@evomap/evolver 1.84.1 → 1.85.0

package/assets/gep/genes.seed.json

@@ -6,10 +6,12 @@
       "id": "gene_gep_repair_from_errors",
       "category": "repair",
       "signals_match": [
-        "error",
-        "exception",
-        "failed",
-        "unstable"
+        "error|错误|异常|エラー|오류",
+        "exception|异常|例外|예외",
+        "failed|失败|失敗|실패|fail",
+        "unstable|不稳定|不安定|불안정",
+        "log_error",
+        "test_failure"
       ],
       "preconditions": [
         "signals contains error-related indicators"
@@ -39,11 +41,11 @@
       "id": "gene_gep_optimize_prompt_and_assets",
       "category": "optimize",
       "signals_match": [
-        "protocol",
+        "protocol|协议|プロトコル|프로토콜",
         "gep",
-        "prompt",
-        "audit",
-        "reusable"
+        "prompt|提示词|提示|プロンプト|프롬프트",
+        "audit|审计|監査|감사",
+        "reusable|可复用|再利用|재사용"
       ],
       "preconditions": [
         "need stricter, auditable evolution protocol outputs"
@@ -73,12 +75,12 @@
       "id": "gene_gep_innovate_from_opportunity",
       "category": "innovate",
       "signals_match": [
-        "user_feature_request",
-        "user_improvement_suggestion",
-        "perf_bottleneck",
-        "capability_gap",
+        "user_feature_request|功能请求|機能リクエスト|기능요청",
+        "user_improvement_suggestion|改进建议|改善提案|개선제안",
+        "perf_bottleneck|性能瓶颈|パフォーマンス|성능병목",
+        "capability_gap|能力缺口|機能ギャップ|역량공백",
         "stable_success_plateau",
-        "external_opportunity",
+        "external_opportunity|外部机会|外部機会|외부기회",
         "bounty_task"
       ],
       "preconditions": [
@@ -114,8 +116,8 @@
       "signals_match": [
         "high_tool_usage:exec",
         "repeated_tool_usage:exec",
-        "tool_bypass",
-        "tool_loop",
+        "tool_bypass|工具绕过|ツール迂回|도구우회",
+        "tool_loop|工具循环|ツールループ|도구반복",
         "high_tool_usage"
       ],
       "preconditions": [

package/index.js

@@ -187,8 +187,14 @@ function getLastSignals(statePath) {
 }
 
 // Singleton Guard - prevent multiple evolver daemon instances
+function getLockFilePath() {
+  // Allow tests / sandboxed runs to override the pid-file location so they
+  // do not collide with a real daemon's lock at the source-dir default.
+  const dir = process.env.EVOLVER_LOCK_DIR || __dirname;
+  return path.join(dir, 'evolver.pid');
+}
 function acquireLock() {
-  const lockFile = path.join(__dirname, 'evolver.pid');
+  const lockFile = getLockFilePath();
   try {
     try {
       fs.writeFileSync(lockFile, String(process.pid), { flag: 'wx' });
@@ -217,7 +223,7 @@ function acquireLock() {
 }
 
 function releaseLock() {
-  const lockFile = path.join(__dirname, 'evolver.pid');
+  const lockFile = getLockFilePath();
   try {
     if (fs.existsSync(lockFile)) {
        const pid = parseInt(fs.readFileSync(lockFile, 'utf8').trim(), 10);
@@ -280,22 +286,53 @@ async function main() {
           releaseLock();
           process.exit(1);
         });
-        let _unhandledRejectionCount = 0;
+        // Sliding window: only exit if many rejections cluster in a short
+        // period. A daemon running for weeks can accumulate harmless,
+        // unrelated rejections (transient network blips, hub timeouts);
+        // the original cumulative counter would eventually kill the
+        // process for noise. Cluster = real failure cascade.
+        const REJECTION_WINDOW_MS = 5 * 60 * 1000;
+        const REJECTION_THRESHOLD = 5;
+        let _rejectionTimestamps = [];
         process.on('unhandledRejection', (reason) => {
-          _unhandledRejectionCount++;
-          console.error('[FATAL] Unhandled promise rejection (' + _unhandledRejectionCount + '):', reason && reason.stack ? reason.stack : String(reason));
-          if (_unhandledRejectionCount >= 5) {
-            console.error('[FATAL] Too many unhandled rejections (' + _unhandledRejectionCount + '). Exiting to avoid corrupt state.');
+          const now = Date.now();
+          _rejectionTimestamps.push(now);
+          _rejectionTimestamps = _rejectionTimestamps.filter(function (t) {
+            return now - t < REJECTION_WINDOW_MS;
+          });
+          console.error('[FATAL] Unhandled promise rejection (' + _rejectionTimestamps.length + ' in window):', reason && reason.stack ? reason.stack : String(reason));
+          if (_rejectionTimestamps.length >= REJECTION_THRESHOLD) {
+            console.error('[FATAL] ' + _rejectionTimestamps.length + ' unhandled rejections within ' + (REJECTION_WINDOW_MS / 1000) + 's. Exiting to avoid corrupt state.');
             releaseLock();
             process.exit(1);
           }
         });
 
         process.env.EVOLVE_LOOP = 'true';
+        // Issue #96: from v1.85.0, --loop defaults EVOLVE_BRIDGE=true so the
+        // daemon actually evolves the working tree. The previous default of
+        // 'false' caused 33 days of empty cycling on Aurora — every cycle
+        // hit rejectPendingRun(reason=loop_bridge_disabled_autoreject_no_rollback)
+        // and produced no EvolutionEvent. Failed cycles still recover safely
+        // via rollbackTracked (src/gep/gitOps.js#rollbackTracked, mode=stash
+        // by default since v1.81.0): the daemon's changes get pushed to a
+        // stash entry the user can recover with `git stash pop`.
+        // Set EVOLVE_BRIDGE=false explicitly to opt back into observe-only.
         if (!process.env.EVOLVE_BRIDGE) {
-          process.env.EVOLVE_BRIDGE = 'false';
+          process.env.EVOLVE_BRIDGE = 'true';
         }
+        const bridgeEnabled = String(process.env.EVOLVE_BRIDGE).toLowerCase() !== 'false';
         console.log(`Loop mode enabled (internal daemon, bridge=${process.env.EVOLVE_BRIDGE}, verbose=${isVerbose}).`);
+        if (bridgeEnabled) {
+          console.warn('[Daemon] EVOLVE_BRIDGE=true (default since v1.85.0).');
+          console.warn('[Daemon]   evolver may modify your working tree.');
+          console.warn('[Daemon]   Failed cycles auto-stash via "git stash push --include-untracked".');
+          console.warn('[Daemon]   Recover: git stash list | grep evolver-rollback');
+          console.warn('[Daemon]   Set EVOLVE_BRIDGE=false to opt out (observe-only mode).');
+        } else {
+          console.warn('[Daemon] EVOLVE_BRIDGE=false: evolver will NOT modify your working tree (observe-only).');
+          console.warn('[Daemon]   To enable real evolution: unset EVOLVE_BRIDGE or set it to "true".');
+        }
 
         // Startup diagnostic: in daemon mode evolver consumes its own stdout
         // instead of handing `sessions_spawn(...)` directives to a host

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@evomap/evolver",
-  "version": "1.84.1",
+  "version": "1.85.0",
   "description": "A GEP-powered self-evolution engine for AI agents. Features automated log analysis and Genome Evolution Protocol (GEP) for auditable, reusable evolution assets.",
   "main": "index.js",
   "bin": {
@@ -36,8 +36,9 @@
     "node": ">=22.12"
   },
   "dependencies": {
-    "@evomap/gep-sdk": "^1.2.0",
-    "dotenv": "^16.4.7"
+    "@evomap/gep-sdk": "^1.3.0",
+    "dotenv": "^16.4.7",
+    "undici": "^7.0.0"
   },
   "devDependencies": {
     "javascript-obfuscator": "^5.4.1"

package/src/adapters/claudeCode.js

@@ -1,6 +1,6 @@
 const fs = require('fs');
 const path = require('path');
-const { mergeJsonFile, copyHookScripts, appendSectionToFile, removeHookScripts } = require('./hookAdapter');
+const { mergeJsonFile, copyHookScripts, appendSectionToFile, removeHookScripts, removeMarkedSection, assertSafeConfigDir } = require('./hookAdapter');
 
 const HOOK_SCRIPTS_DIR_NAME = 'hooks';
 const EVOLVER_MARKER = '<!-- evolver-evolution-memory -->';
@@ -65,6 +65,7 @@ function install({ configRoot, evolverRoot, force }) {
   const settingsPath = path.join(claudeDir, 'settings.json');
   const hooksDir = path.join(claudeDir, HOOK_SCRIPTS_DIR_NAME);
   const claudeMdPath = path.join(configRoot, 'CLAUDE.md');
+  assertSafeConfigDir(claudeDir, '.claude', { subdirs: [HOOK_SCRIPTS_DIR_NAME] });
 
   if (!force && fs.existsSync(settingsPath)) {
     try {
@@ -104,54 +105,66 @@ function uninstall({ configRoot }) {
   const settingsPath = path.join(claudeDir, 'settings.json');
   const hooksDir = path.join(claudeDir, HOOK_SCRIPTS_DIR_NAME);
   const claudeMdPath = path.join(configRoot, 'CLAUDE.md');
+  assertSafeConfigDir(claudeDir, '.claude', { subdirs: [HOOK_SCRIPTS_DIR_NAME] });
 
   let changed = false;
 
+  // Strip evolver entries from settings.json. Even without the marker we
+  // still try to filter by command — a missing/dropped marker should not
+  // strand obvious evolver-owned entries (#538).
   try {
     if (fs.existsSync(settingsPath)) {
       const data = JSON.parse(fs.readFileSync(settingsPath, 'utf8'));
-      if (data._evolver_managed) {
-        if (data.hooks) {
-          for (const event of Object.keys(data.hooks)) {
-            if (Array.isArray(data.hooks[event])) {
-              data.hooks[event] = data.hooks[event]
-                .map(matcher => {
-                  if (!matcher || !Array.isArray(matcher.hooks)) return matcher;
-                  const filtered = matcher.hooks.filter(h => {
-                    const cmd = (h && h.command) || '';
-                    return !cmd.includes('evolver-session') && !cmd.includes('evolver-signal');
-                  });
-                  return { ...matcher, hooks: filtered };
-                })
-                .filter(matcher => matcher && Array.isArray(matcher.hooks) && matcher.hooks.length > 0);
-              if (data.hooks[event].length === 0) delete data.hooks[event];
-            }
+      let touched = false;
+      if (data.hooks) {
+        for (const event of Object.keys(data.hooks)) {
+          if (Array.isArray(data.hooks[event])) {
+            const beforeLen = data.hooks[event].length;
+            data.hooks[event] = data.hooks[event]
+              .map(matcher => {
+                if (!matcher || !Array.isArray(matcher.hooks)) return matcher;
+                const innerBefore = matcher.hooks.length;
+                const filtered = matcher.hooks.filter(h => {
+                  const cmd = (h && h.command) || '';
+                  return !cmd.includes('evolver-session') && !cmd.includes('evolver-signal');
+                });
+                // A matcher containing both evolver and user hooks shrinks
+                // its inner array without changing the outer matcher count.
+                // Track the inner-array shrink so `touched` reflects it.
+                if (filtered.length !== innerBefore) touched = true;
+                return { ...matcher, hooks: filtered };
+              })
+              .filter(matcher => matcher && Array.isArray(matcher.hooks) && matcher.hooks.length > 0);
+            if (data.hooks[event].length !== beforeLen) touched = true;
+            if (data.hooks[event].length === 0) delete data.hooks[event];
           }
-          if (Object.keys(data.hooks).length === 0) delete data.hooks;
         }
+        if (Object.keys(data.hooks).length === 0) delete data.hooks;
+      }
+      if (data._evolver_managed) {
         delete data._evolver_managed;
+        touched = true;
+      }
+      if (touched) {
         fs.writeFileSync(settingsPath, JSON.stringify(data, null, 2) + '\n', 'utf8');
         changed = true;
       }
     }
-  } catch { /* ignore */ }
+  } catch (e) {
+    console.warn(`[claude-code] Failed to clean ${settingsPath}: ${e.message || e}`);
+  }
 
   const scripts = removeHookScripts(hooksDir);
   if (scripts > 0) changed = true;
-
   try {
-    if (fs.existsSync(claudeMdPath)) {
-      let content = fs.readFileSync(claudeMdPath, 'utf8');
-      if (content.includes(EVOLVER_MARKER)) {
-        const idx = content.indexOf(EVOLVER_MARKER);
-        const nextSection = content.indexOf('\n## ', idx + EVOLVER_MARKER.length);
-        const endIdx = nextSection !== -1 ? nextSection : content.length;
-        content = content.slice(0, idx).trimEnd() + (nextSection !== -1 ? content.slice(endIdx) : '');
-        fs.writeFileSync(claudeMdPath, content.trimEnd() + '\n', 'utf8');
-        changed = true;
-      }
+    if (fs.existsSync(hooksDir) && fs.readdirSync(hooksDir).length === 0) {
+      fs.rmdirSync(hooksDir);
     }
-  } catch { /* ignore */ }
+  } catch { /* best-effort */ }
+
+  if (removeMarkedSection(claudeMdPath, EVOLVER_MARKER)) {
+    changed = true;
+  }
 
   console.log(changed
     ? '[claude-code] Uninstalled evolver hooks.'

package/src/adapters/codex.js

@@ -1,6 +1,6 @@
 const fs = require('fs');
 const path = require('path');
-const { mergeJsonFile, copyHookScripts, appendSectionToFile, removeHookScripts } = require('./hookAdapter');
+const { mergeJsonFile, copyHookScripts, appendSectionToFile, removeHookScripts, removeMarkedSection, assertSafeConfigDir } = require('./hookAdapter');
 
 const HOOK_SCRIPTS_DIR_NAME = 'hooks';
 const EVOLVER_MARKER = '<!-- evolver-evolution-memory -->';
@@ -57,6 +57,34 @@ function ensureConfigToml(codexDir) {
   return true;
 }
 
+// Reverse of `ensureConfigToml`: drop the `codex_hooks = true` line and, if
+// the surrounding `[features]` block becomes empty as a result, drop that
+// header too. Other unrelated entries under `[features]` are preserved.
+// Returns true when the file changed.
+function cleanConfigToml(codexDir) {
+  const tomlPath = path.join(codexDir, 'config.toml');
+  let content;
+  try { content = fs.readFileSync(tomlPath, 'utf8'); } catch { return false; }
+  if (!/codex_hooks\s*=\s*true/i.test(content)) return false;
+
+  // Drop the `codex_hooks = true` line. The greedy `\s*` after `true`
+  // consumes the trailing newline plus any blank lines so the
+  // empty-`[features]` check below cannot be fooled by a stray blank
+  // line into treating the section as empty while user entries still
+  // follow.
+  let next = content.replace(/^\s*codex_hooks\s*=\s*true\s*\n?/im, '');
+  // Drop a now-empty `[features]` block. Two strict patterns avoid
+  // `$` with the /m flag — multiline `$` matches before any `\n`, so
+  // a single `(?=\s*$)` lookahead can succeed mid-file and strand
+  // user entries below the removed header (PR #94 round-3).
+  next = next.replace(/(^|\n)\[features\]\s*\n(?=\s*\[)/, '$1');
+  next = next.replace(/(^|\n)\[features\]\s*$/, '$1');
+  next = next.replace(/\n{3,}/g, '\n\n').trimEnd();
+  if (next.length > 0) next += '\n';
+  fs.writeFileSync(tomlPath, next, 'utf8');
+  return true;
+}
+
 function buildAgentsMdSection() {
   return `${EVOLVER_MARKER}
 ## Evolution Memory (Evolver)
@@ -75,6 +103,7 @@ function install({ configRoot, evolverRoot, force }) {
   const hooksJsonPath = path.join(codexDir, 'hooks.json');
   const hooksDir = path.join(codexDir, HOOK_SCRIPTS_DIR_NAME);
   const agentsMdPath = path.join(configRoot, 'AGENTS.md');
+  assertSafeConfigDir(codexDir, '.codex', { subdirs: [HOOK_SCRIPTS_DIR_NAME] });
 
   if (!force && fs.existsSync(hooksJsonPath)) {
     try {
@@ -119,48 +148,63 @@ function uninstall({ configRoot }) {
   const hooksJsonPath = path.join(codexDir, 'hooks.json');
   const hooksDir = path.join(codexDir, HOOK_SCRIPTS_DIR_NAME);
   const agentsMdPath = path.join(configRoot, 'AGENTS.md');
+  assertSafeConfigDir(codexDir, '.codex', { subdirs: [HOOK_SCRIPTS_DIR_NAME] });
 
   let changed = false;
 
+  // Strip evolver entries from hooks.json. Even when the
+  // `_evolver_managed` marker is missing (older install, hand-edited
+  // file), we still try to filter by command — a missing marker should
+  // not strand obvious evolver-owned entries (#538).
   try {
     if (fs.existsSync(hooksJsonPath)) {
       const data = JSON.parse(fs.readFileSync(hooksJsonPath, 'utf8'));
-      if (data._evolver_managed) {
-        if (data.hooks) {
-          for (const event of Object.keys(data.hooks)) {
-            if (Array.isArray(data.hooks[event])) {
-              data.hooks[event] = data.hooks[event].filter(h => {
-                const cmd = h.command || '';
-                return !cmd.includes('evolver-session') && !cmd.includes('evolver-signal');
-              });
-              if (data.hooks[event].length === 0) delete data.hooks[event];
-            }
+      let touched = false;
+      if (data.hooks) {
+        for (const event of Object.keys(data.hooks)) {
+          if (Array.isArray(data.hooks[event])) {
+            const before = data.hooks[event].length;
+            data.hooks[event] = data.hooks[event].filter(h => {
+              const cmd = (h && h.command) || '';
+              return !cmd.includes('evolver-session') && !cmd.includes('evolver-signal');
+            });
+            if (data.hooks[event].length !== before) touched = true;
+            if (data.hooks[event].length === 0) delete data.hooks[event];
           }
-          if (Object.keys(data.hooks).length === 0) delete data.hooks;
         }
+        if (Object.keys(data.hooks).length === 0) delete data.hooks;
+      }
+      if (data._evolver_managed) {
         delete data._evolver_managed;
+        touched = true;
+      }
+      if (touched) {
         fs.writeFileSync(hooksJsonPath, JSON.stringify(data, null, 2) + '\n', 'utf8');
         changed = true;
       }
     }
-  } catch { /* ignore */ }
+  } catch (e) {
+    console.warn(`[codex] Failed to clean ${hooksJsonPath}: ${e.message || e}`);
+  }
 
   const scripts = removeHookScripts(hooksDir);
   if (scripts > 0) changed = true;
-
+  // If hooks dir is now empty (only evolver scripts lived there), remove it
+  // so a subsequent install starts from a clean slate.
   try {
-    if (fs.existsSync(agentsMdPath)) {
-      let content = fs.readFileSync(agentsMdPath, 'utf8');
-      if (content.includes(EVOLVER_MARKER)) {
-        const idx = content.indexOf(EVOLVER_MARKER);
-        const nextSection = content.indexOf('\n## ', idx + EVOLVER_MARKER.length);
-        const endIdx = nextSection !== -1 ? nextSection : content.length;
-        content = content.slice(0, idx).trimEnd() + (nextSection !== -1 ? content.slice(endIdx) : '');
-        fs.writeFileSync(agentsMdPath, content.trimEnd() + '\n', 'utf8');
-        changed = true;
-      }
+    if (fs.existsSync(hooksDir) && fs.readdirSync(hooksDir).length === 0) {
+      fs.rmdirSync(hooksDir);
     }
-  } catch { /* ignore */ }
+  } catch { /* best-effort */ }
+
+  if (cleanConfigToml(codexDir)) {
+    console.log('[codex] Removed codex_hooks flag from config.toml');
+    changed = true;
+  }
+
+  if (removeMarkedSection(agentsMdPath, EVOLVER_MARKER)) {
+    changed = true;
+  }
 
   console.log(changed
     ? '[codex] Uninstalled evolver hooks.'
@@ -169,4 +213,4 @@ function uninstall({ configRoot }) {
   return { ok: true, removed: changed };
 }
 
-module.exports = { install, uninstall, buildCodexHooksJson, ensureConfigToml };
+module.exports = { install, uninstall, buildCodexHooksJson, ensureConfigToml, cleanConfigToml };

package/src/adapters/cursor.js

@@ -1,6 +1,6 @@
 const fs = require('fs');
 const path = require('path');
-const { mergeJsonFile, copyHookScripts, removeEvolverHooks, removeHookScripts } = require('./hookAdapter');
+const { mergeJsonFile, copyHookScripts, removeEvolverHooks, removeHookScripts, assertSafeConfigDir } = require('./hookAdapter');
 
 const HOOK_SCRIPTS_DIR_NAME = 'hooks';
 
@@ -39,6 +39,7 @@ function install({ configRoot, evolverRoot, force }) {
   const cursorDir = path.join(configRoot, '.cursor');
   const hooksJsonPath = path.join(cursorDir, 'hooks.json');
   const hooksDir = path.join(cursorDir, HOOK_SCRIPTS_DIR_NAME);
+  assertSafeConfigDir(cursorDir, '.cursor', { subdirs: [HOOK_SCRIPTS_DIR_NAME] });
 
   if (!force && fs.existsSync(hooksJsonPath)) {
     try {
@@ -73,6 +74,7 @@ function uninstall({ configRoot, evolverRoot }) {
   const cursorDir = path.join(configRoot, '.cursor');
   const hooksJsonPath = path.join(cursorDir, 'hooks.json');
   const hooksDir = path.join(cursorDir, HOOK_SCRIPTS_DIR_NAME);
+  assertSafeConfigDir(cursorDir, '.cursor', { subdirs: [HOOK_SCRIPTS_DIR_NAME] });
 
   const removed = removeEvolverHooks(hooksJsonPath);
   const scripts = removeHookScripts(hooksDir);

package/src/adapters/hookAdapter.js

@@ -51,7 +51,7 @@ function mergeJsonFile(filePath, patch, { markerKey = '_evolver_managed' } = {})
       if (raw) existing = JSON.parse(raw);
     }
   } catch { /* start fresh */ }
-  const merged = deepMerge(existing, patch);
+  const merged = mergeWithHooksUnion(existing, patch);
   merged[markerKey] = true;
   const tmp = filePath + '.tmp';
   fs.writeFileSync(tmp, JSON.stringify(merged, null, 2) + '\n', 'utf8');
@@ -59,6 +59,48 @@ function mergeJsonFile(filePath, patch, { markerKey = '_evolver_managed' } = {})
   return merged;
 }
 
+// Like deepMerge, but for `hooks.<event>` arrays specifically: instead of
+// replacing the user's existing entries, keep them and append/refresh evolver-
+// owned entries (matched by command containing `evolver-session/-signal`).
+// This preserves user-installed Stop/SessionStart hooks (#539) while still
+// updating evolver hooks across reinstalls.
+function mergeWithHooksUnion(target, source) {
+  const result = deepMerge(target, source);
+  if (
+    target && target.hooks && typeof target.hooks === 'object' &&
+    source && source.hooks && typeof source.hooks === 'object'
+  ) {
+    for (const event of Object.keys(source.hooks)) {
+      const tArr = Array.isArray(target.hooks[event]) ? target.hooks[event] : null;
+      const sArr = Array.isArray(source.hooks[event]) ? source.hooks[event] : null;
+      if (tArr && sArr) {
+        const isEvolverOwned = (entry) => {
+          const cmds = collectCommands(entry);
+          return cmds.some(c => c.includes('evolver-session') || c.includes('evolver-signal'));
+        };
+        const userEntries = tArr.filter(e => !isEvolverOwned(e));
+        result.hooks[event] = [...userEntries, ...sArr];
+      }
+    }
+  }
+  return result;
+}
+
+// Pull all `command` strings out of an event entry, supporting both flat
+// shape (Codex: `{type, command}`) and Claude Code matcher shape
+// (`{matcher, hooks: [{type, command}]}`). Returns [] when neither applies.
+function collectCommands(entry) {
+  if (!entry || typeof entry !== 'object') return [];
+  const out = [];
+  if (typeof entry.command === 'string') out.push(entry.command);
+  if (Array.isArray(entry.hooks)) {
+    for (const h of entry.hooks) {
+      if (h && typeof h.command === 'string') out.push(h.command);
+    }
+  }
+  return out;
+}
+
 function deepMerge(target, source) {
   const result = { ...target };
   for (const key of Object.keys(source)) {
@@ -74,9 +116,49 @@ function deepMerge(target, source) {
   return result;
 }
 
+// Refuse to write/read through a symbolic link at the adapter's
+// platform config dir (`<root>/.codex`, `<root>/.claude`, …) or any
+// nested adapter-owned subdir (`hooks/`, `plugins/`, …). A
+// repository-controlled symlink at any of these paths would let
+// install/uninstall writes land on attacker-chosen files outside the
+// workspace (PR #94 round-4 surfaced the top-level case; round-5
+// surfaced that a hostile repo can keep `.codex` real and only
+// symlink `.codex/hooks`). Missing dirs are fine — install will
+// create them.
+function assertSafeConfigDir(dir, label, { subdirs = [] } = {}) {
+  assertNotSymlink(dir, label || 'config dir');
+  for (const sub of subdirs) {
+    assertNotSymlink(path.join(dir, sub), `${label || 'config dir'}/${sub}`);
+  }
+}
+
+function assertNotSymlink(p, label) {
+  let st;
+  try {
+    st = fs.lstatSync(p);
+  } catch (e) {
+    if (e && e.code === 'ENOENT') return;
+    throw e;
+  }
+  if (st.isSymbolicLink()) {
+    throw new Error(
+      `[setup-hooks] Refusing to operate: ${label} ${p} is a ` +
+      `symbolic link. evolver will not follow symlinks for ` +
+      `adapter-owned dirs — a hostile workspace could redirect ` +
+      `writes/unlinks outside the project root. Replace it with a ` +
+      `real directory and rerun.`
+    );
+  }
+}
+
 function copyHookScripts(destDir, evolverRoot) {
   const scriptsDir = path.join(evolverRoot || __dirname, 'scripts');
+  // _runtimePaths.js is required by the two session-* scripts via
+  // `require('./_runtimePaths')`, which resolves relative to the *destination*
+  // (__dirname after copy). It MUST be copied alongside or both hooks crash
+  // with MODULE_NOT_FOUND at runtime. Caught in PR #94 review.
   const scripts = [
+    '_runtimePaths.js',
     'evolver-session-start.js',
     'evolver-signal-detect.js',
     'evolver-session-end.js',
@@ -90,6 +172,13 @@ function copyHookScripts(destDir, evolverRoot) {
       console.warn(`[setup-hooks] Warning: script not found: ${src}`);
       continue;
     }
+    // PR #94 round-6 HIGH: reject if the destination is a pre-planted
+    // symlink. fs.copyFileSync follows symlinks at the destination, so
+    // a hostile repo that pre-creates `.codex/hooks/evolver-session-end.js`
+    // pointing at e.g. `~/.bashrc` would have its target overwritten with
+    // evolver script content. Round-5 closed the directory hole; this
+    // closes the per-file hole.
+    assertNotSymlink(dest, `hook destination ${name}`);
     fs.copyFileSync(src, dest);
     try { fs.chmodSync(dest, 0o755); } catch { /* windows */ }
     copied.push(dest);
@@ -147,6 +236,7 @@ function removeEvolverHooks(filePath, { markerKey = '_evolver_managed' } = {}) {
 
 function removeHookScripts(hooksDir) {
   const scripts = [
+    '_runtimePaths.js',
     'evolver-session-start.js',
     'evolver-signal-detect.js',
     'evolver-session-end.js',
@@ -156,11 +246,56 @@ function removeHookScripts(hooksDir) {
     const p = path.join(hooksDir, name);
     try {
       if (fs.existsSync(p)) { fs.unlinkSync(p); removed++; }
-    } catch { /* ignore */ }
+    } catch (e) {
+      // Surface unlink failures so users can see why a "successful"
+      // uninstall left files behind (Windows file-locking, perms, …).
+      console.warn(`[setup-hooks] Failed to remove ${p}: ${e.message || e}`);
+    }
   }
   return removed;
 }
 
+// Remove a marker-bracketed section from a markdown file. Used by adapter
+// uninstall to clean up CLAUDE.md / AGENTS.md without nuking surrounding
+// user content.
+//
+// The previous inline implementations (codex/claude/kiro/opencode) searched
+// for the *next* `\n## ` after the marker, which matched evolver's own
+// `## Evolution Memory` heading and left the entire injected section in
+// place (#538). This helper skips any `## ` heading on the same line as the
+// marker, then looks for the next H2 to know where the user's content
+// resumes.
+function removeMarkedSection(filePath, marker) {
+  try {
+    if (!fs.existsSync(filePath)) return false;
+    const raw = fs.readFileSync(filePath, 'utf8');
+    const idx = raw.indexOf(marker);
+    if (idx === -1) return false;
+
+    // Skip past the marker line (and any heading on the same line).
+    let scanFrom = idx + marker.length;
+    const eol = raw.indexOf('\n', scanFrom);
+    if (eol !== -1) scanFrom = eol + 1;
+
+    // Skip past evolver's own `## ...` heading line if present.
+    if (raw.startsWith('## ', scanFrom)) {
+      const eol2 = raw.indexOf('\n', scanFrom);
+      scanFrom = eol2 !== -1 ? eol2 + 1 : raw.length;
+    }
+
+    const nextSection = raw.indexOf('\n## ', scanFrom);
+    const endIdx = nextSection !== -1 ? nextSection : raw.length;
+    const before = raw.slice(0, idx).trimEnd();
+    const after = nextSection !== -1 ? raw.slice(endIdx) : '';
+    const next = (before ? before + (after.startsWith('\n') ? '' : '\n') : '') + after;
+    fs.writeFileSync(filePath, next.trimEnd() + '\n', 'utf8');
+    return true;
+  } catch (e) {
+    console.warn(`[setup-hooks] Failed to clean section in ${filePath}: ${e.message || e}`);
+    return false;
+  }
+}
+
 async function setupHooks({ platform, cwd, force, uninstall, evolverRoot } = {}) {
   const effectiveCwd = cwd || process.cwd();
   const effectiveEvolverRoot = evolverRoot || path.resolve(__dirname, '..');
@@ -200,10 +335,15 @@ module.exports = {
   loadAdapter,
   mergeJsonFile,
   deepMerge,
+  mergeWithHooksUnion,
+  collectCommands,
   copyHookScripts,
   appendSectionToFile,
+  assertSafeConfigDir,
+  assertNotSymlink,
   removeEvolverHooks,
   removeHookScripts,
+  removeMarkedSection,
   setupHooks,
   PLATFORMS,
 };