npm - @nick848/fet - Versions diffs - 1.1.11 → 1.1.12 - Mend

@nick848/fet 1.1.11 → 1.1.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/cli/index.js CHANGED Viewed

@@ -3000,6 +3000,390 @@ When the artifact is \`specs/<capability>/spec.md\` (or you edit spec files in t
 3. \u82F1\u6587\u89C4\u8303\u53E5\u6709\u4EFB\u4F55\u53D8\u52A8\u65F6\uFF0C**\u540C\u4E00\u6B21\u7F16\u8F91**\u5FC5\u987B\u540C\u6B65\u66F4\u65B0\u5BF9\u5E94\u4E2D\u6587\u6CE8\u91CA\u3002${uiBlock}`;
 }
+// src/templates/write-boundary.ts
+var WRITE_BOUNDARY_ALLOW_PREFIXES = ["src/", "openspec/"];
+var WRITE_BOUNDARY_ROOT_CONFIG_EXACT = [
+  ".gitignore",
+  ".gitattributes",
+  ".stylelintignore",
+  ".eslintignore",
+  ".prettierignore",
+  ".editorconfig",
+  ".npmrc",
+  ".nvmrc",
+  ".node-version",
+  ".checkrc.js",
+  "package.json",
+  "package-lock.json",
+  "pnpm-lock.yaml",
+  "yarn.lock",
+  "bun.lockb",
+  "npm-shrinkwrap.json"
+];
+var WRITE_BOUNDARY_ROOT_CONFIG_BASENAME_PREFIXES = [
+  ".eslintrc",
+  ".stylelintrc",
+  ".prettierrc",
+  ".stylelint",
+  "eslint.config",
+  "stylelint.config",
+  "prettier.config",
+  "tsconfig",
+  "vitest.config",
+  "vite.config",
+  "tsup.config",
+  "jest.config",
+  "rollup.config",
+  "webpack.config",
+  "babel.config",
+  "biome.json",
+  "deno.json",
+  "deno.jsonc"
+];
+function renderRootConfigPathList(language) {
+  const samples = language === "en" ? "`.gitignore`, `.stylelintignore`, `.stylelintrc*`, `.eslintrc*`, `eslint.config.*`, `.checkrc.js`, `package.json`, `package-lock.json`, `tsconfig*.json`, `.prettierrc*`, tool configs at repo root (`vitest.config.*`, `vite.config.*`, \u2026)" : "`.gitignore`\u3001`.stylelintignore`\u3001`.stylelintrc*`\u3001`.eslintrc*`\u3001`eslint.config.*`\u3001`.checkrc.js`\u3001`package.json`\u3001`package-lock.json`\u3001`tsconfig*.json`\u3001`.prettierrc*`\u3001\u4EE5\u53CA\u4ED3\u5E93\u6839\u76EE\u5F55\u4E0B\u7684 `vitest.config.*`\u3001`vite.config.*` \u7B49\u5DE5\u5177\u914D\u7F6E";
+  return samples;
+}
+function renderWriteBoundaryGuardrail(language) {
+  const rootList = renderRootConfigPathList(language);
+  if (language === "en") {
+    return `- Default write scope: \`src/**\`, \`openspec/**\`, and any \`**/.fet/**\`. All other paths need explicit user approval first.
+- **Repo-root config is high risk**: ${rootList} \u2014 list each file and why before editing; never change these silently.`;
+  }
+  return `- \u9ED8\u8BA4\u53EA\u5141\u8BB8\u4FEE\u6539 \`src/**\`\u3001\`openspec/**\` \u53CA\u4EFB\u610F \`**/.fet/**\`\uFF1B\u5176\u4F59\u8DEF\u5F84\u987B\u5148\u83B7\u7528\u6237\u660E\u786E\u540C\u610F\u3002
+- **\u4ED3\u5E93\u6839\u76EE\u5F55\u914D\u7F6E\u6587\u4EF6\u9AD8\u98CE\u9669**\uFF1A${rootList} \u2014 \u4FEE\u6539\u524D\u987B\u5217\u51FA\u6587\u4EF6\u4E0E\u539F\u56E0\uFF0C\u7981\u6B62\u64C5\u81EA\u6539\u52A8\u3002`;
+}
+function renderWriteBoundaryPolicyBody(language) {
+  if (language === "en") {
+    return `## Default allowed write scope
+- \`src/**\` \u2014 application/library source
+- \`openspec/**\` \u2014 OpenSpec specs and change artifacts
+- \`**/.fet/**\` \u2014 per-change FET handoff files (including \`openspec/changes/<id>/.fet/\`)
+## Ask the user first
+Before creating, editing, or deleting files **outside** the allowed scope:
+1. List every path you need to touch and why.
+2. Wait for explicit user approval (do not assume silence means yes).
+3. Prefer minimal diffs.
+Common paths that need approval: \`tests/**\`, \`.github/**\`, \`.workflow/**\`, \`.cursor/**\`, \`.codex/**\`, \`AGENTS.md\`, \`README*\`, \`.env*\`.
+## Repo-root config (always ask \u2014 never silent edit)
+These live at the **repository root** (no subdirectory). Treat every change as infrastructure impact:
+${renderRootConfigPathList(language)}
+Workflow:
+1. State **exact filenames** (e.g. \`package.json\`, \`.eslintrc.js\`, \`.gitignore\`).
+2. Explain **why** each file must change.
+3. Wait for **explicit user approval** before writing.
+4. Do not \u201Cfix lint/format\u201D by editing root configs unless the user requested that scope.
+## Forbidden without approval
+- Dependency or lockfile changes (\`package.json\`, \`package-lock.json\`, etc.) unless the user asked
+- Lint/format/tooling config at repo root (\`.eslintrc*\`, \`.stylelint*\`, \`.checkrc.js\`, \`.gitignore\`, \u2026) unless the user asked
+- Secrets or credential files
+- Using shell redirects or destructive git commands to bypass this policy
+## Cursor enforcement
+When \`.cursor/hooks/fet-guard-write-paths.mjs\` is installed, out-of-scope **write tools** trigger an approval prompt (\`permission: ask\`). Shell writes are gated by \`fet-guard-shell-writes.mjs\`. Rules alone are not sufficient\u2014keep hooks enabled after \`fet init\`.`;
+  }
+  return `## \u9ED8\u8BA4\u5141\u8BB8\u4FEE\u6539\u7684\u8303\u56F4
+- \`src/**\` \u2014 \u4E1A\u52A1/\u5E93\u6E90\u7801
+- \`openspec/**\` \u2014 OpenSpec \u89C4\u8303\u4E0E change \u4EA7\u7269
+- \`**/.fet/**\` \u2014 \u5404 change \u7684 FET \u4EA4\u63A5\u6587\u4EF6\uFF08\u542B \`openspec/changes/<id>/.fet/\`\uFF09
+## \u987B\u5148\u5F81\u5F97\u7528\u6237\u540C\u610F
+\u5728**\u5141\u8BB8\u8303\u56F4\u5916**\u521B\u5EFA\u3001\u4FEE\u6539\u6216\u5220\u9664\u6587\u4EF6\u4E4B\u524D\uFF1A
+1. \u5217\u51FA\u5C06\u8981\u4FEE\u6539\u7684\u8DEF\u5F84\u53CA\u539F\u56E0\u3002
+2. \u7B49\u5F85\u7528\u6237\u660E\u786E\u540C\u610F\uFF08\u4E0D\u8981\u9ED8\u8BA4\u6C89\u9ED8\u5373\u540C\u610F\uFF09\u3002
+3. \u4FDD\u6301\u6700\u5C0F\u6539\u52A8\u3002
+\u5E38\u89C1\u9700\u5BA1\u6279\u8DEF\u5F84\uFF1A\`tests/**\`\u3001\`.github/**\`\u3001\`.workflow/**\`\u3001\`.cursor/**\`\u3001\`.codex/**\`\u3001\`AGENTS.md\`\u3001\`README*\`\u3001\`.env*\`\u3002
+## \u4ED3\u5E93\u6839\u76EE\u5F55\u914D\u7F6E\uFF08\u59CB\u7EC8\u987B\u8BE2\u95EE\uFF0C\u7981\u6B62\u9759\u9ED8\u4FEE\u6539\uFF09
+\u4EE5\u4E0B\u6587\u4EF6\u4F4D\u4E8E**\u9879\u76EE\u6839\u76EE\u5F55**\uFF08\u8DEF\u5F84\u4E2D\u65E0\u5B50\u76EE\u5F55\uFF09\uFF0C\u4E00\u5F8B\u89C6\u4E3A\u57FA\u7840\u8BBE\u65BD\u7EA7\u6539\u52A8\uFF1A
+${renderRootConfigPathList(language)}
+\u6D41\u7A0B\uFF1A
+1. \u660E\u786E\u5217\u51FA**\u5B8C\u6574\u6587\u4EF6\u540D**\uFF08\u5982 \`package.json\`\u3001\`.eslintrc.js\`\u3001\`.gitignore\`\uFF09\u3002
+2. \u8BF4\u660E**\u6BCF\u9879\u4FEE\u6539\u7684\u539F\u56E0**\u3002
+3. \u83B7\u5F97\u7528\u6237**\u660E\u786E\u540C\u610F**\u540E\u518D\u5199\u5165\u3002
+4. \u4E0D\u8981\u4EE5\u300C\u987A\u4FBF\u4FEE lint/\u683C\u5F0F\u300D\u4E3A\u7531\u64C5\u81EA\u6539\u6839\u76EE\u5F55\u914D\u7F6E\u3002
+## \u672A\u7ECF\u540C\u610F\u7981\u6B62
+- \u64C5\u81EA\u6539\u4F9D\u8D56\u6216\u9501\u6587\u4EF6\uFF08\`package.json\`\u3001\`package-lock.json\` \u7B49\uFF09\uFF0C\u9664\u975E\u7528\u6237\u660E\u786E\u8981\u6C42
+- \u64C5\u81EA\u6539\u6839\u76EE\u5F55 lint/\u683C\u5F0F\u5316/\u5DE5\u5177\u94FE\u914D\u7F6E\uFF08\`.eslintrc*\`\u3001\`.stylelint*\`\u3001\`.checkrc.js\`\u3001\`.gitignore\` \u7B49\uFF09\uFF0C\u9664\u975E\u7528\u6237\u660E\u786E\u8981\u6C42
+- \u4FEE\u6539\u5BC6\u94A5\u6216\u51ED\u8BC1\u6587\u4EF6
+- \u7528 shell \u91CD\u5B9A\u5411\u6216\u7834\u574F\u6027 git \u547D\u4EE4\u7ED5\u8FC7\u672C\u7B56\u7565
+## Cursor \u786C\u95E8\u7981
+\u5B89\u88C5 \`.cursor/hooks/fet-guard-write-paths.mjs\` \u540E\uFF0C\u8D85\u51FA\u8303\u56F4\u7684**\u5199\u5DE5\u5177**\u4F1A\u5F39\u51FA\u5BA1\u6279\uFF08\`permission: ask\`\uFF09\uFF1B\`fet-guard-shell-writes.mjs\` \u7EA6\u675F\u53EF\u80FD\u5199\u6587\u4EF6\u7684 shell\u3002\u4EC5\u89C4\u5219\u4E0D\u591F\u2014\u2014\`fet init\` \u540E\u8BF7\u4FDD\u6301 hooks \u542F\u7528\u3002`;
+}
+function renderCursorWriteBoundaryRule(language) {
+  const description = language === "en" ? "FET write boundary: default edits only under src/, openspec/, and .fet/" : "FET \u5199\u8DEF\u5F84\u8FB9\u754C\uFF1A\u9ED8\u8BA4\u4EC5\u53EF\u6539 src/\u3001openspec/\u3001.fet/";
+  return `<!-- FET:MANAGED
+schemaVersion: 1
+fetVersion: ${FET_VERSION}
+generator: cursor-adapter
+adapterVersion: 1
+FET:END -->
+---
+description: ${description}
+alwaysApply: true
+---
+${renderWriteBoundaryPolicyBody(language)}
+${renderWriteBoundaryGuardrail(language)}
+`;
+}
+function renderCodexWriteBoundaryGuide(language) {
+  return `<!-- FET:MANAGED
+schemaVersion: 1
+fetVersion: ${FET_VERSION}
+generator: codex-adapter
+adapterVersion: 1
+FET:END -->
+# ${language === "en" ? "Write path boundary (Codex)" : "\u5199\u8DEF\u5F84\u8FB9\u754C\uFF08Codex\uFF09"}
+${renderWriteBoundaryPolicyBody(language)}
+${renderWriteBoundaryGuardrail(language)}
+`;
+}
+function renderCursorWritePathsHookMjs() {
+  const allowPrefixes = [...WRITE_BOUNDARY_ALLOW_PREFIXES];
+  const rootExact = [...WRITE_BOUNDARY_ROOT_CONFIG_EXACT];
+  const rootPrefixes = [...WRITE_BOUNDARY_ROOT_CONFIG_BASENAME_PREFIXES];
+  return `#!/usr/bin/env node
+/**
+ * FET:MANAGED
+ * adapterVersion: 1
+ * write-path guard for Cursor preToolUse (Write/StrReplace/EditNotebook/Delete).
+ */
+import { readFileSync } from "node:fs";
+const ALLOW_PREFIXES = ${JSON.stringify(allowPrefixes)};
+const ROOT_CONFIG_EXACT = ${JSON.stringify(rootExact)};
+const ROOT_CONFIG_PREFIXES = ${JSON.stringify(rootPrefixes)};
+function normalizePath(path) {
+  return String(path ?? "")
+    .replaceAll("\\\\", "/")
+    .replace(/^\\.\\/+/, "")
+    .replace(/^\\/+/u, "");
+}
+function isRootConfigPath(path) {
+  const normalized = normalizePath(path);
+  if (!normalized || normalized.includes("/")) return false;
+  const base = normalized.toLowerCase();
+  if (ROOT_CONFIG_EXACT.includes(base)) return true;
+  return ROOT_CONFIG_PREFIXES.some((prefix) => base === prefix || base.startsWith(prefix));
+}
+function classifyPath(path) {
+  const normalized = normalizePath(path);
+  if (!normalized) return "ask";
+  for (const prefix of ALLOW_PREFIXES) {
+    const bare = prefix.endsWith("/") ? prefix.slice(0, -1) : prefix;
+    if (normalized === bare || normalized.startsWith(prefix)) return "allow";
+  }
+  if (normalized.startsWith(".fet/") || normalized.includes("/.fet/")) return "allow";
+  if (isRootConfigPath(normalized)) return "root_config";
+  return "ask";
+}
+function extractPaths(payload) {
+  const paths = [];
+  const tool = payload?.tool_name ?? payload?.toolName ?? "";
+  const input = payload?.tool_input ?? payload?.toolInput ?? payload?.input ?? {};
+  if (tool === "Write" || tool === "StrReplace" || tool === "Delete") {
+    if (input.path) paths.push(input.path);
+  }
+  if (tool === "EditNotebook" && input.target_notebook) {
+    paths.push(input.target_notebook);
+  }
+  return paths;
+}
+function respond(decision, paths) {
+  if (decision === "allow") {
+    process.stdout.write(JSON.stringify({ permission: "allow" }));
+    return;
+  }
+  const list = paths.map((p) => normalizePath(p)).filter(Boolean).join(", ") || "(unknown path)";
+  const hasRootConfig = paths.some((p) => classifyPath(p) === "root_config");
+  const msg = hasRootConfig
+    ? "FET: repo-root config file(s) require your explicit approval (.gitignore, package.json, .eslintrc*, .stylelint*, .checkrc.js, lockfiles, etc.). Approve only if you requested this tooling change."
+    : "FET write boundary: this edit is outside src/, openspec/, or **/.fet/. Approve only if you intend to modify protected paths.";
+  process.stdout.write(
+    JSON.stringify({
+      permission: "ask",
+      user_message: msg + " Paths: " + list,
+      agent_message: hasRootConfig
+        ? "Repo-root config edit blocked. Explain why each root config file must change and wait for user approval."
+        : "Out-of-scope write blocked pending user approval. List why each path is needed, then retry after approval."
+    })
+  );
+}
+const raw = readFileSync(0, "utf8");
+let payload = {};
+try {
+  payload = JSON.parse(raw || "{}");
+} catch {
+  process.stdout.write(JSON.stringify({ permission: "ask", user_message: "FET write guard: invalid hook payload." }));
+  process.exit(0);
+}
+const paths = extractPaths(payload);
+if (paths.length === 0) {
+  respond("allow", paths);
+  process.exit(0);
+}
+const decisions = paths.map((p) => classifyPath(p));
+if (decisions.every((d) => d === "allow")) {
+  respond("allow", paths);
+} else {
+  respond("ask", paths);
+}
+process.exit(0);
+`;
+}
+function renderCursorShellWriteHookMjs() {
+  return `#!/usr/bin/env node
+/**
+ * FET:MANAGED
+ * adapterVersion: 1
+ * shell guard for commands that may write outside the FET write boundary.
+ */
+import { readFileSync } from "node:fs";
+const REDIRECT = />\\s*[^\\s|&;]+/;
+const GIT_WRITE = /\\bgit\\s+(checkout|restore|reset|clean|apply)\\b/i;
+const PKG_WRITE = /\\b(npm|pnpm|yarn|bun)\\s+(install|ci|add|remove|update)\\b/i;
+const STREAM_EDIT = /\\b(sed|perl)\\s+[^\\n]*-i\\b/i;
+const TEE = /\\btee\\s+[^|;&\\n]+/i;
+function respondAsk(command, reason) {
+  process.stdout.write(
+    JSON.stringify({
+      permission: "ask",
+      user_message: "FET shell guard: " + reason,
+      agent_message: "Shell command may modify files outside src/openspec/.fet. Command: " + command
+    })
+  );
+}
+const raw = readFileSync(0, "utf8");
+let payload = {};
+try {
+  payload = JSON.parse(raw || "{}");
+} catch {
+  respondAsk("", "invalid hook payload");
+  process.exit(0);
+}
+const command = String(payload?.command ?? "");
+if (!command.trim()) {
+  process.stdout.write(JSON.stringify({ permission: "allow" }));
+  process.exit(0);
+}
+if (
+  REDIRECT.test(command) ||
+  GIT_WRITE.test(command) ||
+  PKG_WRITE.test(command) ||
+  STREAM_EDIT.test(command) ||
+  TEE.test(command)
+) {
+  respondAsk(command, "command may write or replace project files outside the default FET scope");
+  process.exit(0);
+}
+process.stdout.write(JSON.stringify({ permission: "allow" }));
+process.exit(0);
+`;
+}
+function renderCursorHooksJson() {
+  return JSON.stringify(
+    {
+      version: 1,
+      _fet: {
+        writeBoundary: true,
+        fetVersion: FET_VERSION
+      },
+      hooks: {
+        preToolUse: [
+          {
+            command: ".cursor/hooks/fet-guard-write-paths.mjs",
+            matcher: "Write|StrReplace|EditNotebook|Delete",
+            failClosed: true
+          }
+        ],
+        beforeShellExecution: [
+          {
+            command: ".cursor/hooks/fet-guard-shell-writes.mjs",
+            failClosed: true
+          }
+        ]
+      }
+    },
+    null,
+    2
+  );
+}
+function mergeCursorHooksJson(existingContent, fetContent) {
+  const fet = JSON.parse(fetContent);
+  if (!existingContent?.trim()) {
+    return fetContent;
+  }
+  let existing;
+  try {
+    existing = JSON.parse(existingContent);
+  } catch {
+    return fetContent;
+  }
+  const merged = {
+    version: existing.version ?? fet.version ?? 1,
+    _fet: { ...existing._fet, ...fet._fet, writeBoundary: true },
+    hooks: { ...existing.hooks }
+  };
+  for (const [event, fetEntries] of Object.entries(fet.hooks ?? {})) {
+    const current = [...merged.hooks?.[event] ?? []];
+    for (const entry of fetEntries) {
+      const duplicate = current.some((item) => item.command === entry.command);
+      if (!duplicate) {
+        current.push(entry);
+      }
+    }
+    merged.hooks = merged.hooks ?? {};
+    merged.hooks[event] = current;
+  }
+  return `${JSON.stringify(merged, null, 2)}
+`;
+}
 // src/commands/update-context.ts
 async function updateContextCommand(ctx) {
   let contextResult = { warnings: [] };
@@ -6385,6 +6769,7 @@ Before doing FET or OpenSpec work in Codex, read:
 - .codex/fet/spec-language.md when writing or updating OpenSpec specs
 - openspec/changes/<change-id>/.fet/figma-apply-instructions.md before UI work when FET apply reports Figma links
 - .codex/fet/ui-display-contract.md when UI binds API data; openspec/changes/<change-id>/.fet/ui-display-contract.yaml when present
+- .codex/fet/write-boundary.md for default edit scope (src/, openspec/, .fet/ only; ask before other paths)
 - the active change files under openspec/changes/<change-id>/, when a change is selected
 If GitNexus code graph context is available in the IDE or MCP tools, prefer it before broad repository scans. Use it to identify relevant modules, dependencies, and insertion points, then read only the concrete source files needed. If GitNexus is unavailable, continue with the normal FET/OpenSpec workflow.
@@ -6406,6 +6791,7 @@ ${languageInstruction(language)}
 - \u6309 Figma \u5B9E\u73B0 UI \u65F6\u9605\u8BFB .codex/fet/figma-stop.md\uFF1B\u6709 figma-apply-instructions.md \u65F6\u5FC5\u987B\u5728\u6539 UI \u524D\u5B8C\u6574\u6267\u884C
 - \u7F16\u5199\u6216\u66F4\u65B0 spec \u65F6\u9605\u8BFB .codex/fet/spec-language.md\uFF08\u82F1\u6587\u89C4\u8303 + \u540C\u6B21\u7F16\u8F91\u7EF4\u62A4\u4E2D\u6587\u6CE8\u91CA\uFF09
 - \u7ED1\u5B9A\u63A5\u53E3\u7684 UI \u9605\u8BFB .codex/fet/ui-display-contract.md\uFF1B\u5B58\u5728 ui-display-contract.yaml \u65F6\u5B9E\u65BD\u524D\u987B\u786E\u8BA4 displayFields
+- \u4FEE\u6539\u6587\u4EF6\u524D\u9605\u8BFB .codex/fet/write-boundary.md\uFF08\u9ED8\u8BA4\u4EC5 src/\u3001openspec/\u3001.fet/\uFF1B\u5176\u5B83\u8DEF\u5F84\u987B\u7528\u6237\u660E\u786E\u540C\u610F\uFF09
 - \u5982\u679C\u5DF2\u9009\u62E9 change\uFF0C\u9605\u8BFB openspec/changes/<change-id>/ \u4E0B\u7684\u5F53\u524D\u4EA7\u7269
 \u5982\u679C IDE \u6216 MCP \u5DE5\u5177\u4E2D\u53EF\u7528 GitNexus \u4EE3\u7801\u56FE\u4E0A\u4E0B\u6587\uFF0C\u5148\u7528\u5B83\u7F29\u5C0F\u4ED3\u5E93\u626B\u63CF\u8303\u56F4\uFF1B\u7528\u56FE\u8BC6\u522B\u76F8\u5173\u6A21\u5757\u3001\u4F9D\u8D56\u548C\u63D2\u5165\u70B9\uFF0C\u518D\u53EA\u8BFB\u53D6\u9700\u8981\u786E\u8BA4\u884C\u4E3A\u7684\u5177\u4F53\u6E90\u7801\u6587\u4EF6\u3002GitNexus \u4E0D\u53EF\u7528\u65F6\uFF0C\u6309\u666E\u901A FET/OpenSpec \u5DE5\u4F5C\u6D41\u7EE7\u7EED\u3002
@@ -6444,12 +6830,19 @@ function codexUiDisplayContractFile(language = DEFAULT_LANGUAGE) {
     content: renderCodexUiDisplayContractGuide(language)
   };
 }
+function codexWriteBoundaryFile(language = DEFAULT_LANGUAGE) {
+  return {
+    path: ".codex/fet/write-boundary.md",
+    content: renderCodexWriteBoundaryGuide(language)
+  };
+}
 function codexCommandFiles(language = DEFAULT_LANGUAGE) {
   return [
     codexKarpathyGuidelinesFile(language),
     codexFigmaStopFile(language),
     codexUiDisplayContractFile(language),
     codexSpecLanguageFile(language),
+    codexWriteBoundaryFile(language),
     ...FET_ADAPTER_COMMANDS.map((command) => ({
       path: `.codex/fet/commands/${command}.md`,
       content: renderCommand(command, language)
@@ -6491,6 +6884,9 @@ function renderCommand(command, language) {
   if (command.startsWith("graph-")) {
     return renderGraphCommand(command, language);
   }
+  if (command === "tdd" || command === "test" || command === "visual") {
+    return renderStandaloneWorkflowCommand(command, language);
+  }
   const usage = renderFetAdapterUsage(command, "");
   return `<!-- FET:MANAGED
 schemaVersion: 1
@@ -6521,11 +6917,16 @@ ${usage}
 If the command needs a change id, pass it with \`--change <change-id>\` or use the active OpenSpec change from the user's request.
 After the command completes, report the important next steps from the FET output and keep any generated OpenSpec artifacts in the normal project workflow.
+${renderWriteBoundaryGuardrail(language)}
 `;
 }
 function renderCommandZh(command) {
   const usage = renderFetAdapterUsage(command, command === "fill-context" ? "" : command === "passthrough" ? "<openspec-command> [...args]" : "");
   const title = commandTitleZh(command);
+  if (command === "tdd" || command === "test" || command === "visual") {
+    return renderStandaloneWorkflowCommand(command, "zh-CN");
+  }
   if (command === "graph-setup") {
     return `<!-- FET:MANAGED
 schemaVersion: 1
@@ -6583,6 +6984,8 @@ ${usage}
 \u5982\u679C\u547D\u4EE4\u9700\u8981 change id\uFF0C\u4F18\u5148\u4F7F\u7528\u7528\u6237\u8F93\u5165\u3001\`--change <change-id>\`\u3001FET active change \u6216\u552F\u4E00\u6253\u5F00\u7684 change\u3002\u5B58\u5728\u6B67\u4E49\u65F6\u5148\u8BE2\u95EE\u7528\u6237\u3002
 \u6267\u884C\u5B8C\u6210\u540E\uFF0C\u7528\u4E2D\u6587\u603B\u7ED3\u5173\u952E\u8F93\u51FA\u3001\u751F\u6210\u6216\u66F4\u65B0\u7684\u6587\u4EF6\uFF0C\u4EE5\u53CA\u4E0B\u4E00\u6B65\u5EFA\u8BAE\u3002
+${renderWriteBoundaryGuardrail("zh-CN")}
 `;
 }
 function renderPassthroughCommand(language) {
@@ -6699,6 +7102,9 @@ function renderSlashPrompt(command, language) {
   if (command === "apply") {
     return renderApplySlashPrompt(language);
   }
+  if (command === "tdd" || command === "test" || command === "visual") {
+    return renderStandaloneWorkflowSlashPrompt(command, language);
+  }
   if (command === "verify") {
     return renderVerifySlashPrompt(language);
   }
@@ -6760,6 +7166,9 @@ function renderSlashPromptZh(command) {
   if (command === "graph-setup") {
     return renderGraphSetupSlashPrompt("zh-CN");
   }
+  if (command === "tdd" || command === "test" || command === "visual") {
+    return renderStandaloneWorkflowSlashPrompt(command, "zh-CN");
+  }
   const usage = renderFetAdapterUsage(command, command === "fill-context" ? "" : command === "passthrough" ? "<openspec-command> [...args]" : "[...args]");
   const argumentHint = command === "passthrough" ? "openspec-command [...args]" : void 0;
   const argumentHintLine = argumentHint ? `argument-hint: ${argumentHint}
@@ -6800,9 +7209,10 @@ ${commandGoalZh(command)}
 - \u9ED8\u8BA4\u4F7F\u7528\u4E2D\u6587\u4EA7\u51FA\u3002
 - \u4E0D\u8981\u7ED5\u8FC7 FET \u76F4\u63A5\u8C03\u7528 openspec\uFF0C\u9664\u975E FET \u547D\u4EE4\u672C\u8EAB\u4E0D\u53EF\u7528\u3002
 - change \u4E0D\u660E\u786E\u65F6\u5148\u8BE2\u95EE\u7528\u6237\u3002
-${command === "fill-context" ? "- fet fill-context \u53EF\u80FD\u5DF2\u5199\u5165\u5C0F\u7A0B\u5E8F\u5305\u4F53\u79EF\u4E0E 2MB \u7EA6\u675F\uFF0C\u4E0D\u8981\u8986\u76D6\u8BE5\u8282\u4E2D\u7684\u626B\u63CF\u7ED3\u679C\uFF0C\u9664\u975E\u4ED3\u5E93\u7ED3\u6784\u5DF2\u53D8\u3002\n- \u66FF\u6362 AGENTS.md \u4E2D\u5176\u4F59 [NEEDS LLM INPUT] \u5360\u4F4D\u7B26\uFF0C\u4FDD\u7559 FET \u6258\u7BA1\u6807\u8BB0\uFF0C\u4E0D\u8981\u4FEE\u6539\u4E1A\u52A1\u4EE3\u7801\u3002\n" : ""}${command === "propose" || command === "continue" || command === "ff" ? "- \u4E00\u6B21\u53EA\u521B\u5EFA\u4E00\u4E2A ready artifact\uFF0C\u5E76\u5728\u5199\u5165\u524D\u9605\u8BFB\u4F9D\u8D56\u6587\u4EF6\u3002\n" : ""}${command === "propose" || command === "continue" || command === "ff" ? "- \u4E0D\u8981\u5728\u7528\u6237\u5BA1\u9605\u5F53\u524D\u4EA7\u7269\u524D\u81EA\u52A8\u8FD0\u884C fet continue\u3001fet ff \u6216\u5FAA\u73AF\u751F\u6210\u540E\u7EED\u4EA7\u7269\uFF1B\u9700\u8981\u7528\u6237\u660E\u786E\u786E\u8BA4\u540E\u518D\u63A8\u8FDB\u3002\n" : ""}${command === "propose" || command === "continue" || command === "ff" || command === "sync" ? `${renderSpecArtifactGuardrail("zh-CN")}
+${renderWriteBoundaryGuardrail("zh-CN")}
+${command === "fill-context" ? "- fet fill-context \u53EF\u80FD\u5DF2\u5199\u5165\u5C0F\u7A0B\u5E8F\u5305\u4F53\u79EF\u4E0E 2MB \u7EA6\u675F\uFF0C\u4E0D\u8981\u8986\u76D6\u8BE5\u8282\u4E2D\u7684\u626B\u63CF\u7ED3\u679C\uFF0C\u9664\u975E\u4ED3\u5E93\u7ED3\u6784\u5DF2\u53D8\u3002\n- \u66FF\u6362 AGENTS.md \u4E2D\u5176\u4F59 [NEEDS LLM INPUT] \u5360\u4F4D\u7B26\uFF0C\u4FDD\u7559 FET \u6258\u7BA1\u6807\u8BB0\uFF0C\u4E0D\u8981\u4FEE\u6539\u4E1A\u52A1\u4EE3\u7801\uFF1B\u4FEE\u6539 AGENTS.md \u5C5E\u4E8E\u5141\u8BB8\u8303\u56F4\u5916\u8DEF\u5F84\uFF0C\u987B\u5728\u672C\u8F6E\u5DF2\u83B7\u5F97\u7528\u6237\u540C\u610F\u3002\n" : ""}${command === "propose" || command === "continue" || command === "ff" ? "- \u4E00\u6B21\u53EA\u521B\u5EFA\u4E00\u4E2A ready artifact\uFF0C\u5E76\u5728\u5199\u5165\u524D\u9605\u8BFB\u4F9D\u8D56\u6587\u4EF6\u3002\n" : ""}${command === "propose" || command === "continue" || command === "ff" ? "- \u4E0D\u8981\u5728\u7528\u6237\u5BA1\u9605\u5F53\u524D\u4EA7\u7269\u524D\u81EA\u52A8\u8FD0\u884C fet continue\u3001fet ff \u6216\u5FAA\u73AF\u751F\u6210\u540E\u7EED\u4EA7\u7269\uFF1B\u9700\u8981\u7528\u6237\u660E\u786E\u786E\u8BA4\u540E\u518D\u63A8\u8FDB\u3002\n" : ""}${command === "propose" || command === "continue" || command === "ff" || command === "sync" ? `${renderSpecArtifactGuardrail("zh-CN")}
 ` : ""}${command === "propose" || command === "continue" || command === "ff" ? `${renderUiDisplayContractGuardrail("zh-CN")}
-` : ""}${command === "apply" ? "- \u4E0D\u8981\u5728\u672A\u5B8C\u6210\u771F\u5B9E\u5B9E\u73B0\u524D\u52FE\u9009 tasks.md\uFF1B\u4E0D\u8981\u4ECE apply \u9636\u6BB5\u76F4\u63A5 sync \u6216 archive\u3002\n- \u82E5\u5B58\u5728 openspec/changes/<change-id>/.fet/figma-apply-instructions.md\uFF0C\u5FC5\u987B\u5148\u8BFB Figma\uFF08MCP/API\uFF09\u518D\u6539 UI\uFF1B\u5931\u8D25\u5219\u505C\u4E0B\u95EE\u7528\u6237\uFF0C\u7981\u6B62\u731C\u6837\u5F0F\u3002\n- \u82E5\u5B58\u5728 openspec/changes/<change-id>/.fet/ui-display-contract.yaml\uFF0C\u5B9E\u65BD\u7ED1\u5B9A\u63A5\u53E3\u7684 UI \u524D\u987B\u786E\u8BA4 displayFields\uFF0C\u7981\u6B62\u6309 OpenAPI \u5168\u91CF\u5C55\u793A\u3002\n" : ""}`;
+` : ""}${command === "apply" ? "- \u4E0D\u8981\u5728\u672A\u5B8C\u6210\u771F\u5B9E\u5B9E\u73B0\u524D\u52FE\u9009 tasks.md\uFF1B\u4E0D\u8981\u4ECE apply \u9636\u6BB5\u76F4\u63A5 sync \u6216 archive\u3002\n- \u5B9E\u65BD\u524D\u987B\u5DF2\u8FD0\u884C fet tdd\uFF1B\u5B58\u5728 tdd-manifest.yaml \u65F6\u6309\u6E05\u5355\u7F16\u5199\u6D4B\u8BD5\u4E0E\u5B9E\u73B0\uFF0Cfet verify \u524D\u5148 fet test\u3002\n- \u82E5\u5B58\u5728 openspec/changes/<change-id>/.fet/figma-apply-instructions.md\uFF0C\u5FC5\u987B\u5148\u8BFB Figma\uFF08MCP/API\uFF09\u518D\u6539 UI\uFF1B\u5931\u8D25\u5219\u505C\u4E0B\u95EE\u7528\u6237\uFF0C\u7981\u6B62\u731C\u6837\u5F0F\u3002\n- \u82E5\u5B58\u5728 openspec/changes/<change-id>/.fet/ui-display-contract.yaml\uFF0C\u5B9E\u65BD\u7ED1\u5B9A\u63A5\u53E3\u7684 UI \u524D\u987B\u786E\u8BA4 displayFields\uFF0C\u7981\u6B62\u6309 OpenAPI \u5168\u91CF\u5C55\u793A\u3002\n" : ""}`;
 }
 function commandTitleZh(command) {
   const titles = {
@@ -6876,7 +7286,9 @@ First run:
 fet fill-context
 \`\`\`
-Then read AGENTS.md and openspec/config.yaml, inspect the project, and replace every [NEEDS LLM INPUT] or [NEED LLM INPUT] placeholder in AGENTS.md with concrete project-specific content. Preserve FET managed markers and do not modify business code.
+Then read AGENTS.md and openspec/config.yaml, inspect the project, and replace every [NEEDS LLM INPUT] or [NEED LLM INPUT] placeholder in AGENTS.md with concrete project-specific content. Preserve FET managed markers and do not modify business code. Editing AGENTS.md is outside the default write scope\u2014confirm user approval first.
+${renderWriteBoundaryGuardrail(language)}
 `;
 }
 function renderFillContextSlashPrompt(language) {
@@ -6912,7 +7324,9 @@ Steps:
 Guardrails:
 - Do not invent facts that cannot be inferred from the repo.
 - Use [UNKNOWN] only when the repository does not contain enough evidence.
-- Keep generated context stable and useful for future AI coding sessions.`,
+- Keep generated context stable and useful for future AI coding sessions.
+- Editing AGENTS.md is outside the default write scope; confirm user approval first (see .codex/fet/write-boundary.md).
+${renderWriteBoundaryGuardrail(language)}`,
     void 0,
     language
   );
@@ -6981,14 +7395,16 @@ Steps:
    - Follow proposal, specs, design, and tasks.
    - Mark each completed task checkbox in tasks.md from \`- [ ]\` to \`- [x]\`.
    - Pause and ask if a task is ambiguous or reveals a design conflict.
-8. After completing or pausing, summarize completed tasks, remaining tasks, and blockers.
+8. Run \`fet tdd --change <change-id>\` before implementation when no \`tdd-manifest.yaml\` exists yet; after coding run \`fet test --change <change-id>\` before \`fet verify\`.
+9. After completing or pausing, summarize completed tasks, remaining tasks, and blockers.
 Guardrails:
 - Never skip reading OpenSpec artifacts before implementation.
 - When Figma links exist for this change, never implement or restyle UI without reading Figma first.
 - When ui-display-contract.yaml exists, API schemas are not UI checklists\u2014only displayFields may render.
 - Do not mark a task complete until the code change is actually done.
-- Do not run sync or archive from apply.`,
+- Do not run sync or archive from apply.
+${renderWriteBoundaryGuardrail(language)}`,
     void 0,
     language
   );
@@ -7415,8 +7831,97 @@ ${languageInstruction(language)}
 ${graphContextInstruction}
 ${body}
+${renderWriteBoundaryGuardrail(language)}
 `;
 }
+function renderStandaloneWorkflowCommand(command, language) {
+  const usage = renderFetAdapterUsage(command, "");
+  const { title, body } = standaloneWorkflowCopy(command, language);
+  return `<!-- FET:MANAGED
+schemaVersion: 1
+fetVersion: ${FET_VERSION}
+generator: codex-adapter
+adapterVersion: 1
+command: ${usage}
+FET:END -->
+# ${usage}
+${renderIdeModelPolicy(command, language)}
+${languageInstruction(language)}
+## ${language === "en" ? "Purpose" : "\u7528\u9014"}
+${title}
+## ${language === "en" ? "Workflow" : "\u5DE5\u4F5C\u6D41"}
+${body}
+${renderWriteBoundaryGuardrail(language)}
+`;
+}
+function renderStandaloneWorkflowSlashPrompt(command, language) {
+  const usage = renderFetAdapterUsage(command, "[...args]");
+  const { title, body, description } = standaloneWorkflowCopy(command, language);
+  return renderManagedSlashPrompt(
+    usage,
+    description,
+    `${title}
+Steps:
+1. Read AGENTS.md, openspec/config.yaml, .codex/fet/karpathy-guidelines.md, and .codex/fet/write-boundary.md.
+2. Resolve the change id when needed (\`--change <change-id>\` or active change).
+3. Run:
+   \`\`\`sh
+   ${renderFetAdapterUsage(command, "")}
+   \`\`\`
+4. ${body}
+5. Summarize outputs, paths written under openspec/changes/<change-id>/.fet/, and next steps.
+Guardrails:
+- ${body.split("\n")[0]}
+${renderWriteBoundaryGuardrail(language)}`,
+    void 0,
+    language
+  );
+}
+function standaloneWorkflowCopy(command, language) {
+  if (command === "tdd") {
+    return language === "en" ? {
+      description: "Generate per-change TDD manifest and test instructions",
+      title: "Generate the TDD manifest before implementation.",
+      body: "After planning artifacts exist, run this before `fet apply`. It writes `openspec/changes/<change-id>/.fet/tdd-manifest.yaml`, `tdd-spec.md`, and `tdd-instructions.md`. Then add failing tests in the repo before implementation (tests/ edits need user approval per write-boundary)."
+    } : {
+      description: "\u751F\u6210\u672C change \u7684 TDD \u6E05\u5355\u4E0E\u6D4B\u8BD5\u6307\u5F15",
+      title: "\u5728\u5B9E\u65BD\u524D\u751F\u6210 TDD \u6E05\u5355\u3002",
+      body: "\u89C4\u5212\u4EA7\u7269\u5C31\u7EEA\u540E\u3001\u6267\u884C `fet apply` \u4E4B\u524D\u8FD0\u884C\u3002\u4F1A\u5199\u5165 `openspec/changes/<change-id>/.fet/tdd-manifest.yaml`\u3001`tdd-spec.md`\u3001`tdd-instructions.md`\uFF0C\u518D\u5728\u4ED3\u5E93\u4E2D\u7F16\u5199\u9884\u671F\u5931\u8D25\u7684\u6D4B\u8BD5\uFF08\u4FEE\u6539 tests/ \u987B\u7B26\u5408 write-boundary\uFF0C\u5148\u83B7\u7528\u6237\u540C\u610F\uFF09\u3002"
+    };
+  }
+  if (command === "test") {
+    return language === "en" ? {
+      description: "Run unit tests scoped to the change TDD manifest",
+      title: "Run change-scoped tests after implementation.",
+      body: "Requires `tdd-manifest.yaml`. Records pass/fail in FET state; `fet verify` is blocked until this passes (unless configured to skip)."
+    } : {
+      description: "\u6309 change TDD \u6E05\u5355\u8FD0\u884C\u5355\u6D4B",
+      title: "\u5B9E\u73B0\u5B8C\u6210\u540E\u6309 change \u8FD0\u884C\u6D4B\u8BD5\u3002",
+      body: "\u9700\u8981\u6709\u6548\u7684 `tdd-manifest.yaml`\u3002\u7ED3\u679C\u5199\u5165 FET \u72B6\u6001\uFF1B\u672A\u901A\u8FC7\u524D `fet verify` \u4F1A\u88AB\u62E6\u622A\uFF08\u9664\u975E\u914D\u7F6E\u4E3A skip\uFF09\u3002"
+    };
+  }
+  return language === "en" ? {
+    description: "Layout-only visual verification for a change",
+    title: "Run layout-only visual checks for the change.",
+    body: "Default `fet visual` refreshes the manifest, captures with Playwright (`--base-url` required), and runs layout-only checks (no pixel match on dynamic API content). Use `--plan`, `--capture-only`, or `--check-layout-only` only when debugging."
+  } : {
+    description: "change \u7EA7 layout-only \u89C6\u89C9\u9A8C\u6536",
+    title: "\u5BF9 change \u505A layout-only \u89C6\u89C9\u9A8C\u6536\u3002",
+    body: "\u9ED8\u8BA4 `fet visual` \u4F1A\u66F4\u65B0\u6E05\u5355\u3001Playwright \u622A\u56FE\uFF08\u9700 `--base-url`\uFF09\u5E76\u505A layout-only \u68C0\u67E5\uFF08\u4E0D\u5BF9\u52A8\u6001\u63A5\u53E3\u5185\u5BB9\u505A\u50CF\u7D20\u5BF9\u6BD4\uFF09\u3002\u4EC5\u5728\u8C03\u8BD5\u65F6\u4F7F\u7528 `--plan`\u3001`--capture-only`\u3001`--check-layout-only`\u3002"
+  };
+}
 // src/adapters/codex/index.ts
 var CodexAdapter = class {
@@ -7536,6 +8041,28 @@ function cursorSpecLanguageRuleFile(language = DEFAULT_LANGUAGE) {
     content: renderCursorSpecLanguageRule(language)
   };
 }
+function cursorWriteBoundaryRuleFile(language = DEFAULT_LANGUAGE) {
+  return {
+    path: ".cursor/rules/fet-write-boundary.mdc",
+    content: renderCursorWriteBoundaryRule(language)
+  };
+}
+function cursorHookFiles() {
+  return [
+    {
+      path: ".cursor/hooks/fet-guard-write-paths.mjs",
+      content: renderCursorWritePathsHookMjs()
+    },
+    {
+      path: ".cursor/hooks/fet-guard-shell-writes.mjs",
+      content: renderCursorShellWriteHookMjs()
+    },
+    {
+      path: ".cursor/hooks.json",
+      content: renderCursorHooksJson()
+    }
+  ];
+}
 function cursorUiDisplayContractRuleFile(language = DEFAULT_LANGUAGE) {
   return {
     path: ".cursor/rules/fet-ui-display-contract.mdc",
@@ -7545,6 +8072,7 @@ function cursorUiDisplayContractRuleFile(language = DEFAULT_LANGUAGE) {
 function cursorRuleFiles(language = DEFAULT_LANGUAGE) {
   return [
     cursorRuleFile(language),
+    cursorWriteBoundaryRuleFile(language),
     cursorFigmaStopRuleFile(language),
     cursorUiDisplayContractRuleFile(language),
     cursorSpecLanguageRuleFile(language)
@@ -7582,6 +8110,7 @@ ${languageInstruction(language)}
 - \u6309 Figma \u5B9E\u73B0 UI \u65F6\u9075\u5B88 \`.cursor/rules/fet-figma-stop.mdc\`\uFF1B\u82E5\u5B58\u5728 \`openspec/changes/<change-id>/.fet/figma-apply-instructions.md\` \u5FC5\u987B\u5728\u6539 UI \u524D\u5B8C\u6574\u6267\u884C\uFF1B\u540C\u76EE\u5F55 \`figma-stop.md\` \u542B\u94FE\u63A5\u4E0E\u505C\u6B62\u89C4\u5219\u3002
 - \u7F16\u5199\u6216\u4FEE\u6539 OpenSpec \`specs/**/spec.md\` \u65F6\u9075\u5B88 \`.cursor/rules/fet-spec-language.mdc\`\uFF08\u82F1\u6587\u89C4\u8303 + \`<!-- \u4E2D\u6587\uFF1A... -->\`\uFF0C\u540C\u6B21\u7F16\u8F91\u540C\u6B65\u66F4\u65B0\u4E2D\u6587\u8BF4\u660E\uFF09\u3002
 - \u7ED1\u5B9A\u63A5\u53E3\u7684 UI \u9075\u5B88 \`.cursor/rules/fet-ui-display-contract.mdc\`\uFF1B\u5B58\u5728 \`openspec/changes/<change-id>/.fet/ui-display-contract.yaml\` \u65F6\u5B9E\u65BD\u524D\u987B\u786E\u8BA4 displayFields\u3002
+- \u4FEE\u6539\u6587\u4EF6\u65F6\u9075\u5B88 \`.cursor/rules/fet-write-boundary.mdc\`\uFF08\u9ED8\u8BA4\u4EC5 \`src/**\`\u3001\`openspec/**\`\u3001\`**/.fet/**\`\uFF1B\u5176\u5B83\u8DEF\u5F84\u987B\u7528\u6237\u660E\u786E\u540C\u610F\uFF09\u3002Cursor hooks \u4F1A\u5BF9\u8D8A\u754C\u5199\u5165\u5F39\u51FA\u5BA1\u6279\u3002
 \u5982\u679C\u7528\u6237\u8F93\u5165\u7C7B\u4F3C \`/fet apply\` \u7684\u8BF7\u6C42\uFF0C\u8BF7\u628A\u5B83\u89C6\u4E3A\u5DE5\u4F5C\u6D41\u610F\u56FE\uFF0C\u5E76\u63D0\u793A\u6216\u6267\u884C\u5BF9\u5E94\u7684\u7EC8\u7AEF\u547D\u4EE4 \`fet <cmd>\`\u3002
 `
@@ -7617,7 +8146,9 @@ ${languageInstruction(language)}
 \`fet fill-context\` \u53EF\u80FD\u5DF2\u5199\u5165\u5C0F\u7A0B\u5E8F\u5305\u4F53\u79EF\u8868\u4E0E 2MB \u5F00\u53D1\u7EA6\u675F\uFF0C\u4E0D\u8981\u8986\u76D6 AGENTS.md\u300C\u5C0F\u7A0B\u5E8F\u300D\u8282\u4E2D\u7684\u626B\u63CF\u7ED3\u679C\uFF0C\u9664\u975E\u4ED3\u5E93\u7ED3\u6784\u5DF2\u53D8\u3002
-\u68C0\u67E5 README\u3001package scripts\u3001\u8DEF\u7531\u3001\u6D4B\u8BD5\u3001\u6E90\u7801\u7ED3\u6784\u548C\u73B0\u6709\u7EA6\u5B9A\u540E\uFF0C\u628A AGENTS.md \u4E2D**\u5176\u4F59** \`[NEEDS LLM INPUT]\` \u6216 \`[NEED LLM INPUT]\` \u5360\u4F4D\u7B26\u66FF\u6362\u4E3A\u5177\u4F53\u3001\u7B80\u6D01\u3001\u9879\u76EE\u76F8\u5173\u7684\u5185\u5BB9\u3002\u4FDD\u7559 FET \u6258\u7BA1\u6807\u8BB0\uFF0C\u4E0D\u8981\u4FEE\u6539\u4E1A\u52A1\u4EE3\u7801\u3002
+\u68C0\u67E5 README\u3001package scripts\u3001\u8DEF\u7531\u3001\u6D4B\u8BD5\u3001\u6E90\u7801\u7ED3\u6784\u548C\u73B0\u6709\u7EA6\u5B9A\u540E\uFF0C\u628A AGENTS.md \u4E2D**\u5176\u4F59** \`[NEEDS LLM INPUT]\` \u6216 \`[NEED LLM INPUT]\` \u5360\u4F4D\u7B26\u66FF\u6362\u4E3A\u5177\u4F53\u3001\u7B80\u6D01\u3001\u9879\u76EE\u76F8\u5173\u7684\u5185\u5BB9\u3002\u4FDD\u7559 FET \u6258\u7BA1\u6807\u8BB0\uFF0C\u4E0D\u8981\u4FEE\u6539\u4E1A\u52A1\u4EE3\u7801\u3002\u4FEE\u6539 \`AGENTS.md\` \u4E0D\u5728\u9ED8\u8BA4\u5199\u8DEF\u5F84\u5185\uFF0C\u987B\u786E\u8BA4\u7528\u6237\u5DF2\u540C\u610F\uFF08\u6216\u7531 hooks \u5BA1\u6279\uFF09\u3002
+${renderWriteBoundaryGuardrail(language)}
 `;
   }
   if (command === "graph-setup") {
@@ -7723,6 +8254,8 @@ ${renderSpecArtifactGuardrail(language)}
 ${renderUiDisplayContractGuardrail(language)}
+${renderWriteBoundaryGuardrail(language)}
 \u6267\u884C\u524D\u8BF7\u9605\u8BFB AGENTS.md\u3001openspec/config.yaml\uFF08\u542B \`fet.specLanguage\`\uFF09\u4E0E\u5F53\u524D change \u5DF2\u6709\u4EA7\u7269\u3002
 `;
 }
@@ -7778,6 +8311,8 @@ ${uiContractBlock}
 \u6267\u884C\u524D\u8BF7\u9605\u8BFB AGENTS.md\u3001openspec/config.yaml \u4E0E\u5F53\u524D change \u4E0B\u7684 OpenSpec \u4EA7\u7269\u3002
 \u5B9E\u65BD\u524D\u987B\u5DF2\u8FD0\u884C \`fet tdd\`\uFF1B\u5B58\u5728 \`openspec/changes/<change-id>/.fet/tdd-manifest.yaml\` \u65F6\u6309\u6E05\u5355\u7F16\u5199\u6D4B\u8BD5\u4E0E\u5B9E\u73B0\uFF0C\u5E76\u5728 \`fet verify\` \u524D\u5148 \`fet test\`\u3002
+${renderWriteBoundaryGuardrail(language)}
 `;
 }
 function renderVisualSkill(usage, language) {
@@ -7853,7 +8388,7 @@ var CursorAdapter = class {
   async planInstall(_projectRoot, language) {
     return {
       tool: this.tool,
-      files: [...cursorSkillFiles(language), ...cursorRuleFiles(language)].map((file) => ({
+      files: [...cursorSkillFiles(language), ...cursorRuleFiles(language), ...cursorHookFiles()].map((file) => ({
         ...file,
         managed: true
       }))
@@ -7865,6 +8400,12 @@ var CursorAdapter = class {
     for (const file of plan.files) {
       const target = join31(projectRoot, file.path);
       const existing = await readExisting2(target);
+      if (file.path === ".cursor/hooks.json") {
+        await mkdir13(dirname12(target), { recursive: true });
+        await atomicWrite(target, mergeCursorHooksJson(existing, file.content));
+        written.push(file.path);
+        continue;
+      }
       if (existing && !existing.includes("FET:MANAGED") && !force) {
         throw new FetError({
           code: "TOOL_ADAPTER_CONFLICT" /* ToolAdapterConflict */,
@@ -7888,12 +8429,14 @@ var CursorAdapter = class {
     for (const file of plan.files) {
       const target = join31(projectRoot, file.path);
       const content = await readExisting2(target);
-      const managed = Boolean(content?.includes("FET:MANAGED"));
-      const versionMatches = Boolean(content?.includes(`adapterVersion: ${this.adapterVersion}`));
+      const hooksManaged = file.path === ".cursor/hooks.json" && Boolean(content?.includes('"writeBoundary"'));
+      const hookScript = file.path.startsWith(".cursor/hooks/fet-guard-") && file.path.endsWith(".mjs");
+      const managed = hooksManaged || hookScript || Boolean(content?.includes("FET:MANAGED"));
+      const versionMatches = file.path === ".cursor/hooks.json" ? Boolean(content?.includes('"writeBoundary"')) : hookScript ? Boolean(content?.includes(`adapterVersion: ${this.adapterVersion}`)) : Boolean(content?.includes(`adapterVersion: ${this.adapterVersion}`));
       checks.push({
         id: `cursor:${file.path}`,
         status: !content ? "warn" : managed && versionMatches ? "pass" : "warn",
-        message: !content ? `${file.path} \u7F3A\u5931` : !managed ? `${file.path} \u5DF2\u5B58\u5728\uFF0C\u4F46\u4E0D\u7531 FET \u7BA1\u7406` : !versionMatches ? `${file.path} adapterVersion \u5DF2\u8FC7\u671F` : `${file.path} \u5DF2\u5B58\u5728\u4E14\u7248\u672C\u5339\u914D`,
+        message: !content ? `${file.path} \u7F3A\u5931` : !managed ? `${file.path} \u5DF2\u5B58\u5728\uFF0C\u4F46\u4E0D\u7531 FET \u7BA1\u7406` : !versionMatches ? `${file.path} \u7248\u672C\u5DF2\u8FC7\u671F\uFF08\u8BF7\u8FD0\u884C fet init \u66F4\u65B0\uFF09` : `${file.path} \u5DF2\u5B58\u5728\u4E14\u7248\u672C\u5339\u914D`,
         suggestedCommand: !content || !managed || !versionMatches ? "fet init" : void 0
       });
     }