Protokoll #6392

ID	6392
Zeitstempel	2025-12-23 05:37:16.563450
Client	root
IP	145.224.96.190
Modell	claude-sonnet-4-20250514
Status	pending
Tokens	1,147 (Input: 1,147, Output: 0)
Dauer	-
Request-Zeit	2025-12-23 05:37:16.563450
Response-Zeit	-
Request

{
    "event": "PostToolUse",
    "raw_data": {
        "session_id": "18ef5bf3-e872-4052-897e-53d6dc45b0b9",
        "transcript_path": "\/root\/.claude\/projects\/-var-www\/18ef5bf3-e872-4052-897e-53d6dc45b0b9.jsonl",
        "cwd": "\/opt\/scripts\/pipeline",
        "permission_mode": "acceptEdits",
        "hook_event_name": "PostToolUse",
        "tool_name": "Read",
        "tool_input": {
            "file_path": "\/opt\/scripts\/hooks\/block_direct_task_db.py"
        },
        "tool_response": {
            "type": "text",
            "file": {
                "filePath": "\/opt\/scripts\/hooks\/block_direct_task_db.py",
                "content": "#!\/usr\/bin\/env python3\n\"\"\"\nClaude Code Hook: Blockiert direkte Task-DB-Zugriffe\nErzwingt Nutzung von MCP-Tasks Server\n\nHook Type: PreToolUse\nBlockiert: Bash-Befehle mit INSERT\/UPDATE\/DELETE auf tasks-Tabellen\nEmpfehlung: MCP-Tasks Tools verwenden (tasks_*, quality_*, contracts_*)\n\"\"\"\nimport json\nimport re\nimport sys\n\n\n# Patterns die blockiert werden\nBLOCKED_PATTERNS = [\n    # INSERT auf Task-Tabellen\n    r\"INSERT\\s+(?:INTO\\s+)?(?:`)?tasks(?:`)?\",\n    r\"INSERT\\s+(?:INTO\\s+)?(?:`)?task_assignments(?:`)?\",\n    r\"INSERT\\s+(?:INTO\\s+)?(?:`)?task_results(?:`)?\",\n    r\"INSERT\\s+(?:INTO\\s+)?(?:`)?task_comments(?:`)?\",\n    # UPDATE auf Task-Tabellen\n    r\"UPDATE\\s+(?:`)?tasks(?:`)?\",\n    r\"UPDATE\\s+(?:`)?task_assignments(?:`)?\",\n    r\"UPDATE\\s+(?:`)?task_results(?:`)?\",\n    r\"UPDATE\\s+(?:`)?task_comments(?:`)?\",\n    # DELETE auf Task-Tabellen\n    r\"DELETE\\s+FROM\\s+(?:`)?tasks(?:`)?\",\n    r\"DELETE\\s+FROM\\s+(?:`)?task_assignments(?:`)?\",\n    r\"DELETE\\s+FROM\\s+(?:`)?task_results(?:`)?\",\n    r\"DELETE\\s+FROM\\s+(?:`)?task_comments(?:`)?\",\n]\n\nERROR_MESSAGE = \"\"\"\nBLOCKIERT: Direkte SQL-Operationen auf Task-Tabellen sind nicht erlaubt.\n\nVerwende stattdessen die MCP-Tasks Tools:\n\n  Task-Management:\n  - tasks_list()              : Tasks auflisten\n  - tasks_create(title, ...)  : Task erstellen\n  - tasks_get(id)             : Task-Details abrufen\n  - tasks_update(id, ...)     : Task aktualisieren\n  - tasks_status(id, status)  : Status ändern\n  - tasks_assign(id, ...)     : Task zuweisen\n  - tasks_result(id, ...)     : Ergebnis speichern\n  - tasks_execute(id, model)  : Mit Ollama ausführen\n  - tasks_delete(id)          : Task löschen\n  - tasks_statistics()        : Statistiken abrufen\n\n  Quality & Contracts:\n  - quality_check(path)       : PHP-Code prüfen\n  - quality_report()          : Vollständiger Report\n  - contracts_list()          : Contracts auflisten\n  - contracts_validate(name)  : Contract validieren\n\nVorteile von MCP-Tasks:\n  - Keine Credentials im Code\/Verlauf\n  - Workflow-Validierung\n  - Automatisches Audit-Logging\n  - Token-Tracking bei KI-Ausführung\n\nDokumentation: \/docs\/mcp\/mcp-tasks\n\"\"\".strip()\n\n\ndef check_command(command: str) -> tuple[bool, str]:\n    \"\"\"\n    Prüft ob Befehl blockiert werden soll.\n\n    Returns:\n        (allowed, error_message)\n    \"\"\"\n    for pattern in BLOCKED_PATTERNS:\n        if re.search(pattern, command, re.IGNORECASE):\n            return False, ERROR_MESSAGE\n    return True, \"\"\n\n\ndef main():\n    \"\"\"\n    Hook Entry Point (PreToolUse).\n\n    Input (stdin): JSON mit tool_name und tool_input\n    Output (stdout): JSON mit allow\/deny\n    Exit Code: 0 = allowed, 1 = denied\n    \"\"\"\n    try:\n        # Lese Hook-Input von stdin\n        hook_input = json.loads(sys.stdin.read())\n\n        tool_name = hook_input.get(\"tool_name\", \"\")\n        tool_input = hook_input.get(\"tool_input\", {})\n\n        # Nur Bash-Tool prüfen\n        if tool_name != \"Bash\":\n            # Andere Tools durchlassen\n            result = {\n                \"allowed\": True,\n                \"message\": \"\"\n            }\n            print(json.dumps(result))\n            sys.exit(0)\n\n        # Befehl extrahieren\n        command = tool_input.get(\"command\", \"\")\n\n        # Prüfen ob Befehl blockiert werden soll\n        allowed, error_msg = check_command(command)\n\n        result = {\n            \"allowed\": allowed,\n            \"message\": error_msg\n        }\n\n        print(json.dumps(result))\n        sys.exit(0 if allowed else 1)\n\n    except Exception as e:\n        # Bei Fehler: Fail-Open (durchlassen)\n        result = {\n            \"allowed\": True,\n            \"message\": f\"Hook error (fail-open): {str(e)}\"\n        }\n        print(json.dumps(result), file=sys.stderr)\n        sys.exit(0)\n\n\nif __name__ == \"__main__\":\n    main()\n",
                "numLines": 131,
                "startLine": 1,
                "totalLines": 131
            }
        },
        "tool_use_id": "toolu_01KmdHxPP9y4pMjTmPoJV7oD"
    }
}
Response

← Vorheriger Zur Liste Nächster →