mirror of https://github.com/garrytan/gstack.git
873fcccd74
Plan-tune cathedral T6 — the keystone that makes never-ask actually bind.
Today preferences are agent-convention (silently ignored). This hook
enforces them via Claude Code's hook protocol: when a never-ask preference
matches an AUQ that is two-way + has a marker + has a clear recommendation,
the hook returns permissionDecision: "deny" with permissionDecisionReason
naming the auto-decided option. The agent obeys the rejection feedback and
proceeds with the recommended option without re-firing AUQ.
Decision tree (per question):
- marker absent → defer (D18: hash IDs are observed-only)
- one-way door → defer (safety override — never auto-decide one-way)
- always-ask preference → defer
- no preference set → defer
- ambiguous recommendation (two (recommended) labels OR no parseable rec)
→ defer (D2 refuse-on-ambiguous)
- never-ask / ask-only-for-one-way + two-way + clean rec → deny+reason
Preference precedence per D8: project-local
(~/.gstack/projects/<slug>/question-preferences.json) wins, global
(~/.gstack/global-question-preferences.json) is fallback.
Why deny+reason instead of allow+updatedInput:
AskUserQuestion's updatedInput shape for "pre-resolve this question" isn't
structurally pinned in Claude Code docs (T4 spike open question). deny with
a reason that names the auto-decided option is the conservative + reliable
v1 — the model receives the rejection, reads the recommended option from
the reason, proceeds without re-prompting. Swap to allow+updatedInput once
the AUQ input shape is verified against real Claude Code.
Since deny prevents PostToolUse from firing, this hook logs the auto-decided
event itself via gstack-question-log (source=auto-decided) so /plan-tune's
Recent auto-decisions surface picks it up. Also writes a session marker
~/.gstack/sessions/<id>/.auto-decided-<tool_use_id> for coordination when
the AUQ-shape switch lands.
Multi-question AUQ: enforcement is all-or-nothing per call. If any question
in the batch isn't eligible (no marker, no preference, ambiguous rec, etc.),
the whole call defers so the user still gets to answer the rest normally.
Registry lookup: cheap regex extraction from scripts/question-registry.ts
(reading + bun-importing the TS file from a hook is too slow). Door type
defaults to two-way for unregistered.
Matcher covers both native AskUserQuestion and mcp__*__AskUserQuestion
(Conductor disables native — Codex outside-voice catch).
15 unit tests cover defer paths, enforcement, one-way safety override,
ambiguous-rec refuse, precedence (project wins, global fallback,
project-overrides-global), MCP matcher, auto-decided event logging,
session marker writing, crash safety.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| claude/hooks | ||
| claude.ts | ||
| codex.ts | ||
| cursor.ts | ||
| factory.ts | ||
| gbrain.ts | ||
| hermes.ts | ||
| index.ts | ||
| kiro.ts | ||
| openclaw.ts | ||
| opencode.ts | ||
| slate.ts | ||