oh-my-customcode 0.78.3 → 0.79.0

package/dist/cli/index.js

@@ -9325,7 +9325,7 @@ var init_package = __esm(() => {
     workspaces: [
       "packages/*"
     ],
-    version: "0.78.3",
+    version: "0.79.0",
     description: "Batteries-included agent harness for Claude Code",
     type: "module",
     bin: {

package/dist/index.js

@@ -1820,7 +1820,7 @@ var package_default = {
   workspaces: [
     "packages/*"
   ],
-  version: "0.78.3",
+  version: "0.79.0",
   description: "Batteries-included agent harness for Claude Code",
   type: "module",
   bin: {

package/package.json

@@ -3,7 +3,7 @@
   "workspaces": [
     "packages/*"
   ],
-  "version": "0.78.3",
+  "version": "0.79.0",
   "description": "Batteries-included agent harness for Claude Code",
   "type": "module",
   "bin": {

package/templates/.claude/hooks/hooks.json

@@ -92,6 +92,16 @@
         ],
         "description": "RTK auto-intercept — transparently rewrites CLI commands through RTK proxy when available (R015 advisory)"
       },
+      {
+        "matcher": "tool == \"Bash\" && tool_input.command matches \"(rm|git rm|mv|unlink|claude/rules)\"",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bash .claude/hooks/scripts/rule-deletion-guard.sh"
+          }
+        ],
+        "description": "Block rule file deletion — requires individual user confirmation per rule (R001 safety)"
+      },
       {
         "matcher": "tool == \"Task\" || tool == \"Agent\"",
         "hooks": [

package/templates/.claude/hooks/scripts/rule-deletion-guard.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+# rule-deletion-guard.sh — Block rule file deletion without individual user confirmation
+# Requires: jq
+
+set -uo pipefail
+
+input=$(cat)
+
+# Dependency check — allow if jq missing
+if ! command -v jq &>/dev/null; then
+  echo "$input"
+  exit 0
+fi
+
+# Parse tool input
+tool=$(echo "$input" | jq -r '.tool // ""' 2>/dev/null) || { echo "$input"; exit 0; }
+cmd=$(echo "$input" | jq -r '.tool_input.command // ""' 2>/dev/null) || { echo "$input"; exit 0; }
+
+# Only check Bash tool
+if [ "$tool" != "Bash" ]; then
+  echo "$input"
+  exit 0
+fi
+
+# Check if command would delete parent directories containing rules
+if echo "$cmd" | grep -qE '(^|\s)(rm|git\s+rm|mv|unlink)\s' && echo "$cmd" | grep -qE '\.claude/?(\s|$)'; then
+  echo "[Hook] ⛔ RULE DELETION BLOCKED — Parent directory deletion detected" >&2
+  echo "[Hook] This command would delete the entire .claude/ directory including all rules." >&2
+  echo "[Hook] Delete rules individually with user confirmation." >&2
+  exit 2
+fi
+
+# Check if command targets .claude/rules/ for deletion (including mv, unlink)
+if echo "$cmd" | grep -qE '(^|\s)(rm|git\s+rm|mv|unlink)\s' && echo "$cmd" | grep -qE '\.claude/rules(/|\s|$)'; then
+  # Extract target files
+  targets=$(echo "$cmd" | grep -oE '\.claude/rules/[^ ]+' | tr '\n' ', ' | sed 's/,$//')
+  target_count=$(echo "$cmd" | grep -oE '\.claude/rules/[^ ]+' | wc -l | tr -d ' ')
+
+  # Check for glob/wildcard patterns or multiple targets
+  if echo "$cmd" | grep -qE '\.claude/rules/\*|\.claude/rules/[^ ]*\*' || [ "$target_count" -gt 1 ]; then
+    echo "[Hook] ⛔ RULE DELETION BLOCKED — Multiple rules detected" >&2
+    echo "[Hook] Targets: $targets" >&2
+    echo "[Hook] Rule files must be deleted ONE AT A TIME with user confirmation." >&2
+    echo "[Hook] Delete each rule individually after asking: \"정말 {파일명}을(를) 삭제하시겠습니까?\"" >&2
+    exit 2
+  fi
+
+  # Single rule file
+  filename=$(basename "$targets" 2>/dev/null || echo "$targets")
+  echo "[Hook] ⛔ RULE DELETION BLOCKED" >&2
+  echo "[Hook] Target: $filename" >&2
+  echo "[Hook] Rule files require individual user confirmation before deletion." >&2
+  echo "[Hook] Ask the user: \"정말 ${filename}을(를) 삭제하시겠습니까?\"" >&2
+  echo "[Hook] Only proceed after explicit user approval." >&2
+  exit 2
+fi
+
+# Not a rule deletion — pass through
+echo "$input"
+exit 0

package/templates/.claude/rules/MUST-agent-design.md

@@ -59,8 +59,11 @@ limitations:               # Negative capability declarations
   - "cannot execute tests"
   - "cannot modify code"
 domain: backend              # backend | frontend | data-engineering | devops | universal
+disableSkillShellExecution: true  # Disable inline shell execution in skills (v2.1.91+)
 ```
 
+> **Note**: When `disableSkillShellExecution` is enabled (v2.1.91+), skills that rely on inline shell execution (e.g., `codex-exec`, `gemini-exec`, `rtk-exec`) will have their shell blocks disabled. This is a security hardening option.
+
 > **Note**: `isolation`, `background`, `maxTurns`, `maxTokens`, `mcpServers`, `hooks`, `permissionMode`, `disallowedTools`, `limitations` are supported in Claude Code v2.1.63+. Hook types `PostCompact`, `Elicitation`, `ElicitationResult` require v2.1.76+. `CwdChanged`, `FileChanged` hook events and `managed-settings.d/` drop-in directory require v2.1.83+. Conditional `if` field for hooks requires v2.1.85+.
 
 ## Hook Event Types
@@ -99,6 +102,17 @@ All supported hook event types in Claude Code. Agents and skills can reference t
 | `http` | POST to HTTP endpoint | External integrations, webhooks |
 | `agent` | Spawn agent to handle event | Complex event-driven workflows |
 
+### PreToolUse Hook Return Values
+
+| Return | Behavior | CC Version |
+|--------|----------|------------|
+| `exit 0` | Allow tool execution | All |
+| `exit 1` | Block silently | All |
+| `exit 2` + stderr | Block with message | All |
+| `{"decision": "defer"}` | Pause execution; resume with `-p --resume` | v2.1.89+ |
+
+The `defer` decision allows headless sessions to pause at a tool call for human review.
+
 ### Hook Matcher Syntax
 
 ```yaml
@@ -225,6 +239,12 @@ Fast Mode uses the same model with faster output. Activated via `/fast` toggle o
 
 When Fast Mode is active, it reduces effective reasoning depth but does NOT override the `effort` frontmatter field. The effort field controls task complexity allocation; Fast Mode controls output generation speed.
 
+### Default Effort Change (CC v2.1.94+)
+
+Starting with Claude Code v2.1.94, the default effort level changed from `medium` to `high` for API-key, Bedrock/Vertex/Foundry, Team, and Enterprise users. Console (free-tier) users retain `medium` as the default.
+
+This means agents WITHOUT an explicit `effort` field now run at `high` effort by default on paid tiers. To maintain previous behavior, set `effort: medium` explicitly in agent frontmatter.
+
 ## Skill Frontmatter
 
 Location: `.claude/skills/{name}/SKILL.md`
@@ -255,6 +275,7 @@ hooks:                             # Skill-specific hooks (same syntax as agent
 paths: ["src/**/*.ts"]             # Conditional loading — skill auto-injected when matching files are open
 shell: "bash"                      # Shell for embedded script execution
 allowed-tools: [Read, Write, Bash] # Restrict tools available during skill execution
+keep-coding-instructions: true     # Preserve coding instructions in plugin output styles (v2.1.94+)
 ```
 
 When both an agent and its invoked skill specify `effort`, the skill's value takes precedence (more specific invocation-time setting).

package/templates/.claude/rules/MUST-enforcement-policy.md

@@ -10,7 +10,7 @@ oh-my-customcode uses an **advisory-first enforcement model**. Most rules are en
 
 | Tier | Mechanism | Rules | Behavior |
 |------|-----------|-------|----------|
-| Hard Block | PreToolUse hook, exit 1 | stage-blocker, dev-server tmux | Prevents tool execution |
+| Hard Block | PreToolUse hook, exit 2 | stage-blocker, dev-server tmux, rule-deletion-guard | Prevents tool execution |
 | Soft Block | Stop hook prompt | R011 session-end saves | Auto-performs then approves |
 | Advisory | PostToolUse hooks | R007, R008, R009, R010, R018 | Warns via stderr, never blocks |
 | Prompt-based | CLAUDE.md + rules/ + PostCompact | All MUST rules | Behavioral guidance in context |
@@ -33,6 +33,12 @@ If advisory enforcement proves insufficient for specific rules, these are candid
 
 Promotion requires: (1) measured violation rate data, (2) user approval, (3) rollback plan.
 
+### Promoted to Hard Block
+
+| Hook | Date | Justification |
+|------|------|---------------|
+| `rule-deletion-guard.sh` | 2026-04-08 | User-requested: rule files must require individual confirmation before deletion. Prevents accidental bulk deletion of project rules. |
+
 ## Integration
 
 | Rule | Interaction |

package/templates/manifest.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.78.3",
+  "version": "0.79.0",
   "lastUpdated": "2026-03-24T00:00:00.000Z",
   "components": [
     {