SecurityValidator hook runs in fail-open mode after v4.0 install: PAISECURITYSYSTEM patterns not migrated

[a1wilson]

Summary

SecurityValidator.hook.ts runs silently in fail-open/permissive mode after a fresh v4.0.x install because the PAISECURITYSYSTEM/patterns.yaml and PAISECURITYSYSTEM/patterns.example.yaml files were not carried forward from v3.0. Additionally, the hook fails entirely on startup due to a missing yaml npm package dependency.

Impact

• Security: All destructive command protections are inactive (rm -rf /, git push --force, disk operations, etc.) without any warning to the user
• Hook errors: Every Bash, Write, and Edit tool call produces a PreToolUse error in the Claude Code UI until the package is installed
• Silent failure: The hook fails open by design, so users have no indication their security layer is non-functional

Root Causes

1. Missing yaml package dependency

SecurityValidator.hook.ts imports from 'yaml' but there is no package.json or node_modules in ~/.claude/. On a fresh v4.0.x install, every hook invocation fails at module load time:

error: Cannot find package 'yaml' from '/Users/asdf/.claude/hooks/SecurityValidator.hook.ts'

Fix: Add a package.json to ~/.claude/ with "yaml": "^2.7.0" and run bun install during the install process.

2. PAISECURITYSYSTEM directory not included in v4.0.x releases

The hook looks for patterns at two paths:

• ~/.claude/PAI/USER/PAISECURITYSYSTEM/patterns.yaml (user custom rules)
• ~/.claude/PAI/PAISECURITYSYSTEM/patterns.example.yaml (system default)

Both files exist in v3.0 but are absent from v4.0.0, v4.0.1, v4.0.2, and v4.0.3 releases. The hook was retained and still references these paths.

Steps to Reproduce

1. Fresh install from any v4.0.x release
2. Open Claude Code — every Bash/Write/Edit tool call shows PreToolUse:* error
3. Check: ls ~/.claude/PAI/PAISECURITYSYSTEM/ → directory does not exist
4. Run hook manually: echo '{"session_id":"test","tool_name":"Bash","tool_input":{"command":"rm -rf /"}}' | bun ~/.claude/hooks/SecurityValidator.hook.ts → Cannot find package 'yaml'

Manual Fix (applied locally)

# 1. Install missing yaml package
cat > ~/.claude/package.json << 'JSON'
{
  "name": "pai-hooks",
  "private": true,
  "dependencies": {
    "yaml": "^2.7.0"
  }
}
JSON
cd ~/.claude && bun install

# 2. Copy patterns from v3.0 (most recent version that has them)
mkdir -p ~/.claude/PAI/PAISECURITYSYSTEM ~/.claude/PAI/USER/PAISECURITYSYSTEM
cp ~/repo/PAI/Releases/v3.0/.claude/skills/PAI/PAISECURITYSYSTEM/patterns.example.yaml \
   ~/.claude/PAI/PAISECURITYSYSTEM/patterns.example.yaml
cp ~/repo/PAI/Releases/v3.0/.claude/skills/PAI/USER/PAISECURITYSYSTEM/patterns.yaml \
   ~/.claude/PAI/USER/PAISECURITYSYSTEM/patterns.yaml

After the fix, all four behaviors verified working:

• Safe commands → {"continue":true}
• rm -rf / → hard block, exit 2
• git push --force → confirm prompt
• Write to settings.json → confirm prompt

Suggested Fixes for v4.0.4+

1. Add package.json with yaml dependency to ~/.claude/ and call bun install in install.sh
2. Restore PAISECURITYSYSTEM/patterns.example.yaml and USER/PAISECURITYSYSTEM/patterns.yaml to the release package
3. Consider adding a self-check to install.sh that verifies the hook runs correctly post-install

Environment

• PAI version: 4.0.3
• Bun version: 1.3.10
• OS: macOS arm64 (Darwin 24.6.0)