@synkro-sh/cli 1.4.43 → 1.4.47

package/dist/bootstrap.js

@@ -121,11 +121,13 @@ function installCCHooks(settingsPath, config) {
   removeSynkroEntries(settings.hooks, "PostToolUse");
   removeSynkroEntries(settings.hooks, "SessionEnd");
   removeSynkroEntries(settings.hooks, "SessionStart");
+  removeSynkroEntries(settings.hooks, "UserPromptSubmit");
   removeSynkroEntries(settings.hooks, "Stop");
   settings.hooks.PreToolUse = settings.hooks.PreToolUse ?? [];
   settings.hooks.PostToolUse = settings.hooks.PostToolUse ?? [];
   settings.hooks.SessionEnd = settings.hooks.SessionEnd ?? [];
   settings.hooks.SessionStart = settings.hooks.SessionStart ?? [];
+  settings.hooks.UserPromptSubmit = settings.hooks.UserPromptSubmit ?? [];
   settings.hooks.PreToolUse.push({
     matcher: "Bash|Read|Grep|Glob",
     hooks: [
@@ -143,40 +145,40 @@ function installCCHooks(settingsPath, config) {
       {
         type: "command",
         command: config.editPrecheckScriptPath,
-        timeout: 15
+        timeout: 30
       }
     ],
     [SYNKRO_MARKER]: true
   });
   settings.hooks.PreToolUse.push({
-    matcher: "ExitPlanMode",
+    matcher: "Edit|Write|MultiEdit|NotebookEdit",
     hooks: [
       {
         type: "command",
-        command: config.planJudgeScriptPath,
-        timeout: 45
+        command: config.cwePrecheckScriptPath,
+        timeout: 30
       }
     ],
     [SYNKRO_MARKER]: true
   });
-  settings.hooks.PostToolUse.push({
+  settings.hooks.PreToolUse.push({
     matcher: "Edit|Write|MultiEdit|NotebookEdit",
     hooks: [
       {
         type: "command",
-        command: config.editCaptureScriptPath,
-        timeout: 20
+        command: config.cvePrecheckScriptPath,
+        timeout: 10
       }
     ],
     [SYNKRO_MARKER]: true
   });
-  settings.hooks.PostToolUse.push({
-    matcher: "Edit|Write|MultiEdit|NotebookEdit",
+  settings.hooks.PreToolUse.push({
+    matcher: "ExitPlanMode",
     hooks: [
       {
         type: "command",
-        command: config.cveScanScriptPath,
-        timeout: 10
+        command: config.planJudgeScriptPath,
+        timeout: 45
       }
     ],
     [SYNKRO_MARKER]: true
@@ -209,6 +211,16 @@ function installCCHooks(settingsPath, config) {
     ],
     [SYNKRO_MARKER]: true
   });
+  settings.hooks.UserPromptSubmit.push({
+    hooks: [
+      {
+        type: "command",
+        command: config.userPromptSubmitScriptPath,
+        timeout: 5
+      }
+    ],
+    [SYNKRO_MARKER]: true
+  });
   settings.hooks.Stop = settings.hooks.Stop ?? [];
   removeSynkroEntries(settings.hooks, "Stop");
   settings.hooks.Stop.push({
@@ -227,7 +239,7 @@ function uninstallCCHooks(settingsPath) {
   if (!existsSync2(settingsPath)) return false;
   const settings = readSettings(settingsPath);
   if (!settings.hooks) return false;
-  const events = ["PreToolUse", "PostToolUse", "SessionEnd", "SessionStart", "Stop"];
+  const events = ["PreToolUse", "PostToolUse", "SessionEnd", "SessionStart", "Stop", "UserPromptSubmit"];
   for (const evt of events) {
     removeSynkroEntries(settings.hooks, evt);
   }
@@ -452,7 +464,7 @@ var init_mcpConfig = __esm({
 });
 
 // cli/installer/hookScripts.ts
-var SYNKRO_COMMON_SCRIPT, CC_BASH_JUDGE_SCRIPT, CC_EDIT_PRECHECK_SCRIPT, CC_EDIT_CAPTURE_SCRIPT, CC_PLAN_JUDGE_SCRIPT, CC_STOP_SUMMARY_SCRIPT, CC_SESSION_START_SCRIPT, CC_BASH_FOLLOWUP_SCRIPT, CC_CVE_SCAN_SCRIPT, CC_TRANSCRIPT_SYNC_SCRIPT, CURSOR_BASH_JUDGE_SCRIPT, CURSOR_EDIT_PRECHECK_SCRIPT, CURSOR_EDIT_CAPTURE_SCRIPT, CURSOR_BASH_FOLLOWUP_SCRIPT;
+var SYNKRO_COMMON_SCRIPT, CURSOR_BASH_JUDGE_SCRIPT, CURSOR_EDIT_PRECHECK_SCRIPT, CURSOR_EDIT_CAPTURE_SCRIPT, CURSOR_BASH_FOLLOWUP_SCRIPT;
 var init_hookScripts = __esm({
   "cli/installer/hookScripts.ts"() {
     "use strict";
@@ -476,6 +488,25 @@ synkro_load_jwt() {
 }
 
 synkro_refresh_jwt() {
+  # Lock via mkdir (atomic on all Unix including macOS \u2014 no flock needed)
+  local lockdir="\${CREDS_PATH}.lockdir"
+  if ! mkdir "$lockdir" 2>/dev/null; then
+    # Another hook is refreshing \u2014 wait and re-read
+    local _w=0
+    while [ -d "$lockdir" ] && [ $_w -lt 5 ]; do sleep 0.5; _w=$((_w+1)); done
+    JWT=$(jq -r '.access_token // empty' "$CREDS_PATH" 2>/dev/null)
+    return 0
+  fi
+  trap "rmdir \\"$lockdir\\" 2>/dev/null" RETURN
+
+  # Re-check expiry \u2014 another hook may have just refreshed
+  local p2 exp2 now2
+  p2=$(printf '%s' "$JWT" | cut -d. -f2)
+  case $((\${#p2} % 4)) in 2) p2="\${p2}==";; 3) p2="\${p2}=";; esac
+  exp2=$(printf '%s' "$p2" | tr '_-' '/+' | base64 -D 2>/dev/null | jq -r '.exp // 0' 2>/dev/null)
+  now2=$(date -u +%s)
+  if [ $((exp2 - now2)) -ge 60 ]; then return 0; fi
+
   local rt
   rt=$(jq -r '.refresh_token // empty' "$CREDS_PATH" 2>/dev/null)
   if [ -z "$rt" ]; then return 1; fi
@@ -491,7 +522,12 @@ synkro_refresh_jwt() {
   new_rt=$(echo "$resp" | jq -r '.refresh_token // empty' 2>/dev/null)
   [ -z "$new_rt" ] && new_rt="$rt"
   local tmp="\${CREDS_PATH}.synkro.tmp"
-  jq --arg at "$new_at" --arg rt "$new_rt" '. + {access_token:$at,refresh_token:$rt}' "$CREDS_PATH" > "$tmp" 2>/dev/null && mv "$tmp" "$CREDS_PATH"
+  local existing
+  existing=$(cat "$CREDS_PATH" 2>/dev/null)
+  if [ -z "$existing" ] || ! echo "$existing" | jq -e '.' >/dev/null 2>&1; then
+    existing='{}'
+  fi
+  echo "$existing" | jq --arg at "$new_at" --arg rt "$new_rt" '. + {access_token:$at,refresh_token:$rt}' > "$tmp" 2>/dev/null && mv "$tmp" "$CREDS_PATH"
   JWT="$new_at"
 }
 
@@ -531,8 +567,6 @@ synkro_load_config() {
   SYNKRO_RULES=$(echo "$resp" | jq -c '[.rules[]? | select(.hook_stage == "pre" or .hook_stage == "both" or .hook_stage == null) | {rule_id,text,severity,category,mode}]' 2>/dev/null || echo "[]")
 }
 
-# Build the tag prefix: [synkro:route:ruleset] or [synkro:silent]
-# Accepts optional $1 = route override; otherwise calls synkro_route().
 synkro_tag() {
   if [ "$SYNKRO_SILENT" = "true" ]; then echo "[synkro:silent]"; return; fi
   local route="\${1:-$(synkro_route)}"
@@ -540,131 +574,12 @@ synkro_tag() {
   echo "[synkro:\${route}:\${rs}]"
 }
 
-# Decide routing: "local" (grade on device) or "cloud" (POST to server)
 synkro_route() {
   [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ] && echo "local" && return
   synkro_channel_up && echo "local" && return
   echo "cloud"
 }
 
-# Grade locally via synkro CLI channel. Reads prompt from stdin.
-synkro_local_grade() {
-  local surface="$1"
-  if ! synkro_channel_up; then
-    echo "SYNKRO_CHANNEL_DOWN" >&2
-    return 1
-  fi
-  if [ -n "\${SYNKRO_CLI_BIN:-}" ] && [ -f "$SYNKRO_CLI_BIN" ] && command -v node >/dev/null 2>&1; then
-    node "$SYNKRO_CLI_BIN" grade "$surface" 2>/dev/null
-  elif command -v synkro >/dev/null 2>&1; then
-    synkro grade "$surface" 2>/dev/null
-  else
-    echo "SYNKRO_CLI_NOT_FOUND" >&2
-    return 1
-  fi
-}
-
-# Parse <synkro-verdict>...</synkro-verdict> XML from local grader output.
-# Sets LOCAL_OK, LOCAL_REASON, LOCAL_RULE_ID, LOCAL_RULE_MODE, LOCAL_SEV, LOCAL_CAT.
-synkro_parse_local_verdict() {
-  local resp="$1"
-  LOCAL_OK="true"; LOCAL_REASON=""; LOCAL_RULE_ID=""; LOCAL_RULE_MODE=""; LOCAL_SEV="low"; LOCAL_CAT="clean"
-  local inner
-  inner=$(printf '%s' "$resp" | tr '\\n' ' ' | sed -nE 's|.*<synkro-verdict>(.*)</synkro-verdict>.*|\\1|p' | tail -1)
-  [ -z "$inner" ] && return
-  local ok_tag
-  ok_tag=$(printf '%s' "$inner" | sed -nE 's|.*<ok>(.*)</ok>.*|\\1|p' | head -1)
-  [ -n "$ok_tag" ] && LOCAL_OK="$ok_tag"
-  LOCAL_REASON=$(printf '%s' "$inner" | sed -nE 's|.*<reason>(.*)</reason>.*|\\1|p' | head -1)
-  [ -z "$LOCAL_REASON" ] && LOCAL_REASON=$(printf '%s' "$inner" | sed -nE 's|.*<reasoning>(.*)</reasoning>.*|\\1|p' | head -1)
-  if [ "$LOCAL_OK" = "false" ]; then
-    LOCAL_RULE_ID=$(printf '%s' "$inner" | sed -nE 's|.*<rule_id>(.*)</rule_id>.*|\\1|p' | head -1)
-    LOCAL_RULE_MODE=$(printf '%s' "$inner" | sed -nE 's|.*<rule_mode>(.*)</rule_mode>.*|\\1|p' | head -1)
-    LOCAL_SEV=$(printf '%s' "$inner" | sed -nE 's|.*<risk_level>(.*)</risk_level>.*|\\1|p' | head -1)
-    if [ -z "$LOCAL_RULE_ID" ]; then
-      local fv
-      fv=$(printf '%s' "$inner" | awk -v RS='</violation>' '/<violation>/{print; exit}')
-      LOCAL_RULE_ID=$(printf '%s' "$fv" | sed -nE 's|.*<rule_id>(.*)</rule_id>.*|\\1|p' | head -1)
-      [ -z "$LOCAL_REASON" ] && LOCAL_REASON=$(printf '%s' "$fv" | sed -nE 's|.*<reason>(.*)</reason>.*|\\1|p' | head -1)
-      [ -z "$LOCAL_SEV" ] && LOCAL_SEV=$(printf '%s' "$fv" | sed -nE 's|.*<severity>(.*)</severity>.*|\\1|p' | head -1)
-    fi
-    LOCAL_SEV="\${LOCAL_SEV:-high}"
-    LOCAL_CAT=$(printf '%s' "$inner" | sed -nE 's|.*<category>(.*)</category>.*|\\1|p' | head -1)
-    LOCAL_CAT="\${LOCAL_CAT:-uncategorized}"
-    [ -z "$LOCAL_RULE_ID" ] && LOCAL_RULE_ID=$(printf '%s' "$LOCAL_REASON" | grep -oE '[Rr][0-9]{3}' | head -1)
-  fi
-}
-
-# Fire anonymized telemetry for local verdicts. All args positional.
-synkro_capture_local() {
-  local hook_type="$1" verdict="$2" severity="$3" category="$4" tool_name="$5" repo="$6" session_id="$7"
-  (
-    BODY=$(jq -n \\
-      --arg eid "$(uuidgen 2>/dev/null || echo "evt_$(date +%s)_$$")" \\
-      --arg ht "$hook_type" --arg v "$verdict" --arg s "$severity" --arg c "$category" \\
-      --arg tn "$tool_name" --arg r "$repo" --arg sid "$session_id" \\
-      '{capture_type:"local_verdict",event_id:$eid,hook_type:$ht,verdict:$v,severity:$s,category:$c,model:"claude-sonnet-4-6",tool_name:$tn}
-        + (if $r != "" then {repo:$r} else {} end)
-        + (if $sid != "" then {session_id:$sid} else {} end)')
-    curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
-      -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-      -d "$BODY" --max-time 2 >/dev/null 2>&1
-  ) &
-}
-
-# Fire full-content telemetry for local verdicts (used when capture_depth is full or evidence_on_violation).
-synkro_capture_local_full() {
-  local hook_type="$1" verdict="$2" severity="$3" category="$4" tool_name="$5" repo="$6" session_id="$7"
-  local command="$8" reasoning="$9" rules_checked="\${10:-[]}" violated_rules="\${11:-[]}" recent_user_messages="\${12:-[]}"
-  (
-    BODY=$(jq -n \\
-      --arg eid "$(uuidgen 2>/dev/null || echo "evt_$(date +%s)_$$")" \\
-      --arg ht "$hook_type" --arg v "$verdict" --arg s "$severity" --arg c "$category" \\
-      --arg tn "$tool_name" --arg r "$repo" --arg sid "$session_id" \\
-      --arg cmd "$command" --arg rsn "$reasoning" --arg cd "$SYNKRO_CAPTURE_DEPTH" \\
-      --argjson rc "$rules_checked" --argjson vr "$violated_rules" --argjson rum "$recent_user_messages" \\
-      '{capture_type:"local_verdict",event_id:$eid,hook_type:$ht,verdict:$v,severity:$s,category:$c,
-        model:"claude-sonnet-4-6",tool_name:$tn,capture_depth:$cd,
-        command:(if ($cmd|length) > 0 then $cmd else null end),
-        reasoning:(if ($rsn|length) > 0 then $rsn else null end),
-        rules_checked:$rc, violated_rules:$vr, recent_user_messages:$rum}
-        + (if $r != "" then {repo:$r} else {} end)
-        + (if $sid != "" then {session_id:$sid} else {} end)')
-    curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
-      -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-      -d "$BODY" --max-time 3 >/dev/null 2>&1
-  ) &
-}
-
-# Dispatch local verdict capture based on capture_depth privacy setting.
-# For full: always send full content. For evidence_on_violation: full only on violations. For local_only: anonymized only.
-synkro_dispatch_capture() {
-  local hook_type="$1" verdict="$2" severity="$3" category="$4" tool_name="$5" repo="$6" session_id="$7"
-  local command="$8" reasoning="$9" rules_checked="\${10:-[]}" violated_rules="\${11:-[]}" recent_user_messages="\${12:-[]}"
-  local send_full=false
-  case "\${SYNKRO_CAPTURE_DEPTH:-local_only}" in
-    full) send_full=true ;;
-    evidence_on_violation)
-      case "$verdict" in block|warning|deny) send_full=true ;; esac ;;
-  esac
-  if [ "$send_full" = "true" ]; then
-    synkro_capture_local_full "$hook_type" "$verdict" "$severity" "$category" "$tool_name" "$repo" "$session_id" \\
-      "$command" "$reasoning" "$rules_checked" "$violated_rules" "$recent_user_messages"
-  else
-    synkro_capture_local "$hook_type" "$verdict" "$severity" "$category" "$tool_name" "$repo" "$session_id"
-  fi
-}
-
-# Look up a rule's mode from cached rules. Returns "blocking" or "audit".
-synkro_rule_mode() {
-  local rid="$1"
-  [ -z "$rid" ] || [ -z "\${SYNKRO_RULES:-}" ] && echo "blocking" && return
-  local m
-  m=$(printf '%s' "$SYNKRO_RULES" | jq -r --arg r "$rid" '[.[] | select(.rule_id == $r) | .mode] | if any(. == "blocking") then "blocking" else .[0] // "blocking" end' 2>/dev/null)
-  [ -z "$m" ] || [ "$m" = "null" ] && m="blocking"
-  echo "$m"
-}
-
 SYNKRO_CONSENT_FILE="$HOME/.synkro/.local-consent"
 
 _TAB=$(printf '\\t')
@@ -688,18 +603,6 @@ synkro_consent_consume() {
   awk -v p="$pat" -v r="$rep" '{if($0==p)print r;else print}' "$SYNKRO_CONSENT_FILE" > "$tmp" 2>/dev/null && mv "$tmp" "$SYNKRO_CONSENT_FILE" 2>/dev/null || true
 }
 
-synkro_consent_has_consumed() {
-  local sid="$1" hash="$2"
-  grep -q "^\${sid}\${_TAB}\${hash}\${_TAB}consumed$" "$SYNKRO_CONSENT_FILE" 2>/dev/null
-}
-
-synkro_consent_clear_consumed() {
-  local sid="$1" hash="$2"
-  [ ! -f "$SYNKRO_CONSENT_FILE" ] && return
-  local tmp="\${SYNKRO_CONSENT_FILE}.tmp"
-  grep -v "^\${sid}\${_TAB}\${hash}\${_TAB}consumed$" "$SYNKRO_CONSENT_FILE" > "$tmp" 2>/dev/null && mv "$tmp" "$SYNKRO_CONSENT_FILE" 2>/dev/null || true
-}
-
 synkro_post_with_retry() {
   local url="$1" body="$2" timeout="\${3:-8}"
   local resp
@@ -718,7 +621,7 @@ synkro_post_with_retry() {
   echo "$resp"
 }
 `;
-    CC_BASH_JUDGE_SCRIPT = `#!/bin/bash
+    CURSOR_BASH_JUDGE_SCRIPT = `#!/bin/bash
 SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
 . "$SCRIPT_DIR/_synkro-common.sh"
 
@@ -729,156 +632,52 @@ synkro_ensure_fresh_jwt
 PAYLOAD=$(cat)
 if [ -z "$PAYLOAD" ]; then echo '{}'; exit 0; fi
 
-TOOL_NAME=$(echo "$PAYLOAD" | jq -r '.tool_name // empty' 2>/dev/null)
-case "$TOOL_NAME" in Bash|Read|Grep|Glob) ;; *) echo '{}'; exit 0 ;; esac
+COMMAND=$(echo "$PAYLOAD" | jq -r '.command // empty' 2>/dev/null)
+if [ -z "$COMMAND" ]; then echo '{}'; exit 0; fi
 
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
-TOOL_USE_ID=$(echo "$PAYLOAD" | jq -r '.tool_use_id // empty' 2>/dev/null)
 CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
+SESSION_ID=$(echo "$PAYLOAD" | jq -r '.conversation_id // empty' 2>/dev/null)
 GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
-PERMISSION_MODE=$(echo "$PAYLOAD" | jq -r '.permission_mode // empty' 2>/dev/null)
-
-# Translate tool calls to command string for logging
-case "$TOOL_NAME" in
-  Bash) COMMAND=$(echo "$PAYLOAD" | jq -r '.tool_input.command // empty' 2>/dev/null) ;;
-  Read) COMMAND="cat $(echo "$PAYLOAD" | jq -r '.tool_input.file_path // empty' 2>/dev/null)" ;;
-  Grep) COMMAND="grep -r '$(echo "$PAYLOAD" | jq -r '.tool_input.pattern // empty' 2>/dev/null)' $(echo "$PAYLOAD" | jq -r '.tool_input.path // "."' 2>/dev/null)" ;;
-  Glob) COMMAND="find . -name '$(echo "$PAYLOAD" | jq -r '.tool_input.pattern // empty' 2>/dev/null)'" ;;
-esac
-if [ -z "$COMMAND" ]; then echo '{}'; exit 0; fi
 
 CMD_SHORT=$(printf '%s' "$COMMAND" | head -c 80)
 synkro_log "bashGuard checking: $CMD_SHORT"
 
-TRANSCRIPT_PATH=$(echo "$PAYLOAD" | jq -r '.transcript_path // empty' 2>/dev/null)
-USER_INTENT=""
-RECENT_USER_MESSAGES="[]"
-if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
-  RECENT_USER_MESSAGES=$(tail -400 "$TRANSCRIPT_PATH" | jq -c -s '[.[] | select(.type == "user") | (.message.content | if type == "string" then . else (map(.text? // "") | join(" ")) end) | select(. != null and . != "")] | .[-5:]' 2>/dev/null || echo "[]")
-  USER_INTENT=$(echo "$RECENT_USER_MESSAGES" | jq -r '.[-1] // ""' 2>/dev/null || echo "")
-fi
-
-# Headless detection
-IS_HEADLESS="\${SYNKRO_HEADLESS:-0}"
-case "$PERMISSION_MODE" in acceptEdits|bypassPermissions|plan|auto) IS_HEADLESS="1" ;; esac
-
 synkro_load_config
-ROUTE=$(synkro_route)
-TAG=$(synkro_tag "$ROUTE")
-
 if [ "$SYNKRO_SILENT" = "true" ]; then
-  jq -n --arg m "$TAG bashGuard \u2192 skipped (silent mode)" '{systemMessage: $m}'
-  exit 0
-fi
-
-if [ "$ROUTE" = "local" ]; then
-  # \u2500\u2500\u2500 Local grading (local_only privacy or local-cc channel) \u2500\u2500\u2500
-  GRADER_FILE=$(mktemp -t synkro-bash.XXXXXX)
-  trap "rm -f \\"$GRADER_FILE\\"" EXIT
-  printf 'Working directory: %s\\nRepo: %s\\nCommand: %s\\nUser intent (last human message): %s\\nOrg rules: %s\\n' "\${CWD:-.}" "\${GIT_REPO:-unknown}" "$COMMAND" "\${USER_INTENT:-none stated}" "\${SYNKRO_RULES:-[]}" > "$GRADER_FILE"
-
-  CC_RESP=$(synkro_local_grade bash < "$GRADER_FILE" 2>&1)
-  if [ $? -ne 0 ]; then
-    jq -n --arg m "$TAG bashGuard \u2192 pass: local grader unavailable (run synkro local-cc start)" '{systemMessage: $m}'
-    exit 0
-  fi
-  synkro_parse_local_verdict "$CC_RESP"
-
-  # Build violated rules JSON for full-content capture
-  VIOLATED_JSON="[]"
-  [ -n "$LOCAL_RULE_ID" ] && VIOLATED_JSON=$(jq -n --arg r "$LOCAL_RULE_ID" '[$r]')
-
-  if [ "$LOCAL_OK" = "false" ]; then
-    RULE_MODE="\${LOCAL_RULE_MODE:-$(synkro_rule_mode "\${LOCAL_RULE_ID}")}"
-    if [ "$RULE_MODE" = "audit" ]; then
-      REASON="$TAG bashGuard \u2192 warning\${LOCAL_RULE_ID:+ ($LOCAL_RULE_ID)}: \${LOCAL_REASON:-policy violation}"
-      jq -n --arg m "$REASON" '{systemMessage: $m}'
-      synkro_dispatch_capture "bash" "warning" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID" \\
-        "$COMMAND" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "$VIOLATED_JSON" "\${RECENT_USER_MESSAGES:-[]}"
-    else
-      REASON="$TAG bashGuard \u2192 blocked\${LOCAL_RULE_ID:+ ($LOCAL_RULE_ID)}: \${LOCAL_REASON:-policy violation}. Ask the user for explicit consent before retrying."
-      jq -n --arg reason "$REASON" \\
-        '{systemMessage:$reason,hookSpecificOutput:{hookEventName:"PreToolUse",permissionDecision:"deny",permissionDecisionReason:$reason,additionalContext:$reason}}'
-      synkro_dispatch_capture "bash" "block" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID" \\
-        "$COMMAND" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "$VIOLATED_JSON" "\${RECENT_USER_MESSAGES:-[]}"
-    fi
-  else
-    jq -n --arg m "$TAG bashGuard \u2192 pass: \${LOCAL_REASON:-no policy violations detected}" '{systemMessage: $m}'
-    synkro_dispatch_capture "bash" "pass" "audit" "\${LOCAL_CAT:-trivial_utility}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID" \\
-      "$COMMAND" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "[]" "\${RECENT_USER_MESSAGES:-[]}"
-  fi
-  exit 0
-fi
-
-# \u2500\u2500\u2500 Cloud grading \u2500\u2500\u2500
-CC_MODEL=""
-CC_USAGE="{}"
-RECENT_MESSAGES="[]"
-RECENT_ACTIONS="[]"
-SESSION_SUMMARY=""
-if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
-  _LAST=$(grep '"type":"assistant"' "$TRANSCRIPT_PATH" 2>/dev/null | tail -1)
-  if [ -n "$_LAST" ]; then
-    CC_MODEL=$(echo "$_LAST" | jq -r '.message.model // empty' 2>/dev/null)
-    CC_USAGE=$(echo "$_LAST" | jq -c '{input_tokens:.message.usage.input_tokens,output_tokens:.message.usage.output_tokens,cache_creation_input_tokens:.message.usage.cache_creation_input_tokens,cache_read_input_tokens:.message.usage.cache_read_input_tokens}' 2>/dev/null || echo "{}")
-  fi
-  RECENT_MESSAGES=$(tail -400 "$TRANSCRIPT_PATH" | jq -c -s '[.[] | select(.type == "user" or .type == "assistant") | {type, text: (.message.content | if type == "string" then .[0:500] else ([.[]? | (.text? // "") | .[0:300]] | join(" ")) end)}] | .[-10:]' 2>/dev/null || echo "[]")
-  RECENT_ACTIONS=$(tail -400 "$TRANSCRIPT_PATH" | jq -c -s '[.[] | select(.type == "assistant") | .message.content[]? | select(.type == "tool_use") | {tool: .name, input: (.input // {} | tostring | .[0:200])}] | .[-5:]' 2>/dev/null || echo "[]")
-  SESSION_SUMMARY=$(grep '"type":"summary"' "$TRANSCRIPT_PATH" 2>/dev/null | tail -1 | jq -r '.summary // empty' 2>/dev/null || echo "")
+  echo '{}'; exit 0
 fi
 
 BODY=$(jq -n \\
-  --arg hook_event "PreToolUse" \\
-  --arg tool_name "$TOOL_NAME" \\
-  --argjson tool_input "$(echo "$PAYLOAD" | jq -c '.tool_input // {}')" \\
-  --arg user_intent "$USER_INTENT" \\
-  --argjson recent_user_messages "$RECENT_USER_MESSAGES" \\
-  --argjson recent_messages "$RECENT_MESSAGES" \\
-  --argjson recent_actions "$RECENT_ACTIONS" \\
+  --arg cmd "$COMMAND" \\
   --arg session_id "$SESSION_ID" \\
-  --arg tool_use_id "$TOOL_USE_ID" \\
   --arg cwd "$CWD" \\
   --arg repo "$GIT_REPO" \\
-  --arg permission_mode "$PERMISSION_MODE" \\
-  --arg cc_model "$CC_MODEL" \\
-  --argjson cc_usage "$CC_USAGE" \\
-  --arg session_summary "$SESSION_SUMMARY" \\
   '{
-    hook_event: $hook_event,
-    tool_name: $tool_name,
-    tool_input: $tool_input,
-    user_intent: (if ($user_intent | length) > 0 then $user_intent else null end),
-    recent_user_messages: $recent_user_messages,
-    recent_messages: $recent_messages,
-    recent_actions: $recent_actions,
+    hook_event: "PreToolUse",
+    tool_name: "Bash",
+    tool_input: {command: $cmd},
+    response_format: "cursor",
     session_id: (if ($session_id | length) > 0 then $session_id else null end),
-    tool_use_id: (if ($tool_use_id | length) > 0 then $tool_use_id else null end),
     cwd: (if ($cwd | length) > 0 then $cwd else null end),
-    repo: (if ($repo | length) > 0 then $repo else null end),
-    permission_mode: (if ($permission_mode | length) > 0 then $permission_mode else null end),
-    cc_model: (if ($cc_model | length) > 0 then $cc_model else null end),
-    cc_usage: $cc_usage,
-    session_summary: (if ($session_summary | length) > 0 then $session_summary else null end)
+    repo: (if ($repo | length) > 0 then $repo else null end)
   }')
 
-RESP=$(synkro_post_with_retry "\${GATEWAY_URL}/api/v1/hook/judge" "$BODY" 8)
+RESP=$(synkro_post_with_retry "\${GATEWAY_URL}/api/v1/hook/judge" "$BODY" 6)
 
 if [ -z "$RESP" ]; then
   synkro_log "bashGuard $CMD_SHORT \u2192 error (timeout)"
-  echo '{}'
-  exit 0
+  echo '{}'; exit 0
 fi
 
-if ! echo "$RESP" | jq -e '.hook_response' >/dev/null 2>&1; then
-  synkro_log "bashGuard $CMD_SHORT \u2192 pass (no hook_response)"
+# Server returns cursor-format directly in hook_response
+if echo "$RESP" | jq -e '.hook_response' >/dev/null 2>&1; then
+  echo "$RESP" | jq -c '.hook_response'
+else
   echo '{}'
-  exit 0
 fi
-
-echo "$RESP" | jq -c '.hook_response'
 exit 0
 `;
-    CC_EDIT_PRECHECK_SCRIPT = `#!/bin/bash
+    CURSOR_EDIT_PRECHECK_SCRIPT = `#!/bin/bash
 SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
 . "$SCRIPT_DIR/_synkro-common.sh"
 
@@ -890,231 +689,79 @@ PAYLOAD=$(cat)
 if [ -z "$PAYLOAD" ]; then echo '{}'; exit 0; fi
 
 TOOL_NAME=$(echo "$PAYLOAD" | jq -r '.tool_name // empty' 2>/dev/null)
-case "$TOOL_NAME" in Edit|Write|MultiEdit|NotebookEdit) ;; *) echo '{}'; exit 0 ;; esac
-
-TOOL_INPUT=$(echo "$PAYLOAD" | jq -c '.tool_input // {}' 2>/dev/null)
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
-TOOL_USE_ID=$(echo "$PAYLOAD" | jq -r '.tool_use_id // empty' 2>/dev/null)
 CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
+SESSION_ID=$(echo "$PAYLOAD" | jq -r '.conversation_id // empty' 2>/dev/null)
 GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
-PERMISSION_MODE=$(echo "$PAYLOAD" | jq -r '.permission_mode // empty' 2>/dev/null)
 
-FILE_PATH=$(echo "$TOOL_INPUT" | jq -r '.file_path // .notebook_path // .path // empty' 2>/dev/null)
+FILE_PATH=$(echo "$PAYLOAD" | jq -r '.tool_input.file_path // .tool_input.path // .tool_input.target_file // empty' 2>/dev/null)
+CONTENT=$(echo "$PAYLOAD" | jq -r '.tool_input.content // .tool_input.new_string // .tool_input.code_edit // empty' 2>/dev/null)
 if [ -z "$FILE_PATH" ]; then echo '{}'; exit 0; fi
 
-FILE_SHORT=$(basename "$FILE_PATH")
-synkro_log "editGuard checking: $FILE_SHORT"
-
-IS_HEADLESS="\${SYNKRO_HEADLESS:-0}"
-case "$PERMISSION_MODE" in acceptEdits|bypassPermissions|plan|auto) IS_HEADLESS="1" ;; esac
-
-# Read file before edit for reconstruction
-FILE_BEFORE=""
-if [ "$TOOL_NAME" != "Write" ] && [ -n "$FILE_PATH" ] && [ -f "$FILE_PATH" ]; then
-  FILE_BEFORE=$(head -c 65536 "$FILE_PATH" 2>/dev/null || echo "")
-fi
-
-# Reconstruct proposed content
-case "$TOOL_NAME" in
-  Write) PROPOSED=$(echo "$TOOL_INPUT" | jq -r '.content // ""' 2>/dev/null) ;;
-  Edit|MultiEdit)
-    if [ -n "$FILE_BEFORE" ] && command -v python3 >/dev/null 2>&1; then
-      PROPOSED=$(FILE_BEFORE_LITERAL="$FILE_BEFORE" TOOL_INPUT_LITERAL="$TOOL_INPUT" python3 -c '
-import os, json, sys
-fb = os.environ.get("FILE_BEFORE_LITERAL", "")
-ti = json.loads(os.environ.get("TOOL_INPUT_LITERAL", "{}"))
-result = fb
-if "old_string" in ti and "new_string" in ti:
-    if ti["old_string"]: result = result.replace(ti["old_string"], ti["new_string"], 1)
-elif "edits" in ti and isinstance(ti["edits"], list):
-    for e in ti["edits"]:
-        old = e.get("old_string", "") if isinstance(e, dict) else ""
-        new = e.get("new_string", "") if isinstance(e, dict) else ""
-        if old: result = result.replace(old, new, 1)
-sys.stdout.write(result)
-' 2>/dev/null)
-    fi
-    if [ -z "$PROPOSED" ]; then
-      if [ "$TOOL_NAME" = "MultiEdit" ]; then
-        PROPOSED=$(echo "$TOOL_INPUT" | jq -r '[.edits[]?.new_string // ""] | join("\\n\\n--- chunk ---\\n\\n")' 2>/dev/null)
-      else
-        PROPOSED=$(echo "$TOOL_INPUT" | jq -r '.new_string // ""' 2>/dev/null)
-      fi
-    fi ;;
-  NotebookEdit) PROPOSED=$(echo "$TOOL_INPUT" | jq -r '.new_source // ""' 2>/dev/null) ;;
-esac
-if [ -z "$PROPOSED" ]; then echo '{}'; exit 0; fi
-
-DIFF_FIELD=$(echo "$TOOL_INPUT" | jq -c '{old_string, new_string, edits} | with_entries(select(.value != null))' 2>/dev/null)
-[ -z "$DIFF_FIELD" ] || [ "$DIFF_FIELD" = "null" ] || [ "$DIFF_FIELD" = "{}" ] && DIFF_FIELD="null"
-
-# Extract user intent from transcript
-USER_INTENT=""
-RECENT_ACTIONS="[]"
-TRANSCRIPT_PATH=$(echo "$PAYLOAD" | jq -r '.transcript_path // empty' 2>/dev/null)
-if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
-  USER_INTENT=$(tail -200 "$TRANSCRIPT_PATH" | jq -r 'select(.type == "user") | .message.content | if type == "string" then . else (map(.text? // "") | join(" ")) end' 2>/dev/null | tail -1 || echo "")
-  RECENT_ACTIONS=$(tail -200 "$TRANSCRIPT_PATH" | jq -c -s '[.[] | select(.type == "assistant") | .message.content[]? | select(.type == "tool_use") | {tool: .name, input: (.input // {} | tostring | .[0:200])}] | .[-5:]' 2>/dev/null || echo "[]")
-fi
+BASENAME=$(basename "$FILE_PATH" 2>/dev/null || echo "$FILE_PATH")
+synkro_log "editGuard checking: $BASENAME"
 
 synkro_load_config
-ROUTE=$(synkro_route)
-TAG=$(synkro_tag "$ROUTE")
-
 if [ "$SYNKRO_SILENT" = "true" ]; then
-  jq -n --arg m "$TAG editGuard \u2192 skipped (silent mode)" '{systemMessage: $m}'
-  exit 0
-fi
-
-if [ "$ROUTE" = "local" ]; then
-  # \u2500\u2500\u2500 Local grading (local_only privacy or local-cc channel) \u2500\u2500\u2500
-  GRADER_FILE=$(mktemp -t synkro-edit.XXXXXX)
-  trap "rm -f \\"$GRADER_FILE\\"" EXIT
-  printf 'Working directory: %s\\nRepo: %s\\nFile: %s\\nProposed content (first 4000 chars):\\n%s\\nUser intent (last human message): %s\\nOrg rules: %s\\n' "\${CWD:-.}" "\${GIT_REPO:-unknown}" "$FILE_PATH" "$(printf '%s' "$PROPOSED" | head -c 4000)" "\${USER_INTENT:-none stated}" "\${SYNKRO_RULES:-[]}" > "$GRADER_FILE"
-
-  CC_RESP=$(synkro_local_grade edit < "$GRADER_FILE" 2>&1)
-  if [ $? -ne 0 ]; then
-    jq -n --arg m "$TAG editGuard \u2192 pass: local grader unavailable (run synkro local-cc start)" '{systemMessage: $m}'
-    exit 0
-  fi
-  synkro_parse_local_verdict "$CC_RESP"
-
-  # Build edit content description and violated rules for full-content capture
-  EDIT_CONTENT="file=$FILE_PATH content=$(printf '%s' "$PROPOSED" | head -c 2000)"
-  VIOLATED_JSON="[]"
-  [ -n "$LOCAL_RULE_ID" ] && VIOLATED_JSON=$(jq -n --arg r "$LOCAL_RULE_ID" '[$r]')
-
-  if [ "$LOCAL_OK" = "false" ]; then
-    RULE_MODE="\${LOCAL_RULE_MODE:-$(synkro_rule_mode "\${LOCAL_RULE_ID}")}"
-    if [ "$RULE_MODE" = "audit" ]; then
-      REASON="$TAG editGuard $FILE_SHORT \u2192 warning\${LOCAL_RULE_ID:+ ($LOCAL_RULE_ID)}: \${LOCAL_REASON:-policy violation}"
-      jq -n --arg m "$REASON" '{systemMessage: $m}'
-      synkro_dispatch_capture "edit" "warning" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID" \\
-        "$EDIT_CONTENT" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "$VIOLATED_JSON" "[]"
-    else
-      REASON="$TAG editGuard $FILE_SHORT \u2192 blocked\${LOCAL_RULE_ID:+ ($LOCAL_RULE_ID)}: \${LOCAL_REASON:-policy violation}. Ask the user for explicit consent before retrying."
-      jq -n --arg reason "$REASON" \\
-        '{systemMessage:$reason,hookSpecificOutput:{hookEventName:"PreToolUse",permissionDecision:"deny",permissionDecisionReason:$reason,additionalContext:$reason}}'
-      synkro_dispatch_capture "edit" "block" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID" \\
-        "$EDIT_CONTENT" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "$VIOLATED_JSON" "[]"
-    fi
-  else
-    jq -n --arg m "$TAG editGuard $FILE_SHORT \u2192 pass: \${LOCAL_REASON:-no policy violations detected}" '{systemMessage: $m}'
-    synkro_dispatch_capture "edit" "pass" "audit" "\${LOCAL_CAT:-trivial_edit}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID" \\
-      "$EDIT_CONTENT" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "[]" "[]"
-  fi
-  exit 0
+  echo '{}'; exit 0
 fi
 
-# \u2500\u2500\u2500 Cloud grading \u2500\u2500\u2500
 BODY=$(jq -n \\
-  --arg hook_event "PreToolUse" \\
-  --arg tool_name "$TOOL_NAME" \\
-  --argjson tool_input "$TOOL_INPUT" \\
   --arg file_path "$FILE_PATH" \\
-  --arg content "$PROPOSED" \\
-  --arg file_before "$FILE_BEFORE" \\
-  --argjson diff "$DIFF_FIELD" \\
-  --arg user_intent "$USER_INTENT" \\
-  --argjson recent_actions "$RECENT_ACTIONS" \\
+  --arg content "$CONTENT" \\
   --arg session_id "$SESSION_ID" \\
-  --arg tool_use_id "$TOOL_USE_ID" \\
   --arg cwd "$CWD" \\
   --arg repo "$GIT_REPO" \\
-  --arg permission_mode "$PERMISSION_MODE" \\
-  --arg headless_flag "\${SYNKRO_HEADLESS:-0}" \\
   '{
-    hook_event: $hook_event,
-    tool_name: $tool_name,
-    tool_input: $tool_input,
+    hook_event: "PreToolUse",
+    tool_name: "Edit",
+    tool_input: {file_path: $file_path, content: $content},
     file_path: $file_path,
     content: $content,
-    file_before: (if ($file_before | length) > 0 then $file_before else null end),
-    diff: $diff,
-    user_intent: (if ($user_intent | length) > 0 then $user_intent else null end),
-    recent_actions: $recent_actions,
+    response_format: "cursor",
     session_id: (if ($session_id | length) > 0 then $session_id else null end),
-    tool_use_id: (if ($tool_use_id | length) > 0 then $tool_use_id else null end),
     cwd: (if ($cwd | length) > 0 then $cwd else null end),
-    repo: (if ($repo | length) > 0 then $repo else null end),
-    permission_mode: (if ($permission_mode | length) > 0 then $permission_mode else null end),
-    headless: ($headless_flag == "1")
+    repo: (if ($repo | length) > 0 then $repo else null end)
   }')
 
 RESP=$(synkro_post_with_retry "\${GATEWAY_URL}/api/v1/hook/judge" "$BODY" 8)
 
 if [ -z "$RESP" ]; then
-  synkro_log "editGuard $FILE_SHORT \u2192 error (timeout)"
-  echo '{}'
-  exit 0
-fi
-
-if ! echo "$RESP" | jq -e 'type == "object"' >/dev/null 2>&1; then
-  synkro_log "editGuard $FILE_SHORT \u2192 error (bad response)"
-  echo '{}'
-  exit 0
+  synkro_log "editGuard $BASENAME \u2192 error (timeout)"
+  echo '{}'; exit 0
 fi
 
-DECISION=$(echo "$RESP" | jq -r '.hook_response.hookSpecificOutput.permissionDecision // "allow"' 2>/dev/null)
-if [ "$DECISION" = "deny" ] || [ "$DECISION" = "ask" ]; then
-  synkro_log "editGuard $FILE_SHORT \u2192 BLOCKED"
+if echo "$RESP" | jq -e '.hook_response' >/dev/null 2>&1; then
   echo "$RESP" | jq -c '.hook_response'
 else
-  REASON=$(echo "$RESP" | jq -r '.hook_response.reason // empty' 2>/dev/null)
-  if [ -n "$REASON" ]; then
-    synkro_log "editGuard $FILE_SHORT \u2192 pass: $REASON"
-  else
-    synkro_log "editGuard $FILE_SHORT \u2192 pass"
-  fi
-  echo "$RESP" | jq -c '.hook_response // {}'
+  echo '{}'
 fi
 exit 0
 `;
-    CC_EDIT_CAPTURE_SCRIPT = `#!/bin/bash
+    CURSOR_EDIT_CAPTURE_SCRIPT = `#!/bin/bash
 SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
 . "$SCRIPT_DIR/_synkro-common.sh"
 
 JWT=$(synkro_load_jwt)
 if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
-synkro_ensure_fresh_jwt
 
 PAYLOAD=$(cat)
 if [ -z "$PAYLOAD" ]; then echo '{}'; exit 0; fi
 
-TOOL_NAME=$(echo "$PAYLOAD" | jq -r '.tool_name // empty' 2>/dev/null)
-case "$TOOL_NAME" in Edit|Write|MultiEdit|NotebookEdit) ;; *) echo '{}'; exit 0 ;; esac
+FILE_PATH=$(echo "$PAYLOAD" | jq -r '.file_path // empty' 2>/dev/null)
+if [ -z "$FILE_PATH" ]; then echo '{}'; exit 0; fi
 
-TOOL_INPUT=$(echo "$PAYLOAD" | jq -c '.tool_input // {}' 2>/dev/null)
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
-TOOL_USE_ID=$(echo "$PAYLOAD" | jq -r '.tool_use_id // empty' 2>/dev/null)
-CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
+CWD=$(echo "$PAYLOAD" | jq -r '.cwd // .workspace_roots[0] // empty' 2>/dev/null)
+SESSION_ID=$(echo "$PAYLOAD" | jq -r '.conversation_id // empty' 2>/dev/null)
 GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
+BASENAME=$(basename "$FILE_PATH" 2>/dev/null || echo "$FILE_PATH")
 
-# Correction followup (backgrounded)
-if [ -n "$SESSION_ID" ] && [ -n "$TOOL_USE_ID" ]; then
-  (
-    BODY=$(jq -n --arg tid "$TOOL_USE_ID" --arg sid "$SESSION_ID" '{capture_type:"correction_followup",tool_use_id:$tid,session_id:$sid,decision:"allow"}')
-    curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
-      -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-      -d "$BODY" --max-time 2 >/dev/null 2>&1
-  ) &
-fi
-
-# Fire-and-forget: POST edit scan to /v1/hook/judge (PostToolUse)
-FILE_PATH=$(echo "$TOOL_INPUT" | jq -r '.file_path // .notebook_path // .path // empty' 2>/dev/null)
-if [ -z "$FILE_PATH" ] || [ ! -f "$FILE_PATH" ]; then echo '{}'; exit 0; fi
-
-BASENAME=$(basename "$FILE_PATH")
-synkro_log "editScan: $BASENAME"
-
-FILE_CONTENT=$(head -c 65536 "$FILE_PATH" 2>/dev/null || echo "")
-if [ -z "$FILE_CONTENT" ]; then echo '{}'; exit 0; fi
-
-DIFF_FIELD=$(echo "$TOOL_INPUT" | jq -c '{old_string, new_string, edits} | with_entries(select(.value != null))' 2>/dev/null || echo "null")
-[ -z "$DIFF_FIELD" ] || [ "$DIFF_FIELD" = "null" ] || [ "$DIFF_FIELD" = "{}" ] && DIFF_FIELD="null"
+FULL_PATH="$FILE_PATH"
+[ -n "$CWD" ] && FULL_PATH="$CWD/$FILE_PATH"
+FULL_CONTENT=""
+[ -f "$FULL_PATH" ] && FULL_CONTENT=$(head -c 50000 "$FULL_PATH" 2>/dev/null || true)
 
 DEPS_JSON="{}"
-_PKG_DIR=$(dirname "$FILE_PATH")
+_PKG_DIR="\${CWD:-.}"
 while [ "$_PKG_DIR" != "/" ]; do
   if [ -f "$_PKG_DIR/package.json" ]; then
     DEPS_JSON=$(jq -c '(.dependencies // {}) + (.devDependencies // {})' "$_PKG_DIR/package.json" 2>/dev/null || echo "{}")
@@ -1123,778 +770,1961 @@ while [ "$_PKG_DIR" != "/" ]; do
   _PKG_DIR=$(dirname "$_PKG_DIR")
 done
 
-synkro_load_config
-ROUTE=$(synkro_route)
-TAG=$(synkro_tag "$ROUTE")
-
-if [ "$SYNKRO_SILENT" = "true" ]; then
-  echo '{}'; exit 0
-fi
-
-if [ "$ROUTE" = "local" ]; then
-  # \u2500\u2500\u2500 Local edit scan (local_only privacy or local-cc channel) \u2500\u2500\u2500
-  GRADER_FILE=$(mktemp -t synkro-escan.XXXXXX)
-  trap "rm -f \\"$GRADER_FILE\\"" EXIT
-  printf 'Working directory: %s\\nRepo: %s\\nFile: %s\\nContent (first 4000 chars):\\n%s\\nOrg rules: %s\\n' "\${CWD:-.}" "\${GIT_REPO:-unknown}" "$FILE_PATH" "$(printf '%s' "$FILE_CONTENT" | head -c 4000)" "\${SYNKRO_RULES:-[]}" > "$GRADER_FILE"
-
-  CC_RESP=$(synkro_local_grade edit < "$GRADER_FILE" 2>&1)
-  if [ $? -ne 0 ]; then
-    echo '{}'; exit 0
-  fi
-  synkro_parse_local_verdict "$CC_RESP"
-
-  SCAN_CONTENT="file=$FILE_PATH"
-  SCAN_VIOLATED="[]"
-  [ -n "$LOCAL_RULE_ID" ] && SCAN_VIOLATED=$(jq -n --arg r "$LOCAL_RULE_ID" '[$r]')
-
-  if [ "$LOCAL_OK" = "false" ]; then
-    RULE_MODE="\${LOCAL_RULE_MODE:-$(synkro_rule_mode "\${LOCAL_RULE_ID}")}"
-    if [ "$RULE_MODE" = "audit" ]; then
-      REASON="$TAG editScan $BASENAME \u2192 warning\${LOCAL_RULE_ID:+ ($LOCAL_RULE_ID)}: \${LOCAL_REASON:-policy violation}"
-      jq -n --arg m "$REASON" '{systemMessage: $m}'
-      synkro_dispatch_capture "edit_scan" "warning" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID" \\
-        "$SCAN_CONTENT" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "$SCAN_VIOLATED" "[]"
-    else
-      REASON="$TAG editScan $BASENAME \u2192 block: \${LOCAL_REASON:-policy violation}"
-      jq -n --arg m "$REASON" '{systemMessage: $m, additionalContext: $m}'
-      synkro_dispatch_capture "edit_scan" "block" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID" \\
-        "$SCAN_CONTENT" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "$SCAN_VIOLATED" "[]"
-    fi
-  else
-    jq -n --arg m "$TAG editScan $BASENAME \u2192 pass: \${LOCAL_REASON:-no policy violations detected}" '{systemMessage: $m}'
-    synkro_dispatch_capture "edit_scan" "pass" "audit" "\${LOCAL_CAT:-trivial_edit}" "$TOOL_NAME" "$GIT_REPO" "$SESSION_ID" \\
-      "$SCAN_CONTENT" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "[]" "[]"
-  fi
-  exit 0
-fi
-
-# \u2500\u2500\u2500 Cloud edit scan \u2500\u2500\u2500
-BODY=$(jq -n \\
-  --arg hook_event "PostToolUse" \\
-  --arg tool_name "$TOOL_NAME" \\
-  --argjson tool_input "$TOOL_INPUT" \\
-  --arg file_path "$FILE_PATH" \\
-  --arg content "$FILE_CONTENT" \\
-  --argjson diff "$DIFF_FIELD" \\
-  --argjson dependencies "$DEPS_JSON" \\
-  --arg session_id "$SESSION_ID" \\
-  --arg tool_use_id "$TOOL_USE_ID" \\
-  --arg cwd "$CWD" \\
-  --arg repo "$GIT_REPO" \\
-  '{
-    hook_event: $hook_event,
-    tool_name: $tool_name,
-    tool_input: $tool_input,
-    file_path: $file_path,
-    content: $content,
-    diff: $diff,
-    dependencies: $dependencies,
-    session_id: (if ($session_id | length) > 0 then $session_id else null end),
-    tool_use_id: (if ($tool_use_id | length) > 0 then $tool_use_id else null end),
-    cwd: (if ($cwd | length) > 0 then $cwd else null end),
-    repo: (if ($repo | length) > 0 then $repo else null end)
-  }')
-
-RESP=$(synkro_post_with_retry "\${GATEWAY_URL}/api/v1/hook/judge" "$BODY" 12)
+synkro_log "editScan $BASENAME"
 
-if [ -z "$RESP" ] || ! echo "$RESP" | jq -e 'type == "object"' >/dev/null 2>&1; then
-  synkro_log "editScan $BASENAME \u2192 error (no response)"
-  echo '{}'
-  exit 0
-fi
+(
+  BODY=$(jq -n \\
+    --arg file_path "$FILE_PATH" --arg content "$FULL_CONTENT" \\
+    --arg session_id "$SESSION_ID" --arg cwd "$CWD" --arg repo "$GIT_REPO" \\
+    --argjson deps "$DEPS_JSON" \\
+    '{capture_type:"edit_scan",tool_input:{file_path:$file_path,content:$content},edit_verdict:{ok:true},dependencies:$deps}
+      + (if ($session_id | length) > 0 then {session_id:$session_id} else {} end)
+      + (if ($cwd | length) > 0 then {cwd:$cwd} else {} end)
+      + (if ($repo | length) > 0 then {repo:$repo} else {} end)')
+  curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
+    -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
+    -d "$BODY" --max-time 10 >/dev/null 2>&1 || true
+) &
+disown 2>/dev/null || true
 
-if echo "$RESP" | jq -e '.hook_response' >/dev/null 2>&1; then
-  echo "$RESP" | jq -c '.hook_response'
-else
-  echo '{}'
-fi
+echo '{}'
 exit 0
 `;
-    CC_PLAN_JUDGE_SCRIPT = `#!/bin/bash
+    CURSOR_BASH_FOLLOWUP_SCRIPT = `#!/bin/bash
 SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
 . "$SCRIPT_DIR/_synkro-common.sh"
 
 JWT=$(synkro_load_jwt)
 if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
-synkro_ensure_fresh_jwt
 
 PAYLOAD=$(cat)
-if [ -z "$PAYLOAD" ]; then echo '{}'; exit 0; fi
-
 TOOL_NAME=$(echo "$PAYLOAD" | jq -r '.tool_name // empty' 2>/dev/null)
-if [ "$TOOL_NAME" != "ExitPlanMode" ]; then echo '{}'; exit 0; fi
-
-# ExitPlanMode's tool_input contains {allowedPrompts:[...]}, not plan content.
-# Read from the most recently modified plan file instead.
-PLANS_DIR="$HOME/.claude/plans"
-PLAN_FILE=$(ls -t "$PLANS_DIR"/*.md 2>/dev/null | head -1)
-if [ -z "$PLAN_FILE" ] || [ ! -f "$PLAN_FILE" ]; then echo '{}'; exit 0; fi
-PLAN=$(cat "$PLAN_FILE" 2>/dev/null)
-if [ -z "$PLAN" ] || [ \${#PLAN} -lt 20 ]; then echo '{}'; exit 0; fi
-
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
-CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
-GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
-
-PLAN_SHORT=$(printf '%s' "$PLAN" | head -c 80)
-synkro_log "planReview checking: $PLAN_SHORT..."
-
-# Write review verdict into the plan file so it survives ExitPlanMode rejection
-append_review_to_plan() {
-  local verdict="$1"
-  local tmp="\${PLAN_FILE}.synkro.tmp"
-  sed '/^<!-- synkro-plan-review -->$/,/^<!-- \\/synkro-plan-review -->$/d' "$PLAN_FILE" | sed -e :a -e '/^\\n*$/{$d;N;ba' -e '}' > "$tmp" 2>/dev/null
-  printf '\\n\\n<!-- synkro-plan-review -->\\n\\n---\\n\\n**Synkro Plan Review** \u2014 %s\\n\\n%s\\n\\n<!-- /synkro-plan-review -->\\n' "$(date '+%Y-%m-%d %H:%M')" "$verdict" >> "$tmp"
-  mv "$tmp" "$PLAN_FILE" 2>/dev/null
-}
+case "$TOOL_NAME" in Shell|Bash|terminal|run_terminal_cmd|execute_command) ;; *) echo '{}'; exit 0 ;; esac
 
-synkro_load_config
-ROUTE=$(synkro_route)
-TAG=$(synkro_tag "$ROUTE")
+SESSION_ID=$(echo "$PAYLOAD" | jq -r '.conversation_id // empty' 2>/dev/null)
+TOOL_USE_ID=$(echo "$PAYLOAD" | jq -r '.tool_use_id // empty' 2>/dev/null)
 
-if [ "$SYNKRO_SILENT" = "true" ]; then
-  jq -n --arg m "$TAG planReview \u2192 skipped (silent mode)" '{systemMessage: $m}'
-  exit 0
+IS_ERROR=$(echo "$PAYLOAD" | jq -r '.tool_result.is_error // false' 2>/dev/null)
+CMD=$(echo "$PAYLOAD" | jq -r '.tool_input.command // empty' 2>/dev/null)
+CMD_HASH=""
+if [ -n "$CMD" ]; then
+  CMD_HASH=$(printf '%s' "$CMD" | shasum -a 256 | cut -c1-16)
 fi
 
-if [ "$ROUTE" = "local" ]; then
-  GRADER_FILE=$(mktemp -t synkro-plan.XXXXXX)
-  trap "rm -f \\"$GRADER_FILE\\"" EXIT
-  printf 'Working directory: %s\\nRepo: %s\\nPlan:\\n%s\\nOrg rules: %s\\n' "\${CWD:-.}" "\${GIT_REPO:-unknown}" "$(printf '%s' "$PLAN" | head -c 8000)" "\${SYNKRO_RULES:-[]}" > "$GRADER_FILE"
-
-  CC_RESP=$(synkro_local_grade plan < "$GRADER_FILE" 2>&1)
-  if [ $? -ne 0 ]; then
-    echo '{}'; exit 0
-  fi
-  synkro_parse_local_verdict "$CC_RESP"
-
-  PLAN_CONTENT=$(printf '%s' "$PLAN" | head -c 2000)
-  PLAN_VIOLATED="[]"
-  [ -n "$LOCAL_RULE_ID" ] && PLAN_VIOLATED=$(jq -n --arg r "$LOCAL_RULE_ID" '[$r]')
-
-  if [ "$LOCAL_OK" = "false" ]; then
-    VCOUNT=$(printf '%s' "$CC_RESP" | grep -c '<violation>' 2>/dev/null || echo "0")
-    [ "$VCOUNT" = "0" ] && VCOUNT="1"
-    REVIEW_MSG="\${VCOUNT} rule(s) relevant\${LOCAL_RULE_ID:+ (first: $LOCAL_RULE_ID)}: \${LOCAL_REASON:-check org rules during implementation}"
-    append_review_to_plan "\u26A0\uFE0F Advisory \u2014 $REVIEW_MSG"
-    MSG="$TAG planReview \u2192 $REVIEW_MSG"
-    jq -n --arg m "$MSG" '{systemMessage: $m}'
-    synkro_dispatch_capture "plan_review" "advisory" "\${LOCAL_SEV}" "\${LOCAL_CAT}" "ExitPlanMode" "$GIT_REPO" "$SESSION_ID" \\
-      "$PLAN_CONTENT" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "$PLAN_VIOLATED" "[]"
+if [ -n "$CMD_HASH" ] && [ -n "$SESSION_ID" ]; then
+  if [ "$IS_ERROR" = "false" ]; then
+    synkro_consent_consume "$SESSION_ID" "$CMD_HASH"
   else
-    REVIEW_MSG="Clean \u2014 \${LOCAL_REASON:-no relevant org rules for this plan}"
-    append_review_to_plan "\u2705 $REVIEW_MSG"
-    jq -n --arg m "$TAG planReview \u2192 clean: \${LOCAL_REASON:-no relevant org rules for this plan}" '{systemMessage: $m}'
-    synkro_dispatch_capture "plan_review" "clean" "audit" "\${LOCAL_CAT:-general}" "ExitPlanMode" "$GIT_REPO" "$SESSION_ID" \\
-      "$PLAN_CONTENT" "$LOCAL_REASON" "\${SYNKRO_RULES:-[]}" "[]" "[]"
+    if ! synkro_consent_has_active "$SESSION_ID" "$CMD_HASH"; then
+      synkro_consent_grant "$SESSION_ID" "$CMD_HASH"
+    fi
   fi
-  exit 0
-fi
-
-# \u2500\u2500\u2500 Cloud grading \u2500\u2500\u2500
-BODY=$(jq -n \\
-  --arg hook_event "PreToolUse" \\
-  --arg tool_name "ExitPlanMode" \\
-  --arg plan "$(printf '%s' "$PLAN" | head -c 16000)" \\
-  --arg session_id "$SESSION_ID" \\
-  --arg cwd "$CWD" \\
-  --arg repo "$GIT_REPO" \\
-  '{
-    hook_event: $hook_event,
-    tool_name: $tool_name,
-    tool_input: {plan: $plan},
-    session_id: (if ($session_id | length) > 0 then $session_id else null end),
-    cwd: (if ($cwd | length) > 0 then $cwd else null end),
-    repo: (if ($repo | length) > 0 then $repo else null end)
-  }')
-
-RESP=$(synkro_post_with_retry "\${GATEWAY_URL}/api/v1/hook/judge" "$BODY" 12)
-
-if [ -z "$RESP" ]; then
-  synkro_log "planReview \u2192 error (timeout)"
-  echo '{}'
-  exit 0
 fi
 
-if ! echo "$RESP" | jq -e '.hook_response' >/dev/null 2>&1; then
-  echo '{}'
-  exit 0
+if [ -n "$SESSION_ID" ] && [ -n "$TOOL_USE_ID" ]; then
+  (
+    BODY=$(jq -n --arg sid "$SESSION_ID" --arg tid "$TOOL_USE_ID" \\
+      --argjson err "$IS_ERROR" --arg ch "$CMD_HASH" \\
+      '{capture_type:"bash_followup",session_id:$sid,tool_use_id:$tid,is_error:$err,command_hash:$ch}')
+    curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
+      -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
+      -d "$BODY" --max-time 3 >/dev/null 2>&1 || true
+  ) &
+  disown 2>/dev/null || true
 fi
 
-# Force advisory: convert any blocking decision to systemMessage
-HR=$(echo "$RESP" | jq -c '.hook_response')
-if echo "$HR" | jq -e '.hookSpecificOutput.permissionDecision' >/dev/null 2>&1; then
-  REASON=$(echo "$HR" | jq -r '.hookSpecificOutput.permissionDecisionReason // "check org rules"' 2>/dev/null)
-  append_review_to_plan "\u26A0\uFE0F Advisory \u2014 $REASON"
-  jq -n --arg m "$TAG planReview \u2192 advisory: $REASON" '{systemMessage: $m}'
-else
-  CLOUD_MSG=$(echo "$HR" | jq -r '.systemMessage // empty' 2>/dev/null)
-  [ -n "$CLOUD_MSG" ] && append_review_to_plan "\u2705 $CLOUD_MSG"
-  echo "$HR"
-fi
+echo '{}'
 exit 0
 `;
-    CC_STOP_SUMMARY_SCRIPT = `#!/bin/bash
-SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
-. "$SCRIPT_DIR/_synkro-common.sh"
+  }
+});
 
-JWT=$(synkro_load_jwt)
-if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
+// cli/installer/hookScriptsTs.ts
+var SYNKRO_COMMON_TS, EDIT_PRECHECK_TS, CWE_PRECHECK_TS, CVE_PRECHECK_TS, BASH_JUDGE_TS, PLAN_JUDGE_TS, STOP_SUMMARY_TS, SESSION_START_TS, BASH_FOLLOWUP_TS, TRANSCRIPT_SYNC_TS, USER_PROMPT_SUBMIT_TS;
+var init_hookScriptsTs = __esm({
+  "cli/installer/hookScriptsTs.ts"() {
+    "use strict";
+    SYNKRO_COMMON_TS = `
+// Shared Synkro hook utilities \u2014 imported by all hook scripts.
+import { readFileSync, writeFileSync, mkdirSync, rmdirSync, existsSync, renameSync } from 'node:fs';
+import { join, dirname, basename, extname } from 'node:path';
+import { homedir } from 'node:os';
+import { execSync, spawn } from 'node:child_process';
 
-PAYLOAD=$(cat)
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
-if [ -z "$SESSION_ID" ]; then echo '{}'; exit 0; fi
+// \u2500\u2500\u2500 Config \u2500\u2500\u2500
 
-CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
-TRANSCRIPT_PATH=$(echo "$PAYLOAD" | jq -r '.transcript_path // empty' 2>/dev/null)
-GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
+const HOME = homedir();
+const CONFIG_PATH = join(HOME, '.synkro', 'config.env');
 
-# Aggregate token usage across all assistant turns in the transcript and POST silently
-if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
-  (
-    _LAST=$(grep '"type":"assistant"' "$TRANSCRIPT_PATH" 2>/dev/null | tail -1)
-    CC_MODEL=$(echo "$_LAST" | jq -r '.message.model // empty' 2>/dev/null)
-    TOTALS=$(grep '"type":"assistant"' "$TRANSCRIPT_PATH" 2>/dev/null \\
-      | jq -c '.message.usage' 2>/dev/null \\
-      | jq -s '{in:(map(.input_tokens//0)|add//0),out:(map(.output_tokens//0)|add//0),cw:(map(.cache_creation_input_tokens//0)|add//0),cr:(map(.cache_read_input_tokens//0)|add//0)}' 2>/dev/null \\
-      || echo '{"in":0,"out":0,"cw":0,"cr":0}')
-    TOK_IN=$(echo "$TOTALS" | jq -r '.in // 0')
-    TOK_OUT=$(echo "$TOTALS" | jq -r '.out // 0')
-    TOK_CW=$(echo "$TOTALS" | jq -r '.cw // 0')
-    TOK_CR=$(echo "$TOTALS" | jq -r '.cr // 0')
-    HAS_TOKENS=$(( TOK_IN + TOK_OUT ))
-    if [ "$HAS_TOKENS" != "0" ]; then
-      CC_USAGE="{"input_tokens":$TOK_IN,"output_tokens":$TOK_OUT,"cache_creation_input_tokens":$TOK_CW,"cache_read_input_tokens":$TOK_CR}"
-      BODY=$(jq -n \\
-        --arg event_id "usage_$(date +%s)_$$" \\
-        --arg hook_type "stop" --arg verdict "allow" --arg severity "none" \\
-        --arg model "\${CC_MODEL:-claude-sonnet-4-6}" \\
-        --arg cc_model "\${CC_MODEL:-}" \\
-        --arg repo "\${GIT_REPO:-}" --arg session_id "$SESSION_ID" \\
-        --argjson cc_usage "$CC_USAGE" \\
-        '{capture_type:"local_verdict",event_id:$event_id,hook_type:$hook_type,verdict:$verdict,severity:$severity,model:$model,cc_usage:$cc_usage}
-          + (if $repo != "" then {repo:$repo} else {} end)
-          + (if $session_id != "" then {session_id:$session_id} else {} end)
-          + (if $cc_model != "" then {cc_model:$cc_model} else {} end)')
-      curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
-        -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-        -d "$BODY" --max-time 2 >/dev/null 2>&1
-    fi
-  ) &
-fi
+// Load config.env into process.env
+if (existsSync(CONFIG_PATH)) {
+  try {
+    const lines = readFileSync(CONFIG_PATH, 'utf-8').split('\\n');
+    for (const line of lines) {
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith('#')) continue;
+      const eqIdx = trimmed.indexOf('=');
+      if (eqIdx < 1) continue;
+      const key = trimmed.slice(0, eqIdx).trim();
+      let val = trimmed.slice(eqIdx + 1).trim();
+      // Strip surrounding quotes
+      if ((val.startsWith('"') && val.endsWith('"')) || (val.startsWith("'") && val.endsWith("'"))) {
+        val = val.slice(1, -1);
+      }
+      process.env[key] = val;
+    }
+  } catch {}
+}
 
-RESP=$(curl -sS -G "\${GATEWAY_URL}/api/v1/cli/session-summary" \\
-  --data-urlencode "session_id=$SESSION_ID" \\
-  -H "Authorization: Bearer $JWT" --max-time 2 2>/dev/null || echo "")
+export const GATEWAY_URL = process.env.SYNKRO_GATEWAY_URL || 'https://api.synkro.sh';
+export const CREDS_PATH = process.env.SYNKRO_CREDENTIALS_PATH || join(HOME, '.synkro', 'credentials.json');
+const LAST_PROMPT_FILE = join(HOME, '.synkro', '.last-prompt');
 
-if [ -z "$RESP" ]; then echo '{}'; exit 0; fi
+// \u2500\u2500\u2500 Logging \u2500\u2500\u2500
 
-EDITS=$(echo "$RESP" | jq -r '.edits_scanned // 0' 2>/dev/null)
-FINDINGS=$(echo "$RESP" | jq -r '.findings // 0' 2>/dev/null)
-AUTO_FIXED=$(echo "$RESP" | jq -r '.auto_fixed // 0' 2>/dev/null)
-OPEN=$(echo "$RESP" | jq -r '.open // 0' 2>/dev/null)
+export function log(msg: string): void {
+  process.stderr.write('[synkro] ' + msg + '\\n');
+}
 
-if [ "\${EDITS:-0}" = "0" ] || [ -z "$EDITS" ]; then echo '{}'; exit 0; fi
+// \u2500\u2500\u2500 JWT Management \u2500\u2500\u2500
 
-synkro_load_config
-TAG=$(synkro_tag)
-if [ "\${FINDINGS:-0}" = "0" ] || [ -z "$FINDINGS" ]; then
-  SYS_MSG="$TAG stop \u2192 0 issues across \${EDITS} edit(s), session complete"
-else
-  SYS_MSG="$TAG stop \u2192 \${FINDINGS} finding(s): \${AUTO_FIXED} auto-fixed, \${OPEN} open"
-fi
+export function loadJwt(): string | null {
+  try {
+    if (!existsSync(CREDS_PATH)) return null;
+    const creds = JSON.parse(readFileSync(CREDS_PATH, 'utf-8'));
+    return creds.access_token || null;
+  } catch {
+    return null;
+  }
+}
 
-jq -n --arg m "$SYS_MSG" '{systemMessage: $m}'
-exit 0
-`;
-    CC_SESSION_START_SCRIPT = `#!/bin/bash
-SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
-. "$SCRIPT_DIR/_synkro-common.sh"
+function decodeJwtExp(jwt: string): number {
+  try {
+    const parts = jwt.split('.');
+    if (parts.length < 2) return 0;
+    let payload = parts[1].replace(/-/g, '+').replace(/_/g, '/');
+    while (payload.length % 4) payload += '=';
+    const decoded = Buffer.from(payload, 'base64').toString('utf-8');
+    const obj = JSON.parse(decoded);
+    return obj.exp || 0;
+  } catch {
+    return 0;
+  }
+}
 
-JWT=$(synkro_load_jwt)
+export async function refreshJwt(jwt: string): Promise<string> {
+  try {
+    const creds = JSON.parse(readFileSync(CREDS_PATH, 'utf-8'));
+    const rt = creds.refresh_token;
+    if (!rt) return jwt;
 
-# Route preamble
-SYNKRO_PORT="\${SYNKRO_CHANNEL_PORT:-8929}"
-PAYLOAD=$(cat)
-CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
-GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
+    const resp = await fetch(GATEWAY_URL + '/api/auth/refresh', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ refresh_token: rt }),
+      signal: AbortSignal.timeout(4000),
+    });
+    const data = await resp.json() as any;
+    const newAt = data.access_token;
+    if (!newAt) return jwt;
+
+    const newRt = data.refresh_token || rt;
+    const existing = (() => {
+      try { return JSON.parse(readFileSync(CREDS_PATH, 'utf-8')); } catch { return {}; }
+    })();
+    const updated = { ...existing, access_token: newAt, refresh_token: newRt };
+    const tmp = CREDS_PATH + '.synkro.tmp';
+    writeFileSync(tmp, JSON.stringify(updated, null, 2));
+    renameSync(tmp, CREDS_PATH);
+    return newAt;
+  } catch {
+    return jwt;
+  }
+}
 
-RESP=""
-if [ -n "$JWT" ]; then
-  RESP=$(curl -sS -G "\${GATEWAY_URL}/api/v1/hook/config" \\
-    --data-urlencode "session_id=\${SESSION_ID:-}" \\
-    --data-urlencode "repo=\${GIT_REPO:-}" \\
-    -H "Authorization: Bearer $JWT" --max-time 3 2>/dev/null || echo "")
-  if [ -n "$RESP" ]; then
-    SYNKRO_SILENT=$(echo "$RESP" | jq -r '.silent_mode // false' 2>/dev/null)
-    SYNKRO_POLICY_NAME=$(echo "$RESP" | jq -r '.active_policy_name // empty' 2>/dev/null)
-  fi
-fi
+export async function ensureFreshJwt(jwt: string): Promise<string> {
+  if (!jwt) return jwt;
+  const exp = decodeJwtExp(jwt);
+  const now = Math.floor(Date.now() / 1000);
+  if (exp - now >= 60) return jwt;
 
-if (exec 3<>/dev/tcp/127.0.0.1/"$SYNKRO_PORT") 2>/dev/null; then
-  exec 3<&- 3>&- 2>/dev/null || true
-  TAG=$(synkro_tag "local")
-  ROUTE_LINE="$TAG inference: local-cc (channel reachable on 127.0.0.1:$SYNKRO_PORT)"
-else
-  TAG=$(synkro_tag "cloud")
-  ROUTE_LINE="$TAG inference: cloud (local-cc channel not reachable)"
-fi
+  const lockdir = CREDS_PATH + '.lockdir';
+  let acquired = false;
+  try {
+    mkdirSync(lockdir);
+    acquired = true;
+  } catch {
+    // Another process is refreshing \u2014 wait and re-read
+    for (let i = 0; i < 5; i++) {
+      await new Promise(r => setTimeout(r, 500));
+      if (!existsSync(lockdir)) break;
+    }
+    // Re-read creds
+    const fresh = loadJwt();
+    return fresh || jwt;
+  }
 
-if [ -z "$JWT" ]; then
-  jq -n --arg m "$ROUTE_LINE" '{systemMessage: $m}'
-  exit 0
-fi
+  try {
+    // Re-check \u2014 another hook may have just refreshed
+    const freshJwt = loadJwt();
+    if (freshJwt) {
+      const freshExp = decodeJwtExp(freshJwt);
+      if (freshExp - Math.floor(Date.now() / 1000) >= 60) return freshJwt;
+    }
+    return await refreshJwt(jwt);
+  } finally {
+    if (acquired) {
+      try { rmdirSync(lockdir); } catch {}
+    }
+  }
+}
 
-OPEN=0
-if [ -n "$RESP" ]; then
-  OPEN=$(echo "$RESP" | jq -r '.session_context.open_findings // 0' 2>/dev/null)
-fi
+// \u2500\u2500\u2500 Repo Detection \u2500\u2500\u2500
 
-if [ "$OPEN" = "0" ] || [ -z "$OPEN" ]; then
-  jq -n --arg m "$ROUTE_LINE" '{systemMessage: $m}'
-else
-  if [ "$OPEN" = "1" ]; then
-    SYS_MSG="$ROUTE_LINE"$'\\n'"$TAG session start \u2192 1 open finding in this repo from a prior session."
-  else
-    SYS_MSG="$ROUTE_LINE"$'\\n'"$TAG session start \u2192 \${OPEN} open findings in this repo from prior sessions."
-  fi
-  jq -n --arg m "$SYS_MSG" '{systemMessage: $m}'
-fi
-exit 0
-`;
-    CC_BASH_FOLLOWUP_SCRIPT = `#!/bin/bash
-SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
-. "$SCRIPT_DIR/_synkro-common.sh"
+export function detectRepo(cwd: string): string {
+  try {
+    const url = execSync('git remote get-url origin', { cwd, timeout: 3000, encoding: 'utf-8' }).trim();
+    if (!url) return '';
+    return url
+      .replace(/^git@[^:]+:/, '')
+      .replace(/^https?:\\/\\/[^/]+\\//, '')
+      .replace(/\\.git$/, '');
+  } catch {
+    return '';
+  }
+}
 
-JWT=$(synkro_load_jwt)
-if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
+// \u2500\u2500\u2500 Channel Health \u2500\u2500\u2500
 
-PAYLOAD=$(cat)
-TOOL_NAME=$(echo "$PAYLOAD" | jq -r '.tool_name // empty' 2>/dev/null)
-if [ "$TOOL_NAME" != "Bash" ]; then echo '{}'; exit 0; fi
+export async function channelUp(port = 8929): Promise<boolean> {
+  try {
+    await fetch('http://127.0.0.1:' + port, { signal: AbortSignal.timeout(500) });
+    return true;
+  } catch (e: any) {
+    // If we got a connection error vs a response error, check:
+    // fetch throws TypeError for connection refused, but any HTTP response means the port is open
+    if (e?.name === 'TimeoutError') return false;
+    if (e?.cause?.code === 'ECONNREFUSED' || e?.code === 'ECONNREFUSED') return false;
+    // Any other error (like bad response) means the port is actually open
+    return true;
+  }
+}
 
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
-TOOL_USE_ID=$(echo "$PAYLOAD" | jq -r '.tool_use_id // empty' 2>/dev/null)
-if [ -z "$SESSION_ID" ] || [ -z "$TOOL_USE_ID" ]; then echo '{}'; exit 0; fi
+export async function cweChannelUp(): Promise<boolean> {
+  return channelUp(8930);
+}
 
-# Extract is_error from tool_result and compute command hash for consent tracking
-IS_ERROR=$(echo "$PAYLOAD" | jq -r '.tool_result.is_error // false' 2>/dev/null)
-CMD=$(echo "$PAYLOAD" | jq -r '.tool_input.command // empty' 2>/dev/null)
-CMD_HASH=""
-if [ -n "$CMD" ]; then
-  CMD_HASH=$(printf '%s' "$CMD" | shasum -a 256 | cut -c1-16)
-fi
+// \u2500\u2500\u2500 Config Loading \u2500\u2500\u2500
 
-BODY=$(jq -n --arg sid "$SESSION_ID" --arg tid "$TOOL_USE_ID" \\
-  --argjson err "$IS_ERROR" --arg ch "$CMD_HASH" \\
-  '{capture_type:"bash_followup",session_id:$sid,tool_use_id:$tid,is_error:$err,command_hash:$ch}')
+export interface Rule {
+  rule_id: string;
+  text: string;
+  severity: string;
+  category: string;
+  mode: string;
+}
 
-# Local consent tracking: command ran = user consented
-# On success \u2192 consume (next attempt blocks fresh)
-# On failure \u2192 grant active (retry allowed)
-# Consent tracking: on success \u2192 consume (next run blocks fresh), on error \u2192 grant (retry allowed)
-if [ -n "$CMD_HASH" ] && [ -n "$SESSION_ID" ]; then
-  if [ "$IS_ERROR" = "false" ]; then
-    synkro_consent_consume "$SESSION_ID" "$CMD_HASH"
-  else
-    if ! synkro_consent_has_active "$SESSION_ID" "$CMD_HASH"; then
-      synkro_consent_grant "$SESSION_ID" "$CMD_HASH"
-    fi
-  fi
-fi
+export interface HookConfig {
+  captureDepth: string;
+  tier: string;
+  silent: boolean;
+  policyName: string;
+  rules: Rule[];
+}
 
-curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
-  -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-  -d "$BODY" --max-time 2 >/dev/null 2>&1 || true
+export async function loadConfig(jwt: string, query?: string): Promise<HookConfig> {
+  const config: HookConfig = {
+    captureDepth: 'local_only',
+    tier: 'standard',
+    silent: false,
+    policyName: '',
+    rules: [],
+  };
+  try {
+    const url = GATEWAY_URL + '/api/v1/hook/config' + (query ? '?' + query : '');
+    const resp = await fetch(url, {
+      headers: { Authorization: 'Bearer ' + jwt },
+      signal: AbortSignal.timeout(4000),
+    });
+    const data = await resp.json() as any;
+    config.captureDepth = data.capture_depth || 'local_only';
+    config.tier = data.tier || 'standard';
+    config.silent = data.silent_mode === true || data.silent_mode === 'true';
+    config.policyName = data.active_policy_name || '';
+    if (Array.isArray(data.rules)) {
+      config.rules = data.rules
+        .filter((r: any) => r.hook_stage === 'pre' || r.hook_stage === 'both' || r.hook_stage == null)
+        .map((r: any) => ({
+          rule_id: r.rule_id || '',
+          text: r.text || '',
+          severity: r.severity || '',
+          category: r.category || '',
+          mode: r.mode || 'blocking',
+        }));
+    }
+  } catch {}
+  return config;
+}
 
-echo '{}'
-exit 0
-`;
-    CC_CVE_SCAN_SCRIPT = `#!/bin/bash
-SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
-. "$SCRIPT_DIR/_synkro-common.sh"
+// \u2500\u2500\u2500 Routing \u2500\u2500\u2500
 
-JWT=$(synkro_load_jwt)
-if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
-synkro_ensure_fresh_jwt
+export async function route(config: HookConfig): Promise<'local' | 'cloud'> {
+  if (config.captureDepth === 'local_only') return 'local';
+  if (await channelUp()) return 'local';
+  return 'cloud';
+}
 
-PAYLOAD=$(cat)
-if [ -z "$PAYLOAD" ]; then echo '{}'; exit 0; fi
+export async function cweRoute(config: HookConfig): Promise<'local' | 'cloud'> {
+  if (config.captureDepth === 'local_only') return 'local';
+  if (await cweChannelUp()) return 'local';
+  return 'cloud';
+}
 
-TOOL_NAME=$(echo "$PAYLOAD" | jq -r '.tool_name // empty' 2>/dev/null)
-case "$TOOL_NAME" in Edit|Write|MultiEdit|NotebookEdit) ;; *) echo '{}'; exit 0 ;; esac
+// \u2500\u2500\u2500 Tag Building \u2500\u2500\u2500
 
-TOOL_INPUT=$(echo "$PAYLOAD" | jq -c '.tool_input // {}' 2>/dev/null)
-CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
+export function tag(rt: string, config: HookConfig): string {
+  if (config.silent) return '[synkro:silent]';
+  const rs = config.policyName || 'all';
+  return '[synkro:' + rt + ':' + rs + ']';
+}
 
-FILE_PATH=$(echo "$TOOL_INPUT" | jq -r '.file_path // .notebook_path // .path // empty' 2>/dev/null)
-if [ -z "$FILE_PATH" ] || [ ! -f "$FILE_PATH" ]; then echo '{}'; exit 0; fi
+// \u2500\u2500\u2500 Local Grading \u2500\u2500\u2500
 
-FILE_CONTENT=$(head -c 65536 "$FILE_PATH" 2>/dev/null || echo "")
-if [ -z "$FILE_CONTENT" ]; then echo '{}'; exit 0; fi
+function spawnGrade(surface: string, prompt: string, envOverride?: Record<string, string>, timeoutMs = 22000): Promise<string> {
+  return new Promise((resolve, reject) => {
+    const cliBin = process.env.SYNKRO_CLI_BIN;
+    let cmd: string;
+    let args: string[];
 
-DEPS_JSON="{}"
-_PKG_DIR=$(dirname "$FILE_PATH")
-while [ "$_PKG_DIR" != "/" ]; do
-  if [ -f "$_PKG_DIR/package.json" ]; then
-    DEPS_JSON=$(jq -c '(.dependencies // {}) + (.devDependencies // {})' "$_PKG_DIR/package.json" 2>/dev/null || echo "{}")
-    break
-  fi
-  _PKG_DIR=$(dirname "$_PKG_DIR")
-done
+    if (cliBin && existsSync(cliBin)) {
+      // Use the CLI binary directly with bun/node
+      cmd = 'node';
+      args = [cliBin, 'grade', surface];
+    } else {
+      cmd = 'synkro';
+      args = ['grade', surface];
+    }
 
-synkro_load_config
-ROUTE=$(synkro_route)
-TAG=$(synkro_tag "$ROUTE")
+    const child = spawn(cmd, args, {
+      stdio: ['pipe', 'pipe', 'pipe'],
+      env: { ...process.env, ...envOverride },
+    });
 
-if [ "$SYNKRO_SILENT" = "true" ]; then echo '{}'; exit 0; fi
+    let stdout = '';
+    let stderr = '';
+    child.stdout.on('data', (d: Buffer) => { stdout += d.toString(); });
+    child.stderr.on('data', (d: Buffer) => { stderr += d.toString(); });
+    child.stdin.write(prompt);
+    child.stdin.end();
+
+    const timer = setTimeout(() => {
+      child.kill();
+      reject(new Error('SYNKRO_GRADE_TIMEOUT'));
+    }, timeoutMs);
+
+    child.on('close', (code: number | null) => {
+      clearTimeout(timer);
+      if (code === 0) resolve(stdout);
+      else reject(new Error(stderr || 'exit ' + code));
+    });
+    child.on('error', (err: Error) => { clearTimeout(timer); reject(err); });
+  });
+}
 
-BASENAME=$(basename "$FILE_PATH")
+export async function localGrade(surface: string, prompt: string): Promise<string> {
+  if (!(await channelUp())) throw new Error('SYNKRO_CHANNEL_DOWN');
+  return spawnGrade(surface, prompt);
+}
 
-BODY=$(jq -n --arg fp "$FILE_PATH" --arg c "$FILE_CONTENT" --argjson deps "$DEPS_JSON" \\
-  '{file_path:$fp, content:$c, dependencies:$deps}')
+export async function localGradeCwe(prompt: string): Promise<string> {
+  if (!(await cweChannelUp())) throw new Error('SYNKRO_CHANNEL_DOWN');
+  return spawnGrade('cwe', prompt, { SYNKRO_CHANNEL_PORT: '8930' }, 12000);
+}
 
-RESP=$(curl -sS -X POST "\${GATEWAY_URL}/api/v1/cve-scan" \\
-  -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-  -d "$BODY" --max-time 6 2>/dev/null || echo "")
+// \u2500\u2500\u2500 Verdict Parsing \u2500\u2500\u2500
 
-if [ -z "$RESP" ] || ! echo "$RESP" | jq -e 'type == "object"' >/dev/null 2>&1; then
-  echo '{}'; exit 0
-fi
+export interface Verdict {
+  ok: boolean;
+  reason: string;
+  ruleId: string;
+  ruleMode: string;
+  severity: string;
+  category: string;
+}
 
-CVE_COUNT=$(echo "$RESP" | jq -r '.findings | length' 2>/dev/null || echo "0")
-if [ "$CVE_COUNT" -gt 0 ] 2>/dev/null; then
-  CVE_CRIT=$(echo "$RESP" | jq '[.findings[] | select((.severity | tonumber? // 0) >= 7.0)] | length' 2>/dev/null || echo "0")
-  CRIT_PKGS=$(echo "$RESP" | jq -r '[.findings[] | select((.severity | tonumber? // 0) >= 7.0) | .package] | unique | .[:3] | join(", ")' 2>/dev/null || echo "")
-  ALL_PKGS=$(echo "$RESP" | jq -r '[.findings[].package] | unique | .[:3] | join(", ")' 2>/dev/null || echo "")
-  ALL_TOTAL=$(echo "$RESP" | jq -r '[.findings[].package] | unique | length' 2>/dev/null || echo "0")
-  [ "$CVE_COUNT" = "1" ] && LABEL="advisory" || LABEL="advisories"
-  if [ "$CVE_CRIT" -gt 0 ]; then
-    [ "$ALL_TOTAL" -gt 3 ] && CRIT_PKGS="\${CRIT_PKGS}, ..."
-    jq -n --arg m "[synkro:\${ROUTE}:cveScan] \${CVE_COUNT} \${LABEL}, \${CVE_CRIT} critical/high (\${CRIT_PKGS})" '{systemMessage: $m}'
-  else
-    [ "$ALL_TOTAL" -gt 3 ] && ALL_PKGS="\${ALL_PKGS}, ..."
-    jq -n --arg m "[synkro:\${ROUTE}:cveScan] \${CVE_COUNT} \${LABEL} (\${ALL_PKGS})" '{systemMessage: $m}'
-  fi
-else
-  jq -n --arg m "[synkro:\${ROUTE}:cveScan] clean" '{systemMessage: $m}'
-fi
-exit 0
-`;
-    CC_TRANSCRIPT_SYNC_SCRIPT = `#!/bin/bash
-SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
-. "$SCRIPT_DIR/_synkro-common.sh"
+export function parseVerdict(resp: string): Verdict {
+  const verdict: Verdict = {
+    ok: true,
+    reason: '',
+    ruleId: '',
+    ruleMode: '',
+    severity: 'low',
+    category: 'clean',
+  };
 
-JWT=$(synkro_load_jwt)
-if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
+  // Flatten newlines for easier regex
+  const flat = resp.replace(/\\n/g, ' ');
+  const outerMatch = flat.match(/<synkro-verdict>(.*)<\\/synkro-verdict>/);
+  if (!outerMatch) return verdict;
+  const inner = outerMatch[1];
 
-PAYLOAD=$(cat)
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
-TRANSCRIPT_PATH=$(echo "$PAYLOAD" | jq -r '.transcript_path // empty' 2>/dev/null)
-CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
+  const okMatch = inner.match(/<ok>(.*?)<\\/ok>/);
+  if (okMatch) verdict.ok = okMatch[1].trim() !== 'false';
 
-if [ -z "$SESSION_ID" ] || [ -z "$TRANSCRIPT_PATH" ] || [ ! -f "$TRANSCRIPT_PATH" ]; then
-  echo '{}'; exit 0
-fi
+  const reasonMatch = inner.match(/<reason>(.*?)<\\/reason>/) || inner.match(/<reasoning>(.*?)<\\/reasoning>/);
+  if (reasonMatch) verdict.reason = reasonMatch[1].trim();
 
-# Usage telemetry \u2014 last turn only (metadata, ungated by privacy/consent)
-_LAST_ASST=$(grep '"type":"assistant"' "$TRANSCRIPT_PATH" 2>/dev/null | tail -1)
-if [ -n "$_LAST_ASST" ]; then
-  _CC_MODEL=$(echo "$_LAST_ASST" | jq -r '.message.model // empty' 2>/dev/null)
-  _TI=$(echo "$_LAST_ASST" | jq -r '.message.usage.input_tokens // 0' 2>/dev/null)
-  _TO=$(echo "$_LAST_ASST" | jq -r '.message.usage.output_tokens // 0' 2>/dev/null)
-  _TCW=$(echo "$_LAST_ASST" | jq -r '.message.usage.cache_creation_input_tokens // 0' 2>/dev/null)
-  _TCR=$(echo "$_LAST_ASST" | jq -r '.message.usage.cache_read_input_tokens // 0' 2>/dev/null)
-  if [ "\${_TI:-0}" != "0" ] || [ "\${_TO:-0}" != "0" ]; then
-    (
-      _USAGE="{\\"input_tokens\\":$_TI,\\"output_tokens\\":$_TO,\\"cache_creation_input_tokens\\":$_TCW,\\"cache_read_input_tokens\\":$_TCR}"
-      _BODY=$(jq -n \\
-        --arg event_id "usage_$(date +%s)_$$" \\
-        --arg hook_type "stop" --arg verdict "allow" --arg severity "none" \\
-        --arg model "\${_CC_MODEL:-claude-sonnet-4-6}" \\
-        --arg cc_model "\${_CC_MODEL:-}" \\
-        --arg session_id "$SESSION_ID" \\
-        --argjson cc_usage "$_USAGE" \\
-        '{capture_type:"usage_tick",event_id:$event_id,hook_type:$hook_type,verdict:$verdict,severity:$severity,model:$model,cc_usage:$cc_usage,session_id:$session_id}
-          + (if $cc_model != "" then {cc_model:$cc_model} else {} end)')
-      curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
-        -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-        -d "$_BODY" --max-time 2 >/dev/null 2>&1
-    ) &
-  fi
-fi
+  if (!verdict.ok) {
+    const ruleIdMatch = inner.match(/<rule_id>(.*?)<\\/rule_id>/);
+    const ruleModeMatch = inner.match(/<rule_mode>(.*?)<\\/rule_mode>/);
+    const sevMatch = inner.match(/<risk_level>(.*?)<\\/risk_level>/);
 
-# Transcript sync below is gated by consent + capture depth
-if [ "\${SYNKRO_TRANSCRIPT_CONSENT:-yes}" = "no" ]; then echo '{}'; exit 0; fi
+    if (ruleIdMatch) {
+      verdict.ruleId = ruleIdMatch[1].trim();
+    } else {
+      // Try to find inside a <violation> block
+      const violationMatch = inner.match(/<violation>(.*?)<\\/violation>/);
+      if (violationMatch) {
+        const vBlock = violationMatch[1];
+        const vRuleId = vBlock.match(/<rule_id>(.*?)<\\/rule_id>/);
+        if (vRuleId) verdict.ruleId = vRuleId[1].trim();
+        if (!verdict.reason) {
+          const vReason = vBlock.match(/<reason>(.*?)<\\/reason>/);
+          if (vReason) verdict.reason = vReason[1].trim();
+        }
+        if (!sevMatch) {
+          const vSev = vBlock.match(/<severity>(.*?)<\\/severity>/);
+          if (vSev) verdict.severity = vSev[1].trim();
+        }
+      }
+    }
 
-GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
-if [ -z "$GIT_REPO" ]; then echo '{}'; exit 0; fi
+    if (ruleModeMatch) verdict.ruleMode = ruleModeMatch[1].trim();
+    if (sevMatch) verdict.severity = sevMatch[1].trim();
+    verdict.severity = verdict.severity || 'high';
 
-# Check capture depth \u2014 skip in local_only
-CONFIG_RESP=$(curl -sS "\${GATEWAY_URL}/api/v1/hook/config" -H "Authorization: Bearer $JWT" --max-time 3 2>/dev/null || echo "")
-CAPTURE_DEPTH=$(echo "$CONFIG_RESP" | jq -r '.capture_depth // "local_only"' 2>/dev/null)
-if [ "$CAPTURE_DEPTH" = "local_only" ]; then echo '{}'; exit 0; fi
+    const catMatch = inner.match(/<category>(.*?)<\\/category>/);
+    verdict.category = catMatch ? catMatch[1].trim() : 'uncategorized';
 
-OFFSET_DIR="$HOME/.synkro/.transcript-offsets"
-mkdir -p "$OFFSET_DIR" 2>/dev/null || true
-OFFSET_FILE="$OFFSET_DIR/$SESSION_ID"
-OFFSET=0
-[ -f "$OFFSET_FILE" ] && OFFSET=$(cat "$OFFSET_FILE" 2>/dev/null || echo "0")
+    // Fallback: extract rule ID from reason text
+    if (!verdict.ruleId && verdict.reason) {
+      const rMatch = verdict.reason.match(/[Rr]\\d{3}/);
+      if (rMatch) verdict.ruleId = rMatch[0];
+    }
+  }
 
-TOTAL_LINES=$(wc -l < "$TRANSCRIPT_PATH" 2>/dev/null | tr -d ' ')
-if [ -z "$TOTAL_LINES" ] || [ "$TOTAL_LINES" -le "$OFFSET" ] 2>/dev/null; then echo '{}'; exit 0; fi
+  return verdict;
+}
+
+// \u2500\u2500\u2500 Telemetry Dispatch \u2500\u2500\u2500
+
+export function dispatchCapture(
+  jwt: string,
+  hookType: string,
+  verdictStr: string,
+  severity: string,
+  category: string,
+  toolName: string,
+  repo: string,
+  sessionId: string,
+  captureDepth: string,
+  opts?: {
+    command?: string;
+    reasoning?: string;
+    rulesChecked?: Rule[] | string;
+    violatedRules?: string[];
+    recentUserMessages?: string[];
+    ccModel?: string;
+  },
+): void {
+  // Fire-and-forget
+  const eventId = 'evt_' + Date.now() + '_' + process.pid;
+  const model = opts?.ccModel || 'unknown';
+  const sendFull =
+    captureDepth === 'full' ||
+    (captureDepth === 'evidence_on_violation' && ['block', 'warning', 'deny'].includes(verdictStr));
+
+  const body: Record<string, any> = {
+    capture_type: 'local_verdict',
+    event_id: eventId,
+    hook_type: hookType,
+    verdict: verdictStr,
+    severity,
+    category,
+    cc_model: model,
+    model,
+    tool_name: toolName,
+  };
+  if (repo) body.repo = repo;
+  if (sessionId) body.session_id = sessionId;
 
-DELTA=$((TOTAL_LINES - OFFSET))
-START_LINE=$((OFFSET + 1))
-[ "$DELTA" -gt 200 ] && START_LINE=$((TOTAL_LINES - 199))
+  if (sendFull && opts) {
+    body.capture_depth = captureDepth;
+    if (opts.command) body.command = opts.command;
+    if (opts.reasoning) body.reasoning = opts.reasoning;
+    if (opts.rulesChecked) body.rules_checked = opts.rulesChecked;
+    if (opts.violatedRules) body.violated_rules = opts.violatedRules;
+    if (opts.recentUserMessages) body.recent_user_messages = opts.recentUserMessages;
+  }
 
-MESSAGES=$(tail -n +"$START_LINE" "$TRANSCRIPT_PATH" 2>/dev/null | jq -c --argjson base_idx "$((START_LINE - 1))" '
-  . as $line |
-  if ($line.type == "user" or $line.type == "assistant") then
-    {
-      message_index: (input_line_number + $base_idx),
-      type: $line.type,
-      content: (if $line.type == "user" then ($line.message.content | if type == "string" then .[0:8000] else ([.[]? | if type == "string" then . elif (type == "object" and .type == "text") then (.text // "") else "" end] | join(" ") | .[0:8000]) end) else ([$line.message.content[]? | select(type == "object" and .type == "text") | .text // ""] | join(" ") | .[0:8000]) end),
-      tool_calls: (if $line.type == "assistant" then [$line.message.content[]? | select(.type == "tool_use") | {name, input: (.input | tostring | .[0:500]), id}] else null end | if . == null or length == 0 then null else . end),
-      model: ($line.message.model // null),
-      usage: (if $line.type == "assistant" and $line.message.usage then {input_tokens: $line.message.usage.input_tokens, output_tokens: $line.message.usage.output_tokens, cache_creation_input_tokens: $line.message.usage.cache_creation_input_tokens, cache_read_input_tokens: $line.message.usage.cache_read_input_tokens} else null end)
-    }
-  else empty end
-' 2>/dev/null | jq -s '.' 2>/dev/null)
-
-if [ -z "$MESSAGES" ] || [ "$MESSAGES" = "[]" ] || [ "$MESSAGES" = "null" ]; then
-  printf '%s' "$TOTAL_LINES" > "$OFFSET_FILE" 2>/dev/null || true
-  echo '{}'; exit 0
-fi
+  fetch(GATEWAY_URL + '/api/v1/hook/capture', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
+    body: JSON.stringify(body),
+    signal: AbortSignal.timeout(3000),
+  }).catch(() => {});
+}
 
-BODY=$(jq -n --arg repo "$GIT_REPO" --arg sid "$SESSION_ID" --argjson messages "$MESSAGES" \\
-  '{repo: $repo, sessions: [{cc_session_id: $sid, messages: $messages}]}')
+// \u2500\u2500\u2500 Rule Mode Lookup \u2500\u2500\u2500
 
-(
-  curl -sS -X POST "\${GATEWAY_URL}/api/v1/cli/sync-transcripts" \\
-    -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-    -d "$BODY" --max-time 10 >/dev/null 2>&1
-) &
-disown 2>/dev/null || true
+export function ruleMode(ruleId: string, rules: Rule[]): 'blocking' | 'audit' {
+  if (!ruleId || !rules.length) return 'blocking';
+  const matched = rules.filter(r => r.rule_id === ruleId);
+  if (matched.some(r => r.mode === 'blocking')) return 'blocking';
+  return (matched[0]?.mode as 'blocking' | 'audit') || 'blocking';
+}
 
-printf '%s' "$TOTAL_LINES" > "$OFFSET_FILE" 2>/dev/null || true
-echo '{}'; exit 0
-`;
-    CURSOR_BASH_JUDGE_SCRIPT = `#!/bin/bash
-SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
-. "$SCRIPT_DIR/_synkro-common.sh"
+// \u2500\u2500\u2500 Content Reconstruction \u2500\u2500\u2500
 
-JWT=$(synkro_load_jwt)
-if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
-synkro_ensure_fresh_jwt
+export function reconstructContent(toolName: string, toolInput: any, filePath: string): string {
+  switch (toolName) {
+    case 'Write':
+      return toolInput.content || '';
+    case 'Edit': {
+      let content = '';
+      try {
+        if (filePath && existsSync(filePath)) {
+          content = readFileSync(filePath, 'utf-8').slice(0, 65536);
+        }
+      } catch {}
+      const oldStr = toolInput.old_string || '';
+      const newStr = toolInput.new_string || '';
+      if (oldStr && content.includes(oldStr)) {
+        return content.replace(oldStr, newStr);
+      }
+      return content || newStr;
+    }
+    case 'MultiEdit': {
+      let content = '';
+      try {
+        if (filePath && existsSync(filePath)) {
+          content = readFileSync(filePath, 'utf-8').slice(0, 65536);
+        }
+      } catch {}
+      const edits = Array.isArray(toolInput.edits) ? toolInput.edits : [];
+      for (const edit of edits) {
+        if (!edit || typeof edit !== 'object') continue;
+        const old = edit.old_string || '';
+        const nw = edit.new_string || '';
+        if (old && content.includes(old)) {
+          content = content.replace(old, nw);
+        }
+      }
+      return content;
+    }
+    case 'NotebookEdit':
+      return toolInput.new_source || '';
+    default:
+      return '';
+  }
+}
 
-PAYLOAD=$(cat)
-if [ -z "$PAYLOAD" ]; then echo '{}'; exit 0; fi
+// \u2500\u2500\u2500 HTTP with Retry \u2500\u2500\u2500
 
-COMMAND=$(echo "$PAYLOAD" | jq -r '.command // empty' 2>/dev/null)
-if [ -z "$COMMAND" ]; then echo '{}'; exit 0; fi
+export async function postWithRetry(url: string, body: any, jwt: string, timeout = 8000): Promise<any> {
+  let currentJwt = jwt;
+  let resp: Response;
+  try {
+    resp = await fetch(url, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + currentJwt },
+      body: JSON.stringify(body),
+      signal: AbortSignal.timeout(timeout),
+    });
+  } catch {
+    return null;
+  }
 
-CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.conversation_id // empty' 2>/dev/null)
-GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
+  let data: any;
+  try { data = await resp.json(); } catch { return null; }
 
-CMD_SHORT=$(printf '%s' "$COMMAND" | head -c 80)
-synkro_log "bashGuard checking: $CMD_SHORT"
+  // Retry on token expiry
+  if (data?.detail && (data.detail.includes('Token has expired') || data.detail.includes('Invalid or expired token'))) {
+    try {
+      currentJwt = await refreshJwt(currentJwt);
+      const resp2 = await fetch(url, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + currentJwt },
+        body: JSON.stringify(body),
+        signal: AbortSignal.timeout(timeout),
+      });
+      data = await resp2.json();
+    } catch {
+      return null;
+    }
+  }
 
-synkro_load_config
-if [ "$SYNKRO_SILENT" = "true" ]; then
-  echo '{}'; exit 0
-fi
+  return data;
+}
 
-BODY=$(jq -n \\
-  --arg cmd "$COMMAND" \\
-  --arg session_id "$SESSION_ID" \\
-  --arg cwd "$CWD" \\
-  --arg repo "$GIT_REPO" \\
-  '{
-    hook_event: "PreToolUse",
-    tool_name: "Bash",
-    tool_input: {command: $cmd},
-    response_format: "cursor",
-    session_id: (if ($session_id | length) > 0 then $session_id else null end),
-    cwd: (if ($cwd | length) > 0 then $cwd else null end),
-    repo: (if ($repo | length) > 0 then $repo else null end)
-  }')
+// \u2500\u2500\u2500 Read Stdin \u2500\u2500\u2500
 
-RESP=$(synkro_post_with_retry "\${GATEWAY_URL}/api/v1/hook/judge" "$BODY" 6)
+export async function readStdin(): Promise<string> {
+  const chunks: Buffer[] = [];
+  for await (const chunk of process.stdin) {
+    chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
+  }
+  return Buffer.concat(chunks).toString('utf-8');
+}
 
-if [ -z "$RESP" ]; then
-  synkro_log "bashGuard $CMD_SHORT \u2192 error (timeout)"
-  echo '{}'; exit 0
-fi
+// \u2500\u2500\u2500 Transcript Extraction \u2500\u2500\u2500
 
-# Server returns cursor-format directly in hook_response
-if echo "$RESP" | jq -e '.hook_response' >/dev/null 2>&1; then
-  echo "$RESP" | jq -c '.hook_response'
-else
-  echo '{}'
-fi
-exit 0
+export interface TranscriptContext {
+  userIntent: string;
+  recentUserMessages: string[];
+  recentMessages: Array<{ type: string; text: string }>;
+  recentActions: Array<{ tool: string; input: string }>;
+  sessionSummary: string;
+  ccModel: string;
+  ccUsage: Record<string, any>;
+}
+
+export function extractTranscript(transcriptPath: string | undefined): TranscriptContext {
+  const ctx: TranscriptContext = {
+    userIntent: '',
+    recentUserMessages: [],
+    recentMessages: [],
+    recentActions: [],
+    sessionSummary: '',
+    ccModel: '',
+    ccUsage: {},
+  };
+
+  if (!transcriptPath || !existsSync(transcriptPath)) return ctx;
+
+  try {
+    const raw = readFileSync(transcriptPath, 'utf-8');
+    const lines = raw.split('\\n').filter(l => l.trim());
+    // Take the last 400 lines
+    const tail = lines.slice(-400);
+
+    const parsed: any[] = [];
+    for (const line of tail) {
+      try { parsed.push(JSON.parse(line)); } catch {}
+    }
+
+    // Recent user messages (last 5)
+    const userMsgs: string[] = [];
+    for (const entry of parsed) {
+      if (entry.type !== 'user') continue;
+      const content = entry.message?.content;
+      let text = '';
+      if (typeof content === 'string') text = content;
+      else if (Array.isArray(content)) text = content.map((c: any) => c.text || '').join(' ');
+      if (text) userMsgs.push(text);
+    }
+    ctx.recentUserMessages = userMsgs.slice(-5);
+    ctx.userIntent = ctx.recentUserMessages[ctx.recentUserMessages.length - 1] || '';
+
+    // Recent messages (last 10, user + assistant)
+    const msgs: Array<{ type: string; text: string }> = [];
+    for (const entry of parsed) {
+      if (entry.type !== 'user' && entry.type !== 'assistant') continue;
+      const content = entry.message?.content;
+      let text = '';
+      if (typeof content === 'string') text = content.slice(0, 500);
+      else if (Array.isArray(content)) text = content.map((c: any) => (c.text || '').slice(0, 300)).join(' ');
+      msgs.push({ type: entry.type, text });
+    }
+    ctx.recentMessages = msgs.slice(-10);
+
+    // Recent tool calls (last 5)
+    const actions: Array<{ tool: string; input: string }> = [];
+    for (const entry of parsed) {
+      if (entry.type !== 'assistant') continue;
+      const content = entry.message?.content;
+      if (!Array.isArray(content)) continue;
+      for (const block of content) {
+        if (block.type !== 'tool_use') continue;
+        actions.push({
+          tool: block.name || '',
+          input: JSON.stringify(block.input || {}).slice(0, 200),
+        });
+      }
+    }
+    ctx.recentActions = actions.slice(-5);
+
+    // Session summary
+    for (const entry of parsed) {
+      if (entry.type === 'summary' && entry.summary) {
+        ctx.sessionSummary = entry.summary;
+      }
+    }
+
+    // CC model
+    const assistantEntries = parsed.filter(e => e.type === 'assistant');
+    if (assistantEntries.length > 0) {
+      const last = assistantEntries[assistantEntries.length - 1];
+      ctx.ccModel = last.message?.model || '';
+      const usage = last.message?.usage;
+      if (usage) {
+        ctx.ccUsage = {
+          input_tokens: usage.input_tokens,
+          output_tokens: usage.output_tokens,
+          cache_creation_input_tokens: usage.cache_creation_input_tokens,
+          cache_read_input_tokens: usage.cache_read_input_tokens,
+        };
+      }
+    }
+  } catch {}
+
+  return ctx;
+}
+
+// \u2500\u2500\u2500 Last Prompt \u2500\u2500\u2500
+
+export function readLastPrompt(): string {
+  try {
+    if (!existsSync(LAST_PROMPT_FILE)) return '';
+    return readFileSync(LAST_PROMPT_FILE, 'utf-8').trim();
+  } catch {
+    return '';
+  }
+}
+
+// \u2500\u2500\u2500 Find Nearest Package Dependencies \u2500\u2500\u2500
+
+export function findNearestDeps(filePath: string): Record<string, string> {
+  let dir = dirname(filePath);
+  while (dir !== '/' && dir !== '.') {
+    const pkg = join(dir, 'package.json');
+    if (existsSync(pkg)) {
+      try {
+        const data = JSON.parse(readFileSync(pkg, 'utf-8'));
+        return { ...(data.dependencies || {}), ...(data.devDependencies || {}) };
+      } catch {}
+    }
+    const parent = dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  return {};
+}
+
+// \u2500\u2500\u2500 Consent Tracking \u2500\u2500\u2500
+
+const CONSENT_FILE = join(HOME, '.synkro', '.local-consent');
+
+export function consentGrant(sessionId: string, hash: string): void {
+  try {
+    const dir = dirname(CONSENT_FILE);
+    if (!existsSync(dir)) mkdirSync(dir, { recursive: true });
+    const line = sessionId + '\\t' + hash + '\\tactive\\n';
+    const { appendFileSync } = require('node:fs');
+    appendFileSync(CONSENT_FILE, line, 'utf-8');
+  } catch {}
+}
+
+export function consentHasActive(sessionId: string, hash: string): boolean {
+  try {
+    if (!existsSync(CONSENT_FILE)) return false;
+    const content = readFileSync(CONSENT_FILE, 'utf-8');
+    return content.includes(sessionId + '\\t' + hash + '\\tactive');
+  } catch {
+    return false;
+  }
+}
+
+export function consentConsume(sessionId: string, hash: string): void {
+  try {
+    if (!existsSync(CONSENT_FILE)) return;
+    const content = readFileSync(CONSENT_FILE, 'utf-8');
+    const target = sessionId + '\\t' + hash + '\\tactive';
+    const replacement = sessionId + '\\t' + hash + '\\tconsumed';
+    const updated = content.split('\\n').map(l => l === target ? replacement : l).join('\\n');
+    writeFileSync(CONSENT_FILE, updated, 'utf-8');
+  } catch {}
+}
+
+// \u2500\u2500\u2500 Crypto Hash \u2500\u2500\u2500
+
+export function hashCommand(cmd: string): string {
+  const { createHash } = require('node:crypto');
+  return createHash('sha256').update(cmd).digest('hex').slice(0, 16);
+}
+
+// \u2500\u2500\u2500 Transcript Usage Aggregation \u2500\u2500\u2500
+
+export function aggregateUsage(transcriptPath: string): { model: string; totals: Record<string, number> } {
+  const result = { model: '', totals: { in: 0, out: 0, cw: 0, cr: 0 } };
+  if (!transcriptPath || !existsSync(transcriptPath)) return result;
+  try {
+    const raw = readFileSync(transcriptPath, 'utf-8');
+    const lines = raw.split('\\n').filter(l => l.trim());
+    for (const line of lines) {
+      try {
+        const entry = JSON.parse(line);
+        if (entry.type !== 'assistant') continue;
+        result.model = entry.message?.model || result.model;
+        const u = entry.message?.usage;
+        if (u) {
+          result.totals.in += u.input_tokens || 0;
+          result.totals.out += u.output_tokens || 0;
+          result.totals.cw += u.cache_creation_input_tokens || 0;
+          result.totals.cr += u.cache_read_input_tokens || 0;
+        }
+      } catch {}
+    }
+  } catch {}
+  return result;
+}
+
+// \u2500\u2500\u2500 Output Helpers \u2500\u2500\u2500
+
+export function outputJson(obj: any): void {
+  console.log(JSON.stringify(obj));
+}
+
+export function outputEmpty(): void {
+  console.log('{}');
+}
 `;
-    CURSOR_EDIT_PRECHECK_SCRIPT = `#!/bin/bash
-SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
-. "$SCRIPT_DIR/_synkro-common.sh"
+    EDIT_PRECHECK_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag, localGrade,
+  parseVerdict, dispatchCapture, ruleMode, reconstructContent, postWithRetry,
+  readStdin, extractTranscript, readLastPrompt, findNearestDeps, log,
+  outputJson, outputEmpty, GATEWAY_URL,
+  type HookConfig, type Rule,
+} from './_synkro-common.ts';
+import { existsSync, readFileSync } from 'node:fs';
+import { basename, dirname, join } from 'node:path';
+
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
+
+    const payload = JSON.parse(input);
+    const toolName = payload.tool_name || '';
+    if (!['Edit', 'Write', 'MultiEdit', 'NotebookEdit'].includes(toolName)) {
+      outputEmpty();
+      return;
+    }
+
+    const toolInput = payload.tool_input || {};
+    const sessionId = payload.session_id || '';
+    const toolUseId = payload.tool_use_id || '';
+    const cwd = payload.cwd || '';
+    const permissionMode = payload.permission_mode || '';
+    const transcriptPath = payload.transcript_path || '';
+
+    const filePath = toolInput.file_path || toolInput.notebook_path || toolInput.path || '';
+    if (!filePath) { outputEmpty(); return; }
+
+    const fileShort = basename(filePath);
+    log('editGuard checking: ' + fileShort);
+
+    const gitRepo = detectRepo(cwd || '.');
+
+    let jwt = loadJwt();
+    if (!jwt) { outputEmpty(); return; }
+    jwt = await ensureFreshJwt(jwt);
+
+    // Reconstruct proposed content
+    const proposed = reconstructContent(toolName, toolInput, filePath);
+    if (!proposed) { outputEmpty(); return; }
+
+    // Build diff field
+    let diffField: any = null;
+    if (toolInput.old_string != null || toolInput.new_string != null || toolInput.edits != null) {
+      diffField = {};
+      if (toolInput.old_string != null) diffField.old_string = toolInput.old_string;
+      if (toolInput.new_string != null) diffField.new_string = toolInput.new_string;
+      if (toolInput.edits != null) diffField.edits = toolInput.edits;
+    }
+
+    // Read file before edit for cloud payload
+    let fileBefore = '';
+    if (toolName !== 'Write' && filePath && existsSync(filePath)) {
+      try { fileBefore = readFileSync(filePath, 'utf-8').slice(0, 65536); } catch {}
+    }
+
+    // Extract transcript context
+    const transcript = extractTranscript(transcriptPath);
+    const lastPrompt = readLastPrompt();
+
+    // Load config and decide route
+    const config = await loadConfig(jwt);
+    const rt = await route(config);
+    const tagStr = tag(rt, config);
+
+    if (config.silent) {
+      outputJson({ systemMessage: tagStr + ' editGuard \\u2192 skipped (silent mode)' });
+      return;
+    }
+
+    if (rt === 'local') {
+      // \u2500\u2500\u2500 Local grading: org rules ONLY (channel 1, port 8929) \u2500\u2500\u2500
+      const proposedShort = proposed.slice(0, 4000);
+      const graderPrompt = [
+        'Working directory: ' + (cwd || '.'),
+        'Repo: ' + (gitRepo || 'unknown'),
+        'File: ' + filePath,
+        'Proposed content (first 4000 chars):',
+        proposedShort,
+        'User intent (last human message): ' + (transcript.userIntent || 'none stated'),
+        'Last user prompt: ' + (lastPrompt || 'none'),
+        'Org rules: ' + JSON.stringify(config.rules),
+      ].join('\\n');
+
+      let gradeResp: string;
+      try {
+        gradeResp = await localGrade('edit', graderPrompt);
+      } catch {
+        outputEmpty();
+        return;
+      }
+
+      const verdict = parseVerdict(gradeResp);
+      const editContent = 'file=' + filePath + ' content=' + proposed.slice(0, 2000);
+      const violatedRules = verdict.ruleId ? [verdict.ruleId] : [];
+
+      if (!verdict.ok) {
+        const mode = verdict.ruleMode || ruleMode(verdict.ruleId, config.rules);
+        const guardReason = (verdict.ruleId ? '(' + verdict.ruleId + ') ' : '') + (verdict.reason || 'policy violation');
+
+        if (mode !== 'audit') {
+          const denyReason = 'Guard: ' + guardReason + '\\nFix all issues before retrying.';
+          dispatchCapture(jwt, 'edit', 'block', verdict.severity || 'critical', verdict.category || 'security',
+            toolName, gitRepo, sessionId, config.captureDepth, {
+              command: editContent, reasoning: guardReason,
+              rulesChecked: config.rules, violatedRules,
+              ccModel: transcript.ccModel,
+            });
+          outputJson({
+            systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 blocked: ' + guardReason,
+            hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: denyReason },
+          });
+          return;
+        }
+
+        // Audit mode \u2014 warn but allow
+        dispatchCapture(jwt, 'edit', 'warning', verdict.severity || 'medium', verdict.category || 'security',
+          toolName, gitRepo, sessionId, config.captureDepth, {
+            command: editContent, reasoning: guardReason,
+            rulesChecked: config.rules, violatedRules,
+            ccModel: transcript.ccModel,
+          });
+        outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 warning: ' + guardReason });
+        return;
+      }
+
+      // Clean
+      dispatchCapture(jwt, 'edit', 'pass', 'audit', verdict.category || 'trivial_edit',
+        toolName, gitRepo, sessionId, config.captureDepth, {
+          command: editContent, reasoning: verdict.reason || 'no policy violations detected',
+          rulesChecked: config.rules, violatedRules: [],
+          ccModel: transcript.ccModel,
+        });
+      outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \\u2192 pass: ' + (verdict.reason || 'no policy violations detected') });
+      return;
+    }
+
+    // \u2500\u2500\u2500 Cloud grading \u2500\u2500\u2500
+    const deps = findNearestDeps(filePath);
+    const isHeadless = ['acceptEdits', 'bypassPermissions', 'plan', 'auto'].includes(permissionMode)
+      || process.env.SYNKRO_HEADLESS === '1';
+
+    const body = {
+      hook_event: 'PreToolUse',
+      tool_name: toolName,
+      tool_input: toolInput,
+      file_path: filePath,
+      content: proposed,
+      file_before: fileBefore || null,
+      diff: diffField,
+      dependencies: deps,
+      user_intent: transcript.userIntent || null,
+      last_user_message: lastPrompt || null,
+      recent_user_messages: transcript.recentUserMessages,
+      recent_messages: transcript.recentMessages,
+      recent_actions: transcript.recentActions,
+      session_id: sessionId || null,
+      tool_use_id: toolUseId || null,
+      cwd: cwd || null,
+      repo: gitRepo || null,
+      permission_mode: permissionMode || null,
+      headless: isHeadless,
+    };
+
+    const resp = await postWithRetry(GATEWAY_URL + '/api/v1/hook/judge', body, jwt, 8000);
+
+    if (!resp) {
+      log('editGuard ' + fileShort + ' \\u2192 error (timeout)');
+      outputEmpty();
+      return;
+    }
+
+    if (!resp.hook_response || typeof resp.hook_response !== 'object') {
+      log('editGuard ' + fileShort + ' \\u2192 pass (no hook_response)');
+      outputEmpty();
+      return;
+    }
+
+    const hookResp = resp.hook_response;
+    const decision = hookResp?.hookSpecificOutput?.permissionDecision;
+
+    if (decision === 'deny' || decision === 'ask') {
+      log('editGuard ' + fileShort + ' \\u2192 BLOCKED');
+      // Strip permissionDecision \u2014 we use systemMessage only
+      const cleaned = { ...hookResp };
+      if (cleaned.hookSpecificOutput) {
+        cleaned.hookSpecificOutput = { ...cleaned.hookSpecificOutput };
+        delete cleaned.hookSpecificOutput.permissionDecision;
+        delete cleaned.hookSpecificOutput.permissionDecisionReason;
+      }
+      outputJson(cleaned);
+    } else {
+      const reason = hookResp.reason || '';
+      log('editGuard ' + fileShort + ' \\u2192 pass' + (reason ? ': ' + reason : ''));
+      outputJson(hookResp);
+    }
+  } catch (err) {
+    process.stderr.write('[synkro] editGuard error: ' + String(err) + '\\n');
+    outputEmpty();
+  }
+}
+
+main();
+`;
+    CWE_PRECHECK_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, ensureFreshJwt, detectRepo, loadConfig, cweRoute, tag,
+  localGradeCwe, parseVerdict, reconstructContent, readStdin, log,
+  outputJson, outputEmpty, GATEWAY_URL,
+} from './_synkro-common.ts';
+import { basename, extname } from 'node:path';
+
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
+
+    const payload = JSON.parse(input);
+    const toolName = payload.tool_name || '';
+    if (!['Edit', 'Write', 'MultiEdit', 'NotebookEdit'].includes(toolName)) {
+      outputEmpty();
+      return;
+    }
+
+    const toolInput = payload.tool_input || {};
+    const sessionId = payload.session_id || '';
+    const cwd = payload.cwd || '';
+    const gitRepo = detectRepo(cwd || '.');
+
+    const filePath = toolInput.file_path || toolInput.notebook_path || toolInput.path || '';
+    if (!filePath) { outputEmpty(); return; }
+
+    const fileShort = basename(filePath);
+    const fileExt = extname(filePath); // e.g. ".ts"
+
+    let jwt = loadJwt();
+    if (!jwt) { outputEmpty(); return; }
+    jwt = await ensureFreshJwt(jwt);
+
+    // Reconstruct proposed content
+    const proposed = reconstructContent(toolName, toolInput, filePath);
+    if (!proposed) { outputEmpty(); return; }
+
+    const config = await loadConfig(jwt);
+    const rt = await cweRoute(config);
+
+    if (config.silent) {
+      outputJson({ systemMessage: '[synkro:' + rt + ':cweScan] ' + fileShort + ' \\u2192 skipped (silent mode)' });
+      return;
+    }
+
+    const cweTag = '[synkro:' + rt + ':cweScan]';
+
+    if (rt === 'local') {
+      // \u2500\u2500\u2500 Local CWE grading on channel 2 (port 8930) \u2500\u2500\u2500
+      let cweRules: any[] = [];
+      try {
+        const resp = await fetch(GATEWAY_URL + '/api/v1/cwe-rules?ext=' + encodeURIComponent(fileExt), {
+          headers: { Authorization: 'Bearer ' + jwt },
+          signal: AbortSignal.timeout(4000),
+        });
+        const data = await resp.json() as any;
+        cweRules = data.rules || [];
+      } catch {}
+
+      if (cweRules.length === 0) {
+        outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \\u2192 clean (no CWE rules for ' + fileExt + ')' });
+        return;
+      }
+
+      const proposedShort = proposed.slice(0, 4000);
+      const graderPrompt = [
+        'File: ' + filePath,
+        'Content (first 4000 chars):',
+        proposedShort,
+        '',
+        'CWE rules to check against:',
+        JSON.stringify(cweRules),
+      ].join('\\n');
+
+      let gradeResp: string;
+      try {
+        gradeResp = await localGradeCwe(graderPrompt);
+      } catch {
+        outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \\u2192 grader unavailable, skipped' });
+        return;
+      }
+
+      const verdict = parseVerdict(gradeResp);
+
+      if (!verdict.ok) {
+        // Extract all CWE rule_ids from the raw response
+        const ruleIdMatches = gradeResp.match(/<rule_id>([^<]+)<\\/rule_id>/g) || [];
+        const cweIds: string[] = [];
+        for (const match of ruleIdMatches.slice(0, 5)) {
+          const id = match.replace(/<\\/?rule_id>/g, '').trim().replace(/^cwe-/, 'CWE-');
+          if (id && !cweIds.includes(id)) cweIds.push(id);
+        }
+        const displayIds = cweIds.slice(0, 3).join(', ');
+        const count = cweIds.length;
+        const label = count === 1 ? 'match' : 'matches';
+        const cweMsg = cweTag + ' ' + fileShort + ' \\u2192 ' + count + ' CWE ' + label + ' (' + displayIds + ')';
+        const denyDetail = '[' + displayIds + '] ' + (verdict.reason || 'code weakness detected');
+        const ctx = 'CWE: ' + denyDetail + '\\nFix all issues before retrying.';
+
+        outputJson({
+          systemMessage: cweMsg,
+          hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: ctx },
+        });
+        return;
+      }
+
+      outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \\u2192 clean' });
+      return;
+    }
+
+    // \u2500\u2500\u2500 Cloud CWE grading (handled by server) \u2500\u2500\u2500
+    // Cloud edit precheck already includes CWE \u2014 this hook is a no-op for cloud.
+    outputEmpty();
+  } catch (err) {
+    process.stderr.write('[synkro] cweGuard error: ' + String(err) + '\\n');
+    outputEmpty();
+  }
+}
+
+main();
+`;
+    CVE_PRECHECK_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag,
+  reconstructContent, readStdin, findNearestDeps, log,
+  outputJson, outputEmpty, GATEWAY_URL,
+} from './_synkro-common.ts';
+import { basename } from 'node:path';
+
+const MANIFEST_NAMES = new Set([
+  'package.json', 'requirements.txt', 'requirements-dev.txt', 'requirements-test.txt',
+  'Pipfile', 'go.mod', 'go.sum', 'Gemfile', 'pom.xml', 'Cargo.toml', 'composer.json', 'pyproject.toml',
+]);
+
+function isManifest(filename: string): boolean {
+  if (MANIFEST_NAMES.has(filename)) return true;
+  if (filename.startsWith('requirements') && filename.endsWith('.txt')) return true;
+  if (filename.startsWith('build.gradle')) return true;
+  if (filename.endsWith('.cabal')) return true;
+  return false;
+}
+
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
+
+    const payload = JSON.parse(input);
+    const toolName = payload.tool_name || '';
+    if (!['Edit', 'Write', 'MultiEdit', 'NotebookEdit'].includes(toolName)) {
+      outputEmpty();
+      return;
+    }
+
+    const toolInput = payload.tool_input || {};
+    const cwd = payload.cwd || '';
+
+    const filePath = toolInput.file_path || toolInput.notebook_path || toolInput.path || '';
+    if (!filePath) { outputEmpty(); return; }
+
+    const fileShort = basename(filePath);
+
+    let jwt = loadJwt();
+    if (!jwt) { outputEmpty(); return; }
+    jwt = await ensureFreshJwt(jwt);
+
+    const config = await loadConfig(jwt);
+    const rt = await route(config);
+
+    if (config.silent) {
+      outputJson({ systemMessage: '[synkro:' + rt + ':cveScan] ' + fileShort + ' \\u2192 skipped (silent mode)' });
+      return;
+    }
+
+    const cveTag = '[synkro:' + rt + ':cveScan]';
+
+    // Reconstruct proposed content
+    const proposed = reconstructContent(toolName, toolInput, filePath);
+    if (!proposed) {
+      outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \\u2192 skip (no content)' });
+      return;
+    }
+
+    const proposedShort = proposed.slice(0, 4000);
+
+    // For code files, find nearest package.json and extract deps
+    let deps: Record<string, string> = {};
+    if (!isManifest(fileShort)) {
+      deps = findNearestDeps(filePath);
+    }
+
+    // CVE scan via OSV API
+    const cveBody = {
+      file_path: filePath,
+      content: proposedShort,
+      dependencies: deps,
+    };
+
+    let cveResp: any;
+    try {
+      const resp = await fetch(GATEWAY_URL + '/api/v1/cve-scan', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
+        body: JSON.stringify(cveBody),
+        signal: AbortSignal.timeout(8000),
+      });
+      cveResp = await resp.json();
+    } catch {
+      outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \\u2192 error (timeout)' });
+      return;
+    }
+
+    const findings = Array.isArray(cveResp?.findings) ? cveResp.findings : [];
+    if (findings.length > 0) {
+      const top3 = findings.slice(0, 3).map((f: any) => {
+        const id = f.cve || f.id || '?';
+        const pkg = f.package || '?';
+        const ver = f.version || '?';
+        const title = f.title || f.summary || 'vulnerable';
+        return '[' + id + '] ' + pkg + '@' + ver + ': ' + title;
+      }).join('; ');
+
+      const count = findings.length;
+      const label = count === 1 ? 'advisory' : 'advisories';
+      const cveMsg = cveTag + ' ' + fileShort + ' \\u2192 ' + count + ' ' + label;
+      const ctx = 'CVE: ' + top3 + '\\nFix all issues before retrying.';
+
+      outputJson({
+        systemMessage: cveMsg,
+        hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: ctx },
+      });
+      return;
+    }
+
+    outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \\u2192 clean' });
+  } catch (err) {
+    process.stderr.write('[synkro] cveGuard error: ' + String(err) + '\\n');
+    outputEmpty();
+  }
+}
+
+main();
+`;
+    BASH_JUDGE_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag, localGrade,
+  parseVerdict, dispatchCapture, ruleMode, postWithRetry, readStdin,
+  extractTranscript, readLastPrompt, log,
+  outputJson, outputEmpty, GATEWAY_URL,
+  type HookConfig, type Rule,
+} from './_synkro-common.ts';
+
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
+
+    const payload = JSON.parse(input);
+    const toolName = payload.tool_name || '';
+    if (!['Bash', 'Read', 'Grep', 'Glob'].includes(toolName)) {
+      outputEmpty();
+      return;
+    }
+
+    const toolInput = payload.tool_input || {};
+    const sessionId = payload.session_id || '';
+    const toolUseId = payload.tool_use_id || '';
+    const cwd = payload.cwd || '';
+    const permissionMode = payload.permission_mode || '';
+    const transcriptPath = payload.transcript_path || '';
+    const gitRepo = detectRepo(cwd || '.');
+
+    let command = '';
+    switch (toolName) {
+      case 'Bash': command = toolInput.command || ''; break;
+      case 'Read': command = 'cat ' + (toolInput.file_path || ''); break;
+      case 'Grep': command = "grep -r '" + (toolInput.pattern || '') + "' " + (toolInput.path || '.'); break;
+      case 'Glob': command = "find . -name '" + (toolInput.pattern || '') + "'"; break;
+    }
+    if (!command) { outputEmpty(); return; }
+
+    const cmdShort = command.slice(0, 80);
+    log('bashGuard checking: ' + cmdShort);
+
+    let jwt = loadJwt();
+    if (!jwt) { outputEmpty(); return; }
+    jwt = await ensureFreshJwt(jwt);
+
+    const transcript = extractTranscript(transcriptPath);
+    const lastPrompt = readLastPrompt();
+
+    const config = await loadConfig(jwt);
+    const rt = await route(config);
+    const tagStr = tag(rt, config);
+
+    if (config.silent) {
+      outputJson({ systemMessage: tagStr + ' bashGuard \\u2192 skipped (silent mode)' });
+      return;
+    }
+
+    if (rt === 'local') {
+      const graderPrompt = [
+        'Working directory: ' + (cwd || '.'),
+        'Repo: ' + (gitRepo || 'unknown'),
+        'Command: ' + command,
+        'User intent (last human message): ' + (transcript.userIntent || 'none stated'),
+        'Last user prompt: ' + (lastPrompt || 'none'),
+        'Org rules: ' + JSON.stringify(config.rules),
+      ].join('\\n');
+
+      let gradeResp: string;
+      try {
+        gradeResp = await localGrade('bash', graderPrompt);
+      } catch {
+        outputEmpty();
+        return;
+      }
+
+      const verdict = parseVerdict(gradeResp);
+      const violatedRules = verdict.ruleId ? [verdict.ruleId] : [];
+
+      if (!verdict.ok) {
+        const mode = verdict.ruleMode || ruleMode(verdict.ruleId, config.rules);
+        const guardReason = (verdict.ruleId ? '(' + verdict.ruleId + ') ' : '') + (verdict.reason || 'policy violation');
+
+        if (mode === 'audit') {
+          const reason = tagStr + ' bashGuard \\u2192 warning' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation');
+          outputJson({ systemMessage: reason });
+          dispatchCapture(jwt, 'bash', 'warning', verdict.severity || 'medium', verdict.category || 'security',
+            toolName, gitRepo, sessionId, config.captureDepth, {
+              command, reasoning: guardReason, rulesChecked: config.rules, violatedRules,
+              recentUserMessages: transcript.recentUserMessages, ccModel: transcript.ccModel,
+            });
+        } else {
+          const reason = tagStr + ' bashGuard \\u2192 blocked' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation') + '. Ask the user for explicit consent before retrying.';
+          outputJson({
+            systemMessage: reason,
+            hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: reason, additionalContext: reason },
+          });
+          dispatchCapture(jwt, 'bash', 'block', verdict.severity || 'critical', verdict.category || 'security',
+            toolName, gitRepo, sessionId, config.captureDepth, {
+              command, reasoning: guardReason, rulesChecked: config.rules, violatedRules,
+              recentUserMessages: transcript.recentUserMessages, ccModel: transcript.ccModel,
+            });
+        }
+      } else {
+        outputJson({ systemMessage: tagStr + ' bashGuard \\u2192 pass: ' + (verdict.reason || 'no policy violations detected') });
+        dispatchCapture(jwt, 'bash', 'pass', 'audit', verdict.category || 'trivial_utility',
+          toolName, gitRepo, sessionId, config.captureDepth, {
+            command, reasoning: verdict.reason || 'no policy violations detected',
+            rulesChecked: config.rules, violatedRules: [],
+            recentUserMessages: transcript.recentUserMessages, ccModel: transcript.ccModel,
+          });
+      }
+      return;
+    }
+
+    // \u2500\u2500\u2500 Cloud grading \u2500\u2500\u2500
+    const isHeadless = ['acceptEdits', 'bypassPermissions', 'plan', 'auto'].includes(permissionMode)
+      || process.env.SYNKRO_HEADLESS === '1';
+
+    const body: Record<string, any> = {
+      hook_event: 'PreToolUse',
+      tool_name: toolName,
+      tool_input: toolInput,
+      user_intent: transcript.userIntent || null,
+      last_user_message: lastPrompt || null,
+      recent_user_messages: transcript.recentUserMessages,
+      recent_messages: transcript.recentMessages,
+      recent_actions: transcript.recentActions,
+      session_id: sessionId || null,
+      tool_use_id: toolUseId || null,
+      cwd: cwd || null,
+      repo: gitRepo || null,
+      permission_mode: permissionMode || null,
+      headless: isHeadless,
+      cc_model: transcript.ccModel || null,
+      cc_usage: transcript.ccUsage || {},
+      session_summary: transcript.sessionSummary || null,
+    };
+
+    const resp = await postWithRetry(GATEWAY_URL + '/api/v1/hook/judge', body, jwt, 8000);
+
+    if (!resp) {
+      log('bashGuard ' + cmdShort + ' \\u2192 error (timeout)');
+      outputEmpty();
+      return;
+    }
+
+    if (!resp.hook_response || typeof resp.hook_response !== 'object') {
+      log('bashGuard ' + cmdShort + ' \\u2192 pass (no hook_response)');
+      outputEmpty();
+      return;
+    }
+
+    outputJson(resp.hook_response);
+  } catch (err) {
+    process.stderr.write('[synkro] bashGuard error: ' + String(err) + '\\n');
+    outputEmpty();
+  }
+}
+
+main();
+`;
+    PLAN_JUDGE_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag, localGrade,
+  parseVerdict, dispatchCapture, postWithRetry, readStdin, log,
+  outputJson, outputEmpty, GATEWAY_URL,
+} from './_synkro-common.ts';
+import { existsSync, readFileSync, writeFileSync, readdirSync, statSync } from 'node:fs';
+import { join } from 'node:path';
+import { homedir } from 'node:os';
+
+function findLatestPlan(): string | null {
+  const plansDir = join(homedir(), '.claude', 'plans');
+  if (!existsSync(plansDir)) return null;
+  try {
+    const files = readdirSync(plansDir)
+      .filter(f => f.endsWith('.md'))
+      .map(f => ({ name: f, mtime: statSync(join(plansDir, f)).mtimeMs }))
+      .sort((a, b) => b.mtime - a.mtime);
+    return files.length > 0 ? join(plansDir, files[0].name) : null;
+  } catch {
+    return null;
+  }
+}
+
+function appendReviewToPlan(planFile: string, verdict: string): void {
+  try {
+    let content = readFileSync(planFile, 'utf-8');
+    content = content.replace(/<!-- synkro-plan-review -->[\\s\\S]*?<!-- \\/synkro-plan-review -->/g, '').trimEnd();
+    const now = new Date().toISOString().replace('T', ' ').slice(0, 16);
+    content += '\\n\\n<!-- synkro-plan-review -->\\n\\n---\\n\\n**Synkro Plan Review** \\u2014 ' + now + '\\n\\n' + verdict + '\\n\\n<!-- /synkro-plan-review -->\\n';
+    writeFileSync(planFile, content, 'utf-8');
+  } catch {}
+}
+
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
+
+    const payload = JSON.parse(input);
+    const toolName = payload.tool_name || '';
+    if (toolName !== 'ExitPlanMode') { outputEmpty(); return; }
+
+    const planFile = findLatestPlan();
+    if (!planFile) { outputEmpty(); return; }
+    const plan = readFileSync(planFile, 'utf-8');
+    if (plan.length < 20) { outputEmpty(); return; }
+
+    const sessionId = payload.session_id || '';
+    const cwd = payload.cwd || '';
+    const gitRepo = detectRepo(cwd || '.');
+
+    const planShort = plan.slice(0, 80);
+    log('planReview checking: ' + planShort + '...');
+
+    let jwt = loadJwt();
+    if (!jwt) { outputEmpty(); return; }
+    jwt = await ensureFreshJwt(jwt);
+
+    const config = await loadConfig(jwt);
+    const rt = await route(config);
+    const tagStr = tag(rt, config);
+
+    if (config.silent) {
+      outputJson({ systemMessage: tagStr + ' planReview \\u2192 skipped (silent mode)' });
+      return;
+    }
+
+    if (rt === 'local') {
+      const graderPrompt = [
+        'Working directory: ' + (cwd || '.'),
+        'Repo: ' + (gitRepo || 'unknown'),
+        'Plan:',
+        plan.slice(0, 8000),
+        'Org rules: ' + JSON.stringify(config.rules),
+      ].join('\\n');
+
+      let gradeResp: string;
+      try {
+        gradeResp = await localGrade('plan', graderPrompt);
+      } catch {
+        outputEmpty();
+        return;
+      }
+
+      const verdict = parseVerdict(gradeResp);
+      const planContent = plan.slice(0, 2000);
+      const violatedRules = verdict.ruleId ? [verdict.ruleId] : [];
+
+      if (!verdict.ok) {
+        const reviewMsg = (verdict.ruleId ? '(first: ' + verdict.ruleId + ') ' : '') + (verdict.reason || 'check org rules during implementation');
+        appendReviewToPlan(planFile, '\\u26a0\\ufe0f Advisory \\u2014 ' + reviewMsg);
+        outputJson({ systemMessage: tagStr + ' planReview \\u2192 ' + reviewMsg });
+        dispatchCapture(jwt, 'plan_review', 'advisory', verdict.severity || 'medium', verdict.category || 'general',
+          'ExitPlanMode', gitRepo, sessionId, config.captureDepth, {
+            command: planContent, reasoning: verdict.reason || 'check org rules',
+            rulesChecked: config.rules, violatedRules,
+          });
+      } else {
+        const reviewMsg = verdict.reason || 'no relevant org rules for this plan';
+        appendReviewToPlan(planFile, '\\u2705 Clean \\u2014 ' + reviewMsg);
+        outputJson({ systemMessage: tagStr + ' planReview \\u2192 clean: ' + reviewMsg });
+        dispatchCapture(jwt, 'plan_review', 'clean', 'audit', verdict.category || 'general',
+          'ExitPlanMode', gitRepo, sessionId, config.captureDepth, {
+            command: planContent, reasoning: reviewMsg,
+            rulesChecked: config.rules, violatedRules: [],
+          });
+      }
+      return;
+    }
+
+    // \u2500\u2500\u2500 Cloud grading \u2500\u2500\u2500
+    const body = {
+      hook_event: 'PreToolUse',
+      tool_name: 'ExitPlanMode',
+      tool_input: { plan: plan.slice(0, 16000) },
+      session_id: sessionId || null,
+      cwd: cwd || null,
+      repo: gitRepo || null,
+    };
+
+    const resp = await postWithRetry(GATEWAY_URL + '/api/v1/hook/judge', body, jwt, 12000);
+
+    if (!resp) {
+      log('planReview \\u2192 error (timeout)');
+      outputEmpty();
+      return;
+    }
+
+    const hookResp = resp?.hook_response;
+    if (!hookResp) { outputEmpty(); return; }
+
+    const decision = hookResp?.hookSpecificOutput?.permissionDecision;
+    if (decision) {
+      const reason = hookResp?.hookSpecificOutput?.permissionDecisionReason || 'check org rules';
+      appendReviewToPlan(planFile, '\\u26a0\\ufe0f Advisory \\u2014 ' + reason);
+      outputJson({ systemMessage: tagStr + ' planReview \\u2192 advisory: ' + reason });
+    } else {
+      const cloudMsg = hookResp.systemMessage || '';
+      if (cloudMsg) appendReviewToPlan(planFile, '\\u2705 ' + cloudMsg);
+      outputJson(hookResp);
+    }
+  } catch (err) {
+    process.stderr.write('[synkro] planReview error: ' + String(err) + '\\n');
+    outputEmpty();
+  }
+}
+
+main();
+`;
+    STOP_SUMMARY_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, detectRepo, loadConfig, tag, readStdin, aggregateUsage,
+  outputJson, outputEmpty, GATEWAY_URL,
+} from './_synkro-common.ts';
+
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
+
+    const payload = JSON.parse(input);
+    const sessionId = payload.session_id || '';
+    if (!sessionId) { outputEmpty(); return; }
+
+    const cwd = payload.cwd || '';
+    const transcriptPath = payload.transcript_path || '';
+    const gitRepo = detectRepo(cwd || '.');
+
+    let jwt = loadJwt();
+    if (!jwt) { outputEmpty(); return; }
+
+    if (transcriptPath) {
+      const usage = aggregateUsage(transcriptPath);
+      if (usage.totals.in + usage.totals.out > 0) {
+        const usageBody = {
+          capture_type: 'local_verdict',
+          event_id: 'usage_' + Date.now() + '_' + process.pid,
+          hook_type: 'stop',
+          verdict: 'allow',
+          severity: 'none',
+          model: usage.model || 'unknown',
+          cc_model: usage.model || '',
+          cc_usage: {
+            input_tokens: usage.totals.in,
+            output_tokens: usage.totals.out,
+            cache_creation_input_tokens: usage.totals.cw,
+            cache_read_input_tokens: usage.totals.cr,
+          },
+          ...(gitRepo ? { repo: gitRepo } : {}),
+          ...(sessionId ? { session_id: sessionId } : {}),
+        };
+        fetch(GATEWAY_URL + '/api/v1/hook/capture', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
+          body: JSON.stringify(usageBody),
+          signal: AbortSignal.timeout(3000),
+        }).catch(() => {});
+      }
+    }
+
+    let resp: any;
+    try {
+      const r = await fetch(GATEWAY_URL + '/api/v1/cli/session-summary?session_id=' + encodeURIComponent(sessionId), {
+        headers: { Authorization: 'Bearer ' + jwt },
+        signal: AbortSignal.timeout(3000),
+      });
+      resp = await r.json();
+    } catch {
+      outputEmpty();
+      return;
+    }
+
+    const edits = resp?.edits_scanned || 0;
+    const findings = resp?.findings || 0;
+    const autoFixed = resp?.auto_fixed || 0;
+    const open = resp?.open || 0;
+
+    if (!edits) { outputEmpty(); return; }
+
+    const config = await loadConfig(jwt);
+    const tagStr = tag('local', config);
+
+    if (!findings) {
+      outputJson({ systemMessage: tagStr + ' stop \\u2192 0 issues across ' + edits + ' edit(s), session complete' });
+    } else {
+      outputJson({ systemMessage: tagStr + ' stop \\u2192 ' + findings + ' finding(s): ' + autoFixed + ' auto-fixed, ' + open + ' open' });
+    }
+  } catch (err) {
+    process.stderr.write('[synkro] stopSummary error: ' + String(err) + '\\n');
+    outputEmpty();
+  }
+}
+
+main();
+`;
+    SESSION_START_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, detectRepo, channelUp, tag, readStdin,
+  outputJson, outputEmpty, GATEWAY_URL,
+  type HookConfig,
+} from './_synkro-common.ts';
+
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
+
+    const payload = JSON.parse(input);
+    const cwd = payload.cwd || '';
+    const sessionId = payload.session_id || '';
+    const gitRepo = detectRepo(cwd || '.');
+
+    let jwt = loadJwt();
+
+    const isChannelUp = await channelUp();
+    const rt = isChannelUp ? 'local' : 'cloud';
+
+    let policyName = '';
+    let silent = false;
+    let openFindings = 0;
+
+    if (jwt) {
+      try {
+        const url = GATEWAY_URL + '/api/v1/hook/config?session_id=' + encodeURIComponent(sessionId || '') + '&repo=' + encodeURIComponent(gitRepo || '');
+        const r = await fetch(url, {
+          headers: { Authorization: 'Bearer ' + jwt },
+          signal: AbortSignal.timeout(3000),
+        });
+        const data = await r.json() as any;
+        silent = data.silent_mode === true || data.silent_mode === 'true';
+        policyName = data.active_policy_name || '';
+        openFindings = data.session_context?.open_findings || 0;
+      } catch {}
+    }
+
+    const fakeConfig: HookConfig = { captureDepth: 'local_only', tier: 'standard', silent, policyName, rules: [] };
+    const tagStr = tag(rt, fakeConfig);
+    const routeLine = tagStr + ' inference: ' + (isChannelUp ? 'local-cc (channel reachable on 127.0.0.1:8929)' : 'cloud (local-cc channel not reachable)');
+
+    if (!jwt) {
+      outputJson({ systemMessage: routeLine });
+      return;
+    }
+
+    if (!openFindings) {
+      outputJson({ systemMessage: routeLine });
+    } else if (openFindings === 1) {
+      outputJson({ systemMessage: routeLine + '\\n' + tagStr + ' session start \\u2192 1 open finding in this repo from a prior session.' });
+    } else {
+      outputJson({ systemMessage: routeLine + '\\n' + tagStr + ' session start \\u2192 ' + openFindings + ' open findings in this repo from prior sessions.' });
+    }
+  } catch (err) {
+    process.stderr.write('[synkro] sessionStart error: ' + String(err) + '\\n');
+    outputEmpty();
+  }
+}
+
+main();
+`;
+    BASH_FOLLOWUP_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, readStdin, hashCommand, consentGrant, consentHasActive, consentConsume,
+  outputEmpty, GATEWAY_URL,
+} from './_synkro-common.ts';
 
-JWT=$(synkro_load_jwt)
-if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
-synkro_ensure_fresh_jwt
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
 
-PAYLOAD=$(cat)
-if [ -z "$PAYLOAD" ]; then echo '{}'; exit 0; fi
+    const payload = JSON.parse(input);
+    const toolName = payload.tool_name || '';
+    if (toolName !== 'Bash') { outputEmpty(); return; }
 
-TOOL_NAME=$(echo "$PAYLOAD" | jq -r '.tool_name // empty' 2>/dev/null)
-CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.conversation_id // empty' 2>/dev/null)
-GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
+    const jwt = loadJwt();
+    if (!jwt) { outputEmpty(); return; }
 
-FILE_PATH=$(echo "$PAYLOAD" | jq -r '.tool_input.file_path // .tool_input.path // .tool_input.target_file // empty' 2>/dev/null)
-CONTENT=$(echo "$PAYLOAD" | jq -r '.tool_input.content // .tool_input.new_string // .tool_input.code_edit // empty' 2>/dev/null)
-if [ -z "$FILE_PATH" ]; then echo '{}'; exit 0; fi
+    const sessionId = payload.session_id || '';
+    const toolUseId = payload.tool_use_id || '';
+    if (!sessionId || !toolUseId) { outputEmpty(); return; }
 
-BASENAME=$(basename "$FILE_PATH" 2>/dev/null || echo "$FILE_PATH")
-synkro_log "editGuard checking: $BASENAME"
+    const isError = payload.tool_result?.is_error === true;
+    const cmd = payload.tool_input?.command || '';
+    const cmdHash = cmd ? hashCommand(cmd) : '';
 
-synkro_load_config
-if [ "$SYNKRO_SILENT" = "true" ]; then
-  echo '{}'; exit 0
-fi
+    if (cmdHash && sessionId) {
+      if (!isError) {
+        consentConsume(sessionId, cmdHash);
+      } else {
+        if (!consentHasActive(sessionId, cmdHash)) {
+          consentGrant(sessionId, cmdHash);
+        }
+      }
+    }
 
-BODY=$(jq -n \\
-  --arg file_path "$FILE_PATH" \\
-  --arg content "$CONTENT" \\
-  --arg session_id "$SESSION_ID" \\
-  --arg cwd "$CWD" \\
-  --arg repo "$GIT_REPO" \\
-  '{
-    hook_event: "PreToolUse",
-    tool_name: "Edit",
-    tool_input: {file_path: $file_path, content: $content},
-    file_path: $file_path,
-    content: $content,
-    response_format: "cursor",
-    session_id: (if ($session_id | length) > 0 then $session_id else null end),
-    cwd: (if ($cwd | length) > 0 then $cwd else null end),
-    repo: (if ($repo | length) > 0 then $repo else null end)
-  }')
+    const body = {
+      capture_type: 'bash_followup',
+      session_id: sessionId,
+      tool_use_id: toolUseId,
+      is_error: isError,
+      command_hash: cmdHash,
+    };
 
-RESP=$(synkro_post_with_retry "\${GATEWAY_URL}/api/v1/hook/judge" "$BODY" 8)
+    fetch(GATEWAY_URL + '/api/v1/hook/capture', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
+      body: JSON.stringify(body),
+      signal: AbortSignal.timeout(3000),
+    }).catch(() => {});
 
-if [ -z "$RESP" ]; then
-  synkro_log "editGuard $BASENAME \u2192 error (timeout)"
-  echo '{}'; exit 0
-fi
+    outputEmpty();
+  } catch {
+    outputEmpty();
+  }
+}
 
-if echo "$RESP" | jq -e '.hook_response' >/dev/null 2>&1; then
-  echo "$RESP" | jq -c '.hook_response'
-else
-  echo '{}'
-fi
-exit 0
+main();
 `;
-    CURSOR_EDIT_CAPTURE_SCRIPT = `#!/bin/bash
-SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
-. "$SCRIPT_DIR/_synkro-common.sh"
+    TRANSCRIPT_SYNC_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, detectRepo, readStdin, aggregateUsage,
+  outputEmpty, GATEWAY_URL,
+} from './_synkro-common.ts';
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from 'node:fs';
+import { join, dirname } from 'node:path';
+import { homedir } from 'node:os';
 
-JWT=$(synkro_load_jwt)
-if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
 
-PAYLOAD=$(cat)
-if [ -z "$PAYLOAD" ]; then echo '{}'; exit 0; fi
+    const payload = JSON.parse(input);
+    const sessionId = payload.session_id || '';
+    const transcriptPath = payload.transcript_path || '';
+    const cwd = payload.cwd || '';
 
-FILE_PATH=$(echo "$PAYLOAD" | jq -r '.file_path // empty' 2>/dev/null)
-if [ -z "$FILE_PATH" ]; then echo '{}'; exit 0; fi
+    if (!sessionId || !transcriptPath || !existsSync(transcriptPath)) {
+      outputEmpty();
+      return;
+    }
 
-CWD=$(echo "$PAYLOAD" | jq -r '.cwd // .workspace_roots[0] // empty' 2>/dev/null)
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.conversation_id // empty' 2>/dev/null)
-GIT_REPO=$(synkro_detect_repo "\${CWD:-.}")
-BASENAME=$(basename "$FILE_PATH" 2>/dev/null || echo "$FILE_PATH")
+    const jwt = loadJwt();
+    if (!jwt) { outputEmpty(); return; }
+
+    const usage = aggregateUsage(transcriptPath);
+    if (usage.totals.in + usage.totals.out > 0) {
+      const usageBody = {
+        capture_type: 'usage_tick',
+        event_id: 'usage_' + Date.now() + '_' + process.pid,
+        hook_type: 'stop',
+        verdict: 'allow',
+        severity: 'none',
+        model: usage.model || 'unknown',
+        cc_model: usage.model || '',
+        cc_usage: {
+          input_tokens: usage.totals.in,
+          output_tokens: usage.totals.out,
+          cache_creation_input_tokens: usage.totals.cw,
+          cache_read_input_tokens: usage.totals.cr,
+        },
+        session_id: sessionId,
+      };
+      fetch(GATEWAY_URL + '/api/v1/hook/capture', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
+        body: JSON.stringify(usageBody),
+        signal: AbortSignal.timeout(3000),
+      }).catch(() => {});
+    }
 
-FULL_PATH="$FILE_PATH"
-[ -n "$CWD" ] && FULL_PATH="$CWD/$FILE_PATH"
-FULL_CONTENT=""
-[ -f "$FULL_PATH" ] && FULL_CONTENT=$(head -c 50000 "$FULL_PATH" 2>/dev/null || true)
+    if (process.env.SYNKRO_TRANSCRIPT_CONSENT === 'no') { outputEmpty(); return; }
 
-DEPS_JSON="{}"
-_PKG_DIR="\${CWD:-.}"
-while [ "$_PKG_DIR" != "/" ]; do
-  if [ -f "$_PKG_DIR/package.json" ]; then
-    DEPS_JSON=$(jq -c '(.dependencies // {}) + (.devDependencies // {})' "$_PKG_DIR/package.json" 2>/dev/null || echo "{}")
-    break
-  fi
-  _PKG_DIR=$(dirname "$_PKG_DIR")
-done
+    const gitRepo = detectRepo(cwd || '.');
+    if (!gitRepo) { outputEmpty(); return; }
 
-synkro_log "editScan $BASENAME"
+    let captureDepth = 'local_only';
+    try {
+      const r = await fetch(GATEWAY_URL + '/api/v1/hook/config', {
+        headers: { Authorization: 'Bearer ' + jwt },
+        signal: AbortSignal.timeout(3000),
+      });
+      const data = await r.json() as any;
+      captureDepth = data.capture_depth || 'local_only';
+    } catch {}
+
+    if (captureDepth === 'local_only') { outputEmpty(); return; }
+
+    const offsetDir = join(homedir(), '.synkro', '.transcript-offsets');
+    mkdirSync(offsetDir, { recursive: true });
+    const offsetFile = join(offsetDir, sessionId);
+    let offset = 0;
+    if (existsSync(offsetFile)) {
+      try { offset = parseInt(readFileSync(offsetFile, 'utf-8').trim(), 10) || 0; } catch {}
+    }
 
-(
-  BODY=$(jq -n \\
-    --arg file_path "$FILE_PATH" --arg content "$FULL_CONTENT" \\
-    --arg session_id "$SESSION_ID" --arg cwd "$CWD" --arg repo "$GIT_REPO" \\
-    --argjson deps "$DEPS_JSON" \\
-    '{capture_type:"edit_scan",tool_input:{file_path:$file_path,content:$content},edit_verdict:{ok:true},dependencies:$deps}
-      + (if ($session_id | length) > 0 then {session_id:$session_id} else {} end)
-      + (if ($cwd | length) > 0 then {cwd:$cwd} else {} end)
-      + (if ($repo | length) > 0 then {repo:$repo} else {} end)')
-  curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
-    -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-    -d "$BODY" --max-time 10 >/dev/null 2>&1 || true
-) &
-disown 2>/dev/null || true
+    const raw = readFileSync(transcriptPath, 'utf-8');
+    const allLines = raw.split('\\n').filter(l => l.trim());
+    const totalLines = allLines.length;
 
-echo '{}'
-exit 0
-`;
-    CURSOR_BASH_FOLLOWUP_SCRIPT = `#!/bin/bash
-SCRIPT_DIR="$(cd "$(dirname "\${BASH_SOURCE[0]}")" && pwd)"
-. "$SCRIPT_DIR/_synkro-common.sh"
+    if (totalLines <= offset) { outputEmpty(); return; }
 
-JWT=$(synkro_load_jwt)
-if [ -z "$JWT" ]; then echo '{}'; exit 0; fi
+    let startIdx = offset;
+    const delta = totalLines - offset;
+    if (delta > 200) startIdx = totalLines - 200;
 
-PAYLOAD=$(cat)
-TOOL_NAME=$(echo "$PAYLOAD" | jq -r '.tool_name // empty' 2>/dev/null)
-case "$TOOL_NAME" in Shell|Bash|terminal|run_terminal_cmd|execute_command) ;; *) echo '{}'; exit 0 ;; esac
+    const messages: any[] = [];
+    for (let i = startIdx; i < totalLines; i++) {
+      try {
+        const entry = JSON.parse(allLines[i]);
+        if (entry.type !== 'user' && entry.type !== 'assistant') continue;
+        const content = entry.message?.content;
+        let text = '';
+        if (typeof content === 'string') text = content.slice(0, 8000);
+        else if (Array.isArray(content)) {
+          text = content.map((c: any) => {
+            if (typeof c === 'string') return c;
+            if (c?.type === 'text') return c.text || '';
+            return '';
+          }).join(' ').slice(0, 8000);
+        }
 
-SESSION_ID=$(echo "$PAYLOAD" | jq -r '.conversation_id // empty' 2>/dev/null)
-TOOL_USE_ID=$(echo "$PAYLOAD" | jq -r '.tool_use_id // empty' 2>/dev/null)
+        const msg: any = { message_index: i, type: entry.type, content: text };
+        if (entry.type === 'assistant') {
+          const toolCalls = (Array.isArray(content) ? content : [])
+            .filter((c: any) => c?.type === 'tool_use')
+            .map((c: any) => ({ name: c.name, input: JSON.stringify(c.input || {}).slice(0, 500), id: c.id }));
+          if (toolCalls.length > 0) msg.tool_calls = toolCalls;
+          msg.model = entry.message?.model || null;
+          const u = entry.message?.usage;
+          if (u) msg.usage = { input_tokens: u.input_tokens, output_tokens: u.output_tokens, cache_creation_input_tokens: u.cache_creation_input_tokens, cache_read_input_tokens: u.cache_read_input_tokens };
+        }
+        messages.push(msg);
+      } catch {}
+    }
 
-IS_ERROR=$(echo "$PAYLOAD" | jq -r '.tool_result.is_error // false' 2>/dev/null)
-CMD=$(echo "$PAYLOAD" | jq -r '.tool_input.command // empty' 2>/dev/null)
-CMD_HASH=""
-if [ -n "$CMD" ]; then
-  CMD_HASH=$(printf '%s' "$CMD" | shasum -a 256 | cut -c1-16)
-fi
+    writeFileSync(offsetFile, String(totalLines), 'utf-8');
 
-if [ -n "$CMD_HASH" ] && [ -n "$SESSION_ID" ]; then
-  if [ "$IS_ERROR" = "false" ]; then
-    synkro_consent_consume "$SESSION_ID" "$CMD_HASH"
-  else
-    if ! synkro_consent_has_active "$SESSION_ID" "$CMD_HASH"; then
-      synkro_consent_grant "$SESSION_ID" "$CMD_HASH"
-    fi
-  fi
-fi
+    if (messages.length === 0) { outputEmpty(); return; }
 
-if [ -n "$SESSION_ID" ] && [ -n "$TOOL_USE_ID" ]; then
-  (
-    BODY=$(jq -n --arg sid "$SESSION_ID" --arg tid "$TOOL_USE_ID" \\
-      --argjson err "$IS_ERROR" --arg ch "$CMD_HASH" \\
-      '{capture_type:"bash_followup",session_id:$sid,tool_use_id:$tid,is_error:$err,command_hash:$ch}')
-    curl -sS -X POST "\${GATEWAY_URL}/api/v1/hook/capture" \\
-      -H "Content-Type: application/json" -H "Authorization: Bearer $JWT" \\
-      -d "$BODY" --max-time 3 >/dev/null 2>&1 || true
-  ) &
-  disown 2>/dev/null || true
-fi
+    const syncBody = {
+      repo: gitRepo,
+      sessions: [{ cc_session_id: sessionId, messages }],
+    };
+    fetch(GATEWAY_URL + '/api/v1/cli/sync-transcripts', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
+      body: JSON.stringify(syncBody),
+      signal: AbortSignal.timeout(10000),
+    }).catch(() => {});
+
+    outputEmpty();
+  } catch {
+    outputEmpty();
+  }
+}
 
-echo '{}'
-exit 0
+main();
+`;
+    USER_PROMPT_SUBMIT_TS = `#!/usr/bin/env bun
+import { readStdin } from './_synkro-common.ts';
+import { writeFileSync, mkdirSync } from 'node:fs';
+import { join, dirname } from 'node:path';
+import { homedir } from 'node:os';
+
+async function main() {
+  try {
+    const input = await readStdin();
+    if (!input.trim()) return;
+    const payload = JSON.parse(input);
+    const msg = payload.message || payload.prompt || payload.content || '';
+    if (msg) {
+      const promptFile = join(homedir(), '.synkro', '.last-prompt');
+      mkdirSync(dirname(promptFile), { recursive: true });
+      writeFileSync(promptFile, msg, 'utf-8');
+    }
+  } catch {}
+}
+
+main();
 `;
   }
 });
@@ -3223,27 +4053,40 @@ function writePluginFiles() {
     PLUGIN_SETTINGS_PATH,
     JSON.stringify({
       fastMode: true,
-      // Pre-approve the project-local synkro-local MCP server so claude doesn't
-      // block on a consent prompt at startup. Lives in the PROJECT settings so
-      // it's still picked up under --setting-sources project,local (which
-      // skips user settings to avoid synkro-hook recursion in the grader).
       enabledMcpjsonServers: ["synkro-local"]
     }, null, 2) + "\n",
     "utf-8"
   );
   writeFileSync6(RUN_SCRIPT_PATH, RUN_SCRIPT_SOURCE, "utf-8");
   chmodSync(RUN_SCRIPT_PATH, 493);
+  mkdirSync6(SESSION_DIR_2, { recursive: true });
+  mkdirSync6(PLUGIN_SETTINGS_DIR_2, { recursive: true });
+  writeFileSync6(PLUGIN_PATH_2, CHANNEL_PLUGIN_SOURCE, "utf-8");
+  chmodSync(PLUGIN_PATH_2, 493);
+  writeFileSync6(PLUGIN_PKG_PATH_2, PLUGIN_PACKAGE_JSON, "utf-8");
+  writeFileSync6(
+    PLUGIN_SETTINGS_PATH_2,
+    JSON.stringify({
+      fastMode: true,
+      enabledMcpjsonServers: ["synkro-local"]
+    }, null, 2) + "\n",
+    "utf-8"
+  );
+  writeFileSync6(RUN_SCRIPT_PATH_2, RUN_SCRIPT_SOURCE_2, "utf-8");
+  chmodSync(RUN_SCRIPT_PATH_2, 493);
 }
 function runBunInstall() {
-  const r = spawnSync("bun", ["install", "--silent"], {
-    cwd: SESSION_DIR,
-    encoding: "utf-8",
-    timeout: 12e4
-  });
-  if (r.status !== 0) {
-    throw new LocalCCInstallError(
-      `bun install failed in ${SESSION_DIR}: ${r.stderr || r.stdout || "unknown"}`
-    );
+  for (const dir of [SESSION_DIR, SESSION_DIR_2]) {
+    const r = spawnSync("bun", ["install", "--silent"], {
+      cwd: dir,
+      encoding: "utf-8",
+      timeout: 12e4
+    });
+    if (r.status !== 0) {
+      throw new LocalCCInstallError(
+        `bun install failed in ${dir}: ${r.stderr || r.stdout || "unknown"}`
+      );
+    }
   }
 }
 function safelyMutateClaudeJson(mutator) {
@@ -3315,6 +4158,15 @@ function writeProjectMcpJson() {
     }
   };
   writeFileSync6(PROJECT_MCP_PATH, JSON.stringify(mcp, null, 2) + "\n", "utf-8");
+  const mcp2 = {
+    mcpServers: {
+      [MCP_SERVER_NAME]: {
+        command: "bun",
+        args: [PLUGIN_PATH_2]
+      }
+    }
+  };
+  writeFileSync6(PROJECT_MCP_PATH_2, JSON.stringify(mcp2, null, 2) + "\n", "utf-8");
 }
 function patchClaudeJson() {
   safelyMutateClaudeJson((parsed) => {
@@ -3327,20 +4179,22 @@ function patchClaudeJson() {
       parsed.projects = {};
     }
     const projects = parsed.projects;
-    const existing = projects[SESSION_DIR] && typeof projects[SESSION_DIR] === "object" ? projects[SESSION_DIR] : {};
-    const wantEnabled = Array.from(/* @__PURE__ */ new Set([
-      ...existing.enabledMcpjsonServers ?? [],
-      MCP_SERVER_NAME
-    ]));
-    const next = {
-      ...existing,
-      hasTrustDialogAccepted: true,
-      hasCompletedProjectOnboarding: true,
-      enabledMcpjsonServers: wantEnabled
-    };
-    if (existing.hasTrustDialogAccepted !== true || existing.hasCompletedProjectOnboarding !== true || JSON.stringify(existing.enabledMcpjsonServers ?? []) !== JSON.stringify(wantEnabled)) {
-      projects[SESSION_DIR] = next;
-      dirty = true;
+    for (const dir of [SESSION_DIR, SESSION_DIR_2]) {
+      const existing = projects[dir] && typeof projects[dir] === "object" ? projects[dir] : {};
+      const wantEnabled = Array.from(/* @__PURE__ */ new Set([
+        ...existing.enabledMcpjsonServers ?? [],
+        MCP_SERVER_NAME
+      ]));
+      const next = {
+        ...existing,
+        hasTrustDialogAccepted: true,
+        hasCompletedProjectOnboarding: true,
+        enabledMcpjsonServers: wantEnabled
+      };
+      if (existing.hasTrustDialogAccepted !== true || existing.hasCompletedProjectOnboarding !== true || JSON.stringify(existing.enabledMcpjsonServers ?? []) !== JSON.stringify(wantEnabled)) {
+        projects[dir] = next;
+        dirty = true;
+      }
     }
     return dirty;
   });
@@ -3375,14 +4229,16 @@ function uninstallLocalCC() {
       delete parsed.mcpServers[MCP_SERVER_NAME];
       dirty = true;
     }
-    if (parsed.projects && typeof parsed.projects === "object" && parsed.projects[SESSION_DIR]) {
-      delete parsed.projects[SESSION_DIR];
-      dirty = true;
+    for (const dir of [SESSION_DIR, SESSION_DIR_2]) {
+      if (parsed.projects && typeof parsed.projects === "object" && parsed.projects[dir]) {
+        delete parsed.projects[dir];
+        dirty = true;
+      }
     }
     return dirty;
   });
 }
-var CLAUDE_JSON_BACKUP_PATH, SESSION_DIR, PLUGIN_PATH, PLUGIN_PKG_PATH, PLUGIN_SETTINGS_DIR, PLUGIN_SETTINGS_PATH, PROJECT_MCP_PATH, CLAUDE_JSON_PATH, RUN_SCRIPT_PATH, TMUX_SESSION_NAME, RUN_SCRIPT_SOURCE, MCP_SERVER_NAME, PLUGIN_PACKAGE_JSON, LocalCCInstallError;
+var CLAUDE_JSON_BACKUP_PATH, SESSION_DIR, PLUGIN_PATH, PLUGIN_PKG_PATH, PLUGIN_SETTINGS_DIR, PLUGIN_SETTINGS_PATH, PROJECT_MCP_PATH, CLAUDE_JSON_PATH, RUN_SCRIPT_PATH, TMUX_SESSION_NAME, SESSION_DIR_2, PLUGIN_PATH_2, PLUGIN_PKG_PATH_2, PLUGIN_SETTINGS_DIR_2, PLUGIN_SETTINGS_PATH_2, PROJECT_MCP_PATH_2, RUN_SCRIPT_PATH_2, TMUX_SESSION_NAME_2, CHANNEL_2_PORT, RUN_SCRIPT_SOURCE, RUN_SCRIPT_SOURCE_2, MCP_SERVER_NAME, PLUGIN_PACKAGE_JSON, LocalCCInstallError;
 var init_install = __esm({
   "cli/local-cc/install.ts"() {
     "use strict";
@@ -3397,6 +4253,15 @@ var init_install = __esm({
     CLAUDE_JSON_PATH = join7(homedir6(), ".claude.json");
     RUN_SCRIPT_PATH = join7(SESSION_DIR, "run-claude.sh");
     TMUX_SESSION_NAME = "synkro-local-cc";
+    SESSION_DIR_2 = join7(homedir6(), ".synkro", "cc_sessions_2");
+    PLUGIN_PATH_2 = join7(SESSION_DIR_2, "synkro-channel.ts");
+    PLUGIN_PKG_PATH_2 = join7(SESSION_DIR_2, "package.json");
+    PLUGIN_SETTINGS_DIR_2 = join7(SESSION_DIR_2, ".claude");
+    PLUGIN_SETTINGS_PATH_2 = join7(PLUGIN_SETTINGS_DIR_2, "settings.json");
+    PROJECT_MCP_PATH_2 = join7(SESSION_DIR_2, ".mcp.json");
+    RUN_SCRIPT_PATH_2 = join7(SESSION_DIR_2, "run-claude.sh");
+    TMUX_SESSION_NAME_2 = "synkro-local-cc-2";
+    CHANNEL_2_PORT = 8930;
     RUN_SCRIPT_SOURCE = `#!/usr/bin/env bash
 # Auto-generated by \`synkro install\`. Do not edit.
 set -uo pipefail
@@ -3462,6 +4327,62 @@ while tmux has-session -t "$SESSION" 2>/dev/null; do
   sleep 5
 done
 
+log "tmux session ended."
+`;
+    RUN_SCRIPT_SOURCE_2 = `#!/usr/bin/env bash
+# Auto-generated by \`synkro install\`. Channel 2 (CWE scan, port ${CHANNEL_2_PORT}).
+set -uo pipefail
+
+SESSION=${TMUX_SESSION_NAME_2}
+LOG="$HOME/.synkro/cc_sessions_2/run-claude.log"
+
+log() { echo "[$(date '+%H:%M:%S')] $*" >> "$LOG"; echo "$*"; }
+
+if ! command -v claude >/dev/null 2>&1; then
+  log "ERROR: claude CLI not found on PATH."
+  exit 1
+fi
+
+if ! command -v tmux >/dev/null 2>&1; then
+  log "ERROR: tmux not found on PATH."
+  exit 1
+fi
+
+if ! claude --version >/dev/null 2>&1; then
+  log "ERROR: claude --version failed."
+  exit 1
+fi
+
+log "Starting local-CC channel 2 (port ${CHANNEL_2_PORT})..."
+log "claude version: $(claude --version 2>&1 | head -1)"
+
+tmux kill-session -t "$SESSION" 2>/dev/null || true
+
+tmux new-session -d -s "$SESSION" \\
+  "SYNKRO_CHANNEL_PORT=${CHANNEL_2_PORT} claude --dangerously-load-development-channels server:synkro-local --dangerously-skip-permissions --setting-sources project,local --model claude-sonnet-4-6 2>>$LOG; echo 'claude exited with code '$'?' >> $LOG"
+
+sleep 3
+if tmux has-session -t "$SESSION" 2>/dev/null; then
+  tmux send-keys -t "$SESSION" '1' 2>/dev/null || true
+  sleep 1
+  tmux send-keys -t "$SESSION" Enter 2>/dev/null || true
+  sleep 1
+  tmux send-keys -t "$SESSION" Enter 2>/dev/null || true
+  log "Sent auto-accept keys to channel 2 session."
+fi
+
+sleep 2
+if ! tmux has-session -t "$SESSION" 2>/dev/null; then
+  log "ERROR: tmux session died immediately. Check $LOG for details."
+  exit 1
+fi
+
+log "tmux session started successfully (port ${CHANNEL_2_PORT})."
+
+while tmux has-session -t "$SESSION" 2>/dev/null; do
+  sleep 5
+done
+
 log "tmux session ended."
 `;
     MCP_SERVER_NAME = "synkro-local";
@@ -3526,10 +4447,10 @@ function statusName(s) {
   }
   return "unknown";
 }
-function findTask() {
+function findTask(channel = CHANNEL_PRIMARY) {
   const data = statusJson();
   for (const [id, t] of Object.entries(data.tasks)) {
-    if (t.label === TASK_LABEL) {
+    if (t.label === channel.taskLabel) {
       return {
         id: Number(id),
         label: t.label,
@@ -3542,8 +4463,9 @@ function findTask() {
   return null;
 }
 function startTask(opts = {}) {
-  const cwd = opts.cwd ?? SESSION_DIR2;
-  const existing = findTask();
+  const ch = opts.channel ?? CHANNEL_PRIMARY;
+  const cwd = opts.cwd ?? ch.sessionDir;
+  const existing = findTask(ch);
   if (existing) {
     spawnSync2("pueue", ["remove", String(existing.id)], { encoding: "utf-8" });
   }
@@ -3551,7 +4473,7 @@ function startTask(opts = {}) {
   const args2 = [
     "add",
     "--label",
-    TASK_LABEL,
+    ch.taskLabel,
     "--working-directory",
     cwd,
     "--",
@@ -3562,27 +4484,28 @@ function startTask(opts = {}) {
   if (r.status !== 0) {
     throw new PueueError(`pueue add failed: ${r.stderr || r.stdout}`);
   }
-  const created = findTask();
+  const created = findTask(ch);
   if (!created) {
-    throw new PueueError(`pueue add succeeded but no task with label ${TASK_LABEL} found`);
+    throw new PueueError(`pueue add succeeded but no task with label ${ch.taskLabel} found`);
   }
   return created;
 }
-function stopTask() {
-  spawnSync2("tmux", ["kill-session", "-t", TMUX_SESSION], { encoding: "utf-8" });
-  const t = findTask();
+function stopTask(channel = CHANNEL_PRIMARY) {
+  spawnSync2("tmux", ["kill-session", "-t", channel.tmuxSession], { encoding: "utf-8" });
+  const t = findTask(channel);
   if (!t) return;
   spawnSync2("pueue", ["kill", String(t.id)], { encoding: "utf-8" });
   spawnSync2("pueue", ["remove", String(t.id)], { encoding: "utf-8" });
 }
-function tailLogs(lines = 80) {
-  const t = findTask();
-  if (!t) return "(no synkro local-cc task)";
+function tailLogs(lines = 80, channel = CHANNEL_PRIMARY) {
+  const t = findTask(channel);
+  if (!t) return `(no ${channel.taskLabel} task)`;
   const r = spawnSync2("pueue", ["log", "--lines", String(lines), String(t.id)], { encoding: "utf-8" });
   return r.stdout || r.stderr || "(no output)";
 }
 function ensureRunning(opts = {}) {
-  const t = findTask();
+  const ch = opts.channel ?? CHANNEL_PRIMARY;
+  const t = findTask(ch);
   if (t && t.status === "Running") return t;
   return startTask(opts);
 }
@@ -3601,15 +4524,15 @@ function probePort(host, port, timeoutMs = 500) {
     sock.setTimeout(timeoutMs, () => done(false));
   });
 }
-function tmuxDismissPrompts() {
-  spawnSync2("tmux", ["send-keys", "-t", TMUX_SESSION, "1"], { encoding: "utf-8" });
-  spawnSync2("tmux", ["send-keys", "-t", TMUX_SESSION, "Enter"], { encoding: "utf-8" });
+function tmuxDismissPrompts(tmuxSession = TMUX_SESSION) {
+  spawnSync2("tmux", ["send-keys", "-t", tmuxSession, "1"], { encoding: "utf-8" });
+  spawnSync2("tmux", ["send-keys", "-t", tmuxSession, "Enter"], { encoding: "utf-8" });
 }
-async function waitForChannelReady(port, timeoutMs = 6e4, host = "127.0.0.1") {
+async function waitForChannelReady(port, timeoutMs = 6e4, host = "127.0.0.1", tmuxSession = TMUX_SESSION) {
   const deadline = Date.now() + timeoutMs;
   while (Date.now() < deadline) {
     if (await probePort(host, port)) return true;
-    tmuxDismissPrompts();
+    tmuxDismissPrompts(tmuxSession);
     await new Promise((r) => setTimeout(r, 1e3));
   }
   return probePort(host, port);
@@ -3642,6 +4565,7 @@ function assertPueueInstalled() {
       throw new PueueError("pueue daemon not reachable after starting pueued. Check `pueued` manually.");
     }
   }
+  spawnSync2("pueue", ["parallel", "2"], { encoding: "utf-8" });
 }
 function assertClaudeInstalled() {
   const r = spawnSync2("claude", ["--version"], { encoding: "utf-8" });
@@ -3660,13 +4584,16 @@ function assertTmuxInstalled() {
     }
   }
 }
-var TASK_LABEL, TMUX_SESSION, SESSION_DIR2, PueueError;
+var TASK_LABEL, TMUX_SESSION, SESSION_DIR2, TASK_LABEL_2, TMUX_SESSION_2, SESSION_DIR_22, PueueError, CHANNEL_PRIMARY, CHANNEL_SECONDARY;
 var init_pueue = __esm({
   "cli/local-cc/pueue.ts"() {
     "use strict";
     TASK_LABEL = "synkro-local-cc";
     TMUX_SESSION = "synkro-local-cc";
     SESSION_DIR2 = join8(homedir7(), ".synkro", "cc_sessions");
+    TASK_LABEL_2 = "synkro-local-cc-2";
+    TMUX_SESSION_2 = "synkro-local-cc-2";
+    SESSION_DIR_22 = join8(homedir7(), ".synkro", "cc_sessions_2");
     PueueError = class extends Error {
       constructor(message, cause) {
         super(message);
@@ -3675,6 +4602,8 @@ var init_pueue = __esm({
       }
       cause;
     };
+    CHANNEL_PRIMARY = { taskLabel: TASK_LABEL, tmuxSession: TMUX_SESSION, sessionDir: SESSION_DIR2 };
+    CHANNEL_SECONDARY = { taskLabel: TASK_LABEL_2, tmuxSession: TMUX_SESSION_2, sessionDir: SESSION_DIR_22 };
   }
 });
 
@@ -3702,7 +4631,7 @@ async function fetchPrimers() {
 }
 async function getPrimer(role) {
   const prompts = await fetchPrimers();
-  const primer = role === "grade-edit" ? prompts.grader_primer_edit : role === "grade-plan" ? prompts.grader_primer_plan : prompts.grader_primer_bash;
+  const primer = role === "grade-edit" ? prompts.grader_primer_edit : role === "grade-plan" ? prompts.grader_primer_plan : role === "grade-cwe" ? prompts.grader_primer_cwe : prompts.grader_primer_bash;
   if (!primer) {
     throw new Error(`No primer for role "${role}" returned from API.`);
   }
@@ -3868,12 +4797,13 @@ async function submitToChannel(role, payload, opts = {}) {
   const content = await buildChannelContent(role, payload);
   const body = JSON.stringify({ role, content });
   const timeoutMs = opts.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+  const port = opts.port ?? CHANNEL_PORT;
   const startedAt = Date.now();
   try {
     const result = await new Promise((resolve2, reject) => {
       const req = httpRequest({
         host: CHANNEL_HOST,
-        port: CHANNEL_PORT,
+        port,
         method: "POST",
         path: "/submit",
         headers: {
@@ -3921,9 +4851,9 @@ async function submitToChannel(role, payload, opts = {}) {
     throw err;
   }
 }
-function isChannelAvailable(timeoutMs = 500) {
+function isChannelAvailable(port = CHANNEL_PORT, timeoutMs = 500) {
   return new Promise((resolve2) => {
-    const sock = connect2(CHANNEL_PORT, CHANNEL_HOST);
+    const sock = connect2(port, CHANNEL_HOST);
     const done = (ok) => {
       try {
         sock.destroy();
@@ -4007,30 +4937,36 @@ function ensureSynkroDir() {
   mkdirSync8(OFFSETS_DIR, { recursive: true });
 }
 function writeHookScripts() {
-  const bashScriptPath = join11(HOOKS_DIR, "cc-bash-judge.sh");
-  const bashFollowupScriptPath = join11(HOOKS_DIR, "cc-bash-followup.sh");
+  const bashScriptPath = join11(HOOKS_DIR, "cc-bash-judge.ts");
+  const bashFollowupScriptPath = join11(HOOKS_DIR, "cc-bash-followup.ts");
   const editCaptureScriptPath = join11(HOOKS_DIR, "cc-edit-capture.sh");
-  const editPrecheckScriptPath = join11(HOOKS_DIR, "cc-edit-precheck.sh");
-  const cveScanScriptPath = join11(HOOKS_DIR, "cc-cve-scan.sh");
-  const planJudgeScriptPath = join11(HOOKS_DIR, "cc-plan-judge.sh");
-  const stopSummaryScriptPath = join11(HOOKS_DIR, "cc-stop-summary.sh");
-  const sessionStartScriptPath = join11(HOOKS_DIR, "cc-session-start.sh");
-  const transcriptSyncScriptPath = join11(HOOKS_DIR, "cc-transcript-sync.sh");
-  const commonScriptPath = join11(HOOKS_DIR, "_synkro-common.sh");
+  const editPrecheckScriptPath = join11(HOOKS_DIR, "cc-edit-precheck.ts");
+  const cwePrecheckScriptPath = join11(HOOKS_DIR, "cc-cwe-precheck.ts");
+  const cvePrecheckScriptPath = join11(HOOKS_DIR, "cc-cve-precheck.ts");
+  const planJudgeScriptPath = join11(HOOKS_DIR, "cc-plan-judge.ts");
+  const stopSummaryScriptPath = join11(HOOKS_DIR, "cc-stop-summary.ts");
+  const sessionStartScriptPath = join11(HOOKS_DIR, "cc-session-start.ts");
+  const transcriptSyncScriptPath = join11(HOOKS_DIR, "cc-transcript-sync.ts");
+  const userPromptSubmitScriptPath = join11(HOOKS_DIR, "cc-user-prompt-submit.ts");
+  const commonScriptPath = join11(HOOKS_DIR, "_synkro-common.ts");
+  const commonBashScriptPath = join11(HOOKS_DIR, "_synkro-common.sh");
   const cursorBashJudgePath = join11(HOOKS_DIR, "cursor-bash-judge.sh");
   const cursorEditPrecheckPath = join11(HOOKS_DIR, "cursor-edit-precheck.sh");
   const cursorEditCapturePath = join11(HOOKS_DIR, "cursor-edit-capture.sh");
   const cursorBashFollowupPath = join11(HOOKS_DIR, "cursor-bash-followup.sh");
-  writeFileSync7(bashScriptPath, CC_BASH_JUDGE_SCRIPT, "utf-8");
-  writeFileSync7(bashFollowupScriptPath, CC_BASH_FOLLOWUP_SCRIPT, "utf-8");
-  writeFileSync7(editCaptureScriptPath, CC_EDIT_CAPTURE_SCRIPT, "utf-8");
-  writeFileSync7(editPrecheckScriptPath, CC_EDIT_PRECHECK_SCRIPT, "utf-8");
-  writeFileSync7(cveScanScriptPath, CC_CVE_SCAN_SCRIPT, "utf-8");
-  writeFileSync7(planJudgeScriptPath, CC_PLAN_JUDGE_SCRIPT, "utf-8");
-  writeFileSync7(stopSummaryScriptPath, CC_STOP_SUMMARY_SCRIPT, "utf-8");
-  writeFileSync7(sessionStartScriptPath, CC_SESSION_START_SCRIPT, "utf-8");
-  writeFileSync7(transcriptSyncScriptPath, CC_TRANSCRIPT_SYNC_SCRIPT, "utf-8");
-  writeFileSync7(commonScriptPath, SYNKRO_COMMON_SCRIPT, "utf-8");
+  writeFileSync7(bashScriptPath, BASH_JUDGE_TS, "utf-8");
+  writeFileSync7(bashFollowupScriptPath, BASH_FOLLOWUP_TS, "utf-8");
+  writeFileSync7(editCaptureScriptPath, "", "utf-8");
+  writeFileSync7(editPrecheckScriptPath, EDIT_PRECHECK_TS, "utf-8");
+  writeFileSync7(cwePrecheckScriptPath, CWE_PRECHECK_TS, "utf-8");
+  writeFileSync7(cvePrecheckScriptPath, CVE_PRECHECK_TS, "utf-8");
+  writeFileSync7(planJudgeScriptPath, PLAN_JUDGE_TS, "utf-8");
+  writeFileSync7(stopSummaryScriptPath, STOP_SUMMARY_TS, "utf-8");
+  writeFileSync7(sessionStartScriptPath, SESSION_START_TS, "utf-8");
+  writeFileSync7(transcriptSyncScriptPath, TRANSCRIPT_SYNC_TS, "utf-8");
+  writeFileSync7(userPromptSubmitScriptPath, USER_PROMPT_SUBMIT_TS, "utf-8");
+  writeFileSync7(commonScriptPath, SYNKRO_COMMON_TS, "utf-8");
+  writeFileSync7(commonBashScriptPath, SYNKRO_COMMON_SCRIPT, "utf-8");
   writeFileSync7(cursorBashJudgePath, CURSOR_BASH_JUDGE_SCRIPT, "utf-8");
   writeFileSync7(cursorEditPrecheckPath, CURSOR_EDIT_PRECHECK_SCRIPT, "utf-8");
   writeFileSync7(cursorEditCapturePath, CURSOR_EDIT_CAPTURE_SCRIPT, "utf-8");
@@ -4039,12 +4975,15 @@ function writeHookScripts() {
   chmodSync2(bashFollowupScriptPath, 493);
   chmodSync2(editCaptureScriptPath, 493);
   chmodSync2(editPrecheckScriptPath, 493);
-  chmodSync2(cveScanScriptPath, 493);
+  chmodSync2(cwePrecheckScriptPath, 493);
+  chmodSync2(cvePrecheckScriptPath, 493);
   chmodSync2(planJudgeScriptPath, 493);
   chmodSync2(stopSummaryScriptPath, 493);
   chmodSync2(sessionStartScriptPath, 493);
   chmodSync2(transcriptSyncScriptPath, 493);
+  chmodSync2(userPromptSubmitScriptPath, 493);
   chmodSync2(commonScriptPath, 493);
+  chmodSync2(commonBashScriptPath, 493);
   chmodSync2(cursorBashJudgePath, 493);
   chmodSync2(cursorEditPrecheckPath, 493);
   chmodSync2(cursorEditCapturePath, 493);
@@ -4054,11 +4993,13 @@ function writeHookScripts() {
     bashFollowupScript: bashFollowupScriptPath,
     editCaptureScript: editCaptureScriptPath,
     editPrecheckScript: editPrecheckScriptPath,
-    cveScanScript: cveScanScriptPath,
+    cwePrecheckScript: cwePrecheckScriptPath,
+    cvePrecheckScript: cvePrecheckScriptPath,
     planJudgeScript: planJudgeScriptPath,
     stopSummaryScript: stopSummaryScriptPath,
     sessionStartScript: sessionStartScriptPath,
     transcriptSyncScript: transcriptSyncScriptPath,
+    userPromptSubmitScript: userPromptSubmitScriptPath,
     cursorBashJudgeScript: cursorBashJudgePath,
     cursorEditPrecheckScript: cursorEditPrecheckPath,
     cursorEditCaptureScript: cursorEditCapturePath,
@@ -4094,7 +5035,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.4.43")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.4.47")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
@@ -4288,6 +5229,11 @@ async function installCommand(opts = {}) {
           const ready = await waitForChannelReady(CHANNEL_PORT, 6e4, CHANNEL_HOST);
           if (ready) console.log(`  channel ready at ${CHANNEL_HOST}:${CHANNEL_PORT}`);
           else console.warn("  \u26A0 channel did not come up within 60s \u2014 check `synkro local-cc logs`");
+          const t2 = ensureRunning({ channel: CHANNEL_SECONDARY });
+          console.log(`  CWE channel: id=${t2.id} status=${t2.status}`);
+          const ready2 = await waitForChannelReady(CHANNEL_2_PORT, 6e4, CHANNEL_HOST, CHANNEL_SECONDARY.tmuxSession);
+          if (ready2) console.log(`  CWE channel ready at ${CHANNEL_HOST}:${CHANNEL_2_PORT}`);
+          else console.warn("  \u26A0 CWE channel did not come up within 60s");
           updateLocalInferenceFlag(true);
         } catch (err) {
           console.warn(`  \u26A0 Local-CC setup skipped: ${err.message}`);
@@ -4397,11 +5343,13 @@ async function installCommand(opts = {}) {
         bashFollowupScriptPath: scripts.bashFollowupScript,
         editCaptureScriptPath: scripts.editCaptureScript,
         editPrecheckScriptPath: scripts.editPrecheckScript,
-        cveScanScriptPath: scripts.cveScanScript,
+        cwePrecheckScriptPath: scripts.cwePrecheckScript,
+        cvePrecheckScriptPath: scripts.cvePrecheckScript,
         planJudgeScriptPath: scripts.planJudgeScript,
         stopSummaryScriptPath: scripts.stopSummaryScript,
         sessionStartScriptPath: scripts.sessionStartScript,
         transcriptSyncScriptPath: scripts.transcriptSyncScript,
+        userPromptSubmitScriptPath: scripts.userPromptSubmitScript,
         skipTranscriptSync: !transcriptConsent
       });
       console.log(`Configured ${agent.name} hooks at ${agent.settingsPath}`);
@@ -4542,6 +5490,24 @@ async function installCommand(opts = {}) {
         } catch {
         }
         console.warn(`    Run \`synkro local-cc status\` and \`synkro local-cc logs --tmux\` to debug.
+`);
+      }
+      const t2 = ensureRunning({ channel: CHANNEL_SECONDARY });
+      console.log(`Local-CC CWE channel: id=${t2.id} status=${t2.status}`);
+      console.log("Waiting for CWE channel (up to 60s)...");
+      const ready2 = await waitForChannelReady(CHANNEL_2_PORT, 6e4, CHANNEL_HOST, CHANNEL_SECONDARY.tmuxSession);
+      if (ready2) {
+        console.log(`  CWE channel ready at ${CHANNEL_HOST}:${CHANNEL_2_PORT}`);
+        try {
+          console.log("  warming up CWE inference...");
+          await submitToChannel("grade-cwe", 'File: /tmp/warmup.ts\nContent (first 4000 chars):\nconsole.log("hello");\n\nCWE rules to check against:\n[]\n', { timeoutMs: 3e4, port: CHANNEL_2_PORT });
+          console.log("  CWE inference warm\n");
+        } catch {
+          console.log("  CWE warmup skipped (non-fatal)\n");
+        }
+      } else {
+        console.warn(`  \u26A0 CWE channel did not come up within 60s.`);
+        console.warn(`    Run \`synkro local-cc status\` to debug.
 `);
       }
     } catch (err) {
@@ -4783,6 +5749,7 @@ var init_install2 = __esm({
     init_cursorHookConfig();
     init_mcpConfig();
     init_hookScripts();
+    init_hookScriptsTs();
     init_stub();
     init_repoConnect();
     init_projects();
@@ -6173,17 +7140,26 @@ async function cmdStatus() {
     console.log(`Pueue: NOT AVAILABLE (${err.message})`);
     return;
   }
-  const t = findTask();
+  const t = findTask(CHANNEL_PRIMARY);
   if (!t) {
-    console.log("Pueue task: not present");
+    console.log("Channel 1 (judge) pueue task: not present");
   } else {
-    console.log(`Pueue task: id=${t.id} status=${t.status} cwd=${t.cwd}`);
-    console.log(`  command: ${t.command}`);
+    console.log(`Channel 1 (judge) pueue task: id=${t.id} status=${t.status}`);
+  }
+  const ch1Up = await isChannelAvailable();
+  console.log(`Channel 1 ${CHANNEL_HOST}:${CHANNEL_PORT}: ${ch1Up ? "reachable" : "unreachable"}`);
+  const tmux1 = spawnSync3("tmux", ["has-session", "-t", TMUX_SESSION_NAME], { encoding: "utf-8" });
+  console.log(`tmux '${TMUX_SESSION_NAME}': ${tmux1.status === 0 ? "live" : "absent"}`);
+  const t2 = findTask(CHANNEL_SECONDARY);
+  if (!t2) {
+    console.log("Channel 2 (CWE) pueue task: not present");
+  } else {
+    console.log(`Channel 2 (CWE) pueue task: id=${t2.id} status=${t2.status}`);
   }
-  const channelUp = await isChannelAvailable();
-  console.log(`Channel ${CHANNEL_HOST}:${CHANNEL_PORT}: ${channelUp ? "reachable" : "unreachable"}`);
-  const tmuxCheck = spawnSync3("tmux", ["has-session", "-t", TMUX_SESSION_NAME], { encoding: "utf-8" });
-  console.log(`tmux session '${TMUX_SESSION_NAME}': ${tmuxCheck.status === 0 ? "live" : "absent"}`);
+  const ch2Up = await isChannelAvailable(CHANNEL_2_PORT);
+  console.log(`Channel 2 ${CHANNEL_HOST}:${CHANNEL_2_PORT}: ${ch2Up ? "reachable" : "unreachable"}`);
+  const tmux2 = spawnSync3("tmux", ["has-session", "-t", TMUX_SESSION_NAME_2], { encoding: "utf-8" });
+  console.log(`tmux '${TMUX_SESSION_NAME_2}': ${tmux2.status === 0 ? "live" : "absent"}`);
 }
 async function cmdEnable() {
   assertClaudeInstalled();
@@ -6193,13 +7169,21 @@ async function cmdEnable() {
   const r = installLocalCC();
   console.log(`  plugin: ${r.pluginPath}`);
   console.log(`  cwd:    ${r.sessionDir}`);
-  console.log("Starting pueue task...");
-  const t = ensureRunning();
-  console.log(`  task: id=${t.id} status=${t.status}`);
-  console.log("Waiting for channel (auto-confirming any CC prompts)...");
-  const ready = await waitForChannelReady(CHANNEL_PORT, 6e4, CHANNEL_HOST);
-  if (ready) console.log(`  channel ready at ${CHANNEL_HOST}:${CHANNEL_PORT}`);
-  else console.warn(`  \u26A0 channel did not come up within 60s \u2014 check \`synkro local-cc logs\``);
+  console.log("Starting channel 1 (judge)...");
+  const t1 = ensureRunning({ channel: CHANNEL_PRIMARY });
+  console.log(`  task: id=${t1.id} status=${t1.status}`);
+  console.log("Starting channel 2 (CWE)...");
+  const t2 = ensureRunning({ channel: CHANNEL_SECONDARY });
+  console.log(`  task: id=${t2.id} status=${t2.status}`);
+  console.log("Waiting for channels (auto-confirming any CC prompts)...");
+  const [ready1, ready2] = await Promise.all([
+    waitForChannelReady(CHANNEL_PORT, 6e4, CHANNEL_HOST, CHANNEL_PRIMARY.tmuxSession),
+    waitForChannelReady(CHANNEL_2_PORT, 6e4, CHANNEL_HOST, CHANNEL_SECONDARY.tmuxSession)
+  ]);
+  if (ready1) console.log(`  channel 1 ready at ${CHANNEL_HOST}:${CHANNEL_PORT}`);
+  else console.warn(`  \u26A0 channel 1 did not come up within 60s \u2014 check \`synkro local-cc logs\``);
+  if (ready2) console.log(`  channel 2 ready at ${CHANNEL_HOST}:${CHANNEL_2_PORT}`);
+  else console.warn(`  \u26A0 channel 2 (CWE) did not come up within 60s`);
   console.log("Updating inference settings...");
   await setServerGradingProvider("claude-code");
   updateLocalInferenceFlag2(true);
@@ -6211,25 +7195,58 @@ async function cmdDisable() {
   updateLocalInferenceFlag2(false);
   console.log("Grading provider cleared (remote inference restored). Pueue task left running \u2014 use `synkro local-cc stop` to terminate.");
 }
+async function warmChannels(ready1, ready2) {
+  const warmups = [];
+  if (ready1) {
+    warmups.push(
+      submitToChannel("grade-bash", "Proposed command: echo hello\nUser intent: warmup\nRecent user messages: []\nRecent actions: []\nOrg rules: []\n", { timeoutMs: 3e4 }).then(() => console.log("  channel 1 warm.")).catch(() => console.log("  channel 1 warmup skipped (non-fatal)."))
+    );
+  }
+  if (ready2) {
+    warmups.push(
+      submitToChannel("grade-cwe", 'File: /tmp/warmup.ts\nContent (first 4000 chars):\nconsole.log("hello");\n\nCWE rules to check against:\n[]\n', { timeoutMs: 3e4, port: CHANNEL_2_PORT }).then(() => console.log("  channel 2 warm.")).catch(() => console.log("  channel 2 warmup skipped (non-fatal)."))
+    );
+  }
+  if (warmups.length) {
+    console.log("Warming up inference...");
+    await Promise.all(warmups);
+  }
+}
 async function cmdStart() {
   assertClaudeInstalled();
   assertPueueInstalled();
   assertTmuxInstalled();
-  const t = ensureRunning();
-  console.log(`Pueue task: id=${t.id} status=${t.status}`);
-  const ready = await waitForChannelReady(CHANNEL_PORT, 6e4, CHANNEL_HOST);
-  console.log(ready ? "channel ready." : "\u26A0 channel did not come up within 60s.");
+  const t1 = ensureRunning({ channel: CHANNEL_PRIMARY });
+  console.log(`Channel 1 (judge): id=${t1.id} status=${t1.status}`);
+  const t2 = ensureRunning({ channel: CHANNEL_SECONDARY });
+  console.log(`Channel 2 (CWE):   id=${t2.id} status=${t2.status}`);
+  const [ready1, ready2] = await Promise.all([
+    waitForChannelReady(CHANNEL_PORT, 6e4, CHANNEL_HOST, CHANNEL_PRIMARY.tmuxSession),
+    waitForChannelReady(CHANNEL_2_PORT, 6e4, CHANNEL_HOST, CHANNEL_SECONDARY.tmuxSession)
+  ]);
+  console.log(ready1 ? `channel 1 ready (${CHANNEL_PORT}).` : "\u26A0 channel 1 did not come up within 60s.");
+  console.log(ready2 ? `channel 2 ready (${CHANNEL_2_PORT}).` : "\u26A0 channel 2 (CWE) did not come up within 60s.");
+  await warmChannels(ready1, ready2);
 }
 function cmdStop() {
-  stopTask();
-  console.log("Pueue task stopped.");
+  stopTask(CHANNEL_PRIMARY);
+  stopTask(CHANNEL_SECONDARY);
+  console.log("Both channels stopped.");
 }
 async function cmdRestart() {
-  stopTask();
-  const t = startTask();
-  console.log(`Pueue task restarted: id=${t.id} status=${t.status}`);
-  const ready = await waitForChannelReady(CHANNEL_PORT, 6e4, CHANNEL_HOST);
-  console.log(ready ? "channel ready." : "\u26A0 channel did not come up within 60s.");
+  stopTask(CHANNEL_PRIMARY);
+  stopTask(CHANNEL_SECONDARY);
+  const t1 = startTask({ channel: CHANNEL_PRIMARY });
+  const t2 = startTask({ channel: CHANNEL_SECONDARY });
+  console.log(`Channel 1 restarted: id=${t1.id} status=${t1.status}`);
+  console.log(`Channel 2 restarted: id=${t2.id} status=${t2.status}`);
+  const [ready1, ready2] = await Promise.all([
+    waitForChannelReady(CHANNEL_PORT, 6e4, CHANNEL_HOST, CHANNEL_PRIMARY.tmuxSession),
+    waitForChannelReady(CHANNEL_2_PORT, 6e4, CHANNEL_HOST, CHANNEL_SECONDARY.tmuxSession)
+  ]);
+  console.log(ready1 ? `channel 1 ready (${CHANNEL_PORT}).` : "\u26A0 channel 1 did not come up within 60s.");
+  console.log(ready2 ? `channel 2 ready (${CHANNEL_2_PORT}).` : "\u26A0 channel 2 (CWE) did not come up within 60s.");
+  await warmChannels(ready1, ready2);
 }
 function relativeTime(iso) {
   const ts = new Date(iso).getTime();
@@ -6445,8 +7462,9 @@ async function gradeCommand(args2) {
   if (mode === "edit") role = "grade-edit";
   else if (mode === "bash") role = "grade-bash";
   else if (mode === "plan") role = "grade-plan";
+  else if (mode === "cwe") role = "grade-cwe";
   else {
-    console.error("Usage: synkro grade <edit|bash|plan>");
+    console.error("Usage: synkro grade <edit|bash|plan|cwe>");
     process.exit(2);
   }
   const payload = await readStdin();