Summary
workflow-gate.py (PreToolUse hook) blocks Edit/Write entirely while the current subtask is in the RESEARCH phase, even for changes that are orthogonal to the current subtask (out-of-band hotfixes, fixing an unrelated pre-existing failing test, adding a repo-level config file). The only escape is to write files via Bash heredocs, which defeats the dedicated Edit/Write tooling (no diff review, no read-before-write safety).
Environment
- mapify_version:
3.10.0
- template_hash:
25848f38baf5bc9c8a088f332714ef2b654db64048a57defc6605fbc324d93de
- hook:
.claude/hooks/workflow-gate.py
Repro
- Be mid-
/map-efficient; the state machine has just advanced the cursor to a new subtask whose phase is RESEARCH (before research is saved).
- Need to make an orthogonal fix (e.g. create
pyrightconfig.json, or patch an unrelated pre-existing failing test the user asked you to fix immediately).
- Try
Edit/Write on that unrelated file.
Actual
Workflow gate: Edit blocked during RESEARCH (subtask ST-011).
RESEARCH is mandatory before ACTOR — persist research findings,
then close the phase, then Edit becomes available.
Required:
1. echo '<findings>' | python3 .map/scripts/map_step_runner.py save_research <branch> ST-011
2. python3 .map/scripts/map_orchestrator.py validate_step 2.2
3. Then Edit/Write opens (ACTOR phase).
Workaround used: write the file via Bash (cat > file <<'EOF' ... EOF), which the gate does not intercept — so the gate is both over-restrictive and trivially bypassable.
Why this is a problem
- The gate's intent (force RESEARCH before ACTOR for the current subtask's files) is reasonable, but it blocks all Edit/Write, including files that have nothing to do with the current subtask — e.g. an orthogonal hotfix the operator/user explicitly requested.
- Pushing edits into
Bash heredocs loses Edit/Write affordances (read-before-write enforcement, minimal-diff review, the security/innerHTML hooks, etc.) and is easy to forget to round-trip back into the workflow.
Suggested fix (one of)
- Scope the RESEARCH-phase block to files within the current subtask's
affected_files (or under the plan's tracked dirs); allow Edit/Write to unrelated paths (e.g. repo-root config, files not in any pending subtask).
- Provide an explicit, auditable escape (e.g. an env flag or a
/map "out-of-band edit" acknowledgement) so hotfixes don't have to be smuggled through Bash.
- At minimum, also gate
Bash file-writes (cat >, tee, >) so the restriction isn't trivially bypassable — but option (1) is preferable since blocking legitimate orthogonal fixes is the real friction.
Impact
Orthogonal/hotfix edits during a long run must be done through Bash, bypassing the safer Edit/Write path and the gate itself.
Summary
workflow-gate.py(PreToolUse hook) blocks Edit/Write entirely while the current subtask is in the RESEARCH phase, even for changes that are orthogonal to the current subtask (out-of-band hotfixes, fixing an unrelated pre-existing failing test, adding a repo-level config file). The only escape is to write files viaBashheredocs, which defeats the dedicated Edit/Write tooling (no diff review, no read-before-write safety).Environment
3.10.025848f38baf5bc9c8a088f332714ef2b654db64048a57defc6605fbc324d93de.claude/hooks/workflow-gate.pyRepro
/map-efficient; the state machine has just advanced the cursor to a new subtask whose phase is RESEARCH (before research is saved).pyrightconfig.json, or patch an unrelated pre-existing failing test the user asked you to fix immediately).Edit/Writeon that unrelated file.Actual
Workaround used: write the file via
Bash(cat > file <<'EOF' ... EOF), which the gate does not intercept — so the gate is both over-restrictive and trivially bypassable.Why this is a problem
Bashheredocs loses Edit/Write affordances (read-before-write enforcement, minimal-diff review, the security/innerHTML hooks, etc.) and is easy to forget to round-trip back into the workflow.Suggested fix (one of)
affected_files(or under the plan's tracked dirs); allow Edit/Write to unrelated paths (e.g. repo-root config, files not in any pending subtask)./map"out-of-band edit" acknowledgement) so hotfixes don't have to be smuggled throughBash.Bashfile-writes (cat >,tee,>) so the restriction isn't trivially bypassable — but option (1) is preferable since blocking legitimate orthogonal fixes is the real friction.Impact
Orthogonal/hotfix edits during a long run must be done through
Bash, bypassing the safer Edit/Write path and the gate itself.