27 lines
842 B
Python
27 lines
842 B
Python
#!/usr/bin/env python3
|
|
"""Stop hook: Claude 结束回复时检查是否有未审计的高风险变更"""
|
|
import json, subprocess, sys, os
|
|
|
|
project_dir = os.environ.get("CLAUDE_PROJECT_DIR", os.getcwd())
|
|
script = os.path.join(project_dir, "scripts", "audit", "prescan.py")
|
|
|
|
if not os.path.isfile(script):
|
|
sys.exit(0)
|
|
|
|
try:
|
|
r = subprocess.run(
|
|
[sys.executable, script],
|
|
capture_output=True, text=True, timeout=10, cwd=project_dir,
|
|
)
|
|
if r.returncode != 0:
|
|
sys.exit(0)
|
|
result = json.loads(r.stdout)
|
|
except Exception:
|
|
sys.exit(0)
|
|
|
|
high_risk = result.get("high_risk_files", [])
|
|
if result.get("audit_required", False) and len(high_risk) > 0:
|
|
print(json.dumps({
|
|
"systemMessage": f"[audit-check] 当前有 {len(high_risk)} 个高风险文件变更未审计。建议执行 /audit。"
|
|
}))
|