oussamadouhou/oh-my-opencode-free-fork
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(hook-message-injector): add validation to prevent empty message injection and improve logging

Browse Source 
- Add content validation in injectHookMessage() to prevent empty hook content injection
- Add logging to claude-code-hooks and keyword-detector for better debugging
- Document timing issues in empty-message-sanitizer comments
- Update README with improved setup instructions

🤖 Generated with assistance of [OhMyOpenCode](https://github.com/code-yeongyu/oh-my-opencode)
This commit is contained in:
YeonGyu-Kim
2025-12-16 21:02:38 +09:00
parent 337b2e7471
commit 72d9d1385b
5 changed files with 48 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/features/hook-message-injector/injector.ts
View File

@@ -71,6 +71,16 @@ export function injectHookMessage(
hookContent: string,
originalMessage: OriginalMessageContext
): boolean {
// Validate hook content to prevent empty message injection
if (!hookContent || hookContent.trim().length === 0) {
console.warn("[hook-message-injector] Attempted to inject empty hook content, skipping injection", {
sessionID,
hasAgent: !!originalMessage.agent,
hasModel: !!(originalMessage.model?.providerID && originalMessage.model?.modelID)
})
return false
}
const messageDir = getOrCreateMessageDir(sessionID)
const needsFallback =

1
src/hooks/claude-code-hooks/index.ts
View File

@@ -111,6 +111,7 @@ export function createClaudeCodeHooksHook(ctx: PluginInput, config: PluginConfig
if (result.messages.length > 0) {
const hookContent = result.messages.join("\n\n")
log(`[claude-code-hooks] Injecting ${result.messages.length} hook messages`, { sessionID: input.sessionID, contentLength: hookContent.length })
const message = output.message as {
agent?: string
model?: { modelID?: string; providerID?: string }

6
src/hooks/empty-message-sanitizer/index.ts
View File

@@ -8,6 +8,12 @@ interface MessageWithParts {
}
type MessagesTransformHook = {
// NOTE: This sanitizer runs on experimental.chat.messages.transform hook,
// which executes AFTER chat.message hooks. Filesystem-injected messages
// from hooks like claude-code-hooks and keyword-detector may bypass this
// sanitizer if they inject empty content. Validation should be done at
// injection time in injectHookMessage().
"experimental.chat.messages.transform"?: (
input: Record<string, never>,
output: { messages: MessageWithParts[] }

1
src/hooks/keyword-detector/index.ts
View File

@@ -43,6 +43,7 @@ export function createKeywordDetectorHook() {
}
const context = messages.join("\n")
log(`[keyword-detector] Injecting context for ${messages.length} keywords`, { sessionID: input.sessionID, contextLength: context.length })
const success = injectHookMessage(input.sessionID, context, {
agent: message.agent,
model: message.model,