@synkro-sh/cli 1.6.27 → 1.6.29

package/dist/bootstrap.js

@@ -336,6 +336,12 @@ function installCursorHooks(hooksJsonPath, config) {
     failClosed: false,
     [SYNKRO_MARKER2]: true
   });
+  h.beforeShellExecution.push({
+    command: cursorCcCmd(config.cwePrecheckScriptPath),
+    timeout: 60,
+    failClosed: false,
+    [SYNKRO_MARKER2]: true
+  });
   h.beforeShellExecution.push({
     command: bunRunCmd(config.bashJudgeScriptPath),
     timeout: 15,
@@ -351,6 +357,13 @@ function installCursorHooks(hooksJsonPath, config) {
     matcher: "Shell|Bash|terminal|run_terminal_cmd|execute_command",
     [SYNKRO_MARKER2]: true
   });
+  h.preToolUse.push({
+    command: cursorCcCmd(config.cwePrecheckScriptPath),
+    timeout: 60,
+    failClosed: false,
+    matcher: "Shell|Bash|terminal|run_terminal_cmd|execute_command",
+    [SYNKRO_MARKER2]: true
+  });
   h.preToolUse.push({
     command: bunRunCmd(config.bashJudgeScriptPath),
     timeout: 15,
@@ -773,7 +786,8 @@ var init_hookScriptsTs = __esm({
     "use strict";
     SYNKRO_COMMON_TS = `
 // Shared Synkro hook utilities \u2014 imported by all hook scripts.
-import { readFileSync, writeFileSync, appendFileSync, mkdirSync, existsSync, renameSync, openSync, closeSync, unlinkSync, readdirSync, statSync } from 'node:fs';
+import { readFileSync, writeFileSync, appendFileSync, mkdirSync, existsSync, renameSync, openSync, closeSync, unlinkSync, readdirSync, statSync, createReadStream } from 'node:fs';
+import { createInterface } from 'node:readline';
 import { join, dirname, basename, extname, resolve as resolvePath } from 'node:path';
 import { homedir } from 'node:os';
 import { execSync } from 'node:child_process';
@@ -827,6 +841,51 @@ export function isPathUnder(filePath: string, cwd: string): boolean {
   return resolved.startsWith(base + '/') || resolved === base;
 }
 
+const SHELL_CODE_FILE_EXT = /.(ts|tsx|js|jsx|mjs|cjs|py|go|java|rb|php|rs|vue|svelte)$/i;
+
+export interface ShellCodeWrite {
+  filePath: string;
+  content: string;
+}
+
+/** Detect shell commands that write/rewrite source files (closes Edit-tool CWE bypass). */
+export function extractShellCodeWrites(command: string, cwd: string): ShellCodeWrite[] {
+  if (!command.trim()) return [];
+  const writes: ShellCodeWrite[] = [];
+  const seen = new Set<string>();
+
+  function add(rawPath: string, content: string) {
+    const trimmed = rawPath.trim().replace(/^['"]|['"]$/g, '');
+    if (!trimmed) return;
+    const resolved = trimmed.startsWith('/') ? resolvePath(trimmed) : resolvePath(cwd || '.', trimmed);
+    if (!SHELL_CODE_FILE_EXT.test(resolved)) return;
+    const key = resolved;
+    if (seen.has(key)) return;
+    seen.add(key);
+    writes.push({ filePath: resolved, content: content.slice(0, 6000) });
+  }
+
+  const heredocBodies: string[] = [];
+  const heredocRe = /<<-?\\s*['"]?(\\w+)['"]?\\s*\\n([\\s\\S]*?)\\n\\1\\b/g;
+  let hm: RegExpExecArray | null;
+  while ((hm = heredocRe.exec(command)) !== null) {
+    heredocBodies.push(hm[2]);
+  }
+  const body = heredocBodies.length > 0 ? heredocBodies.join('\\n\\n') : command;
+
+  for (const m of command.matchAll(/Path\\s*\\(\\s*['"]([^'"]+)['"]\\s*\\)/g)) add(m[1], body);
+  for (const m of command.matchAll(/writeFileSync\\s*\\(\\s*['"]([^'"]+)['"]/g)) add(m[1], body);
+  for (const m of command.matchAll(/writeFile\\s*\\(\\s*['"]([^'"]+)['"]/g)) add(m[1], body);
+  for (const m of command.matchAll(/(?:^|[\\s;|])(?:>>?)\\s*([^\\s;&|]+\\.(?:ts|tsx|js|jsx|mjs|cjs|py|go|java|rb|php|rs|vue|svelte))\\b/gim)) {
+    add(m[1], body);
+  }
+  for (const m of command.matchAll(/\\btee(?:\\s+-a)?\\s+([^\\s;&|]+\\.(?:ts|tsx|js|jsx|mjs|cjs|py|go|java|rb|php|rs|vue|svelte))\\b/gi)) {
+    add(m[1], body);
+  }
+
+  return writes;
+}
+
 // \u2500\u2500\u2500 Logging \u2500\u2500\u2500
 
 // Hooks must keep stderr quiet for non-error paths. Claude Code's PreToolUse
@@ -1220,10 +1279,11 @@ export async function route(config: HookConfig): Promise<'local' | 'cloud'> {
   return 'cloud';
 }
 
-export async function cweRoute(config: HookConfig): Promise<'local' | 'cloud'> {
-  if (config.captureDepth === 'local_only') return 'local';
+export async function cweRoute(config: HookConfig): Promise<'local' | 'byok' | 'skip'> {
+  const gradingMode = process.env.SYNKRO_GRADING_MODE || config.gradingMode || 'local';
+  if (gradingMode === 'byok') return 'byok';
   if (await cweChannelUp()) return 'local';
-  return 'cloud';
+  return 'skip';
 }
 
 // \u2500\u2500\u2500 Tag Building \u2500\u2500\u2500
@@ -1299,10 +1359,10 @@ export async function localGrade(surface: string, prompt: string, timeoutMs = 30
   return channelGrade(ROLE_MAP[surface] || 'grade-edit', prompt, jwt, 18929, timeoutMs, agentKind);
 }
 
-export async function localGradeCwe(prompt: string, agentKind: AgentKind = 'claude_code'): Promise<string> {
+export async function localGradeCwe(prompt: string, agentKind: AgentKind = 'claude_code', timeoutMs = 45000): Promise<string> {
   const jwt = loadJwt();
   if (!jwt) throw new Error('NO_JWT');
-  return channelGrade('grade-cwe', prompt, jwt, 18930, 45000, agentKind);
+  return channelGrade('grade-cwe', prompt, jwt, 18930, timeoutMs, agentKind);
 }
 
 // \u2500\u2500\u2500 Rule Pre-Filter (embedding-based) \u2500\u2500\u2500
@@ -1768,7 +1828,7 @@ export function dispatchCapture(
   },
 ): void {
   // Fire-and-forget
-  const eventId = 'evt_' + Date.now() + '_' + process.pid;
+  const eventId = mintEventId('evt');
   const model = normalizeCaptureModel(opts?.ccModel || 'unknown');
 
   const body: Record<string, any> = {
@@ -1817,105 +1877,194 @@ export function dispatchCapture(
 
 // \u2500\u2500\u2500 Durable Telemetry Spool \u2500\u2500\u2500
 // Telemetry must survive process death, container restarts, and ingest-server
-// backpressure. Instead of a fire-and-forget POST (which silently dropped
-// captures under parallel load), every event is appended synchronously to a
-// local JSONL spool \u2014 a write that completes before the function returns and
-// outlives the hook process. A background drainer (kicked from loadConfig, so
-// it overlaps the multi-second grade) batch-ships the spool to the ingest
-// server and only deletes events after a confirmed write. Ingest is idempotent
-// (ON CONFLICT DO NOTHING on event_id), so a retried or double-drained event
-// is harmless.
+// backpressure. Every event is appended synchronously to a local JSONL spool.
+// drainSpool streams claim files line-by-line (never loads multi-GB into RAM),
+// ships in batches, and on partial failure only re-spools the batches that
+// did not land \u2014 never the whole claim file (that caused 2GB amplification).
 
 const TELEMETRY_SPOOL = join(HOME, '.synkro', 'telemetry-spool.jsonl');
 const SPOOL_DRAIN_PREFIX = 'telemetry-spool.jsonl.draining.';
+const SPOOL_DRAIN_LOCK = join(HOME, '.synkro', 'telemetry-spool.drain.lock');
+const SPOOL_MAX_CLAIM_BYTES = 50 * 1024 * 1024;
+const SPOOL_BATCH_SIZE = 200;
+const SPOOL_DRAIN_LOCK_STALE_MS = 120_000;
+
+/** Stable id for spool rows \u2014 required for idempotent ingest (ON CONFLICT). */
+export function mintEventId(prefix = 'evt'): string {
+  return prefix + '_' + Date.now() + '_' + process.pid;
+}
 
-// appendLocalTelemetry \u2014 durably records one telemetry event. The synchronous
-// append IS the durability guarantee; nothing here can drop the event.
 export function appendLocalTelemetry(body: Record<string, any>): void {
-  // Cloud storage mode: the dashboard reads Timescale and a cloud-only setup
-  // has no container to drain a local spool \u2014 so skip it. Cloud telemetry goes
-  // via shipCloud; the local spool is only meaningful in local storage mode.
   if ((process.env.SYNKRO_STORAGE_MODE || 'local') !== 'local') return;
-  const event = { ...body, _ts: new Date().toISOString() };
+  const event = { ...body };
+  if (!event.event_id) {
+    const ct = String(event.capture_type || '');
+    const prefix = ct === 'usage_tick' ? 'usage' : ct === 'edit_scan' ? 'edit' : 'evt';
+    event.event_id = mintEventId(prefix);
+  }
+  if (!event._ts) event._ts = new Date().toISOString();
   try {
     appendFileSync(TELEMETRY_SPOOL, JSON.stringify(event) + '\\n');
   } catch {}
 }
 
-// drainSpool \u2014 claims the spool via atomic rename, batch-ships it to the
-// ingest server, deletes on success, re-spools on failure. Fire-and-forget:
-// callers kick it and let it run concurrently with the grade.
-export async function drainSpool(): Promise<void> {
-  const dir = join(HOME, '.synkro');
-  const claimed: string[] = [];
-
-  // 1. Claim the live spool by atomic rename \u2014 a fresh spool takes new writes.
+function tryAcquireDrainLock(): boolean {
   try {
-    if (existsSync(TELEMETRY_SPOOL) && statSync(TELEMETRY_SPOOL).size > 0) {
-      const claim = join(dir, SPOOL_DRAIN_PREFIX + process.pid + '.' + Date.now());
-      renameSync(TELEMETRY_SPOOL, claim);
-      claimed.push(claim);
+    if (existsSync(SPOOL_DRAIN_LOCK)) {
+      if (Date.now() - statSync(SPOOL_DRAIN_LOCK).mtimeMs < SPOOL_DRAIN_LOCK_STALE_MS) return false;
+      unlinkSync(SPOOL_DRAIN_LOCK);
     }
-  } catch {}
+    mkdirSync(dirname(SPOOL_DRAIN_LOCK), { recursive: true });
+    writeFileSync(SPOOL_DRAIN_LOCK, String(process.pid) + '\\n');
+    return true;
+  } catch {
+    return false;
+  }
+}
 
-  // 2. Recover orphaned claim files \u2014 a previous hook died mid-drain. Only
-  // adopt claims older than 30s so we never steal another hook's in-flight drain.
+function releaseDrainLock(): void {
+  try { unlinkSync(SPOOL_DRAIN_LOCK); } catch {}
+}
+
+async function postSpoolBatch(mcpPort: string, mcpToken: string, events: any[]): Promise<boolean> {
+  if (!events.length) return true;
   try {
-    for (const f of readdirSync(dir)) {
-      if (!f.startsWith(SPOOL_DRAIN_PREFIX)) continue;
-      const full = join(dir, f);
-      if (claimed.indexOf(full) !== -1) continue;
-      try {
-        if (Date.now() - statSync(full).mtimeMs > 30000) claimed.push(full);
-      } catch {}
+    const resp = await fetch('http://127.0.0.1:' + mcpPort + '/api/ingest/batch', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + mcpToken },
+      body: JSON.stringify({ events }),
+      signal: AbortSignal.timeout(30000),
+    });
+    if (!resp.ok) {
+      const errBody = await resp.text().catch(() => '');
+      log('drainSpool batch HTTP ' + resp.status + ': ' + errBody.slice(0, 120));
     }
-  } catch {}
-  if (claimed.length === 0) return;
+    return resp.ok;
+  } catch (e) {
+    log('drainSpool batch error: ' + ((e as Error).message || String(e)).slice(0, 120));
+    return false;
+  }
+}
 
-  // 3. Read every event out of the claimed files.
-  const events: any[] = [];
-  for (const f of claimed) {
-    try {
-      for (const line of readFileSync(f, 'utf-8').split('\\n')) {
-        const t = line.trim();
-        if (!t) continue;
-        try { events.push(JSON.parse(t)); } catch {}
-      }
-    } catch {}
+function quarantineOversizedClaim(claimPath: string): void {
+  const stuck = claimPath + '.STUCK-OVERSIZED.bak';
+  try {
+    renameSync(claimPath, stuck);
+    log('drainSpool quarantined oversized claim \u2192 ' + basename(stuck));
+  } catch (e) {
+    log('drainSpool quarantine failed: ' + String(e));
   }
-  if (events.length === 0) {
-    for (const f of claimed) { try { unlinkSync(f); } catch {} }
+}
+
+async function drainClaimFile(claimPath: string, mcpPort: string, mcpToken: string): Promise<void> {
+  let sz = 0;
+  try { sz = statSync(claimPath).size; } catch { return; }
+  if (sz === 0) {
+    try { unlinkSync(claimPath); } catch {}
+    return;
+  }
+  if (sz > SPOOL_MAX_CLAIM_BYTES) {
+    quarantineOversizedClaim(claimPath);
     return;
   }
 
-  // 4. Ship to /api/ingest/batch in chunks. A token is required by the server.
-  const mcpPort = process.env.SYNKRO_MCP_PORT || '18931';
-  let mcpToken = '';
-  try { mcpToken = readFileSync(join(HOME, '.synkro', '.mcp-jwt'), 'utf-8').trim(); } catch {}
-  if (!mcpToken) return; // leave claim files; a later drain retries them
+  const pending: any[] = [];
+  let batch: any[] = [];
+  let failed = false;
 
-  let allOk = true;
-  for (let i = 0; i < events.length; i += 200) {
+  const rl = createInterface({
+    input: createReadStream(claimPath, { encoding: 'utf8' }),
+    crlfDelay: Infinity,
+  });
+
+  for await (const line of rl) {
+    if (failed) {
+      const t = line.trim();
+      if (!t) continue;
+      try { pending.push(JSON.parse(t)); } catch {}
+      continue;
+    }
+    const t = line.trim();
+    if (!t) continue;
     try {
-      const resp = await fetch('http://127.0.0.1:' + mcpPort + '/api/ingest/batch', {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + mcpToken },
-        body: JSON.stringify({ events: events.slice(i, i + 200) }),
-        signal: AbortSignal.timeout(8000),
-      });
-      if (!resp.ok) { allOk = false; break; }
-    } catch { allOk = false; break; }
+      batch.push(JSON.parse(t));
+    } catch {
+      continue;
+    }
+    if (batch.length < SPOOL_BATCH_SIZE) continue;
+    const chunk = batch.splice(0, SPOOL_BATCH_SIZE);
+    if (!(await postSpoolBatch(mcpPort, mcpToken, chunk))) {
+      pending.push(...chunk);
+      failed = true;
+    }
   }
 
-  // 5. Success \u2192 drop the claim files. Failure \u2192 re-spool for the next drain.
-  if (allOk) {
-    for (const f of claimed) { try { unlinkSync(f); } catch {} }
-  } else {
+  if (!failed && batch.length > 0) {
+    if (!(await postSpoolBatch(mcpPort, mcpToken, batch))) {
+      pending.push(...batch);
+      failed = true;
+    } else {
+      batch = [];
+    }
+  } else if (failed && batch.length > 0) {
+    pending.push(...batch);
+  }
+
+  if (pending.length === 0) {
+    try { unlinkSync(claimPath); } catch {}
+    return;
+  }
+
+  try {
+    for (const evt of pending) {
+      appendFileSync(TELEMETRY_SPOOL, JSON.stringify(evt) + '\\n');
+    }
+    try { unlinkSync(claimPath); } catch {}
+    log('drainSpool re-spooled ' + pending.length + ' events from ' + basename(claimPath));
+  } catch (e) {
+    log('drainSpool re-spool failed: ' + String(e));
+  }
+}
+
+export async function drainSpool(): Promise<void> {
+  if (!tryAcquireDrainLock()) return;
+
+  const dir = join(HOME, '.synkro');
+  const claimed: string[] = [];
+
+  try {
     try {
-      appendFileSync(TELEMETRY_SPOOL, events.map(e => JSON.stringify(e)).join('\\n') + '\\n');
-      for (const f of claimed) { try { unlinkSync(f); } catch {} }
+      if (existsSync(TELEMETRY_SPOOL) && statSync(TELEMETRY_SPOOL).size > 0) {
+        const claim = join(dir, SPOOL_DRAIN_PREFIX + process.pid + '.' + Date.now());
+        renameSync(TELEMETRY_SPOOL, claim);
+        claimed.push(claim);
+      }
     } catch {}
-    // if re-spool failed, claim files remain and are recovered as orphans later
+
+    try {
+      for (const f of readdirSync(dir)) {
+        if (!f.startsWith(SPOOL_DRAIN_PREFIX)) continue;
+        if (f.includes('.STUCK-') || f.endsWith('.bak')) continue;
+        const full = join(dir, f);
+        if (claimed.indexOf(full) !== -1) continue;
+        try {
+          if (Date.now() - statSync(full).mtimeMs > 30000) claimed.push(full);
+        } catch {}
+      }
+    } catch {}
+
+    if (claimed.length === 0) return;
+
+    const mcpPort = process.env.SYNKRO_MCP_PORT || '18931';
+    let mcpToken = '';
+    try { mcpToken = readFileSync(join(HOME, '.synkro', '.mcp-jwt'), 'utf-8').trim(); } catch {}
+    if (!mcpToken) return;
+
+    for (const f of claimed) {
+      await drainClaimFile(f, mcpPort, mcpToken);
+    }
+  } finally {
+    releaseDrainLock();
   }
 }
 
@@ -2058,7 +2207,7 @@ export async function readStdin(): Promise<string> {
 
 /** Cursor stores transcripts under ~/.cursor/projects/{slug}/agent-transcripts/ */
 export function cursorProjectSlug(workspaceRoot: string): string {
-  return workspaceRoot.replace(/^/+/, '').replace(/[^a-zA-Z0-9]+/g, '-').replace(/^-+|-+$/g, '');
+  return workspaceRoot.replace(new RegExp('^[/]+'), '').replace(/[^a-zA-Z0-9]+/g, '-').replace(/^-+|-+$/g, '');
 }
 
 /** Resolve transcript JSONL \u2014 payload field, CURSOR_TRANSCRIPT_PATH, or Cursor agent-transcripts dir. */
@@ -2708,7 +2857,7 @@ export function emitUsageTick(params: {
   }
   appendLocalTelemetry({
     capture_type: 'usage_tick',
-    event_id: 'usage_' + Date.now() + '_' + process.pid,
+    event_id: mintEventId('usage'),
     hook_type: hookType,
     verdict: 'allow',
     severity: 'none',
@@ -2816,6 +2965,38 @@ export function dispatchFinding(
   shipCloud(jwt, '/api/v1/hook/finding', cloudBody);
 }
 
+export function dispatchScanResult(
+  jwt: string,
+  scan: {
+    session_id: string;
+    file_path: string;
+    scan_type: 'cve' | 'cwe' | 'pkg';
+    result: 'pass' | 'block' | 'error';
+    finding_count: number;
+    finding_ids?: string[];
+    severity?: string;
+    repo?: string;
+  },
+): void {
+  const localEntry: Record<string, any> = {
+    capture_type: 'scan_result',
+    event_id: 'scan_' + Date.now() + '_' + process.pid,
+    _ts: new Date().toISOString(),
+    ...scan,
+  };
+  appendLocalTelemetry(localEntry);
+  shipCloud(jwt, '/api/v1/hook/scan-result', {
+    scan_type: scan.scan_type,
+    result: scan.result,
+    finding_count: scan.finding_count,
+    finding_ids: scan.finding_ids,
+    severity: scan.severity,
+    session_id: scan.session_id,
+    file_path: scan.file_path,
+    repo: scan.repo,
+  });
+}
+
 // \u2500\u2500\u2500 Hook tool-name sets (CC + Cursor) \u2500\u2500\u2500
 
 export const EDIT_TOOL_NAMES = new Set([
@@ -3194,7 +3375,8 @@ main();
 import {
   loadJwt, ensureFreshJwt, detectRepo, loadConfig, cweRoute, tag,
   localGradeCwe, parseVerdict, reconstructContent, readStdin, log,
-  outputJson, outputEmpty, setupCursorHookSignals, isEditTool, hookSessionId, filePathFromToolInput, emitBlockScanFindings, dispatchFinding, dispatchCapture, GATEWAY_URL,
+  outputJson, outputEmpty, setupCursorHookSignals, isEditTool, isShellTool, isCursorHookFormat,
+  extractShellCodeWrites, hookSessionId, filePathFromToolInput, emitBlockScanFindings, dispatchFinding, dispatchCapture, GATEWAY_URL,
   logGraderUnavailable, resolveTranscriptPath,
 } from './_synkro-common.ts';
 import { basename, extname, resolve, join, dirname } from 'node:path';
@@ -3215,6 +3397,22 @@ interface PackageCapability {
   sourceExcerpt: string;
 }
 
+const NON_CODE_EXTS = new Set([
+  '.md', '.mdx', '.txt', '.rst', '.adoc', '.org',
+  '.log', '.csv', '.tsv', '.html', '.htm',
+  '.lock', '.gitignore', '.dockerignore', '.npmignore',
+  '.svg', '.png', '.jpg', '.jpeg', '.gif', '.webp', '.ico', '.pdf',
+  '.woff', '.woff2', '.ttf', '.otf',
+]);
+
+interface CweScanTarget {
+  filePath: string;
+  cweContent: string;
+  cweDiffSection: string;
+  toolName: string;
+  toolInput: any;
+}
+
 const JS_DANGEROUS_MODULES = new Set([
   'child_process', 'net', 'dgram', 'http', 'https', 'fs', 'vm',
   'worker_threads', 'cluster', 'dns', 'tls', 'crypto',
@@ -3322,69 +3520,90 @@ async function main() {
 
     const payload = JSON.parse(input);
     const toolName = payload.tool_name || '';
-    if (!isEditTool(toolName)) {
-      outputEmpty();
-      return;
-    }
-
     const toolInput = payload.tool_input || {};
     const sessionId = hookSessionId(payload);
     const workspaceRoots = Array.isArray(payload.workspace_roots) ? payload.workspace_roots as string[] : [];
     const cwd = payload.cwd || workspaceRoots[0] || '';
     const transcriptPath = resolveTranscriptPath(payload);
-
-    const filePath = filePathFromToolInput(toolInput);
-    if (!filePath) { outputEmpty(); return; }
-    const gitRepo = detectRepo(cwd, transcriptPath, filePath, workspaceRoots);
+    const shellCommand = typeof payload.command === 'string' ? payload.command.trim() : '';
     const ccModel = detectModel(payload);
 
-    if (filePath.includes('/.synkro/hooks/')) { outputEmpty(); return; }
+    const targets: CweScanTarget[] = [];
+
+    if (isCursorHookFormat() && (shellCommand || isShellTool(toolName))) {
+      const cmd = shellCommand || String(toolInput.command || '');
+      if (!cmd) { outputEmpty(); return; }
+      for (const w of extractShellCodeWrites(cmd, cwd)) {
+        if (w.filePath.includes('/.synkro/hooks/')) continue;
+        const ext = extname(w.filePath).toLowerCase();
+        if (NON_CODE_EXTS.has(ext)) continue;
+        targets.push({
+          filePath: w.filePath,
+          cweContent: w.content,
+          cweDiffSection: '',
+          toolName: toolName || 'Shell',
+          toolInput: {},
+        });
+      }
+      if (targets.length === 0) { outputEmpty(); return; }
+    } else if (isEditTool(toolName)) {
+      const filePath = filePathFromToolInput(toolInput);
+      if (!filePath) { outputEmpty(); return; }
+      if (filePath.includes('/.synkro/hooks/')) { outputEmpty(); return; }
+      const fileExt = extname(filePath).toLowerCase();
+      if (NON_CODE_EXTS.has(fileExt)) { outputEmpty(); return; }
+
+      const proposed = reconstructContent(toolName, toolInput, filePath, cwd);
+      if (!proposed) { outputEmpty(); return; }
+
+      let cweContent: string;
+      let cweDiffSection = '';
+      if (toolName === 'Edit' || toolName === 'MultiEdit' || toolName === 'edit_file' || toolName === 'reapply' || toolName === 'ApplyPatch' || toolName === 'apply_patch') {
+        const newStr = toolName === 'Edit' || toolName === 'edit_file' || toolName === 'reapply'
+          ? (toolInput.new_string || '')
+          : toolName === 'ApplyPatch' || toolName === 'apply_patch'
+            ? (toolInput.patch || toolInput.content || toolInput.code_edit || '')
+          : (Array.isArray(toolInput.edits) ? toolInput.edits.map((e: any) => e?.new_string || '').join('\n') : '');
+        cweDiffSection = newStr.slice(0, 4000);
+        const changeIdx = proposed.indexOf(newStr);
+        if (changeIdx >= 0 && proposed.length > 6000) {
+          const start = Math.max(0, changeIdx - 2000);
+          const end = Math.min(proposed.length, changeIdx + newStr.length + 2000);
+          cweContent = proposed.slice(start, end);
+        } else {
+          cweContent = proposed.slice(0, 6000);
+        }
+      } else {
+        cweContent = proposed.slice(0, 4000);
+      }
 
-    const fileShort = basename(filePath);
-    const fileExt = extname(filePath).toLowerCase();
-
-    // Skip prose / non-executable files — CWE scanning is for source code only.
-    // Without this guard, prose that *mentions* a CWE (plans, notes, READMEs)
-    // can trigger a false positive on the literal string.
-    const NON_CODE_EXTS = new Set([
-      '.md', '.mdx', '.txt', '.rst', '.adoc', '.org',
-      '.log', '.csv', '.tsv', '.html', '.htm',
-      '.lock', '.gitignore', '.dockerignore', '.npmignore',
-      '.svg', '.png', '.jpg', '.jpeg', '.gif', '.webp', '.ico', '.pdf',
-      '.woff', '.woff2', '.ttf', '.otf',
-    ]);
-    if (NON_CODE_EXTS.has(fileExt)) { outputEmpty(); return; }
+      targets.push({ filePath, cweContent, cweDiffSection, toolName, toolInput });
+    } else {
+      outputEmpty();
+      return;
+    }
 
     let jwt = loadJwt();
     if (!jwt) { outputEmpty(); return; }
     jwt = await ensureFreshJwt(jwt);
 
-    const proposed = reconstructContent(toolName, toolInput, filePath, cwd);
-    if (!proposed) { outputEmpty(); return; }
+    const config = await loadConfig(jwt);
+    const rt = await cweRoute(config);
 
-    let cweContent: string;
-    let cweDiffSection = '';
-    if (toolName === 'Edit' || toolName === 'MultiEdit' || toolName === 'edit_file' || toolName === 'reapply' || toolName === 'ApplyPatch' || toolName === 'apply_patch') {
-      const newStr = toolName === 'Edit' || toolName === 'edit_file' || toolName === 'reapply'
-        ? (toolInput.new_string || '')
-        : toolName === 'ApplyPatch' || toolName === 'apply_patch'
-          ? (toolInput.patch || toolInput.content || toolInput.code_edit || '')
-        : (Array.isArray(toolInput.edits) ? toolInput.edits.map((e: any) => e?.new_string || '').join('\n') : '');
-      cweDiffSection = newStr.slice(0, 4000);
-      const changeIdx = proposed.indexOf(newStr);
-      if (changeIdx >= 0 && proposed.length > 6000) {
-        const start = Math.max(0, changeIdx - 2000);
-        const end = Math.min(proposed.length, changeIdx + newStr.length + 2000);
-        cweContent = proposed.slice(start, end);
-      } else {
-        cweContent = proposed.slice(0, 6000);
-      }
-    } else {
-      cweContent = proposed.slice(0, 4000);
+    if (config.silent) {
+      outputJson({ systemMessage: '[synkro:' + rt + ':cweScan] skipped (silent mode)' });
+      return;
     }
 
-    const config = await loadConfig(jwt);
-    const rt = await cweRoute(config);
+    for (const scan of targets) {
+      const filePath = scan.filePath;
+      const cweContent = scan.cweContent;
+      const cweDiffSection = scan.cweDiffSection;
+      const scanToolName = scan.toolName;
+      const scanToolInput = scan.toolInput;
+      const gitRepo = detectRepo(cwd, transcriptPath, filePath, workspaceRoots);
+      const fileShort = basename(filePath);
+      const fileExt = extname(filePath).toLowerCase();
 
     const exemptedCwes = new Set<string>();
     for (const ex of config.scanExemptions) {
@@ -3392,12 +3611,120 @@ async function main() {
         exemptedCwes.add(ex.cwe_id.toUpperCase());
       }
     }
-    if (config.silent) {
-      outputJson({ systemMessage: '[synkro:' + rt + ':cweScan] ' + fileShort + ' \u2192 skipped (silent mode)' });
+
+    const cweTag = '[synkro:' + rt + ':cweScan]';
+
+    if (rt === 'skip') {
+      outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \u2192 local CWE grader unavailable, skipped' });
       return;
     }
 
-    const cweTag = '[synkro:' + rt + ':cweScan]';
+    if (rt === 'byok') {
+      let packageContext: PackageCapability[] | undefined;
+      if (cwd) {
+        const newImports = detectNewImports(scanToolName, scanToolInput, fileExt);
+        if (newImports.length > 0) {
+          const caps = newImports
+            .slice(0, 5)
+            .map(pkg => scanPackageCapabilities(pkg, cwd))
+            .filter((c): c is PackageCapability => c !== null);
+          if (caps.length > 0) packageContext = caps;
+        }
+      }
+      const scanBody: any = { file_path: filePath, content: cweContent };
+      if (packageContext) {
+        scanBody.package_context = packageContext.map(c => ({
+          name: c.name, description: c.description, capabilities: c.capabilities, source_excerpt: c.sourceExcerpt,
+        }));
+      }
+
+      let cweResp: any;
+      try {
+        const resp = await fetch(GATEWAY_URL + '/api/v1/cwe-scan', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
+          body: JSON.stringify(scanBody),
+          signal: AbortSignal.timeout(12000),
+        });
+        if (!resp.ok) {
+          outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \u2192 cloud CWE scan failed (HTTP ' + resp.status + '), skipped' });
+          return;
+        }
+        cweResp = await resp.json();
+      } catch {
+        outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \u2192 cloud CWE scan timeout, skipped' });
+        return;
+      }
+
+      const findings = Array.isArray(cweResp?.findings) ? cweResp.findings : [];
+      if (cweResp?.action === 'deny' && findings.length > 0) {
+        const activeCweIds = findings
+          .filter((f: any) => f.mode === 'blocking' || f.mode === 'ask')
+          .map((f: any) => f.cwe)
+          .filter((id: string) => !exemptedCwes.has(id.toUpperCase()));
+
+        if (activeCweIds.length === 0) {
+          continue;
+        }
+
+        const displayIds = activeCweIds.slice(0, 3).join(', ');
+        const count = activeCweIds.length;
+        const label = count === 1 ? 'match' : 'matches';
+        const cweMsg = cweTag + ' ' + fileShort + ' \u2192 ' + count + ' CWE ' + label + ' (' + displayIds + ')';
+
+        const fixLines = findings
+          .filter((f: any) => activeCweIds.includes(f.cwe) && f.suggested_fix)
+          .map((f: any) => '[' + f.cwe + '] Fix: ' + f.suggested_fix);
+        const fixHint = fixLines.length > 0 ? '\n' + fixLines.join('\n') : '';
+        const denyDetail = '[' + displayIds + '] ' + (findings[0]?.reason || 'code weakness detected');
+        const ctx = 'CWE: ' + denyDetail + fixHint + '\nFix all issues before retrying. Do NOT ask the user to make the edit manually \u2014 resolve the weakness in code yourself.';
+
+        emitBlockScanFindings(
+          jwt,
+          config.captureDepth,
+          { session_id: sessionId, file_path: filePath, repo: gitRepo || undefined },
+          activeCweIds.map((cweId) => {
+            const f = findings.find((x: any) => x.cwe === cweId);
+            return {
+              finding_type: 'cwe' as const,
+              finding_id: cweId,
+              severity: f?.severity || 'high',
+              detail: f?.reason || 'code weakness detected',
+              cwe_name: f?.name || undefined,
+            };
+          }),
+          {
+            finding_type: 'cwe',
+            finding_id: activeCweIds[0] || 'CWE-UNKNOWN',
+            severity: findings[0]?.severity || 'high',
+            detail: denyDetail,
+          },
+        );
+
+        dispatchCapture(jwt, 'cwe', 'block', findings[0]?.severity || 'high', 'security',
+          scanToolName, gitRepo, sessionId, config.captureDepth, {
+            command: (isShellTool(scanToolName) ? 'shell write ' : 'edit ') + filePath,
+            reasoning: denyDetail,
+            violatedRules: activeCweIds,
+            ccModel,
+          });
+
+        outputJson({
+          systemMessage: cweMsg,
+          hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: ctx, additionalContext: ctx },
+        });
+        return;
+      }
+
+      dispatchFinding(jwt, {
+        session_id: sessionId,
+        file_path: filePath,
+        finding_type: 'cwe',
+        finding_id: 'pass',
+        status: 'resolved',
+      }, config.captureDepth);
+      continue;
+    }
 
     if (rt === 'local') {
       let cweRules: any[] = [];
@@ -3431,7 +3758,7 @@ async function main() {
 
       let localPkgContext = '';
       if (cwd) {
-        const newImports = detectNewImports(toolName, toolInput, fileExt);
+        const newImports = detectNewImports(scanToolName, scanToolInput, fileExt);
         const caps = newImports.slice(0, 5)
           .map(pkg => scanPackageCapabilities(pkg, cwd))
           .filter((c): c is PackageCapability => c !== null);
@@ -3526,8 +3853,7 @@ async function main() {
         const activeCweIds = cweIds.filter(id => !exemptedCwes.has(id.toUpperCase()));
 
         if (activeCweIds.length === 0) {
-          outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \u2192 clean (exempted: ' + cweIds.join(', ') + ')' });
-          return;
+          continue;
         }
 
         const cweNameMap = new Map<string, string>();
@@ -3566,8 +3892,8 @@ async function main() {
         );
 
         dispatchCapture(jwt, 'cwe', 'block', verdict.severity || 'high', verdict.category || 'security',
-          toolName, gitRepo, sessionId, config.captureDepth, {
-            command: 'edit ' + filePath,
+          scanToolName, gitRepo, sessionId, config.captureDepth, {
+            command: (isShellTool(scanToolName) ? 'shell write ' : 'edit ') + filePath,
             reasoning: denyDetail,
             violatedRules: activeCweIds,
             ccModel,
@@ -3587,114 +3913,11 @@ async function main() {
         finding_id: 'pass',
         status: 'resolved',
       }, config.captureDepth);
-
-      const cleanMsg = cweTag + ' ' + fileShort + ' \u2192 clean' + (verdict.reason ? ' (' + verdict.reason + ')' : '');
-      outputJson({ systemMessage: cleanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: cleanMsg } });
-      return;
+      continue;
     }
-
-    // Cloud path \u2014 thin client, all grading logic server-side
-    // Detect imports and scan capabilities for cloud grading
-      let packageContext: PackageCapability[] | undefined;
-      if (cwd) {
-        const newImports = detectNewImports(toolName, toolInput, fileExt);
-        if (newImports.length > 0) {
-          const caps = newImports
-            .slice(0, 5)
-            .map(pkg => scanPackageCapabilities(pkg, cwd))
-            .filter((c): c is PackageCapability => c !== null);
-          if (caps.length > 0) packageContext = caps;
-        }
-      }
-      const scanBody: any = { file_path: filePath, content: cweContent };
-      if (packageContext) scanBody.package_context = packageContext.map(c => ({
-        name: c.name, description: c.description, capabilities: c.capabilities, source_excerpt: c.sourceExcerpt,
-      }));
-    let cweResp: any;
-    try {
-      const resp = await fetch(GATEWAY_URL + '/api/v1/cwe-scan', {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + jwt },
-        body: JSON.stringify(scanBody),
-        signal: AbortSignal.timeout(12000),
-      });
-      cweResp = await resp.json();
-    } catch {
-      outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \u2192 cloud grader timeout, skipped' });
-      return;
-    }
-
-    const findings = Array.isArray(cweResp?.findings) ? cweResp.findings : [];
-    if (cweResp?.action === 'deny' && findings.length > 0) {
-      const activeCweIds = findings
-        .filter((f: any) => f.mode === 'blocking' || f.mode === 'ask')
-        .map((f: any) => f.cwe)
-        .filter((id: string) => !exemptedCwes.has(id.toUpperCase()));
-
-      if (activeCweIds.length === 0) {
-        outputJson({ systemMessage: cweTag + ' ' + fileShort + ' \u2192 clean (exempted)' });
-        return;
-      }
-
-      const displayIds = activeCweIds.slice(0, 3).join(', ');
-      const count = activeCweIds.length;
-      const label = count === 1 ? 'match' : 'matches';
-      const cweMsg = cweTag + ' ' + fileShort + ' \u2192 ' + count + ' CWE ' + label + ' (' + displayIds + ')';
-
-      const fixLines = findings
-        .filter((f: any) => activeCweIds.includes(f.cwe) && f.suggested_fix)
-        .map((f: any) => '[' + f.cwe + '] Fix: ' + f.suggested_fix);
-      const fixHint = fixLines.length > 0 ? '\n' + fixLines.join('\n') : '';
-      const denyDetail = '[' + displayIds + '] ' + (findings[0]?.reason || 'code weakness detected');
-      const ctx = 'CWE: ' + denyDetail + fixHint + '\nFix all issues before retrying. Do NOT ask the user to make the edit manually \u2014 resolve the weakness in code yourself.';
-
-      emitBlockScanFindings(
-        jwt,
-        config.captureDepth,
-        { session_id: sessionId, file_path: filePath, repo: gitRepo || undefined },
-        activeCweIds.map((cweId) => {
-          const f = findings.find((x: any) => x.cwe === cweId);
-          return {
-            finding_type: 'cwe' as const,
-            finding_id: cweId,
-            severity: f?.severity || 'high',
-            detail: f?.reason || 'code weakness detected',
-            cwe_name: f?.name || undefined,
-          };
-        }),
-        {
-          finding_type: 'cwe',
-          finding_id: activeCweIds[0] || 'CWE-UNKNOWN',
-          severity: findings[0]?.severity || 'high',
-          detail: denyDetail,
-        },
-      );
-
-      dispatchCapture(jwt, 'cwe', 'block', findings[0]?.severity || 'high', 'security',
-        toolName, gitRepo, sessionId, config.captureDepth, {
-          command: 'edit ' + filePath,
-          reasoning: denyDetail,
-          violatedRules: activeCweIds,
-          ccModel,
-        });
-
-      outputJson({
-        systemMessage: cweMsg,
-        hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: ctx, additionalContext: ctx },
-      });
-      return;
     }
 
-    dispatchFinding(jwt, {
-      session_id: sessionId,
-      file_path: filePath,
-      finding_type: 'cwe',
-      finding_id: 'pass',
-      status: 'resolved',
-    }, config.captureDepth);
-
-    const cleanMsg = cweTag + ' ' + fileShort + ' \u2192 clean' + (cweResp?.summary ? ' (cloud)' : '');
-    outputJson({ systemMessage: cleanMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: cleanMsg } });
+    outputEmpty();
   } catch (err) {
     log('cweGuard error: ' + String(err));
     outputEmpty();
@@ -3707,7 +3930,7 @@ main();
 import {
   loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag,
   reconstructContent, readStdin, findNearestDeps, filePathFromToolInput, log,
-  outputJson, outputEmpty, setupCursorHookSignals, isEditTool, hookSessionId, dispatchFinding, dispatchCapture, extractTranscript, emitBlockScanFindings, resolveTranscriptPath, GATEWAY_URL,
+  outputJson, outputEmpty, setupCursorHookSignals, isEditTool, hookSessionId, dispatchFinding, dispatchCapture, dispatchScanResult, extractTranscript, emitBlockScanFindings, resolveTranscriptPath, GATEWAY_URL,
 } from './_synkro-common.ts';
 import { basename } from 'node:path';
 import { readFileSync } from 'node:fs';
@@ -3858,6 +4081,12 @@ async function main() {
                 violatedRules: violatedIds,
                 ccModel,
               });
+            dispatchScanResult(jwt, {
+              session_id: sessionId, file_path: filePath, scan_type: 'pkg',
+              result: 'block', finding_count: violatedIds.length,
+              finding_ids: violatedIds, severity: 'critical',
+              repo: gitRepo || undefined,
+            });
             const tagStr = '[synkro:' + rt + ':pkgScan]';
             const denyReason = tagStr + ' BLOCKED: ' + summary + '\\nDo not write this version. Pick a fixed/safe version instead.';
             outputJson({
@@ -3942,6 +4171,12 @@ async function main() {
           reasoning: top3,
           violatedRules: cveIds,
         });
+      dispatchScanResult(jwt, {
+        session_id: sessionId, file_path: filePath, scan_type: 'cve',
+        result: 'block', finding_count: findings.length,
+        finding_ids: cveIds, severity: 'critical',
+        repo: gitRepo || undefined,
+      });
 
       outputJson({
         systemMessage: cveMsg,
@@ -3950,6 +4185,11 @@ async function main() {
       return;
     }
 
+    dispatchScanResult(jwt, {
+      session_id: sessionId, file_path: filePath, scan_type: 'cve',
+      result: 'pass', finding_count: 0,
+      repo: gitRepo || undefined,
+    });
     outputJson({ systemMessage: cveTag + ' ' + fileShort + ' \u2192 clean' });
   } catch (err) {
     log('cveGuard error: ' + String(err));
@@ -3962,7 +4202,7 @@ main();
     INSTALL_SCAN_TS = `#!/usr/bin/env bun
 import {
   loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag,
-  readStdin, runInstallScan, emitBlockScanFindings, dispatchCapture, hashCommand,
+  readStdin, runInstallScan, emitBlockScanFindings, dispatchCapture, dispatchScanResult, hashCommand,
   outputJson, outputEmpty, setupCursorHookSignals, isShellTool, hookSessionId, log, GATEWAY_URL,
   resolveTranscriptPath, isCursorHookFormat,
 } from './_synkro-common.ts';
@@ -4045,6 +4285,12 @@ async function main() {
           violatedRules: scan.violatedIds,
           ccModel: model || undefined,
         });
+      dispatchScanResult(jwt, {
+        session_id: sessionId, file_path: command, scan_type: 'pkg',
+        result: 'block', finding_count: scan.violatedIds?.length || 1,
+        finding_ids: scan.violatedIds, severity: 'critical',
+        repo: repo || undefined,
+      });
       const denyReason = '[synkro:installScan] BLOCKED: ' + scan.summary + '\\nDo not retry this install. Suggest a safe version to the user instead.';
       outputJson({
         systemMessage: denyReason,
@@ -5339,10 +5585,10 @@ import {
   loadJwt, ensureFreshJwt, detectRepo, readStdin, resolveTranscriptPath,
   appendSessionAction, appendLocalTelemetry, shipCloud, log, GATEWAY_URL,
   countEditLineDelta, dispatchCapture, hookSessionId, cursorModelFromPayload,
+  isLocalStorageMode,
 } from './_synkro-common.ts';
 import { existsSync, readFileSync } from 'node:fs';
 import { basename, dirname, join } from 'node:path';
-import { homedir } from 'node:os';
 
 let hookDone = false;
 
@@ -5391,16 +5637,8 @@ async function main() {
     if (!jwt) finish();
     jwt = await ensureFreshJwt(jwt);
 
-    let fileContent = '';
-    const fullPath = filePath.startsWith('/') ? filePath : (cwd ? join(cwd, filePath) : filePath);
-    try {
-      if (existsSync(fullPath)) {
-        const buf = readFileSync(fullPath);
-        fileContent = buf.slice(0, 50000).toString('utf-8');
-      }
-    } catch {}
-
     let dependencies: Record<string, string> = {};
+    const fullPath = filePath.startsWith('/') ? filePath : (cwd ? join(cwd, filePath) : filePath);
     let pkgDir = cwd || dirname(fullPath);
     while (pkgDir !== '/' && pkgDir !== '.') {
       const pkgPath = join(pkgDir, 'package.json');
@@ -5416,20 +5654,39 @@ async function main() {
       pkgDir = parent;
     }
 
-    const captureBody: Record<string, any> = {
+    const localSpoolBody: Record<string, any> = {
       capture_type: 'edit_scan',
-      tool_input: { file_path: filePath, content: fileContent },
+      tool_input: { file_path: filePath, lines_added: linesAdded, lines_removed: linesRemoved },
       edit_verdict: { ok: true },
       dependencies,
       cc_model: model,
       model,
     };
-    if (sessionId) captureBody.session_id = sessionId;
-    if (cwd) captureBody.cwd = cwd;
-    if (repo) captureBody.repo = repo;
+    if (sessionId) localSpoolBody.session_id = sessionId;
+    if (cwd) localSpoolBody.cwd = cwd;
+    if (repo) localSpoolBody.repo = repo;
+    appendLocalTelemetry(localSpoolBody);
 
-    appendLocalTelemetry(captureBody);
-    shipCloud(jwt, '/api/v1/hook/capture', captureBody, 10000);
+    if (!isLocalStorageMode()) {
+      let fileContent = '';
+      try {
+        if (existsSync(fullPath)) {
+          fileContent = readFileSync(fullPath).slice(0, 50000).toString('utf-8');
+        }
+      } catch {}
+      const cloudBody: Record<string, any> = {
+        capture_type: 'edit_scan',
+        tool_input: { file_path: filePath, content: fileContent },
+        edit_verdict: { ok: true },
+        dependencies,
+        cc_model: model,
+        model,
+      };
+      if (sessionId) cloudBody.session_id = sessionId;
+      if (cwd) cloudBody.cwd = cwd;
+      if (repo) cloudBody.repo = repo;
+      shipCloud(jwt, '/api/v1/hook/capture', cloudBody, 10000);
+    }
 
     if (sessionId) {
       dispatchCapture(jwt, 'edit', 'pass', 'clean', 'trivial_edit', 'Edit', repo, sessionId, 'full', {
@@ -6032,12 +6289,13 @@ var init_githubSetup = __esm({
 });
 
 // cli/commands/repoConnect.ts
-import { execSync as execSync3 } from "child_process";
+import { execSync as execSync3, execFileSync } from "child_process";
+import { readdirSync } from "fs";
 import { createServer as createServer2 } from "http";
 import { createInterface } from "readline";
 function detectGitRepo() {
   try {
-    const remoteUrl = execSync3("git remote get-url origin", { encoding: "utf-8", timeout: 5e3 }).trim();
+    const remoteUrl = execSync3("git remote get-url origin", { encoding: "utf-8", timeout: 5e3, stdio: ["pipe", "pipe", "pipe"] }).trim();
     const sshMatch = remoteUrl.match(/^git@[^:]+:(.+?)(?:\.git)?$/);
     const httpMatch = remoteUrl.match(/^https?:\/\/[^/]+\/(.+?)(?:\.git)?$/);
     const match = sshMatch || httpMatch;
@@ -6048,6 +6306,33 @@ function detectGitRepo() {
     return null;
   }
 }
+function detectSubdirRepos() {
+  try {
+    const entries = readdirSync(".", { withFileTypes: true });
+    const repos = [];
+    for (const entry of entries) {
+      if (!entry.isDirectory() || entry.name.startsWith(".")) continue;
+      try {
+        const remoteUrl = execFileSync("git", ["-C", entry.name, "remote", "get-url", "origin"], {
+          encoding: "utf-8",
+          timeout: 5e3,
+          stdio: ["pipe", "pipe", "pipe"]
+        }).trim();
+        const sshMatch = remoteUrl.match(/^git@[^:]+:(.+?)(?:\.git)?$/);
+        const httpMatch = remoteUrl.match(/^https?:\/\/[^/]+\/(.+?)(?:\.git)?$/);
+        const match = sshMatch || httpMatch;
+        if (match) {
+          const fullName = match[1];
+          repos.push({ fullName, shortName: fullName.split("/").pop() || fullName });
+        }
+      } catch {
+      }
+    }
+    return repos;
+  } catch {
+    return [];
+  }
+}
 function ask(rl, question) {
   return new Promise((resolve3) => rl.question(question, resolve3));
 }
@@ -6149,6 +6434,7 @@ async function connectGithubAndSelectRepos() {
 }
 async function promptRepoConnection(opts) {
   const localRepo = detectGitRepo();
+  const subdirRepos = !localRepo ? detectSubdirRepos() : [];
   if (opts?.linkRepo && localRepo) {
     console.log("Connect repos to Synkro:\n");
     try {
@@ -6171,46 +6457,35 @@ async function promptRepoConnection(opts) {
   const rl = createInterface({ input: process.stdin, output: process.stdout });
   try {
     console.log("Connect repos to Synkro:\n");
-    const options = [];
-    if (localRepo) {
-      options.push(`Link this repo (${localRepo.fullName})`);
-    }
-    options.push("Connect GitHub to select repos");
-    options.push("Skip for now");
-    options.forEach((opt, i) => {
-      console.log(`  ${i + 1}. ${opt}`);
-    });
-    console.log();
-    const choice = await ask(rl, "  Choose (number): ");
-    const choiceNum = parseInt(choice.trim(), 10);
-    console.log();
-    rl.close();
-    const localIdx = localRepo ? 1 : -1;
-    const githubIdx = localRepo ? 2 : 1;
-    const skipIdx = localRepo ? 3 : 2;
-    if (choiceNum === localIdx && localRepo) {
+    let existingFullNames = /* @__PURE__ */ new Set();
+    if (subdirRepos.length > 0) {
       try {
         const existing = await listProjects();
-        const alreadyLinked = existing.some(
-          (p) => p.repos?.some((r) => r.full_name === localRepo.fullName)
+        existingFullNames = new Set(
+          existing.flatMap((p) => (p.repos || []).map((r) => r.full_name))
         );
-        if (!alreadyLinked) {
-          await createProject(localRepo.shortName, [{ full_name: localRepo.fullName }]);
-          console.log(`  \u2713 Created project "${localRepo.shortName}" linked to ${localRepo.fullName}`);
-        } else {
-          console.log(`  \u2713 ${localRepo.fullName} is already linked to a Synkro project.`);
-        }
-      } catch (err) {
-        console.warn(`  \u26A0 Could not link repo: ${err.message}`);
+      } catch {
       }
-    } else if (choiceNum === githubIdx) {
-      const selectedRepos = await connectGithubAndSelectRepos();
-      if (selectedRepos.length > 0) {
-        try {
-          const existing = await listProjects();
-          const existingFullNames = new Set(
-            existing.flatMap((p) => (p.repos || []).map((r) => r.full_name))
-          );
+    }
+    if (subdirRepos.length > 0) {
+      console.log(`  Found ${subdirRepos.length} repo(s) in this directory:
+`);
+      subdirRepos.forEach((r, i) => {
+        const linked = existingFullNames.has(r.fullName);
+        console.log(`    ${String(i + 1).padStart(3)}. ${r.fullName}${linked ? "  \u2713 linked" : ""}`);
+      });
+      const ghIdx = subdirRepos.length + 1;
+      const skipIdx = subdirRepos.length + 2;
+      console.log(`    ${String(ghIdx).padStart(3)}. Connect GitHub to select repos`);
+      console.log(`    ${String(skipIdx).padStart(3)}. Skip for now`);
+      console.log();
+      const selection = await ask(rl, "  Select repos to link (comma-separated numbers, e.g. 1,3): ");
+      const nums = selection.split(",").map((s) => parseInt(s.trim(), 10)).filter((n) => !isNaN(n));
+      console.log();
+      rl.close();
+      if (nums.includes(ghIdx)) {
+        const selectedRepos = await connectGithubAndSelectRepos();
+        if (selectedRepos.length > 0) {
           const newRepos = selectedRepos.filter((r) => !existingFullNames.has(r.full_name));
           if (newRepos.length === 0) {
             console.log("  \u2713 All selected repos are already linked.");
@@ -6219,14 +6494,83 @@ async function promptRepoConnection(opts) {
             await createProject(projectName, newRepos);
             console.log(`  \u2713 Linked ${newRepos.length} repo(s) to project "${projectName}"`);
           }
-        } catch (err) {
-          console.warn(`  \u26A0 Could not link repos: ${err.message}`);
+        }
+      } else if (nums.includes(skipIdx) || nums.length === 0) {
+        console.log("  Skipped. Run `synkro link` later to connect repos.");
+      } else {
+        const repoIndices = nums.map((n) => n - 1).filter((n) => n >= 0 && n < subdirRepos.length);
+        const toLink = repoIndices.map((i) => subdirRepos[i]).filter((r) => !existingFullNames.has(r.fullName));
+        if (toLink.length === 0) {
+          console.log("  \u2713 All selected repos are already linked.");
+        } else {
+          for (const repo of toLink) {
+            try {
+              await createProject(repo.shortName, [{ full_name: repo.fullName }]);
+              console.log(`  \u2713 Created project "${repo.shortName}" linked to ${repo.fullName}`);
+            } catch (err) {
+              console.warn(`  \u26A0 Could not link ${repo.fullName}: ${err.message}`);
+            }
+          }
         }
       }
-    } else if (choiceNum === skipIdx) {
-      console.log("  Skipped. Run `synkro link` later to connect repos.");
     } else {
-      console.log("  Invalid choice. Skipping repo connection.");
+      const options = [];
+      if (localRepo) {
+        options.push(`Link this repo (${localRepo.fullName})`);
+      }
+      options.push("Connect GitHub to select repos");
+      options.push("Skip for now");
+      options.forEach((opt, i) => {
+        console.log(`  ${i + 1}. ${opt}`);
+      });
+      console.log();
+      const choice = await ask(rl, "  Choose (number): ");
+      const choiceNum = parseInt(choice.trim(), 10);
+      console.log();
+      rl.close();
+      const localIdx = localRepo ? 1 : -1;
+      const githubIdx = localRepo ? 2 : 1;
+      const skipIdx = localRepo ? 3 : 2;
+      if (choiceNum === localIdx && localRepo) {
+        try {
+          const existing = await listProjects();
+          const alreadyLinked = existing.some(
+            (p) => p.repos?.some((r) => r.full_name === localRepo.fullName)
+          );
+          if (!alreadyLinked) {
+            await createProject(localRepo.shortName, [{ full_name: localRepo.fullName }]);
+            console.log(`  \u2713 Created project "${localRepo.shortName}" linked to ${localRepo.fullName}`);
+          } else {
+            console.log(`  \u2713 ${localRepo.fullName} is already linked to a Synkro project.`);
+          }
+        } catch (err) {
+          console.warn(`  \u26A0 Could not link repo: ${err.message}`);
+        }
+      } else if (choiceNum === githubIdx) {
+        const selectedRepos = await connectGithubAndSelectRepos();
+        if (selectedRepos.length > 0) {
+          try {
+            const existing = await listProjects();
+            const linkedNames = new Set(
+              existing.flatMap((p) => (p.repos || []).map((r) => r.full_name))
+            );
+            const newRepos = selectedRepos.filter((r) => !linkedNames.has(r.full_name));
+            if (newRepos.length === 0) {
+              console.log("  \u2713 All selected repos are already linked.");
+            } else {
+              const projectName = newRepos.length === 1 ? newRepos[0].full_name.split("/").pop() || "Project" : "Multi-Repo Project";
+              await createProject(projectName, newRepos);
+              console.log(`  \u2713 Linked ${newRepos.length} repo(s) to project "${projectName}"`);
+            }
+          } catch (err) {
+            console.warn(`  \u26A0 Could not link repos: ${err.message}`);
+          }
+        }
+      } else if (choiceNum === skipIdx) {
+        console.log("  Skipped. Run `synkro link` later to connect repos.");
+      } else {
+        console.log("  Invalid choice. Skipping repo connection.");
+      }
     }
   } catch {
     rl.close();
@@ -6477,7 +6821,7 @@ __export(dockerInstall_exports, {
   splitWorkers: () => splitWorkers,
   waitForContainerReady: () => waitForContainerReady
 });
-import { copyFileSync, existsSync as existsSync7, mkdirSync as mkdirSync7, readdirSync } from "fs";
+import { copyFileSync, existsSync as existsSync7, mkdirSync as mkdirSync7, readdirSync as readdirSync2 } from "fs";
 import { homedir as homedir6 } from "os";
 import { join as join6 } from "path";
 import { spawnSync as spawnSync2 } from "child_process";
@@ -6849,7 +7193,7 @@ async function dockerSafeStart() {
     return { ok: false, pgdataState: "no_container", error: "No synkro-server container found. Run `synkro install` first." };
   }
   const pgCheck = checkPgdata();
-  if (existsSync7(PGDATA_PATH) && readdirSync(PGDATA_PATH).length > 0) {
+  if (existsSync7(PGDATA_PATH) && readdirSync2(PGDATA_PATH).length > 0) {
     if (pgCheck.healthy) {
       console.log(`  pgdata: existing data found \u2014 ${pgCheck.details}`);
     } else {
@@ -6890,7 +7234,7 @@ async function dockerSafeRestart() {
 }
 function checkPgdata() {
   if (!existsSync7(PGDATA_PATH)) return { healthy: false, details: "pgdata directory does not exist" };
-  const entries = readdirSync(PGDATA_PATH);
+  const entries = readdirSync2(PGDATA_PATH);
   if (entries.length === 0) return { healthy: true, details: "empty (fresh start)" };
   const hasPidFile = entries.includes("postmaster.pid");
   const hasWalDir = entries.includes("pg_wal");
@@ -7299,7 +7643,7 @@ __export(install_exports, {
   installCommand: () => installCommand,
   parseArgs: () => parseArgs
 });
-import { existsSync as existsSync9, mkdirSync as mkdirSync8, writeFileSync as writeFileSync7, chmodSync as chmodSync2, readFileSync as readFileSync7, readdirSync as readdirSync2 } from "fs";
+import { existsSync as existsSync9, mkdirSync as mkdirSync8, writeFileSync as writeFileSync7, chmodSync as chmodSync2, readFileSync as readFileSync7, readdirSync as readdirSync3 } from "fs";
 import { homedir as homedir8 } from "os";
 import { join as join8 } from "path";
 import { execSync as execSync5, spawnSync as spawnSync3 } from "child_process";
@@ -7409,6 +7753,19 @@ async function promptStorageMode() {
     );
   });
 }
+async function promptTranscriptConsent() {
+  const rl = createInterface3({ input: process.stdin, output: process.stdout });
+  return new Promise((resolve3) => {
+    rl.question(
+      "Import and embed your Claude Code session history?\nThis indexes past sessions so Ask Synkro can answer questions\nabout your coding patterns and the dashboard shows full history. (Y/n) ",
+      (answer) => {
+        rl.close();
+        const trimmed = answer.trim().toLowerCase();
+        resolve3(trimmed === "" || trimmed === "y" || trimmed === "yes");
+      }
+    );
+  });
+}
 function ensureSynkroDir() {
   mkdirSync8(SYNKRO_DIR4, { recursive: true });
   mkdirSync8(HOOKS_DIR, { recursive: true });
@@ -7532,7 +7889,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.6.27")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.6.29")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
@@ -7603,7 +7960,7 @@ function collectLocalMetadata() {
   }
   try {
     const sessionsDir = join8(claudeDir, "sessions");
-    const files = readdirSync2(sessionsDir).filter((f) => f.endsWith(".json")).slice(-5);
+    const files = readdirSync3(sessionsDir).filter((f) => f.endsWith(".json")).slice(-5);
     for (const f of files) {
       const s = JSON.parse(readFileSync7(join8(sessionsDir, f), "utf-8"));
       if (s.version) {
@@ -7756,7 +8113,15 @@ async function installCommand(opts = {}) {
     } catch {
     }
   }
-  const transcriptConsent = false;
+  let transcriptConsent = true;
+  if (process.stdin.isTTY) {
+    transcriptConsent = await promptTranscriptConsent();
+    if (transcriptConsent) {
+      console.log("  \u2713 Session import enabled\n");
+    } else {
+      console.log("  \u2717 Session import skipped\n");
+    }
+  }
   let hasClaudeCode = false;
   let hasCursor = false;
   for (const agent of agents) {
@@ -7955,6 +8320,23 @@ async function installCommand(opts = {}) {
     const ready = await waitForContainerReady(6e4);
     if (ready) {
       console.log("  \u2713 container ready");
+      const mcpJwt = readFileSync7(join8(SYNKRO_DIR4, ".mcp-jwt"), "utf-8").trim();
+      try {
+        const ingestResp = await fetch(`http://127.0.0.1:${hostMcpPort}/api/ingest`, {
+          method: "POST",
+          headers: { "Content-Type": "application/json", Authorization: `Bearer ${mcpJwt}` },
+          body: JSON.stringify({ capture_type: "local_verdict", event_id: `healthcheck_${Date.now()}`, verdict: "pass", severity: "clean", hook_type: "install", tool_name: "healthcheck" }),
+          signal: AbortSignal.timeout(5e3)
+        });
+        if (ingestResp.ok) {
+          console.log("  \u2713 ingest endpoint verified");
+        } else {
+          console.warn(`  \u26A0 ingest endpoint returned ${ingestResp.status} \u2014 telemetry spool may not drain.`);
+          console.warn("    The .mcp-jwt token may not match the container. Try: synkro uninstall && synkro install");
+        }
+      } catch {
+        console.warn("  \u26A0 ingest endpoint unreachable \u2014 telemetry spool may not drain.");
+      }
     } else {
       console.error("  \u2717 container did not become healthy within 60s");
       console.error("    Run `docker logs synkro-server` to debug.");
@@ -7963,31 +8345,68 @@ async function installCommand(opts = {}) {
     console.log();
   }
   if (transcriptConsent) {
-    try {
-      const repo = detectGitRepo2();
-      if (repo) {
-        const ingested = await ingestSessionTranscripts(gatewayUrl, token, repo);
-        if (ingested > 0) {
-          console.log(`Indexed ${ingested} session insights from Claude Code history for ${repo}.`);
-          console.log("  This helps the safety judge understand your workflow.\n");
+    const repo = detectGitRepo2();
+    if (repo) {
+      if (storageMode === "local") {
+        try {
+          let mcpToken = "";
+          try {
+            mcpToken = readFileSync7(join8(SYNKRO_DIR4, ".mcp-jwt"), "utf-8").trim();
+          } catch {
+          }
+          if (mcpToken) {
+            const mcpPort = parseInt(process.env.SYNKRO_MCP_PORT || "18931", 10);
+            const result = await syncTranscriptsLocal(mcpPort, mcpToken, repo);
+            if (result.messages > 0) {
+              console.log(`  \u2713 Imported ${result.sessions} sessions (${result.messages} messages) into local store.`);
+              console.log("    Embeddings generated. Analyzing for rule suggestions...");
+              try {
+                const suggestResp = await fetch(`http://127.0.0.1:${mcpPort}/api/local/suggest-rules`, {
+                  method: "POST",
+                  headers: { "Content-Type": "application/json" },
+                  signal: AbortSignal.timeout(9e4)
+                });
+                if (suggestResp.ok) {
+                  const suggestResult = await suggestResp.json();
+                  if (suggestResult.suggested && suggestResult.suggested > 0) {
+                    console.log(`  \u2713 Generated ${suggestResult.suggested} rule suggestions from your session history.`);
+                    console.log('    Ask Claude: "show me suggested rules" to review them.\n');
+                  } else {
+                    console.log("    No rule suggestions generated yet \u2014 more session data needed.\n");
+                  }
+                }
+              } catch {
+                console.log("    Rule analysis will run automatically as more sessions are recorded.\n");
+              }
+            }
+          } else {
+            console.warn("  \u26A0 Session import skipped \u2014 container auth token not found.\n");
+          }
+        } catch (err) {
+          console.warn(`  \u26A0 Local session import failed: ${err.message}
+`);
         }
-      }
-    } catch (err) {
-      console.warn(`  \u26A0 Session indexing skipped: ${err.message}
+      } else {
+        try {
+          const ingested = await ingestSessionTranscripts(gatewayUrl, token, repo);
+          if (ingested > 0) {
+            console.log(`  \u2713 Indexed ${ingested} session insights from Claude Code history.`);
+          }
+        } catch (err) {
+          console.warn(`  \u26A0 Session indexing skipped: ${err.message}
 `);
-    }
-    try {
-      const repo = detectGitRepo2();
-      if (repo) {
-        const result = await syncTranscriptsBulk(gatewayUrl, token, repo);
-        if (result.messages > 0) {
-          console.log(`Synced ${result.sessions} sessions (${result.messages} messages) from Claude Code history.`);
-          console.log("  This data will be used to suggest guardrail rules.\n");
         }
-      }
-    } catch (err) {
-      console.warn(`  \u26A0 Transcript sync skipped: ${err.message}
+        try {
+          const result = await syncTranscriptsBulk(gatewayUrl, token, repo);
+          if (result.messages > 0) {
+            console.log(`  \u2713 Synced ${result.sessions} sessions (${result.messages} messages) to cloud.`);
+            console.log("    Embeddings use your configured inference provider.\n");
+          }
+        } catch (err) {
+          console.warn(`  \u26A0 Transcript sync skipped: ${err.message}
 `);
+        }
+      }
     }
   }
   if (ghToken) {
@@ -8019,7 +8438,7 @@ function getClaudeProjectsFolder() {
 }
 function extractSessionInsights(projectsDir) {
   const insights = [];
-  const files = readdirSync2(projectsDir).filter((f) => f.endsWith(".jsonl"));
+  const files = readdirSync3(projectsDir).filter((f) => f.endsWith(".jsonl"));
   for (const file of files) {
     const sessionId = file.replace(".jsonl", "");
     const filePath = join8(projectsDir, file);
@@ -8137,10 +8556,52 @@ function parseTranscriptFile(filePath) {
   }
   return messages;
 }
+async function syncTranscriptsLocal(mcpPort, mcpToken, repo) {
+  const projectsDir = getClaudeProjectsFolder();
+  if (!projectsDir) return { sessions: 0, messages: 0 };
+  const files = readdirSync3(projectsDir).filter((f) => f.endsWith(".jsonl"));
+  if (files.length === 0) return { sessions: 0, messages: 0 };
+  console.log(`  Found ${files.length} CC session transcripts, importing + embedding...`);
+  let totalSessions = 0;
+  let totalMessages = 0;
+  for (let i = 0; i < files.length; i++) {
+    const file = files[i];
+    const sessionId = file.replace(".jsonl", "");
+    const filePath = join8(projectsDir, file);
+    try {
+      const allMessages = parseTranscriptFile(filePath);
+      const messages = allMessages.length > 500 ? allMessages.slice(-500) : allMessages;
+      if (messages.length === 0) continue;
+      const resp = await fetch(`http://127.0.0.1:${mcpPort}/api/conversation-sync`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json", Authorization: `Bearer ${mcpToken}` },
+        body: JSON.stringify({ session_id: sessionId, repo, messages }),
+        signal: AbortSignal.timeout(15e3)
+      });
+      if (resp.ok) {
+        const result = await resp.json();
+        totalSessions++;
+        totalMessages += result.ingested ?? messages.length;
+      }
+    } catch {
+    }
+    if ((i + 1) % 10 === 0 || i === files.length - 1) {
+      process.stdout.write(`\r  Progress: ${i + 1}/${files.length} sessions (${totalMessages} messages embedded)   `);
+    }
+    try {
+      const content = readFileSync7(join8(projectsDir, file), "utf-8");
+      const lineCount = content.split("\n").filter(Boolean).length;
+      writeFileSync7(join8(OFFSETS_DIR, sessionId), String(lineCount), "utf-8");
+    } catch {
+    }
+  }
+  if (totalSessions > 0) process.stdout.write("\n");
+  return { sessions: totalSessions, messages: totalMessages };
+}
 async function syncTranscriptsBulk(gatewayUrl, token, repo) {
   const projectsDir = getClaudeProjectsFolder();
   if (!projectsDir) return { sessions: 0, messages: 0 };
-  const files = readdirSync2(projectsDir).filter((f) => f.endsWith(".jsonl"));
+  const files = readdirSync3(projectsDir).filter((f) => f.endsWith(".jsonl"));
   if (files.length === 0) return { sessions: 0, messages: 0 };
   console.log(`Found ${files.length} CC session transcripts, syncing...`);
   const maxMessagesPerSession = 500;
@@ -8751,7 +9212,7 @@ var disconnect_exports = {};
 __export(disconnect_exports, {
   disconnectCommand: () => disconnectCommand
 });
-import { existsSync as existsSync11, rmSync, readdirSync as readdirSync3 } from "fs";
+import { existsSync as existsSync11, rmSync, readdirSync as readdirSync4 } from "fs";
 import { homedir as homedir10 } from "os";
 import { join as join10 } from "path";
 import { spawnSync as spawnSync5 } from "child_process";
@@ -8834,7 +9295,7 @@ async function disconnectCommand(args2 = []) {
     } else {
       const keep = /* @__PURE__ */ new Set([join10(SYNKRO_DIR5, "pgdata"), join10(SYNKRO_DIR5, "pgdata-backups")]);
       const preserved = [];
-      for (const entry of readdirSync3(SYNKRO_DIR5)) {
+      for (const entry of readdirSync4(SYNKRO_DIR5)) {
         const full = join10(SYNKRO_DIR5, entry);
         if (keep.has(full)) {
           preserved.push(entry);
@@ -9140,7 +9601,7 @@ var init_grade = __esm({
 });
 
 // cli/local-cc/pueue.ts
-import { execFileSync, spawnSync as spawnSync6, spawn } from "child_process";
+import { execFileSync as execFileSync2, spawnSync as spawnSync6, spawn } from "child_process";
 import { homedir as homedir12 } from "os";
 import { join as join12 } from "path";
 import { connect as connect2 } from "net";
@@ -10200,7 +10661,7 @@ var args = process.argv.slice(2);
 var cmd = args[0] || "";
 var subArgs = args.slice(1);
 function printVersion() {
-  console.log("1.6.27");
+  console.log("1.6.29");
 }
 function printHelp2() {
   console.log(`Synkro CLI \u2014 runtime safety for AI coding agents