oh-my-harness 0.5.0 → 0.6.0

package/dist/cli/commands/init.js

@@ -131,7 +131,10 @@ async function initWithNL(projectDir, presetsDir, options) {
     const stackNames = harness.project.stacks.map((s) => `${s.name} (${s.framework})`).join(", ");
     console.log(`\nStacks: ${stackNames}`);
     console.log(`Rules: ${harness.rules.length}`);
-    console.log(`Pre-commit checks: ${harness.enforcement.preCommit.join(", ") || "none"}`);
+    const { mergeEnforcementAndHooks } = await import("../../core/harness-converter.js");
+    const allHooks = mergeEnforcementAndHooks(harness);
+    const hookSummary = allHooks.map((h) => h.block).join(", ") || "none";
+    console.log(`Hooks: ${hookSummary}`);
     if (!options.yes) {
         const { confirm } = await import("@inquirer/prompts");
         const ok = await confirm({ message: "Proceed with this configuration?", default: true });

package/dist/cli/commands/test.js

@@ -3,9 +3,10 @@ import chalk from "chalk";
 import fs from "node:fs/promises";
 import path from "node:path";
 import yaml from "js-yaml";
-import { getRegisteredHooks, generateTestCases, generateBlockTestCases, runTestCase } from "../harness-tester.js";
+import { getRegisteredHooks, generateBlockTestCases, runTestCase } from "../harness-tester.js";
 import { checkHarnessCommands } from "../command-checker.js";
 import { HarnessConfigSchema } from "../../core/harness-schema.js";
+import { mergeEnforcementAndHooks } from "../../core/harness-converter.js";
 import { builtinBlocks } from "../../catalog/blocks/index.js";
 export function formatCategoryName(category) {
     const names = {
@@ -27,18 +28,14 @@ export async function testCommand(options = {}) {
     const projectDir = options.projectDir ?? process.cwd();
     // 1. harness.yaml 읽기
     const harnessPath = path.join(projectDir, "harness.yaml");
-    let enforcement = { blockedPaths: [], blockedCommands: [] };
     let hookEntries = [];
     try {
         const raw = await fs.readFile(harnessPath, "utf-8");
         const parsed = yaml.load(raw);
         const result = HarnessConfigSchema.safeParse(parsed);
         if (result.success) {
-            enforcement = {
-                blockedPaths: result.data.enforcement.blockedPaths,
-                blockedCommands: result.data.enforcement.blockedCommands,
-            };
-            hookEntries = result.data.hooks ?? [];
+            // Merge enforcement-derived hooks with explicit hooks
+            hookEntries = mergeEnforcementAndHooks(result.data);
         }
         else {
             console.log(chalk.yellow(`Warning: harness.yaml schema validation failed: ${result.error.message}`));
@@ -85,12 +82,8 @@ export async function testCommand(options = {}) {
     catch {
         // git 없으면 undefined
     }
-    const enforcementCases = generateTestCases(hooks, enforcement, currentBranch);
-    const blockCases = generateBlockTestCases(hookEntries, builtinBlocks, currentBranch);
-    // Block cases take priority — only keep enforcement cases for categories not covered by blocks
-    const blockCategories = new Set(blockCases.map((c) => c.category));
-    const uniqueEnforcementCases = enforcementCases.filter((c) => !blockCategories.has(c.category));
-    const testCases = [...uniqueEnforcementCases, ...blockCases];
+    // Generate test cases from block-based hooks only
+    const testCases = generateBlockTestCases(hookEntries, builtinBlocks, currentBranch);
     const results = [];
     // 카테고리별 그룹핑
     const categories = [...new Set(testCases.map((tc) => tc.category))];

package/dist/cli/harness-tester.d.ts

@@ -29,13 +29,9 @@ export declare function getRegisteredHooks(projectDir: string): Promise<{
     matcher: string;
     command: string;
 }[]>;
-export declare function generateTestCases(hooks: {
+export declare function runTestCase(projectDir: string, testCase: TestCase): Promise<TestResult>;
+export declare function generateBlockTestCases(hookEntries: HookEntry[], blocks: BuildingBlock[], currentBranch?: string, registeredHooks?: {
     event: string;
     matcher: string;
     command: string;
-}[], enforcement: {
-    blockedPaths?: string[];
-    blockedCommands?: string[];
-}, currentBranch?: string): TestCase[];
-export declare function runTestCase(projectDir: string, testCase: TestCase): Promise<TestResult>;
-export declare function generateBlockTestCases(hookEntries: HookEntry[], blocks: BuildingBlock[], currentBranch?: string): TestCase[];
+}[]): TestCase[];

package/dist/cli/harness-tester.js

@@ -69,104 +69,6 @@ export async function getRegisteredHooks(projectDir) {
     }
     return hooks;
 }
-// harness.yaml + settings.json에서 테스트 케이스 자동 생성
-export function generateTestCases(hooks, enforcement, currentBranch) {
-    const cases = [];
-    for (const hook of hooks) {
-        const scriptName = hook.command.replace(/^bash\s+/, "").replace(/^\.\//, "");
-        // path-guard / file-guard
-        if (scriptName.includes("file-guard") || scriptName.includes("path-guard")) {
-            for (const blocked of enforcement.blockedPaths ?? []) {
-                const testPath = blocked.endsWith("/")
-                    ? `${blocked}test-file.js`
-                    : blocked.startsWith("*")
-                        ? `test${blocked.slice(1)}`
-                        : blocked;
-                cases.push({
-                    name: `${testPath} → BLOCKED`,
-                    category: "path-guard",
-                    hookScript: scriptName,
-                    input: { tool_name: "Edit", tool_input: { file_path: testPath } },
-                    expectation: "block",
-                });
-            }
-            // allow case
-            cases.push({
-                name: "src/index.ts → ALLOWED",
-                category: "path-guard",
-                hookScript: scriptName,
-                input: { tool_name: "Edit", tool_input: { file_path: "src/index.ts" } },
-                expectation: "allow",
-            });
-        }
-        // command-guard
-        if (scriptName.includes("command-guard")) {
-            for (const blocked of enforcement.blockedCommands ?? []) {
-                cases.push({
-                    name: `"${blocked}" → BLOCKED`,
-                    category: "command-guard",
-                    hookScript: scriptName,
-                    input: { tool_name: "Bash", tool_input: { command: blocked } },
-                    expectation: "block",
-                });
-            }
-            // allow case
-            cases.push({
-                name: '"npm test" → ALLOWED',
-                category: "command-guard",
-                hookScript: scriptName,
-                input: { tool_name: "Bash", tool_input: { command: "npm test" } },
-                expectation: "allow",
-            });
-        }
-        // branch-guard
-        if (scriptName.includes("branch-guard")) {
-            const isProtected = currentBranch === "main" || currentBranch === "master";
-            cases.push({
-                name: `git commit on ${currentBranch ?? "unknown"} → ${isProtected ? "BLOCKED" : "ALLOWED"}`,
-                category: "branch-guard",
-                hookScript: scriptName,
-                input: { tool_name: "Bash", tool_input: { command: "git commit -m 'test'" } },
-                expectation: isProtected ? "block" : "allow",
-            });
-        }
-        // lockfile-guard
-        if (scriptName.includes("lockfile-guard")) {
-            cases.push({
-                name: "package-lock.json → BLOCKED",
-                category: "lockfile-guard",
-                hookScript: scriptName,
-                input: { tool_name: "Edit", tool_input: { file_path: "package-lock.json" } },
-                expectation: "block",
-            });
-            cases.push({
-                name: "package.json → ALLOWED",
-                category: "lockfile-guard",
-                hookScript: scriptName,
-                input: { tool_name: "Edit", tool_input: { file_path: "package.json" } },
-                expectation: "allow",
-            });
-        }
-        // secret-file-guard
-        if (scriptName.includes("secret-file-guard")) {
-            cases.push({
-                name: ".env → BLOCKED",
-                category: "secret-file-guard",
-                hookScript: scriptName,
-                input: { tool_name: "Edit", tool_input: { file_path: ".env" } },
-                expectation: "block",
-            });
-            cases.push({
-                name: "src/app.ts → ALLOWED",
-                category: "secret-file-guard",
-                hookScript: scriptName,
-                input: { tool_name: "Edit", tool_input: { file_path: "src/app.ts" } },
-                expectation: "allow",
-            });
-        }
-    }
-    return cases;
-}
 // 테스트 실행
 export async function runTestCase(projectDir, testCase) {
     const hookPath = path.join(projectDir, testCase.hookScript);
@@ -202,7 +104,7 @@ export async function runTestCase(projectDir, testCase) {
     }
 }
 // 블록 기반 테스트 케이스 생성
-export function generateBlockTestCases(hookEntries, blocks, currentBranch) {
+export function generateBlockTestCases(hookEntries, blocks, currentBranch, registeredHooks) {
     const cases = [];
     for (const entry of hookEntries) {
         const block = blocks.find((b) => b.id === entry.block);
@@ -211,7 +113,24 @@ export function generateBlockTestCases(hookEntries, blocks, currentBranch) {
         if (!block.canBlock)
             continue;
         const params = applyDefaults(block, entry.params);
-        const hookScript = `.claude/hooks/catalog-${block.id}.sh`;
+        // Find actual script path from registered hooks, fallback to catalog- prefix
+        // Map block ids to enforcement script name patterns
+        const blockIdAliases = {
+            "path-guard": ["path-guard", "file-guard"],
+            "command-guard": ["command-guard"],
+            "branch-guard": ["branch-guard"],
+            "lockfile-guard": ["lockfile-guard"],
+            "secret-file-guard": ["secret-file-guard"],
+            "tdd-guard": ["tdd-guard"],
+        };
+        const aliases = blockIdAliases[block.id] ?? [block.id];
+        const matchedHook = registeredHooks?.find((h) => {
+            const scriptName = h.command.replace(/^bash\s+/, "");
+            return aliases.some((alias) => scriptName.includes(alias));
+        });
+        const hookScript = matchedHook
+            ? matchedHook.command.replace(/^bash\s+/, "")
+            : `.claude/hooks/catalog-${block.id}.sh`;
         switch (block.id) {
             case "path-guard": {
                 const blockedPaths = params.blockedPaths ?? [];

package/dist/cli/tool-checker.d.ts

@@ -11,5 +11,11 @@ export interface ToolRef {
     source: string;
     lookupCommand: string;
 }
+/**
+ * Extracts tool references from a HarnessConfig.
+ * Collects commands from:
+ * 1. enforcement.preCommit and enforcement.postSave (legacy)
+ * 2. hooks[] params (commit-test-gate, commit-typecheck-gate, lint-on-save)
+ */
 export declare function extractToolNames(config: HarnessConfig): ToolRef[];
 export declare function checkReferencedTools(config: HarnessConfig): Promise<ToolCheck[]>;

package/dist/cli/tool-checker.js

@@ -58,25 +58,46 @@ function extractBinary(command) {
     }
     return { name: parts[0], lookupCommand: parts[0] };
 }
+/**
+ * Extracts tool references from a HarnessConfig.
+ * Collects commands from:
+ * 1. enforcement.preCommit and enforcement.postSave (legacy)
+ * 2. hooks[] params (commit-test-gate, commit-typecheck-gate, lint-on-save)
+ */
 export function extractToolNames(config) {
     const seen = new Set();
     const tools = [];
-    for (const cmd of config.enforcement.preCommit) {
+    function addCommand(cmd, source) {
         const result = extractBinary(cmd);
         if (!result)
-            continue;
+            return;
         if (!seen.has(result.name)) {
             seen.add(result.name);
-            tools.push({ name: result.name, lookupCommand: result.lookupCommand, source: "pre-commit" });
+            tools.push({ name: result.name, lookupCommand: result.lookupCommand, source });
         }
     }
+    // Extract from enforcement fields (legacy)
+    for (const cmd of config.enforcement.preCommit) {
+        addCommand(cmd, "pre-commit");
+    }
     for (const ps of config.enforcement.postSave) {
-        const result = extractBinary(ps.command);
-        if (!result)
-            continue;
-        if (!seen.has(result.name)) {
-            seen.add(result.name);
-            tools.push({ name: result.name, lookupCommand: result.lookupCommand, source: "post-save hook" });
+        addCommand(ps.command, "post-save hook");
+    }
+    // Extract from hooks[] params
+    const hookEntries = config.hooks ?? [];
+    for (const entry of hookEntries) {
+        const params = entry.params;
+        if (entry.block === "commit-test-gate" && typeof params.testCommand === "string") {
+            addCommand(params.testCommand, "commit-test-gate hook");
+        }
+        if (entry.block === "commit-typecheck-gate" && typeof params.typecheckCommand === "string") {
+            addCommand(params.typecheckCommand, "commit-typecheck-gate hook");
+        }
+        if (entry.block === "lint-on-save" && typeof params.command === "string") {
+            addCommand(params.command, "lint-on-save hook");
+        }
+        if (entry.block === "format-on-save" && typeof params.command === "string") {
+            addCommand(params.command, "format-on-save hook");
         }
     }
     return tools;

package/dist/cli/tui/init-flow.js

@@ -10,7 +10,7 @@ import { loadAndMergePresets, writeHarnessState } from "../commands/init.js";
 import { mergePresets } from "../../core/config-merger.js";
 import { generate } from "../../core/generator.js";
 import { generateHarnessConfig } from "../../nl/parse-intent.js";
-import { harnessToMergedConfig } from "../../core/harness-converter.js";
+import { mergeEnforcementAndHooks } from "../../core/harness-converter.js";
 import { HarnessConfigSchema } from "../../core/harness-schema.js";
 import { detectProject } from "../../detector/project-detector.js";
 function getDefaultPresetsDir() {
@@ -55,27 +55,16 @@ export function formatConfigSummary(config) {
             lines.push(`    ${i + 1}. ${rule.title} (priority: ${rule.priority})`);
         }
     }
-    // Enforcement
-    const hasEnforcement = config.enforcement.preCommit.length > 0 ||
-        config.enforcement.blockedPaths.length > 0 ||
-        config.enforcement.blockedCommands.length > 0 ||
-        config.enforcement.postSave.length > 0;
-    if (hasEnforcement) {
+    // Hooks (merged from enforcement + explicit hooks)
+    const allHooks = mergeEnforcementAndHooks(config);
+    if (allHooks.length > 0) {
         lines.push("");
-        lines.push("  Enforcement:");
-        if (config.enforcement.preCommit.length > 0) {
-            lines.push(`    Pre-commit: ${config.enforcement.preCommit.join(", ")}`);
-        }
-        if (config.enforcement.blockedPaths.length > 0) {
-            lines.push(`    Blocked paths: ${config.enforcement.blockedPaths.join(", ")}`);
-        }
-        if (config.enforcement.blockedCommands.length > 0) {
-            lines.push(`    Blocked commands: ${config.enforcement.blockedCommands.join(", ")}`);
-        }
-        if (config.enforcement.postSave.length > 0) {
-            for (const ps of config.enforcement.postSave) {
-                lines.push(`    Post-save: ${ps.command} on ${ps.pattern}`);
-            }
+        lines.push("  Hooks:");
+        for (const hook of allHooks) {
+            const paramSummary = Object.entries(hook.params)
+                .map(([k, v]) => `${k}=${Array.isArray(v) ? v.join(",") : String(v)}`)
+                .join(", ");
+            lines.push(`    ${hook.block}${paramSummary ? ` (${paramSummary})` : ""}`);
         }
     }
     return lines.join("\n");
@@ -353,8 +342,9 @@ export async function runInitTUI(options) {
     const generatedFiles = [];
     try {
         if (harnessConfig) {
-            // NL or import mode: convert harness config to merged config
-            const config = harnessToMergedConfig(harnessConfig);
+            // NL or import mode: convert harness config to merged config via v2 (catalog pipeline)
+            const { harnessToMergedConfigV2 } = await import("../../core/harness-converter-v2.js");
+            const config = await harnessToMergedConfigV2(harnessConfig);
             const result = await generate({ projectDir, config });
             generatedFiles.push(...result.files);
             // Save harness.yaml
@@ -397,17 +387,14 @@ export async function runInitTUI(options) {
     summaryLines.push(`Generated ${generatedFiles.length} files in ${chalk.cyan(projectDir)}`);
     summaryLines.push("");
     if (harnessConfig) {
-        summaryLines.push("Active enforcement:");
-        if (harnessConfig.enforcement.preCommit.length > 0) {
-            summaryLines.push(`  \u2022 Pre-commit: ${harnessConfig.enforcement.preCommit.join(", ")}`);
-        }
-        if (harnessConfig.enforcement.blockedPaths.length > 0) {
-            summaryLines.push(`  \u2022 Protected paths: ${harnessConfig.enforcement.blockedPaths.join(", ")}`);
-        }
-        if (harnessConfig.enforcement.blockedCommands.length > 0) {
-            summaryLines.push("  \u2022 Dangerous commands blocked");
+        const activeHooks = mergeEnforcementAndHooks(harnessConfig);
+        if (activeHooks.length > 0) {
+            summaryLines.push("Active hooks:");
+            for (const hook of activeHooks) {
+                summaryLines.push(`  \u2022 ${hook.block}`);
+            }
+            summaryLines.push("");
         }
-        summaryLines.push("");
     }
     summaryLines.push("Next steps:");
     summaryLines.push("  1. Review harness.yaml to customize");

package/dist/core/harness-converter-v2.js

@@ -1,23 +1,23 @@
-import { harnessToMergedConfig } from "./harness-converter.js";
+import { harnessToMergedConfig, mergeEnforcementAndHooks } from "./harness-converter.js";
 import { createDefaultRegistry } from "../catalog/registry.js";
 import { convertHookEntries } from "../catalog/converter.js";
 export async function harnessToMergedConfigV2(harness, registry, projectDir) {
-    // Start with v1 conversion (handles enforcement field)
+    // Start with base conversion (rules, variables, permissions — no inline enforcement scripts)
     const base = harnessToMergedConfig(harness);
-    // If no hooks or empty, return base config unchanged
-    if (!harness.hooks || harness.hooks.length === 0) {
+    // Merge enforcement-derived hooks with explicit hooks (dedup by block id)
+    const allHookEntries = mergeEnforcementAndHooks(harness);
+    // If no hook entries at all, return base config unchanged
+    if (allHookEntries.length === 0) {
         return { ...base };
     }
     // Resolve registry — use provided one or create the default
     const resolvedRegistry = registry ?? (await createDefaultRegistry());
-    const catalogResult = await convertHookEntries(harness.hooks, resolvedRegistry, projectDir ?? ".");
+    const catalogResult = await convertHookEntries(allHookEntries, resolvedRegistry, projectDir ?? ".");
     // If there are errors, return base config with catalogErrors attached
     if (catalogResult.errors.length > 0) {
         return { ...base, catalogErrors: catalogResult.errors };
     }
     // Convert hooksConfig entries from catalog into HookDefinition format.
-    // Catalog hooks are appended after v1 hooks so v2 catalog takes precedence
-    // (last writer wins in Claude settings; appended = higher effective priority).
     const additionalPreToolUse = [];
     const additionalPostToolUse = [];
     for (const [event, entries] of Object.entries(catalogResult.hooksConfig)) {

package/dist/core/harness-converter.d.ts

@@ -1,3 +1,20 @@
 import type { HarnessConfig } from "./harness-schema.js";
 import type { MergedConfig } from "./preset-types.js";
+import type { HookEntry } from "../catalog/types.js";
+/**
+ * Converts legacy enforcement fields into catalog-based HookEntry[].
+ * This allows old harness.yaml configs with enforcement to be processed
+ * through the unified catalog pipeline.
+ */
+export declare function convertEnforcementToHooks(enforcement: HarnessConfig["enforcement"]): HookEntry[];
+/**
+ * Merges enforcement-derived hooks with explicit harness.hooks,
+ * deduplicating by block id (explicit hooks take priority).
+ */
+export declare function mergeEnforcementAndHooks(harness: HarnessConfig): HookEntry[];
+/**
+ * Converts HarnessConfig to MergedConfig.
+ * No longer generates inline enforcement scripts — enforcement is converted
+ * to catalog hook entries and processed through the v2 catalog pipeline.
+ */
 export declare function harnessToMergedConfig(harness: HarnessConfig): MergedConfig;

package/dist/core/harness-converter.js

@@ -1,3 +1,51 @@
+/**
+ * Converts legacy enforcement fields into catalog-based HookEntry[].
+ * This allows old harness.yaml configs with enforcement to be processed
+ * through the unified catalog pipeline.
+ */
+export function convertEnforcementToHooks(enforcement) {
+    const hooks = [];
+    // preCommit → commit-test-gate or commit-typecheck-gate
+    for (const cmd of enforcement.preCommit) {
+        if (/\btsc\b/.test(cmd)) {
+            hooks.push({ block: "commit-typecheck-gate", params: { typecheckCommand: cmd } });
+        }
+        else {
+            hooks.push({ block: "commit-test-gate", params: { testCommand: cmd } });
+        }
+    }
+    // blockedPaths → path-guard
+    if (enforcement.blockedPaths.length > 0) {
+        hooks.push({ block: "path-guard", params: { blockedPaths: enforcement.blockedPaths } });
+    }
+    // blockedCommands → command-guard
+    if (enforcement.blockedCommands.length > 0) {
+        hooks.push({ block: "command-guard", params: { patterns: enforcement.blockedCommands } });
+    }
+    // postSave → lint-on-save (each entry)
+    for (const ps of enforcement.postSave) {
+        hooks.push({ block: "lint-on-save", params: { filePattern: ps.pattern, command: ps.command } });
+    }
+    return hooks;
+}
+/**
+ * Merges enforcement-derived hooks with explicit harness.hooks,
+ * deduplicating by block id (explicit hooks take priority).
+ */
+export function mergeEnforcementAndHooks(harness) {
+    const enforcementHooks = convertEnforcementToHooks(harness.enforcement);
+    const explicitHooks = harness.hooks ?? [];
+    // Explicit hooks take priority — only keep enforcement hooks for blocks
+    // not already covered by explicit hooks
+    const explicitBlockIds = new Set(explicitHooks.map((h) => h.block));
+    const uniqueEnforcementHooks = enforcementHooks.filter((h) => !explicitBlockIds.has(h.block));
+    return [...uniqueEnforcementHooks, ...explicitHooks];
+}
+/**
+ * Converts HarnessConfig to MergedConfig.
+ * No longer generates inline enforcement scripts — enforcement is converted
+ * to catalog hook entries and processed through the v2 catalog pipeline.
+ */
 export function harnessToMergedConfig(harness) {
     // Build variables from first stack
     const variables = {};
@@ -21,114 +69,13 @@ export function harnessToMergedConfig(harness) {
         priority: rule.priority,
     }))
         .sort((a, b) => (a.priority ?? 50) - (b.priority ?? 50));
-    // Build hooks
-    const preToolUse = [];
-    const postToolUse = [];
-    // preCommit hook
-    if (harness.enforcement.preCommit.length > 0) {
-        const commands = harness.enforcement.preCommit
-            .map((cmd) => {
-            const safeCmdJson = cmd.replace(/\\/g, "\\\\").replace(/"/g, '\\"');
-            return `    echo "oh-my-harness: Running ${cmd} before commit..." >&2\n    if ! ${cmd} >&2 2>&1; then\n      echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: ${safeCmdJson} failed, commit blocked\\"}"\n      exit 0\n    fi`;
-        })
-            .join("\n");
-        preToolUse.push({
-            id: "harness-pre-commit",
-            matcher: "Bash",
-            description: "Runs configured checks before git commit",
-            inline: `#!/bin/bash
-set -euo pipefail
-INPUT=$(cat)
-COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
-if echo "$COMMAND" | grep -qE "git commit"; then
-${commands}
-fi
-exit 0
-`,
-        });
-    }
-    // file-guard hook from blockedPaths
-    if (harness.enforcement.blockedPaths.length > 0) {
-        const patterns = harness.enforcement.blockedPaths
-            .map((p) => `"${p}"`)
-            .join(" ");
-        preToolUse.push({
-            id: "harness-file-guard",
-            matcher: "Edit|Write",
-            description: "Prevents writing to blocked paths",
-            inline: `#!/bin/bash
-set -euo pipefail
-INPUT=$(cat)
-FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // .tool_input.path // empty' 2>/dev/null)
-[[ -z "$FILE_PATH" ]] && exit 0
-BLOCKED=(${patterns})
-for pattern in "\${BLOCKED[@]}"; do
-  if [[ "$pattern" == */ ]]; then
-    if [[ "$FILE_PATH" == *"/$pattern"* ]] || [[ "$FILE_PATH" == "$pattern"* ]]; then
-      echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: protected path $pattern\\"}"
-      exit 0
-    fi
-  elif [[ "$pattern" == \\** ]]; then
-    suffix="\${pattern#\\*}"
-    if [[ "$FILE_PATH" == *"\$suffix" ]]; then
-      echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: protected path $pattern\\"}"
-      exit 0
-    fi
-  fi
-done
-exit 0
-`,
-        });
-    }
-    // command-guard hook from blockedCommands
-    if (harness.enforcement.blockedCommands.length > 0) {
-        const patterns = harness.enforcement.blockedCommands
-            .map((c) => `"${c}"`)
-            .join(" ");
-        preToolUse.push({
-            id: "harness-command-guard",
-            matcher: "Bash",
-            description: "Blocks dangerous shell commands",
-            inline: `#!/bin/bash
-set -euo pipefail
-INPUT=$(cat)
-COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
-DANGEROUS_PATTERNS=(${patterns})
-for pattern in "\${DANGEROUS_PATTERNS[@]}"; do
-  if echo "$COMMAND" | grep -qF "$pattern"; then
-    echo "{\\"decision\\": \\"block\\", \\"reason\\": \\"oh-my-harness: dangerous command blocked\\"}"
-    exit 0
-  fi
-done
-exit 0
-`,
-        });
-    }
-    // postSave hooks
-    for (let i = 0; i < harness.enforcement.postSave.length; i++) {
-        const ps = harness.enforcement.postSave[i];
-        postToolUse.push({
-            id: `harness-post-save-${i}`,
-            matcher: "Edit|Write",
-            description: `Runs ${ps.command} on ${ps.pattern} files after save`,
-            inline: `#!/bin/bash
-INPUT=$(cat)
-FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // .tool_input.path // empty' 2>/dev/null)
-[[ -z "$FILE_PATH" ]] && exit 0
-if [[ "$FILE_PATH" == ${ps.pattern} ]]; then
-  ${ps.command} "$FILE_PATH" 2>/dev/null || true
-fi
-exit 0
-`,
-        });
-    }
     return {
         presets: ["harness"],
         variables,
         claudeMdSections,
         hooks: {
-            preToolUse,
-            postToolUse,
+            preToolUse: [],
+            postToolUse: [],
         },
         settings: {
             permissions: {

package/dist/nl/prompt-templates.js

@@ -40,7 +40,7 @@ Do NOT guess commands — use the detected values above.\n`;
 export function buildHarnessGenerationPrompt(description, catalogBlocks, projectFacts) {
     const factsSection = projectFacts ? buildProjectFactsSection(projectFacts) : "";
     const catalogSection = catalogBlocks && catalogBlocks.length > 0
-        ? `\nAvailable building blocks (MUST use in the hooks field — prefer hooks over enforcement):
+        ? `\nAvailable building blocks (MUST use in the hooks field):
 ${catalogBlocks
             .map((b) => {
             const paramDesc = b.params.length > 0
@@ -50,7 +50,7 @@ ${catalogBlocks
         })
             .join("\n")}
 
-IMPORTANT: Match the user's description to the most relevant blocks above. Use hooks for ALL enforcement that has a matching block. Only use enforcement as a fallback for commands with no matching block.
+IMPORTANT: Match the user's description to the most relevant blocks above. Use hooks for ALL needs.
 `
         : "";
     return `You are a configuration generator for oh-my-harness, an AI code agent harness tool. Given a project description, generate a complete harness.yaml configuration in YAML format. Return ONLY the YAML content with no markdown formatting.
@@ -59,9 +59,7 @@ The harness.yaml schema has these fields:
 - version: must be "1.0"
 - project: object with name (optional string), description (optional string), stacks (array of {name, framework, language, packageManager?, testRunner?, linter?})
 - rules: array of {id, title, content (markdown), priority (number, lower = higher in file)}
-- enforcement: object with preCommit (array of full executable shell commands like "pnpm test", "npx eslint", "npx tsc --noEmit"), blockedPaths (array of glob patterns), blockedCommands (array of dangerous commands), postSave (array of {pattern, command})
-- hooks: array of {block, params} — MUST use catalog building blocks here. This is the primary mechanism for enforcement. Match user requirements to available blocks.
-- enforcement: fallback for commands with no matching block. Only use enforcement.preCommit when no catalog block covers the use case.
+- hooks: array of {block, params} — MUST use catalog building blocks here. This is the primary mechanism for all guards and automation (pre-commit checks, path guards, command guards, lint-on-save, etc.).
 - permissions: object with allow (array of permission strings like "Bash(npm test*)") and deny (array)
 ${catalogSection}${factsSection}
 Example 1 - Next.js app:

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "oh-my-harness",
-  "version": "0.5.0",
+  "version": "0.6.0",
   "description": "Tame your AI coding agents with natural language",
   "type": "module",
   "bin": {