* feat: add orch-* orchestrator skill family
Lightweight wrappers that orchestrate existing ECC agents through a gated Research -> Plan -> TDD -> Review -> Commit pipeline, right-sized per task.
- orch-pipeline: shared engine (phases, size classifier, two gates, agent map)
- orch-add-feature/change-feature/fix-defect/refine-code/build-mvp: thin wrappers delegating to the engine
* chore: register orch-* family in catalog, command registry, and agent.yaml (post-rebase onto green main)
---------
Co-authored-by: ECC Test <ecc@example.test>
ROOT CAUSE: hooks load plugin-hook-bootstrap.js via
`node -e "...; process.argv.splice(1,0,s); require(s)"`. On Node 21+,
require.main is `undefined` under --eval, so the `if (require.main === module)`
guard was false and main() never ran — every plugin hook silently no-op'd
(e.g. the MCP-health PreToolUse hook stopped blocking). CI (Node 18/20) hid
this; it only surfaces on Node 21+. Fix: also run main() when require.main is
undefined (the eval-bootstrap case), while staying dormant on real imports.
Also clears pre-existing main debt the full local suite enforces:
- catalog:sync — README/docs agent+skill counts drifted after recent merges
- tests/ci/supply-chain-watch-workflow: update checkout SHA to the merged v6.0.3 (#2183)
- markdownlint + check-unicode-safety --write across docs/skills
Suite: 2683/2683 green under Node v25; lint + unicode clean.
Co-authored-by: ECC Test <ecc@example.test>
CONTRIBUTING.md still pointed at the old `affaan-m/everything-claude-code`
repo URL in the Quick Start fork instructions and in the Issues link at
the bottom. Both relied on GitHub's silent rename-redirect, but the
literal `cd everything-claude-code` after `gh repo fork` would land in
the wrong directory now that the repo is `affaan-m/ECC`.
REPO-ASSESSMENT.md and EVALUATION.md were both 2026-03-21 personal
fork-audit artifacts written from one user's specific install. They
describe the project as a fork at `Infiniteyieldai/everything-claude-code`
v1.9.0 with 28 agents / 116 skills / 59 commands and pin the recommended
mode at "use as upstream tracker". None of that is true anymore (this
IS the upstream, v2.0.0-rc.1, currently 61 / 246 / 76). EVALUATION.md in
particular still references a defunct branch (`claude/evaluate-repo-comparison-ASZ9Y`)
and describes a "Current Setup" of zero installed components as if it
were universal, which it is not.
Neither file is referenced by anything else in the repo (`rg` confirmed)
and they actively mislead new contributors and visitors. Delete both.
A targeted line-by-line refresh of EVALUATION.md was considered but
rejected: bringing only the totals up to date (61/246/76) would leave
the rest of the document — v1.9.0 references, branch metadata, the
zero-component "Current Setup" — internally inconsistent (CodeRabbit
flagged this on the first revision of this PR). Wholesale removal is
the honest fix.
Translated copies (e.g. docs/pt-BR/README.md still has the 28/116/59
numbers) are intentionally left for a follow-up i18n PR to keep this
diff small.
The `/instinct-status` slash command template expanded
`${CLAUDE_PLUGIN_ROOT}` directly and documented a manual-install
fallback to `~/.claude/skills/continuous-learning-v2/scripts/instinct-cli.py`.
When users had both an active plugin install (under
`~/.claude/plugins/cache/<slug>/<org>/<version>/`) and a legacy
`~/.claude/skills/continuous-learning-v2/` directory left over from a
previous manual install, an empty `CLAUDE_PLUGIN_ROOT` (which Claude
Code does not always populate in slash-command shell contexts) silently
made the command read the stale legacy install while the active plugin
hooks and observer wrote to the new XDG path. The user saw "No
instincts found" while the system was actively learning — exactly the
divergence the bug reporter spent hours diagnosing.
Replace the brittle two-block template with the same inline resolver
pattern that `hooks/hooks.json` and `/sessions` / `/skill-health`
already use: env var → standard install → known plugin roots → plugin
cache walk → fallback. The resolver is the canonical `INLINE_RESOLVE`
constant from `scripts/lib/resolve-ecc-root.js`, so no new code is
introduced — just consistent adoption of the existing pattern.
Apply the same fix to all five copies of the command:
- commands/instinct-status.md (canonical)
- .opencode/commands/instinct-status.md
- docs/zh-CN/commands/instinct-status.md
- docs/ja-JP/commands/instinct-status.md
- docs/tr/commands/instinct-status.md
Extend tests/lib/command-plugin-root.test.js with an assertion that the
canonical instinct-status.md uses the inline resolver and no longer
hard-codes the legacy `~/.claude/skills/...` fallback (regression
guard).
zh-CN copy: polish the Chinese phrasing per LanguageTool feedback
(`使用与 ... 相同的解析器` → `以与 ... 相同的解析器`) so the verb is
introduced by an explicit preposition instead of reading as an awkward
verb-object construction.
* docs: add Urdu (ur) README translation
Adds docs/ur/README.md — a full Urdu translation of the main README.
Urdu is spoken by 230M+ people globally, with a large developer community
in Pakistan. This follows the same structure as existing translations
(de-DE, ja-JP, ko-KR, etc.).
* docs(ur): sync install catalog counts with current repo metadata
The Urdu README stated 60 agents / 232 skills / 75 legacy command shims, but the current repo metadata and English README use 61 / 246 / 76. Update to match so Urdu users following the install guide do not see a verification mismatch (flagged in review).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
* feat: auto-isolate ECC memory data for Cursor via ECC_AGENT_DATA_HOME
Add ECC_AGENT_DATA_HOME (defaults to ~/.claude) with Cursor-aware resolution,
sessionStart env injection, install scaffolds, and hook bootstrap so memory
hooks do not collide with Claude Code when both harnesses are used.
Closes#2065
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix: log agent-data config errors and ship cursor sessionStart deps
Address CodeRabbit review: log invalid .cursor/ecc-agent-data.json parse
failures, and copy cursor-session-env.js plus lib deps on legacy Cursor
install so sessionStart hook path exists without hooks-runtime alone.
Co-authored-by: Cursor <cursoragent@cursor.com>
* fix: resolve relative agentDataHome paths from project root
Project config values like ".ecc-data" now resolve against the
repository root (parent of .cursor/), not process.cwd(), so Cursor
hooks persist memory in the intended directory regardless of hook cwd.
Addresses cubic review on PR #2066.
Co-authored-by: Cursor <cursoragent@cursor.com>
* docs: explain getHomeDir duplicate and docstring policy
Document why agent-data-home keeps a local home-dir helper (circular
require with utils.js) and list consolidation options for maintainers.
Note that CodeRabbit JSDoc coverage warnings are informational relative
to ECC's usual script documentation style.
Addresses cubic P2 context on PR #2066.
Co-authored-by: Cursor <cursoragent@cursor.com>
* test: isolate agent-data-home tests from dogfooded .cursor config
Use isolated temp cwd for default-resolution cases and assert
resolveAgentDataHome({ projectDir }) reads ecc-agent-data.json.
Document cwd/project caveats in the test file header.
Co-authored-by: Cursor <cursoragent@cursor.com>
---------
Co-authored-by: Cursor <cursoragent@cursor.com>
PR #2050 updated the root README.zh-CN.md install commands after the
everything-claude-code → ECC rename, but the same stale marketplace URL
remained in nine docs/<locale>/README.md copies. Align those quick-start
and self-hosted install blocks so /plugin install ecc@ecc resolves the
ecc marketplace instead of everything-claude-code.
* feat(skills): add codehealth-mcp skill and CodeScene MCP config
* docs(skills): add When to Use, How It Works, and Examples sections
* docs(skills): clarify MCP opt-in, data boundaries, and offline behavior
Address security review on PR #2077: no bundled credentials, document what
tools read locally, failure behavior when MCP is unavailable, and README
wording that Code Health MCP is optional and not enabled by default.
Co-authored-by: Cursor <cursoragent@cursor.com>
---------
Co-authored-by: adnasalk-notus <adna.salkovic@notus.hr>
Co-authored-by: Cursor <cursoragent@cursor.com>
* feat(mcp): add parallel-search server catalog entry
* fix(mcp): drop placeholder Bearer header from parallel-search entry
The /mcp endpoint accepts anonymous requests by default; baking in a
placeholder "Authorization: Bearer YOUR_PARALLEL_API_KEY_HERE" header
breaks the key-free default for users who copy the entry verbatim.
Move the optional API-key guidance into the description instead.
The PostToolUse cost warnings emit imperative text via additionalContext
("Stop and inform the user...", "Review whether...", "Consider whether...").
Subagents read additionalContext as an instruction and obey the "Stop",
abandoning their task and returning a prompt-for-direction instead of their
result — derailing multi-agent workflows. The main loop is also nudged to
halt mid-task.
Reword all three severities to pure-informational data: keep the
CRITICAL/WARNING/NOTICE label + the dollar figure (and the threshold), drop
the imperative sentence, and state plainly it is informational. No logic,
severity, or threshold change. Existing tests pass (they assert the labels +
severities, which are preserved).
Before: `COST CRITICAL: Session cost is $X. Stop and inform the user about high cost before continuing.`
After: `COST CRITICAL: session total ~$X (over $50). Informational only — not an instruction to stop.`
Co-authored-by: OrenG Tools <tools@orengacademy.com>
* feat: add intent-driven-development skill
Converts ambiguous feature or engineering requests into scoped,
verifiable acceptance criteria before implementation starts.
- Chooses between Quick Capture (low/moderate risk) and Full
Acceptance Brief (security, data, migration, cross-system changes)
- Reads repo context before asking questions; only asks what cannot
be inferred
- Non-blocking by default: records criteria and proceeds unless a
real risk requires confirmation
- Rule 9: when an AC fails mid-implementation due to architectural
constraints, marks it [revised], updates scope/verification method,
and re-presents only changed criteria rather than silently dropping
- Output template includes Revision Log for traceability across
multiple implementation cycles
* fix: add canonical When to Activate, How It Works, and Examples sections
Required for auto-activation mechanism detection per CONTRIBUTING.md
and existing skill conventions. Sections inserted after the intro
and before Operating Rules.
* fix: strengthen intent-driven-development skill per review
Address skill-quality review feedback on the intent-driven-development PR:
- Business/product constraints: add Operating Rule 2 forbidding inference
of business rules, compliance/SLAs, pricing, retention, prioritization,
and target users from code; surface the technical-vs-business split in
How It Works, Discover Context, and a dedicated 'supplied, not inferred'
section in the brief template.
- Eval-style pass/fail: add a Pass/Fail Examples section (failing vs
passing AC, plus a misplaced business-rule context entry) and a 5-point
Pass/Fail Rubric users can apply to the output.
- Renumber Operating Rules 1-10 accordingly; markdownlint clean.
Adds a complete Spanish translation of the ECC documentation under
docs/es/, mirroring the Turkish (docs/tr/) translation in scope.
141 files covering agents, commands, rules, skills, contexts, examples,
and core docs. Updates root README.md with the Spanish language link.
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Correct clear spelling mistakes in documentation without changing behavior.
Confidence: high
Scope-risk: narrow
Tested: git diff --check; uvx codespell on changed files
Not-tested: Full docs build not run; text-only changes
Ghostty natively supports the OSC 9 desktop-notification escape
(ESC ] 9 ; <message> BEL), the same sequence already used for iTerm2.
Previously only TERM_PROGRAM === 'iTerm.app' took the escape path, so
Ghostty users fell through to the osascript path. That makes Script
Editor the notification owner, and clicking the notification just
launches Script Editor instead of focusing the terminal.
Adding 'ghostty' to the OSC 9-capable check makes Ghostty the owner,
so clicking the notification focuses the Ghostty window/tab where
Claude Code is running. Verified on Ghostty (TERM_PROGRAM=ghostty).
Co-authored-by: 高野智史 <satoshitakano@takanosatoshinoMacBook-Pro-522.local>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* fix(hooks): stop false loop warnings and repeated identical context warnings
Two PostToolUse monitor defects surfaced during a long single-turn session:
1. ecc-metrics-bridge hashToolCall fingerprinted Edit/Write/MultiEdit on
file_path ONLY, so several distinct edits to the same file produced the
same hash and tripped the loop detector ("stuck loop") even though every
edit was different. Now the hash includes the edit content
(old_string/new_string/content/edits) so distinct edits to one file hash
differently; identical edits still collide as intended.
2. ecc-context-monitor re-emitted the SAME warning every DEBOUNCE_CALLS (5)
tool calls even when nothing changed. Because the cost figure only refreshes
at Stop (turn) boundaries, a single stale value printed the identical
warning ~20 times within one turn. Dedupe on message content instead: a
warning surfaces only when its text changes (cost moved, new file count, new
loop) or on first escalation to critical, and is otherwise suppressed.
Adds regression tests for the same-file/different-content hash case.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* fix(hooks): address CodeRabbit review (#2121)
- ecc-context-monitor: clear dedupe state when warnings resolve, so the same
warning text recurring in a later turn (context dips/recovers/dips, a loop
that stops then restarts) is surfaced again instead of suppressed as a
duplicate. Guarded so the no-warning hot path stays write-free.
- ecc-metrics-bridge: hash the FULL serialized edit payload and truncate the
digest, not the input. Slicing the serialized string to HASH_INPUT_LIMIT
first could collapse large edits sharing their first 2048 chars, reviving the
false-loop collision for big Write/edit payloads.
- Add regression test for >2048-char edit divergence.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* Add NEXUS to mcp-configs/mcp-servers.json
NEXUS (github.com/lynuxis2026-pixel/nexus-proxy) is a local, single-binary
cost/privacy proxy that sits under the harness. Adding it as an MCP server lets
an ECC agent query its own usage/savings mid-session (nexus_stats, nexus_savings,
nexus_recent, nexus_providers, nexus_cost_breakdown).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
* Tighten nexus MCP description to ECC's concise house style
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
---------
Co-authored-by: ludicolijn1985-blip <ludicolijn1985@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
The Trae installer recorded nested skill files with a doubled slash
(e.g. `skills/skill-comply//pyproject.toml`). The skills loop used the
glob variable `$d`, which carries a trailing slash, both as the `find`
root and as the prefix removed from each file path. Under bash, BSD
`find` with a trailing-slash argument emits `.../skill-comply//file`, so
`${source_file#$d}` left a leading slash, producing double-slash manifest
entries that did not match the single-slash paths uninstall.sh expects.
Strip the trailing slash from `$d` and remove the `$d/` prefix so `find`
emits clean paths and manifest entries are single-slash. Fixes the
previously failing test in tests/scripts/trae-install.test.js
("records nested skill files and the full rules tree in the manifest").
Co-authored-by: affaan-m <tamiraw808@gmail.com>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* fix: surface legacy data warning in instinct-cli status (#2036)
When the data directory moved from ~/.claude/homunculus/ to the
XDG-compliant ~/.local/share/ecc-homunculus/, legacy installs with data
still in the old path saw "No instincts found" with no explanation.
Add _warn_legacy_data() to cmd_status so users get a clear, actionable
warning pointing them to the migration script or the CLV2_HOMUNCULUS_DIR
override. Wrap the directory scan in try/except to handle permission
errors gracefully.
Closes#2036
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* fix: address review feedback — drop unused f-strings, resolve absolute migrate path
Remove extraneous f-prefix from strings without interpolation (ruff F541).
Resolve migrate-homunculus.sh path relative to instinct-cli.py instead of
hard-coding a repo-relative path that only works from the repo root.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* fix: quote migrate script path to handle spaces
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---------
Co-authored-by: kky <lingmu141592@gmail.com>
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
* fix(gateguard): gate force/path git checkout as destructive
The destructive-command gate's `checkout` handler only flagged
`git checkout -- <path>`. It missed `git checkout --force` / `-f <branch>`
and `git checkout .`, all of which discard uncommitted working-tree changes,
so they bypassed the gate (once the once-per-session routine-Bash gate is
satisfied, they ran with no challenge). The sibling `switch` handler already
covers these force forms; mirror it for `checkout`.
* test(gateguard): document Test 7b force-checkout case
---------
Co-authored-by: bymle <229636660+bymle@users.noreply.github.com>
* docs(claude): install manual skills at top level
* test(docs): guard Claude manual skill install path
* test(docs): detect PowerShell/$HOME nested skill-install paths
Address CodeRabbit on #2160: the nested-path regression guard only matched
Unix `mkdir`/`cp` with `~`, so a reintroduced PowerShell `Copy-Item ...
$HOME/.claude/skills/ecc` (or backslash-separated) form would have slipped
through. Extend the pattern to also cover `Copy-Item`/`New-Item` (and the
`md`/`copy`/`cpi` aliases), accept `$HOME` as an alternative to `~`, allow both
`/` and `\` separators, and match case-insensitively.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
tdd.md, e2e.md, and orchestrate.md in legacy-command-shims/commands/ still
carried their full pre-shim command bodies concatenated below the shim
headers: a stray '})' and orphaned code fence in tdd.md, leftover Playwright
test bodies plus a foreign project-specific 'PMX-Specific Critical Flows'
section in e2e.md, and orphaned report-template fragments in orchestrate.md.
The trailing bodies also contradicted the shim headers by claiming the
commands invoke agents directly.
Truncate each file at the end of its Delegation section. The other nine
legacy shims are clean 20-23 line shims and are untouched.
Several published examples contained APIs that no longer exist, code that
does not run, or model versions that drifted from reality:
- agents/performance-optimizer.md used the web-vitals v3 API
(getCLS/getFID/getLCP/getFCP/getTTFB) and reported FID. web-vitals v4
renamed the imports to onCLS/onINP/onLCP/onFCP/onTTFB and FID was
replaced by INP (target < 200ms)
- rules/common/performance.md pinned stale model versions in the
model-selection guidance; refresh to the versions the repo itself uses
(agent.yaml pins claude-opus-4-6) and add the PowerShell variant for
MAX_THINKING_TOKENS next to the bash export
- skills/python-patterns/SKILL.md: both get_value examples referenced
default_value without declaring the parameter (NameError); add
default_value: Any = None to the EAFP and LBYL signatures
- skills/frontend-patterns/SKILL.md: the custom useQuery example rebuilt
refetch whenever callers passed inline fetchers/options, re-triggering
the effect after every state update (infinite fetch loop). Keep the
latest fetcher/options in refs so refetch stays referentially stable.
The PASS-labelled useMemo example mutated its input with in-place sort;
copy before sorting
- skills/coding-standards/SKILL.md repeated the same PASS-labelled
in-place-sort-in-useMemo example; same fix
- rules/typescript/security.md used a vendor-specific OPENAI_API_KEY in
generic guidance; switch to a neutral API_KEY
Every hand-maintained copy of the affected content is synced in the same
change: locale mirrors (ja-JP, ko-KR, pt-BR, tr, zh-CN, zh-TW - each only
where it carries the affected file) and the .agents/.kiro/.cursor harness
mirrors. Two structural divergences are left alone and noted here:
.kiro/steering/performance.md has no extended-thinking control list to
carry the PowerShell variant, and docs/zh-TW/rules/performance.md keeps an
older condensed thinking section without the budget-cap line.
rules/zh/performance.md is intentionally untouched - the rules/zh tree is
being retired in a separate change
- multi-{plan,execute,backend,frontend,workflow}.md: add an in-file
prerequisite note for the external ccg-workflow runtime. README.md already
warns these commands need codeagent-wrapper and the .ccg prompt tree, but
users meeting them via the installed slash commands never see the README;
the commands-core module still installs all five by default
- quality-gate.md: describe what scripts/hooks/quality-gate.js actually does.
The doc advertised '/quality-gate [path] [--fix] [--strict]' with lint/type
checks, but the script reads the file path from hook stdin JSON, toggles
behavior via ECC_QUALITY_GATE_FIX / ECC_QUALITY_GATE_STRICT env vars, and
runs formatters only (Biome/Prettier, gofmt, ruff format)
- claude-devfleet SKILL.md: add a Setup section pointing at the DevFleet
server repository (github.com/LEC-AI/claude-devfleet, already disclosed in
mcp-configs/mcp-servers.json) plus the SECURITY.md port-verification note;
the skill previously assumed a running instance with no way to obtain one
- regenerate docs/COMMAND-REGISTRY.json for the quality-gate description
rules/zh shipped ~17KB of Chinese rule text into the auto-loaded rules tree
of every default install (rules-core installs the bare 'rules' path with
defaultInstall: true), with no paths: frontmatter gating. The content had
also drifted behind both rules/common and the maintained translations in
docs/zh-CN/rules/common (e.g. zh/coding-style.md 48 lines vs the 52-line
docs/zh-CN copy), and 'zh' was already dropped from the installer's language
help in favor of the gated docs-zh-cn locale module (--locale zh-CN).
- move rules/zh/code-review.md to docs/zh-CN/rules/common/code-review.md:
the only file with no counterpart in the maintained locale tree (fills a
zh-CN parity gap with rules/common/code-review.md)
- delete the remaining 10 rules/zh files, all older duplicates of
docs/zh-CN/rules/common content
- update trae-install test to assert the rules tree via rules/web instead
Not addressed here: rules/README.md (~5.5KB of installer docs) still ships
into the auto-loaded tree via the bare 'rules' module path; filtering README
files from rule-tree expansion is a separate decision
Two tests provoke EACCES via chmod (saveAliases backup double failure,
appendSessionContent on a read-only file) and already skip on win32, but
root ignores file modes so both fail when the suite runs as root (for
example in a default Docker container). Every other chmod-based test in
the repo already guards with process.getuid?.() === 0; these two were the
only ones missing the guard. Apply the same skip condition and message.
- commands-core now ships scripts/harness-audit.js and scripts/skills-health.js:
the module installs the whole commands/ dir, so /harness-audit and
/skill-health were installed without their backing engines on
manifest-driven installs (the original 1.10.0 failure mode)
- agentic-patterns now ships scripts/claw.js: the module installs the
nanoclaw-repl skill, whose workflow operates scripts/claw.js
- package.json files array gains scripts/skills-health.js so the npm publish
surface stays aligned with the module graph (claw.js and harness-audit.js
were already listed)
- orchestration drops commands/multi-workflow.md and commands/sessions.md
from its explicit paths: both are already shipped by commands-core, which
is a declared dependency of the module, so the duplicate ownership produced
two copy operations per destination in install-state. The two scripts/lib
entries are kept because hooks-runtime is NOT a declared dependency and a
standalone orchestration install still needs them
askClaude() passed the full multi-line prompt as a claude
Fix: keep only the short, safe flags (--model, -p) as args and send the prompt over stdin via spawnSync input. The prompt never touches the shell command line, so multi-line/special-char prompts arrive intact. claude -p reads stdin on macOS/Linux too, so behavior is unchanged there.
Verified on Windows 11 (Node 24, claude CLI via npm): real turns now return correct responses, and node tests/scripts/claw.test.js passes 19/19.
Co-authored-by: skausage-ops <268783127+skausage-ops@users.noreply.github.com>
* test: guard broken-symlink tests so the suite passes on Windows
Four test cases create a dangling symlink with fs.symlinkSync() to exercise
statSync catch branches, but did not guard for platforms where symlink
creation is not permitted. On Windows without Developer Mode / admin rights,
fs.symlinkSync throws EPERM, so these tests fail and `npm test` is red:
- tests/ci/validators.test.js (Round 73, validate-commands skill entry)
- tests/lib/session-manager.test.js (Round 83, getAllSessions)
- tests/lib/session-manager.test.js (Round 84, getSessionById)
- tests/lib/utils.test.js (Round 84, findFiles)
Wrap each symlinkSync in try/catch and skip cleanly on failure, mirroring the
existing convention already used in this repo (validators.test.js Round 57 and
hooks/config-protection.test.js). On Linux/macOS and admin Windows the symlink
still succeeds and the tests run unchanged; only the unsupported-symlink path
now skips instead of failing.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* test: only skip symlink tests on EPERM/EACCES, rethrow other errors
Address CodeRabbit review: the catch blocks swallowed every error, which could
mask a real test/setup failure as a false skip. Inspect err.code and only take
the skip path for EPERM/EACCES (symlink creation blocked, e.g. Windows without
Developer Mode); rethrow anything else so genuine failures still surface.
Per the repo coding guideline: never silently swallow errors.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* feat(skills): add kubernetes-patterns skill
* fix(skills): address CodeRabbit review on kubernetes-patterns
- Add When to Use alias section (repo skill-format requirement)
- Add How It Works overview section (required schema)
- Add Examples quick-reference table (required schema)
- Fix RBAC: split into Pattern A (no API, token disabled) and
Pattern B (needs API, token enabled) to resolve contradiction
between automountServiceAccountToken: false and Role/RoleBinding
- Fix missing -n my-namespace flag on OOMKilled kubectl describe command
`DEV_PATTERN`'s trailing `\b` treats a hyphen as a word boundary, so
`dev\b` matched the `dev` prefix of distinct npm scripts like
`dev-setup` / `dev-docs` / `dev-build` and blocked them with exit 2.
Replace the trailing `\b` with `(?![\w-])` so the dev server still
matches (`dev`, `dev;`, `dev:ssr`) but `dev-<suffix>` scripts pass.
Adds regression tests for dev-setup/dev-docs/dev-build (allowed) and
dev:ssr (still blocked).
Co-authored-by: bymle <229636660+bymle@users.noreply.github.com>
The regenerated summary block embeds raw user-message text and was passed
as the *replacement* argument to String.prototype.replace, where $-sequences
($&, $$, $`, $') are special. A user message containing $& re-injected the
entire matched block (duplicating the summary markers) and $$ collapsed to $,
silently corrupting the persisted session summary. buildSummarySection only
escapes newlines and backticks, not $.
Fix: use function replacers (() => summaryBlock) at both rewrite sites so the
replacement text is treated literally. Adds an end-to-end regression test.
Co-authored-by: bymle <229636660+bymle@users.noreply.github.com>
Framework detection matched a dependency against a framework's packageKeys
with unbounded substring containment (dep.includes(key)), so any dependency
whose name merely contained a key was misclassified: `preact` and even
`reactive` were both detected as `react`.
Match only when the dependency equals the key, or the key is a prefix
immediately followed by a delimiter (/ . _ -). This still matches every real
case (react-dom, @remix-run/node, spring-boot-starter, org.springframework.boot,
github.com/labstack/echo/v4, phoenix_live_view) while excluding preact/reactive
(and incidentally nextra). Adds regression tests.
Co-authored-by: bymle <229636660+bymle@users.noreply.github.com>
* fix(observer): auto-scale max_turns by analysis batch size (#2035)
The hardcoded default of MAX_TURNS=20 is insufficient when
MAX_ANALYSIS_LINES=500 (also the default). Claude exhausts its turn
budget before it can write all discovered instinct files, producing:
Error: Reached max turns (20)
Fix: when ECC_OBSERVER_MAX_TURNS is not explicitly set, compute
max_turns proportionally to the actual analysis batch size:
max_turns = clamp(analysis_count / 10, 20, 100)
This gives:
- 20–199 lines → 20 turns (existing floor, unchanged)
- 500 lines → 50 turns (resolves the reported failure)
- 1000 lines → 100 turns (cap)
Explicitly setting ECC_OBSERVER_MAX_TURNS still overrides the
auto-scaled value, preserving the existing escape hatch.
* test(observer): update max_turns test for auto-scaling; document validation
The max-turns budget test in tests/hooks/hooks.test.js still asserted the removed literal max_turns="${ECC_OBSERVER_MAX_TURNS:-20}", which would fail against the new auto-scaling logic. Assert the auto-scale formula and the 20/100 clamp bounds instead.
Also add the explanatory comment CodeRabbit requested above the max_turns sanitization block, clarifying it guards the explicit ECC_OBSERVER_MAX_TURNS override path.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Cursor hooks still called `npx block-no-verify@1.1.2`, the broken external
package whose matcher over-matches: it blocks legitimate `git commit`
whenever `--no-verify` (or `no-verify`) appears anywhere in the command
string, including inside the commit message body. The Claude Code surface
already routes through the in-repo `scripts/hooks/block-no-verify.js`,
which performs flag-position-aware tokenisation and passes 25 regression
tests covering every false-positive case from #2107.
Add a thin Cursor wrapper (`before-shell-execution-block-no-verify.js`)
that reads Cursor stdin, transforms to the Claude Code `tool_input.command`
shape, delegates to the local hook's exported `run()`, and forwards exit
code and stderr. Update `.cursor/hooks.json` to call the wrapper instead
of the npx package. New 14-case test file pins the false-positive cases
from the issue plus the still-blocked real bypass attempts.
Fixes#2107
* fix(session-start): support ECC_SESSION_RETENTION_DAYS opt-out + document env var
The retention pass for *-session.tmp files (issue #2151) landed previously,
but the env var that controls it was undocumented in the README and rejected
falsy values (0, off, disabled), silently falling back to the 30-day default.
Users who want to keep all sessions for forensic or research workflows had no
way to opt out.
This patch:
- Extends getSessionRetentionDays() so 0|off|false|disabled|never|none disables
pruning entirely (returns null sentinel; default behavior unchanged).
- Updates the call site in main() to skip pruneExpiredSessions when retention
is null and emits a clear "[SessionStart] Pruning disabled via
ECC_SESSION_RETENTION_DAYS" log line so the operator can tell pruning is off.
- Documents ECC_SESSION_RETENTION_DAYS in the README "Hook Runtime Controls"
section alongside the other ECC_SESSION_* knobs.
- Adds three regression tests in tests/hooks/hooks.test.js covering opt-out
via 0, opt-out via off, and garbage-value fallback to default 30.
Verification:
- node tests/hooks/hooks.test.js — 240/240 green (incl. 3 new retention tests)
- node tests/run-all.js — 2622/2622 green
- npx eslint scripts/hooks/session-start.js tests/hooks/hooks.test.js — clean
- node scripts/ci/validate-no-personal-paths.js — clean
- node scripts/ci/check-unicode-safety.js — clean
- node scripts/ci/validate-hooks.js — 28 matchers validated
- node scripts/ci/validate-rules.js — 115 files validated
Fixes#2151
* docs(readme): list all ECC_SESSION_RETENTION_DAYS opt-out values + add Windows example
Address reviewer feedback on PR #2163:
- CodeRabbit and cubic both flagged that the README docs only listed 3 of 6
opt-out values accepted by getSessionRetentionDays() (0, off, disabled),
while the implementation also accepts false, never, none.
- cubic also flagged the missing Windows PowerShell example for the new
variable, breaking the parallel structure of the existing
ECC_CONTEXT_MONITOR_COST_WARNINGS example block.
Updated the README to:
- Spell out all six opt-out values (0, off, false, disabled, never, none)
and clarify they "keep all sessions (disable pruning)".
- Add an ECC_SESSION_RETENTION_DAYS line to the Windows PowerShell example.
No behavior change. README only.
Verification:
- npx markdownlint README.md — clean
- npx eslint scripts/hooks/session-start.js tests/hooks/hooks.test.js — clean
* feat(gateguard): add env knobs for routine bash gate + extra destructive patterns
The JS port of gateguard-fact-force has two bash gates: a destructive
gate (rm -rf, drop table, git push --force, etc.) that operators want
to keep, and a once-per-session routine gate that fires on the very
first bash invocation regardless of intent. Operators on hosts where
the routine gate is friction without signal (Cursor, OpenCode, etc.)
have been maintaining local patches that get clobbered on every plugin
update; the Python upstream gateguard-ai already exposes equivalent
config via .gateguard.yml.
Adds two env vars, both off-by-default so existing behavior is
preserved:
- GATEGUARD_BASH_ROUTINE_DISABLED — truthy values (1, true, on, yes,
enabled) skip the routine bash gate. Destructive gate is unaffected.
- GATEGUARD_BASH_EXTRA_DESTRUCTIVE — regex source string for additional
destructive patterns. Matches against the same quote-stripped,
subshell-flattened command the built-in DESTRUCTIVE_SQL_DD regex sees,
so a custom phrase inside $(...) or backticks is also caught. A
malformed regex is logged once to stderr and treated as not configured
rather than crashing the hook (hooks must never block tool execution
unexpectedly).
Twelve new tests pin both env vars (truthy aliases, falsy values, unset
baseline, destructive-gate-still-fires, alternation members, malformed
regex degrades safely, custom phrase inside command substitution).
Existing 2619/2619 tests still pass; eslint clean.
Fixes#2078
* fix(gateguard): reset extra-destructive warn-once gate when env value changes
Both reviewers (CodeRabbit + cubic) flagged that
extraDestructiveWarnLogged was never reset when GATEGUARD_BASH_EXTRA_DESTRUCTIVE
flipped from one invalid regex to a different invalid regex. The
sticky boolean meant a long-running process saw bad-pattern-a's
warning then silently swallowed bad-pattern-b's parse failure.
Fix: clear extraDestructiveWarnLogged whenever the cache key changes
(i.e. before the regex compile attempt). The warn-once-per-distinct-
pattern invariant now matches the per-key cache invariant.
Adds a same-process regression test via loadDirectHook() that spies on
process.stderr.write and asserts: same bad pattern warns once across
multiple invocations; switching to a different bad pattern emits a
second warning; switching to a valid regex emits zero warnings.
* fix(suggest-compact): clean up old counter temp files
claude-tool-count-<sessionId> files were written into the OS temp dir
on every hook run and never removed, accumulating one orphan per
session indefinitely.
Sweep stale counter files at the top of main() before opening the
active counter. Retention is env-tunable via COMPACT_STATE_TTL_DAYS
(default 14 days); invalid values fall back to the default. The
active session's counter file is preserved unconditionally even if
its mtime is past the cutoff. Failures during the sweep are swallowed
to preserve the always-exit-0 hook contract.
Adds 7 regression tests covering the sweep, env-var validation, and
the always-exit-0 invariant under a populated temp dir.
Fixes#2156
* fix(suggest-compact): preserve counter files at the TTL cutoff boundary
The cleanup sweep used `mtimeMs > cutoffMs` to short-circuit, which
matched files whose mtime sits exactly on the cutoff boundary and
deleted them. The cleanupOldCounters docstring promises only files
*older than* retentionDays are removed; a file at age == retentionDays
is not older than retentionDays, so it must survive.
Switch the comparison to `>=` so only strictly older files fall
through to deletion. Add a regression test that pins boundary-aged
files (mtimeMs sitting just past the projected cutoff) are preserved.
Refs #2156
The observe.sh Layer 1 entrypoint guard short-circuits with exit 0 when
CLAUDE_CODE_ENTRYPOINT is not in {cli, sdk-ts, claude-desktop}. Claude
Code's VS Code extension sets CLAUDE_CODE_ENTRYPOINT=claude-vscode, so
VS Code users see no observations recorded — observations.jsonl never
gets created and the instinct pipeline stays empty.
Add claude-vscode to the allowlist, mirroring the precedent in #1522
which added claude-desktop the same way.
Add a regression test that spawns observe.sh under bash -x for each
allowed entrypoint (cli, sdk-ts, claude-desktop, claude-vscode) and
each denied entrypoint (unknown-host, claude-cody, mcp), asserting
that allowed entrypoints reach Layer 2's ECC_HOOK_PROFILE check while
denied entrypoints stop at Layer 1.
Fixes#2102
* fix: guard two script edge cases
- scripts/harness-audit.js: getRepoChecks() parsed package.json with raw
JSON.parse(readText(...)), while the rest of the file (lines 218, 822)
uses the tolerant safeParseJson(safeRead(...)). In repo target mode a
project lacking package.json — or with malformed JSON — threw an uncaught
exception and crashed the audit instead of degrading. Match the existing
convention so the audit tolerates a missing/invalid package.json.
- skills/frontend-slides/scripts/export-pdf.sh: `set -- "${POSITIONAL[@]}"`
expands an empty array under `set -u` on bash 3.2 (the macOS system bash),
aborting with "POSITIONAL[@]: unbound variable" instead of printing the
usage message when invoked with no positional args. Guard the expansion
with ${POSITIONAL[@]+"${POSITIONAL[@]}"} (no-op safe under bash 3.2 set -u).
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
* fix: null-safe package.json access in getRepoChecks
Review follow-up (CodeRabbit + cubic): switching to safeParseJson at line
389 means packageJson can be null on a missing/malformed package.json, but
the quality-ci-validations check dereferenced packageJson.scripts before the
optional chaining could help — throwing TypeError instead of degrading.
Guard the base object with packageJson?.scripts?.test at the access site,
matching the file's existing convention (e.g. line 220 uses packageJson?.name).
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Happy <yesreply@happy.engineering>
