@haus-tech/haus-workflow 0.22.0 → 0.23.0

package/dist/cli.js

@@ -2,13 +2,13 @@
 
 // src/cli.ts
 import { readFileSync as readFileSync4 } from "fs";
-import path35 from "path";
+import path36 from "path";
 import { Command } from "commander";
 
 // src/commands/apply.ts
-import path13 from "path";
+import path14 from "path";
 import checkbox from "@inquirer/checkbox";
-import fs12 from "fs-extra";
+import fs13 from "fs-extra";
 
 // src/catalog/remote-catalog.ts
 import os from "os";
@@ -86,6 +86,8 @@ var error = (msg, ...args) => {
 
 // src/catalog/constants.ts
 var CATALOG_REPO_URL = "https://raw.githubusercontent.com/wearehaustech/haus-workflow-catalog";
+var CATALOG_GITHUB_API_URL = "https://api.github.com/repos/WeAreHausTech/haus-workflow-catalog";
+var SUPERPOWERS_SHARED_CATALOG_REL = "skills/superpowers/shared";
 var CATALOG_REF = process.env.HAUS_CATALOG_REF;
 var CATALOG_CACHE_SUBDIR = ".claude/haus/catalog-cache";
 
@@ -108,9 +110,7 @@ var validation_rules_default = {
     "defi",
     "trading"
   ],
-  bannedAgentPhrases: ["autonomous", "swarm", "delegate", "orchestrat", "marketplace"],
   requiredSkillFrontmatter: ["description"],
-  requiredAgentSections: ["## Use when", "## Do not use when", "## Verification"],
   riskyInstallPatterns: [
     { source: "\\bnpx\\s+-y\\b", flags: "i" },
     { source: "\\bnpx\\s+--yes\\b", flags: "i" },
@@ -176,10 +176,7 @@ var validation_rules_default = {
     "oidc",
     "azure-ad",
     "bankid",
-    "myid",
-    "cgi",
     "crypto",
-    "collection2",
     "postgresql",
     "mariadb",
     "mssql",
@@ -190,7 +187,6 @@ var validation_rules_default = {
     "testing-library",
     "phpunit",
     "storybook",
-    "wisest",
     "vitest",
     "jest",
     "redis",
@@ -219,7 +215,6 @@ var validation_rules_default = {
     "missing-eslint",
     "docker",
     "pm2",
-    "deployer-php",
     "stripe",
     "qliro",
     "supabase",
@@ -240,9 +235,7 @@ var validation_rules_default = {
 // src/catalog/validation-rules.ts
 var toRegExp = (r) => new RegExp(r.source, r.flags);
 var FORBIDDEN_TAGS = validation_rules_default.forbiddenTags;
-var BANNED_AGENT_PHRASES = validation_rules_default.bannedAgentPhrases;
 var REQUIRED_SKILL_FRONTMATTER = validation_rules_default.requiredSkillFrontmatter;
-var REQUIRED_AGENT_SECTIONS = validation_rules_default.requiredAgentSections;
 var RISKY_INSTALL_PATTERNS = validation_rules_default.riskyInstallPatterns.map(toRegExp);
 var ALLOWED_NPX_PATTERN = toRegExp(validation_rules_default.allowedNpxPattern);
 var ANY_NPX_PATTERN = toRegExp(validation_rules_default.anyNpxPattern);
@@ -334,12 +327,6 @@ function validateCatalogItem(item, content2) {
       return { ok: false, reason: `${label}: disallowed npx at line ${i + 1}` };
     }
   }
-  const lower = content2.toLowerCase();
-  for (const phrase of BANNED_AGENT_PHRASES) {
-    if (lower.includes(phrase)) {
-      return { ok: false, reason: `${label}: banned phrase "${phrase}"` };
-    }
-  }
   const tagFailures = auditForbiddenTagsInText(content2, label);
   if (tagFailures.length > 0) {
     return { ok: false, reason: tagFailures[0] };
@@ -420,6 +407,7 @@ function getCacheDir() {
   return process.env["HAUS_CATALOG_CACHE_DIR_OVERRIDE"] ?? path2.join(os.homedir(), CATALOG_CACHE_SUBDIR);
 }
 var cachedCatalogRef;
+var cachedBlobPaths;
 function getResolvedCatalogRef() {
   return cachedCatalogRef ?? process.env["HAUS_CATALOG_REF"] ?? "main";
 }
@@ -451,6 +439,15 @@ async function fetchText(url) {
     return null;
   }
 }
+async function fetchBytes(url) {
+  try {
+    const res = await fetch(url, { signal: AbortSignal.timeout(1e4) });
+    if (!res.ok) return null;
+    return Buffer.from(await res.arrayBuffer());
+  } catch {
+    return null;
+  }
+}
 async function fetchRemoteManifest() {
   const base = await remoteBase();
   const text = await fetchText(`${base}/manifest.json`);
@@ -495,29 +492,246 @@ function isSafeCatalogPath(itemPath) {
   const normalized = path2.normalize(itemPath);
   return !normalized.startsWith("..") && !normalized.includes("/..");
 }
+function isSafeRelativeFilePath(rel) {
+  if (!rel || rel.startsWith("/") || rel.includes("\\") || rel.includes("//")) return false;
+  if (path2.isAbsolute(rel)) return false;
+  const normalized = path2.posix.normalize(rel.replace(/\\/g, "/"));
+  return normalized !== ".." && !normalized.startsWith("../") && !normalized.includes("/../");
+}
+function githubApiHeaders() {
+  const headers = { Accept: "application/vnd.github+json" };
+  const auth = process.env["HAUS_GITHUB_TOKEN"] ?? process.env["GITHUB_TOKEN"];
+  if (auth) headers["Authorization"] = `Bearer ${auth}`;
+  return headers;
+}
+function sanitizeRelativeFilePaths(files, label) {
+  const safe = [];
+  for (const rel of files) {
+    if (!isSafeRelativeFilePath(rel)) {
+      warn(`Rejected unsafe path in ${label}: ${rel}`);
+      return null;
+    }
+    safe.push(rel);
+  }
+  return safe;
+}
 function safeJoin(base, itemPath) {
   if (!isSafeCatalogPath(itemPath)) return null;
   const resolved = path2.resolve(base, itemPath);
   return resolved.startsWith(base + path2.sep) || resolved === base ? resolved : null;
 }
 var KNOWN_ITEM_TYPES = /* @__PURE__ */ new Set(["skill", "agent", "template", "command"]);
-function isExternalReference(ref) {
-  return /^[a-z][a-z0-9+.-]*:\/\//i.test(ref);
-}
-async function downloadSkillReferences(item, destDir, base) {
-  for (const ref of item.references ?? []) {
-    if (isExternalReference(ref)) continue;
-    const refDest = safeJoin(destDir, ref);
-    if (!refDest) {
-      warn(`Skipping reference "${ref}" for ${item.id}: path traversal detected`);
-      continue;
+function isMarkdownPath(rel) {
+  return rel.toLowerCase().endsWith(".md");
+}
+async function listFilesRecursive(dir, base = dir) {
+  const out = [];
+  if (!await fs2.pathExists(dir)) return out;
+  for (const entry of await fs2.readdir(dir, { withFileTypes: true })) {
+    const full = path2.join(dir, entry.name);
+    if (entry.isDirectory()) {
+      out.push(...await listFilesRecursive(full, base));
+    } else if (entry.isFile()) {
+      out.push(path2.relative(base, full).replace(/\\/g, "/"));
     }
-    const text = await fetchText(`${base}/${item.path}/${ref}`);
-    if (text === null) {
-      warn(`Failed to fetch reference "${ref}" for ${item.id}`);
-      continue;
+  }
+  return out.sort();
+}
+async function listMockPrefixFiles(base, prefix) {
+  const text = await fetchText(`${base}/__haus_tree__/${encodeURIComponent(prefix)}`);
+  if (text === null) return null;
+  try {
+    const parsed = JSON.parse(text);
+    if (!Array.isArray(parsed) || !parsed.every((e) => typeof e === "string")) return null;
+    return parsed;
+  } catch {
+    return null;
+  }
+}
+async function fetchGitHubRecursiveBlobPaths(ref) {
+  try {
+    const headers = githubApiHeaders();
+    const commitRes = await fetch(`${CATALOG_GITHUB_API_URL}/commits/${encodeURIComponent(ref)}`, {
+      signal: AbortSignal.timeout(15e3),
+      headers
+    });
+    if (!commitRes.ok) return null;
+    const commit = await commitRes.json();
+    const treeSha = commit.commit.tree.sha;
+    const treeRes = await fetch(`${CATALOG_GITHUB_API_URL}/git/trees/${treeSha}?recursive=1`, {
+      signal: AbortSignal.timeout(3e4),
+      headers
+    });
+    if (!treeRes.ok) return null;
+    const tree = await treeRes.json();
+    if (tree.truncated) {
+      warn("Catalog GitHub tree listing was truncated \u2014 refusing partial cache sync");
+      return null;
+    }
+    return tree.tree.filter((e) => e.type === "blob").map((e) => e.path);
+  } catch {
+    return null;
+  }
+}
+async function fetchCatalogBlobPaths(_base) {
+  if (cachedBlobPaths) return cachedBlobPaths;
+  if (process.env["HAUS_CATALOG_REMOTE_BASE"]) return null;
+  const ref = getResolvedCatalogRef();
+  const paths = await fetchGitHubRecursiveBlobPaths(ref);
+  if (paths) cachedBlobPaths = paths;
+  return paths;
+}
+async function listFilesUnderCatalogPrefix(prefix, base) {
+  const normalized = prefix.replace(/\\/g, "/").replace(/\/+$/, "");
+  const prefixSlash = `${normalized}/`;
+  let relFiles;
+  if (process.env["HAUS_CATALOG_REMOTE_BASE"]) {
+    relFiles = await listMockPrefixFiles(base, normalized);
+  } else {
+    const blobs = await fetchCatalogBlobPaths(base);
+    if (!blobs) return null;
+    relFiles = blobs.filter((p) => p.startsWith(prefixSlash)).map((p) => p.slice(prefixSlash.length)).sort();
+  }
+  if (!relFiles) return null;
+  return sanitizeRelativeFilePaths(relFiles, normalized);
+}
+async function fetchPrefixFiles(catalogPrefix, relFiles, base, label) {
+  const fetched = [];
+  for (const rel of relFiles) {
+    const url = `${base}/${catalogPrefix}/${rel}`;
+    if (isMarkdownPath(rel)) {
+      const text = await fetchText(url);
+      if (text === null) {
+        warn(`Failed to fetch ${rel} for ${label}`);
+        return null;
+      }
+      fetched.push({ rel, kind: "text", body: text });
+    } else {
+      const bytes = await fetchBytes(url);
+      if (bytes === null) {
+        warn(`Failed to fetch ${rel} for ${label}`);
+        return null;
+      }
+      fetched.push({ rel, kind: "binary", body: bytes });
+    }
+  }
+  return fetched;
+}
+function validateMarkdownFiles(item, fetched) {
+  for (const file of fetched) {
+    if (file.kind !== "text" || !isMarkdownPath(file.rel)) continue;
+    const verdict = validateCatalogItem(item, file.body);
+    if (!verdict.ok) {
+      warn(`Rejected ${item.id} at ingest: ${verdict.reason}`);
+      return false;
+    }
+  }
+  return true;
+}
+async function directoryMatchesFetched(destDir, fetched) {
+  if (!await fs2.pathExists(destDir)) return false;
+  const existing = await listFilesRecursive(destDir);
+  const relSet = new Set(fetched.map((f) => f.rel));
+  if (existing.length !== fetched.length) return false;
+  for (const rel of existing) {
+    if (!relSet.has(rel)) return false;
+  }
+  for (const file of fetched) {
+    const dest = path2.join(destDir, file.rel);
+    if (!await fs2.pathExists(dest)) return false;
+    if (file.kind === "text") {
+      const local = await fs2.readFile(dest, "utf8");
+      if (local !== file.body) return false;
+    } else {
+      const local = await fs2.readFile(dest);
+      if (!local.equals(file.body)) return false;
+    }
+  }
+  return true;
+}
+async function writeFetchedDirectory(destDir, fetched) {
+  if (await fs2.pathExists(destDir)) {
+    await fs2.remove(destDir);
+  }
+  await fs2.ensureDir(destDir);
+  for (const file of fetched) {
+    const dest = path2.join(destDir, file.rel);
+    await fs2.ensureDir(path2.dirname(dest));
+    if (file.kind === "text") {
+      await fs2.writeFile(dest, file.body, "utf8");
+    } else {
+      await fs2.writeFile(dest, file.body);
+    }
+  }
+}
+async function syncDirectoryFromPrefix(item, catalogPrefix, destDir, base, opts) {
+  const relFiles = await listFilesUnderCatalogPrefix(catalogPrefix, base);
+  if (!relFiles) {
+    warn(`Failed to list files for ${item.id}`);
+    return "failed";
+  }
+  if (!relFiles.includes("SKILL.md") && catalogPrefix !== SUPERPOWERS_SHARED_CATALOG_REL) {
+    warn(`Failed to fetch content for ${item.id}: missing SKILL.md`);
+    return "failed";
+  }
+  if (relFiles.length === 0) {
+    return "unchanged";
+  }
+  const fetched = await fetchPrefixFiles(catalogPrefix, relFiles, base, item.id);
+  if (!fetched) return "failed";
+  if (opts.validateMarkdown && "type" in item) {
+    if (!validateMarkdownFiles(item, fetched)) return "failed";
+  } else if (opts.validateMarkdown) {
+    for (const file of fetched) {
+      if (file.kind !== "text" || !isMarkdownPath(file.rel)) continue;
+      const verdict = validateCatalogItem(
+        { id: item.id, type: "skill", path: catalogPrefix },
+        file.body
+      );
+      if (!verdict.ok) {
+        warn(`Rejected ${item.id} at ingest: ${verdict.reason}`);
+        return "failed";
+      }
     }
-    await writeTextIfChanged(refDest, text);
+  }
+  const existed = await fs2.pathExists(destDir);
+  if (await directoryMatchesFetched(destDir, fetched)) {
+    return "unchanged";
+  }
+  await writeFetchedDirectory(destDir, fetched);
+  return existed ? "updated" : "created";
+}
+async function syncSkillDirectory(item, base) {
+  const destDir = safeJoin(getCacheDir(), item.path);
+  if (!destDir) {
+    warn(`Skipping ${item.id}: path traversal detected`);
+    return "failed";
+  }
+  try {
+    return await syncDirectoryFromPrefix(item, item.path, destDir, base, {
+      validateMarkdown: true
+    });
+  } catch (err) {
+    warn(`Failed to cache ${item.id}: ${err instanceof Error ? err.message : String(err)}`);
+    return "failed";
+  }
+}
+async function syncSuperpowersShared(base) {
+  const relFiles = await listFilesUnderCatalogPrefix(SUPERPOWERS_SHARED_CATALOG_REL, base);
+  if (!relFiles || relFiles.length === 0) return "skipped";
+  const destDir = safeJoin(getCacheDir(), SUPERPOWERS_SHARED_CATALOG_REL);
+  if (!destDir) return "failed";
+  try {
+    return await syncDirectoryFromPrefix(
+      { id: "haus.superpowers-shared", path: SUPERPOWERS_SHARED_CATALOG_REL },
+      SUPERPOWERS_SHARED_CATALOG_REL,
+      destDir,
+      base,
+      { validateMarkdown: true }
+    );
+  } catch (err) {
+    warn(`Failed to cache superpowers shared: ${err instanceof Error ? err.message : String(err)}`);
+    return "failed";
   }
 }
 async function syncOneItem(item, base) {
@@ -533,30 +747,7 @@ async function syncOneItem(item, base) {
     return "failed";
   }
   if (item.type === "skill") {
-    const destDir = safeJoin(getCacheDir(), item.path);
-    if (!destDir) {
-      warn(`Skipping ${item.id}: path traversal detected`);
-      return "failed";
-    }
-    const dest2 = path2.join(destDir, "SKILL.md");
-    const text2 = await fetchText(`${base}/${item.path}/SKILL.md`);
-    if (!text2) {
-      warn(`Failed to fetch content for ${item.id}`);
-      return "failed";
-    }
-    const verdict2 = validateCatalogItem(item, text2);
-    if (!verdict2.ok) {
-      warn(`Rejected ${item.id} at ingest: ${verdict2.reason}`);
-      return "failed";
-    }
-    try {
-      const outcome = await writeTextIfChanged(dest2, text2);
-      await downloadSkillReferences(item, destDir, base);
-      return outcome;
-    } catch (err) {
-      warn(`Failed to cache ${item.id}: ${err instanceof Error ? err.message : String(err)}`);
-      return "failed";
-    }
+    return syncSkillDirectory(item, base);
   }
   const dest = safeJoin(getCacheDir(), item.path);
   if (!dest) {
@@ -581,6 +772,7 @@ async function syncOneItem(item, base) {
   }
 }
 async function syncRemoteCatalog() {
+  cachedBlobPaths = void 0;
   const manifest = await fetchRemoteManifest();
   if (!manifest) {
     warn("Remote catalog fetch failed \u2014 using bundled catalog");
@@ -608,6 +800,10 @@ async function syncRemoteCatalog() {
   const failed = [];
   const base = await remoteBase();
   const outcomes = await mapWithConcurrency(items, (item) => syncOneItem(item, base), 8);
+  const sharedOutcome = await syncSuperpowersShared(base);
+  if (sharedOutcome === "failed") {
+    warn("Failed to cache superpowers shared support files");
+  }
   for (let i = 0; i < items.length; i++) {
     const item = items[i];
     const outcome = outcomes[i];
@@ -624,7 +820,7 @@ async function fetchLatestCatalogTag() {
   try {
     const res = await fetch(CATALOG_TAGS_API_URL, {
       signal: AbortSignal.timeout(5e3),
-      headers: { Accept: "application/vnd.github+json" }
+      headers: githubApiHeaders()
     });
     if (!res.ok) return null;
     const tags = await res.json();
@@ -733,9 +929,10 @@ function mergeHooks(settings, fragments) {
   updated._haus = {
     hooks: [...existing, ...addedIds],
     hookCommands: [...existingCommands, ...addedCommands],
-    // Preserve deny/allow tracking so hook, deny, and allow merges are order-independent.
+    // Preserve deny/allow/ask tracking so hook, deny, allow, and ask merges are order-independent.
     ...settings._haus?.denyRules ? { denyRules: settings._haus.denyRules } : {},
-    ...settings._haus?.allowRules ? { allowRules: settings._haus.allowRules } : {}
+    ...settings._haus?.allowRules ? { allowRules: settings._haus.allowRules } : {},
+    ...settings._haus?.askRules ? { askRules: settings._haus.askRules } : {}
   };
   return { settings: updated, addedIds };
 }
@@ -758,7 +955,8 @@ function mergeDenyRules(settings, rules) {
     hooks: settings._haus?.hooks ?? [],
     ...settings._haus?.hookCommands ? { hookCommands: settings._haus.hookCommands } : {},
     denyRules: [...trackedDeny, ...addedRules],
-    ...settings._haus?.allowRules ? { allowRules: settings._haus.allowRules } : {}
+    ...settings._haus?.allowRules ? { allowRules: settings._haus.allowRules } : {},
+    ...settings._haus?.askRules ? { askRules: settings._haus.askRules } : {}
   };
   return { settings: updated, addedRules };
 }
@@ -781,7 +979,8 @@ function mergeAllowRules(settings, rules) {
     hooks: settings._haus?.hooks ?? [],
     ...settings._haus?.hookCommands ? { hookCommands: settings._haus.hookCommands } : {},
     ...settings._haus?.denyRules ? { denyRules: settings._haus.denyRules } : {},
-    allowRules: [...trackedAllow, ...addedRules]
+    allowRules: [...trackedAllow, ...addedRules],
+    ...settings._haus?.askRules ? { askRules: settings._haus.askRules } : {}
   };
   return { settings: updated, addedRules };
 }
@@ -798,7 +997,7 @@ function stripHausAllow(settings) {
   else delete updated.permissions;
   const haus = { ...prevHaus };
   delete haus.allowRules;
-  const stillTracking = (haus.hooks?.length ?? 0) > 0 || (haus.hookCommands?.length ?? 0) > 0 || (haus.denyRules?.length ?? 0) > 0;
+  const stillTracking = (haus.hooks?.length ?? 0) > 0 || (haus.hookCommands?.length ?? 0) > 0 || (haus.denyRules?.length ?? 0) > 0 || (haus.askRules?.length ?? 0) > 0;
   if (stillTracking) updated._haus = haus;
   else delete updated._haus;
   return updated;
@@ -816,7 +1015,7 @@ function stripHausDeny(settings) {
   else delete updated.permissions;
   const haus = { ...prevHaus };
   delete haus.denyRules;
-  const stillTracking = (haus.hooks?.length ?? 0) > 0 || (haus.hookCommands?.length ?? 0) > 0 || (haus.allowRules?.length ?? 0) > 0;
+  const stillTracking = (haus.hooks?.length ?? 0) > 0 || (haus.hookCommands?.length ?? 0) > 0 || (haus.allowRules?.length ?? 0) > 0 || (haus.askRules?.length ?? 0) > 0;
   if (stillTracking) updated._haus = haus;
   else delete updated._haus;
   return updated;
@@ -838,6 +1037,48 @@ function stripHausHooks(settings) {
   void _;
   return rest;
 }
+function mergeAskRules(settings, rules) {
+  const existingAsk = settings.permissions?.ask ?? [];
+  const seen = new Set(existingAsk);
+  const trackedAsk = settings._haus?.askRules ?? [];
+  const addedRules = [];
+  for (const rule of rules) {
+    if (seen.has(rule)) continue;
+    seen.add(rule);
+    addedRules.push(rule);
+  }
+  const updated = { ...settings };
+  updated.permissions = {
+    ...settings.permissions ?? {},
+    ask: [...existingAsk, ...addedRules]
+  };
+  updated._haus = {
+    hooks: settings._haus?.hooks ?? [],
+    ...settings._haus?.hookCommands ? { hookCommands: settings._haus.hookCommands } : {},
+    ...settings._haus?.denyRules ? { denyRules: settings._haus.denyRules } : {},
+    ...settings._haus?.allowRules ? { allowRules: settings._haus.allowRules } : {},
+    askRules: [...trackedAsk, ...addedRules]
+  };
+  return { settings: updated, addedRules };
+}
+function stripHausAsk(settings) {
+  const prevHaus = settings._haus;
+  if (!prevHaus?.askRules || prevHaus.askRules.length === 0) return settings;
+  const ownedSet = new Set(prevHaus.askRules);
+  const updated = { ...settings };
+  const remainingAsk = (settings.permissions?.ask ?? []).filter((rule) => !ownedSet.has(rule));
+  const permissions = { ...settings.permissions ?? {} };
+  if (remainingAsk.length > 0) permissions.ask = remainingAsk;
+  else delete permissions.ask;
+  if (Object.keys(permissions).length > 0) updated.permissions = permissions;
+  else delete updated.permissions;
+  const haus = { ...prevHaus };
+  delete haus.askRules;
+  const stillTracking = (haus.hooks?.length ?? 0) > 0 || (haus.hookCommands?.length ?? 0) > 0 || (haus.denyRules?.length ?? 0) > 0 || (haus.allowRules?.length ?? 0) > 0;
+  if (stillTracking) updated._haus = haus;
+  else delete updated._haus;
+  return updated;
+}
 async function loadHooksFragment(fragmentPath) {
   let raw;
   try {
@@ -850,44 +1091,48 @@ async function loadHooksFragment(fragmentPath) {
 }
 
 // src/security/dangerous-commands.ts
-var DANGEROUS_COMMANDS = [
-  "rm -rf",
+var DENY_COMMANDS = [
   "sudo",
   "chmod -R 777",
-  "chown -R",
   "git push --force",
-  "git reset --hard",
-  "docker system prune",
   "drop database",
   "truncate table",
-  "php artisan migrate --force",
   "npm publish",
   "yarn npm publish",
   "pnpm publish"
 ];
+var ASK_COMMANDS = [
+  "rm -rf",
+  "chown -R",
+  "git reset --hard",
+  "docker system prune",
+  "php artisan migrate --force"
+];
 
 // src/security/sensitive-paths.ts
-var SENSITIVE_PATHS = [
-  ".env",
-  ".env.*",
+var DENY_PATHS = [
   "*.pem",
   "*.key",
   "*.p12",
   "*.pfx",
   "id_rsa",
   "id_ed25519",
-  "*.sql",
-  "*.dump",
-  "*.backup",
-  "*.bak",
-  "storage/logs",
-  "wp-content/uploads",
-  "uploads",
   "customer-data",
-  "exports",
   "secrets",
   "certs"
 ];
+var DENY_DIRS = /* @__PURE__ */ new Set(["customer-data", "secrets", "certs"]);
+var ASK_PATHS = [
+  { pattern: ".env", tools: ["Edit", "Write"] },
+  { pattern: ".env.*", tools: ["Edit", "Write"] },
+  { pattern: "storage/logs/**", tools: ["Edit", "Write"] },
+  { pattern: "exports/**", tools: ["Edit", "Write"] },
+  { pattern: "*.dump", tools: ["Read", "Edit", "Write"] },
+  { pattern: "*.backup", tools: ["Read", "Edit", "Write"] },
+  { pattern: "*.bak", tools: ["Read", "Edit", "Write"] },
+  { pattern: "wp-content/uploads/**", tools: ["Read", "Edit", "Write"] },
+  { pattern: "uploads/**", tools: ["Read", "Edit", "Write"] }
+];
 var SENSITIVE_PATH_REGEXES = [
   /^\.env(\.|$)/,
   /(^|\/)\.env(\.|$)/,
@@ -915,24 +1160,29 @@ var SENSITIVE_ITEM_KEYWORDS = [
   ".key"
 ];
 
+// src/security/ask-rules.ts
+function buildAskRules() {
+  const rules = [];
+  for (const command of ASK_COMMANDS) {
+    rules.push(`Bash(${command}:*)`);
+  }
+  for (const { pattern, tools } of ASK_PATHS) {
+    for (const tool of tools) {
+      rules.push(`${tool}(${pattern})`);
+    }
+  }
+  return [...new Set(rules)];
+}
+
 // src/security/deny-rules.ts
-var SENSITIVE_DIRS = /* @__PURE__ */ new Set([
-  "storage/logs",
-  "wp-content/uploads",
-  "uploads",
-  "customer-data",
-  "exports",
-  "secrets",
-  "certs"
-]);
 var FILE_TOOLS = ["Read", "Edit", "Write"];
 function buildDenyRules() {
   const rules = [];
-  for (const command of DANGEROUS_COMMANDS) {
+  for (const command of DENY_COMMANDS) {
     rules.push(`Bash(${command}:*)`);
   }
-  for (const path36 of SENSITIVE_PATHS) {
-    const pattern = SENSITIVE_DIRS.has(path36) ? `${path36}/**` : path36;
+  for (const path37 of DENY_PATHS) {
+    const pattern = DENY_DIRS.has(path37) ? `${path37}/**` : path37;
     for (const tool of FILE_TOOLS) {
       rules.push(`${tool}(${pattern})`);
     }
@@ -1020,7 +1270,8 @@ async function mergeProjectSettings(root) {
   const base = await readProjectSettings(root);
   const { settings: withHooks } = mergeHooks(base, PROJECT_HOOK_FRAGMENTS);
   const { settings: withDeny } = mergeDenyRules(withHooks, buildDenyRules());
-  const { settings: merged } = mergeAllowRules(withDeny, buildAllowRules());
+  const { settings: withAllow } = mergeAllowRules(withDeny, buildAllowRules());
+  const { settings: merged } = mergeAskRules(withAllow, buildAskRules());
   return merged;
 }
 async function applyProjectSettingsMerge(root) {
@@ -1030,8 +1281,8 @@ async function applyProjectSettingsMerge(root) {
 }
 
 // src/claude/write-claude-files.ts
-import path12 from "path";
-import fs11 from "fs-extra";
+import path13 from "path";
+import fs12 from "fs-extra";
 
 // src/catalog/load-catalog.ts
 import path6 from "path";
@@ -1198,8 +1449,59 @@ async function writeManagedJson(root, filePath, value, dryRun) {
   await writeManagedText(root, filePath, nextText, dryRun);
 }
 
-// src/claude/verify-hooks-contract.ts
+// src/claude/superpowers-install.ts
+import path9 from "path";
+import fg3 from "fast-glob";
 import fs6 from "fs-extra";
+var SUPERPOWERS_ORIGIN_SOURCE_ID = "superpowers-pcvelz";
+var PATH_REWRITES = [
+  ["skills/shared/", ".claude/skills/shared/"]
+];
+function rewriteSuperpowersMarkdown(text) {
+  let out = text;
+  for (const [from, to] of PATH_REWRITES) {
+    out = out.split(from).join(to);
+  }
+  return out;
+}
+async function rewriteMarkdownTree(dir) {
+  const files = await fg3("**/*.md", { cwd: dir, onlyFiles: true, dot: true });
+  for (const rel of files) {
+    const abs = path9.join(dir, rel);
+    const text = await fs6.readFile(abs, "utf8");
+    const rewritten = rewriteSuperpowersMarkdown(text);
+    if (rewritten !== text) {
+      await fs6.writeFile(abs, rewritten, "utf8");
+    }
+  }
+}
+async function installCatalogSkill(sourcePath, destination, opts) {
+  if (opts.dryRun) return;
+  await fs6.ensureDir(path9.dirname(destination));
+  if (await fs6.pathExists(destination)) {
+    await fs6.remove(destination);
+  }
+  await fs6.copy(sourcePath, destination, { overwrite: true, errorOnExist: false });
+  if (opts.originSourceId === SUPERPOWERS_ORIGIN_SOURCE_ID) {
+    await rewriteMarkdownTree(destination);
+  }
+}
+async function installSuperpowersShared(contentRoot, projectRoot, dryRun) {
+  const source = path9.join(contentRoot, SUPERPOWERS_SHARED_CATALOG_REL);
+  if (!await fs6.pathExists(source)) return null;
+  const destination = claudePath(projectRoot, "skills", "shared");
+  if (dryRun) return path9.relative(projectRoot, destination);
+  await fs6.ensureDir(path9.dirname(destination));
+  if (await fs6.pathExists(destination)) {
+    await fs6.remove(destination);
+  }
+  await fs6.copy(source, destination, { overwrite: true, errorOnExist: false });
+  await rewriteMarkdownTree(destination);
+  return path9.relative(projectRoot, destination);
+}
+
+// src/claude/verify-hooks-contract.ts
+import fs7 from "fs-extra";
 
 // src/claude/load-hooks.ts
 var CANONICAL_HOOKS = {
@@ -1227,7 +1529,7 @@ var STABLE_HOOK_IDS = {
   "haus guard bash --from-hook": "haus.guard-bash"
 };
 async function loadClaudeHooksSettings() {
-  return { ...CANONICAL_HOOKS, permissions: { deny: buildDenyRules() } };
+  return { ...CANONICAL_HOOKS, permissions: { deny: buildDenyRules(), ask: buildAskRules() } };
 }
 function flattenRecommendedHooks(settings) {
   const out = [];
@@ -1293,7 +1595,7 @@ async function assertPostApplySettingsHausContract(root) {
 }
 async function verifyProjectSettingsHooksContract(root) {
   const settingsPath = claudePath(root, "settings.json");
-  if (!await fs6.pathExists(settingsPath)) {
+  if (!await fs7.pathExists(settingsPath)) {
     return {
       ok: true,
       skipped: true,
@@ -1320,8 +1622,8 @@ async function verifyProjectSettingsHooksContract(root) {
 }
 
 // src/claude/write-root-claude-md.ts
-import path9 from "path";
-import fs7 from "fs-extra";
+import path10 from "path";
+import fs8 from "fs-extra";
 var BLOCK_BEGIN = "<!-- HAUS:BEGIN haus-imports v=1 -->";
 var BLOCK_END = "<!-- HAUS:END haus-imports -->";
 var IMPORT_CONTENT = `@.haus-workflow/WORKFLOW.md
@@ -1361,21 +1663,21 @@ ${block}
 `;
 }
 async function writeRootClaudeMd(root, dryRun) {
-  const filePath = path9.join(root, "CLAUDE.md");
+  const filePath = path10.join(root, "CLAUDE.md");
   const block = buildImportBlock();
-  const prev = await fs7.pathExists(filePath) ? await fs7.readFile(filePath, "utf8") : "";
+  const prev = await fs8.pathExists(filePath) ? await fs8.readFile(filePath, "utf8") : "";
   const next = injectHausBlock(prev, block);
   await writeManagedText(root, filePath, next, dryRun);
   return filePath;
 }
 
 // src/claude/write-workflow-config.ts
-import path11 from "path";
-import fs9 from "fs-extra";
+import path12 from "path";
+import fs10 from "fs-extra";
 
 // src/claude/derive-workflow-config.ts
-import path10 from "path";
-import fs8 from "fs-extra";
+import path11 from "path";
+import fs9 from "fs-extra";
 function binCmd(pm, bin, args) {
   const tail = args ? ` ${args}` : "";
   if (pm === "yarn") return `yarn ${bin}${tail}`;
@@ -1384,7 +1686,7 @@ function binCmd(pm, bin, args) {
 }
 async function deriveWorkflowConfig(root, ctx) {
   const pm = ctx.packageManager === "unknown" ? "npm" : ctx.packageManager;
-  const pkg = await readJson(path10.join(root, "package.json"));
+  const pkg = await readJson(path11.join(root, "package.json"));
   const scripts = pkg?.scripts ?? {};
   const deps = new Set(ctx.dependencies);
   const stacks = Object.values(ctx.detectedStacks ?? {}).flat();
@@ -1394,7 +1696,7 @@ async function deriveWorkflowConfig(root, ctx) {
     return null;
   };
   const hasDep = (name) => deps.has(name);
-  const exists = (rel) => fs8.pathExistsSync(path10.join(root, rel));
+  const exists = (rel) => fs9.pathExistsSync(path11.join(root, rel));
   const hasPlaywright = hasDep("@playwright/test") || stacks.includes("playwright");
   const hasCypress = hasDep("cypress");
   const preCommitTool = exists("lefthook.yml") || exists("lefthook.yaml") ? "lefthook" : exists(".husky") || hasDep("husky") || (scripts.prepare ?? "").includes("husky") ? "husky" : exists(".pre-commit-config.yaml") ? "pre-commit (Python framework)" : null;
@@ -1463,7 +1765,7 @@ var FALLBACK_CONTEXT = {
 async function writeWorkflowConfig(root, dryRun, opts = {}) {
   const destPath = hausPath(root, "workflow-config.md");
   const printable = displayPath(root, destPath);
-  const exists = await fs9.pathExists(destPath);
+  const exists = await fs10.pathExists(destPath);
   if (exists && !opts.refill) {
     if (dryRun) log(printable + ": exists (project-owned, skipping)");
     return null;
@@ -1471,11 +1773,11 @@ async function writeWorkflowConfig(root, dryRun, opts = {}) {
   const ctx = await readJson(hausPath(root, "context-map.json")) ?? {
     ...FALLBACK_CONTEXT,
     root,
-    repoName: path11.basename(root)
+    repoName: path12.basename(root)
   };
   const values = await deriveWorkflowConfig(root, ctx);
   if (exists) {
-    const current = await fs9.readFile(destPath, "utf8");
+    const current = await fs10.readFile(destPath, "utf8");
     const refilled = refillContent(current, values);
     if (refilled === current) {
       if (dryRun) log(printable + ": no blank fields to refill");
@@ -1497,7 +1799,7 @@ async function writeWorkflowConfig(root, dryRun, opts = {}) {
 }
 
 // src/claude/write-workflow.ts
-import fs10 from "fs-extra";
+import fs11 from "fs-extra";
 var STABLE_ID = "template.workflow";
 function makeWorkflowHeader(pkgVersion, contentHash) {
   return `<!-- HAUS-MANAGED id=${STABLE_ID} v=${SCHEMA_VERSION} source=@haus-tech/haus-workflow@${pkgVersion} hash=${contentHash} -->`;
@@ -1516,8 +1818,8 @@ async function writeWorkflow(root, pkgVersion, dryRun, force = false) {
 ${templateContent}`;
   const destPath = hausPath(root, "WORKFLOW.md");
   const printable = displayPath(root, destPath);
-  if (await fs10.pathExists(destPath)) {
-    const existing = await fs10.readFile(destPath, "utf8");
+  if (await fs11.pathExists(destPath)) {
+    const existing = await fs11.readFile(destPath, "utf8");
     const firstLine = existing.split("\n")[0] ?? "";
     const parsed = parseHausManagedHeader(firstLine);
     if (!parsed) {
@@ -1545,7 +1847,7 @@ ${templateContent}`;
     }
   }
   if (dryRun) {
-    const prev = await fs10.pathExists(destPath) ? await fs10.readFile(destPath, "utf8") : "";
+    const prev = await fs11.pathExists(destPath) ? await fs11.readFile(destPath, "utf8") : "";
     if (!prev) {
       log(createUnifiedDiff(printable, "", next));
     } else {
@@ -1579,7 +1881,7 @@ async function writeClaudeFiles(root, dryRun, selectedIds, opts = {}) {
     estimatedTokenReductionPct: 0
   };
   const pkgRoot = packageRoot();
-  const hausVersion2 = (await readJson(path12.join(pkgRoot, "package.json")))?.version ?? "0.0.0";
+  const hausVersion2 = (await readJson(path13.join(pkgRoot, "package.json")))?.version ?? "0.0.0";
   const coreFiles = [
     claudePath(root, "settings.json"),
     claudePath(root, "rules", "haus.md"),
@@ -1611,7 +1913,7 @@ async function writeClaudeFiles(root, dryRun, selectedIds, opts = {}) {
     await assertPostApplySettingsHausContract(root);
   }
   const configPath = hausPath(root, "config.json");
-  if (!await fs11.pathExists(configPath)) {
+  if (!await fs12.pathExists(configPath)) {
     await writeManagedJson(root, configPath, DEFAULT_HOOKS_CONFIG, dryRun);
   }
   await writeManagedText(
@@ -1644,6 +1946,7 @@ async function writeClaudeFiles(root, dryRun, selectedIds, opts = {}) {
   const installedIds = /* @__PURE__ */ new Set();
   const catalogItems = selectedIds !== void 0 ? rec.recommended.filter((r) => selectedIds.includes(r.id)) : rec.recommended;
   let curatedReviewStatusSkips = 0;
+  let superpowersSharedInstalled = false;
   for (const item of catalogItems) {
     const manifestItem = manifestById.get(item.id);
     if (!manifestItem?.path) continue;
@@ -1670,20 +1973,34 @@ async function writeClaudeFiles(root, dryRun, selectedIds, opts = {}) {
       );
       continue;
     }
-    const destination = claudePath(root, target, path12.basename(sourcePath));
-    if (await fs11.pathExists(sourcePath)) {
+    const destination = claudePath(root, target, path13.basename(sourcePath));
+    if (await fs12.pathExists(sourcePath)) {
       if (dryRun) {
-        const exists = await fs11.pathExists(destination);
+        const exists = await fs12.pathExists(destination);
         log(
           `${displayPath(root, destination)}: ${exists ? "would overwrite" : "would create"} (${item.id})`
         );
+      } else if (item.type === "skill") {
+        await installCatalogSkill(sourcePath, destination, {
+          originSourceId: manifestItem.originSourceId,
+          dryRun: false
+        });
       } else {
-        await fs11.ensureDir(path12.dirname(destination));
-        await fs11.copy(sourcePath, destination, { overwrite: true, errorOnExist: false });
+        await fs12.ensureDir(path13.dirname(destination));
+        await fs12.copy(sourcePath, destination, { overwrite: true, errorOnExist: false });
       }
       files.push(destination);
+      const relPaths = [path13.relative(root, destination)];
+      if (!superpowersSharedInstalled && manifestItem.originSourceId === SUPERPOWERS_ORIGIN_SOURCE_ID && item.type === "skill") {
+        const sharedRel = await installSuperpowersShared(contentRoot, root, dryRun);
+        if (sharedRel) {
+          superpowersSharedInstalled = true;
+          relPaths.push(sharedRel);
+          files.push(path13.join(root, sharedRel));
+        }
+      }
       const current = installedPathsByItem.get(item.id) ?? [];
-      installedPathsByItem.set(item.id, [...current, path12.relative(root, destination)]);
+      installedPathsByItem.set(item.id, [...current, ...relPaths]);
       installedIds.add(item.id);
     } else {
       warn(
@@ -1753,7 +2070,7 @@ async function cleanupStaleCatalogItems(root, knownIds, dryRun) {
     if (relPaths.length === 0) continue;
     const existing = [];
     for (const rel of relPaths) {
-      if (await fs11.pathExists(path12.join(root, rel))) existing.push(rel);
+      if (await fs12.pathExists(path13.join(root, rel))) existing.push(rel);
     }
     if (existing.length === 0) continue;
     if (entry.hash === void 0) {
@@ -1770,13 +2087,13 @@ async function cleanupStaleCatalogItems(root, knownIds, dryRun) {
       continue;
     }
     for (const rel of existing) {
-      const abs = path12.join(root, rel);
+      const abs = path13.join(root, rel);
       if (dryRun) {
         log(`[dry-run] would remove stale ${displayPath(root, abs)} (${entry.id})`);
         continue;
       }
-      await fs11.remove(abs);
-      await pruneEmptyDir(path12.dirname(abs));
+      await fs12.remove(abs);
+      await pruneEmptyDir(path13.dirname(abs));
       log(`Removed stale ${displayPath(root, abs)} (${entry.id})`);
     }
   }
@@ -1784,7 +2101,7 @@ async function cleanupStaleCatalogItems(root, knownIds, dryRun) {
 
 // src/commands/apply.ts
 async function cacheHasItems() {
-  const data = await readJson(path13.join(getCacheDir(), "manifest.json"));
+  const data = await readJson(path14.join(getCacheDir(), "manifest.json"));
   return Array.isArray(data?.items) && data.items.length > 0;
 }
 async function runApply(options) {
@@ -1850,8 +2167,8 @@ async function runApply(options) {
   }
 }
 async function isHausProject(root) {
-  if (await fs12.pathExists(hausPath(root, "recommendation.json"))) return true;
-  if (await fs12.pathExists(claudePath(root, "settings.json"))) {
+  if (await fs13.pathExists(hausPath(root, "recommendation.json"))) return true;
+  if (await fs13.pathExists(claudePath(root, "settings.json"))) {
     const settings = await readProjectSettings(root);
     if (settings._haus != null) return true;
   }
@@ -1889,7 +2206,7 @@ async function runCatalogAudit() {
 
 // src/commands/clone.ts
 import { existsSync as existsSync2 } from "fs";
-import path14 from "path";
+import path15 from "path";
 
 // src/utils/exec.ts
 import { execa } from "execa";
@@ -1917,6 +2234,20 @@ async function runGit(args, options = {}) {
 }
 
 // src/commands/clone.ts
+var GIT_LOCATION_VARS = [
+  "GIT_DIR",
+  "GIT_WORK_TREE",
+  "GIT_INDEX_FILE",
+  "GIT_COMMON_DIR",
+  "GIT_OBJECT_DIRECTORY",
+  "GIT_NAMESPACE",
+  "GIT_PREFIX"
+];
+function cloneEnv() {
+  const env = { ...process.env };
+  for (const key of GIT_LOCATION_VARS) delete env[key];
+  return env;
+}
 function repoNameFromUrl(url) {
   const trimmed = url.trim().replace(/\.git$/, "").replace(/\/+$/, "");
   const tail = trimmed.split(/[/:]/).pop() ?? "";
@@ -1928,16 +2259,16 @@ async function runClone(url, opts = {}) {
     process.exitCode = 1;
     return;
   }
-  const target = path14.resolve(opts.dir?.trim() || repoNameFromUrl(url));
+  const target = path15.resolve(opts.dir?.trim() || repoNameFromUrl(url));
   if (existsSync2(target)) {
-    log(`\u2022 ${path14.basename(target)} already present at ${target} \u2014 skipped`);
+    log(`\u2022 ${path15.basename(target)} already present at ${target} \u2014 skipped`);
     return;
   }
   if (opts.dryRun) {
     log(`would clone ${url} \u2192 ${target}`);
     return;
   }
-  const res = await runGit(["clone", url, target]);
+  const res = await runGit(["clone", url, target], { env: cloneEnv(), extendEnv: false });
   if (res.exitCode !== 0) {
     error(`clone failed for ${url}: ${(res.stderr || res.stdout).trim()}`);
     process.exitCode = 1;
@@ -1947,7 +2278,7 @@ async function runClone(url, opts = {}) {
 }
 
 // src/commands/config.ts
-import path15 from "path";
+import path16 from "path";
 var CONFIG_PATH2 = ".haus-workflow/config.json";
 var HOOK_ALIASES = {
   "hook.context": "context"
@@ -1960,7 +2291,7 @@ async function runConfig(key, action) {
     );
   }
   const root = process.cwd();
-  const configPath = path15.join(root, CONFIG_PATH2);
+  const configPath = path16.join(root, CONFIG_PATH2);
   const existing = await readJson(configPath);
   const cfg = existing ?? structuredClone(DEFAULT_HOOKS_CONFIG);
   cfg.hooks ??= {};
@@ -2340,7 +2671,7 @@ function selectRules(recommended, task, taskIntents) {
 
 // src/scanner/scan-project.ts
 import { readFile as readFile2 } from "fs/promises";
-import path19 from "path";
+import path20 from "path";
 
 // src/utils/audit-checks.ts
 function isRecord(v) {
@@ -2367,8 +2698,8 @@ function compareVersions(a, b) {
 }
 
 // src/scanner/detect-package-manager.ts
-import path16 from "path";
-import fs13 from "fs-extra";
+import path17 from "path";
+import fs14 from "fs-extra";
 function detectPackageManager(root, packageManagerField) {
   const field = String(packageManagerField ?? "").trim();
   if (field.startsWith("yarn@")) {
@@ -2386,9 +2717,9 @@ function detectPackageManager(root, packageManagerField) {
     if (satisfiesVersion(version, ">=9")) return "npm";
     return "unknown";
   }
-  if (fs13.existsSync(path16.join(root, "yarn.lock"))) return "yarn";
-  if (fs13.existsSync(path16.join(root, "pnpm-lock.yaml"))) return "pnpm";
-  if (fs13.existsSync(path16.join(root, "package-lock.json"))) return "npm";
+  if (fs14.existsSync(path17.join(root, "yarn.lock"))) return "yarn";
+  if (fs14.existsSync(path17.join(root, "pnpm-lock.yaml"))) return "pnpm";
+  if (fs14.existsSync(path17.join(root, "package-lock.json"))) return "npm";
   return "unknown";
 }
 
@@ -2396,10 +2727,26 @@ function detectPackageManager(root, packageManagerField) {
 var dep = (value) => ({ kind: "dep", value });
 var depPrefix = (value) => ({ kind: "depPrefix", value });
 var depAbsent = (value) => ({ kind: "depAbsent", value });
-var fileEndsWith = (value) => ({ kind: "file", value, mode: "endsWith" });
-var fileIncludes = (value) => ({ kind: "file", value, mode: "includes" });
-var fileEquals = (value) => ({ kind: "file", value, mode: "equals" });
-var fileStartsWith = (value) => ({ kind: "file", value, mode: "startsWith" });
+var fileEndsWith = (value) => ({
+  kind: "file",
+  value,
+  mode: "endsWith"
+});
+var fileIncludes = (value) => ({
+  kind: "file",
+  value,
+  mode: "includes"
+});
+var fileEquals = (value) => ({
+  kind: "file",
+  value,
+  mode: "equals"
+});
+var fileStartsWith = (value) => ({
+  kind: "file",
+  value,
+  mode: "startsWith"
+});
 var content = (value) => ({ kind: "content", value });
 var STACK_BUCKETS = [
   "backend",
@@ -2466,7 +2813,10 @@ var STACK_RULES = [
   { stack: ["frontend", "vue"], any: [dep("vue")] },
   { stack: ["frontend", "vite8"], any: [dep("vite")] },
   { stack: ["frontend", "react-router-v7"], all: [dep("react-router"), dep("@react-router/node")] },
-  { stack: ["frontend", "tailwindcss"], any: [dep("tailwindcss"), fileIncludes("tailwind.config.")] },
+  {
+    stack: ["frontend", "tailwindcss"],
+    any: [dep("tailwindcss"), fileIncludes("tailwind.config.")]
+  },
   {
     stack: ["frontend", "shadcn"],
     all: [fileEndsWith("components.json"), dep("class-variance-authority")]
@@ -2479,10 +2829,12 @@ var STACK_RULES = [
   { stack: ["frontend", "react-native"], any: [dep("react-native")] },
   { stack: ["tooling", "i18next"], any: [dep("i18next"), dep("react-i18next")] },
   { stack: ["tooling", "bullmq"], any: [dep("bullmq")] },
-  { stack: ["tooling", "docker"], any: [fileEquals("Dockerfile"), fileStartsWith("docker-compose")] },
+  {
+    stack: ["tooling", "docker"],
+    any: [fileEquals("Dockerfile"), fileStartsWith("docker-compose")]
+  },
   { stack: ["tooling", "pm2"], any: [dep("pm2"), fileIncludes("ecosystem.config")] },
   { stack: ["tooling", "sentry"], any: [depPrefix("@sentry/")] },
-  { stack: ["tooling", "deployer-php"], any: [dep("deployer/deployer")] },
   { stack: ["tooling", "missing-prettier"], any: [depAbsent("prettier")] },
   { stack: ["tooling", "missing-eslint"], any: [depAbsent("eslint")] },
   {
@@ -2499,7 +2851,10 @@ var STACK_RULES = [
   { stack: ["backend", "nestjs"], any: [content("NestFactory")] },
   { stack: ["backend", "vendure3"], any: [content("@VendurePlugin")] },
   { stack: ["backend", "graphql"], any: [dep("graphql"), dep("@nestjs/graphql")] },
-  { stack: ["backend", "graphql"], any: [fileEndsWith(".graphql"), fileEndsWith("schema.graphql")] },
+  {
+    stack: ["backend", "graphql"],
+    any: [fileEndsWith(".graphql"), fileEndsWith("schema.graphql")]
+  },
   { stack: ["backend", "laravel"], any: [dep("laravel/framework")] },
   { stack: ["backend", "laravel"], any: [fileIncludes("app/Providers/"), fileIncludes("routes/")] },
   { stack: ["backend", "wordpress"], any: [fileEndsWith("wp-config.php"), dep("roots/wordpress")] },
@@ -2561,7 +2916,7 @@ function runDetection(ctx, rules = STACK_RULES) {
 }
 
 // src/scanner/detection.ts
-import path17 from "path";
+import path18 from "path";
 var UNSUPPORTED_MARKERS = {
   "requirements.txt": "python",
   "pyproject.toml": "python",
@@ -2615,14 +2970,14 @@ function finalizeRoles(registryRoles, deps, files) {
 function collectUnsupportedSignals(files) {
   return [
     ...new Set(
-      files.map((f) => UNSUPPORTED_MARKERS[path17.basename(f)]).filter((s) => Boolean(s))
+      files.map((f) => UNSUPPORTED_MARKERS[path18.basename(f)]).filter((s) => Boolean(s))
     )
   ].sort();
 }
 
 // src/scanner/render.ts
 import { readFile } from "fs/promises";
-import path18 from "path";
+import path19 from "path";
 
 // src/scanner/role-labels.ts
 var ROLE_LABELS = {
@@ -2684,7 +3039,7 @@ async function buildContentBlob(root, files) {
   const slice = candidates.slice(0, 300);
   const parts = await mapWithConcurrency(slice, async (rel) => {
     try {
-      return await readFile(path18.join(root, rel), "utf8");
+      return await readFile(path19.join(root, rel), "utf8");
     } catch {
       return "";
     }
@@ -2782,8 +3137,8 @@ var SAFE_FILES = [
   "Gemfile"
 ];
 async function scanProject(root, mode = "fast") {
-  const pkg = await readJson(path19.join(root, "package.json"));
-  const composer = await readJson(path19.join(root, "composer.json"));
+  const pkg = await readJson(path20.join(root, "package.json"));
+  const composer = await readJson(path20.join(root, "composer.json"));
   const files = await listFiles(root, SAFE_FILES);
   const safeFiles = files.filter((f) => !blocked(f));
   const deps = dependencySet(pkg, composer);
@@ -2817,7 +3172,7 @@ async function scanProject(root, mode = "fast") {
     mode,
     generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
     root,
-    repoName: String(pkg?.name ?? path19.basename(root)),
+    repoName: String(pkg?.name ?? path20.basename(root)),
     packageManager,
     repoRoles: roles,
     detectedStacks: stacks,
@@ -2835,7 +3190,7 @@ async function scanProject(root, mode = "fast") {
   const scanHashes = Object.fromEntries(
     await mapWithConcurrency(
       safeFiles,
-      async (f) => [f, hashText(await readFile2(path19.join(root, f), "utf8"))]
+      async (f) => [f, hashText(await readFile2(path20.join(root, f), "utf8"))]
     )
   );
   const repoSummary = renderSummary(context);
@@ -2920,8 +3275,8 @@ async function runContext(options) {
 }
 
 // src/commands/doctor.ts
-import path20 from "path";
-import fs14 from "fs-extra";
+import path21 from "path";
+import fs15 from "fs-extra";
 
 // src/update/npm-version.ts
 var NPM_PACKAGE_NAME = "@haus-tech/haus-workflow";
@@ -3001,7 +3356,7 @@ async function runDoctor(options) {
     const enabled = await isHookEnabled(root, key);
     ok(`- HOOK ${key}: ${enabled ? "enabled" : "disabled (default)"}`);
   }
-  const rootClaudeMdPath = path20.join(root, "CLAUDE.md");
+  const rootClaudeMdPath = path21.join(root, "CLAUDE.md");
   const rootClaudeMdContent = await readText(rootClaudeMdPath);
   if (!rootClaudeMdContent) {
     flag(
@@ -3029,7 +3384,7 @@ async function runDoctor(options) {
       const block = rootClaudeMdContent.slice(beginIdx, endIdx + BLOCK_END.length);
       const importTargets = [...block.matchAll(/@\.haus-workflow\/(\S+)/g)].map((m) => m[1]);
       for (const target of importTargets) {
-        if (!await fs14.pathExists(hausPath(root, target))) {
+        if (!await fs15.pathExists(hausPath(root, target))) {
           flag(
             `- CLAUDE.md import: @.haus-workflow/${target} does not resolve (run \`haus apply --write\`)`,
             `A file CLAUDE.md links to (${target}) is missing, so part of the guidance won't load`,
@@ -3040,7 +3395,7 @@ async function runDoctor(options) {
     }
   }
   const workflowPath = hausPath(root, "WORKFLOW.md");
-  const workflowExists = await fs14.pathExists(workflowPath);
+  const workflowExists = await fs15.pathExists(workflowPath);
   if (!workflowExists) {
     flag(
       "- .haus-workflow/WORKFLOW.md: missing (run `haus apply --write`)",
@@ -3063,15 +3418,15 @@ async function runDoctor(options) {
           "haus apply --write --force"
         );
       } else {
-        const cachePath = path20.join(getCacheDir(), "templates/agentic-workflow-standard.md");
-        const bundledPath = path20.join(
+        const cachePath = path21.join(getCacheDir(), "templates/agentic-workflow-standard.md");
+        const bundledPath = path21.join(
           packageRoot(),
           "library",
           "global",
           "templates",
           "agentic-workflow-standard.md"
         );
-        const templatePath = await fs14.pathExists(cachePath) ? cachePath : bundledPath;
+        const templatePath = await fs15.pathExists(cachePath) ? cachePath : bundledPath;
         const templateContent = await readText(templatePath);
         if (storedHashMatch && templateContent) {
           const currentHash = hashText(normaliseLF(templateContent));
@@ -3091,7 +3446,7 @@ async function runDoctor(options) {
     }
   }
   const workflowConfigPath = hausPath(root, "workflow-config.md");
-  const workflowConfigExists = await fs14.pathExists(workflowConfigPath);
+  const workflowConfigExists = await fs15.pathExists(workflowConfigPath);
   if (!workflowConfigExists) {
     flag(
       "- .haus-workflow/workflow-config.md: missing (run `haus apply --write`)",
@@ -3099,7 +3454,7 @@ async function runDoctor(options) {
       "haus apply --write"
     );
   } else {
-    const cfg = await fs14.readFile(workflowConfigPath, "utf8");
+    const cfg = await fs15.readFile(workflowConfigPath, "utf8");
     const unfilled = cfg.split("\n").filter((l) => l.includes("<!-- fill in")).length;
     if (unfilled > 0) {
       flag(
@@ -3130,7 +3485,7 @@ async function runDoctor(options) {
       ok(`- CATALOG CACHE: OK (${cacheAgeDays}d old)`);
     }
   }
-  const pkgJson = await readJson(path20.join(packageRoot(), "package.json"));
+  const pkgJson = await readJson(path21.join(packageRoot(), "package.json"));
   const currentVersion = pkgJson?.version ?? "0.0.0";
   const npmStatus = await fetchNpmVersionStatus(currentVersion);
   if (npmStatus.updateAvailable && npmStatus.latest !== null) {
@@ -3216,15 +3571,16 @@ import { readFileSync as readFileSync2 } from "fs";
 
 // src/security/guard-bash.ts
 function guardBash(command) {
-  const matched = DANGEROUS_COMMANDS.find((token) => command.includes(token));
+  const matched = DENY_COMMANDS.find((token) => command.includes(token));
   if (matched) return `I didn't run that \u2014 it can permanently change or delete things: ${command}`;
   return void 0;
 }
 
 // src/security/guard-file-access.ts
 function guardFileAccess(candidate) {
-  const matched = SENSITIVE_PATHS.find((token) => candidate.includes(token.replace("*", "")));
-  if (matched) return `I didn't open ${candidate} \u2014 it looks like it holds secrets or sensitive data`;
+  const matched = DENY_PATHS.find((token) => candidate.includes(token.replace(/\*/g, "")));
+  if (matched)
+    return `I didn't open ${candidate} \u2014 it looks like it holds secrets or sensitive data`;
   return void 0;
 }
 
@@ -3273,8 +3629,8 @@ async function runGuard(kind, _options) {
 }
 
 // src/commands/init.ts
-import path21 from "path";
-import fs15 from "fs-extra";
+import path22 from "path";
+import fs16 from "fs-extra";
 
 // src/utils/prompts.ts
 import { stdin as input, stdout as output } from "process";
@@ -3635,8 +3991,8 @@ async function runSetupProject(options) {
 // src/commands/init.ts
 async function runInit(options) {
   const root = process.cwd();
-  const hausDir = path21.join(root, ".haus-workflow");
-  const alreadyInit = await fs15.pathExists(hausDir);
+  const hausDir = path22.join(root, ".haus-workflow");
+  const alreadyInit = await fs16.pathExists(hausDir);
   if (alreadyInit) {
     log("Haus AI already initialized in this project.");
     log("Run `haus setup-project` to reconfigure.");
@@ -3648,8 +4004,8 @@ async function runInit(options) {
 
 // src/install/apply.ts
 import crypto2 from "crypto";
-import path22 from "path";
-import fs16 from "fs-extra";
+import path23 from "path";
+import fs17 from "fs-extra";
 
 // src/install/header.ts
 var MD_PREFIX = "<!-- HAUS-MANAGED";
@@ -3737,40 +4093,40 @@ function hashContent(content2) {
 }
 function sourceVersion() {
   try {
-    const pkgPath = path22.join(packageRoot(), "package.json");
-    const pkg = JSON.parse(fs16.readFileSync(pkgPath, "utf8"));
+    const pkgPath = path23.join(packageRoot(), "package.json");
+    const pkg = JSON.parse(fs17.readFileSync(pkgPath, "utf8"));
     return `${pkg.name ?? "haus"}@${pkg.version ?? "0.0.0"}`;
   } catch {
     return "haus@0.0.0";
   }
 }
 function globalSrcDir() {
-  return path22.join(packageRoot(), "library", "global");
+  return path23.join(packageRoot(), "library", "global");
 }
 function collectSourceFiles(srcDir, claudeDir) {
   const entries = [];
-  const skillsDir = path22.join(srcDir, "skills");
-  if (fs16.pathExistsSync(skillsDir)) {
-    for (const skillName of fs16.readdirSync(skillsDir)) {
-      const skillFile = path22.join(skillsDir, skillName, "SKILL.md");
-      if (fs16.pathExistsSync(skillFile)) {
+  const skillsDir = path23.join(srcDir, "skills");
+  if (fs17.pathExistsSync(skillsDir)) {
+    for (const skillName of fs17.readdirSync(skillsDir)) {
+      const skillFile = path23.join(skillsDir, skillName, "SKILL.md");
+      if (fs17.pathExistsSync(skillFile)) {
         entries.push({
           stableId: `skill.${skillName}`,
-          srcRelPath: path22.join("library", "global", "skills", skillName, "SKILL.md"),
-          destPath: path22.join(claudeDir, "skills", skillName, "SKILL.md")
+          srcRelPath: path23.join("library", "global", "skills", skillName, "SKILL.md"),
+          destPath: path23.join(claudeDir, "skills", skillName, "SKILL.md")
         });
       }
     }
   }
-  const commandsDir = path22.join(srcDir, "commands");
-  if (fs16.pathExistsSync(commandsDir)) {
-    for (const fileName of fs16.readdirSync(commandsDir)) {
+  const commandsDir = path23.join(srcDir, "commands");
+  if (fs17.pathExistsSync(commandsDir)) {
+    for (const fileName of fs17.readdirSync(commandsDir)) {
       if (!fileName.endsWith(".md")) continue;
       const commandName = fileName.slice(0, -".md".length);
       entries.push({
         stableId: `command.${commandName}`,
-        srcRelPath: path22.join("library", "global", "commands", fileName),
-        destPath: path22.join(claudeDir, "commands", fileName)
+        srcRelPath: path23.join("library", "global", "commands", fileName),
+        destPath: path23.join(claudeDir, "commands", fileName)
       });
     }
   }
@@ -3794,7 +4150,7 @@ async function applyInstall(options = {}) {
   };
   const manifestFiles = [];
   for (const entry of sourceFiles) {
-    const srcPath = path22.join(packageRoot(), entry.srcRelPath);
+    const srcPath = path23.join(packageRoot(), entry.srcRelPath);
     const rawContent = await readText(srcPath);
     if (rawContent === void 0) {
       warn(`Source file not found: ${entry.srcRelPath}`);
@@ -3814,7 +4170,7 @@ async function applyInstall(options = {}) {
       }
       continue;
     }
-    const destExists = fs16.pathExistsSync(entry.destPath);
+    const destExists = fs17.pathExistsSync(entry.destPath);
     if (destExists) {
       const currentContent = await readText(entry.destPath);
       if (currentContent !== void 0) {
@@ -3850,24 +4206,25 @@ async function applyInstall(options = {}) {
       schemaVersion: SCHEMA_VERSION2
     });
   }
-  const fragmentPath = path22.join(srcDir, "settings-fragments", "hooks.json");
+  const fragmentPath = path23.join(srcDir, "settings-fragments", "hooks.json");
   const fragments = await loadHooksFragment(fragmentPath);
   const settings = await readSettings();
   const { settings: hookSettings, addedIds } = mergeHooks(settings, fragments);
   const { settings: deniedSettings } = mergeDenyRules(hookSettings, buildDenyRules());
-  const { settings: mergedSettings } = mergeAllowRules(deniedSettings, buildAllowRules());
+  const { settings: allowedSettings } = mergeAllowRules(deniedSettings, buildAllowRules());
+  const { settings: mergedSettings } = mergeAskRules(allowedSettings, buildAskRules());
   result.hookIds = addedIds;
   if (!check && existingManifest) {
     const currentDestPaths = new Set(sourceFiles.map((f) => f.destPath));
     for (const entry of existingManifest.files) {
       if (currentDestPaths.has(entry.destPath)) continue;
-      if (!fs16.pathExistsSync(entry.destPath)) continue;
+      if (!fs17.pathExistsSync(entry.destPath)) continue;
       const content2 = await readText(entry.destPath);
       if (!content2) continue;
       const hasHeader = parseMarkdownHeader(content2) !== void 0;
       const currentHash = hashContent(content2);
       if (hasHeader && currentHash === entry.hash) {
-        if (!dryRun) await fs16.remove(entry.destPath);
+        if (!dryRun) await fs17.remove(entry.destPath);
         result.deleted.push(entry.destPath);
       } else {
         warn(`Orphaned file ${entry.destPath} was user-modified \u2014 leaving in place`);
@@ -3994,8 +4351,8 @@ async function runScan(options) {
 }
 
 // src/commands/undo.ts
-import path23 from "path";
-import fs17 from "fs-extra";
+import path24 from "path";
+import fs18 from "fs-extra";
 
 // src/claude/managed-paths.ts
 var PROJECT_MANAGED_CLAUDE_REL = [
@@ -4021,61 +4378,61 @@ async function collectManagedPaths(root) {
   const lock = await readJson(hausPath(root, "haus.lock.json"));
   for (const row of lock ?? []) {
     for (const rel of row.paths ?? []) {
-      paths.add(path23.resolve(root, rel));
+      paths.add(path24.resolve(root, rel));
     }
   }
   const existing = [];
   for (const abs of paths) {
-    if (await fs17.pathExists(abs)) existing.push(abs);
+    if (await fs18.pathExists(abs)) existing.push(abs);
   }
   return existing;
 }
 async function settingsHasHausContent(root) {
   const settingsPath = claudePath(root, "settings.json");
-  if (!await fs17.pathExists(settingsPath)) return false;
+  if (!await fs18.pathExists(settingsPath)) return false;
   const settings = await readProjectSettings(root);
   return settings._haus != null;
 }
 async function claudeMdHasHausBlock(root) {
-  const filePath = path23.join(root, "CLAUDE.md");
-  if (!await fs17.pathExists(filePath)) return false;
-  const text = await fs17.readFile(filePath, "utf8");
+  const filePath = path24.join(root, "CLAUDE.md");
+  if (!await fs18.pathExists(filePath)) return false;
+  const text = await fs18.readFile(filePath, "utf8");
   return text.includes(BLOCK_BEGIN);
 }
 async function stripProjectSettings(root) {
   const settingsPath = claudePath(root, "settings.json");
-  if (!await fs17.pathExists(settingsPath)) return false;
+  if (!await fs18.pathExists(settingsPath)) return false;
   let settings = await readProjectSettings(root);
-  settings = stripHausAllow(stripHausDeny(stripHausHooks(settings)));
+  settings = stripHausHooks(stripHausAsk(stripHausAllow(stripHausDeny(settings))));
   const hasContent = Object.keys(settings).length > 0;
   if (hasContent) {
     await writeProjectSettings(root, settings);
-    log(`Stripped haus rules from ${path23.relative(root, settingsPath)} (user settings preserved).`);
+    log(`Stripped haus rules from ${path24.relative(root, settingsPath)} (user settings preserved).`);
     return true;
   }
-  await fs17.remove(settingsPath);
-  log(`Removed ${path23.relative(root, settingsPath)} (no user-owned settings remained).`);
+  await fs18.remove(settingsPath);
+  log(`Removed ${path24.relative(root, settingsPath)} (no user-owned settings remained).`);
   return true;
 }
 async function stripRootClaudeMd(root) {
-  const filePath = path23.join(root, "CLAUDE.md");
-  if (!await fs17.pathExists(filePath)) return false;
-  const prev = await fs17.readFile(filePath, "utf8");
+  const filePath = path24.join(root, "CLAUDE.md");
+  if (!await fs18.pathExists(filePath)) return false;
+  const prev = await fs18.readFile(filePath, "utf8");
   if (!prev.includes(BLOCK_BEGIN)) return false;
   const next = stripHausBlock(prev);
   if (next.length === 0) {
-    await fs17.remove(filePath);
+    await fs18.remove(filePath);
     log("Removed CLAUDE.md (only contained haus import block).");
   } else {
-    await fs17.writeFile(filePath, next, "utf8");
+    await fs18.writeFile(filePath, next, "utf8");
     log("Removed haus import block from CLAUDE.md (user content preserved).");
   }
   return true;
 }
 async function pruneDirIfEmpty(dir) {
-  if (!await fs17.pathExists(dir)) return;
-  const entries = await fs17.readdir(dir);
-  if (entries.length === 0) await fs17.remove(dir);
+  if (!await fs18.pathExists(dir)) return;
+  const entries = await fs18.readdir(dir);
+  if (entries.length === 0) await fs18.remove(dir);
 }
 async function runUndo(options) {
   const root = process.cwd();
@@ -4086,7 +4443,7 @@ async function runUndo(options) {
     log("Nothing to remove: no haus-managed files found in this directory.");
     return;
   }
-  const relTargets = managed.map((p) => path23.relative(root, p));
+  const relTargets = managed.map((p) => path24.relative(root, p));
   const summaryParts = [...relTargets];
   if (stripSettings) summaryParts.push(".claude/settings.json (haus rules only)");
   if (stripClaudeMd) summaryParts.push("CLAUDE.md (haus import block only)");
@@ -4102,9 +4459,9 @@ User-owned .claude/ files will be preserved.`
     }
   }
   for (const abs of managed) {
-    if (!await fs17.pathExists(abs)) continue;
-    await fs17.remove(abs);
-    log(`Removed ${path23.relative(root, abs)}`);
+    if (!await fs18.pathExists(abs)) continue;
+    await fs18.remove(abs);
+    log(`Removed ${path24.relative(root, abs)}`);
   }
   if (stripSettings) await stripProjectSettings(root);
   if (stripClaudeMd) await stripRootClaudeMd(root);
@@ -4115,8 +4472,8 @@ User-owned .claude/ files will be preserved.`
 
 // src/install/uninstall.ts
 import crypto3 from "crypto";
-import path24 from "path";
-import fs18 from "fs-extra";
+import path25 from "path";
+import fs19 from "fs-extra";
 async function runUninstall(options = {}) {
   const { force = false } = options;
   const manifest = await readManifest();
@@ -4126,7 +4483,7 @@ async function runUninstall(options = {}) {
     return result;
   }
   for (const entry of manifest.files) {
-    const exists = fs18.pathExistsSync(entry.destPath);
+    const exists = fs19.pathExistsSync(entry.destPath);
     if (!exists) continue;
     const content2 = await readText(entry.destPath);
     if (content2 === void 0) continue;
@@ -4144,22 +4501,22 @@ async function runUninstall(options = {}) {
       result.skipped.push(entry.destPath);
       continue;
     }
-    await fs18.remove(entry.destPath);
-    await pruneEmptyDir(path24.dirname(entry.destPath));
+    await fs19.remove(entry.destPath);
+    await pruneEmptyDir(path25.dirname(entry.destPath));
     result.deleted.push(entry.destPath);
   }
   const settings = await readSettings();
-  const stripped = stripHausHooks(stripHausAllow(stripHausDeny(settings)));
+  const stripped = stripHausHooks(stripHausAsk(stripHausAllow(stripHausDeny(settings))));
   await writeSettings(stripped);
   result.hooksStripped = true;
-  const hausDir = path24.join(globalClaudeDir(), "haus");
+  const hausDir = path25.join(globalClaudeDir(), "haus");
   const manifestPath2 = hausManifestPath();
-  if (fs18.pathExistsSync(manifestPath2)) {
-    await fs18.remove(manifestPath2);
+  if (fs19.pathExistsSync(manifestPath2)) {
+    await fs19.remove(manifestPath2);
   }
-  if (fs18.pathExistsSync(hausDir)) {
-    const remaining = await fs18.readdir(hausDir);
-    if (remaining.length === 0) await fs18.remove(hausDir);
+  if (fs19.pathExistsSync(hausDir)) {
+    const remaining = await fs19.readdir(hausDir);
+    if (remaining.length === 0) await fs19.remove(hausDir);
   }
   return result;
 }
@@ -4190,7 +4547,7 @@ async function runUninstallCommand(options) {
 }
 
 // src/commands/update.ts
-import path26 from "path";
+import path27 from "path";
 
 // src/update/diff-generated-files.ts
 function diffGeneratedFiles() {
@@ -4217,7 +4574,7 @@ function summarizeLockDiff(before, after) {
 
 // src/update/lockfile.ts
 import { mkdir, readFile as readFile3, copyFile } from "fs/promises";
-import path25 from "path";
+import path26 from "path";
 async function checkLock(root) {
   const lock = await readJson(hausPath(root, "haus.lock.json")) ?? [];
   const hasValidVersions = lock.every(
@@ -4248,7 +4605,7 @@ async function applyLock(root) {
   try {
     const backupDir = hausPath(root, "backups");
     await mkdir(backupDir, { recursive: true });
-    await copyFile(lockPath, path25.join(backupDir, `haus.lock.${Date.now()}.json`));
+    await copyFile(lockPath, path26.join(backupDir, `haus.lock.${Date.now()}.json`));
   } catch {
   }
   const enriched = await Promise.all(
@@ -4270,7 +4627,7 @@ function diffLock(before, after) {
 }
 async function hasLocalOverrides(root) {
   try {
-    await readFile3(path25.join(root, ".claude", "settings.json"), "utf8");
+    await readFile3(path26.join(root, ".claude", "settings.json"), "utf8");
     return true;
   } catch {
     return false;
@@ -4282,7 +4639,7 @@ var NPM_PACKAGE_NAME2 = "@haus-tech/haus-workflow";
 async function runUpdate(options) {
   const root = process.cwd();
   if (options.check) {
-    const pkgJson2 = await readJson(path26.join(packageRoot(), "package.json"));
+    const pkgJson2 = await readJson(path27.join(packageRoot(), "package.json"));
     const currentVersion2 = pkgJson2?.version ?? "0.0.0";
     const [status, npmVersion, latestCatalogTag, globalInstallDrift] = await Promise.all([
       checkLock(root),
@@ -4312,7 +4669,7 @@ async function runUpdate(options) {
     if (status.driftCount > 0) process.exitCode = 1;
     return;
   }
-  const pkgJson = await readJson(path26.join(packageRoot(), "package.json"));
+  const pkgJson = await readJson(path27.join(packageRoot(), "package.json"));
   const currentVersion = pkgJson?.version ?? "0.0.0";
   const npmStatus = await fetchNpmVersionStatus(currentVersion);
   if (npmStatus.updateAvailable && npmStatus.latest !== null) {
@@ -4389,8 +4746,8 @@ async function detectGlobalInstallDrift() {
 }
 
 // src/commands/validate-catalog.ts
-import fs19 from "fs";
-import path27 from "path";
+import fs20 from "fs";
+import path28 from "path";
 function auditForbiddenStacks(items) {
   const failures = [];
   for (const item of items) {
@@ -4467,49 +4824,40 @@ function auditShippedFiles(manifestDir, items) {
   const failures = [];
   for (const item of items) {
     if (!item.path) continue;
-    const absPath = path27.join(manifestDir, item.path);
+    const absPath = path28.join(manifestDir, item.path);
     if (item.type === "skill") {
-      const skillMd = path27.join(absPath, "SKILL.md");
-      if (!fs19.existsSync(skillMd)) {
-        failures.push(`${item.id}: missing ${path27.relative(manifestDir, skillMd)}`);
+      const skillMd = path28.join(absPath, "SKILL.md");
+      if (!fs20.existsSync(skillMd)) {
+        failures.push(`${item.id}: missing ${path28.relative(manifestDir, skillMd)}`);
         continue;
       }
-      const text = fs19.readFileSync(skillMd, "utf8");
+      const text = fs20.readFileSync(skillMd, "utf8");
       failures.push(...checkRequiredFrontmatter(text, `${item.id}: SKILL.md`));
       failures.push(
-        ...auditForbiddenTagsInText(text, `${item.id}: ${path27.relative(manifestDir, skillMd)}`)
+        ...auditForbiddenTagsInText(text, `${item.id}: ${path28.relative(manifestDir, skillMd)}`)
       );
     } else if (item.type === "agent") {
-      if (!fs19.existsSync(absPath)) {
+      if (!fs20.existsSync(absPath)) {
         failures.push(`${item.id}: missing agent file ${item.path}`);
         continue;
       }
-      const text = fs19.readFileSync(absPath, "utf8");
-      if (!text.startsWith("---")) failures.push(`${item.id}: agent file missing YAML frontmatter`);
-      for (const section of REQUIRED_AGENT_SECTIONS) {
-        if (!text.includes(section)) failures.push(`${item.id}: agent file missing ${section}`);
-      }
-      const lower = text.toLowerCase();
-      for (const phrase of BANNED_AGENT_PHRASES) {
-        if (lower.includes(phrase))
-          failures.push(`${item.id}: agent file contains disallowed phrase "${phrase}"`);
-      }
-      failures.push(
-        ...auditForbiddenTagsInText(text, `${item.id}: ${path27.relative(manifestDir, absPath)}`)
-      );
+      const text = fs20.readFileSync(absPath, "utf8");
+      const rel = path28.relative(manifestDir, absPath);
+      failures.push(...checkRequiredFrontmatter(text, `${item.id}: ${rel}`));
+      failures.push(...auditForbiddenTagsInText(text, `${item.id}: ${rel}`));
     } else if (item.type === "template") {
-      if (!fs19.existsSync(absPath)) {
+      if (!fs20.existsSync(absPath)) {
         failures.push(`${item.id}: missing template file ${item.path}`);
         continue;
       }
       failures.push(...auditTemplateContent(manifestDir, absPath, item.id));
     } else if (item.type === "command") {
-      if (!fs19.existsSync(absPath)) {
+      if (!fs20.existsSync(absPath)) {
         failures.push(`${item.id}: missing command file ${item.path}`);
         continue;
       }
-      const text = fs19.readFileSync(absPath, "utf8");
-      const rel = path27.relative(manifestDir, absPath);
+      const text = fs20.readFileSync(absPath, "utf8");
+      const rel = path28.relative(manifestDir, absPath);
       failures.push(...checkRequiredFrontmatter(text, `${item.id}: ${rel}`));
       failures.push(...auditTemplateContent(manifestDir, absPath, item.id));
     }
@@ -4517,8 +4865,8 @@ function auditShippedFiles(manifestDir, items) {
   return failures;
 }
 function auditTemplateContent(manifestDir, absPath, itemId) {
-  const rel = path27.relative(manifestDir, absPath);
-  const text = fs19.readFileSync(absPath, "utf8");
+  const rel = path28.relative(manifestDir, absPath);
+  const text = fs20.readFileSync(absPath, "utf8");
   const failures = [];
   const lines = text.split(/\r?\n/);
   for (let i = 0; i < lines.length; i++) {
@@ -4540,11 +4888,11 @@ function auditMarkdownContent(manifestDir) {
   const failures = [];
   const dirs = ["skills", "agents", "templates", "commands"];
   for (const dir of dirs) {
-    const abs = path27.join(manifestDir, dir);
-    if (!fs19.existsSync(abs)) continue;
+    const abs = path28.join(manifestDir, dir);
+    if (!fs20.existsSync(abs)) continue;
     walkMd(abs, (file) => {
-      const text = fs19.readFileSync(file, "utf8");
-      const rel = path27.relative(manifestDir, file);
+      const text = fs20.readFileSync(file, "utf8");
+      const rel = path28.relative(manifestDir, file);
       const lines = text.split(/\r?\n/);
       for (let i = 0; i < lines.length; i++) {
         const line2 = lines[i] ?? "";
@@ -4563,8 +4911,8 @@ function auditMarkdownContent(manifestDir) {
   return failures;
 }
 function walkMd(dir, fn) {
-  for (const entry of fs19.readdirSync(dir, { withFileTypes: true })) {
-    const full = path27.join(dir, entry.name);
+  for (const entry of fs20.readdirSync(dir, { withFileTypes: true })) {
+    const full = path28.join(dir, entry.name);
     if (entry.isDirectory()) walkMd(full, fn);
     else if (entry.name.endsWith(".md")) fn(full);
   }
@@ -4575,8 +4923,8 @@ async function runValidateCatalog(manifestPath2) {
     process.exitCode = 1;
     return;
   }
-  const abs = path27.resolve(process.cwd(), manifestPath2);
-  const manifestDir = path27.dirname(abs);
+  const abs = path28.resolve(process.cwd(), manifestPath2);
+  const manifestDir = path28.dirname(abs);
   const data = await readJson(abs);
   if (!data?.items) {
     error(`Could not read catalog manifest at ${abs}`);
@@ -4606,7 +4954,7 @@ async function runValidateCatalog(manifestPath2) {
 
 // src/commands/workspace.ts
 import { existsSync as existsSync5, statSync as statSync2 } from "fs";
-import path34 from "path";
+import path35 from "path";
 
 // src/commands/workspace/aggregate.ts
 async function writeWorkspaceArtifacts(workspaceRoot, repos, relationships = []) {
@@ -4660,7 +5008,7 @@ ${summaries.map(
 }
 
 // src/commands/workspace/config.ts
-import path28 from "path";
+import path29 from "path";
 import YAML from "yaml";
 var WORKSPACE_FILE = "haus.workspace.yaml";
 function parseWorkspaceConfig(text) {
@@ -4683,12 +5031,12 @@ function parseWorkspaceConfig(text) {
   };
 }
 async function readWorkspaceConfig(workspaceRoot) {
-  return parseWorkspaceConfig(await readText(path28.join(workspaceRoot, WORKSPACE_FILE)));
+  return parseWorkspaceConfig(await readText(path29.join(workspaceRoot, WORKSPACE_FILE)));
 }
 
 // src/commands/workspace/discover.ts
-import path29 from "path";
-import fg3 from "fast-glob";
+import path30 from "path";
+import fg4 from "fast-glob";
 import YAML2 from "yaml";
 var DEFAULT_MAX_DEPTH = 3;
 var REPO_MARKERS = ["**/.git", "**/package.json", "**/composer.json"];
@@ -4704,7 +5052,7 @@ function isDescendant(child, ancestor) {
   return child === ancestor ? false : child.startsWith(`${ancestor}/`);
 }
 async function discoverRepos(workspaceRoot, maxDepth = DEFAULT_MAX_DEPTH) {
-  const matches = await fg3(REPO_MARKERS, {
+  const matches = await fg4(REPO_MARKERS, {
     cwd: workspaceRoot,
     dot: true,
     onlyFiles: false,
@@ -4715,8 +5063,8 @@ async function discoverRepos(workspaceRoot, maxDepth = DEFAULT_MAX_DEPTH) {
   const gitDirs = /* @__PURE__ */ new Set();
   const manifestDirs = /* @__PURE__ */ new Set();
   for (const match of matches) {
-    const base = path29.posix.basename(match);
-    const dir = path29.posix.dirname(match);
+    const base = path30.posix.basename(match);
+    const dir = path30.posix.dirname(match);
     const owner = dir === "." ? "." : dir;
     if (base === ".git") gitDirs.add(owner);
     else manifestDirs.add(owner);
@@ -4732,9 +5080,9 @@ async function discoverRepos(workspaceRoot, maxDepth = DEFAULT_MAX_DEPTH) {
   }
   repoRoots.sort((a, b) => a.localeCompare(b));
   return mapWithConcurrency(repoRoots, async (relDir) => {
-    const absDir = path29.resolve(workspaceRoot, relDir);
-    const pkg = await readJson(path29.join(absDir, "package.json"));
-    const name = typeof pkg?.name === "string" && pkg.name.length > 0 ? pkg.name : path29.basename(relDir === "." ? workspaceRoot : absDir);
+    const absDir = path30.resolve(workspaceRoot, relDir);
+    const pkg = await readJson(path30.join(absDir, "package.json"));
+    const name = typeof pkg?.name === "string" && pkg.name.length > 0 ? pkg.name : path30.basename(relDir === "." ? workspaceRoot : absDir);
     let role = "auto";
     try {
       const scan = await scanProject(absDir, "fast");
@@ -4777,7 +5125,7 @@ function renderWorkspaceYaml(config2) {
   });
 }
 async function runDiscover(workspaceRoot, opts = {}) {
-  const yamlPath = path29.join(workspaceRoot, "haus.workspace.yaml");
+  const yamlPath = path30.join(workspaceRoot, "haus.workspace.yaml");
   const existingText = await readText(yamlPath);
   const existing = parseWorkspaceConfig(existingText);
   if (existingText && !existing) {
@@ -4811,18 +5159,18 @@ async function runDiscover(workspaceRoot, opts = {}) {
 
 // src/commands/workspace/doctor.ts
 import { existsSync as existsSync3 } from "fs";
-import path31 from "path";
+import path32 from "path";
 
 // src/commands/workspace/manifest.ts
 import { readFileSync as readFileSync3 } from "fs";
-import path30 from "path";
+import path31 from "path";
 var MANIFEST_FILE = "workspace.manifest.json";
 function manifestPath(workspaceRoot) {
   return hausPath(workspaceRoot, MANIFEST_FILE);
 }
 function hausVersion() {
   try {
-    const pkg = JSON.parse(readFileSync3(path30.join(packageRoot(), "package.json"), "utf8"));
+    const pkg = JSON.parse(readFileSync3(path31.join(packageRoot(), "package.json"), "utf8"));
     return pkg.version ?? "0.0.0";
   } catch {
     return "0.0.0";
@@ -4888,7 +5236,7 @@ async function runWorkspaceDoctor(workspaceRoot, opts = {}) {
   }
   const manifestByName = new Map(manifest.repos.map((r) => [r.name, r]));
   for (const repo of config2.repos) {
-    const repoRoot = path31.resolve(workspaceRoot, repo.path);
+    const repoRoot = path32.resolve(workspaceRoot, repo.path);
     const entry = manifestByName.get(repo.name);
     if (!entry) {
       flag({
@@ -4962,11 +5310,11 @@ function emit(args) {
 
 // src/commands/workspace/setup.ts
 import { existsSync as existsSync4, statSync } from "fs";
-import path33 from "path";
+import path34 from "path";
 
 // src/claude/write-workspace-claude-md.ts
-import path32 from "path";
-import fs20 from "fs-extra";
+import path33 from "path";
+import fs21 from "fs-extra";
 function buildWorkspaceImportBlock(client, members) {
   const memberLines = members.map((m) => `- ${m.name} (${m.path})`);
   const body = [
@@ -4984,8 +5332,8 @@ ${BLOCK_END}`;
 async function writeWorkspaceClaudeMd(workspaceRoot, opts) {
   const block = buildWorkspaceImportBlock(opts.client, opts.members);
   const dryRun = opts.dryRun ?? false;
-  const filePath = opts.collision ? hausPath(workspaceRoot, "WORKSPACE.md") : path32.join(workspaceRoot, "CLAUDE.md");
-  const prev = await fs20.pathExists(filePath) ? await fs20.readFile(filePath, "utf8") : "";
+  const filePath = opts.collision ? hausPath(workspaceRoot, "WORKSPACE.md") : path33.join(workspaceRoot, "CLAUDE.md");
+  const prev = await fs21.pathExists(filePath) ? await fs21.readFile(filePath, "utf8") : "";
   const next = opts.collision ? `${block}
 ` : injectHausBlock(prev, block);
   const printable = displayPath(workspaceRoot, filePath);
@@ -5010,21 +5358,21 @@ async function writeWorkspaceClaudeMd(workspaceRoot, opts) {
 
 // src/commands/workspace/setup.ts
 function resolveWorkspaceRoot(start = process.cwd()) {
-  let dir = path33.resolve(start);
+  let dir = path34.resolve(start);
   for (; ; ) {
-    if (existsSync4(path33.join(dir, WORKSPACE_FILE))) return dir;
-    const parent = path33.dirname(dir);
-    if (parent === dir) return path33.resolve(start);
+    if (existsSync4(path34.join(dir, WORKSPACE_FILE))) return dir;
+    const parent = path34.dirname(dir);
+    if (parent === dir) return path34.resolve(start);
     dir = parent;
   }
 }
 function isRootRepo(workspaceRoot, repoPath) {
-  return path33.resolve(workspaceRoot, repoPath) === path33.resolve(workspaceRoot);
+  return path34.resolve(workspaceRoot, repoPath) === path34.resolve(workspaceRoot);
 }
 async function runWorkspaceSetup(workspaceRoot, options = {}) {
   const mode = options.mode ?? "fast";
   const apply = options.write ?? false;
-  const configText = await readText(path33.join(workspaceRoot, WORKSPACE_FILE));
+  const configText = await readText(path34.join(workspaceRoot, WORKSPACE_FILE));
   if (!configText) {
     error(`Missing ${WORKSPACE_FILE}. Run \`haus workspace discover\` or \`init\` first.`);
     process.exitCode = 1;
@@ -5041,7 +5389,7 @@ async function runWorkspaceSetup(workspaceRoot, options = {}) {
   const statuses = [];
   const aggregateInputs = [];
   for (const repo of repos) {
-    const repoRoot = path33.resolve(workspaceRoot, repo.path);
+    const repoRoot = path34.resolve(workspaceRoot, repo.path);
     log(`
 \u2192 ${repo.name} (${repo.path})`);
     try {
@@ -5110,7 +5458,7 @@ async function runWorkspaceSetup(workspaceRoot, options = {}) {
       const status = statusByName.get(repo.name);
       const role = repo.role ?? status?.roles?.[0] ?? "auto";
       if (status?.status === "ok") {
-        const lock = await checkLock(path33.resolve(workspaceRoot, repo.path));
+        const lock = await checkLock(path34.resolve(workspaceRoot, repo.path));
         manifestRepos.push({
           name: repo.name,
           path: repo.path,
@@ -5190,7 +5538,7 @@ relationships: []
   log("Workspace initialized.");
 }
 async function scanWorkspace(workspaceRoot, opts) {
-  const configText = await readText(path34.join(workspaceRoot, WORKSPACE_FILE));
+  const configText = await readText(path35.join(workspaceRoot, WORKSPACE_FILE));
   if (!configText) {
     error(`Missing ${WORKSPACE_FILE}. Run \`haus workspace discover\` or \`init\` first.`);
     process.exitCode = 1;
@@ -5211,7 +5559,7 @@ async function scanWorkspace(workspaceRoot, opts) {
   }
   const inputs = [];
   for (const repo of config2.repos) {
-    const repoRoot = path34.resolve(workspaceRoot, repo.path);
+    const repoRoot = path35.resolve(workspaceRoot, repo.path);
     if (!existsSync5(repoRoot) || !statSync2(repoRoot).isDirectory()) {
       throw new Error(`Repo path is not a directory: ${repo.path}`);
     }
@@ -5262,7 +5610,7 @@ async function runWorkspace(action, options = {}) {
 // src/cli.ts
 function cliVersion() {
   try {
-    const pkgPath = path35.join(packageRoot(), "package.json");
+    const pkgPath = path36.join(packageRoot(), "package.json");
     const pkg = JSON.parse(readFileSync4(pkgPath, "utf8"));
     return pkg.version ?? "0.0.0";
   } catch {
@@ -5272,7 +5620,7 @@ function cliVersion() {
 var program = new Command();
 function validateRuntimeNodeVersion() {
   try {
-    const pkgPath = path35.join(packageRoot(), "package.json");
+    const pkgPath = path36.join(packageRoot(), "package.json");
     const pkg = JSON.parse(readFileSync4(pkgPath, "utf8"));
     const requiredRange = pkg.engines?.node;
     if (requiredRange && !satisfiesVersion(process.version, requiredRange)) {