Build the PreToolUse claim/lease governance hook

task-pretooluse-claim-lease-hook

task confidence asserted status blocked 2026-06-16 owner platform-engineer
source board-curator (knowledge-architect) — from 0024-agentic-board-architecture §5 + the hooks survey

Build the PreToolUse claim/lease governance hook

Agentic "sprint board" architecture — a git-resident OKF task board worked by bounded, hook-governed Agent SDK loops §5 makes claim/lease governance a PreToolUse hook that runs in the host process outside the agent context window: a deny short-circuits the tool call (deny > ask > allow), so enforcement is deterministic, not model-trusted — the same discipline that makes the audit hook reliable (Establish the learning-loop & audit architecture).

Blocked on

Design the OKF `task` concept type + seed the board — the hook reads the claimed_by + lease_expires field contract that task defines. (Now that the schema is in flight, this unblocks soon; it is blocked only on the field contract, not on a transitive hold — dependencies are advisory.)

Shape

Mirror capture-trace-style discipline (the existing .claude/hooks/capture-trace.mjs): stdin JSON → read the target task's frontmatter → check claimed_by vs the session actor and lease_expires vs now → emit {action: deny|allow, reason} as valid JSON on stdout, errors to stderr, always exit 0. Fail-open on fs error (assume unclaimed) and log it; auto-treat an expired lease as reclaimable. Must honor confineToTenant + knowledgeDir()/DOSSIER_KB (KB-agnostic @dossier/site (renders any tenant's OKF KB) + runtime-driven site rendering + the Node-26 Windows build fix) — never a hardcoded path, never a cross-tenant read. Open question 2 of Agentic "sprint board" architecture — a git-resident OKF task board worked by bounded, hook-governed Agent SDK loops (push races, stale leases, fresh-clone model) is the thing to stress-test; git-bug CRDT is the reserved ceiling. Pairs with Build the runtime BoardWorker seam (DefaultBoardWorker + reserved AgentSdkBoardWorker).