zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-04-23 02:23:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,465 Commits 10 Branches 13 Tags
4e66b2882da9afb9747468b08a253ca2f09c85f3
Commit Graph

5 Commits

Author SHA1 Message Date
Junming
20041294d9 fix(gateguard): rewrite routineBashMsg to use fact-presentation pattern (#1531) 
* fix(gateguard): rewrite routineBashMsg to use fact-presentation pattern

The imperative 'Quote user's instruction verbatim. Then retry.' phrasing
triggers Claude Code's runtime anti-prompt-injection filter, deadlocking
the first Bash call of every session. The sibling gates (edit, write,
destructive) use multi-point fact-list framing that the runtime accepts.

Align routineBashMsg with that pattern to restore the gate's intended
behavior without changing run(), state schema, or any public API.

Closes #1530

* docs(gateguard): sync SKILL.md routine gate spec with new message format

CodeRabbit flagged that skills/gateguard/SKILL.md still described the
pre-fix imperative message. Update the Routine Bash Gate section to
match the numbered fact-list format used by the new routineBashMsg().
 2026-04-21 18:02:16 -04:00
seto
dd2962ee92 fix: 5 bugs + 2 tests from 3-agent deep bughunt 
Bugs fixed:
- B1: JS gate messages still said "cat one real record" -> redacted/synthetic
- B2: Destructive bash key used 200-char truncation (collision bypass) -> SHA256 hash
- B3: sanitizePath only stripped \n\r -> now strips null bytes, bidi overrides, all control chars
- B4: Tool name matching was case-sensitive (latent bypass) -> lookup map normalization
- B5: SKILL.md Gate Types missing MultiEdit -> added with explanation

Tests added:
- T1: MultiEdit gate denies first unchecked file (CRITICAL - was untested)
- T2: MultiEdit allows after all files gated

11/11 tests pass.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-13 16:32:46 +09:00
seto
8cd6378c81 fix: cubic-dev-ai round 3 — SKILL.md consistency 
P2: Description now says "Edit/Write/Bash (including MultiEdit)"
    instead of listing MultiEdit as a separate top-level gate

P2: Write Gate and Anti-Patterns now use same "redacted or synthetic
    values" wording as Edit Gate (was still "cat one real record")

All 3 gate doc sections now consistent. 9/9 tests pass.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-13 16:19:01 +09:00
seto
4dbed5ff5b fix: cubic-dev-ai round 2 — 3 issues across SKILL.md + pruning 
P1: Gate message asked for raw production data records — changed to
    "redacted or synthetic values" to prevent sensitive data exfiltration

P2: SKILL.md description now includes MultiEdit (was missing after
    MultiEdit gate was added in previous commit)

P2: Session key pruning now caps __prefixed keys at 50 to prevent
    unbounded growth even in theoretical edge cases

9/9 tests pass.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-04-13 16:11:33 +09:00
seto
5a03922934 feat(hooks,skills): add gateguard fact-forcing pre-action gate 
A PreToolUse hook that forces Claude to investigate before editing.
Instead of self-evaluation ("are you sure?"), it demands concrete facts:
importers, public API, data schemas, user instruction.

A/B tested: +2.25 quality points (9.0 vs 6.75) across two independent tasks.

- scripts/hooks/gateguard-fact-force.js — standalone Node.js hook
- skills/gateguard/SKILL.md — skill documentation
- hooks/hooks.json — PreToolUse entries for Edit|Write and Bash

Full package with config: pip install gateguard-ai
Repo: https://github.com/zunoworks/gateguard

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-12 11:41:33 +09:00