thumbgate 1.27.9 → 1.27.11

package/scripts/hook-stop-anti-claim.js

@@ -0,0 +1,369 @@
+#!/usr/bin/env node
+'use strict';
+
+/**
+ * Stop hook: anti-claim enforcement.
+ *
+ * Scans the assistant's most recent turn (assistant text + same-turn tool_use
+ * blocks) and blocks the "deployed / live / done / fixed / ready" claim
+ * unless that same turn included a proof tool call (curl / grep / test).
+ *
+ * Why: CLAUDE.md anti-lying directive ("Never claim fix done until
+ * committed+pushed. Never claim 'ready' without running e2e.") was
+ * aspirational, not enforced. Per CEO 2026-05-13 feedback after a session in
+ * which 5+ unverified claims slipped through, this is the harness-level
+ * enforcement that ends the recurring trust-burn pattern. ThumbGate-on-
+ * ThumbGate dogfood — we are the prevention-rule generator and a perfect
+ * customer for our own gate.
+ *
+ * Wires through .claude/settings.json Stop hooks list. Always exits 0 and
+ * emits a Claude-hook `decision:"block"` JSON payload when a final-response
+ * violation can be evaluated before the response is accepted. Transcript-only
+ * runs still surface a reminder for the next turn when the host has already
+ * written the assistant response.
+ *
+ * Stdin: Claude Code passes the hook payload as JSON on stdin. We read
+ * `transcript_path` to locate the JSONL session log and scan the last
+ * assistant message.
+ *
+ * Stdout: any text printed is shown to the agent on the next turn.
+ */
+
+const fs = require('node:fs');
+
+// Lie-phrase patterns. These match common "claim of completion" wording
+// the agent emits without verification. Word-boundary anchored to avoid
+// false positives ("ready-made", "live-streaming", etc).
+const CLAIM_PATTERNS = [
+  /\bis\s+live\b/i,
+  /\bnow\s+live\b/i,
+  /\bgoing\s+live\b/i,
+  /\bdeployed\b(?!\s*(yet|to\s+staging|on\s+a\s+branch))/i,
+  /\b(?:is|are|it'?s)\s+(?:now\s+)?(?:fully\s+)?(?:fixed|resolved|merged|shipped)\b/i,
+  /\bproduction[-\s]ready\b/i,
+  /\beverything\s+(?:is\s+)?(?:done|working|ready)\b/i,
+  /\b(?:github|repo|repository)\s+(?:about|metadata|description|topics?)\b.*\b(?:updated|verified|fixed|match(?:es|ed)?)\b/i,
+  /\b(?:about|metadata|description|topics?)\b.*\b(?:updated|verified|fixed|match(?:es|ed)?)\b.*\b(?:github|repo|repository)\b/i,
+  /\b(?:money|payment|charge|checkout|revenue|price|pricing|invoice|billing|tax|sales tax|inventory|stock|permission|access|customer[-\s]facing)\b.*\b(?:correct|accurate|verified|valid|matches|working|fixed|resolved|calculated|configured)\b/i,
+  /\b(?:correct|accurate|verified|valid|matches|working|fixed|resolved|calculated|configured)\b.*\b(?:money|payment|charge|checkout|revenue|price|pricing|invoice|billing|tax|sales tax|inventory|stock|permission|access|customer[-\s]facing)\b/i,
+];
+
+// Proof-of-verification patterns. If the SAME turn included one of these
+// tool calls or shell command tokens, the claim is considered backed and
+// the hook stays silent.
+const PROOF_PATTERNS = [
+  /\bcurl\b/,
+  /\bgh\s+pr\s+(?:view|checks|status)\b/,
+  /\bgh\s+run\s+view\b/,
+  /\bgh\s+api\b/,
+  /\bnode\s+--test\b/,
+  /\bnpm\s+(?:run\s+)?test\b/,
+  /\bnpm\s+pack\b/,
+  /\bjest\b/,
+  /\bmocha\b/,
+  /\bpytest\b/,
+  /\bplaywright\b/,
+  /\bgrep\b/,
+  /\bstripe\b/,
+  /\bplaid\b/,
+  /\bshopify\b/,
+  /\bsquare\b/,
+  /\bquickbooks\b/,
+  /\bgh\s+api\b/,
+  /\bls\b/,
+  /\bcat\b/,
+  /Read\s*\(/, // Claude Code Read tool call
+  /Bash\s*\(/, // Claude Code Bash tool call
+];
+
+const POSITIVE_FEEDBACK_PATTERNS = [
+  /\bthumbs?\s*up\b/i,
+  /👍/,
+  /\bthank(s| you)\b/i,
+  /\bgood\b/i,
+  /\bgreat\b/i,
+  /\bperfect\b/i,
+  /\bok(?:ay)?\b/i,
+];
+
+const LOW_VALUE_CLOSEOUT_PATTERNS = [
+  /^(?:good|great|perfect|ok(?:ay)?|thanks?|thank you)[.!,\s-]*(?:$|\b)/i,
+  /\buse\s+\w+\s*\/\s*\w+\b/i,
+  /\bsounds good\b/i,
+];
+
+const SUBSTANTIVE_CLOSEOUT_PATTERNS = [
+  /\b(?:evidence|verified|tested|proof|result|residual risk|next state|next action|timestamp|source|url|file|line|passed|failed|blocked|unknown)\b/i,
+  /\b(?:node --test|npm run|curl|gh |git |pytest|playwright|screenshot|diff --check)\b/i,
+  /https?:\/\//i,
+  /\/[\w.-]+\/[\w./-]+/,
+  /`[^`]+`/,
+];
+
+function readTranscriptEntries(transcriptPath) {
+  if (!transcriptPath || !fs.existsSync(transcriptPath)) return [];
+  let content;
+  try {
+    content = fs.readFileSync(transcriptPath, 'utf8');
+  } catch {
+    return [];
+  }
+  return content
+    .trim()
+    .split('\n')
+    .map((raw) => {
+      try {
+        return JSON.parse(raw);
+      } catch {
+        return null;
+      }
+    })
+    .filter(Boolean);
+}
+
+function readLastAssistantTurn(transcriptPath) {
+  const entries = readTranscriptEntries(transcriptPath);
+  // Walk backwards to find the last assistant message
+  for (let i = entries.length - 1; i >= 0; i--) {
+    const entry = entries[i];
+    if (entry.type === 'assistant' && entry.message) {
+      return entry.message;
+    }
+  }
+  return null;
+}
+
+function readPreviousUserText(transcriptPath) {
+  const entries = readTranscriptEntries(transcriptPath);
+  let seenAssistant = false;
+  for (let i = entries.length - 1; i >= 0; i--) {
+    const entry = entries[i];
+    if (!seenAssistant && entry.type === 'assistant') {
+      seenAssistant = true;
+      continue;
+    }
+    if (seenAssistant && entry.type === 'user' && entry.message) {
+      return extractText(entry.message);
+    }
+  }
+  return '';
+}
+
+function extractText(message) {
+  if (!message || !Array.isArray(message.content)) return '';
+  return message.content
+    .filter((b) => b && typeof b.text === 'string')
+    .map((b) => b.text)
+    .join('\n');
+}
+
+function extractToolUseSummary(message) {
+  if (!message || !Array.isArray(message.content)) return '';
+  return message.content
+    .filter((b) => b?.type === 'tool_use')
+    .map((b) => {
+      const name = b.name || 'tool';
+      let summary = '';
+      if (b.input && typeof b.input === 'object') {
+        if (typeof b.input.command === 'string') summary = b.input.command;
+        else if (typeof b.input.file_path === 'string') summary = b.input.file_path;
+        else if (typeof b.input.query === 'string') summary = b.input.query;
+        else summary = JSON.stringify(b.input).slice(0, 200);
+      }
+      return `${name}: ${summary}`;
+    })
+    .join('\n');
+}
+
+function wordCount(text) {
+  return String(text || '').trim().split(/\s+/).filter(Boolean).length;
+}
+
+function hasPositiveFeedback(text) {
+  return POSITIVE_FEEDBACK_PATTERNS.some((p) => p.test(text || ''));
+}
+
+function isLowValueCloseout(text, toolUseSummary = '') {
+  const normalized = String(text || '').trim();
+  if (!normalized) return false;
+  if (toolUseSummary.trim()) return false;
+  if (wordCount(normalized) > 45) return false;
+  if (SUBSTANTIVE_CLOSEOUT_PATTERNS.some((p) => p.test(normalized))) return false;
+  return LOW_VALUE_CLOSEOUT_PATTERNS.some((p) => p.test(normalized));
+}
+
+function findClaim(text) {
+  for (const p of CLAIM_PATTERNS) {
+    const m = text.match(p);
+    if (m) return m[0];
+  }
+  return null;
+}
+
+function hasProof(combined) {
+  return PROOF_PATTERNS.some((p) => p.test(combined));
+}
+
+function extractPayloadText(payload) {
+  if (!payload || typeof payload !== 'object') return '';
+  const candidates = [
+    payload.response,
+    payload.assistant_response,
+    payload.assistantResponse,
+    payload.final_response,
+    payload.finalResponse,
+    payload.text,
+    payload.output,
+    payload.message,
+  ];
+  for (const candidate of candidates) {
+    if (typeof candidate === 'string' && candidate.trim()) return candidate;
+    if (candidate && typeof candidate === 'object') {
+      const extracted = extractText(candidate);
+      if (extracted.trim()) return extracted;
+    }
+  }
+  return '';
+}
+
+function extractPayloadPreviousUserText(payload) {
+  if (!payload || typeof payload !== 'object') return '';
+  const candidates = [
+    payload.previous_user_text,
+    payload.previousUserText,
+    payload.user_prompt,
+    payload.userPrompt,
+    payload.prompt,
+  ];
+  for (const candidate of candidates) {
+    if (typeof candidate === 'string' && candidate.trim()) return candidate;
+    if (candidate && typeof candidate === 'object') {
+      const extracted = extractText(candidate);
+      if (extracted.trim()) return extracted;
+    }
+  }
+  return '';
+}
+
+function buildResponseQualityReason() {
+  return [
+    'ThumbGate response-quality gate: final response answered positive feedback',
+    'with a low-value social closeout instead of silence-level brevity or an evidence checkpoint.',
+    'Positive feedback after operational work should trigger either no extra noise,',
+    'a compact evidence checkpoint, or a concrete next-state update.',
+    'Do not reply with generic "Good / Great / Use X/Y" filler.',
+  ].join(' ');
+}
+
+function buildResponseQualityReminder() {
+  return [
+    '⚠️ ThumbGate response-quality gate: previous turn answered positive feedback',
+    '   with a low-value social closeout instead of silence-level brevity or an evidence checkpoint.',
+    '   Positive feedback after operational work should trigger either no extra noise,',
+    '   a compact evidence checkpoint, or a concrete next-state update.',
+    '   Do not reply with generic "Good / Great / Use X/Y" filler.',
+  ].join('\n');
+}
+
+function writeBlock(reason) {
+  process.stdout.write(JSON.stringify({
+    decision: 'block',
+    reason,
+    hookSpecificOutput: {
+      hookEventName: 'Stop',
+      permissionDecision: 'deny',
+      permissionDecisionReason: reason,
+    },
+  }) + '\n');
+}
+
+function readStdinSync() {
+  try {
+    return fs.readFileSync(0, 'utf8');
+  } catch {
+    return '';
+  }
+}
+
+function main() {
+  const raw = readStdinSync();
+  let payload = {};
+  try {
+    payload = raw ? JSON.parse(raw) : {};
+  } catch {
+    payload = {};
+  }
+
+  const transcriptPath = payload.transcript_path || process.env.CLAUDE_TRANSCRIPT_PATH;
+  const directText = extractPayloadText(payload) || process.env.CLAUDE_RESPONSE || '';
+  const directPreviousUserText = extractPayloadPreviousUserText(payload)
+    || process.env.CLAUDE_PREVIOUS_USER_TEXT
+    || process.env.CLAUDE_PREVIOUS_USER
+    || '';
+
+  if (directText && hasPositiveFeedback(directPreviousUserText) && isLowValueCloseout(directText, '')) {
+    writeBlock(buildResponseQualityReason());
+    return;
+  }
+
+  const message = readLastAssistantTurn(transcriptPath);
+  if (!message) return; // no transcript visible; nothing to check
+
+  const text = extractText(message);
+  const toolUseSummary = extractToolUseSummary(message);
+  const previousUserText = readPreviousUserText(transcriptPath);
+
+  if (hasPositiveFeedback(previousUserText) && isLowValueCloseout(text, toolUseSummary)) {
+    process.stdout.write(buildResponseQualityReminder() + '\n');
+    return;
+  }
+
+  const claim = findClaim(text);
+  if (!claim) return; // no completion claim made; silent
+
+  const proofText = `${text}\n${toolUseSummary}`;
+  if (hasProof(proofText)) return; // claim backed by proof in same turn
+
+  // Surface a system reminder for the NEXT turn. Do not hard-block.
+  const reminder = [
+    '⚠️ ThumbGate anti-claim gate: previous turn claimed completion',
+    `   ("${claim}") without a proof tool call in the same message.`,
+    '   Per CLAUDE.md anti-lying: never claim "done / live / deployed / fixed"',
+    '   or commercial truth (money / tax / inventory / permissions / customer-facing state)',
+    '   without curl / grep / test / source-of-truth output in the SAME turn.',
+    '   If the work really is verified, re-state the claim with the proof.',
+    '   If not, retract and run the verification before re-asserting.',
+  ].join('\n');
+  process.stdout.write(reminder + '\n');
+}
+
+// Path-resolve check instead of `require.main === module`. SonarCloud's
+// strict type inference (rule S3403) flags the === form as always-false
+// in CommonJS, and CLAUDE.md "Hard-Won Lessons" pins the path-based form
+// as the portable fix (incident 2026-04-21 / PR #1115). Resolve BOTH sides
+// so the comparison is between two normalized absolute paths.
+const path = require('node:path');
+if (path.resolve(process.argv[1] || '') === path.resolve(__filename)) {
+  try {
+    main();
+  } catch {
+    // never crash the agent
+  }
+}
+
+module.exports = {
+  CLAIM_PATTERNS,
+  PROOF_PATTERNS,
+  POSITIVE_FEEDBACK_PATTERNS,
+  LOW_VALUE_CLOSEOUT_PATTERNS,
+  findClaim,
+  hasProof,
+  hasPositiveFeedback,
+  isLowValueCloseout,
+  extractPayloadText,
+  extractPayloadPreviousUserText,
+  buildResponseQualityReason,
+  extractText,
+  extractToolUseSummary,
+  readPreviousUserText,
+};

package/scripts/tool-registry.js

@@ -971,12 +971,12 @@ const TOOLS = [
   }),
   readOnlyTool({
     name: 'verify_claim',
-    description: 'Check whether a claim has enough tracked evidence before the agent asserts it.',
+    description: 'Check whether a claim has enough tracked evidence before the agent asserts it, including tests-pass, commercial truth, GitHub metadata, and anthropomorphic AI claims such as "the model understands" or "the agent decided".',
     inputSchema: {
       type: 'object',
       required: ['claim'],
       properties: {
-        claim: { type: 'string', description: 'The claim text to verify' },
+        claim: { type: 'string', description: 'The claim text to verify before assertion; human-like AI claims require anthropomorphic_claim_verified evidence.' },
         goalContract: GOAL_CONTRACT_SCHEMA,
       },
     },

package/src/api/server.js

@@ -3334,6 +3334,8 @@ function renderSitemapXml(runtimeConfig) {
     { path: '/learn/agentic-os-team-governance', changefreq: 'weekly', priority: '0.85' },
     { path: '/learn/cost-aware-agent-gate-routing', changefreq: 'weekly', priority: '0.85' },
     { path: '/learn/databricks-unity-ai-gateway-runtime-governance', changefreq: 'weekly', priority: '0.85' },
+    { path: '/learn/anthropomorphic-claim-gates', changefreq: 'weekly', priority: '0.85' },
+    { path: '/learn/agent-identity-connector-governance', changefreq: 'weekly', priority: '0.9' },
     { path: '/learn/pretix-stripe-connect-marketplaces', changefreq: 'weekly', priority: '0.9' },
     { path: '/compare/claude-code-hooks', changefreq: 'weekly', priority: '0.85' },
     { path: '/compare/bumblebee', changefreq: 'weekly', priority: '0.85' },