@cybedefend/vibedefend 1.1.1

package/dist/clients/codex.js

@@ -0,0 +1,378 @@
+/**
+ * OpenAI Codex adapter.
+ *
+ * Two-step wiring (per https://developers.openai.com/codex/hooks):
+ *  1. Write hook entries to `~/.codex/hooks.json` (JSON format — the doc
+ *     also accepts TOML in `config.toml`, but JSON is the same shape we
+ *     use elsewhere and avoids needing a TOML AST writer).
+ *  2. Auto-enable the `codex_hooks` feature flag in `~/.codex/config.toml`
+ *     (per decision 3 = A: silently flip the flag rather than printing a
+ *     "edit this file manually" message).
+ *
+ * Feature-flag handling is intentionally conservative. We:
+ *  - Read `config.toml` as text.
+ *  - If `codex_hooks = true` already appears, leave the file alone.
+ *  - If `[features]` section exists but `codex_hooks` is `false` or
+ *    missing, append the line under that section.
+ *  - If `[features]` doesn't exist, append a fresh `\n[features]\n
+ *    codex_hooks = true\n` block at the end.
+ *
+ * Yes, this is regex-based and not a real TOML parser. Reason: a full
+ * TOML rewriter (e.g. `@iarna/toml`) strips comments + reorders keys,
+ * which is hostile to a config file the user may also edit. Appending
+ * is safer than rewriting. Doc-tested against the shapes Codex actually
+ * ships with.
+ *
+ * Tool matcher uses Codex's regex syntax (per its docs) — `^(Edit|Write|apply_patch)$`.
+ */
+import { execFileSync } from 'node:child_process';
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'node:fs';
+import { dirname } from 'node:path';
+import { home, log, readJson, writeJson, which } from '../utils.js';
+import { hookCommand, VIBEDEFEND_PATH_MARKER, isVibedefendOwnedHookCommand, } from '../hooks/install.js';
+import { configDirExists, probeBinaryVersion, } from './detect.js';
+const CODEX_HOOKS = home('.codex', 'hooks.json');
+const CODEX_CONFIG_TOML = home('.codex', 'config.toml');
+function detect() {
+    const version = probeBinaryVersion('codex') ?? undefined;
+    const hasConfigDir = configDirExists(home('.codex'));
+    const installed = version !== undefined || hasConfigDir;
+    if (!installed) {
+        return {
+            installed: false,
+            supportsHooks: false,
+            reason: '`codex` CLI not on PATH and no ~/.codex/ directory.',
+        };
+    }
+    return {
+        installed: true,
+        version,
+        supportsHooks: true,
+        // No version gate documented — hooks are behind a feature flag we
+        // auto-enable below. If a very old codex predates hooks, the flag
+        // is harmless (ignored).
+    };
+}
+function supports(event) {
+    // Codex lists SessionStart / PreToolUse / Stop. No PreCompact event.
+    return event !== 'pre-compact';
+}
+/**
+ * Drop hook entries owned by vibedefend, in BOTH the current nested shape
+ * and the legacy flat shape V1 used to write (kept for migration: re-installing
+ * on top of a V1 hooks.json must scrub the old broken entries before adding
+ * the new well-formed ones). Third-party entries are never matched and pass
+ * through untouched.
+ */
+function dropOurs(entries) {
+    return entries.filter((e) => {
+        // New nested shape: { matcher?, hooks: [{ type, command }] }
+        if (Array.isArray(e.hooks)) {
+            const handlers = e.hooks;
+            return !handlers.some((h) => typeof h.command === 'string' &&
+                isVibedefendOwnedHookCommand(h.command));
+        }
+        // Legacy flat shape: { command, matchers? } — from V1 vibedefend-cli
+        // before the schema fix; also drops V0 `cybedefend-claude-hooks/` paths
+        // if they ever land in a Codex hooks.json.
+        const flatCommand = e.command;
+        if (typeof flatCommand === 'string') {
+            return !isVibedefendOwnedHookCommand(flatCommand);
+        }
+        // Unknown shape — leave it alone.
+        return true;
+    });
+}
+/**
+ * Ensure `hooks = true` is set under `[features]` in `~/.codex/config.toml`.
+ * Returns `true` if the file was modified, `false` if it was already correct.
+ *
+ * Codex 0.131 deprecated `[features].codex_hooks` (the original V1 flag) in
+ * favour of `[features].hooks`. The deprecated key is no longer honored — it
+ * prints a startup warning AND leaves the hooks subsystem off entirely. The
+ * symptom: Codex's `/hooks` panel shows `Installed 0 / Active 0` for every
+ * event, and `hooks.json` is never read.
+ *
+ * This function therefore also MIGRATES any legacy `codex_hooks = …` line
+ * out of the file (deleting it) so Codex stops printing the deprecation
+ * warning. It does NOT preserve any value the user may have set on the
+ * legacy key — `vibedefend install` is the only writer for both keys, so
+ * losing information here is acceptable.
+ *
+ * Exported for tests — `writeSettings` calls it as part of the wire-up.
+ */
+export function ensureCodexFeatureFlag(configPath = CODEX_CONFIG_TOML) {
+    const originalContent = existsSync(configPath)
+        ? readFileSync(configPath, 'utf8')
+        : '';
+    let content = originalContent;
+    // ── 1. Migration: drop any legacy `codex_hooks = …` line ────────────
+    // We always remove it regardless of value, so the deprecation warning
+    // Codex prints on startup goes away. We do it BEFORE the canonical-key
+    // check so a file with both keys still ends up clean.
+    if (/^\s*codex_hooks\s*=/m.test(content)) {
+        // Match the whole line including its trailing newline so we don't
+        // leave an empty line behind.
+        content = content.replace(/^\s*codex_hooks\s*=\s*\S+\s*\r?\n?/m, '');
+    }
+    // ── 2. Ensure `hooks = true` is set ──────────────────────────────────
+    const canonicalAlreadyTrue = /^hooks\s*=\s*true\s*$/m.test(content);
+    if (canonicalAlreadyTrue) {
+        // Idempotent — but if step 1 changed anything (legacy key removed),
+        // we still need to persist; only return early when content matches
+        // the original byte-for-byte.
+        if (content === originalContent)
+            return false;
+        mkdirSync(dirname(configPath), { recursive: true });
+        writeFileSync(configPath, content);
+        return true;
+    }
+    const featuresHeader = /^\[features\]\s*$/m;
+    if (featuresHeader.test(content)) {
+        if (/^\s*hooks\s*=/m.test(content)) {
+            // hooks = <something other than true> — flip it.
+            content = content.replace(/^\s*hooks\s*=\s*\S+\s*$/m, 'hooks = true');
+        }
+        else {
+            // Insert under the [features] header.
+            content = content.replace(featuresHeader, '[features]\nhooks = true');
+        }
+    }
+    else {
+        // No [features] section — append a fresh one. Newline padding so we
+        // don't merge with a preceding stanza.
+        if (content.length > 0 && !content.endsWith('\n'))
+            content += '\n';
+        content += '\n[features]\nhooks = true\n';
+    }
+    if (content === originalContent)
+        return false;
+    mkdirSync(dirname(configPath), { recursive: true });
+    writeFileSync(configPath, content);
+    return true;
+}
+/**
+ * Register the CybeDefend MCP server under `[mcp_servers.<name>]` in
+ * `~/.codex/config.toml`. Idempotent — if the same header already exists,
+ * we replace the `url` value (keeps the entry consistent if the region
+ * changed); otherwise we append a fresh block at the end.
+ *
+ * We use `indexOf`-based block extraction rather than a single regex
+ * because JS regex doesn't support the `\Z` (end-of-string) anchor and
+ * faking it with `$(?![\s\S])` reads worse than the explicit slicing.
+ *
+ * Exported for tests.
+ */
+export function ensureCodexMcpServer(configPath, region) {
+    let content = existsSync(configPath) ? readFileSync(configPath, 'utf8') : '';
+    const headerLine = `[mcp_servers.${region.mcpName}]`;
+    // Locate the header line at the START of a line (avoids accidental match
+    // inside a comment or inside another key's value).
+    const headerSearchRe = new RegExp(`^\\[mcp_servers\\.${region.mcpName.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}\\]\\s*$`, 'm');
+    const headerMatch = content.match(headerSearchRe);
+    if (headerMatch === null || headerMatch.index === undefined) {
+        // Not found — append a fresh block.
+        if (content.length > 0 && !content.endsWith('\n'))
+            content += '\n';
+        content += `\n${headerLine}\nurl = "${region.mcpUrl}"\n`;
+        mkdirSync(dirname(configPath), { recursive: true });
+        writeFileSync(configPath, content);
+        return { added: true, updated: false };
+    }
+    // Slice out the existing block: from the header to either the next
+    // `\n[` (start of another table) or end of file.
+    const headerStart = headerMatch.index;
+    const headerEnd = headerStart + headerMatch[0].length;
+    const nextHeaderRelative = content.slice(headerEnd).search(/\n\[/);
+    const blockEnd = nextHeaderRelative === -1 ? content.length : headerEnd + nextHeaderRelative;
+    const body = content.slice(headerEnd, blockEnd);
+    // Replace the `url = ...` line if present; append one otherwise.
+    //
+    // Critical: use `[ \t]*` (not `\s*`) for the in-line whitespace because
+    // `\s` includes `\n` — a `\s*` after `^` greedily eats the newline that
+    // separates the header from the body, and the replace then drops it,
+    // resulting in `[mcp_servers.X]url = "..."` (no newline). Same applies
+    // to the gap between `url` and `=`.
+    let newBody;
+    if (/^url[ \t]*=/m.test(body)) {
+        newBody = body.replace(/^url[ \t]*=[ \t]*\S.*$/m, `url = "${region.mcpUrl}"`);
+    }
+    else {
+        newBody = '\n' + `url = "${region.mcpUrl}"` + body;
+    }
+    if (newBody === body) {
+        return { added: false, updated: false };
+    }
+    const newContent = content.slice(0, headerEnd) + newBody + content.slice(blockEnd);
+    mkdirSync(dirname(configPath), { recursive: true });
+    writeFileSync(configPath, newContent);
+    return { added: false, updated: true };
+}
+function registerMcp(opts) {
+    log.step(`Registering MCP "${opts.region.mcpName}" in Codex`);
+    log.hint(`URL: ${opts.region.mcpUrl}`);
+    const { added, updated } = ensureCodexMcpServer(CODEX_CONFIG_TOML, opts.region);
+    if (added) {
+        log.ok(`Added [mcp_servers.${opts.region.mcpName}] to ${CODEX_CONFIG_TOML}`);
+    }
+    else if (updated) {
+        log.ok(`Updated [mcp_servers.${opts.region.mcpName}] url in ${CODEX_CONFIG_TOML}`);
+    }
+    else {
+        log.hint(`[mcp_servers.${opts.region.mcpName}] already configured in ${CODEX_CONFIG_TOML}`);
+    }
+    return true;
+}
+/**
+ * Codex-specific post-registration step. After the `[mcp_servers.<name>]`
+ * block is written to `config.toml`, Codex still requires an explicit
+ * `codex mcp login <name>` before the first MCP tool call succeeds.
+ * We run it for the user.
+ *
+ * Never throws — if the `codex` CLI is missing or login fails, we log a
+ * warning telling the user to run it manually and the install continues.
+ */
+function postRegister(opts) {
+    // Codex is "detected" if EITHER the `codex` CLI is on PATH OR the
+    // ~/.codex/ config dir exists (the IDE extension). `codex mcp login` is a
+    // CLI command — when only the extension is present there is no binary to
+    // run, so skip with an informational hint instead of an ENOENT warning.
+    const cliOnPath = opts.cliOnPath ?? (() => which('codex') !== null);
+    if (!cliOnPath()) {
+        log.hint(`Codex CLI not on PATH — skipping \`codex mcp login\`. Codex was ` +
+            `detected via its ~/.codex/ config (the IDE extension), which ` +
+            `authenticates the MCP on first use. If you also use the Codex ` +
+            `CLI, run \`codex mcp login ${opts.region.mcpName}\` after ` +
+            `installing it.`);
+        return;
+    }
+    const spawn = opts.spawn ??
+        ((cmd, args) => {
+            execFileSync(cmd, args, { stdio: 'inherit' });
+        });
+    log.step(`Authenticating Codex MCP "${opts.region.mcpName}" (codex mcp login)`);
+    try {
+        spawn('codex', ['mcp', 'login', opts.region.mcpName]);
+        log.ok('Codex MCP login complete.');
+    }
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        log.warn(`\`codex mcp login ${opts.region.mcpName}\` failed (${msg}). ` +
+            'Run it manually if Codex MCP tool calls fail.');
+    }
+}
+function writeSettings(opts) {
+    // Ensure parent directory exists.
+    mkdirSync(dirname(CODEX_HOOKS), { recursive: true });
+    const file = readJson(CODEX_HOOKS, {});
+    file.hooks ??= {};
+    file.hooks.PreToolUse ??= [];
+    file.hooks.SessionStart ??= [];
+    file.hooks.Stop ??= [];
+    file.hooks.PreToolUse = dropOurs(file.hooks.PreToolUse);
+    file.hooks.SessionStart = dropOurs(file.hooks.SessionStart);
+    file.hooks.Stop = dropOurs(file.hooks.Stop);
+    // PreToolUse: fire on apply_patch / Edit / Write (matcher is a single
+    // regex string per Codex docs; the three values are matcher-aliases Codex
+    // accepts for its apply_patch tool).
+    file.hooks.PreToolUse.push({
+        matcher: '^(Edit|Write|apply_patch)$',
+        hooks: [
+            {
+                type: 'command',
+                command: hookCommand('fetch-rules'),
+                statusMessage: 'CybeDefend: fetching relevant rules',
+            },
+        ],
+    });
+    // Action Guards: no matcher → fires for every tool call. Exit code 2
+    // signals Codex (via its hook subsystem) to block the tool call.
+    file.hooks.PreToolUse.push({
+        hooks: [
+            {
+                type: 'command',
+                command: hookCommand('guard-check'),
+                statusMessage: 'CybeDefend: checking action guards',
+            },
+        ],
+    });
+    // SessionStart: no matcher → fires on every source (startup/resume/clear).
+    file.hooks.SessionStart.push({
+        hooks: [
+            {
+                type: 'command',
+                command: hookCommand('session-start'),
+                statusMessage: 'CybeDefend: loading project context',
+            },
+        ],
+    });
+    // Stop has no matcher per Codex docs.
+    if (opts.enableSessionReview) {
+        file.hooks.Stop.push({
+            hooks: [
+                {
+                    type: 'command',
+                    command: hookCommand('session-review'),
+                    statusMessage: 'CybeDefend: session review',
+                    timeout: 60,
+                },
+            ],
+        });
+    }
+    writeJson(CODEX_HOOKS, file);
+    const flagChanged = ensureCodexFeatureFlag();
+    if (flagChanged) {
+        log.ok(`Enabled [features].hooks in ${CODEX_CONFIG_TOML}`);
+    }
+    else {
+        log.hint(`[features].hooks already set in ${CODEX_CONFIG_TOML}`);
+    }
+    log.ok(`Codex hooks wired into ${CODEX_HOOKS}`);
+    // Codex 0.131+ requires per-hook trust review before any hook fires.
+    // Until the user opens Codex and trusts each entry, `/hooks` shows
+    // `Installed 0 / Active 0` and the SessionStart projectId block is
+    // silently dropped — the symptom the user observed before this fix.
+    log.warn('Codex requires manual hook approval. Open Codex and run `/hooks` to ' +
+        'review and trust the cybedefend hooks before they fire (until then ' +
+        'they show as Installed > 0 but Active = 0).');
+    log.hint('Note: Codex has no PreCompact event, so long-session gap analysis only fires at Stop.');
+}
+/**
+ * Pure introspection — never throws. `hooksWired` from `~/.codex/hooks.json`,
+ * `mcpRegistered` by testing for the `[mcp_servers.<mcpName>]` table header
+ * in `~/.codex/config.toml` (the same anchor `ensureCodexMcpServer` writes).
+ * The header is matched at line-start so it doesn't false-positive inside a
+ * comment or another key's value.
+ */
+function inspect(region) {
+    let hooksWired = false;
+    try {
+        if (existsSync(CODEX_HOOKS)) {
+            hooksWired = readFileSync(CODEX_HOOKS, 'utf8').includes(VIBEDEFEND_PATH_MARKER);
+        }
+    }
+    catch {
+        /* missing/unreadable → false */
+    }
+    let mcpRegistered = false;
+    try {
+        if (existsSync(CODEX_CONFIG_TOML)) {
+            mcpRegistered = new RegExp(`^\\[mcp_servers\\.${region.mcpName.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}\\]\\s*$`, 'm').test(readFileSync(CODEX_CONFIG_TOML, 'utf8'));
+        }
+    }
+    catch {
+        /* → false */
+    }
+    return { hooksWired, mcpRegistered };
+}
+export const codexAdapter = {
+    id: 'codex',
+    label: 'OpenAI Codex',
+    detect,
+    supports,
+    writeSettings,
+    registerMcp,
+    postRegister,
+    inspect,
+};
+//# sourceMappingURL=codex.js.map

package/dist/clients/codex.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"codex.js","sourceRoot":"","sources":["../../src/clients/codex.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpE,OAAO,EACL,WAAW,EACX,sBAAsB,EACtB,4BAA4B,GAC7B,MAAM,qBAAqB,CAAC;AAS7B,OAAO,EACL,eAAe,EACf,kBAAkB,GACnB,MAAM,aAAa,CAAC;AAErB,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;AACjD,MAAM,iBAAiB,GAAG,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;AA8DxD,SAAS,MAAM;IACb,MAAM,OAAO,GAAG,kBAAkB,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC;IACzD,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,OAAO,KAAK,SAAS,IAAI,YAAY,CAAC;IAExD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO;YACL,SAAS,EAAE,KAAK;YAChB,aAAa,EAAE,KAAK;YACpB,MAAM,EAAE,qDAAqD;SAC9D,CAAC;IACJ,CAAC;IACD,OAAO;QACL,SAAS,EAAE,IAAI;QACf,OAAO;QACP,aAAa,EAAE,IAAI;QACnB,kEAAkE;QAClE,kEAAkE;QAClE,yBAAyB;KAC1B,CAAC;AACJ,CAAC;AAED,SAAS,QAAQ,CAAC,KAAqB;IACrC,qEAAqE;IACrE,OAAO,KAAK,KAAK,aAAa,CAAC;AACjC,CAAC;AAED;;;;;;GAMG;AACH,SAAS,QAAQ,CAAC,OAAuB;IACvC,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAC1B,6DAA6D;QAC7D,IAAI,KAAK,CAAC,OAAO,CAAE,CAAoB,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/C,MAAM,QAAQ,GAAI,CAAoB,CAAC,KAAK,CAAC;YAC7C,OAAO,CAAC,QAAQ,CAAC,IAAI,CACnB,CAAC,CAAC,EAAE,EAAE,CACJ,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ;gBAC7B,4BAA4B,CAAC,CAAC,CAAC,OAAO,CAAC,CAC1C,CAAC;QACJ,CAAC;QACD,qEAAqE;QACrE,wEAAwE;QACxE,2CAA2C;QAC3C,MAAM,WAAW,GAAI,CAAyB,CAAC,OAAO,CAAC;QACvD,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;YACpC,OAAO,CAAC,4BAA4B,CAAC,WAAW,CAAC,CAAC;QACpD,CAAC;QACD,kCAAkC;QAClC,OAAO,IAAI,CAAC;IACd,CAAC,CAAqB,CAAC;AACzB,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,sBAAsB,CAAC,aAAqB,iBAAiB;IAC3E,MAAM,eAAe,GAAG,UAAU,CAAC,UAAU,CAAC;QAC5C,CAAC,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC;QAClC,CAAC,CAAC,EAAE,CAAC;IACP,IAAI,OAAO,GAAG,eAAe,CAAC;IAE9B,uEAAuE;IACvE,sEAAsE;IACtE,uEAAuE;IACvE,sDAAsD;IACtD,IAAI,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACzC,kEAAkE;QAClE,8BAA8B;QAC9B,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,qCAAqC,EAAE,EAAE,CAAC,CAAC;IACvE,CAAC;IAED,wEAAwE;IACxE,MAAM,oBAAoB,GAAG,wBAAwB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpE,IAAI,oBAAoB,EAAE,CAAC;QACzB,oEAAoE;QACpE,mEAAmE;QACnE,8BAA8B;QAC9B,IAAI,OAAO,KAAK,eAAe;YAAE,OAAO,KAAK,CAAC;QAC9C,SAAS,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,cAAc,GAAG,oBAAoB,CAAC;IAC5C,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,IAAI,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACnC,iDAAiD;YACjD,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,0BAA0B,EAAE,cAAc,CAAC,CAAC;QACxE,CAAC;aAAM,CAAC;YACN,sCAAsC;YACtC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;SAAM,CAAC;QACN,oEAAoE;QACpE,uCAAuC;QACvC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,IAAI,CAAC;QACnE,OAAO,IAAI,8BAA8B,CAAC;IAC5C,CAAC;IAED,IAAI,OAAO,KAAK,eAAe;QAAE,OAAO,KAAK,CAAC;IAC9C,SAAS,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACpD,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACnC,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,oBAAoB,CAClC,UAAkB,EAClB,MAAoB;IAEpB,IAAI,OAAO,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7E,MAAM,UAAU,GAAG,gBAAgB,MAAM,CAAC,OAAO,GAAG,CAAC;IAErD,yEAAyE;IACzE,mDAAmD;IACnD,MAAM,cAAc,GAAG,IAAI,MAAM,CAC/B,qBAAqB,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,UAAU,EACpF,GAAG,CACJ,CAAC;IACF,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IAElD,IAAI,WAAW,KAAK,IAAI,IAAI,WAAW,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;QAC5D,oCAAoC;QACpC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,IAAI,CAAC;QACnE,OAAO,IAAI,KAAK,UAAU,YAAY,MAAM,CAAC,MAAM,KAAK,CAAC;QACzD,SAAS,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACnC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IACzC,CAAC;IAED,mEAAmE;IACnE,iDAAiD;IACjD,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC;IACtC,MAAM,SAAS,GAAG,WAAW,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACtD,MAAM,kBAAkB,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACnE,MAAM,QAAQ,GACZ,kBAAkB,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,GAAG,kBAAkB,CAAC;IAC9E,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAEhD,iEAAiE;IACjE,EAAE;IACF,wEAAwE;IACxE,wEAAwE;IACxE,qEAAqE;IACrE,uEAAuE;IACvE,oCAAoC;IACpC,IAAI,OAAe,CAAC;IACpB,IAAI,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,OAAO,GAAG,IAAI,CAAC,OAAO,CACpB,yBAAyB,EACzB,UAAU,MAAM,CAAC,MAAM,GAAG,CAC3B,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,IAAI,GAAG,UAAU,MAAM,CAAC,MAAM,GAAG,GAAG,IAAI,CAAC;IACrD,CAAC;IAED,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QACrB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,MAAM,UAAU,GACd,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,GAAG,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAClE,SAAS,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACpD,aAAa,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IACtC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AACzC,CAAC;AAED,SAAS,WAAW,CAAC,IAA8B;IACjD,GAAG,CAAC,IAAI,CAAC,oBAAoB,IAAI,CAAC,MAAM,CAAC,OAAO,YAAY,CAAC,CAAC;IAC9D,GAAG,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACvC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,oBAAoB,CAC7C,iBAAiB,EACjB,IAAI,CAAC,MAAM,CACZ,CAAC;IACF,IAAI,KAAK,EAAE,CAAC;QACV,GAAG,CAAC,EAAE,CAAC,sBAAsB,IAAI,CAAC,MAAM,CAAC,OAAO,QAAQ,iBAAiB,EAAE,CAAC,CAAC;IAC/E,CAAC;SAAM,IAAI,OAAO,EAAE,CAAC;QACnB,GAAG,CAAC,EAAE,CACJ,wBAAwB,IAAI,CAAC,MAAM,CAAC,OAAO,YAAY,iBAAiB,EAAE,CAC3E,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,GAAG,CAAC,IAAI,CACN,gBAAgB,IAAI,CAAC,MAAM,CAAC,OAAO,2BAA2B,iBAAiB,EAAE,CAClF,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,YAAY,CAAC,IAIrB;IACC,kEAAkE;IAClE,0EAA0E;IAC1E,yEAAyE;IACzE,wEAAwE;IACxE,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC,CAAC;IACpE,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC;QACjB,GAAG,CAAC,IAAI,CACN,kEAAkE;YAChE,+DAA+D;YAC/D,gEAAgE;YAChE,8BAA8B,IAAI,CAAC,MAAM,CAAC,OAAO,WAAW;YAC5D,gBAAgB,CACnB,CAAC;QACF,OAAO;IACT,CAAC;IACD,MAAM,KAAK,GACT,IAAI,CAAC,KAAK;QACV,CAAC,CAAC,GAAW,EAAE,IAAc,EAAE,EAAE;YAC/B,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;IACL,GAAG,CAAC,IAAI,CACN,6BAA6B,IAAI,CAAC,MAAM,CAAC,OAAO,qBAAqB,CACtE,CAAC;IACF,IAAI,CAAC;QACH,KAAK,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;QACtD,GAAG,CAAC,EAAE,CAAC,2BAA2B,CAAC,CAAC;IACtC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,GAAG,CAAC,IAAI,CACN,qBAAqB,IAAI,CAAC,MAAM,CAAC,OAAO,cAAc,GAAG,KAAK;YAC5D,+CAA+C,CAClD,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,IAAiB;IACtC,kCAAkC;IAClC,SAAS,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAErD,MAAM,IAAI,GAAG,QAAQ,CAAiB,WAAW,EAAE,EAAE,CAAC,CAAC;IACvD,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;IAClB,IAAI,CAAC,KAAK,CAAC,UAAU,KAAK,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,CAAC,YAAY,KAAK,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,EAAE,CAAC;IAEvB,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IACxD,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAC5D,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE5C,sEAAsE;IACtE,0EAA0E;IAC1E,qCAAqC;IACrC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC;QACzB,OAAO,EAAE,4BAA4B;QACrC,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,WAAW,CAAC,aAAa,CAAC;gBACnC,aAAa,EAAE,qCAAqC;aACrD;SACF;KACF,CAAC,CAAC;IAEH,qEAAqE;IACrE,iEAAiE;IACjE,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC;QACzB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,WAAW,CAAC,aAAa,CAAC;gBACnC,aAAa,EAAE,oCAAoC;aACpD;SACF;KACF,CAAC,CAAC;IAEH,2EAA2E;IAC3E,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC;QAC3B,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,WAAW,CAAC,eAAe,CAAC;gBACrC,aAAa,EAAE,qCAAqC;aACrD;SACF;KACF,CAAC,CAAC;IAEH,sCAAsC;IACtC,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE;gBACL;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,WAAW,CAAC,gBAAgB,CAAC;oBACtC,aAAa,EAAE,4BAA4B;oBAC3C,OAAO,EAAE,EAAE;iBACZ;aACF;SACF,CAAC,CAAC;IACL,CAAC;IAED,SAAS,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAE7B,MAAM,WAAW,GAAG,sBAAsB,EAAE,CAAC;IAC7C,IAAI,WAAW,EAAE,CAAC;QAChB,GAAG,CAAC,EAAE,CAAC,+BAA+B,iBAAiB,EAAE,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QACN,GAAG,CAAC,IAAI,CAAC,mCAAmC,iBAAiB,EAAE,CAAC,CAAC;IACnE,CAAC;IACD,GAAG,CAAC,EAAE,CAAC,0BAA0B,WAAW,EAAE,CAAC,CAAC;IAChD,qEAAqE;IACrE,mEAAmE;IACnE,mEAAmE;IACnE,oEAAoE;IACpE,GAAG,CAAC,IAAI,CACN,sEAAsE;QACpE,qEAAqE;QACrE,6CAA6C,CAChD,CAAC;IACF,GAAG,CAAC,IAAI,CACN,uFAAuF,CACxF,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,OAAO,CAAC,MAAoB;IAInC,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,IAAI,CAAC;QACH,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,UAAU,GAAG,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,QAAQ,CACrD,sBAAsB,CACvB,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,gCAAgC;IAClC,CAAC;IAED,IAAI,aAAa,GAAG,KAAK,CAAC;IAC1B,IAAI,CAAC;QACH,IAAI,UAAU,CAAC,iBAAiB,CAAC,EAAE,CAAC;YAClC,aAAa,GAAG,IAAI,MAAM,CACxB,qBAAqB,MAAM,CAAC,OAAO,CAAC,OAAO,CACzC,qBAAqB,EACrB,MAAM,CACP,UAAU,EACX,GAAG,CACJ,CAAC,IAAI,CAAC,YAAY,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,aAAa;IACf,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,CAAC;AACvC,CAAC;AAED,MAAM,CAAC,MAAM,YAAY,GAAkB;IACzC,EAAE,EAAE,OAAO;IACX,KAAK,EAAE,cAAc;IACrB,MAAM;IACN,QAAQ;IACR,aAAa;IACb,WAAW;IACX,YAAY;IACZ,OAAO;CACR,CAAC"}

package/dist/clients/cursor-guards-rules.js

@@ -0,0 +1,94 @@
+/**
+ * Guard rule snippets for Cursor (.cursorrules) and Windsurf (.windsurfrules).
+ *
+ * For agents that don't support native PreToolUse hooks with exit-code
+ * semantics (or where hook installation is impractical), we inject a
+ * soft-enforcement snippet into their project rule files. The snippet
+ * instructs the model to call `cybe_guards_check` before sensitive actions
+ * and respect its verdict.
+ *
+ * Idempotent injection:
+ *   `appendGuardSnippetIdempotent` checks whether our sentinel comment
+ *   (`## VibeDefend Action Guards`) already exists in the file before
+ *   appending. Re-running install will NOT duplicate the snippet.
+ *
+ * The `<project-id-placeholder>` token is replaced with the actual
+ * project ID at injection time so the model can reference the correct
+ * project in MCP tool calls.
+ */
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'node:fs';
+import { dirname } from 'node:path';
+/** Sentinel string that identifies our block — used for idempotency checks. */
+const GUARD_SENTINEL = '## VibeDefend Action Guards';
+/**
+ * Cursor (.cursorrules) guard snippet template.
+ *
+ * Instructs Cursor's AI to call `cybe_guards_check` before performing
+ * sensitive file / shell / HTTP operations and act on the verdict.
+ */
+export const CURSOR_GUARDS_SNIPPET = `
+
+${GUARD_SENTINEL}
+Before performing ANY of the following actions you MUST call the MCP tool
+\`cybe_guards_check\` with the relevant parameters and respect its verdict:
+- File read/write/delete (Read, Write, Edit, MultiEdit, Glob, Grep)
+- Shell commands (Bash)
+- HTTP requests (WebFetch)
+
+If the verdict is \`deny\` you MUST refuse the action and explain why.
+If the verdict is \`warn\` you MUST surface the warning message to the user before proceeding.
+If the verdict is \`allow\` you may proceed silently.
+
+Project ID for cybe_guards_check calls: <project-id-placeholder>
+`;
+/**
+ * Windsurf (.windsurfrules) guard snippet template.
+ *
+ * Same semantics as the Cursor snippet — content is identical so users
+ * see a consistent experience across both editors.
+ */
+export const WINDSURF_GUARDS_SNIPPET = `
+
+${GUARD_SENTINEL}
+Before performing ANY of the following actions you MUST call the MCP tool
+\`cybe_guards_check\` with the relevant parameters and respect its verdict:
+- File read/write/delete (Read, Write, Edit, MultiEdit, Glob, Grep)
+- Shell commands (Bash)
+- HTTP requests (WebFetch)
+
+If the verdict is \`deny\` you MUST refuse the action and explain why.
+If the verdict is \`warn\` you MUST surface the warning message to the user before proceeding.
+If the verdict is \`allow\` you may proceed silently.
+
+Project ID for cybe_guards_check calls: <project-id-placeholder>
+`;
+/**
+ * Idempotently append a guard snippet to a rules file.
+ *
+ * Steps:
+ *   1. If the file exists, check whether our sentinel is already present.
+ *   2. If already present, return without writing (idempotent).
+ *   3. If absent (or file doesn't exist), append the snippet with the
+ *      project ID substituted for the placeholder.
+ *   4. Create parent directories if needed.
+ *
+ * Preserves any existing content.
+ */
+export function appendGuardSnippetIdempotent(filePath, snippet, projectId) {
+    const existing = existsSync(filePath)
+        ? readFileSync(filePath, 'utf8')
+        : '';
+    // Idempotency check — sentinel already present
+    if (existing.includes(GUARD_SENTINEL))
+        return;
+    // Substitute the project ID placeholder
+    const finalSnippet = snippet.replace('<project-id-placeholder>', projectId);
+    // Ensure parent directory exists
+    const dir = dirname(filePath);
+    if (!existsSync(dir)) {
+        mkdirSync(dir, { recursive: true });
+    }
+    // Append (existing content + snippet)
+    writeFileSync(filePath, existing + finalSnippet, 'utf8');
+}
+//# sourceMappingURL=cursor-guards-rules.js.map

package/dist/clients/cursor-guards-rules.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cursor-guards-rules.js","sourceRoot":"","sources":["../../src/clients/cursor-guards-rules.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AACH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,+EAA+E;AAC/E,MAAM,cAAc,GAAG,6BAA6B,CAAC;AAErD;;;;;GAKG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG;;EAEnC,cAAc;;;;;;;;;;;;CAYf,CAAC;AAEF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG;;EAErC,cAAc;;;;;;;;;;;;CAYf,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,4BAA4B,CAC1C,QAAgB,EAChB,OAAe,EACf,SAAiB;IAEjB,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,CAAC;QACnC,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC;QAChC,CAAC,CAAC,EAAE,CAAC;IAEP,+CAA+C;IAC/C,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC;QAAE,OAAO;IAE9C,wCAAwC;IACxC,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAClC,0BAA0B,EAC1B,SAAS,CACV,CAAC;IAEF,iCAAiC;IACjC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC9B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtC,CAAC;IAED,sCAAsC;IACtC,aAAa,CAAC,QAAQ,EAAE,QAAQ,GAAG,YAAY,EAAE,MAAM,CAAC,CAAC;AAC3D,CAAC"}

package/dist/clients/cursor.js

@@ -0,0 +1,172 @@
+/**
+ * Cursor adapter.
+ *
+ * Wires our universal hook scripts into `~/.cursor/hooks.json`. Cursor's
+ * hooks format (per https://cursor.com/docs/hooks) uses a top-level
+ * `version` field + a `hooks` object mapping camelCase event names
+ * (`preToolUse`, `sessionStart`, `stop`, `preCompact`) to arrays of
+ * `{ command, matcher?, failClosed? }` objects.
+ *
+ * Cursor supports per-event matchers (unlike VS Code which ignores them);
+ * we set the same `Edit|Write|MultiEdit` matcher on `preToolUse` for
+ * consistency with Claude Code's behaviour.
+ *
+ * Min version: 1.7 (per Cursor's release notes — hooks were added in
+ * the 1.7 stable release). Earlier versions silently ignore `hooks.json`.
+ *
+ * Hook semantics (verified May 2026 against cursor.com/docs/agent/hooks):
+ *   Exit code 2  → hard-blocks the tool call (same as Claude Code/Codex).
+ *   Other non-zero → hook failure, action proceeds (fail-open by default).
+ *   `failClosed: true` can override fail-open for other non-zero codes.
+ *
+ * Because exit code 2 hard-blocks, Cursor's Action Guards enforcement is
+ * equivalent to Claude Code's. The guard-check hook always exits 2 on
+ * `deny`, so Cursor is classified as "Hard enforcement" alongside
+ * Claude Code and Codex.
+ */
+import { existsSync, readFileSync } from 'node:fs';
+import { home, log, readJson, writeJson } from '../utils.js';
+import { hookCommand, VIBEDEFEND_PATH_MARKER, isVibedefendOwnedHookCommand, } from '../hooks/install.js';
+import { configDirExists, probeBinaryVersion, versionAtLeast, } from './detect.js';
+const CURSOR_HOOKS = home('.cursor', 'hooks.json');
+const CURSOR_MCP = home('.cursor', 'mcp.json');
+const MIN_VERSION = '1.7.0';
+function detect() {
+    // Cursor on macOS often isn't on PATH (lives in /Applications/Cursor.app).
+    // Two probes: (a) `cursor --version` if the user added the CLI shim,
+    // (b) presence of `~/.cursor/` config dir as a fallback signal.
+    const version = probeBinaryVersion('cursor') ?? undefined;
+    const hasConfigDir = configDirExists(home('.cursor'));
+    const installed = version !== undefined || hasConfigDir;
+    if (!installed) {
+        return {
+            installed: false,
+            supportsHooks: false,
+            reason: '`cursor` CLI not on PATH and no ~/.cursor/ directory.',
+        };
+    }
+    if (version === undefined) {
+        // Can't probe version (no CLI shim), but the user obviously has Cursor.
+        // Soft-pass with a warning the user can act on.
+        return {
+            installed: true,
+            supportsHooks: true,
+            reason: 'Could not check Cursor version (CLI shim not installed). Hooks need Cursor >= 1.7.',
+        };
+    }
+    if (!versionAtLeast(version, MIN_VERSION)) {
+        return {
+            installed: true,
+            version,
+            supportsHooks: false,
+            reason: `Cursor ${version} is below the minimum ${MIN_VERSION} required for hooks. Update Cursor.`,
+        };
+    }
+    return { installed: true, version, supportsHooks: true };
+}
+function supports(event) {
+    // Cursor exposes all four lifecycle moments per its docs.
+    return ['fetch-rules', 'session-start', 'stop', 'pre-compact'].includes(event);
+}
+/**
+ * Drop any prior entry owned by vibedefend (V0 manual template, V1 bash
+ * hooks, current V2 Node runner). See `isVibedefendOwnedHookCommand` for
+ * the exact match set. Third-party hooks pass through untouched.
+ */
+function dropOurs(entries) {
+    return entries.filter((e) => !isVibedefendOwnedHookCommand(e.command));
+}
+function writeSettings(opts) {
+    const file = readJson(CURSOR_HOOKS, {});
+    file.version ??= '1';
+    file.hooks ??= {};
+    file.hooks.preToolUse ??= [];
+    file.hooks.sessionStart ??= [];
+    file.hooks.stop ??= [];
+    file.hooks.preCompact ??= [];
+    file.hooks.preToolUse = dropOurs(file.hooks.preToolUse);
+    file.hooks.sessionStart = dropOurs(file.hooks.sessionStart);
+    file.hooks.stop = dropOurs(file.hooks.stop);
+    file.hooks.preCompact = dropOurs(file.hooks.preCompact);
+    file.hooks.preToolUse.push({
+        command: hookCommand('fetch-rules'),
+        matcher: 'Edit|Write|MultiEdit',
+        // failClosed: false (default) — if our hook crashes, edit still
+        // proceeds. We never block the user on a transient gateway issue.
+    });
+    // Action Guards: hard-block hook. No matcher so it fires for every tool
+    // call. failClosed intentionally absent (false) — a hook crash never
+    // blocks the user's action, only a deliberate deny verdict does.
+    file.hooks.preToolUse.push({
+        command: hookCommand('guard-check'),
+    });
+    file.hooks.sessionStart.push({ command: hookCommand('session-start') });
+    if (opts.enableSessionReview) {
+        file.hooks.stop.push({ command: hookCommand('session-review') });
+        file.hooks.preCompact.push({ command: hookCommand('pre-compact') });
+    }
+    writeJson(CURSOR_HOOKS, file);
+    log.ok(`Cursor hooks wired into ${CURSOR_HOOKS}`);
+    // NOTE: We do NOT inject a guard snippet into .cursorrules because Cursor's
+    // hooks.preToolUse hard-blocks on exit code 2 (same semantics as Claude Code).
+    // The hook is the enforcement primitive; the LLM should NOT be told to call
+    // cybe_guards_check preemptively — that would dilute the "real interception"
+    // UX. Windsurf still gets a .windsurfrules snippet because its pre_write_code
+    // hook only covers writes.
+}
+/**
+ * Register the CybeDefend MCP server in `~/.cursor/mcp.json`.
+ *
+ * Cursor's MCP config is a separate file from its hooks config
+ * (`hooks.json`). Schema (per cursor.com/docs/mcp):
+ *   { "mcpServers": { "<name>": { "url": "<streamable-http url>" } } }
+ *
+ * Idempotent — re-running install replaces the entry with the current
+ * region's URL (handles the case where the user switches region).
+ */
+function registerMcp(opts) {
+    log.step(`Registering MCP "${opts.region.mcpName}" in Cursor`);
+    log.hint(`URL: ${opts.region.mcpUrl}`);
+    const file = readJson(CURSOR_MCP, {});
+    file.mcpServers ??= {};
+    file.mcpServers[opts.region.mcpName] = { url: opts.region.mcpUrl };
+    writeJson(CURSOR_MCP, file);
+    log.ok(`MCP "${opts.region.mcpName}" registered in ${CURSOR_MCP}`);
+    return true;
+}
+/**
+ * Pure introspection — never throws. `hooksWired` from `~/.cursor/hooks.json`,
+ * `mcpRegistered` from `~/.cursor/mcp.json`. A raw-text substring check is
+ * sufficient and keeps the never-throw guarantee (no JSON parse to fail on).
+ */
+function inspect(region) {
+    let hooksWired = false;
+    try {
+        if (existsSync(CURSOR_HOOKS)) {
+            hooksWired = readFileSync(CURSOR_HOOKS, 'utf8').includes(VIBEDEFEND_PATH_MARKER);
+        }
+    }
+    catch {
+        /* missing/unreadable → false */
+    }
+    let mcpRegistered = false;
+    try {
+        if (existsSync(CURSOR_MCP)) {
+            mcpRegistered = readFileSync(CURSOR_MCP, 'utf8').includes(region.mcpName);
+        }
+    }
+    catch {
+        /* → false */
+    }
+    return { hooksWired, mcpRegistered };
+}
+export const cursorAdapter = {
+    id: 'cursor',
+    label: 'Cursor',
+    detect,
+    supports,
+    writeSettings,
+    registerMcp,
+    inspect,
+};
+//# sourceMappingURL=cursor.js.map