0c2d245632
state.sh used SESSION_FILE for session.json (global tracking data). Both hook handlers override SESSION_FILE to sessions/<pgrp>.json for per-session isolation. buddymon_session_reset() at session-stop end was writing _version:1 data INTO sessions/<pgrp>.json, leaving stale wrong-format session files that broke buddy lookup. Fix: rename state.sh variable to SESSION_DATA_FILE — no more collision. Also: - Add matcher:'*' to SessionStart and Stop hooks (CC 2.x compatibility) - Add dead-session GC to session-start.sh (cleans up orphaned PGRP files) - Add 5 new privacy/security bug_monsters: LeakWraith (uncommon) — exposed credentials CipherNull (uncommon) — weak/broken crypto (MD5, ECB, rand() for secrets) ConsentShadow (rare) — tracking/analytics without consent (CF flagship villain) ThrottleDemon (common) — ignored 429s and missing backoff PrivacyLich (legendary) — GDPR/CCPA/breach debt; unkillable, only containable
53 lines
1.2 KiB
JSON
53 lines
1.2 KiB
JSON
{
|
|
"description": "Buddymon lifecycle hooks — session init, encounter detection, XP tally",
|
|
"hooks": {
|
|
"SessionStart": [
|
|
{
|
|
"matcher": "*",
|
|
"hooks": [
|
|
{
|
|
"type": "command",
|
|
"command": "bash ${CLAUDE_PLUGIN_ROOT}/hooks-handlers/session-start.sh",
|
|
"timeout": 10
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"UserPromptSubmit": [
|
|
{
|
|
"matcher": "",
|
|
"hooks": [
|
|
{
|
|
"type": "command",
|
|
"command": "python3 ${CLAUDE_PLUGIN_ROOT}/hooks-handlers/user-prompt-submit.py",
|
|
"timeout": 5
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"PostToolUse": [
|
|
{
|
|
"matcher": "Bash|Edit|Write|MultiEdit",
|
|
"hooks": [
|
|
{
|
|
"type": "command",
|
|
"command": "python3 ${CLAUDE_PLUGIN_ROOT}/hooks-handlers/post-tool-use.py",
|
|
"timeout": 10
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"Stop": [
|
|
{
|
|
"matcher": "*",
|
|
"hooks": [
|
|
{
|
|
"type": "command",
|
|
"command": "bash ${CLAUDE_PLUGIN_ROOT}/hooks-handlers/session-stop.sh",
|
|
"timeout": 10
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|