Advisory warning when potential secrets detected in output
+# Protocol: stdin JSON -> scan -> stdout pass-through
+# Always exits 0 (advisory only, never blocks)
+
+set -euo pipefail
+
+input=$(cat)
+
+# Extract output to scan
+tool_name=$(echo "$input" | jq -r '.tool_name // "unknown"')
+output=$(echo "$input" | jq -r '.tool_output.output // ""')
+
+# Skip if no output
+if [ -z "$output" ] || [ "$output" = "null" ]; then
+  echo "$input"
+  exit 0
+fi
+
+# Secret patterns to detect
+detected=false
+
+# AWS Access Key ID
+if echo "$output" | grep -qE 'AKIA[0-9A-Z]{16}'; then
+  echo "[Security] Potential AWS Access Key detected in ${tool_name} output" >&2
+  detected=true
+fi
+
+# OpenAI/Anthropic API Key
+if echo "$output" | grep -qE 'sk-[a-zA-Z0-9]{32,}'; then
+  echo "[Security] Potential API key (sk-*) detected in ${tool_name} output" >&2
+  detected=true
+fi
+
+# GitHub Personal Access Token
+if echo "$output" | grep -qE 'ghp_[a-zA-Z0-9]{36}'; then
+  echo "[Security] Potential GitHub PAT detected in ${tool_name} output" >&2
+  detected=true
+fi
+
+# Private Key
+if echo "$output" | grep -qE '-----BEGIN.*PRIVATE KEY-----'; then
+  echo "[Security] Potential private key detected in ${tool_name} output" >&2
+  detected=true
+fi
+
+# Bearer Token (long)
+if echo "$output" | grep -qE 'Bearer [a-zA-Z0-9._-]{20,}'; then
+  echo "[Security] Potential Bearer token detected in ${tool_name} output" >&2
+  detected=true
+fi
+
+# GitHub OAuth Token
+if echo "$output" | grep -qE 'gho_[a-zA-Z0-9]{36}'; then
+  echo "[Security] Potential GitHub OAuth token detected in ${tool_name} output" >&2
+  detected=true
+fi
+
+if [ "$detected" = true ]; then
+  echo "[Security] Review output carefully — do NOT commit or expose secrets" >&2
+fi
+
+# Pass through (always)
+echo "$input"
+exit 0

package/templates/.claude/hooks/scripts/session-compliance-report.sh

@@ -0,0 +1,65 @@
+#!/bin/bash
+# Stop hook: Session compliance report (R265 Phase 1)
+# Reads violation logs collected by PreToolUse hooks during the session
+# Advisory only — never blocks session termination
+# Ref: https://github.com/baekenough/oh-my-customcode/issues/265
+
+set -euo pipefail
+
+input=$(cat)
+
+VIOLATIONS_FILE="/tmp/.claude-violations-${PPID}"
+TASK_COUNT_FILE="/tmp/.claude-task-count-${PPID}"
+
+echo "" >&2
+echo "╔══════════════════════════════════════════════╗" >&2
+echo "║        Session Compliance Report             ║" >&2
+echo "╚══════════════════════════════════════════════╝" >&2
+
+# Count total Agent/Task calls
+if [ -f "$TASK_COUNT_FILE" ]; then
+  TOTAL_TASKS=$(cat "$TASK_COUNT_FILE")
+  echo "[Compliance] Agent/Task calls this session: ${TOTAL_TASKS}" >&2
+else
+  TOTAL_TASKS=0
+  echo "[Compliance] Agent/Task calls this session: 0" >&2
+fi
+
+# Check violations
+if [ -f "$VIOLATIONS_FILE" ] && [ -s "$VIOLATIONS_FILE" ]; then
+  VIOLATION_COUNT=$(wc -l < "$VIOLATIONS_FILE" | tr -d ' ')
+  echo "[Compliance] Violations detected: ${VIOLATION_COUNT}" >&2
+  echo "" >&2
+
+  # Group by rule
+  R010_COUNT=$(grep -c '"rule":"R010"' "$VIOLATIONS_FILE" 2>/dev/null || echo "0")
+  R018_COUNT=$(grep -c '"rule":"R018"' "$VIOLATIONS_FILE" 2>/dev/null || echo "0")
+
+  if [ "$R010_COUNT" -gt 0 ]; then
+    echo "  R010 (Git Delegation): ${R010_COUNT} violation(s)" >&2
+    grep '"rule":"R010"' "$VIOLATIONS_FILE" | jq -r '.detail' 2>/dev/null | while read -r detail; do
+      echo "    - ${detail}" >&2
+    done
+  fi
+
+  if [ "$R018_COUNT" -gt 0 ]; then
+    echo "  R018 (Agent Teams): ${R018_COUNT} violation(s)" >&2
+    grep '"rule":"R018"' "$VIOLATIONS_FILE" | jq -r '.detail' 2>/dev/null | while read -r detail; do
+      echo "    - ${detail}" >&2
+    done
+  fi
+
+  echo "" >&2
+  echo "[Compliance] Review violations above and consider rule updates per R016." >&2
+else
+  echo "[Compliance] No violations detected. All clear!" >&2
+fi
+
+echo "────────────────────────────────────────────────" >&2
+
+# Cleanup temp files (best effort)
+rm -f "$VIOLATIONS_FILE" 2>/dev/null || true
+
+# CRITICAL: Always pass through input and exit 0
+echo "$input"
+exit 0

package/templates/manifest.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.36.1",
+  "version": "0.36.2",
   "lastUpdated": "2026-03-14T00:00:00.000Z",
   "components": [
     {