/**
 * Hook Handler - Bridges Claude Code hooks to the ATR engine.
 *
 * Converts HookInput (PreToolUse/PostToolUse) into AgentEvents,
 * evaluates them, and returns HookOutput for the agent host.
 *
 * Supports a stdio JSON-lines loop for use as a Claude Code hook process.
 *
 * CRITICAL: Fail-open on all errors -- default to "allow" so a
 * bug in the guard never blocks legitimate agent operations.
 *
 * @module agent-threat-rules/hook-handler
 */
import type { HookInput, HookOutput } from './types.js';
import type { ATREngine } from './engine.js';
import type { ActionExecutor } from './action-executor.js';
export interface HookHandlerConfig {
    readonly engine: ATREngine;
    readonly executor: ActionExecutor;
    readonly timeoutMs?: number;
    readonly failOpen?: boolean;
}
export declare class HookHandler {
    private readonly engine;
    private readonly executor;
    private readonly timeoutMs;
    private readonly failOpen;
    constructor(config: HookHandlerConfig);
    /**
     * Handle a PreToolUse hook event.
     * Converts input to an AgentEvent, evaluates, and returns a HookOutput.
     */
    handlePreToolUse(input: HookInput): Promise<HookOutput>;
    /**
     * Handle a PostToolUse hook event.
     * Scans the tool output for threats.
     */
    handlePostToolUse(input: HookInput): Promise<HookOutput>;
    /**
     * Start a stdio JSON-lines loop.
     *
     * Reads one JSON object per line from stdin, dispatches to the
     * appropriate handler, and writes one JSON line to stdout.
     *
     * Exits cleanly when stdin closes.
     */
    startStdioLoop(): Promise<void>;
    /**
     * Dispatch a HookInput to the appropriate handler.
     */
    private dispatch;
    /**
     * Evaluate an event with timeout and convert the verdict to HookOutput.
     */
    private evaluateAndRespond;
    /**
     * Handle errors with fail-open or fail-closed behavior.
     */
    private handleError;
}
//# sourceMappingURL=hook-handler.d.ts.map