fix(hooks): emit suggest-compact via hookSpecificOutput stdout

The threshold and interval suggestions in suggest-compact.js are written
to stderr via log(). Per the Claude Code hooks guide, non-blocking
PreToolUse stderr (exit code 0) is only captured in the debug log — it
does not reach the model. As shipped, the script's nudge to /compact is
silent on Claude Code 2.1.x.

Fix: alongside the existing log() call (kept for debug-log capture),
emit the same suggestion as structured JSON on stdout:

  { hookSpecificOutput: {
      hookEventName: "PreToolUse",
      additionalContext: msg
  } }

This is the documented mechanism for a PreToolUse hook to inject
context into the next model turn without blocking the tool call.

Verified end-to-end on Claude Code 2.1.142 (VSCode native extension,
Windows 11) — the additionalContext now surfaces in the next turn as
a <system-reminder> block. Counter increment and exit code behavior
unchanged.

Tests: 4 new cases in tests/hooks/suggest-compact.test.js covering
stdout JSON at threshold, stdout JSON at +25 interval, silence below
threshold, and stderr-retention for the debug log. Suite goes from
19/19 -> 23/23 (suggest-compact) and full run-all stays clean for
the unaffected suites (the 4 pre-existing Windows broken-symlink
failures in ci/validators, lib/session-manager, and lib/utils are
unrelated to this change).

docs/ECC-2.0-GA-ROADMAP.md

@@ -171,6 +171,24 @@ As of 2026-05-13:
   head, scores their artifacts and findings against evaluator/RAG corpus
   expectations, and treats matching hosted artifacts as promotion evidence
   before reporting a gap.
+- ECC-Tools PR #70 merged as `7001d805ac981fe220b4575159f469fbea9dbb76`
+  and added retrieval planning for hosted promotion:
+  the check now emits ranked retrieval candidates from cached hosted artifacts,
+  hosted findings, expected evidence paths, and changed source paths, plus a
+  model prompt seed that tells the later hosted judge not to promote from
+  changed paths alone.
+- ECC-Tools PR #71 merged as `d41e59ff00fe1bd0b0c96386e56bc5269d7b9c15`
+  and added the first model-backed hosted promotion judge contract:
+  the check now emits a provider-neutral `hosted-promotion-judge.v1` request
+  contract and fails closed unless hosted retrieval evidence, entitlement,
+  remaining budget, and provider configuration are present. It still does not
+  make live model calls.
+- ECC-Tools PR #72 merged as `973bc51e5436dd279ae5a890cce9811485eef0b5`
+  and executes the hosted promotion model judge behind explicit gates:
+  `PR_HOSTED_PROMOTION_MODEL_JUDGE_MODE=execute` now calls the configured
+  provider only after hosted retrieval evidence, entitlement, budget, provider,
+  and executor gates pass; the check remains non-blocking, strict-JSON-only,
+  and rejects uncited or non-hosted model output without echoing raw responses.
 - Handoff `ecc-supply-chain-audit-20260513-0645.md` under
   `~/.cluster-swarm/handoffs/`
   records the May 13 supply-chain sweep: no active lockfile/manifest hit for
@@ -467,10 +485,10 @@ is not complete unless the evidence column exists and has been freshly verified.
 | Claude and Codex plugin publication | Contact/submission path with required artifacts and status | Publication readiness, naming matrix, and May 12 dry-run evidence document plugin validation, clean-checkout Claude tag/install smoke, and Codex marketplace CLI shape | Needs explicit approval for real tag/push and marketplace submission |
 | Articles, tweets, and announcements | X thread, LinkedIn copy, GitHub release copy, push checklist | Draft launch collateral exists under rc.1 release docs | Needs URL-backed refresh |
 | AgentShield enterprise iteration | Policy gates, SARIF, packs, provenance, corpus, HTML reports, exception lifecycle audit, baseline drift Action/CLI surfaces, evidence-pack redaction, harness adapter registry, enterprise research roadmap, supply-chain hardened release path, CI-safe baseline fingerprints, corpus accuracy recommendations, remediation workflow phases, env proxy hijack corpus coverage | PRs #53, #55-#64, #67-#69, and #78-#82 landed with test evidence; native PDF export deferred in favor of self-contained HTML plus print-to-PDF until explicit enterprise demand appears; `docs/architecture/agentshield-enterprise-research-roadmap.md` now has baseline drift, evidence-pack bundle, redaction, adapter-registry, supply-chain hardening, hashed baseline fingerprints, corpus accuracy recommendation, remediation workflow, and env proxy hijack corpus slices landed | Next hosted evidence-pack workflow depth |
-| ECC Tools next-level app | Billing audit, PR checks, deep analyzer, sync backlog, evaluator/RAG corpus, analysis-depth readiness, hosted execution planning, hosted CI diagnostics, hosted security evidence review, hosted harness compatibility audit, hosted reference-set evaluation, hosted AI routing/cost review, hosted team backlog routing, hosted depth-plan check-run, PR-comment hosted job dispatch, hosted job result history/check-runs, hosted result status command, status-aware depth-plan recommendations, hosted promotion readiness, hosted promotion output scoring | PRs #26-#43 plus #53-#69 landed with test evidence, including AgentShield evidence-pack gap routing, canonical bundle recognition, supply-chain signature gates, PR draft follow-up Linear tracking, evidence-backed/deep-ready repository classification, the `/api/analysis/depth-plan` hosted job plan, `/api/analysis/jobs/ci-diagnostics`, `/api/analysis/jobs/security-evidence-review`, `/api/analysis/jobs/harness-compatibility-audit`, `/api/analysis/jobs/reference-set-evaluation`, `/api/analysis/jobs/ai-routing-cost-review`, `/api/analysis/jobs/team-backlog-routing`, the `ECC Tools / Hosted Depth Plan` check-run, `/ecc-tools analyze --job ...` PR-comment dispatch, non-blocking per-hosted-job result check-runs backed by 30-day result cache records, `/ecc-tools analyze --job status` cache lookup, cache-aware next-job recommendations in the depth-plan check-run, the `ECC Tools / Hosted Promotion Readiness` corpus-backed PR check-run, and deterministic hosted-output scoring against cached completed job artifacts/findings | Next work is retrieval/model-backed hosted promotion after deterministic output scoring |
+| ECC Tools next-level app | Billing audit, PR checks, deep analyzer, sync backlog, evaluator/RAG corpus, analysis-depth readiness, hosted execution planning, hosted CI diagnostics, hosted security evidence review, hosted harness compatibility audit, hosted reference-set evaluation, hosted AI routing/cost review, hosted team backlog routing, hosted depth-plan check-run, PR-comment hosted job dispatch, hosted job result history/check-runs, hosted result status command, status-aware depth-plan recommendations, hosted promotion readiness, hosted promotion output scoring, hosted promotion retrieval planning, hosted promotion judge contract, gated hosted promotion judge execution | PRs #26-#43 plus #53-#72 landed with test evidence, including AgentShield evidence-pack gap routing, canonical bundle recognition, supply-chain signature gates, PR draft follow-up Linear tracking, evidence-backed/deep-ready repository classification, the `/api/analysis/depth-plan` hosted job plan, `/api/analysis/jobs/ci-diagnostics`, `/api/analysis/jobs/security-evidence-review`, `/api/analysis/jobs/harness-compatibility-audit`, `/api/analysis/jobs/reference-set-evaluation`, `/api/analysis/jobs/ai-routing-cost-review`, `/api/analysis/jobs/team-backlog-routing`, the `ECC Tools / Hosted Depth Plan` check-run, `/ecc-tools analyze --job ...` PR-comment dispatch, non-blocking per-hosted-job result check-runs backed by 30-day result cache records, `/ecc-tools analyze --job status` cache lookup, cache-aware next-job recommendations in the depth-plan check-run, the `ECC Tools / Hosted Promotion Readiness` corpus-backed PR check-run, deterministic hosted-output scoring against cached completed job artifacts/findings, ranked retrieval/model-prompt planning, the fail-closed `hosted-promotion-judge.v1` request contract, and opt-in live model-judge execution behind hosted evidence, entitlement, budget, provider, executor, strict JSON, and citation gates | Next work is hosted promotion telemetry and operator review UX |
 | GitGuardian/Dependabot/CodeRabbit-style checks | Non-blocking taxonomy, deterministic follow-up checks, and local supply-chain gates | ECC-Tools risk taxonomy check plus follow-up signals landed, including Skill Quality, Deep Analyzer Evidence, Analyzer Corpus Evidence, RAG/Evaluator Evidence, PR Review/Salvage Evidence, and AgentShield evidence-pack evidence; #1846 added npm registry signature gates; #1848 added the supply-chain incident-response playbook and `pull_request_target` cache-poisoning validator guard; #1851 added the privileged checkout credential-persistence guard; AgentShield #78, JARVIS #13, and ECC-Tools #53 applied the same hardening outside trunk | Current supply-chain gate complete; deeper hosted review features remain future |
-| Harness-agnostic learning system | Audit, adapter matrix, observability, traces, promotion loop | Audit/adapters/observability gates plus `docs/architecture/evaluator-rag-prototype.md`, `examples/evaluator-rag-prototype/`, and ECC-Tools PR #40 define read-only stale-salvage, billing-readiness, CI-failure-diagnosis, harness-config-quality, AgentShield policy-exception, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison scenarios with trace, report, playbook, verifier, and predictive-check artifacts; ECC-Tools PRs #68/#69 now turn that corpus into a deterministic PR check-run gate with cached hosted-output scoring | Deterministic hosted PR check and cached output scoring integrated; hosted retrieval remains future |
+| Harness-agnostic learning system | Audit, adapter matrix, observability, traces, promotion loop | Audit/adapters/observability gates plus `docs/architecture/evaluator-rag-prototype.md`, `examples/evaluator-rag-prototype/`, and ECC-Tools PR #40 define read-only stale-salvage, billing-readiness, CI-failure-diagnosis, harness-config-quality, AgentShield policy-exception, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison scenarios with trace, report, playbook, verifier, and predictive-check artifacts; ECC-Tools PRs #68-#72 now turn that corpus into a deterministic PR check-run gate with cached hosted-output scoring, ranked retrieval candidates, a model prompt seed, a fail-closed hosted model-judge request contract, and opt-in live model execution behind strict hosted-evidence gates | Deterministic hosted PR check, cached output scoring, retrieval planning, judge contract, and gated model execution integrated |
-| Linear roadmap is detailed | Linear project status plus repo mirror | Repo mirror exists; issue creation was retried on 2026-05-12 and remains blocked by the workspace free issue limit; this May 13 sync adds ECC #1860, AgentShield #78-#82, JARVIS #13, ECC-Tools #53-#69, resolved queue/discussion counts, and Linear project status updates through ECC-Tools #69 | Needs recurring status updates after each merge batch |
+| Linear roadmap is detailed | Linear project status plus repo mirror | Repo mirror exists; issue creation was retried on 2026-05-12 and remains blocked by the workspace free issue limit; this May 13 sync adds ECC #1860, AgentShield #78-#82, JARVIS #13, ECC-Tools #53-#72, resolved queue/discussion counts, and notes that Linear connector status updates after ECC-Tools #68 remain blocked by a connector secret-owner error | Needs recurring status updates after connector recovery |
 | Flow separation and progress tracking | Flow lanes with owner artifacts and update cadence | This roadmap defines lanes below and `docs/architecture/progress-sync-contract.md` makes GitHub/Linear/handoff/roadmap sync part of the readiness gate | Active |
 | Realtime Linear sync | Project updates while issue limit is blocked; issues later | ECC-Tools #39 implements opt-in Linear API sync for deferred follow-up backlog items, and ECC-Tools #54 adds copy-ready PR drafts to that backlog when draft PR shells are not opened; `docs/architecture/progress-sync-contract.md` defines the local file-backed realtime boundary while issue capacity is blocked | Needs workspace capacity/config rollout |
 | Observability for self-use | Local readiness gate, traces, status snapshots, HUD/status contract, risk ledger, progress-sync contract | `npm run observability:ready` reports 21/21 | Complete for local gate |
@@ -489,9 +507,9 @@ repo evidence and merge commits.
 | Queue hygiene and salvage | GitHub PR/issue state, salvage ledger | Append ledger entries for any future stale closures | Every cleanup batch |
 | Release and publication | rc.1 release docs, publication readiness doc | Naming matrix and plugin submission/contact checklist | Before any tag |
 | Harness OS core | Audit, adapter matrix, observability docs, `ecc2/` | HUD/session-control acceptance spec | Weekly until GA |
-| Evaluation and RAG | Reference-set validation, harness audit, traces, ECC-Tools corpus | Read-only evaluator/RAG prototype plus stale-salvage, billing-readiness, CI-failure-diagnosis, harness-config-quality, AgentShield policy-exception, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison fixtures; ECC-Tools #68 publishes the corpus as a hosted promotion readiness check-run, and #69 scores cached hosted job outputs against the same corpus | Hosted retrieval/model-backed promotion plan |
+| Evaluation and RAG | Reference-set validation, harness audit, traces, ECC-Tools corpus | Read-only evaluator/RAG prototype plus stale-salvage, billing-readiness, CI-failure-diagnosis, harness-config-quality, AgentShield policy-exception, skill-quality evidence, deep-analyzer evidence, and RAG/evaluator comparison fixtures; ECC-Tools #68 publishes the corpus as a hosted promotion readiness check-run, #69 scores cached hosted job outputs against the same corpus, #70 emits ranked retrieval candidates plus a model prompt seed, #71 adds a fail-closed hosted model-judge request contract, and #72 executes that judge only when explicitly enabled and backed by hosted retrieval citations | Hosted promotion telemetry and operator review UX |
 | AgentShield enterprise | AgentShield PR evidence and roadmap notes | Remediation workflow depth or corpus expansion follow-up | Next implementation batch |
-| ECC Tools app | ECC-Tools PR evidence, billing audit, risk taxonomy, evaluator/RAG corpus | ECC-Tools #53 published the supply-chain workflow hardening branch, #54 tracks copy-ready PR drafts in the Linear/project backlog, #55 classifies analysis-depth readiness, #56 exposes the hosted execution plan, #57 executes the first hosted CI diagnostics job, #58 executes the hosted security evidence review job, #59 executes the hosted harness compatibility audit, #60 executes the hosted reference-set evaluation, #61 executes the hosted AI routing/cost review, #62 executes hosted team backlog routing, #63 publishes the hosted depth-plan check-run, #64 dispatches hosted jobs from PR comments, #65 persists hosted result history/check-runs, #66 exposes hosted job status from PR comments, #67 makes depth-plan recommendations cache-aware, #68 publishes hosted promotion readiness from the evaluator/RAG corpus, and #69 scores cached hosted job outputs against that corpus; next work is retrieval/model-backed hosted promotion | Next implementation batch |
+| ECC Tools app | ECC-Tools PR evidence, billing audit, risk taxonomy, evaluator/RAG corpus | ECC-Tools #53 published the supply-chain workflow hardening branch, #54 tracks copy-ready PR drafts in the Linear/project backlog, #55 classifies analysis-depth readiness, #56 exposes the hosted execution plan, #57 executes the first hosted CI diagnostics job, #58 executes the hosted security evidence review job, #59 executes the hosted harness compatibility audit, #60 executes the hosted reference-set evaluation, #61 executes the hosted AI routing/cost review, #62 executes hosted team backlog routing, #63 publishes the hosted depth-plan check-run, #64 dispatches hosted jobs from PR comments, #65 persists hosted result history/check-runs, #66 exposes hosted job status from PR comments, #67 makes depth-plan recommendations cache-aware, #68 publishes hosted promotion readiness from the evaluator/RAG corpus, #69 scores cached hosted job outputs against that corpus, #70 emits ranked retrieval candidates plus a model prompt seed, #71 emits the gated `hosted-promotion-judge.v1` contract without live model calls, and #72 adds opt-in live model-judge execution behind hosted-evidence and strict JSON/citation gates | Next implementation batch |
 | Linear progress | Linear project status updates, `docs/architecture/progress-sync-contract.md`, and this mirror | Status update with queue/evidence/missing gates | Every significant merge batch |
 
 The project status update should always include:
@@ -708,12 +726,12 @@ Acceptance:
    PR #82 expanded corpus coverage for env proxy hijacks and out-of-band
    exfiltration; and ECC-Tools PRs #42/#43 now route and recognize evidence
    packs. The next slice is hosted evidence-pack workflow depth.
-2. Plan retrieval/model-backed hosted promotion on top of the #69 deterministic
+2. Add hosted promotion telemetry and operator review UX on top of the #72
-   hosted output scoring contract, keeping vector/model judgment behind fixture
+   gated model execution path so live judgments can be audited before any
-   evaluation until the retrieval contract is stable.
+   promotion policy becomes enforceable.
 3. Enable/configure the merged Linear backlog sync path after workspace issue
    capacity clears or the Linear workspace is upgraded, then verify PR-draft
    salvage items land in the expected project.
 4. Use the ECC-Tools evaluator/RAG corpus as the promotion gate before adding
-   hosted retrieval, vector storage, model-backed judging, or automated
+   hosted retrieval, vector storage, live model-backed judging, or automated
    check-run promotion.

scripts/hooks/config-protection.js

@@ -7,13 +7,12 @@
  * the actual code. This hook steers the agent back to fixing the source.
  *
  * Exit codes:
- *   0 = allow (not a config file, or first-time creation of one)
+ *   0 = allow (not a config file)
- *   2 = block (existing config file modification attempted)
+ *   2 = block (config file modification attempted)
  */
 
 'use strict';
 
-const fs = require('fs');
 const path = require('path');
 
 const MAX_STDIN = 1024 * 1024;
@@ -59,7 +58,7 @@ const PROTECTED_FILES = new Set([
   '.stylelintrc.yml',
   '.markdownlint.json',
   '.markdownlint.yaml',
-  '.markdownlintrc'
+  '.markdownlintrc',
 ]);
 
 function parseInput(inputOrRaw) {
@@ -95,41 +94,13 @@ function run(inputOrRaw, options = {}) {
 
   const basename = path.basename(filePath);
   if (PROTECTED_FILES.has(basename)) {
-    // Allow first-time creation — there's no existing config to weaken.
-    // The hook's purpose is blocking modifications; writing a brand-new
-    // config file in a project that has none is a legitimate bootstrap
-    // path (e.g. scaffolding ESLint into a fresh repo).
-    //
-    // Fail closed on any stat error other than ENOENT. Use lstatSync so a
-    // symlink at the protected path is treated as present even if its target
-    // is missing — a dangling symlink at e.g. .eslintrc.js still represents
-    // an existing config entry that an agent should not silently replace.
-    // fs.existsSync would swallow EACCES/EPERM as false; lstatSync exposes
-    // the error code so we can treat only genuine "path not found" (ENOENT)
-    // as absent.
-    let exists = true;
-    try {
-      fs.lstatSync(filePath);
-      // lstat succeeded — something (file, dir, or symlink) exists here.
-    } catch (err) {
-      if (err && err.code === 'ENOENT') {
-        exists = false;
-      }
-      // Any other error (EACCES, EPERM, ELOOP, etc.) leaves exists=true
-      // so the guard is never silently weakened.
-    }
-
-    if (!exists) {
-      return { exitCode: 0 };
-    }
-
     return {
       exitCode: 2,
       stderr:
         `BLOCKED: Modifying ${basename} is not allowed. ` +
         'Fix the source code to satisfy linter/formatter rules instead of ' +
         'weakening the config. If this is a legitimate config change, ' +
-        'disable the config-protection hook temporarily.'
+        'disable the config-protection hook temporarily.',
     };
   }
 
@@ -154,7 +125,7 @@ process.stdin.on('data', chunk => {
 process.stdin.on('end', () => {
   const result = run(raw, {
     truncated,
-    maxStdin: Number(process.env.ECC_HOOK_INPUT_MAX_BYTES) || MAX_STDIN
+    maxStdin: Number(process.env.ECC_HOOK_INPUT_MAX_BYTES) || MAX_STDIN,
   });
 
   if (result.stderr) {

scripts/hooks/suggest-compact.js

@@ -19,7 +19,8 @@ const {
   getTempDir,
   writeFile,
   readStdinJson,
-  log
+  log,
+  output
 } = require('../lib/utils');
 
 async function resolveSessionId() {
@@ -77,14 +78,25 @@ async function main() {
     writeFile(counterFile, String(count));
   }
 
-  // Suggest compact after threshold tool calls
+  // Suggest compact after threshold tool calls.
+  //
+  // log() writes to stderr (debug log). Per the Claude Code hooks guide,
+  // non-blocking PreToolUse stderr (exit 0) is only written to the debug log;
+  // it does not reach the model. To inject a user-facing suggestion without
+  // blocking the tool call, emit structured JSON to stdout with
+  // hookSpecificOutput.additionalContext — the documented mechanism for
+  // PreToolUse hooks to add context to the next model turn.
   if (count === threshold) {
-    log(`[StrategicCompact] ${threshold} tool calls reached - consider /compact if transitioning phases`);
+    const msg = `[StrategicCompact] ${threshold} tool calls reached - consider /compact if transitioning phases`;
+    log(msg);
+    output({ hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: msg } });
   }
 
   // Suggest at regular intervals after threshold (every 25 calls from threshold)
   if (count > threshold && (count - threshold) % 25 === 0) {
-    log(`[StrategicCompact] ${count} tool calls - good checkpoint for /compact if context is stale`);
+    const msg = `[StrategicCompact] ${count} tool calls - good checkpoint for /compact if context is stale`;
+    log(msg);
+    output({ hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: msg } });
   }
 
   process.exit(0);

tests/docs/evaluator-rag-prototype.test.js

@@ -135,7 +135,7 @@ test('roadmap points to the evaluator RAG prototype and hosted PR check', () =>
 
   assert.ok(roadmap.includes('docs/architecture/evaluator-rag-prototype.md'));
   assert.ok(roadmap.includes('examples/evaluator-rag-prototype/'));
-  assert.ok(roadmap.includes('Deterministic hosted PR check and cached output scoring integrated; hosted retrieval remains future'));
+  assert.ok(roadmap.includes('Deterministic hosted PR check, cached output scoring, retrieval planning, judge contract, and gated model execution integrated'));
 });
 
 test('billing readiness scenario rejects launch copy overclaims', () => {

tests/hooks/config-protection.test.js

@@ -4,7 +4,6 @@
 
 const assert = require('assert');
 const fs = require('fs');
-const os = require('os');
 const path = require('path');
 const { spawnSync } = require('child_process');
 
@@ -71,249 +70,85 @@ function runTests() {
   let passed = 0;
   let failed = 0;
 
-  if (
+  if (test('blocks protected config file edits through run-with-flags', () => {
-    test('blocks protected config file edits through run-with-flags', () => {
+    const input = {
-      const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ecc-config-protect-'));
+      tool_name: 'Write',
-      try {
+      tool_input: {
-        const absPath = path.join(tmpDir, '.eslintrc.js');
+        file_path: '.eslintrc.js',
-        fs.writeFileSync(absPath, 'module.exports = {};');
+        content: 'module.exports = {};'
-
-        const input = {
-          tool_name: 'Write',
-          tool_input: {
-            file_path: absPath,
-            content: 'module.exports = {};'
-          }
-        };
-
-        const result = runHook(input);
-        assert.strictEqual(result.code, 2, 'Expected protected config edit to be blocked');
-        assert.strictEqual(result.stdout, '', 'Blocked hook should not echo raw input');
-        assert.ok(result.stderr.includes('BLOCKED: Modifying .eslintrc.js is not allowed.'), `Expected block message, got: ${result.stderr}`);
-      } finally {
-        try {
-          fs.rmSync(tmpDir, { recursive: true, force: true });
-        } catch {
-          // best-effort cleanup
-        }
       }
-    })
+    };
-  )
-    passed++;
-  else failed++;
 
-  if (
+    const result = runHook(input);
-    test('passes through safe file edits unchanged', () => {
+    assert.strictEqual(result.code, 2, 'Expected protected config edit to be blocked');
-      const input = {
+    assert.strictEqual(result.stdout, '', 'Blocked hook should not echo raw input');
-        tool_name: 'Write',
+    assert.ok(result.stderr.includes('BLOCKED: Modifying .eslintrc.js is not allowed.'), `Expected block message, got: ${result.stderr}`);
-        tool_input: {
+  })) passed++; else failed++;
-          file_path: 'src/index.js',
-          content: 'console.log("ok");'
-        }
-      };
 
-      const rawInput = JSON.stringify(input);
+  if (test('passes through safe file edits unchanged', () => {
-      const result = runHook(input);
+    const input = {
-      assert.strictEqual(result.code, 0, 'Expected safe file edit to pass');
+      tool_name: 'Write',
-      assert.strictEqual(result.stdout, rawInput, 'Expected exact raw JSON passthrough');
+      tool_input: {
-      assert.strictEqual(result.stderr, '', 'Expected no stderr for safe edits');
+        file_path: 'src/index.js',
-    })
+        content: 'console.log("ok");'
-  )
+      }
-    passed++;
+    };
-  else failed++;
+
+    const rawInput = JSON.stringify(input);
+    const result = runHook(input);
+    assert.strictEqual(result.code, 0, 'Expected safe file edit to pass');
+    assert.strictEqual(result.stdout, rawInput, 'Expected exact raw JSON passthrough');
+    assert.strictEqual(result.stderr, '', 'Expected no stderr for safe edits');
+  })) passed++; else failed++;
+
+  if (test('blocks truncated protected config payloads instead of failing open', () => {
+    const rawInput = JSON.stringify({
+      tool_name: 'Write',
+      tool_input: {
+        file_path: '.eslintrc.js',
+        content: 'x'.repeat(1024 * 1024 + 2048)
+      }
+    });
+
+    const result = runHook(rawInput);
+    assert.strictEqual(result.code, 2, 'Expected truncated protected payload to be blocked');
+    assert.strictEqual(result.stdout, '', 'Blocked truncated payload should not echo raw input');
+    assert.ok(result.stderr.includes('Hook input exceeded 1048576 bytes'), `Expected size warning, got: ${result.stderr}`);
+    assert.ok(result.stderr.includes('truncated payload'), `Expected truncated payload warning, got: ${result.stderr}`);
+  })) passed++; else failed++;
+
+  if (test('legacy hooks do not echo raw input when they fail without stdout', () => {
+    const pluginRoot = path.join(__dirname, '..', `tmp-runner-plugin-${Date.now()}`);
+    const scriptDir = path.join(pluginRoot, 'scripts', 'hooks');
+    const scriptPath = path.join(scriptDir, 'legacy-block.js');
+
+    try {
+      fs.mkdirSync(scriptDir, { recursive: true });
+      fs.writeFileSync(
+        scriptPath,
+        '#!/usr/bin/env node\nprocess.stderr.write("blocked by legacy hook\\n");\nprocess.exit(2);\n'
+      );
 
-  if (
-    test('blocks truncated protected config payloads instead of failing open', () => {
       const rawInput = JSON.stringify({
         tool_name: 'Write',
         tool_input: {
           file_path: '.eslintrc.js',
-          content: 'x'.repeat(1024 * 1024 + 2048)
+          content: 'module.exports = {};'
         }
       });
 
-      const result = runHook(rawInput);
+      const result = runCustomHook(pluginRoot, 'pre:legacy-block', 'scripts/hooks/legacy-block.js', rawInput);
-      assert.strictEqual(result.code, 2, 'Expected truncated protected payload to be blocked');
+      assert.strictEqual(result.code, 2, 'Expected failing legacy hook exit code to propagate');
-      assert.strictEqual(result.stdout, '', 'Blocked truncated payload should not echo raw input');
+      assert.strictEqual(result.stdout, '', 'Expected failing legacy hook to avoid raw passthrough');
-      assert.ok(result.stderr.includes('Hook input exceeded 1048576 bytes'), `Expected size warning, got: ${result.stderr}`);
+      assert.ok(result.stderr.includes('blocked by legacy hook'), `Expected legacy hook stderr, got: ${result.stderr}`);
-      assert.ok(result.stderr.includes('truncated payload'), `Expected truncated payload warning, got: ${result.stderr}`);
+    } finally {
-    })
-  )
-    passed++;
-  else failed++;
-
-  if (
-    test('allows first-time creation of a protected config file', () => {
-      const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ecc-config-protect-'));
       try {
-        const absPath = path.join(tmpDir, 'eslint.config.mjs');
+        fs.rmSync(pluginRoot, { recursive: true, force: true });
-        const input = {
+      } catch {
-          tool_name: 'Write',
+        // best-effort cleanup
-          tool_input: {
-            file_path: absPath,
-            content: 'export default [];'
-          }
-        };
-
-        const rawInput = JSON.stringify(input);
-        const result = runHook(input);
-        assert.strictEqual(result.code, 0, `Expected exit 0 for first-time creation, got ${result.code}; stderr: ${result.stderr}`);
-        assert.strictEqual(result.stdout, rawInput, 'Expected raw passthrough when creation is allowed');
-        assert.strictEqual(result.stderr, '', `Expected no stderr for first-time creation, got: ${result.stderr}`);
-      } finally {
-        try {
-          fs.rmSync(tmpDir, { recursive: true, force: true });
-        } catch {
-          // best-effort cleanup
-        }
       }
-    })
+    }
-  )
+  })) passed++; else failed++;
-    passed++;
-  else failed++;
-
-  if (
-    test('allows first-time creation when the parent directory does not exist yet', () => {
-      const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ecc-config-protect-'));
-      try {
-        // Path under a non-existent subdirectory — statSync returns ENOENT
-        // on the final segment, which should be treated as "does not exist"
-        // and allow the write. (Agent or CLI is expected to create parents
-        // during the Write itself; this hook does not need to.)
-        const absPath = path.join(tmpDir, 'no-such-parent', '.prettierrc');
-        const input = {
-          tool_name: 'Write',
-          tool_input: {
-            file_path: absPath,
-            content: '{}'
-          }
-        };
-
-        const rawInput = JSON.stringify(input);
-        const result = runHook(input);
-        assert.strictEqual(result.code, 0, `Expected exit 0 for ENOENT path, got ${result.code}; stderr: ${result.stderr}`);
-        assert.strictEqual(result.stdout, rawInput, 'Expected raw passthrough when path does not exist');
-      } finally {
-        try {
-          fs.rmSync(tmpDir, { recursive: true, force: true });
-        } catch {
-          // best-effort cleanup
-        }
-      }
-    })
-  )
-    passed++;
-  else failed++;
-
-  if (
-    test('blocks protected paths that exist as a dangling symlink', () => {
-      const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ecc-config-protect-'));
-      try {
-        const missingTarget = path.join(tmpDir, 'nowhere.js');
-        const linkPath = path.join(tmpDir, '.eslintrc.js');
-        try {
-          fs.symlinkSync(missingTarget, linkPath);
-        } catch (err) {
-          // Windows without Developer Mode or certain sandboxes disallow
-          // symlinks. Skip cleanly rather than fail the suite.
-          if (err.code === 'EPERM' || err.code === 'EACCES') {
-            console.log('    (skipped: symlink creation not permitted here)');
-            return;
-          }
-          throw err;
-        }
-
-        const input = {
-          tool_name: 'Write',
-          tool_input: {
-            file_path: linkPath,
-            content: 'module.exports = {};'
-          }
-        };
-
-        const result = runHook(input);
-        assert.strictEqual(result.code, 2, `Expected exit 2 for dangling symlink, got ${result.code}; stderr: ${result.stderr}`);
-        assert.strictEqual(result.stdout, '', 'Blocked hook should not echo raw input');
-        assert.ok(
-          result.stderr.includes('BLOCKED: Modifying .eslintrc.js is not allowed.'),
-          `Expected block message, got: ${result.stderr}`
-        );
-      } finally {
-        try {
-          fs.rmSync(tmpDir, { recursive: true, force: true });
-        } catch {
-          // best-effort cleanup
-        }
-      }
-    })
-  )
-    passed++;
-  else failed++;
-
-  if (
-    test('still blocks writes to an existing protected config file', () => {
-      const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ecc-config-protect-'));
-      try {
-        const absPath = path.join(tmpDir, '.eslintrc.js');
-        fs.writeFileSync(absPath, 'module.exports = { rules: {} };');
-
-        const input = {
-          tool_name: 'Edit',
-          tool_input: {
-            file_path: absPath,
-            content: 'module.exports = { rules: { "no-console": "off" } };'
-          }
-        };
-
-        const result = runHook(input);
-        assert.strictEqual(result.code, 2, 'Expected exit 2 when modifying an existing protected config');
-        assert.strictEqual(result.stdout, '', 'Blocked hook should not echo raw input');
-        assert.ok(result.stderr.includes('BLOCKED: Modifying .eslintrc.js is not allowed.'), `Expected block message, got: ${result.stderr}`);
-      } finally {
-        try {
-          fs.rmSync(tmpDir, { recursive: true, force: true });
-        } catch {
-          // best-effort cleanup
-        }
-      }
-    })
-  )
-    passed++;
-  else failed++;
-
-  if (
-    test('legacy hooks do not echo raw input when they fail without stdout', () => {
-      const pluginRoot = path.join(__dirname, '..', `tmp-runner-plugin-${Date.now()}`);
-      const scriptDir = path.join(pluginRoot, 'scripts', 'hooks');
-      const scriptPath = path.join(scriptDir, 'legacy-block.js');
-
-      try {
-        fs.mkdirSync(scriptDir, { recursive: true });
-        fs.writeFileSync(scriptPath, '#!/usr/bin/env node\nprocess.stderr.write("blocked by legacy hook\\n");\nprocess.exit(2);\n');
-
-        const rawInput = JSON.stringify({
-          tool_name: 'Write',
-          tool_input: {
-            file_path: '.eslintrc.js',
-            content: 'module.exports = {};'
-          }
-        });
-
-        const result = runCustomHook(pluginRoot, 'pre:legacy-block', 'scripts/hooks/legacy-block.js', rawInput);
-        assert.strictEqual(result.code, 2, 'Expected failing legacy hook exit code to propagate');
-        assert.strictEqual(result.stdout, '', 'Expected failing legacy hook to avoid raw passthrough');
-        assert.ok(result.stderr.includes('blocked by legacy hook'), `Expected legacy hook stderr, got: ${result.stderr}`);
-      } finally {
-        try {
-          fs.rmSync(pluginRoot, { recursive: true, force: true });
-        } catch {
-          // best-effort cleanup
-        }
-      }
-    })
-  )
-    passed++;
-  else failed++;
 
   console.log(`\nResults: Passed: ${passed}, Failed: ${failed}`);
   process.exit(failed > 0 ? 1 : 0);

tests/hooks/suggest-compact.test.js

@@ -366,6 +366,66 @@ function runTests() {
   })) passed++;
   else failed++;
 
+  // ── hookSpecificOutput JSON on stdout ──
+  // Claude Code 2.1+ drops non-blocking PreToolUse stderr; the suggestion has
+  // to ride on stdout as { hookSpecificOutput: { additionalContext } } to reach
+  // the model. These tests pin that contract.
+  console.log('\nhookSpecificOutput stdout JSON:');
+
+  if (test('emits hookSpecificOutput.additionalContext on stdout at threshold', () => {
+    const { sessionId, counterFile, cleanup } = createCounterContext();
+    cleanup();
+    fs.writeFileSync(counterFile, '49');
+    const result = runCompact({ CLAUDE_SESSION_ID: sessionId });
+    assert.strictEqual(result.code, 0, 'Should exit 0');
+    assert.ok(result.stdout.trim().length > 0, `Expected stdout payload at threshold. Got: "${result.stdout}"`);
+    const parsed = JSON.parse(result.stdout);
+    assert.strictEqual(parsed.hookSpecificOutput.hookEventName, 'PreToolUse',
+      `hookEventName should be PreToolUse. Got: ${JSON.stringify(parsed)}`);
+    assert.ok(parsed.hookSpecificOutput.additionalContext.includes('50 tool calls reached'),
+      `additionalContext should include threshold text. Got: ${parsed.hookSpecificOutput.additionalContext}`);
+    cleanup();
+  })) passed++;
+  else failed++;
+
+  if (test('emits hookSpecificOutput.additionalContext on stdout at +25 interval', () => {
+    const { sessionId, counterFile, cleanup } = createCounterContext();
+    cleanup();
+    // threshold=3, set counter to 27 → next run = 28 → 28-3=25 → interval hit
+    fs.writeFileSync(counterFile, '27');
+    const result = runCompact({ CLAUDE_SESSION_ID: sessionId, COMPACT_THRESHOLD: '3' });
+    assert.strictEqual(result.code, 0, 'Should exit 0');
+    assert.ok(result.stdout.trim().length > 0, `Expected stdout payload at interval. Got: "${result.stdout}"`);
+    const parsed = JSON.parse(result.stdout);
+    assert.strictEqual(parsed.hookSpecificOutput.hookEventName, 'PreToolUse');
+    assert.ok(parsed.hookSpecificOutput.additionalContext.includes('28 tool calls'),
+      `additionalContext should include count. Got: ${parsed.hookSpecificOutput.additionalContext}`);
+    cleanup();
+  })) passed++;
+  else failed++;
+
+  if (test('emits no stdout below threshold (silent)', () => {
+    const { sessionId, cleanup } = createCounterContext();
+    cleanup();
+    const result = runCompact({ CLAUDE_SESSION_ID: sessionId, COMPACT_THRESHOLD: '5' });
+    assert.strictEqual(result.code, 0);
+    assert.strictEqual(result.stdout.trim(), '',
+      `Expected empty stdout below threshold. Got: "${result.stdout}"`);
+    cleanup();
+  })) passed++;
+  else failed++;
+
+  if (test('still writes [StrategicCompact] to stderr (debug log retained)', () => {
+    const { sessionId, counterFile, cleanup } = createCounterContext();
+    cleanup();
+    fs.writeFileSync(counterFile, '49');
+    const result = runCompact({ CLAUDE_SESSION_ID: sessionId });
+    assert.ok(result.stderr.includes('[StrategicCompact]'),
+      `stderr should retain [StrategicCompact] for debug log capture. Got: "${result.stderr}"`);
+    cleanup();
+  })) passed++;
+  else failed++;
+
   // ── Round 64: default session ID fallback ──
   console.log('\nDefault session ID fallback (Round 64):');