Make all Cognitive Sandwich hooks opt-in

2026-06-08 20:25:16 +02:00 · 2026-05-01 05:12:54 -05:00 · 2026-05-01 05:12:54 -05:00 · 1d95347b88
commit 1d95347b88
parent cb7ee2dcb5
8 changed files with 137 additions and 95 deletions
--- a/scripts/check-sandwich-prereqs.sh
+++ b/scripts/check-sandwich-prereqs.sh
@ -8,19 +8,22 @@ miss() { printf '  \033[1;31m[MISS]\033[0m %s\n' "$*"; FAIL=1; }
 info() { printf '  \033[1;36m[INFO]\033[0m %s\n' "$*"; }

 FAIL=0
+CHECK_PREFLIGHT=0
 CHECK_SANHEDRIN=0
 DASHBOARD_PORT="${VESTIGE_DASHBOARD_PORT:-3927}"
 SANHEDRIN_ENV="${VESTIGE_SANHEDRIN_ENV:-$HOME/.claude/hooks/vestige-sanhedrin.env}"

 for arg in "$@"; do
  case "$arg" in
+    --preflight|--enable-preflight) CHECK_PREFLIGHT=1 ;;
    --sanhedrin|--enable-sanhedrin) CHECK_SANHEDRIN=1 ;;
    -h|--help)
      cat <<'EOF'
-Usage: scripts/check-sandwich-prereqs.sh [--sanhedrin]
+Usage: scripts/check-sandwich-prereqs.sh [--preflight] [--sanhedrin]

-Without flags, checks the default Cognitive Sandwich preflight hooks.
-With --sanhedrin, also checks the optional OpenAI-compatible verifier endpoint.
+Without flags, verifies that the default install has no Vestige hooks wired.
+With --preflight, checks the optional UserPromptSubmit hook layer.
+With --sanhedrin, checks the optional OpenAI-compatible verifier endpoint.
 EOF
      exit 0
      ;;
@ -64,31 +67,40 @@ fi

 # CLI tools
 command -v jq            >/dev/null && ok "jq"            || miss "jq missing — brew install jq"
-command -v claude        >/dev/null && ok "claude CLI"    || miss "claude CLI — install Claude Code"
-command -v vestige-mcp   >/dev/null && ok "vestige-mcp"   || miss "vestige-mcp — cargo install vestige-mcp"
+if [ "$CHECK_PREFLIGHT" -eq 1 ]; then
+  command -v claude        >/dev/null && ok "claude CLI"    || miss "claude CLI — install Claude Code"
+  command -v vestige-mcp   >/dev/null && ok "vestige-mcp"   || miss "vestige-mcp — cargo install vestige-mcp"

-# Vestige MCP HTTP API
-if curl -fsS -m 2 "http://127.0.0.1:${DASHBOARD_PORT}/api/health" >/dev/null 2>&1; then
-  ok "vestige-mcp dashboard responding on :$DASHBOARD_PORT"
-else
-  warn "vestige-mcp dashboard not responding on :$DASHBOARD_PORT"
+  # Vestige MCP HTTP API
+  if curl -fsS -m 2 "http://127.0.0.1:${DASHBOARD_PORT}/api/health" >/dev/null 2>&1; then
+    ok "vestige-mcp dashboard responding on :$DASHBOARD_PORT"
+  else
+    warn "vestige-mcp dashboard not responding on :$DASHBOARD_PORT"
+  fi
 fi

 # Settings hook wiring
-if [ -f "$HOME/.claude/settings.json" ] && \
-   jq -e '.hooks.UserPromptSubmit' "$HOME/.claude/settings.json" >/dev/null 2>&1; then
-  ok "settings.json UserPromptSubmit hooks present"
-else
-  warn "settings.json missing UserPromptSubmit hooks — run: install-sandwich.sh"
+if [ "$CHECK_PREFLIGHT" -eq 0 ] && [ "$CHECK_SANHEDRIN" -eq 0 ]; then
+  if [ -f "$HOME/.claude/settings.json" ] && \
+     jq -e 'any((.hooks.UserPromptSubmit[]?.hooks[]?, .hooks.Stop[]?.hooks[]?); ((.command? // "") | test("synthesis-preflight\\.sh|cwd-state-injector\\.sh|vestige-pulse-daemon\\.sh|preflight-swarm\\.sh|load-all-memory\\.sh|veto-detector\\.sh|sanhedrin\\.sh|synthesis-stop-validator\\.sh|synthesis-gate\\.sh")))' "$HOME/.claude/settings.json" >/dev/null 2>&1; then
+    warn "Vestige hooks are still wired; run: install-sandwich.sh --force"
+  else
+    ok "no Vestige Claude Code hooks wired by default"
+  fi
 fi

-if [ "$CHECK_SANHEDRIN" -eq 0 ]; then
+if [ "$CHECK_PREFLIGHT" -eq 1 ]; then
+  echo
+  echo "Optional Preflight"
+
  if [ -f "$HOME/.claude/settings.json" ] && \
-     jq -e 'any(.hooks.Stop[]?.hooks[]?; ((.command? // "") | contains("/.claude/hooks/veto-detector.sh") or contains("/.claude/hooks/sanhedrin.sh") or contains("/.claude/hooks/synthesis-stop-validator.sh")))' "$HOME/.claude/settings.json" >/dev/null 2>&1; then
-    warn "Vestige Stop hooks are still wired; run: install-sandwich.sh --force"
+     jq -e 'any(.hooks.UserPromptSubmit[]?.hooks[]?; ((.command? // "") | contains("synthesis-preflight.sh"))) and any(.hooks.UserPromptSubmit[]?.hooks[]?; ((.command? // "") | contains("preflight-swarm.sh")))' "$HOME/.claude/settings.json" >/dev/null 2>&1; then
+    ok "preflight UserPromptSubmit hooks wired"
  else
-    ok "no Vestige Stop hooks wired by default"
+    warn "preflight hooks not wired — run: install-sandwich.sh --enable-preflight"
  fi
+
+  info "preflight-swarm.sh uses claude -p with Haiku when enabled; default installs do not wire it."
 fi

 if [ "$CHECK_SANHEDRIN" -eq 1 ]; then
@ -143,7 +155,7 @@ fi

 echo
 if [ $FAIL -eq 0 ]; then
-  echo "  Ready. Default preflight hooks will fire on next Claude Code prompt; no Vestige Stop hooks are wired."
+  echo "  Ready. Default install has no Vestige Claude Code hooks wired and makes no automatic model calls."
  exit 0
 else
  echo "  Fix the items above, then re-run."
--- a/scripts/install-sandwich.sh
+++ b/scripts/install-sandwich.sh
@ -4,15 +4,15 @@
 # Usage:
 #   curl -fsSL https://raw.githubusercontent.com/samvallad33/vestige/v2.1.0/scripts/install-sandwich.sh | sh
 #   # or, from a checkout:
-#   ./scripts/install-sandwich.sh [--force] [--enable-sanhedrin] [--with-launchd] [--include-memory-loader]
+#   ./scripts/install-sandwich.sh [--force] [--enable-preflight] [--enable-sanhedrin] [--with-launchd] [--include-memory-loader]
 #   ./scripts/install-sandwich.sh --enable-sanhedrin --sanhedrin-endpoint=http://127.0.0.1:11434/v1/chat/completions --sanhedrin-model=qwen2.5:14b
 #
 # What it does:
 #   1. Verifies required local tools
 #   2. Stages ~/.claude/hooks/ and ~/.claude/agents/
 #   3. Copies sanitized hooks + agents
-#   4. Merges the default UserPromptSubmit hooks into ~/.claude/settings.json
-#   5. Optionally enables Sanhedrin and, only with --with-launchd on Apple Silicon,
+#   4. Removes old Vestige hook wiring from ~/.claude/settings.json by default
+#   5. Optionally enables preflight hooks and/or Sanhedrin. Only with --with-launchd on Apple Silicon,
 #      auto-starts mlx_lm.server with Qwen3.6-35B-A3B

 set -euo pipefail
@ -31,6 +31,7 @@ LAUNCHD_DIR="$HOME/Library/LaunchAgents"
 SETTINGS="$HOME/.claude/settings.json"

 FORCE=0
+ENABLE_PREFLIGHT=0
 ENABLE_SANHEDRIN=0
 WITH_LAUNCHD=0
 INCLUDE_MEMORY_LOADER=0
@ -39,6 +40,8 @@ SRC=""
 for arg in "$@"; do
  case "$arg" in
    --force) FORCE=1 ;;
+    --enable-preflight) ENABLE_PREFLIGHT=1 ;;
+    --enable-sandwich) ENABLE_PREFLIGHT=1; ENABLE_SANHEDRIN=1 ;;
    --enable-sanhedrin) ENABLE_SANHEDRIN=1 ;;
    --with-launchd) WITH_LAUNCHD=1 ;;
    --no-launchd) WITH_LAUNCHD=0 ;;
@ -83,8 +86,10 @@ fi
 # --- Prereqs (warnings only, install proceeds) ---
 command -v jq      >/dev/null || die "jq required: brew install jq"
 command -v python3 >/dev/null || die "python3 required (3.10+)"
-command -v claude  >/dev/null || warn "'claude' CLI not found — install Claude Code first."
-command -v vestige-mcp >/dev/null || warn "'vestige-mcp' not found — install with: cargo install vestige-mcp"
+if [ "$ENABLE_PREFLIGHT" -eq 1 ]; then
+  command -v claude  >/dev/null || warn "'claude' CLI not found — preflight-swarm.sh will fail open."
+  command -v vestige-mcp >/dev/null || warn "'vestige-mcp' not found — Vestige preflight hooks will fail open."
+fi
 if [ "$WITH_LAUNCHD" -eq 1 ]; then
  command -v uv      >/dev/null || warn "'uv' not found — install with: brew install uv"
  command -v mlx_lm.server >/dev/null || warn "mlx-lm not installed — run: uv tool install mlx-lm"
@ -191,51 +196,72 @@ else
  cp "$SETTINGS" "$HOME/.claude/settings.json.bak.pre-sandwich"
 fi
 TMP_MERGE="$(mktemp)"
-SETTINGS_FRAGMENT="$SCRIPT_DIR/hooks/settings.fragment.json"
-if [ "$ENABLE_SANHEDRIN" -eq 1 ]; then
-  SETTINGS_FRAGMENT="$SCRIPT_DIR/hooks/settings.sanhedrin.fragment.json"
+PREFLIGHT_FRAGMENT="$SCRIPT_DIR/hooks/settings.fragment.json"
+SANHEDRIN_FRAGMENT="$SCRIPT_DIR/hooks/settings.fragment.json"
+if [ "$ENABLE_PREFLIGHT" -eq 1 ]; then
+  PREFLIGHT_FRAGMENT="$SCRIPT_DIR/hooks/settings.preflight.fragment.json"
 fi
-jq -s --arg enable_sanhedrin "$ENABLE_SANHEDRIN" '
-  def is_vestige_stop:
-    (.command? // "") as $cmd
-    | ($cmd | contains("/.claude/hooks/veto-detector.sh"))
-      or ($cmd | contains("/.claude/hooks/sanhedrin.sh"))
-      or ($cmd | contains("/.claude/hooks/synthesis-stop-validator.sh"));
-
-  .[0] * .[1]
-  | if $enable_sanhedrin == "1" then
-      .
-    else
-      .hooks.Stop = (
-        (.hooks.Stop // [])
-        | map(.hooks = ((.hooks // []) | map(select((is_vestige_stop | not)))))
-        | map(select(((.hooks // []) | length) > 0))
-      )
-      | if ((.hooks.Stop // []) | length) == 0 then del(.hooks.Stop) else . end
-    end
-' "$SETTINGS" "$SETTINGS_FRAGMENT" > "$TMP_MERGE"
-mv "$TMP_MERGE" "$SETTINGS"
 if [ "$ENABLE_SANHEDRIN" -eq 1 ]; then
-  say "merged hooks block into $SETTINGS with Sanhedrin Stop hook enabled (backup at .bak.pre-sandwich)"
+  SANHEDRIN_FRAGMENT="$SCRIPT_DIR/hooks/settings.sanhedrin.fragment.json"
+fi
+jq -s '
+  def is_vestige_hook:
+    (.command? // "") as $cmd
+    | [
+        "synthesis-preflight.sh",
+        "cwd-state-injector.sh",
+        "vestige-pulse-daemon.sh",
+        "preflight-swarm.sh",
+        "load-all-memory.sh",
+        "veto-detector.sh",
+        "sanhedrin.sh",
+        "synthesis-stop-validator.sh",
+        "synthesis-gate.sh"
+      ] | any(. as $needle | $cmd | contains($needle));
+
+  def scrub_vestige_hooks:
+    .hooks.UserPromptSubmit = (
+      (.hooks.UserPromptSubmit // [])
+      | map(.hooks = ((.hooks // []) | map(select((is_vestige_hook | not)))))
+      | map(select(((.hooks // []) | length) > 0))
+    )
+    | if ((.hooks.UserPromptSubmit // []) | length) == 0 then del(.hooks.UserPromptSubmit) else . end
+    | .hooks.Stop = (
+      (.hooks.Stop // [])
+      | map(.hooks = ((.hooks // []) | map(select((is_vestige_hook | not)))))
+      | map(select(((.hooks // []) | length) > 0))
+    )
+    | if ((.hooks.Stop // []) | length) == 0 then del(.hooks.Stop) else . end
+    | if ((.hooks // {}) | length) == 0 then del(.hooks) else . end;
+
+  (.[0] | scrub_vestige_hooks) * .[1] * .[2]
+' "$SETTINGS" "$PREFLIGHT_FRAGMENT" "$SANHEDRIN_FRAGMENT" > "$TMP_MERGE"
+mv "$TMP_MERGE" "$SETTINGS"
+if [ "$ENABLE_PREFLIGHT" -eq 1 ] || [ "$ENABLE_SANHEDRIN" -eq 1 ]; then
+  enabled_layers=""
+  [ "$ENABLE_PREFLIGHT" -eq 1 ] && enabled_layers="${enabled_layers} preflight"
+  [ "$ENABLE_SANHEDRIN" -eq 1 ] && enabled_layers="${enabled_layers} sanhedrin"
+  say "merged optional hook layer(s) into $SETTINGS:${enabled_layers} (backup at .bak.pre-sandwich)"
 else
-  say "merged default preflight hooks into $SETTINGS; no Vestige Stop hooks are installed (backup at .bak.pre-sandwich)"
+  say "removed Vestige hook wiring from $SETTINGS; default install activates no Claude Code hooks (backup at .bak.pre-sandwich)"
 fi

 # --- Next steps ---
 cat <<EOF

  ┌──────────────────────────────────────────────────────────────┐
-  │  Cognitive Sandwich preflight hooks installed.                 │
+  │  Cognitive Sandwich files installed. No hooks enabled by default. │
  └──────────────────────────────────────────────────────────────┘

  Next steps:
-    1. Restart Claude Code so it picks up the new hooks.
-       Default installs include no Vestige Stop hooks.
+    1. Restart Claude Code if you enabled optional hooks.
+       Default installs activate no Vestige Claude Code hooks and make no model calls.
    2. Verify the install:
         vestige health                 # if vestige CLI installed
         curl http://127.0.0.1:$DASHBOARD_PORT/api/health
         scripts/check-sandwich-prereqs.sh   # from a checkout
-    3. Optional Sanhedrin verifier:
+    3. Optional hook layers:
+         ./scripts/install-sandwich.sh --enable-preflight
         ./scripts/install-sandwich.sh --enable-sanhedrin --sanhedrin-endpoint=$SANHEDRIN_ENDPOINT --sanhedrin-model=$MODEL_ID
       On Apple Silicon with >20 GB free RAM, add --with-launchd to auto-start
       the local MLX Qwen server. On x86, point --sanhedrin-endpoint at vLLM,