Prove mutating tool actions before they run#9
Merged
NagyVikt merged 3 commits intoMay 1, 2026
Conversation
Native hook dispatch now records mutating tool lifecycle context before edit-capable tools execute and pairs the post event by trace id after the tool returns. The trace state is best-effort so write failures warn and continue instead of blocking the tool path. Constraint: Codex native hooks must stay non-blocking by default when event persistence fails Rejected: Post-only detection | cannot prove the event preceded the mutation Confidence: high Scope-risk: moderate Tested: npm run build Tested: node --test dist/scripts/__tests__/codex-native-hook.test.js dist/config/__tests__/codex-hooks.test.js Tested: node --test dist/hooks/extensibility/__tests__/dispatcher.test.js Co-authored-by: OmX <omx@oh-my-codex.dev>
The dev branch already introduced the Colony bridge trace store, so the Agent 5 merge keeps one trace source and routes native hook-dispatch logs through that payload before the tool runs. This preserves post-tool missing-pre detection while avoiding a second state file. Constraint: origin push is disabled in this checkout; PR updates use the fork remote. Rejected: Keep src/scripts/codex-native-tool-events.ts | it duplicated the merged Colony trace marker path and created competing recordPreToolUseTrace symbols. Confidence: high Scope-risk: moderate Directive: Mutating PreToolUse dispatch must remain before Colony bridge advisory output and before the tool mutation boundary. Tested: npm run build Tested: node --test dist/scripts/__tests__/codex-native-hook.test.js dist/config/__tests__/codex-hooks.test.js Tested: node --test dist/hooks/extensibility/__tests__/dispatcher.test.js Tested: node --test dist/colony/__tests__/bridge.test.js dist/cli/__tests__/colony.test.js Tested: git diff --check && git diff --cached --check Co-authored-by: OmX <omx@oh-my-codex.dev>
Dev moved again with lifecycle replay and runtime-summary work, so this merge preserves the newer repo-relative extracted-path handling while keeping Agent 5 pre/post hook-dispatch proof and missing-pre marking. Constraint: PR #9 base advanced through PRs #7, #8, and #10 while Agent 5 was open. Rejected: Prefer old raw-path helper | current dev has normalized repo-relative extraction and lifecycle event tests that should stay authoritative. Confidence: high Scope-risk: moderate Directive: Keep mutating PostToolUse coverage aligned with the PreToolUse mutator matcher plus MCP/OMX parity post hooks. Tested: npm run build Tested: node --test dist/scripts/__tests__/codex-native-hook.test.js dist/config/__tests__/codex-hooks.test.js Tested: node --test dist/hooks/extensibility/__tests__/dispatcher.test.js Tested: node --test dist/colony/__tests__/bridge.test.js dist/cli/__tests__/colony.test.js dist/colony/__tests__/lifecycle-events.test.js dist/runtime/__tests__/colony-runtime-summary.test.js Tested: git diff --check && git diff --cached --check Co-authored-by: OmX <omx@oh-my-codex.dev>
NagyVikt
deleted the
agent/agent5/pre-tool-use-mutation-events-2026-05-01-14-58
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Automated by Agent 5.\n\nSummary:\n- Emit enriched pre-tool-use context before mutating tool execution.\n- Emit paired post-tool-use context with the same trace_id after execution.\n- Mark orphan mutating post events with missing_pre_tool_use: true.\n\nVerification:\n- npm run build\n- node --test dist/scripts/tests/codex-native-hook.test.js dist/config/tests/codex-hooks.test.js\n- node --test dist/hooks/extensibility/tests/dispatcher.test.js