token-pilot 0.19.2 → 0.23.0

package/dist/hooks/adaptive-threshold.js

@@ -0,0 +1,46 @@
+/**
+ * Adaptive threshold: lower the effective denyThreshold as the Read-hook
+ * sees more suppressed-token activity in this session, so large-file reads
+ * become stricter the chattier the agent has been with big files.
+ *
+ * Piecewise curve, opt-in only:
+ *   pressure <  30% of budget → base threshold unchanged
+ *   pressure ≥  30%, < 60%    → base × 0.75
+ *   pressure ≥  60%, < 80%    → base × 0.5
+ *   pressure ≥  80%           → base × 0.3 (minimum 50 lines)
+ *
+ * Burn fraction = sessionSavedTokens / sessionBudgetTokens, where
+ * `sessionSavedTokens` is the sum of `savedTokens` entries in
+ * hook-events.jsonl for the current session_id. This is a PROXY for how
+ * aggressively the agent has been trying to pull large files, not a
+ * measurement of Claude Code's actual context-window occupancy — Token
+ * Pilot has no visibility into that. If the agent reads many files with
+ * bounded `offset/limit`, none of that contributes to the burn signal.
+ */
+const MIN_FLOOR_LINES = 50;
+export function computeEffectiveThreshold(input) {
+    const { baseThreshold, sessionSavedTokens, sessionBudgetTokens, enabled } = input;
+    if (!enabled)
+        return baseThreshold;
+    if (!Number.isFinite(sessionBudgetTokens) || sessionBudgetTokens <= 0) {
+        return baseThreshold;
+    }
+    if (!Number.isFinite(sessionSavedTokens) || sessionSavedTokens <= 0) {
+        return baseThreshold;
+    }
+    const burn = sessionSavedTokens / sessionBudgetTokens;
+    let multiplier;
+    if (burn < 0.3)
+        multiplier = 1;
+    else if (burn < 0.6)
+        multiplier = 0.75;
+    else if (burn < 0.8)
+        multiplier = 0.5;
+    else
+        multiplier = 0.3;
+    const scaled = Math.round(baseThreshold * multiplier);
+    if (multiplier === 1)
+        return baseThreshold;
+    return Math.max(scaled, MIN_FLOOR_LINES);
+}
+//# sourceMappingURL=adaptive-threshold.js.map

package/dist/hooks/format-deny-message.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Render a HookSummary into the body of a PreToolUse deny message.
+ *
+ * The formatted string becomes `hookSpecificOutput.permissionDecisionReason`
+ * when the hook decides to block a Read. It is the ONLY output the agent
+ * sees for the blocked call, so it carries both the structural summary and
+ * the escape-hatch instructions.
+ *
+ * Kept separate from the hook entry point for unit-testability.
+ */
+import type { HookSummary } from "./summary-types.js";
+import type { PipelineTier } from "./summary-pipeline.js";
+export interface FormatOptions {
+    filePath: string;
+    summary: HookSummary;
+    tier: PipelineTier;
+    /** Soft cap on the rendered message token count (estimated). Default 1200. */
+    maxTokens?: number;
+}
+export declare function formatDenyMessage(opts: FormatOptions): string;
+//# sourceMappingURL=format-deny-message.d.ts.map

package/dist/hooks/format-deny-message.js

@@ -0,0 +1,147 @@
+/**
+ * Render a HookSummary into the body of a PreToolUse deny message.
+ *
+ * The formatted string becomes `hookSpecificOutput.permissionDecisionReason`
+ * when the hook decides to block a Read. It is the ONLY output the agent
+ * sees for the blocked call, so it carries both the structural summary and
+ * the escape-hatch instructions.
+ *
+ * Kept separate from the hook entry point for unit-testability.
+ */
+const DEFAULT_MAX_TOKENS = 1200;
+function estimateTokens(text) {
+    if (text.length === 0)
+        return 0;
+    const charEstimate = Math.ceil(text.length / 4);
+    const whitespaceRatio = (text.match(/\s/g)?.length ?? 0) / text.length;
+    const adjustment = 1 - whitespaceRatio * 0.3;
+    return Math.ceil(charEstimate * adjustment);
+}
+function formatSignalLine(s) {
+    return `L${s.line}: ${s.text}`;
+}
+function header(opts) {
+    const { filePath, summary } = opts;
+    return (`File "${filePath}" has ${summary.totalLines} lines (~${summary.estimatedTokens} tokens).\n` +
+        `Read denied to save context; structural summary follows.`);
+}
+function footer() {
+    return [
+        "How to proceed:",
+        "- Structural overview (preferred): mcp__token-pilot__smart_read(path).",
+        "- For specific lines: Read(path, offset, limit) — bounded reads are passed through.",
+        "- For a single symbol: mcp__token-pilot__read_symbol(path, name).",
+        "- For edit context: mcp__token-pilot__read_for_edit(path, symbol).",
+        "- Full read (expensive): set TOKEN_PILOT_BYPASS=1 for this session.",
+    ].join("\n");
+}
+function partition(signals) {
+    const sections = {
+        imports: [],
+        exports: [],
+        declarations: [],
+        raws: [],
+    };
+    for (const s of signals) {
+        if (s.kind === "import")
+            sections.imports.push(s);
+        else if (s.kind === "export")
+            sections.exports.push(s);
+        else if (s.kind === "raw")
+            sections.raws.push(s);
+        else
+            sections.declarations.push(s);
+    }
+    return sections;
+}
+function renderSections(sections, note) {
+    const lines = [];
+    let signalLineCount = 0;
+    if (note) {
+        lines.push(`Note: ${note}`);
+        lines.push("");
+    }
+    if (sections.imports.length > 0) {
+        lines.push("=== Imports ===");
+        sections.imports.forEach((s) => {
+            lines.push(formatSignalLine(s));
+            signalLineCount++;
+        });
+        lines.push("");
+    }
+    if (sections.exports.length > 0) {
+        lines.push("=== Exports / Public symbols ===");
+        sections.exports.forEach((s) => {
+            lines.push(formatSignalLine(s));
+            signalLineCount++;
+        });
+        lines.push("");
+    }
+    if (sections.declarations.length > 0) {
+        lines.push("=== Declarations ===");
+        sections.declarations.forEach((s) => {
+            lines.push(formatSignalLine(s));
+            signalLineCount++;
+        });
+        lines.push("");
+    }
+    if (sections.raws.length > 0) {
+        lines.push("=== Content preview (head + tail) ===");
+        sections.raws.forEach((s) => {
+            lines.push(formatSignalLine(s));
+            signalLineCount++;
+        });
+        lines.push("");
+    }
+    return { body: lines.join("\n"), signalLineCount };
+}
+export function formatDenyMessage(opts) {
+    const maxTokens = opts.maxTokens ?? DEFAULT_MAX_TOKENS;
+    // Build with full signal list first.
+    let sections = partition(opts.summary.signals);
+    let { body } = renderSections(sections, opts.summary.note);
+    let message = [header(opts), "", body, footer()].join("\n");
+    let trimmed = false;
+    // If we overflow, drop signals from the END of each section in lockstep
+    // until we fit. Keeps the overall signal distribution intact.
+    while (estimateTokens(message) > maxTokens) {
+        const totalSignals = sections.imports.length +
+            sections.exports.length +
+            sections.declarations.length +
+            sections.raws.length;
+        if (totalSignals === 0)
+            break;
+        // Trim 10 % of remaining signals per pass (minimum 1) to converge quickly.
+        const drop = Math.max(1, Math.floor(totalSignals * 0.1));
+        let toDrop = drop;
+        for (const bucket of [
+            "raws",
+            "declarations",
+            "exports",
+            "imports",
+        ]) {
+            while (toDrop > 0 && sections[bucket].length > 0) {
+                sections[bucket].pop();
+                toDrop--;
+            }
+            if (toDrop === 0)
+                break;
+        }
+        trimmed = true;
+        ({ body } = renderSections(sections, opts.summary.note));
+        message = [header(opts), "", body, footer()].join("\n");
+    }
+    if (trimmed) {
+        const trimmedNote = "\n(trimmed to fit budget; call mcp__token-pilot__outline(path) for full structure)";
+        message = [
+            header(opts),
+            "",
+            body.trimEnd(),
+            trimmedNote,
+            "",
+            footer(),
+        ].join("\n");
+    }
+    return message;
+}
+//# sourceMappingURL=format-deny-message.js.map

package/dist/hooks/installer.js

@@ -1,5 +1,5 @@
-import { readFile, writeFile, mkdir } from 'node:fs/promises';
-import { resolve, dirname } from 'node:path';
+import { readFile, writeFile, mkdir } from "node:fs/promises";
+import { resolve, dirname } from "node:path";
 /**
  * Build hook command that works in any shell (/bin/sh, bash, etc.)
  * Uses absolute paths to node + script to avoid PATH/nvm issues.
@@ -21,7 +21,7 @@ function createHookConfig(options) {
                     hooks: [
                         {
                             type: "command",
-                            command: buildHookCommand('hook-read', options),
+                            command: buildHookCommand("hook-read", options),
                         },
                     ],
                 },
@@ -30,7 +30,37 @@ function createHookConfig(options) {
                     hooks: [
                         {
                             type: "command",
-                            command: buildHookCommand('hook-edit', options),
+                            command: buildHookCommand("hook-edit", options),
+                        },
+                    ],
+                },
+            ],
+            SessionStart: [
+                {
+                    hooks: [
+                        {
+                            type: "command",
+                            command: buildHookCommand("hook-session-start", options),
+                        },
+                    ],
+                },
+            ],
+            PostToolUse: [
+                {
+                    matcher: "Bash",
+                    hooks: [
+                        {
+                            type: "command",
+                            command: buildHookCommand("hook-post-bash", options),
+                        },
+                    ],
+                },
+                {
+                    matcher: "Task",
+                    hooks: [
+                        {
+                            type: "command",
+                            command: buildHookCommand("hook-post-task", options),
                         },
                     ],
                 },
@@ -46,9 +76,13 @@ export async function installHook(projectRoot, options) {
     // Skip auto-install when running as a Claude Code plugin —
     // the plugin system already registers hooks via .claude-plugin/hooks/hooks.json
     if (process.env.CLAUDE_PLUGIN_ROOT) {
-        return { installed: false, fatal: false, message: 'Running as plugin — hooks registered via plugin system.' };
+        return {
+            installed: false,
+            fatal: false,
+            message: "Running as plugin — hooks registered via plugin system.",
+        };
     }
-    const settingsPath = resolve(projectRoot, '.claude', 'settings.json');
+    const settingsPath = resolve(projectRoot, ".claude", "settings.json");
     const hookConfig = createHookConfig(options);
     try {
         // Ensure .claude dir exists
@@ -56,7 +90,7 @@ export async function installHook(projectRoot, options) {
         let settings = {};
         // Try to read existing settings
         try {
-            const raw = await readFile(settingsPath, 'utf-8');
+            const raw = await readFile(settingsPath, "utf-8");
             try {
                 settings = JSON.parse(raw);
             }
@@ -70,7 +104,7 @@ export async function installHook(projectRoot, options) {
             }
         }
         catch (err) {
-            if (err?.code !== 'ENOENT') {
+            if (err?.code !== "ENOENT") {
                 return {
                     installed: false,
                     fatal: true,
@@ -81,24 +115,32 @@ export async function installHook(projectRoot, options) {
         }
         // Check which Token Pilot hooks already exist
         const existingHooks = settings.hooks?.PreToolUse;
-        const isTokenPilotHook = (h) => h.hooks?.some((hook) => hook.command?.includes('token-pilot'));
+        const isTokenPilotHook = (h) => h.hooks?.some((hook) => hook.command?.includes("token-pilot"));
         if (Array.isArray(existingHooks)) {
             // Remove old broken hooks (bare "token-pilot" without absolute path)
             // and replace with working ones using absolute paths
-            const oldBrokenHooks = existingHooks.filter((h) => isTokenPilotHook(h) && h.hooks?.some((hook) => hook.command?.match(/^token-pilot\s/) // bare command without path
-            ));
+            const oldBrokenHooks = existingHooks.filter((h) => isTokenPilotHook(h) &&
+                h.hooks?.some((hook) => hook.command?.match(/^token-pilot\s/)));
             if (oldBrokenHooks.length > 0 && options?.scriptPath) {
                 // Remove old broken hooks, will re-add with absolute paths below
                 settings.hooks.PreToolUse = existingHooks.filter((h) => !isTokenPilotHook(h));
             }
             else {
-                const hasRead = existingHooks.some((h) => h.matcher === 'Read' && isTokenPilotHook(h));
-                const hasEdit = existingHooks.some((h) => h.matcher === 'Edit' && isTokenPilotHook(h));
-                if (hasRead && hasEdit) {
-                    return { installed: false, fatal: false, message: 'Token Pilot hooks already installed.' };
+                const hasRead = existingHooks.some((h) => h.matcher === "Read" && isTokenPilotHook(h));
+                const hasEdit = existingHooks.some((h) => h.matcher === "Edit" && isTokenPilotHook(h));
+                const hasSessionStart = Array.isArray(settings.hooks?.SessionStart) &&
+                    settings.hooks.SessionStart.some(isTokenPilotHook);
+                const hasPostBashHook = Array.isArray(settings.hooks?.PostToolUse) &&
+                    settings.hooks.PostToolUse.some(isTokenPilotHook);
+                if (hasRead && hasEdit && hasSessionStart && hasPostBashHook) {
+                    return {
+                        installed: false,
+                        fatal: false,
+                        message: "Token Pilot hooks already installed.",
+                    };
                 }
             }
-            // Add missing hooks
+            // Add missing PreToolUse hooks
             for (const hookDef of hookConfig.hooks.PreToolUse) {
                 const exists = settings.hooks.PreToolUse.some((h) => h.matcher === hookDef.matcher && isTokenPilotHook(h));
                 if (!exists) {
@@ -112,7 +154,30 @@ export async function installHook(projectRoot, options) {
                 settings.hooks = {};
             settings.hooks.PreToolUse = hookConfig.hooks.PreToolUse;
         }
-        await writeFile(settingsPath, JSON.stringify(settings, null, 2) + '\n');
+        // Install SessionStart hook idempotently
+        const existingSessionStart = settings.hooks?.SessionStart;
+        const hasSessionStart = Array.isArray(existingSessionStart) &&
+            existingSessionStart.some(isTokenPilotHook);
+        if (!hasSessionStart) {
+            if (!settings.hooks)
+                settings.hooks = {};
+            if (!Array.isArray(settings.hooks.SessionStart)) {
+                settings.hooks.SessionStart = [];
+            }
+            settings.hooks.SessionStart.push(...hookConfig.hooks.SessionStart);
+        }
+        // Install PostToolUse (Bash advisor) hook idempotently
+        const existingPost = settings.hooks?.PostToolUse;
+        const hasPostBash = Array.isArray(existingPost) && existingPost.some(isTokenPilotHook);
+        if (!hasPostBash) {
+            if (!settings.hooks)
+                settings.hooks = {};
+            if (!Array.isArray(settings.hooks.PostToolUse)) {
+                settings.hooks.PostToolUse = [];
+            }
+            settings.hooks.PostToolUse.push(...hookConfig.hooks.PostToolUse);
+        }
+        await writeFile(settingsPath, JSON.stringify(settings, null, 2) + "\n");
         return {
             installed: true,
             fatal: false,
@@ -121,33 +186,63 @@ export async function installHook(projectRoot, options) {
     }
     catch (err) {
         const msg = err instanceof Error ? err.message : String(err);
-        return { installed: false, fatal: true, message: `Failed to install hook: ${msg}` };
+        return {
+            installed: false,
+            fatal: true,
+            message: `Failed to install hook: ${msg}`,
+        };
     }
 }
 /**
  * Remove Token Pilot hook from Claude Code settings.
  */
 export async function uninstallHook(projectRoot) {
-    const settingsPath = resolve(projectRoot, '.claude', 'settings.json');
+    const settingsPath = resolve(projectRoot, ".claude", "settings.json");
     try {
-        const raw = await readFile(settingsPath, 'utf-8');
+        const raw = await readFile(settingsPath, "utf-8");
         const settings = JSON.parse(raw);
-        if (!settings.hooks?.PreToolUse) {
-            return { removed: false, fatal: false, message: 'No hooks to remove.' };
+        const hasPreToolUse = !!settings.hooks?.PreToolUse;
+        const hasSessionStart = !!settings.hooks?.SessionStart;
+        const hasPostToolUse = !!settings.hooks?.PostToolUse;
+        if (!hasPreToolUse && !hasSessionStart && !hasPostToolUse) {
+            return { removed: false, fatal: false, message: "No hooks to remove." };
+        }
+        const isTokenPilotHook = (h) => h.hooks?.some((hook) => hook.command?.includes("token-pilot"));
+        if (Array.isArray(settings.hooks?.PreToolUse)) {
+            settings.hooks.PreToolUse = settings.hooks.PreToolUse.filter((h) => !isTokenPilotHook(h));
+            if (settings.hooks.PreToolUse.length === 0) {
+                delete settings.hooks.PreToolUse;
+            }
+        }
+        if (Array.isArray(settings.hooks?.SessionStart)) {
+            settings.hooks.SessionStart = settings.hooks.SessionStart.filter((h) => !isTokenPilotHook(h));
+            if (settings.hooks.SessionStart.length === 0) {
+                delete settings.hooks.SessionStart;
+            }
         }
-        settings.hooks.PreToolUse = settings.hooks.PreToolUse.filter((h) => !h.hooks?.some((hook) => hook.command?.includes('token-pilot')));
-        if (settings.hooks.PreToolUse.length === 0) {
-            delete settings.hooks.PreToolUse;
+        if (Array.isArray(settings.hooks?.PostToolUse)) {
+            settings.hooks.PostToolUse = settings.hooks.PostToolUse.filter((h) => !isTokenPilotHook(h));
+            if (settings.hooks.PostToolUse.length === 0) {
+                delete settings.hooks.PostToolUse;
+            }
         }
-        if (Object.keys(settings.hooks).length === 0) {
+        if (settings.hooks && Object.keys(settings.hooks).length === 0) {
             delete settings.hooks;
         }
-        await writeFile(settingsPath, JSON.stringify(settings, null, 2) + '\n');
-        return { removed: true, fatal: false, message: 'Token Pilot hook removed.' };
+        await writeFile(settingsPath, JSON.stringify(settings, null, 2) + "\n");
+        return {
+            removed: true,
+            fatal: false,
+            message: "Token Pilot hook removed.",
+        };
     }
     catch (err) {
-        if (err?.code === 'ENOENT') {
-            return { removed: false, fatal: false, message: 'Settings file not found.' };
+        if (err?.code === "ENOENT") {
+            return {
+                removed: false,
+                fatal: false,
+                message: "Settings file not found.",
+            };
         }
         if (err instanceof SyntaxError) {
             return {
@@ -156,7 +251,11 @@ export async function uninstallHook(projectRoot) {
                 message: `Settings file contains invalid JSON: ${settingsPath}. Fix it manually before uninstalling hooks.`,
             };
         }
-        return { removed: false, fatal: true, message: `Failed to process settings: ${err?.message ?? err}` };
+        return {
+            removed: false,
+            fatal: true,
+            message: `Failed to process settings: ${err?.message ?? err}`,
+        };
     }
 }
 //# sourceMappingURL=installer.js.map

package/dist/hooks/path-safety.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Path-safety check used by the PreToolUse hook before reading any file.
+ *
+ * Resolves both the target file and the project root through realpath
+ * (so symlinks cannot escape the sandbox), then requires the resolved
+ * file path to fall inside the resolved project directory. On any error
+ * (missing file, permission denied, realpath loop) we refuse — the hook
+ * will then pass-through rather than risk reading an attacker-crafted
+ * path.
+ *
+ * Sibling directories that share a common prefix (e.g. `/tmp/proj`
+ * vs `/tmp/proj-evil`) are rejected by forcing a path-separator on the
+ * normalised root.
+ */
+export declare function isPathWithinProject(filePath: string, projectRoot: string): boolean;
+//# sourceMappingURL=path-safety.d.ts.map

package/dist/hooks/path-safety.js

@@ -0,0 +1,34 @@
+/**
+ * Path-safety check used by the PreToolUse hook before reading any file.
+ *
+ * Resolves both the target file and the project root through realpath
+ * (so symlinks cannot escape the sandbox), then requires the resolved
+ * file path to fall inside the resolved project directory. On any error
+ * (missing file, permission denied, realpath loop) we refuse — the hook
+ * will then pass-through rather than risk reading an attacker-crafted
+ * path.
+ *
+ * Sibling directories that share a common prefix (e.g. `/tmp/proj`
+ * vs `/tmp/proj-evil`) are rejected by forcing a path-separator on the
+ * normalised root.
+ */
+import { realpathSync } from "node:fs";
+import { resolve, sep } from "node:path";
+export function isPathWithinProject(filePath, projectRoot) {
+    if (!filePath || !projectRoot)
+        return false;
+    let resolvedFile;
+    let resolvedRoot;
+    try {
+        resolvedFile = realpathSync(resolve(filePath));
+        resolvedRoot = realpathSync(resolve(projectRoot));
+    }
+    catch {
+        return false;
+    }
+    if (resolvedFile === resolvedRoot)
+        return true;
+    const prefix = resolvedRoot.endsWith(sep) ? resolvedRoot : resolvedRoot + sep;
+    return resolvedFile.startsWith(prefix);
+}
+//# sourceMappingURL=path-safety.js.map

package/dist/hooks/post-bash.d.ts

@@ -0,0 +1,46 @@
+/**
+ * TP-jzh — Bash output advisor.
+ *
+ * Claude Code's PostToolUse hook cannot modify or truncate `tool_response`
+ * (verified via Claude Code docs 2026-04-18 — the `updatedMCPToolOutput`
+ * field is MCP-only). The agent has already seen the full stdout by the
+ * time our hook fires.
+ *
+ * So the feature becomes an *advisory*: when Bash stdout is large, we
+ * append one line via `additionalContext` pointing the agent at cheaper
+ * alternatives (`mcp__token-pilot__test_summary` for tests, bounded
+ * commands, head/tail piping). The agent notices before it repeats the
+ * mistake on the next turn.
+ */
+export interface PostBashHookInput {
+    tool_name?: string;
+    tool_response?: unknown;
+}
+export interface PostBashAdvice {
+    /** Null when no advice is needed. */
+    additionalContext: string | null;
+    /** For telemetry: approximate output size the advisor saw. */
+    outputChars: number;
+}
+declare const LARGE_OUTPUT_THRESHOLD_CHARS = 8000;
+/**
+ * Pure decision function. Given a PostToolUse hook input for the Bash
+ * tool, return advice text (or null to stay silent).
+ */
+export interface PostBashAdviceOptions {
+    thresholdChars?: number;
+    /**
+     * When true, the advice also mentions context-mode — runs the command
+     * in a sandbox so only stdout enters context. Caller detects whether
+     * context-mode is installed and passes the flag.
+     */
+    contextModeAvailable?: boolean;
+}
+export declare function decidePostBashAdvice(input: PostBashHookInput, thresholdCharsOrOpts?: number | PostBashAdviceOptions): PostBashAdvice;
+/**
+ * Render the JSON payload Claude Code expects. Returns null for silent
+ * pass-through so the caller can simply `exit(0)` with no stdout.
+ */
+export declare function renderPostBashHookOutput(advice: PostBashAdvice): string | null;
+export { LARGE_OUTPUT_THRESHOLD_CHARS };
+//# sourceMappingURL=post-bash.d.ts.map

package/dist/hooks/post-bash.js

@@ -0,0 +1,77 @@
+/**
+ * TP-jzh — Bash output advisor.
+ *
+ * Claude Code's PostToolUse hook cannot modify or truncate `tool_response`
+ * (verified via Claude Code docs 2026-04-18 — the `updatedMCPToolOutput`
+ * field is MCP-only). The agent has already seen the full stdout by the
+ * time our hook fires.
+ *
+ * So the feature becomes an *advisory*: when Bash stdout is large, we
+ * append one line via `additionalContext` pointing the agent at cheaper
+ * alternatives (`mcp__token-pilot__test_summary` for tests, bounded
+ * commands, head/tail piping). The agent notices before it repeats the
+ * mistake on the next turn.
+ */
+const LARGE_OUTPUT_THRESHOLD_CHARS = 8000;
+function extractStdout(tool_response) {
+    if (!tool_response)
+        return "";
+    if (typeof tool_response === "string")
+        return tool_response;
+    if (typeof tool_response === "object") {
+        const r = tool_response;
+        const parts = [];
+        for (const key of ["stdout", "output", "content"]) {
+            const v = r[key];
+            if (typeof v === "string")
+                parts.push(v);
+        }
+        return parts.join("\n");
+    }
+    return "";
+}
+function countLines(s) {
+    if (s === "")
+        return 0;
+    return s.split(/\r?\n/).length;
+}
+export function decidePostBashAdvice(input, thresholdCharsOrOpts = LARGE_OUTPUT_THRESHOLD_CHARS) {
+    const opts = typeof thresholdCharsOrOpts === "number"
+        ? { thresholdChars: thresholdCharsOrOpts }
+        : thresholdCharsOrOpts;
+    const threshold = opts.thresholdChars ?? LARGE_OUTPUT_THRESHOLD_CHARS;
+    if (input.tool_name !== "Bash") {
+        return { additionalContext: null, outputChars: 0 };
+    }
+    const stdout = extractStdout(input.tool_response);
+    const chars = stdout.length;
+    if (chars < threshold) {
+        return { additionalContext: null, outputChars: chars };
+    }
+    const lines = countLines(stdout);
+    const roughTokens = Math.ceil(chars / 4);
+    const contextModeLine = opts.contextModeAvailable
+        ? " Or run via mcp__context-mode__execute — sandbox keeps stdout out of your window."
+        : "";
+    const msg = `⚠ Bash output was large (~${lines} lines, ~${roughTokens} tokens). ` +
+        `Consider mcp__token-pilot__test_summary for test runs, or bounded commands ` +
+        `(head/tail, --oneline, git log -n <N>, grep -m <N>) to keep context lean.` +
+        contextModeLine;
+    return { additionalContext: msg, outputChars: chars };
+}
+/**
+ * Render the JSON payload Claude Code expects. Returns null for silent
+ * pass-through so the caller can simply `exit(0)` with no stdout.
+ */
+export function renderPostBashHookOutput(advice) {
+    if (!advice.additionalContext)
+        return null;
+    return JSON.stringify({
+        hookSpecificOutput: {
+            hookEventName: "PostToolUse",
+            additionalContext: advice.additionalContext,
+        },
+    });
+}
+export { LARGE_OUTPUT_THRESHOLD_CHARS };
+//# sourceMappingURL=post-bash.js.map