@synkro-sh/cli 1.6.15 → 1.6.16

package/dist/bootstrap.js

@@ -116,6 +116,17 @@ function installCCHooks(settingsPath, config) {
   settings.hooks.SessionEnd = settings.hooks.SessionEnd ?? [];
   settings.hooks.SessionStart = settings.hooks.SessionStart ?? [];
   settings.hooks.UserPromptSubmit = settings.hooks.UserPromptSubmit ?? [];
+  settings.hooks.PreToolUse.push({
+    matcher: "Bash",
+    hooks: [
+      {
+        type: "command",
+        command: config.installScanScriptPath,
+        timeout: 8
+      }
+    ],
+    [SYNKRO_MARKER]: true
+  });
   settings.hooks.PreToolUse.push({
     matcher: "Bash|Read|Grep|Glob",
     hooks: [
@@ -319,6 +330,12 @@ function installCursorHooks(hooksJsonPath, config) {
   pushCcHook(h, "beforeSubmitPrompt", config.userPromptSubmitScriptPath, { timeout: 5 });
   pushCcHook(h, "stop", config.transcriptSyncScriptPath, { timeout: 3 });
   h.beforeShellExecution = h.beforeShellExecution ?? [];
+  h.beforeShellExecution.push({
+    command: cursorCcCmd(config.installScanScriptPath),
+    timeout: 8,
+    failClosed: false,
+    [SYNKRO_MARKER2]: true
+  });
   h.beforeShellExecution.push({
     command: bunRunCmd(config.bashJudgeScriptPath),
     timeout: 15,
@@ -327,6 +344,13 @@ function installCursorHooks(hooksJsonPath, config) {
   });
   pushCcHook(h, "afterShellExecution", config.bashFollowupScriptPath, { timeout: 10 });
   h.preToolUse = h.preToolUse ?? [];
+  h.preToolUse.push({
+    command: cursorCcCmd(config.installScanScriptPath),
+    timeout: 8,
+    failClosed: false,
+    matcher: "Shell|Bash|terminal|run_terminal_cmd|execute_command",
+    [SYNKRO_MARKER2]: true
+  });
   h.preToolUse.push({
     command: bunRunCmd(config.bashJudgeScriptPath),
     timeout: 15,
@@ -727,7 +751,7 @@ synkro_post_with_retry() {
 });
 
 // cli/installer/hookScriptsTs.ts
-var SYNKRO_COMMON_TS, EDIT_PRECHECK_TS, CWE_PRECHECK_TS, CVE_PRECHECK_TS, BASH_JUDGE_TS, AGENT_JUDGE_TS, PLAN_JUDGE_TS, STOP_SUMMARY_TS, SESSION_START_TS, BASH_FOLLOWUP_TS, TRANSCRIPT_SYNC_TS, USER_PROMPT_SUBMIT_TS, CURSOR_BASH_JUDGE_TS, CURSOR_EDIT_CAPTURE_TS;
+var SYNKRO_COMMON_TS, EDIT_PRECHECK_TS, CWE_PRECHECK_TS, CVE_PRECHECK_TS, INSTALL_SCAN_TS, BASH_JUDGE_TS, AGENT_JUDGE_TS, PLAN_JUDGE_TS, STOP_SUMMARY_TS, SESSION_START_TS, BASH_FOLLOWUP_TS, TRANSCRIPT_SYNC_TS, USER_PROMPT_SUBMIT_TS, CURSOR_BASH_JUDGE_TS, CURSOR_EDIT_CAPTURE_TS;
 var init_hookScriptsTs = __esm({
   "cli/installer/hookScriptsTs.ts"() {
     "use strict";
@@ -975,12 +999,19 @@ export function normalizeMode(m?: string): 'ask' | 'fix' {
 
 // \u2500\u2500\u2500 Config Loading \u2500\u2500\u2500
 
+export interface RuleExample {
+  text: string;
+  verdict: 'violation' | 'ok';
+  note?: string;
+}
+
 export interface Rule {
   rule_id: string;
   text: string;
   severity: string;
   category: string;
   mode: string;
+  examples?: RuleExample[];
 }
 
 export interface HookConfig {
@@ -1032,6 +1063,7 @@ export async function loadConfig(jwt: string, query?: string): Promise<HookConfi
             severity: r.severity || '',
             category: r.category || '',
             mode: normalizeMode(r.mode),
+            examples: Array.isArray(r.examples) ? r.examples : undefined,
           }));
       }
       config.silent = raw.silent === true;
@@ -1072,6 +1104,7 @@ export async function loadConfig(jwt: string, query?: string): Promise<HookConfi
           severity: r.severity || '',
           category: r.category || '',
           mode: normalizeMode(r.mode),
+          examples: Array.isArray(r.examples) ? r.examples : undefined,
         }));
     }
   } catch {}
@@ -2271,6 +2304,8 @@ import {
 import { existsSync, readFileSync } from 'node:fs';
 import { basename, dirname, join } from 'node:path';
 
+const agentKind = process.env.SYNKRO_HOOK_FORMAT === 'cursor' ? 'cursor' : 'claude_code';
+
 async function main() {
   setupCursorHookSignals();
   try {
@@ -2362,7 +2397,7 @@ async function main() {
 
       let gradeResp: string;
       try {
-        gradeResp = await localGrade('edit', graderPrompt);
+        gradeResp = await localGrade('edit', graderPrompt, undefined, agentKind);
       } catch (err) {
         logGraderUnavailable('editGuard', fileShort, (err as Error).message || String(err));
         outputJson({ systemMessage: tagStr + ' editGuard ' + fileShort + ' \u2192 local grader unavailable, skipped' });
@@ -2483,6 +2518,7 @@ import {
 import { basename, extname, resolve, join, dirname } from 'node:path';
 import { readFileSync, readdirSync, existsSync } from 'node:fs';
 
+const agentKind = process.env.SYNKRO_HOOK_FORMAT === 'cursor' ? 'cursor' : 'claude_code';
 
 interface PackageCapability {
   name: string;
@@ -2743,8 +2779,8 @@ async function main() {
         const chunk2 = cweContent.slice(mid - OVERLAP);
         try {
           const [resp1, resp2] = await Promise.all([
-            localGradeCwe(buildCwePrompt(chunk1)),
-            localGradeCwe(buildCwePrompt(chunk2)),
+            localGradeCwe(buildCwePrompt(chunk1), agentKind),
+            localGradeCwe(buildCwePrompt(chunk2), agentKind),
           ]);
           gradeResponses = [resp1, resp2];
         } catch (gradeErr: any) {
@@ -2755,7 +2791,7 @@ async function main() {
         }
       } else {
         try {
-          gradeResponses = [await localGradeCwe(buildCwePrompt(cweContent))];
+          gradeResponses = [await localGradeCwe(buildCwePrompt(cweContent), agentKind)];
         } catch (gradeErr: any) {
           const reason = gradeErr?.message || String(gradeErr);
           logGraderUnavailable('cweGuard', fileShort, reason);
@@ -3116,6 +3152,96 @@ async function main() {
   }
 }
 
+main();
+`;
+    INSTALL_SCAN_TS = `#!/usr/bin/env bun
+import {
+  loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag,
+  readStdin, runInstallScan, dispatchFinding, dispatchCapture, hashCommand,
+  outputJson, outputEmpty, setupCursorHookSignals, isShellTool, hookSessionId, log, GATEWAY_URL,
+} from './_synkro-common.ts';
+import { writeFileSync, mkdirSync } from 'node:fs';
+import { join } from 'node:path';
+
+const SCAN_CACHE_DIR = (process.env.HOME || '/tmp') + '/.synkro/.scan-cache';
+
+async function main() {
+  setupCursorHookSignals();
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { outputEmpty(); return; }
+
+    const payload = JSON.parse(input);
+    const toolName = payload.tool_name || '';
+    if (!isShellTool(toolName)) { outputEmpty(); return; }
+
+    const toolInput = payload.tool_input || {};
+    const command = typeof payload.command === 'string' ? payload.command : (toolInput.command || '');
+    if (!command) { outputEmpty(); return; }
+
+    let jwt = loadJwt();
+    if (!jwt) { outputEmpty(); return; }
+    jwt = await ensureFreshJwt(jwt);
+
+    const scan = await runInstallScan(command, jwt);
+
+    if (scan.scanned) {
+      try {
+        mkdirSync(SCAN_CACHE_DIR, { recursive: true });
+        writeFileSync(join(SCAN_CACHE_DIR, hashCommand(command)), JSON.stringify(scan), 'utf-8');
+      } catch {}
+    }
+
+    if (!scan.scanned) { outputEmpty(); return; }
+
+    const sessionId = hookSessionId(payload);
+    const cwd = payload.cwd || '';
+    const repo = detectRepo(cwd);
+    const config = await loadConfig(jwt);
+    const rt = await route(config);
+    const tagStr = tag(rt, config);
+
+    if (scan.action === 'block') {
+      for (const f of scan.findings) {
+        dispatchFinding(jwt, {
+          session_id: sessionId,
+          file_path: command,
+          finding_type: 'cve' as const,
+          finding_id: f.advisoryId + ':' + f.name,
+          severity: f.severity,
+          status: 'open',
+          detail: f.detail,
+          package_name: f.name,
+          package_version: f.version,
+        }, config.captureDepth);
+      }
+      dispatchCapture(jwt, 'pkg', 'block', 'critical', 'security',
+        'Bash', repo, sessionId, config.captureDepth, {
+          command, reasoning: scan.blockContext.slice(0, 200),
+          violatedRules: scan.violatedIds,
+        });
+      outputJson({
+        systemMessage: '[synkro:installScan] ' + scan.summary,
+        hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: '[synkro:installScan] ' + scan.summary },
+      });
+    } else if (scan.action === 'warn') {
+      outputJson({
+        systemMessage: '[synkro:installScan] ' + scan.summary,
+        hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: '[synkro:installScan] ' + scan.summary },
+      });
+    } else {
+      const label = scan.scannedLabel || command.slice(0, 80);
+      outputJson({
+        systemMessage: '[synkro:installScan] ' + label + ' \\u2192 clean',
+        hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: '[synkro:installScan] ' + label + ' \\u2192 clean' },
+      });
+    }
+  } catch (err) {
+    process.stderr.write('[synkro] installScan error: ' + String(err) + '\\n');
+    outputEmpty();
+  }
+}
+
 main();
 `;
     BASH_JUDGE_TS = String.raw`#!/usr/bin/env bun
@@ -3126,9 +3252,43 @@ import {
   extractTranscript, readLastPrompt, appendSessionAction, readSessionLog, compressSessionLog, log,
   outputJson, outputEmpty, setupCursorHookSignals, isShellTool, hookSessionId, GATEWAY_URL,
   logGraderUnavailable, filterRules, normalizeMode, appendLocalTelemetry, isSafeInRepoRead,
-  runInstallScan,
+  hashCommand,
   type HookConfig, type Rule,
 } from './_synkro-common.ts';
+import { createHash } from 'node:crypto';
+import { existsSync, statSync, readFileSync, writeFileSync, mkdirSync, unlinkSync } from 'node:fs';
+import { join } from 'node:path';
+
+const SCAN_CACHE_DIR = (process.env.HOME || '/tmp') + '/.synkro/.scan-cache';
+
+function readCachedScan(command: string): any | null {
+  try {
+    const path = join(SCAN_CACHE_DIR, hashCommand(command));
+    if (!existsSync(path)) return null;
+    const data = JSON.parse(readFileSync(path, 'utf-8'));
+    unlinkSync(path);
+    return data;
+  } catch { return null; }
+}
+
+const DEDUP_DIR = process.env.HOME + '/.synkro/.dedup';
+const DEDUP_TTL_MS = 3000;
+
+function isDuplicate(command: string, sessionId: string): boolean {
+  const hash = createHash('md5').update(sessionId + ':' + command).digest('hex').slice(0, 12);
+  const marker = DEDUP_DIR + '/' + hash;
+  try {
+    if (existsSync(marker)) {
+      const age = Date.now() - statSync(marker).mtimeMs;
+      if (age < DEDUP_TTL_MS) return true;
+    }
+  } catch {}
+  try {
+    mkdirSync(DEDUP_DIR, { recursive: true });
+    writeFileSync(marker, '', { flag: 'w' });
+  } catch {}
+  return false;
+}
 
 async function main() {
   setupCursorHookSignals();
@@ -3166,6 +3326,12 @@ async function main() {
     }
     if (!command) { outputEmpty(); return; }
 
+    if (isDuplicate(command, sessionId)) {
+      log('bashGuard skip (dedup): ' + command.slice(0, 80));
+      outputEmpty();
+      return;
+    }
+
     const cmdShort = command.slice(0, 80);
     log('bashGuard checking: ' + cmdShort);
 
@@ -3211,45 +3377,20 @@ async function main() {
       return;
     }
 
-    // ─── Install protection: server-side pkg-scan (CVE + typosquat + tarball + reputation) ───
-    // Detection + extraction happen server-side (runInstallScan); the hook
-    // relays the verdict. A block is handed to the grader as an authoritative
-    // concern so the normal ask + consent-carryover flow lets the user
-    // override it on the next turn.
-    let installScanMsg = '';
+    // ─── Install protection: read cached scan from the install-scan hook ───
+    // The install-scan hook (INSTALL_SCAN_TS) runs before this hook, calls
+    // runInstallScan(), outputs its own system message, and caches the result.
+    // We just read the cache to feed scanConcern into the grader prompt so
+    // the consent-carryover flow works.
     let scanConcern = '';
     let scanBlockContext = '';
     if (toolName === 'Bash') {
-      const scan = await runInstallScan(command, jwt);
-      if (scan.action === 'block') {
-        for (const f of scan.findings) {
-          dispatchFinding(jwt, {
-            session_id: sessionId,
-            file_path: command,
-            finding_type: 'cve' as const,
-            finding_id: f.advisoryId + ':' + f.name,
-            severity: f.severity,
-            status: 'open',
-            detail: f.detail,
-            package_name: f.name,
-            package_version: f.version,
-          }, config.captureDepth);
-        }
-        dispatchCapture(jwt, 'pkg', 'block', 'critical', 'security',
-          'Bash', gitRepo, sessionId, config.captureDepth, {
-            command,
-            reasoning: scan.blockContext.slice(0, 200),
-            violatedRules: scan.violatedIds,
-            ccModel: transcript.ccModel,
-          });
-        scanBlockContext = scan.blockContext;
+      const scan = readCachedScan(command);
+      if (scan && scan.action === 'block') {
+        scanBlockContext = scan.blockContext || '';
         scanConcern = 'PACKAGE SCANNER FLAG (authoritative — do NOT re-evaluate whether the vulnerability is real): '
-          + scan.blockContext
+          + scanBlockContext
           + ' For this concern you MUST return ok=false with rule_id "SYNKRO_PKGSCAN", rule_mode "ask", and the reason above — UNLESS the user has explicitly consented in this conversation to installing this despite the warning, in which case return ok=true.';
-      } else if (scan.scanned && scan.action === 'warn') {
-        installScanMsg = '[synkro:installScan] ' + scan.summary;
-      } else if (scan.scanned) {
-        installScanMsg = '[synkro:installScan] ' + (scan.scannedLabel || cmdShort) + ' → clean';
       }
     }
 
@@ -3305,10 +3446,9 @@ async function main() {
         const blockMsg = mode === 'fix'
           ? tagStr + ' bashGuard → blocked' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation') + '. Fix this before retrying — do not ask the user.'
           : tagStr + ' bashGuard → blocked' + (verdict.ruleId ? ' (' + verdict.ruleId + ')' : '') + ': ' + (verdict.reason || 'policy violation') + '. Ask the user for explicit consent before retrying.';
-        const combined = (installScanMsg ? installScanMsg + '\\n' : '') + blockMsg;
         outputJson({
-          systemMessage: combined,
-          hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: blockMsg, additionalContext: combined },
+          systemMessage: blockMsg,
+          hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: blockMsg, additionalContext: blockMsg },
         });
         dispatchCapture(jwt, 'bash', 'block', verdict.severity || 'critical', verdict.category || 'security',
           toolName, gitRepo, sessionId, config.captureDepth, {
@@ -3317,8 +3457,10 @@ async function main() {
           });
       } else {
         const reason = tagStr + ' bashGuard → pass: ' + (verdict.reason || 'no policy violations detected');
-        const combined = (installScanMsg ? installScanMsg + '\\n' : '') + reason;
-        outputJson({ systemMessage: combined, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: combined } });
+        outputJson({
+          systemMessage: reason,
+          hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: reason },
+        });
         dispatchCapture(jwt, 'bash', 'pass', 'clean', verdict.category || 'trivial_utility',
           toolName, gitRepo, sessionId, config.captureDepth, {
             command, reasoning: verdict.reason || 'no policy violations detected',
@@ -3370,30 +3512,16 @@ async function main() {
 
     if (!resp) {
       log('bashGuard ' + cmdShort + ' → error (timeout)');
-      if (installScanMsg) {
-        outputJson({ systemMessage: installScanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: installScanMsg } });
-      } else { outputEmpty(); }
+      outputEmpty();
       return;
     }
 
     if (!resp.hook_response || typeof resp.hook_response !== 'object') {
       log('bashGuard ' + cmdShort + ' → pass (no hook_response)');
-      if (installScanMsg) {
-        outputJson({ systemMessage: installScanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: installScanMsg } });
-      } else { outputEmpty(); }
+      outputEmpty();
       return;
     }
 
-    if (installScanMsg) {
-      const existing = resp.hook_response.systemMessage || '';
-      resp.hook_response.systemMessage = installScanMsg + (existing ? '\\n' + existing : '');
-      if (resp.hook_response.hookSpecificOutput) {
-        const existingCtx = resp.hook_response.hookSpecificOutput.additionalContext || '';
-        resp.hook_response.hookSpecificOutput.additionalContext = installScanMsg + (existingCtx ? '\\n' + existingCtx : '');
-      } else {
-        resp.hook_response.hookSpecificOutput = { hookEventName: 'PreToolUse', additionalContext: resp.hook_response.systemMessage };
-      }
-    }
     outputJson(resp.hook_response);
   } catch (err) {
     process.stderr.write('[synkro] bashGuard error: ' + String(err) + '\\n');
@@ -3413,6 +3541,8 @@ import {
   type HookConfig, type Rule,
 } from './_synkro-common.ts';
 
+const agentKind = process.env.SYNKRO_HOOK_FORMAT === 'cursor' ? 'cursor' : 'claude_code';
+
 async function main() {
   setupCursorHookSignals();
   try {
@@ -3482,7 +3612,7 @@ async function main() {
 
       let gradeResp: string;
       try {
-        gradeResp = await localGrade('bash', graderPrompt);
+        gradeResp = await localGrade('bash', graderPrompt, undefined, agentKind);
       } catch (err) {
         logGraderUnavailable('agentGuard', subagentType || (description || '').slice(0, 100), (err as Error).message || String(err));
         outputJson({ systemMessage: tagStr + ' agentGuard \u2192 local grader unavailable, skipped' });
@@ -3581,6 +3711,8 @@ import { existsSync, readFileSync, writeFileSync, readdirSync, statSync } from '
 import { join } from 'node:path';
 import { homedir } from 'node:os';
 
+const agentKind = process.env.SYNKRO_HOOK_FORMAT === 'cursor' ? 'cursor' : 'claude_code';
+
 function findLatestPlanInDir(plansDir: string): string | null {
   if (!existsSync(plansDir)) return null;
   try {
@@ -3672,7 +3804,7 @@ async function main() {
 
       let gradeResp: string;
       try {
-        gradeResp = await localGrade('plan', graderPrompt);
+        gradeResp = await localGrade('plan', graderPrompt, undefined, agentKind);
       } catch {
         outputJson({ systemMessage: tagStr + ' planReview \u2192 local grader unavailable, skipped' });
         return;
@@ -4163,13 +4295,26 @@ main();
 import {
   loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag, localGrade,
   parseVerdict, dispatchCapture, dispatchFinding, ruleMode, normalizeMode, filterRules,
-  isSafeInRepoRead, runInstallScan, postWithRetry, readStdin,
+  isSafeInRepoRead, postWithRetry, readStdin, hashCommand,
   extractTranscript, readLastPrompt, readSessionLog, compressSessionLog,
   appendLocalTelemetry, logGraderUnavailable, log, GATEWAY_URL,
   type Rule,
 } from './_synkro-common.ts';
 import { createHash } from 'node:crypto';
-import { existsSync, statSync, writeFileSync, mkdirSync } from 'node:fs';
+import { existsSync, statSync, readFileSync, writeFileSync, mkdirSync, unlinkSync } from 'node:fs';
+import { join } from 'node:path';
+
+const SCAN_CACHE_DIR = (process.env.HOME || '/tmp') + '/.synkro/.scan-cache';
+
+function readCachedScan(command: string): any | null {
+  try {
+    const path = join(SCAN_CACHE_DIR, hashCommand(command));
+    if (!existsSync(path)) return null;
+    const data = JSON.parse(readFileSync(path, 'utf-8'));
+    unlinkSync(path);
+    return data;
+  } catch { return null; }
+}
 
 const DEDUP_DIR = process.env.HOME + '/.synkro/.dedup';
 const DEDUP_TTL_MS = 3000;
@@ -4298,33 +4443,16 @@ async function main() {
     const rt = await route(config);
     const tagStr = tag(rt, config);
 
-    // Install protection \u2014 scan packages before any npm/pip/cargo/etc. install.
-    // A block is handed to the grader as an authoritative concern so the
-    // normal ask + consent-carryover flow can let the user override it.
+    // Install protection \u2014 read cached scan from the install-scan hook.
     let scanConcern = '';
     let scanBlockContext = '';
     if (SHELL_TOOL_NAMES.has(toolName)) {
-      const scan = await runInstallScan(command, jwt);
-      if (scan.action === 'block') {
-        for (const f of scan.findings) {
-          dispatchFinding(jwt, {
-            session_id: sessionId, file_path: command,
-            finding_type: 'cve' as const, finding_id: f.advisoryId + ':' + f.name,
-            severity: f.severity, status: 'open', detail: f.detail,
-            package_name: f.name, package_version: f.version,
-          }, config.captureDepth);
-        }
-        dispatchCapture(jwt, 'pkg', 'block', 'critical', 'security',
-          'Bash', repo, sessionId, config.captureDepth, {
-            command, reasoning: scan.blockContext.slice(0, 200),
-            violatedRules: scan.violatedIds, ccModel: model,
-          });
-        scanBlockContext = scan.blockContext;
+      const scan = readCachedScan(command);
+      if (scan && scan.action === 'block') {
+        scanBlockContext = scan.blockContext || '';
         scanConcern = 'PACKAGE SCANNER FLAG (authoritative \u2014 do NOT re-evaluate whether the vulnerability is real): '
-          + scan.blockContext
+          + scanBlockContext
           + ' For this concern you MUST return ok=false with rule_id "SYNKRO_PKGSCAN", rule_mode "ask", and the reason above \u2014 UNLESS the user has explicitly consented in this conversation to installing this despite the warning, in which case return ok=true.';
-      } else if (scan.scanned && scan.action === 'warn') {
-        log('bashGuard installScan warn: ' + scan.summary);
       }
     }
 
@@ -5680,8 +5808,6 @@ async function dockerInstall(opts = {}) {
     `127.0.0.1:${HOST_GRADER_PORT}:8929`,
     "-p",
     `127.0.0.1:${HOST_CWE_PORT}:8930`,
-    "-p",
-    `127.0.0.1:${HOST_PG_PORT}:5433`,
     "-v",
     `${PGDATA_PATH}:/data/pgdata`,
     "-v",
@@ -5910,7 +6036,7 @@ function checkPgdata() {
   if (!hasPgControl) return { healthy: false, details: "pg_control/global directory missing" };
   return { healthy: true, details: `${entries.length} entries, WAL present, no stale PID` };
 }
-var SYNKRO_DIR2, MCP_JWT_PATH, PGDATA_PATH, CLAUDE_HOST_STATE_DIR, CLAUDE_HOST_STATE_FILE, HOST_MCP_PORT, HOST_GRADER_PORT, HOST_CWE_PORT, HOST_PG_PORT, CONTAINER_NAME, DEFAULT_IMAGE, DockerInstallError, BACKUP_DIR;
+var SYNKRO_DIR2, MCP_JWT_PATH, PGDATA_PATH, CLAUDE_HOST_STATE_DIR, CLAUDE_HOST_STATE_FILE, HOST_MCP_PORT, HOST_GRADER_PORT, HOST_CWE_PORT, CONTAINER_NAME, DEFAULT_IMAGE, DockerInstallError, BACKUP_DIR;
 var init_dockerInstall = __esm({
   "cli/local-cc/dockerInstall.ts"() {
     "use strict";
@@ -5924,7 +6050,6 @@ var init_dockerInstall = __esm({
     HOST_MCP_PORT = parseInt(process.env.SYNKRO_HOST_MCP_PORT || "18931", 10);
     HOST_GRADER_PORT = parseInt(process.env.SYNKRO_HOST_GRADER_PORT || "18929", 10);
     HOST_CWE_PORT = parseInt(process.env.SYNKRO_HOST_CWE_PORT || "18930", 10);
-    HOST_PG_PORT = parseInt(process.env.SYNKRO_HOST_PG_PORT || "15433", 10);
     CONTAINER_NAME = "synkro-server";
     DEFAULT_IMAGE = "ghcr.io/synkro-sh/synkro-server:latest";
     DockerInstallError = class extends Error {
@@ -6440,6 +6565,7 @@ function writeHookScripts() {
   const userPromptSubmitScriptPath = join8(HOOKS_DIR, "cc-user-prompt-submit.ts");
   const commonScriptPath = join8(HOOKS_DIR, "_synkro-common.ts");
   const commonBashScriptPath = join8(HOOKS_DIR, "_synkro-common.sh");
+  const installScanScriptPath = join8(HOOKS_DIR, "cc-install-scan.ts");
   const cursorBashJudgePath = join8(HOOKS_DIR, "cursor-bash-judge.ts");
   const cursorEditCapturePath = join8(HOOKS_DIR, "cursor-edit-capture.ts");
   const mcpStdioProxyPath = join8(HOOKS_DIR, "mcp-stdio-proxy.ts");
@@ -6456,6 +6582,7 @@ function writeHookScripts() {
   writeFileSync7(userPromptSubmitScriptPath, USER_PROMPT_SUBMIT_TS, "utf-8");
   writeFileSync7(commonScriptPath, SYNKRO_COMMON_TS, "utf-8");
   writeFileSync7(commonBashScriptPath, SYNKRO_COMMON_SCRIPT, "utf-8");
+  writeFileSync7(installScanScriptPath, INSTALL_SCAN_TS, "utf-8");
   writeFileSync7(cursorBashJudgePath, CURSOR_BASH_JUDGE_TS, "utf-8");
   writeFileSync7(cursorEditCapturePath, CURSOR_EDIT_CAPTURE_TS, "utf-8");
   writeFileSync7(mcpStdioProxyPath, MCP_STDIO_PROXY_SRC, "utf-8");
@@ -6472,6 +6599,7 @@ function writeHookScripts() {
   chmodSync2(userPromptSubmitScriptPath, 493);
   chmodSync2(commonScriptPath, 493);
   chmodSync2(commonBashScriptPath, 493);
+  chmodSync2(installScanScriptPath, 493);
   chmodSync2(cursorBashJudgePath, 493);
   chmodSync2(cursorEditCapturePath, 493);
   chmodSync2(mcpStdioProxyPath, 493);
@@ -6487,6 +6615,7 @@ function writeHookScripts() {
     sessionStartScript: sessionStartScriptPath,
     transcriptSyncScript: transcriptSyncScriptPath,
     userPromptSubmitScript: userPromptSubmitScriptPath,
+    installScanScript: installScanScriptPath,
     cursorBashJudgeScript: cursorBashJudgePath,
     cursorEditCaptureScript: cursorEditCapturePath
   };
@@ -6520,7 +6649,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.6.15")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.6.16")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
@@ -6762,6 +6891,7 @@ async function installCommand(opts = {}) {
         sessionStartScriptPath: scripts.sessionStartScript,
         transcriptSyncScriptPath: scripts.transcriptSyncScript,
         userPromptSubmitScriptPath: scripts.userPromptSubmitScript,
+        installScanScriptPath: scripts.installScanScript,
         skipTranscriptSync: !transcriptConsent
       });
       console.log(`Configured ${agent.name} hooks at ${agent.settingsPath}`);
@@ -6779,7 +6909,8 @@ async function installCommand(opts = {}) {
         stopSummaryScriptPath: scripts.stopSummaryScript,
         sessionStartScriptPath: scripts.sessionStartScript,
         userPromptSubmitScriptPath: scripts.userPromptSubmitScript,
-        transcriptSyncScriptPath: scripts.transcriptSyncScript
+        transcriptSyncScriptPath: scripts.transcriptSyncScript,
+        installScanScriptPath: scripts.installScanScript
       });
       console.log(`Configured ${agent.name} hooks at ${agent.settingsPath}`);
     }
@@ -9185,7 +9316,7 @@ var args = process.argv.slice(2);
 var cmd = args[0] || "";
 var subArgs = args.slice(1);
 function printVersion() {
-  console.log("1.6.15");
+  console.log("1.6.16");
 }
 function printHelp2() {
   console.log(`Synkro CLI \u2014 runtime safety for AI coding agents