KeiSeiKit-1.0

keisei/KeiSeiKit-1.0

Fork 0

Commit graph

Author	SHA1	Message	Date
KeiSei84	98d30e352f	chore(public-prep): scrub author identity + private-IP references (#43 ) Pre-public Phase 1. Remove personal/IP traces that should not ship in a general-purpose kit; keep only intended author attribution. - no-github-push.sh + hooks-and-blocks.md + ci-scaffold: drop "KeiTech unfiled patent IP / trade secrets / priority date" wording; reword as a generic opt-in guard for keeping code on a private remote. - check-error-patterns.sh: remove author-local absolute path from the tombstone comment. - graph-export-watcher.sh: default viz dir to ~/.local/share/kei/graph-viz (was a personal project path). - agent manifests (cost-guardian, modal-runner, infra/ml/code-implementer) + ci.yml: strip private memory references and dated personal incidents; keep the generic cost/ops lessons. Snapshots regenerated; golden 3/3. Kept intentionally: author attribution (NOTICE / README / Cargo / plugin). Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-25 14:31:19 +07:00
Parfii-bot	4afc85ca30	fix(hooks): post-audit hook chain hardening + 4 new defensive hooks Hook chain repairs (Group A): - alignment-check.sh: read .prompt (was .user_prompt) — hook was dead - block-dangerous.sh: jq instead of inline interpreter (RULE 0.2 + fail-open fix) - destructive-guard.sh: explicit INPUT=cat + jq guard + exit 0 — was silent no-op - numeric-claims-guard.sh: exit 1 -> exit 2 (Claude Code spec — was non-blocking) comments updated 0.17 -> 0.18 (env var name kept) - no-downgrade.sh: removed (?i) PCRE syntax — POSIX ERE matched literal text - task-timer.sh: jq -nc instead of bare printf — JSON injection on quotes/backslashes in description was corrupting RULE 0.18 evidence journal - check-error-patterns.sh: replaced with no-op stub — had hardcoded /Users/denis/... PATH LEAK in public kit, plus inline interpreter use - post-commit-audit.sh: added trailing exit 0 — grep return code was hook exit code - citation-verify.sh: ALLOW_REGEX accepts HOOK-BYPASS marker — bypass was documented but never matched - settings-snippet.json: agent-stub-scan moved PreToolUse:Agent -> PostToolUse:Agent (RULE 0.16 enforcement was firing before transcript existed) - check-error-patterns hook removed from settings-snippet.json New defensive hooks (Group H): - no-github-push.sh: PreToolUse:Bash hard deny on github.com push/create/sync/remote-add (RULE 0.1 — patent IP protection; was missing from public kit) - secrets-pre-guard.sh: PreToolUse:Edit\|Write — token-pattern scan with allowlist (RULE 0.8) - chat-numeric-prewarn.sh: UserPromptSubmit reminder when prompt mentions time/cost (RULE 0.18 chat extension) - chat-numeric-postflag.sh: Stop event scans last assistant message for naked numerics without REAL/FROM-JOURNAL/ESTIMATE-HTC markers Source: full Sonnet test-retest audit 2026-05-02 (3 parallel waves of 6 agents each) identified hook chain bugs as HIGH severity in all 3 runs independently. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-02 21:38:47 +08:00
Parfii-bot	a4e667de10	KeiSeiKit-public — clean state Single-commit clean baseline after security scrub of niche-tells, project codenames, internal jargon, and contributor-email leaks. Contents: - 100 Rust crates (_primitives/_rust/) - 37 agent manifests (_manifests/) + generated specs (_generated/) - 67 user-invocable skills (skills/) - 33 hooks (hooks/) - Composition blocks (_blocks/) - Documentation (docs/, README.md) - TS adapter packages (_ts_packages/) - Assembler (_assembler/) - Roles (_roles/) - Templates (_templates/) - Forgejo CI (.forgejo/) Author: Denis Parfionovich <info@greendragon.info> License: see LICENSE.	2026-05-01 12:09:03 +08:00

Author

SHA1

Message

Date

KeiSei84

98d30e352f

chore(public-prep): scrub author identity + private-IP references (#43 )

Pre-public Phase 1. Remove personal/IP traces that should not ship in a
general-purpose kit; keep only intended author attribution.

- no-github-push.sh + hooks-and-blocks.md + ci-scaffold: drop "KeiTech
  unfiled patent IP / trade secrets / priority date" wording; reword as a
  generic opt-in guard for keeping code on a private remote.
- check-error-patterns.sh: remove author-local absolute path from the
  tombstone comment.
- graph-export-watcher.sh: default viz dir to ~/.local/share/kei/graph-viz
  (was a personal project path).
- agent manifests (cost-guardian, modal-runner, infra/ml/code-implementer)
  + ci.yml: strip private memory references and dated personal incidents;
  keep the generic cost/ops lessons. Snapshots regenerated; golden 3/3.

Kept intentionally: author attribution (NOTICE / README / Cargo / plugin).

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-25 14:31:19 +07:00

Parfii-bot

4afc85ca30

fix(hooks): post-audit hook chain hardening + 4 new defensive hooks

Hook chain repairs (Group A):
- alignment-check.sh: read .prompt (was .user_prompt) — hook was dead
- block-dangerous.sh: jq instead of inline interpreter (RULE 0.2 + fail-open fix)
- destructive-guard.sh: explicit INPUT=cat + jq guard + exit 0 — was silent no-op
- numeric-claims-guard.sh: exit 1 -> exit 2 (Claude Code spec — was non-blocking)
                          comments updated 0.17 -> 0.18 (env var name kept)
- no-downgrade.sh: removed (?i) PCRE syntax — POSIX ERE matched literal text
- task-timer.sh: jq -nc instead of bare printf — JSON injection on quotes/backslashes
                 in description was corrupting RULE 0.18 evidence journal
- check-error-patterns.sh: replaced with no-op stub — had hardcoded /Users/denis/...
                            PATH LEAK in public kit, plus inline interpreter use
- post-commit-audit.sh: added trailing exit 0 — grep return code was hook exit code
- citation-verify.sh: ALLOW_REGEX accepts HOOK-BYPASS marker — bypass was documented
                       but never matched
- settings-snippet.json: agent-stub-scan moved PreToolUse:Agent -> PostToolUse:Agent
                          (RULE 0.16 enforcement was firing before transcript existed)
- check-error-patterns hook removed from settings-snippet.json

New defensive hooks (Group H):
- no-github-push.sh: PreToolUse:Bash hard deny on github.com push/create/sync/remote-add
                      (RULE 0.1 — patent IP protection; was missing from public kit)
- secrets-pre-guard.sh: PreToolUse:Edit|Write — token-pattern scan with allowlist (RULE 0.8)
- chat-numeric-prewarn.sh: UserPromptSubmit reminder when prompt mentions time/cost
                            (RULE 0.18 chat extension)
- chat-numeric-postflag.sh: Stop event scans last assistant message for naked numerics
                             without REAL/FROM-JOURNAL/ESTIMATE-HTC markers

Source: full Sonnet test-retest audit 2026-05-02 (3 parallel waves of 6 agents each)
identified hook chain bugs as HIGH severity in all 3 runs independently.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-02 21:38:47 +08:00

Parfii-bot

a4e667de10

KeiSeiKit-public — clean state

Single-commit clean baseline after security scrub of niche-tells,
project codenames, internal jargon, and contributor-email leaks.

Contents:
- 100 Rust crates (_primitives/_rust/)
- 37 agent manifests (_manifests/) + generated specs (_generated/)
- 67 user-invocable skills (skills/)
- 33 hooks (hooks/)
- Composition blocks (_blocks/)
- Documentation (docs/, README.md)
- TS adapter packages (_ts_packages/)
- Assembler (_assembler/)
- Roles (_roles/)
- Templates (_templates/)
- Forgejo CI (.forgejo/)

Author: Denis Parfionovich <info@greendragon.info>

License: see LICENSE.

2026-05-01 12:09:03 +08:00

3 commits