PR #1332 — Unified Fix + Background Monitoring

v7.41.1 · 13 commits · Closes #1137 #1138 #1279 #1333 #1334 #1335

9Bug Fixes

4Security Alerts

2New Hooks

7588Tests Passing

172Total Hooks

Bug Fixes

Security

New Hooks

Review Findings

#1137 — 3 HIGH Memory Bugs

Fix	File	Issue	Resolution
A	`pattern-sync-push.ts:75`	Dedup `.map(p=>p.text)` puts `undefined` in Set	`filter(Boolean)` + require `.text`
B	`session-tracker.ts:631`	`sanitizeForStorage` recurses forever	Depth param, truncation marker at >10
C	`decision-processor.ts` + `user-intent-detector.ts`	Regex `[^.,!?\n]+` truncates at comma	`[^.!?\n]+` across 48 patterns in 2 files

#1138 — 5 MEDIUM Memory Bugs

Fix	File	Issue	Resolution
D	`workflow-preference-learner.ts:252`	Mixed patterns skipped	Record for trend analysis
E	`pattern-extractor.ts:165`	Misses heredoc/--message= commits	Reordered regex chain + new patterns
F	`code-style-learner.ts:137`	Type hints matched in comments	Strip comments/docstrings first
G	`feedback-loop.ts:318`	`Math.random()` ID collision	`crypto.randomUUID()`
H	`decision-flow-tracker.ts:346`	OR instead of AND, div-by-zero	AND + guard + threshold 0.3→0.4

#1279 — Auto-Lint Revert Loop

Fix	File	Issue	Resolution
I	`auto-lint.ts:106`	No git add after format → edit loop	SHA-256 hash guard + `git add` if changed

4 Code Scanning Alerts Resolved

Alert	Scanner	File	Fix
#138/#139	CodeQL	`pool-setup-template.py:221`	`JSONResponse` with sanitized output
#143	Scorecard	`orchestkit-eval.yml:77`	`nosemgrep` annotation
#145	Scorecard	`plugin-validation.yml:293`	Already annotated (verified)

#1333 — Agent Watchdog

SubagentStop async hook. On each agent completion, scans remaining active agents:

Elapsed	Action
< 5 min	Silent — no action
5–10 min	`systemMessage` WARNING
> 10 min	`systemMessage` CRITICAL + suggest Ctrl+F

#1334 — Cron Guard

PreToolUse hook on CronCreate. Blocks in CI/headless:

Signal	Action
`CLAUDE_CODE_DISABLE_CRON=1`	Block
`CI=true`	Block
`GITHUB_ACTIONS=true`	Block
`GITLAB_CI=true`	Block
`CODEBUILD_BUILD_ID`	Block
Interactive session	Allow

#1335 — ScheduleWakeup Reference

Cache-aware delay guidance: 270s (warm), never 300s, 1200s (idle). Decision tree vs CronCreate.

Self-Review Findings (Fixed)

Severity	Finding	Fix
SEC	`sanitizeForStorage` returned raw `obj` at depth >10	Return `{_truncated}` marker
QA	`hashBefore` outside try/catch → crash on deleted file	Wrapped in try/catch + early return
QA	`extractRationale` always `undefined` (g flag + .match())	`.exec()` with `lastIndex` reset
QA	Comma test had conditional assertion	`expect().toBeDefined()`