claude-mpm 3.1.2__py3-none-any.whl → 3.1.3__py3-none-any.whl

claude_mpm/__main__.py

@@ -8,6 +8,7 @@ DESIGN DECISION: We only import and call the main function from the CLI module,
 keeping this file minimal and focused on its single responsibility.
 """
 
+import os
 import sys
 from pathlib import Path
 
@@ -17,5 +18,21 @@ sys.path.insert(0, str(Path(__file__).parent.parent))
 # Import main function from the new CLI module structure
 from claude_mpm.cli import main
 
+# Restore user's working directory if preserved by bash wrapper
+# WHY: The bash wrapper preserves the user's launch directory in CLAUDE_MPM_USER_PWD
+# to maintain proper file access permissions and security boundaries.
+# Python imports work via PYTHONPATH, so we can safely restore the original directory.
 if __name__ == "__main__":
+    user_pwd = os.environ.get('CLAUDE_MPM_USER_PWD')
+    if user_pwd and os.path.exists(user_pwd):
+        try:
+            os.chdir(user_pwd)
+            # Only log if debug is enabled
+            if os.environ.get('CLAUDE_MPM_DEBUG') == '1':
+                print(f"[INFO] Restored working directory to: {user_pwd}")
+        except Exception as e:
+            # If we can't change to user directory, continue but log warning
+            if os.environ.get('CLAUDE_MPM_DEBUG') == '1':
+                print(f"[WARNING] Could not restore working directory to {user_pwd}: {e}")
+    
     sys.exit(main())

claude_mpm/agents/INSTRUCTIONS.md

@@ -4,15 +4,30 @@
 # Claude Multi-Agent Project Manager Instructions
 
 ## Core Identity & Authority
-You are **Claude Multi-Agent Project Manager (claude-mpm)** - your **SOLE function** is **orchestration and delegation**. You are **FORBIDDEN** from direct work except:
+You are **Claude Multi-Agent Project Manager (claude-mpm)** - your **SOLE function** is **orchestration and delegation**. 
+
+### Permitted Actions (Exhaustive List)
 - **Task Tool** for delegation (primary function)
 - **TodoWrite** for tracking (with [Agent] prefixes)
 - **WebSearch/WebFetch** only for delegation requirements
 - **Direct answers** for PM role/capability questions only
-- **Direct work** only when explicitly authorized: "do this yourself", "don't delegate", "implement directly"
+- **Direct work** only when explicitly authorized with phrases like: "do this yourself", "don't delegate", "implement directly"
 
 **ABSOLUTE RULE**: ALL other work must be delegated to specialized agents via Task Tool.
 
+### Professional Standards
+- **Clarity Threshold**: Achieve 90% certainty of success before delegating. Ask clarifying questions when needed.
+- **Agent Standards**: Require the same 90% clarity threshold from your agents before they proceed.
+- **Project Validation**: Verify that requested tasks align with project context and question any incongruities.
+- **Communication Style**: 
+  - Avoid unnecessary affirmation or praise
+  - Never say "You're right!" (or similar) unless correctness was in question and validated by agent authority
+  - Focus on substance over pleasantries
+  - Ask direct questions when clarity is needed
+
+### Your Responsibility
+It is your **JOB** to ensure sufficient clarity before delegation. Set high standards for both yourself and your agents to ensure successful outcomes.
+
 ## Context-Aware Agent Selection
 - **PM role/capabilities questions**: Answer directly (only exception)
 - **Explanations/How-to questions**: Delegate to Documentation Agent

claude_mpm/cli/__init__.py

@@ -10,30 +10,35 @@ interface while organizing code into logical modules. The main() function
 remains the primary entry point for both direct execution and package imports.
 """
 
+import os
 import sys
 from pathlib import Path
 from typing import Optional
 
-from ..constants import CLICommands, LogLevel
-from .parser import create_parser, preprocess_args
-from .utils import ensure_directories, setup_logging
-from .commands import (
-    run_session,
-    list_tickets,
-    show_info,
-    manage_agents,
-    run_terminal_ui
-)
+from claude_mpm.utils.imports import safe_import
+
+# Import constants and utilities using safe_import pattern
+CLICommands, LogLevel = safe_import('claude_mpm.constants', None, ['CLICommands', 'LogLevel'])
+create_parser, preprocess_args = safe_import('claude_mpm.cli.parser', None, ['create_parser', 'preprocess_args'])
+ensure_directories, setup_logging = safe_import('claude_mpm.cli.utils', None, ['ensure_directories', 'setup_logging'])
+
+# Import commands
+run_session = safe_import('claude_mpm.cli.commands', None, ['run_session'])
+list_tickets = safe_import('claude_mpm.cli.commands', None, ['list_tickets'])
+show_info = safe_import('claude_mpm.cli.commands', None, ['show_info'])
+manage_agents = safe_import('claude_mpm.cli.commands', None, ['manage_agents'])
+run_terminal_ui = safe_import('claude_mpm.cli.commands', None, ['run_terminal_ui'])
 
 # Get version from VERSION file - single source of truth
 version_file = Path(__file__).parent.parent.parent / "VERSION"
 if version_file.exists():
     __version__ = version_file.read_text().strip()
 else:
-    # Try to import from package as fallback
-    try:
-        from .. import __version__
-    except ImportError:
+    # Try to import from package as fallback using safe_import
+    version_module = safe_import('claude_mpm', None)
+    if version_module and hasattr(version_module, '__version__'):
+        __version__ = version_module.__version__
+    else:
         # Default version if all else fails
         __version__ = "0.0.0"
 
@@ -75,6 +80,10 @@ def main(argv: Optional[list] = None):
     if hasattr(args, 'debug') and args.debug:
         logger.debug(f"Command: {args.command}")
         logger.debug(f"Arguments: {args}")
+        # Log working directory context
+        logger.debug(f"Working directory: {os.getcwd()}")
+        logger.debug(f"User PWD (from env): {os.environ.get('CLAUDE_MPM_USER_PWD', 'Not set')}")
+        logger.debug(f"Framework path: {os.environ.get('CLAUDE_MPM_FRAMEWORK_PATH', 'Not set')}")
     
     # Hook system note: Claude Code hooks are handled externally via the
     # hook_handler.py script installed in ~/.claude/settings.json

claude_mpm/cli/commands/agents.py

@@ -7,9 +7,12 @@ and cleaning agent deployments.
 
 from pathlib import Path
 
-from ...core.logger import get_logger
-from ...constants import AgentCommands
-from ..utils import get_agent_versions_display
+from claude_mpm.utils.imports import safe_import
+
+# Import dependencies using safe_import pattern
+get_logger = safe_import('claude_mpm.core.logger', None, ['get_logger'])
+AgentCommands = safe_import('claude_mpm.constants', None, ['AgentCommands'])
+get_agent_versions_display = safe_import('claude_mpm.cli.utils', None, ['get_agent_versions_display'])
 
 
 def manage_agents(args):
@@ -27,8 +30,19 @@ def manage_agents(args):
     """
     logger = get_logger("cli")
     
+    # Import AgentDeploymentService using safe_import pattern
+    AgentDeploymentService = safe_import(
+        'claude_mpm.services.agent_deployment',
+        None,
+        ['AgentDeploymentService']
+    )
+    
+    if not AgentDeploymentService:
+        logger.error("Agent deployment service not available")
+        print("Error: Agent deployment service not available")
+        return
+    
     try:
-        from ...services.agent_deployment import AgentDeploymentService
         deployment_service = AgentDeploymentService()
         
         if not args.agents_command:
@@ -55,9 +69,6 @@ def manage_agents(args):
         elif args.agents_command == AgentCommands.CLEAN.value:
             _clean_agents(args, deployment_service)
         
-    except ImportError:
-        logger.error("Agent deployment service not available")
-        print("Error: Agent deployment service not available")
     except Exception as e:
         logger.error(f"Error managing agents: {e}")
         print(f"Error: {e}")

claude_mpm/cli/commands/info.py

@@ -8,7 +8,10 @@ users understand their claude-mpm setup and troubleshoot issues.
 import shutil
 from pathlib import Path
 
-from ...core.logger import get_logger
+from claude_mpm.utils.imports import safe_import
+
+# Import logger using safe_import pattern
+get_logger = safe_import('claude_mpm.core.logger', None, ['get_logger'])
 
 
 def show_info(args):
@@ -25,10 +28,12 @@ def show_info(args):
     Args:
         args: Parsed command line arguments
     """
-    try:
-        from ...core.framework_loader import FrameworkLoader
-    except ImportError:
-        from claude_mpm.core.framework_loader import FrameworkLoader
+    # Import FrameworkLoader using safe_import pattern
+    FrameworkLoader = safe_import(
+        'claude_mpm.core.framework_loader',
+        None,
+        ['FrameworkLoader']
+    )
     
     print("Claude MPM - Multi-Agent Project Manager")
     print("=" * 50)

claude_mpm/cli/commands/run.py

@@ -9,9 +9,16 @@ import subprocess
 import sys
 from pathlib import Path
 
-from ...core.logger import get_logger
-from ...constants import LogLevel
-from ..utils import get_user_input, list_agent_versions_at_startup
+from claude_mpm.utils.imports import safe_import
+
+# Import with safe_import pattern for better error handling
+get_logger = safe_import('claude_mpm.core.logger', None, ['get_logger'])
+LogLevel = safe_import('claude_mpm.constants', None, ['LogLevel'])
+get_user_input, list_agent_versions_at_startup = safe_import(
+    'claude_mpm.cli.utils', 
+    None, 
+    ['get_user_input', 'list_agent_versions_at_startup']
+)
 
 
 def run_session(args):
@@ -28,14 +35,22 @@ def run_session(args):
     Args:
         args: Parsed command line arguments
     """
+    import os
     logger = get_logger("cli")
     if args.logging != LogLevel.OFF.value:
         logger.info("Starting Claude MPM session")
+        # Log working directory context
+        logger.info(f"Working directory: {os.getcwd()}")
+        if args.debug:
+            logger.debug(f"User PWD (from env): {os.environ.get('CLAUDE_MPM_USER_PWD', 'Not set')}")
+            logger.debug(f"Framework path: {os.environ.get('CLAUDE_MPM_FRAMEWORK_PATH', 'Not set')}")
     
-    try:
-        from ...core.simple_runner import SimpleClaudeRunner, create_simple_context
-    except ImportError:
-        from claude_mpm.core.simple_runner import SimpleClaudeRunner, create_simple_context
+    # Import SimpleClaudeRunner using safe_import pattern
+    SimpleClaudeRunner, create_simple_context = safe_import(
+        'claude_mpm.core.simple_runner',
+        None,
+        ['SimpleClaudeRunner', 'create_simple_context']
+    )
     
     # Skip native agents if disabled
     if getattr(args, 'no_native_agents', False):

claude_mpm/cli/commands/tickets.py

@@ -5,7 +5,10 @@ WHY: This module handles ticket listing functionality, allowing users to view
 recent tickets created during Claude sessions.
 """
 
-from ...core.logger import get_logger
+from claude_mpm.utils.imports import safe_import
+
+# Import logger using safe_import pattern
+get_logger = safe_import('claude_mpm.core.logger', None, ['get_logger'])
 
 
 def list_tickets(args):
@@ -24,12 +27,20 @@ def list_tickets(args):
     """
     logger = get_logger("cli")
     
+    # Import TicketManager using safe_import pattern
+    TicketManager = safe_import(
+        '...services.ticket_manager',
+        'claude_mpm.services.ticket_manager',
+        ['TicketManager']
+    )
+    
+    if not TicketManager:
+        logger.error("ai-trackdown-pytools not installed")
+        print("Error: ai-trackdown-pytools not installed")
+        print("Install with: pip install ai-trackdown-pytools")
+        return
+    
     try:
-        try:
-            from ...services.ticket_manager import TicketManager
-        except ImportError:
-            from claude_mpm.services.ticket_manager import TicketManager
-        
         ticket_manager = TicketManager()
         tickets = ticket_manager.list_recent_tickets(limit=args.limit)
         
@@ -54,10 +65,6 @@ def list_tickets(args):
             print(f"   Created: {ticket['created_at']}")
             print()
             
-    except ImportError:
-        logger.error("ai-trackdown-pytools not installed")
-        print("Error: ai-trackdown-pytools not installed")
-        print("Install with: pip install ai-trackdown-pytools")
     except Exception as e:
         logger.error(f"Error listing tickets: {e}")
         print(f"Error: {e}")

claude_mpm/cli/commands/ui.py

@@ -5,7 +5,10 @@ WHY: This module provides terminal UI functionality for users who prefer a
 visual interface over command-line interaction.
 """
 
-from ...core.logger import get_logger
+from claude_mpm.utils.imports import safe_import
+
+# Import logger using safe_import pattern
+get_logger = safe_import('claude_mpm.core.logger', None, ['get_logger'])
 
 
 def run_terminal_ui(args):
@@ -29,26 +32,45 @@ def run_terminal_ui(args):
     
     try:
         if ui_mode == 'terminal':
-            # Try rich UI first
-            try:
-                from ...ui.rich_terminal_ui import main as run_rich_ui
+            # Try rich UI first using safe_import
+            run_rich_ui = safe_import(
+                '...ui.rich_terminal_ui',
+                'claude_mpm.ui.rich_terminal_ui',
+                ['main']
+            )
+            
+            if run_rich_ui:
                 logger.info("Starting rich terminal UI...")
                 run_rich_ui()
-            except ImportError:
+            else:
                 # Fallback to curses UI
                 logger.info("Rich not available, falling back to curses UI...")
-                from ...ui.terminal_ui import TerminalUI
-                ui = TerminalUI()
-                ui.run()
+                TerminalUI = safe_import(
+                    '...ui.terminal_ui',
+                    'claude_mpm.ui.terminal_ui',
+                    ['TerminalUI']
+                )
+                if TerminalUI:
+                    ui = TerminalUI()
+                    ui.run()
+                else:
+                    logger.error("UI module not found")
+                    print("Error: Terminal UI requires 'curses' (built-in) or 'rich' (pip install rich)")
+                    return 1
         else:
             # Use curses UI explicitly
-            from ...ui.terminal_ui import TerminalUI
-            ui = TerminalUI()
-            ui.run()
-    except ImportError as e:
-        logger.error(f"UI module not found: {e}")
-        print(f"Error: Terminal UI requires 'curses' (built-in) or 'rich' (pip install rich)")
-        return 1
+            TerminalUI = safe_import(
+                '...ui.terminal_ui',
+                'claude_mpm.ui.terminal_ui',
+                ['TerminalUI']
+            )
+            if TerminalUI:
+                ui = TerminalUI()
+                ui.run()
+            else:
+                logger.error("UI module not found")
+                print("Error: Terminal UI not available")
+                return 1
     except Exception as e:
         logger.error(f"Error running terminal UI: {e}")
         print(f"Error: {e}")

claude_mpm/cli/utils.py

@@ -10,7 +10,10 @@ import sys
 from pathlib import Path
 from typing import Optional
 
-from ..core.logger import get_logger
+from claude_mpm.utils.imports import safe_import
+
+# Import logger using safe_import pattern
+get_logger = safe_import('claude_mpm.core.logger', None, ['get_logger'])
 
 
 def get_user_input(input_arg: Optional[str], logger) -> str:
@@ -59,8 +62,17 @@ def get_agent_versions_display() -> Optional[str]:
     Returns:
         Formatted string containing agent version information, or None if failed
     """
+    # Import AgentDeploymentService using safe_import pattern
+    AgentDeploymentService = safe_import(
+        'claude_mpm.services.agent_deployment',
+        None,
+        ['AgentDeploymentService']
+    )
+    
+    if not AgentDeploymentService:
+        return None
+        
     try:
-        from ..services.agent_deployment import AgentDeploymentService
         deployment_service = AgentDeploymentService()
         
         # Get deployed agents
@@ -162,10 +174,17 @@ def ensure_directories() -> None:
     failing when they don't exist, we create them automatically for a better
     user experience.
     """
-    try:
-        from ..init import ensure_directories as init_ensure_directories
-        init_ensure_directories()
-    except Exception:
-        # Continue even if initialization fails
-        # The individual commands will handle missing directories as needed
-        pass
+    # Import ensure_directories using safe_import pattern
+    init_ensure_directories = safe_import(
+        'claude_mpm.init',
+        None,
+        ['ensure_directories']
+    )
+    
+    if init_ensure_directories:
+        try:
+            init_ensure_directories()
+        except Exception:
+            # Continue even if initialization fails
+            # The individual commands will handle missing directories as needed
+            pass

claude_mpm/core/agent_registry.py

@@ -20,10 +20,10 @@ import importlib.util
 from datetime import datetime
 from dataclasses import dataclass
 
-try:
-    from ..core.logger import get_logger
-except ImportError:
-    from core.logger import get_logger
+from claude_mpm.utils.imports import safe_import
+
+# Import logger using safe_import pattern
+get_logger = safe_import('claude_mpm.core.logger', None, ['get_logger'])
 
 
 @dataclass

claude_mpm/core/factories.py

@@ -12,7 +12,7 @@ from typing import Any, Dict, Optional, Type, TypeVar
 from .container import DIContainer
 from .logger import get_logger
 from .config import Config
-from ..services.agent_deployment import AgentDeploymentService
+from claude_mpm.services.agent_deployment import AgentDeploymentService
 from ..orchestration.factory import OrchestratorFactory
 from ..orchestration.base import BaseOrchestrator
 

claude_mpm/core/service_registry.py

@@ -38,7 +38,7 @@ class ServiceRegistry:
         """Register all core framework services."""
         from ..services.shared_prompt_cache import SharedPromptCache
         from ..services.ticket_manager import TicketManager
-        from ..services.agent_deployment import AgentDeploymentService
+        from claude_mpm.services.agent_deployment import AgentDeploymentService
         from .session_manager import SessionManager
         from .agent_session_manager import AgentSessionManager
         from .config import Config

claude_mpm/core/simple_runner.py

@@ -195,16 +195,15 @@ class SimpleClaudeRunner:
                 clean_env.pop(var, None)
             
             # Set the correct working directory for Claude Code
-            # If CLAUDE_MPM_USER_PWD is set, use that as the working directory
+            # WHY: We're already in the user's directory thanks to __main__.py restoration
+            # We just need to ensure CLAUDE_WORKSPACE is set correctly
+            current_dir = os.getcwd()
+            clean_env['CLAUDE_WORKSPACE'] = current_dir
+            self.logger.info(f"Working directory: {current_dir}")
+            
+            # Log directory context for debugging
             if 'CLAUDE_MPM_USER_PWD' in clean_env:
-                user_pwd = clean_env['CLAUDE_MPM_USER_PWD']
-                clean_env['CLAUDE_WORKSPACE'] = user_pwd
-                # Also change to that directory before launching Claude
-                try:
-                    os.chdir(user_pwd)
-                    self.logger.info(f"Changed working directory to: {user_pwd}")
-                except Exception as e:
-                    self.logger.warning(f"Could not change to user directory {user_pwd}: {e}")
+                self.logger.debug(f"User PWD from env: {clean_env['CLAUDE_MPM_USER_PWD']}")
             
             print("Launching Claude...")
             
@@ -313,19 +312,15 @@ class SimpleClaudeRunner:
             env = os.environ.copy()
             
             # Set the correct working directory for Claude Code
+            # WHY: We're already in the user's directory thanks to __main__.py restoration
+            # We just need to ensure CLAUDE_WORKSPACE is set correctly
+            current_dir = os.getcwd()
+            env['CLAUDE_WORKSPACE'] = current_dir
+            self.logger.info(f"Working directory for subprocess: {current_dir}")
+            
+            # Log directory context for debugging
             if 'CLAUDE_MPM_USER_PWD' in env:
-                user_pwd = env['CLAUDE_MPM_USER_PWD']
-                env['CLAUDE_WORKSPACE'] = user_pwd
-                # Change to that directory before running Claude
-                try:
-                    original_cwd = os.getcwd()
-                    os.chdir(user_pwd)
-                    self.logger.info(f"Changed working directory to: {user_pwd}")
-                except Exception as e:
-                    self.logger.warning(f"Could not change to user directory {user_pwd}: {e}")
-                    original_cwd = None
-            else:
-                original_cwd = None
+                self.logger.debug(f"User PWD from env: {env['CLAUDE_MPM_USER_PWD']}")
             
             # Run Claude
             if self.project_logger:
@@ -337,12 +332,7 @@ class SimpleClaudeRunner:
             
             result = subprocess.run(cmd, capture_output=True, text=True, env=env)
             
-            # Restore original directory if we changed it
-            if original_cwd:
-                try:
-                    os.chdir(original_cwd)
-                except Exception:
-                    pass
+            # No need to restore directory since we didn't change it
             execution_time = time.time() - start_time
             
             if result.returncode == 0:

claude_mpm/hooks/claude_hooks/hook_handler.py

@@ -44,6 +44,7 @@ project_root = Path(__file__).parent.parent.parent.parent
 sys.path.insert(0, str(project_root / 'src'))
 
 from claude_mpm.core.logger import get_logger, setup_logging, LogLevel
+from claude_mpm.security import BashSecurityValidator
 
 # Don't initialize global logging here - we'll do it per-project
 logger = None
@@ -329,6 +330,7 @@ class ClaudeHookHandler:
         - Checking for path traversal attempts
         - Ensuring file operations stay within the working directory
         - Blocking dangerous operations
+        - Validating bash commands for security violations
         
         Security Design:
         - Fail-secure: Block suspicious operations
@@ -342,6 +344,29 @@ class ClaudeHookHandler:
         tool_name = self.event.get('tool_name', '')
         tool_input = self.event.get('tool_input', {})
         
+        # Get the working directory from the event
+        working_dir = Path(self.event.get('cwd', os.getcwd())).resolve()
+        
+        # Special handling for Bash tool - validate commands for security
+        if tool_name == 'Bash':
+            command = tool_input.get('command', '')
+            if command:
+                # Create bash validator for this working directory
+                bash_validator = BashSecurityValidator(working_dir)
+                is_valid, error_msg = bash_validator.validate_command(command)
+                
+                if not is_valid:
+                    if logger:
+                        logger.warning(f"Security: Blocked Bash command: {command[:100]}...")
+                    
+                    response = {
+                        "action": "block",
+                        "error": error_msg
+                    }
+                    print(json.dumps(response))
+                    sys.exit(0)
+                    return
+        
         # List of tools that perform write operations
         # These tools need special security checks to prevent
         # writing outside the project directory
@@ -349,9 +374,6 @@ class ClaudeHookHandler:
         
         # Check if this is a write operation
         if tool_name in write_tools:
-            # Get the working directory from the event
-            working_dir = Path(self.event.get('cwd', os.getcwd())).resolve()
-            
             # Extract file path based on tool type
             file_path = None
             if tool_name in ['Write', 'Edit', 'NotebookEdit']:
@@ -414,7 +436,34 @@ class ClaudeHookHandler:
                     sys.exit(0)
                     return
         
-        # For read operations and other tools, continue normally
+        # Additional security checks for other tools that might access files
+        read_tools = ['Read', 'LS', 'Glob', 'Grep', 'NotebookRead']
+        
+        if tool_name in read_tools:
+            # For read operations, we allow them but log for auditing
+            file_path = None
+            if tool_name == 'Read':
+                file_path = tool_input.get('file_path')
+            elif tool_name == 'NotebookRead':
+                file_path = tool_input.get('notebook_path')
+            elif tool_name == 'LS':
+                file_path = tool_input.get('path')
+            elif tool_name in ['Glob', 'Grep']:
+                file_path = tool_input.get('path', '.')
+            
+            if file_path and logger:
+                # Log read operations for security auditing
+                logger.info(f"Security audit: {tool_name} accessing path: {file_path}")
+        
+        # Check for other potentially dangerous tools
+        if tool_name in ['WebFetch', 'WebSearch']:
+            # Log web access for security auditing
+            if logger:
+                url = tool_input.get('url', '') if tool_name == 'WebFetch' else 'N/A'
+                query = tool_input.get('query', '') if tool_name == 'WebSearch' else 'N/A'
+                logger.info(f"Security audit: {tool_name} - URL: {url}, Query: {query}")
+        
+        # For all other operations, continue normally
         return self._continue()
     
     def _handle_post_tool_use(self):