teleportation-cli 1.1.5 → 1.2.1

package/.claude/hooks/permission_request.mjs

@@ -82,6 +82,45 @@ const isValidSessionId = (id) => {
   return id && /^[a-f0-9-]{36}$/i.test(id);
 };
 
+// Timeout for daemon-state updates (extracted from magic number per code review)
+const DAEMON_STATE_UPDATE_TIMEOUT_MS = 3000;
+
+/**
+ * Update daemon state with timeout and proper resource cleanup.
+ * Returns true if update succeeded, false otherwise.
+ * @param {string} relayApiUrl - Relay API base URL
+ * @param {string} sessionId - Session ID to update
+ * @param {object} state - State object to patch (e.g., { is_away: true })
+ * @param {string} apiKey - API key for authorization
+ * @param {function} log - Logging function
+ * @returns {Promise<boolean>} - True if update succeeded
+ */
+const updateDaemonState = async (relayApiUrl, sessionId, state, apiKey, log) => {
+  const controller = new AbortController();
+  const timeoutId = setTimeout(() => controller.abort(), DAEMON_STATE_UPDATE_TIMEOUT_MS);
+  try {
+    const res = await fetch(`${relayApiUrl}/api/sessions/${sessionId}/daemon-state`, {
+      method: 'PATCH',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': `Bearer ${apiKey}`
+      },
+      body: JSON.stringify(state),
+      signal: controller.signal
+    });
+    if (!res.ok) {
+      log(`[TRACE] daemon-state update returned ${res.status}`);
+      return false;
+    }
+    return true;
+  } catch (e) {
+    log(`[TRACE] daemon-state update failed: ${e.message}`);
+    return false;
+  } finally {
+    clearTimeout(timeoutId);
+  }
+};
+
 const fetchJson = async (url, opts) => {
   const res = await fetch(url, opts);
   if (!res.ok) {
@@ -126,6 +165,31 @@ const fetchJson = async (url, opts) => {
     return exit(0);
   }
 
+  // For autonomous tasks, use parent session ID for approvals
+  // This ensures approvals appear in the timeline the user is viewing
+  const raw_parent_session_id = env.TELEPORTATION_PARENT_SESSION_ID;
+
+  // Validate parent_session_id if provided to prevent injection
+  // Only use if it passes validation, otherwise fall back to session_id
+  const parent_session_id = (raw_parent_session_id && isValidSessionId(raw_parent_session_id))
+    ? raw_parent_session_id
+    : null;
+
+  if (raw_parent_session_id && !parent_session_id) {
+    log(`Warning: Invalid TELEPORTATION_PARENT_SESSION_ID format, ignoring: ${raw_parent_session_id}`);
+  }
+  const approval_session_id = parent_session_id || session_id;
+  const child_session_id = parent_session_id ? session_id : null;
+
+  if (parent_session_id) {
+    log(`Using parent session ${parent_session_id} for approvals (child session: ${session_id})`);
+  }
+
+  // Detect message source
+  const isAutonomousTask = env.TELEPORTATION_TASK_MODE === 'true' || !!parent_session_id;
+  const source = isAutonomousTask ? 'autonomous_task' : 'cli_interactive';
+  log(`Message source: ${source}`);
+
   // Load config
   let config;
   try {
@@ -151,14 +215,64 @@ const fetchJson = async (url, opts) => {
     return exit(0);
   }
 
-  // Check if session is in "away" mode
+  // Auto-detect away mode based on last approval location
   let isAway = false;
+  let autoDetected = false;
+
+  // Force away mode if running as a daemon-spawned task
+  // TELEPORTATION_TASK_MODE is set by task-executor.js when spawning Claude for task execution
+  const isTaskMode = env.TELEPORTATION_TASK_MODE === 'true';
+  if (isTaskMode) {
+    isAway = true;
+    log(`[PermissionRequest] Task mode detected - forcing away mode for remote approval`);
+  }
+
   try {
-    const state = await fetchJson(`${RELAY_API_URL}/api/sessions/${session_id}/daemon-state`, {
+    const state = await fetchJson(`${RELAY_API_URL}/api/sessions/${approval_session_id}/daemon-state`, {
       headers: { 'Authorization': `Bearer ${RELAY_API_KEY}` }
     });
-    isAway = !!state.is_away;
-    log(`Session away status: ${isAway}`);
+
+    // Skip auto-toggle if task mode is forcing away
+    if (isTaskMode) {
+      log(`Task mode: skipping auto-detection, using forced away mode`);
+    } else {
+      // Auto-toggle based on last interaction source
+      const lastLocation = state.last_approval_location;
+      if (lastLocation === 'mobile') {
+        // Last approval was from mobile → user is away
+        isAway = true;
+        autoDetected = true;
+        log(`Auto-detected: user away (last approval from mobile)`);
+      } else if (lastLocation === 'local') {
+        // Last approval was local → user is present
+        isAway = false;
+        autoDetected = true;
+        log(`Auto-detected: user present (last approval from local)`);
+      } else {
+        // Use existing is_away flag if no approval history
+        isAway = !!state.is_away;
+        log(`Session away status: ${isAway} (no auto-detection)`);
+      }
+    }
+
+    // Update daemon state if auto-detected different from current
+    // Use approval_session_id for consistency with session registration
+    if (autoDetected && isAway !== !!state.is_away) {
+      log(`Updating away status: ${state.is_away} → ${isAway}`);
+      try {
+        await fetchJson(`${RELAY_API_URL}/api/sessions/${approval_session_id}/daemon-state`, {
+          method: 'PATCH',
+          headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${RELAY_API_KEY}`
+          },
+          body: JSON.stringify({ is_away: isAway })
+        });
+        log(`Updated session away status to: ${isAway}`);
+      } catch (updateErr) {
+        log(`Warning: Failed to update away status: ${updateErr.message}`);
+      }
+    }
   } catch (e) {
     // Fail-safe: if relay is down, assume user is present (safer default)
     const failSafe = env.AWAY_CHECK_FAIL_SAFE || 'present';
@@ -205,7 +319,7 @@ const fetchJson = async (url, opts) => {
         'Content-Type': 'application/json',
         'Authorization': `Bearer ${RELAY_API_KEY}`
       },
-      body: JSON.stringify({ session_id, reason: 'New permission request' })
+      body: JSON.stringify({ session_id: approval_session_id, reason: 'New permission request' })
     });
   } catch (e) {
     log(`Warning: Failed to invalidate old approvals: ${e.message}`);
@@ -254,11 +368,17 @@ const fetchJson = async (url, opts) => {
     log(`Warning: tool_use_id not provided, generated fallback: ${effective_tool_use_id}`);
   }
 
+  // Add child session ID to metadata if this is an autonomous task
+  if (child_session_id) {
+    meta.child_session_id = child_session_id;
+    meta.is_autonomous_task = true;
+  }
+
   // Fetch session to get owner_id (PRD-0018: Multi-tenancy)
   let owner_id = null;
   try {
-    log(`Fetching session ${session_id} to get owner_id for approval`);
-    const sessionResponse = await fetch(`${RELAY_API_URL}/api/sessions/${session_id}`, {
+    log(`Fetching session ${approval_session_id} to get owner_id for approval`);
+    const sessionResponse = await fetch(`${RELAY_API_URL}/api/sessions/${approval_session_id}`, {
       headers: { 'Authorization': `Bearer ${RELAY_API_KEY}` }
     });
     
@@ -278,7 +398,7 @@ const fetchJson = async (url, opts) => {
   let approvalId;
   try {
     const payload = {
-      session_id,
+      session_id: approval_session_id,  // Use parent session for autonomous tasks
       tool_name,
       tool_input,
       meta,
@@ -322,22 +442,64 @@ const fetchJson = async (url, opts) => {
     return process.stdout.write(JSON.stringify({ decision: 'ask', reason: `Remote approval request failed: ${e.message}` }));
   }
 
-  // If user is PRESENT: return immediately and let Claude Code show its native prompt
-  // The approval is now visible in mobile UI. If user approves locally:
-  // - PostToolUse will invalidate the approval
-  // - Mobile UI will filter it out (any timeline event after approval = stale)
-  if (!isAway) {
-    log(`User is present - approval ${approvalId} created for mobile visibility, letting Claude Code handle locally`);
-    return exit(0);
-  }
+  // DESIGN RATIONALE: Hybrid Approval Flow
+  // ========================================
+  // This polling loop supports "hybrid approval" where users can approve from
+  // EITHER their local CLI OR mobile app, regardless of away/present mode:
+  //
+  // - User PRESENT: Claude Code shows native prompt AND we poll for mobile approval.
+  //   If user approves locally, PostToolUse hook invalidates the remote approval.
+  //   If user approves via mobile, we detect it here and proceed.
+  //
+  // - User AWAY: Claude Code prompt is suppressed, we poll for mobile approval.
+  //   User must approve via mobile to continue.
+  //
+  // WHY NO MODE-AWARE TIMEOUTS:
+  // Old design had 5s timeout for present, 60s for away. This caused issues:
+  // 1. User at computer who wants to approve via mobile (e.g., testing) couldn't
+  // 2. Quick timeouts caused unnecessary daemon handoffs
+  // 3. Users stepping away briefly got their approvals handed to daemon
+  //
+  // The 1-hour timeout (configurable) allows flexible approval from either location.
+  // Circuit breaker prevents indefinite polling. Local approvals invalidate remote.
+  //
+  log(`${isAway ? 'User is away' : 'User is present'} - polling for approval...`);
 
-  // User is AWAY - poll for remote approval decision
-  log(`User is away - polling for remote approval decision (timeout=${FAST_APPROVAL_TIMEOUT_MS}ms)...`);
   let consecutiveFailures = 0;
   const MAX_CONSECUTIVE_FAILURES = 5;
 
-  const deadline = Date.now() + FAST_APPROVAL_TIMEOUT_MS;
-  while (Date.now() < deadline) {
+  // Circuit breaker: max 1 hour (1800 polls at 2s interval) or configurable via env
+  // Bounds: iterations 10-10000, timeout 60s-4hrs to prevent DoS and misconfiguration
+  const rawIterations = parseInt(env.APPROVAL_MAX_POLL_ITERATIONS || '1800', 10);
+  const rawTimeout = parseInt(env.APPROVAL_MAX_TIMEOUT_MS || '3600000', 10);
+  const MAX_POLL_ITERATIONS = Math.max(10, Math.min(10000, isNaN(rawIterations) ? 1800 : rawIterations));
+  const MAX_POLL_TIMEOUT_MS = Math.max(60000, Math.min(14400000, isNaN(rawTimeout) ? 3600000 : rawTimeout));
+  const pollStartTime = Date.now();
+  let pollIterations = 0;
+
+  // Poll with circuit breaker limits
+  while (true) {
+    pollIterations++;
+
+    // Circuit breaker: check iteration limit
+    if (pollIterations > MAX_POLL_ITERATIONS) {
+      log(`Circuit breaker: exceeded max poll iterations (${MAX_POLL_ITERATIONS})`);
+      // Fall back to daemon handoff
+      return process.stdout.write(JSON.stringify({
+        decision: 'deny',
+        reason: 'Approval polling exceeded maximum iterations - handed off to daemon'
+      }));
+    }
+
+    // Circuit breaker: check timeout
+    if (Date.now() - pollStartTime > MAX_POLL_TIMEOUT_MS) {
+      log(`Circuit breaker: exceeded max poll timeout (${MAX_POLL_TIMEOUT_MS}ms)`);
+      // Fall back to daemon handoff
+      return process.stdout.write(JSON.stringify({
+        decision: 'deny',
+        reason: 'Approval polling exceeded maximum timeout - handed off to daemon'
+      }));
+    }
     try {
       const status = await fetchJson(`${RELAY_API_URL}/api/approvals/${approvalId}`, {
         headers: { 'Authorization': `Bearer ${RELAY_API_KEY}` }
@@ -346,14 +508,103 @@ const fetchJson = async (url, opts) => {
 
       if (status.status === 'allowed') {
         log('Remote approval: ALLOWED');
+
+        // Auto-detect away mode: if approval came from mobile, switch to away mode
+        // This enables seamless handoff when user approves from mobile
+        if (status.decision_location === 'mobile') {
+          // Timeline: Mobile approval detected
+          log('[TIMELINE-DEBUG] About to log approval_processing event');
+          try {
+            await fetchJson(`${RELAY_API_URL}/api/timeline`, {
+              method: 'POST',
+              headers: {
+                'Content-Type': 'application/json',
+                'Authorization': `Bearer ${RELAY_API_KEY}`
+              },
+              body: JSON.stringify({
+                session_id: approval_session_id,
+                type: 'approval_processing',
+                source,
+                data: {
+                  tool_name,
+                  approval_id: approvalId,
+                  decision_location: 'mobile',
+                  message: 'Mobile approval detected - processing handoff'
+                }
+              })
+            });
+            log('[TIMELINE-DEBUG] Successfully logged approval_processing event');
+          } catch (e) {
+            log(`[TIMELINE-DEBUG] Failed to log approval_processing: ${e.message}`);
+          }
+
+          {
+            log('[TRACE] Approval came from mobile - starting auto-switch to away mode');
+            // Use helper function with proper timeout and resource cleanup
+            const updateSuccess = await updateDaemonState(
+              RELAY_API_URL,
+              approval_session_id,
+              { is_away: true, last_approval_location: 'mobile' },
+              RELAY_API_KEY,
+              log
+            );
+
+            // Timeline: Mode switched to away - ONLY log if daemon-state update succeeded
+            // This prevents logging a mode switch that didn't actually happen
+            if (updateSuccess) {
+              log('[TRACE] daemon-state update completed successfully');
+              try {
+                await fetchJson(`${RELAY_API_URL}/api/timeline`, {
+                  method: 'POST',
+                  headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${RELAY_API_KEY}`
+                  },
+                  body: JSON.stringify({
+                    session_id: approval_session_id,
+                    type: 'mode_switched',
+                    source,
+                    data: {
+                      from: 'present',
+                      to: 'away',
+                      trigger: 'mobile_approval',
+                      approval_id: approvalId
+                    }
+                  })
+                });
+              } catch (e) {
+                log(`Warning: Failed to log timeline event: ${e.message}`);
+              }
+            } else {
+              log('[TRACE] Skipping mode_switched timeline event - daemon-state update failed');
+            }
+          }
+        } else if (status.decision_location === 'local') {
+          // Auto-switch to present mode when user approves locally
+          log('Approval came from CLI - auto-switching to present mode');
+          // Use helper function with proper timeout and resource cleanup
+          const updateSuccess = await updateDaemonState(
+            RELAY_API_URL,
+            approval_session_id,
+            { is_away: false, last_approval_location: 'local' },
+            RELAY_API_KEY,
+            log
+          );
+          if (!updateSuccess) {
+            log('Warning: Failed to auto-switch to present mode');
+          }
+        }
+
         // Acknowledge on the fast-path to prevent duplicate daemon execution.
         // PRD-0016: Implement 3-attempt exponential backoff for ACK
+        log('[TRACE] Starting ACK process');
         let ackSuccess = false;
         let ackAttempts = 0;
         const MAX_ACK_ATTEMPTS = 3;
 
         while (!ackSuccess && ackAttempts < MAX_ACK_ATTEMPTS) {
           ackAttempts++;
+          log(`[TRACE] ACK attempt ${ackAttempts}/${MAX_ACK_ATTEMPTS}`);
           try {
             const ackRes = await fetch(`${RELAY_API_URL}/api/approvals/${approvalId}/ack`, {
               method: 'POST',
@@ -361,12 +612,13 @@ const fetchJson = async (url, opts) => {
             });
             if (ackRes.ok) {
               ackSuccess = true;
+              log('[TRACE] ACK succeeded');
             } else {
               throw new Error(`ACK returned ${ackRes.status}`);
             }
           } catch (e) {
             const delay = Math.pow(2, ackAttempts) * 100;
-            log(`Warning: ACK attempt ${ackAttempts} failed: ${e.message}. Retrying in ${delay}ms...`);
+            log(`[TRACE] ACK attempt ${ackAttempts} failed: ${e.message}. Retrying in ${delay}ms...`);
             if (ackAttempts < MAX_ACK_ATTEMPTS) {
               await sleep(delay);
             }
@@ -374,18 +626,50 @@ const fetchJson = async (url, opts) => {
         }
 
         if (!ackSuccess) {
-          log(`ERROR: All ${MAX_ACK_ATTEMPTS} ACK attempts failed for ${approvalId}. Allowing locally anyway to prevent total stall, though duplicate execution risk exists.`);
+          log(`[TRACE] ERROR: All ${MAX_ACK_ATTEMPTS} ACK attempts failed for ${approvalId}. Allowing locally anyway.`);
+        }
+
+        // Timeline: ACK completed (mobile approvals only - more detail for mobile)
+        if (status.decision_location === 'mobile') {
+          try {
+            await fetchJson(`${RELAY_API_URL}/api/timeline`, {
+              method: 'POST',
+              headers: {
+                'Content-Type': 'application/json',
+                'Authorization': `Bearer ${RELAY_API_KEY}`
+              },
+              body: JSON.stringify({
+                session_id: approval_session_id,
+                type: 'approval_acknowledged',
+                source,
+                data: {
+                  tool_name,
+                  approval_id: approvalId,
+                  ack_success: ackSuccess,
+                  ack_attempts: ackAttempts,
+                  message: ackSuccess
+                    ? 'Approval acknowledged - executing tool locally'
+                    : 'ACK failed but proceeding anyway'
+                }
+              })
+            });
+          } catch (e) {
+            log(`Warning: Failed to log timeline event: ${e.message}`);
+          }
         }
 
+        log('[TRACE] Returning allow decision to Claude Code');
         const out = {
           hookSpecificOutput: {
             hookEventName: 'PermissionRequest',
-            permissionDecision: 'allow',
-            permissionDecisionReason: 'Approved remotely via Teleportation'
-          },
-          suppressOutput: true
+            decision: {
+              behavior: 'allow'
+            }
+          }
         };
-        stdout.write(JSON.stringify(out));
+        stdout.write(JSON.stringify(out) + '\n');
+        log('[TRACE] Wrote allow decision to stdout with newline');
+        log('[TRACE] Hook exiting with exit(0)');
         return exit(0);
       }
 
@@ -400,8 +684,9 @@ const fetchJson = async (url, opts) => {
               'Authorization': `Bearer ${RELAY_API_KEY}`
             },
             body: JSON.stringify({
-              session_id,
+              session_id: approval_session_id,
               type: 'tool_denied',
+              source,
               data: {
                 tool_name,
                 tool_input: tool_input || {},
@@ -418,12 +703,14 @@ const fetchJson = async (url, opts) => {
         const out = {
           hookSpecificOutput: {
             hookEventName: 'PermissionRequest',
-            permissionDecision: 'deny',
-            permissionDecisionReason: 'Denied remotely via Teleportation'
-          },
-          suppressOutput: true
+            decision: {
+              behavior: 'deny',
+              message: status.decision_reason || 'Denied remotely via Teleportation'
+            }
+          }
         };
-        stdout.write(JSON.stringify(out));
+        stdout.write(JSON.stringify(out) + '\n');
+        log('[TRACE] Wrote deny decision to stdout with newline');
         return exit(0);
       }
 
@@ -443,30 +730,10 @@ const fetchJson = async (url, opts) => {
     await sleep(POLLING_INTERVAL_MS);
   }
 
-  // Timeout while user is away - hand off to daemon
-  log('Fast-path approval timeout - handing off to daemon');
-
-  try {
-    await fetch(`${RELAY_API_URL}/api/sessions/${session_id}/daemon-state`, {
-      method: 'PATCH',
-      headers: {
-        'Content-Type': 'application/json',
-        'Authorization': `Bearer ${RELAY_API_KEY}`
-      },
-      body: JSON.stringify({ last_approval_location: 'daemon_handoff', is_away: true })
-    });
-  } catch (e) {
-    log(`Warning: Failed to update daemon-state for handoff: ${e.message}`);
-  }
-
-  const out = {
-    hookSpecificOutput: {
-      hookEventName: 'PermissionRequest',
-      permissionDecision: 'deny',
-      permissionDecisionReason: '⏳ Teleportation: waiting for mobile approval timed out. This request was handed off to the daemon and will run in the background once approved.'
-    },
-    suppressOutput: true
-  };
-  stdout.write(JSON.stringify(out));
-  return exit(0);
+  // Safety fallback: should never reach here, but if loop exits unexpectedly, deny
+  log('ERROR: Polling loop exited unexpectedly - this should not happen');
+  return process.stdout.write(JSON.stringify({
+    decision: 'deny',
+    reason: 'Internal error: polling loop exited unexpectedly'
+  }));
 })();

package/.claude/hooks/post_tool_use.mjs

@@ -15,6 +15,56 @@
 
 import { stdin, stdout, exit, env } from 'node:process';
 import { appendFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { join, dirname } from 'node:path';
+import { fileURLToPath } from 'node:url';
+
+// Get __dirname equivalent for ES modules
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+
+/**
+ * Try to import transcript-ingestion from multiple possible paths
+ * This makes the hook work in both development and installed contexts
+ *
+ * IMPORTANT: Only catches module-not-found errors. Syntax errors, runtime
+ * errors, and other exceptions are re-thrown immediately for debugging.
+ */
+async function tryImportTranscriptIngestion() {
+  const possiblePaths = [
+    // If installed globally to ~/.claude/hooks/, lib is in ~/.teleportation/lib/daemon/
+    () => join(homedir(), '.teleportation', 'lib', 'daemon', 'transcript-ingestion.js'),
+    // If hook is still in project directory
+    () => join(process.cwd(), 'lib', 'daemon', 'transcript-ingestion.js'),
+    // Try relative to hook location (development)
+    () => join(__dirname, '..', '..', 'lib', 'daemon', 'transcript-ingestion.js')
+  ];
+
+  let lastError;
+
+  for (const getPath of possiblePaths) {
+    const modulePath = getPath();
+    try {
+      const module = await import(modulePath);
+      return module;
+    } catch (e) {
+      lastError = e;
+
+      // Only skip module-not-found errors - try next path
+      // Re-throw syntax errors, runtime errors, reference errors immediately
+      if (e.code === 'ERR_MODULE_NOT_FOUND' || e.code === 'ENOENT') {
+        continue; // Module doesn't exist at this path, try next
+      }
+
+      // Syntax error, runtime error, etc. - throw immediately with context
+      console.error(`[post_tool_use] Failed to import transcript-ingestion from ${modulePath}:`, e.message);
+      throw e;
+    }
+  }
+
+  // If we get here, module wasn't found in any location
+  throw new Error(`Could not find transcript-ingestion module in any expected location. Last error: ${lastError?.message || 'unknown'}`);
+}
 
 const readStdin = () => new Promise((resolve, reject) => {
   let data = '';
@@ -207,6 +257,10 @@ function buildErrorMessage(tool_output) {
   const { session_id, tool_name, tool_input, tool_output, tool_use_id } = input || {};
   log(`Session: ${session_id}, Tool: ${tool_name}, tool_use_id: ${tool_use_id || 'none'}`);
 
+  // Detect message source
+  const isAutonomousTask = env.TELEPORTATION_TASK_MODE === 'true' || !!env.TELEPORTATION_PARENT_SESSION_ID;
+  const source = isAutonomousTask ? 'autonomous_task' : 'cli_interactive';
+
   // Validate session_id
   if (!isValidSessionId(session_id)) {
     log(`ERROR: Invalid session_id format: ${session_id}`);
@@ -339,6 +393,7 @@ function buildErrorMessage(tool_output) {
       body: JSON.stringify({
         session_id,
         type: completionEventType,
+        source,
         data: completionEventData
       })
     });
@@ -362,6 +417,7 @@ function buildErrorMessage(tool_output) {
         body: JSON.stringify({
           session_id,
           type: 'tool_error',
+          source,
           data: {
             tool_name,
             tool_input,
@@ -387,6 +443,7 @@ function buildErrorMessage(tool_output) {
       body: JSON.stringify({
         session_id,
         type: 'tool_executed',
+        source,
         data: {
           tool_name,
           tool_input,
@@ -401,6 +458,39 @@ function buildErrorMessage(tool_output) {
     log(`Failed to record legacy tool_executed: ${e.message}`);
   }
 
+  // =========================================================================
+  // Real-time transcript ingestion after each tool execution
+  // Ensures timeline stays in sync with assistant responses
+  // =========================================================================
+
+  try {
+    // Import transcript ingestion from multiple possible locations (works in dev + installed contexts)
+    const transcriptModule = await tryImportTranscriptIngestion();
+    const { ingestTranscriptToTimeline } = transcriptModule;
+
+    const claude_session_id = env.CLAUDE_SESSION_ID || session_id;
+    const cwd = env.TELEPORTATION_CWD || process.cwd();
+
+    // Use real-time mode flag to only process recent events (max 10)
+    await ingestTranscriptToTimeline({
+      claude_session_id,
+      parent_session_id: session_id,
+      task_id: null,
+      cwd,
+      config: {
+        relayApiUrl: RELAY_API_URL,
+        apiKey: RELAY_API_KEY
+      },
+      realTimeMode: true, // Fast mode - only recent events
+      maxEvents: 10 // Limit to 10 most recent events (prevents blocking hook)
+    });
+
+    log(`Real-time transcript ingestion completed`);
+  } catch (e) {
+    log(`Real-time transcript ingestion failed (non-fatal): ${e.message}`);
+    // Don't fail the hook if ingestion fails - this is a best-effort feature
+  }
+
   // PostToolUse hooks don't need to output anything
   return exit(0);
 })();