feat: add PrivacyCheckValidator to centralize user prompt privacy checks

- Introduced PrivacyCheckValidator class to encapsulate logic for checking if user prompts are private.
- Updated SessionRoutes to utilize PrivacyCheckValidator for determining prompt privacy during observation and summarization operations.
- Removed duplicate privacy check logic from SessionRoutes, improving code maintainability and readability.

src/services/worker/http/routes/SessionRoutes.ts

@@ -16,6 +16,7 @@ import type { WorkerService } from '../../../worker-service.js';
 import { BaseRouteHandler } from '../BaseRouteHandler.js';
 import { SessionEventBroadcaster } from '../../events/SessionEventBroadcaster.js';
 import { SessionCompletionHandler } from '../../session/SessionCompletionHandler.js';
+import { PrivacyCheckValidator } from '../../validation/PrivacyCheckValidator.js';
 
 export class SessionRoutes extends BaseRouteHandler {
   private completionHandler: SessionCompletionHandler;
@@ -266,13 +267,15 @@ export class SessionRoutes extends BaseRouteHandler {
     const promptNumber = store.getPromptCounter(sessionDbId);
 
     // Privacy check: skip if user prompt was entirely private
-    const userPrompt = store.getUserPrompt(claudeSessionId, promptNumber);
+    const userPrompt = PrivacyCheckValidator.checkUserPromptPrivacy(
-    if (!userPrompt || userPrompt.trim() === '') {
+      store,
-      logger.debug('HOOK', 'Skipping observation - user prompt was entirely private', {
+      claudeSessionId,
-        sessionId: sessionDbId,
+      promptNumber,
-        promptNumber,
+      'observation',
-        tool_name
+      sessionDbId,
-      });
+      { tool_name }
+    );
+    if (!userPrompt) {
       res.json({ status: 'skipped', reason: 'private' });
       return;
     }
@@ -336,12 +339,14 @@ export class SessionRoutes extends BaseRouteHandler {
     const promptNumber = store.getPromptCounter(sessionDbId);
 
     // Privacy check: skip if user prompt was entirely private
-    const userPrompt = store.getUserPrompt(claudeSessionId, promptNumber);
+    const userPrompt = PrivacyCheckValidator.checkUserPromptPrivacy(
-    if (!userPrompt || userPrompt.trim() === '') {
+      store,
-      logger.debug('HOOK', 'Skipping summary - user prompt was entirely private', {
+      claudeSessionId,
-        sessionId: sessionDbId,
+      promptNumber,
-        promptNumber
+      'summarize',
-      });
+      sessionDbId
+    );
+    if (!userPrompt) {
       res.json({ status: 'skipped', reason: 'private' });
       return;
     }

src/services/worker/validation/PrivacyCheckValidator.ts

@@ -0,0 +1,41 @@
+import { SessionStore } from '../../sqlite/SessionStore.js';
+import { logger } from '../../../utils/logger.js';
+
+/**
+ * Validates user prompt privacy for session operations
+ *
+ * Centralizes privacy checks to avoid duplicate validation logic across route handlers.
+ * If user prompt was entirely private (stripped to empty string), we skip processing.
+ */
+export class PrivacyCheckValidator {
+  /**
+   * Check if user prompt is public (not entirely private)
+   *
+   * @param store - SessionStore instance
+   * @param claudeSessionId - Claude session ID
+   * @param promptNumber - Prompt number within session
+   * @param operationType - Type of operation being validated ('observation' or 'summarize')
+   * @returns User prompt text if public, null if private
+   */
+  static checkUserPromptPrivacy(
+    store: SessionStore,
+    claudeSessionId: string,
+    promptNumber: number,
+    operationType: 'observation' | 'summarize',
+    sessionDbId: number,
+    additionalContext?: Record<string, any>
+  ): string | null {
+    const userPrompt = store.getUserPrompt(claudeSessionId, promptNumber);
+
+    if (!userPrompt || userPrompt.trim() === '') {
+      logger.debug('HOOK', `Skipping ${operationType} - user prompt was entirely private`, {
+        sessionId: sessionDbId,
+        promptNumber,
+        ...additionalContext
+      });
+      return null;
+    }
+
+    return userPrompt;
+  }
+}