Goal
Ship 10 deterministic, manifest-driven PreToolUse + PostToolUse hooks in v1.5.0 that enforce common dev-discipline rules across all repos where the plugin is enabled.
Tier 1 ruleset
| # |
Rule ID |
Tool |
Action |
| 1 |
ssh-db-mutation |
Bash |
block |
| 2 |
gcloud-missing-project |
Bash |
warn |
| 3 |
prod-ops-no-approval |
Bash |
block |
| 4 |
destructive-db-ops |
Bash |
block |
| 5 |
manual-edge-fn-deploy |
Bash |
block |
| 6 |
minified-build-output |
Edit/Write/MultiEdit |
block |
| 7 |
secrets-hardcoded |
Edit/Write/MultiEdit |
block |
| 8 |
slack-unicode-bullets |
Slack |
warn |
| 9 |
slack-tables-no-codeblock |
Slack |
warn |
| 10 |
slack-spanish-tildes |
Slack |
warn |
Architecture
- Single source of truth:
hooks/rules/rules.yaml
- Generic evaluator:
hooks/lib/eval-rule.sh (no rule-specific logic in shell)
- Build pipeline:
scripts/build-rules.mjs compiles YAML → JSON, validates schema, runs IP-leak guard
Status
Closes
PR #9 closes this issue.
Related
Goal
Ship 10 deterministic, manifest-driven PreToolUse + PostToolUse hooks in v1.5.0 that enforce common dev-discipline rules across all repos where the plugin is enabled.
Tier 1 ruleset
Architecture
hooks/rules/rules.yamlhooks/lib/eval-rule.sh(no rule-specific logic in shell)scripts/build-rules.mjscompiles YAML → JSON, validates schema, runs IP-leak guardStatus
Closes
PR #9 closes this issue.
Related
hooks/rules/README.md(in PR feat: manifest-driven PreToolUse + PostToolUse hooks (v1.5.0) #9) for the schema and the T1-T7 decomposition techniques planned for Tier 2.