Fixes a reported issue where the read cache could block file edits on Linux/Cursor environments.
What changed:
- Escape hatch: After 3 consecutive denials of the same file, the read cache allows a full re-read. Prevents models from getting stuck in deny loops.
- Belt-and-suspenders guard: main() validates tool_name before processing, catching environments where hook matchers are not enforced.
- Diagnostic telemetry: Unexpected tool invocations logged for debugging.
- Clearer denial messages: All deny responses tell the model it can still Edit or Read a specific range.
No configuration changes needed. Existing users on auto-update will get this automatically.