- Switch from colon to tab delimiter to handle colons in evidence text
- Base64-encode evidence to prevent parsing issues
- Use MAX_SEVERITY in log output and JSON events
- Narrow regex patterns to reduce false positives:
- third[_-]?party instead of third.?party
- Role reassignment scoped to AI terms
- System prompt injection requires 'you are' context
- Fix session-end stats to scope to current session only
- Update privacy statement to clarify evidence snippets are logged
- Rename credential description to 'Possible hardcoded credential'
- Fix database destruction regex to also match semicolons
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Fix getResourceType() to match relative paths like hooks/<name>/README.md
and skills/<name>/SKILL.md using regex instead of string includes
- Extract hook events from hooks.json via parseHookMetadata() instead of
non-existent frontmatter.event field in plugin README generation
- Update AGENTS.md to describe hooks as folder-based (README.md + hooks.json)
instead of .hook.md files
- Update session-logger README to accurately reflect what scripts log
(remove references to sessionId, duration, prompt content)
- Introduced hooks to enable automated workflows triggered by specific events during GitHub Copilot sessions.
- Added documentation for hooks in AGENTS.md and README.md.
- Created a new directory structure for hooks, including README.md and hooks.json files.
- Implemented two example hooks: Session Auto-Commit and Session Logger.
- Developed scripts for logging session events and auto-committing changes.
- Enhanced validation and parsing for hook metadata.
- Updated build and validation scripts to accommodate new hooks functionality.
