( appState: AppState | undefined, sessionId: string, hookEvent: HookEvent, )
| 1626 | } |
| 1627 | |
| 1628 | function getHooksConfig( |
| 1629 | appState: AppState | undefined, |
| 1630 | sessionId: string, |
| 1631 | hookEvent: HookEvent, |
| 1632 | ): Array< |
| 1633 | | HookMatcher |
| 1634 | | HookCallbackMatcher |
| 1635 | | FunctionHookMatcher |
| 1636 | | PluginHookMatcher |
| 1637 | | SkillHookMatcher |
| 1638 | | SessionDerivedHookMatcher |
| 1639 | > { |
| 1640 | // HookMatcher is a zod-stripped {matcher, hooks} so snapshot matchers can be |
| 1641 | // pushed directly without re-wrapping. |
| 1642 | const hooks: Array< |
| 1643 | | HookMatcher |
| 1644 | | HookCallbackMatcher |
| 1645 | | FunctionHookMatcher |
| 1646 | | PluginHookMatcher |
| 1647 | | SkillHookMatcher |
| 1648 | | SessionDerivedHookMatcher |
| 1649 | > = [...(getHooksConfigFromSnapshot()?.[hookEvent] ?? [])] |
| 1650 | |
| 1651 | // Check if only managed hooks should run (used for both registered and session hooks) |
| 1652 | const managedOnly = shouldAllowManagedHooksOnly() |
| 1653 | |
| 1654 | // Process registered hooks (SDK callbacks and plugin native hooks) |
| 1655 | const registeredHooks = getRegisteredHooks()?.[hookEvent] |
| 1656 | if (registeredHooks) { |
| 1657 | for (const matcher of registeredHooks) { |
| 1658 | // Skip plugin hooks when restricted to managed hooks only |
| 1659 | // Plugin hooks have pluginRoot set, SDK callbacks do not |
| 1660 | if (managedOnly && 'pluginRoot' in matcher) { |
| 1661 | continue |
| 1662 | } |
| 1663 | hooks.push(matcher) |
| 1664 | } |
| 1665 | } |
| 1666 | |
| 1667 | // Merge session hooks for the current session only |
| 1668 | // Function hooks (like structured output enforcement) must be scoped to their session |
| 1669 | // to prevent hooks from one agent leaking to another (e.g., verification agent to main agent) |
| 1670 | // Skip session hooks entirely when allowManagedHooksOnly is set — |
| 1671 | // this prevents frontmatter hooks from agents/skills from bypassing the policy. |
| 1672 | // strictPluginOnlyCustomization does NOT block here — it gates at the |
| 1673 | // REGISTRATION sites (runAgent.ts:526 for agent frontmatter hooks) where |
| 1674 | // agentDefinition.source is known. A blanket block here would also kill |
| 1675 | // plugin-provided agents' frontmatter hooks, which is too broad. |
| 1676 | // Also skip if appState not provided (for backwards compatibility) |
| 1677 | if (!managedOnly && appState !== undefined) { |
| 1678 | const sessionHooks = getSessionHooks(appState, sessionId, hookEvent).get( |
| 1679 | hookEvent, |
| 1680 | ) |
| 1681 | if (sessionHooks) { |
| 1682 | // SessionDerivedHookMatcher already includes optional skillRoot |
| 1683 | for (const matcher of sessionHooks) { |
| 1684 | hooks.push(matcher) |
| 1685 | } |
no test coverage detected