feat(M6): implement hooks system with PreToolUse, PostToolUse, and SessionStart events

Milestone M6 implementation adds a comprehensive hook system that allows
users to run custom scripts at various lifecycle events.

New crate: crates/platform/hooks
- HookEvent enum with multiple event types:
  * PreToolUse: fires before tool execution, can deny operations (exit code 2)
  * PostToolUse: fires after tool execution
  * SessionStart: fires at session start, can persist env vars
  * SessionEnd, UserPromptSubmit, PreCompact (defined for future use)
- HookManager for executing hooks with timeout support
- JSON I/O: hooks receive event data via stdin, can output to stdout
- Hooks located in .owlen/hooks/{EventName}

CLI integration:
- All tool commands (Read, Write, Edit, Glob, Grep, Bash, SlashCommand)
  now fire PreToolUse hooks before execution
- Hooks can deny operations by exiting with code 2
- Hooks timeout after 5 seconds by default

Tests added:
- pretooluse_can_deny_call: verifies hooks can block tool execution
- posttooluse_runs_parallel: verifies PostToolUse hooks execute
- sessionstart_persists_env: verifies SessionStart can create env files
- hook_timeout_works: verifies timeout mechanism
- hook_not_found_is_ok: verifies missing hooks don't cause errors

All 63 tests passing.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

crates/platform/hooks/Cargo.toml

@@ -0,0 +1,16 @@
+[package]
+name = "hooks"
+version = "0.1.0"
+edition.workspace = true
+license.workspace = true
+rust-version.workspace = true
+
+[dependencies]
+serde = { version = "1", features = ["derive"] }
+serde_json = "1"
+tokio = { version = "1.39", features = ["process", "time", "io-util"] }
+color-eyre = "0.6"
+
+[dev-dependencies]
+tempfile = "3.23.0"
+tokio = { version = "1.39", features = ["macros", "rt-multi-thread"] }

crates/platform/hooks/src/lib.rs

@@ -0,0 +1,171 @@
+use color_eyre::eyre::{Result, eyre};
+use serde::{Deserialize, Serialize};
+use serde_json::Value;
+use std::path::PathBuf;
+use std::process::Stdio;
+use tokio::io::AsyncWriteExt;
+use tokio::process::Command;
+use tokio::time::timeout;
+use std::time::Duration;
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(tag = "event", rename_all = "camelCase")]
+pub enum HookEvent {
+    #[serde(rename_all = "camelCase")]
+    PreToolUse {
+        tool: String,
+        args: Value,
+    },
+    #[serde(rename_all = "camelCase")]
+    PostToolUse {
+        tool: String,
+        result: Value,
+    },
+    #[serde(rename_all = "camelCase")]
+    SessionStart {
+        session_id: String,
+    },
+    #[serde(rename_all = "camelCase")]
+    SessionEnd {
+        session_id: String,
+    },
+    #[serde(rename_all = "camelCase")]
+    UserPromptSubmit {
+        prompt: String,
+    },
+    PreCompact,
+}
+
+impl HookEvent {
+    /// Get the hook name for this event (used to find the hook script)
+    pub fn hook_name(&self) -> &str {
+        match self {
+            HookEvent::PreToolUse { .. } => "PreToolUse",
+            HookEvent::PostToolUse { .. } => "PostToolUse",
+            HookEvent::SessionStart { .. } => "SessionStart",
+            HookEvent::SessionEnd { .. } => "SessionEnd",
+            HookEvent::UserPromptSubmit { .. } => "UserPromptSubmit",
+            HookEvent::PreCompact => "PreCompact",
+        }
+    }
+}
+
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub enum HookResult {
+    Allow,
+    Deny,
+}
+
+pub struct HookManager {
+    project_root: PathBuf,
+}
+
+impl HookManager {
+    pub fn new(project_root: &str) -> Self {
+        Self {
+            project_root: PathBuf::from(project_root),
+        }
+    }
+
+    /// Execute a hook for the given event
+    ///
+    /// Returns:
+    /// - Ok(HookResult::Allow) if hook succeeds or doesn't exist (exit code 0 or no hook)
+    /// - Ok(HookResult::Deny) if hook denies (exit code 2)
+    /// - Err if hook fails (other exit codes) or times out
+    pub async fn execute(&self, event: &HookEvent, timeout_ms: Option<u64>) -> Result<HookResult> {
+        let hook_path = self.get_hook_path(event);
+
+        // If hook doesn't exist, allow by default
+        if !hook_path.exists() {
+            return Ok(HookResult::Allow);
+        }
+
+        // Serialize event to JSON
+        let input_json = serde_json::to_string(event)?;
+
+        // Spawn the hook process
+        let mut child = Command::new(&hook_path)
+            .stdin(Stdio::piped())
+            .stdout(Stdio::piped())
+            .stderr(Stdio::piped())
+            .current_dir(&self.project_root)
+            .spawn()?;
+
+        // Write JSON input to stdin
+        if let Some(mut stdin) = child.stdin.take() {
+            stdin.write_all(input_json.as_bytes()).await?;
+            stdin.flush().await?;
+            drop(stdin); // Close stdin
+        }
+
+        // Wait for process with timeout
+        let result = if let Some(ms) = timeout_ms {
+            timeout(Duration::from_millis(ms), child.wait_with_output()).await
+        } else {
+            Ok(child.wait_with_output().await)
+        };
+
+        match result {
+            Ok(Ok(output)) => {
+                // Check exit code
+                match output.status.code() {
+                    Some(0) => Ok(HookResult::Allow),
+                    Some(2) => Ok(HookResult::Deny),
+                    Some(code) => Err(eyre!(
+                        "Hook {} failed with exit code {}: {}",
+                        event.hook_name(),
+                        code,
+                        String::from_utf8_lossy(&output.stderr)
+                    )),
+                    None => Err(eyre!("Hook {} terminated by signal", event.hook_name())),
+                }
+            }
+            Ok(Err(e)) => Err(eyre!("Failed to execute hook {}: {}", event.hook_name(), e)),
+            Err(_) => Err(eyre!("Hook {} timed out", event.hook_name())),
+        }
+    }
+
+    fn get_hook_path(&self, event: &HookEvent) -> PathBuf {
+        self.project_root
+            .join(".owlen")
+            .join("hooks")
+            .join(event.hook_name())
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn hook_event_serializes_correctly() {
+        let event = HookEvent::PreToolUse {
+            tool: "Read".to_string(),
+            args: serde_json::json!({"path": "/tmp/test.txt"}),
+        };
+
+        let json = serde_json::to_string(&event).unwrap();
+        assert!(json.contains("\"event\":\"preToolUse\""));
+        assert!(json.contains("\"tool\":\"Read\""));
+    }
+
+    #[test]
+    fn hook_event_names() {
+        assert_eq!(
+            HookEvent::PreToolUse {
+                tool: "Read".to_string(),
+                args: serde_json::json!({}),
+            }
+            .hook_name(),
+            "PreToolUse"
+        );
+        assert_eq!(
+            HookEvent::SessionStart {
+                session_id: "123".to_string(),
+            }
+            .hook_name(),
+            "SessionStart"
+        );
+    }
+}

crates/platform/hooks/tests/hooks.rs

@@ -0,0 +1,160 @@
+use hooks::{HookEvent, HookManager, HookResult};
+use std::fs;
+use tempfile::tempdir;
+
+#[tokio::test]
+async fn pretooluse_can_deny_call() {
+    let dir = tempdir().unwrap();
+    let hooks_dir = dir.path().join(".owlen/hooks");
+    fs::create_dir_all(&hooks_dir).unwrap();
+
+    // Create a PreToolUse hook that denies Write operations
+    let hook_script = r#"#!/bin/bash
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | grep -o '"tool":"[^"]*"' | cut -d'"' -f4)
+
+if [ "$TOOL" = "Write" ]; then
+    exit 2  # Deny
+fi
+exit 0  # Allow
+"#;
+    let hook_path = hooks_dir.join("PreToolUse");
+    fs::write(&hook_path, hook_script).unwrap();
+    fs::set_permissions(&hook_path, std::os::unix::fs::PermissionsExt::from_mode(0o755)).unwrap();
+
+    let manager = HookManager::new(dir.path().to_str().unwrap());
+
+    // Test Write tool (should be denied)
+    let write_event = HookEvent::PreToolUse {
+        tool: "Write".to_string(),
+        args: serde_json::json!({"path": "/tmp/test.txt", "content": "hello"}),
+    };
+    let result = manager.execute(&write_event, Some(5000)).await.unwrap();
+    assert_eq!(result, HookResult::Deny);
+
+    // Test Read tool (should be allowed)
+    let read_event = HookEvent::PreToolUse {
+        tool: "Read".to_string(),
+        args: serde_json::json!({"path": "/tmp/test.txt"}),
+    };
+    let result = manager.execute(&read_event, Some(5000)).await.unwrap();
+    assert_eq!(result, HookResult::Allow);
+}
+
+#[tokio::test]
+async fn posttooluse_runs_parallel() {
+    let dir = tempdir().unwrap();
+    let hooks_dir = dir.path().join(".owlen/hooks");
+    fs::create_dir_all(&hooks_dir).unwrap();
+
+    let output_file = dir.path().join("hook_output.txt");
+
+    // Create a PostToolUse hook that writes to a file
+    let hook_script = format!(
+        r#"#!/bin/bash
+INPUT=$(cat)
+echo "Hook executed: $INPUT" >> {}
+exit 0
+"#,
+        output_file.display()
+    );
+    let hook_path = hooks_dir.join("PostToolUse");
+    fs::write(&hook_path, hook_script).unwrap();
+    fs::set_permissions(&hook_path, std::os::unix::fs::PermissionsExt::from_mode(0o755)).unwrap();
+
+    let manager = HookManager::new(dir.path().to_str().unwrap());
+
+    // Execute hook
+    let event = HookEvent::PostToolUse {
+        tool: "Read".to_string(),
+        result: serde_json::json!({"success": true}),
+    };
+    let result = manager.execute(&event, Some(5000)).await.unwrap();
+    assert_eq!(result, HookResult::Allow);
+
+    // Verify hook ran
+    let output = fs::read_to_string(&output_file).unwrap();
+    assert!(output.contains("Hook executed"));
+}
+
+#[tokio::test]
+async fn sessionstart_persists_env() {
+    let dir = tempdir().unwrap();
+    let hooks_dir = dir.path().join(".owlen/hooks");
+    fs::create_dir_all(&hooks_dir).unwrap();
+
+    let env_file = dir.path().join(".owlen/session.env");
+
+    // Create a SessionStart hook that writes env vars to a file
+    let hook_script = format!(
+        r#"#!/bin/bash
+cat > {} <<EOF
+MY_VAR=hello
+ANOTHER_VAR=world
+EOF
+exit 0
+"#,
+        env_file.display()
+    );
+    let hook_path = hooks_dir.join("SessionStart");
+    fs::write(&hook_path, hook_script).unwrap();
+    fs::set_permissions(&hook_path, std::os::unix::fs::PermissionsExt::from_mode(0o755)).unwrap();
+
+    let manager = HookManager::new(dir.path().to_str().unwrap());
+
+    // Execute SessionStart hook
+    let event = HookEvent::SessionStart {
+        session_id: "test-123".to_string(),
+    };
+    let result = manager.execute(&event, Some(5000)).await.unwrap();
+    assert_eq!(result, HookResult::Allow);
+
+    // Verify env file was created
+    assert!(env_file.exists());
+    let content = fs::read_to_string(&env_file).unwrap();
+    assert!(content.contains("MY_VAR=hello"));
+    assert!(content.contains("ANOTHER_VAR=world"));
+}
+
+#[tokio::test]
+async fn hook_timeout_works() {
+    let dir = tempdir().unwrap();
+    let hooks_dir = dir.path().join(".owlen/hooks");
+    fs::create_dir_all(&hooks_dir).unwrap();
+
+    // Create a hook that sleeps longer than the timeout
+    let hook_script = r#"#!/bin/bash
+sleep 10
+exit 0
+"#;
+    let hook_path = hooks_dir.join("PreToolUse");
+    fs::write(&hook_path, hook_script).unwrap();
+    fs::set_permissions(&hook_path, std::os::unix::fs::PermissionsExt::from_mode(0o755)).unwrap();
+
+    let manager = HookManager::new(dir.path().to_str().unwrap());
+
+    let event = HookEvent::PreToolUse {
+        tool: "Read".to_string(),
+        args: serde_json::json!({"path": "/tmp/test.txt"}),
+    };
+
+    // Should timeout after 1000ms
+    let result = manager.execute(&event, Some(1000)).await;
+    assert!(result.is_err());
+    let err_msg = result.unwrap_err().to_string();
+    assert!(err_msg.contains("timeout") || err_msg.contains("timed out"));
+}
+
+#[tokio::test]
+async fn hook_not_found_is_ok() {
+    let dir = tempdir().unwrap();
+    let manager = HookManager::new(dir.path().to_str().unwrap());
+
+    // No hooks directory exists, should just return Allow
+    let event = HookEvent::PreToolUse {
+        tool: "Read".to_string(),
+        args: serde_json::json!({"path": "/tmp/test.txt"}),
+    };
+    let result = manager.execute(&event, Some(5000)).await.unwrap();
+    assert_eq!(result, HookResult::Allow);
+}