npm - @synkro-sh/cli - Versions diffs - 1.6.45 → 1.6.47 - Mend

@synkro-sh/cli 1.6.45 → 1.6.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/bootstrap.js CHANGED Viewed

@@ -804,7 +804,10 @@ synkro_post_with_retry() {
 });
 // cli/installer/hookScriptsTs.ts
-var SYNKRO_COMMON_TS, EDIT_PRECHECK_TS, CWE_PRECHECK_TS, CVE_PRECHECK_TS, INSTALL_SCAN_TS, BASH_JUDGE_TS, AGENT_JUDGE_TS, PLAN_JUDGE_TS, STOP_SUMMARY_TS, SESSION_START_TS, BASH_FOLLOWUP_TS, TRANSCRIPT_SYNC_TS, USER_PROMPT_SUBMIT_TS, CURSOR_BASH_JUDGE_TS, CURSOR_EDIT_CAPTURE_TS, CURSOR_AGENT_CAPTURE_TS;
+function stubHook(surface, optsLiteral) {
+  return "#!/usr/bin/env bun\nimport { runStub } from './_synkro-stub-common.ts';\nrunStub(" + JSON.stringify(surface) + ", " + optsLiteral + ");\n";
+}
+var SYNKRO_COMMON_TS, EDIT_PRECHECK_TS, CWE_PRECHECK_TS, CVE_PRECHECK_TS, INSTALL_SCAN_TS, BASH_JUDGE_TS, AGENT_JUDGE_TS, PLAN_JUDGE_TS, STOP_SUMMARY_TS, SESSION_START_TS, BASH_FOLLOWUP_TS, TRANSCRIPT_SYNC_TS, USER_PROMPT_SUBMIT_TS, CURSOR_BASH_JUDGE_TS, CURSOR_EDIT_CAPTURE_TS, CURSOR_AGENT_CAPTURE_TS, STUB_COMMON_TS, STUB_EDIT_PRECHECK_TS, STUB_CWE_PRECHECK_TS, STUB_CVE_PRECHECK_TS, STUB_BASH_JUDGE_TS, STUB_INSTALL_SCAN_TS, STUB_AGENT_JUDGE_TS, STUB_PLAN_JUDGE_TS, STUB_STOP_SUMMARY_TS, STUB_SESSION_START_TS, STUB_TRANSCRIPT_SYNC_TS, STUB_USER_PROMPT_SUBMIT_TS, STUB_BASH_FOLLOWUP_TS, STUB_CURSOR_BASH_JUDGE_TS, STUB_CURSOR_EDIT_CAPTURE_TS, STUB_CURSOR_AGENT_CAPTURE_TS;
 var init_hookScriptsTs = __esm({
   "cli/installer/hookScriptsTs.ts"() {
     "use strict";
@@ -1280,6 +1283,39 @@ export function effectiveGraderPool(synkroFile: SynkroFileConfig, hookAgentKind:
   return 'cursor';
 }
+// \u2500\u2500\u2500 .synkro presence (per-repo onboarding) \u2500\u2500\u2500
+// A repo is "onboarded" to Synkro when it has a .synkro file at its git root.
+// The hooks are installed globally, so they fire in every repo \u2014 including ones
+// the user never set up. Without a .synkro there, grading is SKIPPED gracefully
+// rather than attempting a grade that surfaces a confusing "grader unavailable"
+// error: the tool call passes through and we show a one-time hint pointing at
+// "synkro install".
+export function synkroFilePresent(cwd?: string): boolean {
+  try {
+    const root = cwd ? findGitRoot(cwd) : '';
+    if (!root) return false;
+    return existsSync(root + '/.synkro');
+  } catch { return false; }
+}
+const NO_SYNKRO_HINT_DIR = join(HOME, '.synkro', '.no-synkro-hint');
+// Returns the onboarding hint the FIRST time a session touches a repo with no
+// .synkro file, then null on subsequent calls so it doesn't repeat on every
+// tool call. Caller passes null straight through to outputEmpty().
+export function noSynkroSkipMessage(sessionId: string): string | null {
+  try {
+    mkdirSync(NO_SYNKRO_HINT_DIR, { recursive: true });
+    const key = (sessionId || 'nosession').replace(/[^a-zA-Z0-9_-]/g, '_');
+    const marker = join(NO_SYNKRO_HINT_DIR, key);
+    if (existsSync(marker)) return null;
+    writeFileSync(marker, '', { flag: 'w' });
+  } catch {
+    // best-effort dedup \u2014 if the marker can't be written, still show the hint
+  }
+  return '[synkro] No .synkro config in this repo \u2014 grading skipped. Run \`synkro install\` here to enable Synkro.';
+}
 // \u2500\u2500\u2500 Channel Health \u2500\u2500\u2500
 export async function channelUp(port = 18929): Promise<boolean> {
@@ -3355,7 +3391,7 @@ import {
   outputJson, outputEmpty, setupCursorHookSignals, installHookWatchdog, isEditTool, hookSessionId, GATEWAY_URL,
   logGraderUnavailable, graderUnavailableMessage, filterRules, ruleFilterText, normalizeMode, countEditLineDelta,
   captureLineMetrics, cursorModelFromPayload, resolveTranscriptPath, isCursorInvokingCcHook,
-  loadSynkroFile, effectiveGraderPool,
+  loadSynkroFile, effectiveGraderPool, synkroFilePresent, noSynkroSkipMessage,
   type HookConfig, type Rule,
 } from './_synkro-common.ts';
 import { existsSync, readFileSync } from 'node:fs';
@@ -3390,6 +3426,13 @@ async function main() {
     if (filePath.includes('/.synkro/hooks/')) { outputEmpty(); return; }
+    if (!synkroFilePresent(cwd)) {
+      const _skipMsg = noSynkroSkipMessage(sessionId);
+      if (_skipMsg) outputJson({ systemMessage: _skipMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: _skipMsg } });
+      else outputEmpty();
+      return;
+    }
     const fileShort = basename(filePath);
     log('editGuard checking: ' + fileShort);
@@ -3613,7 +3656,7 @@ import {
   outputJson, outputEmpty, setupCursorHookSignals, installHookWatchdog, isEditTool, isShellTool, isCursorHookFormat,
   extractShellCodeWrites, hookSessionId, filePathFromToolInput, emitBlockScanFindings, dispatchFinding, dispatchCapture, GATEWAY_URL,
   logGraderUnavailable, graderUnavailableMessage, resolveTranscriptPath, isCursorInvokingCcHook,
-  loadSynkroFile, effectiveGraderPool,
+  loadSynkroFile, effectiveGraderPool, synkroFilePresent, noSynkroSkipMessage,
 } from './_synkro-common.ts';
 import { basename, extname, resolve, join, dirname } from 'node:path';
 import { readFileSync, readdirSync, existsSync } from 'node:fs';
@@ -3767,6 +3810,13 @@ async function main() {
     if (isCursorInvokingCcHook(agentKind, ccModel)) { outputEmpty(); return; }
+    if (!synkroFilePresent(cwd)) {
+      const _skipMsg = noSynkroSkipMessage(sessionId);
+      if (_skipMsg) outputJson({ systemMessage: _skipMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: _skipMsg } });
+      else outputEmpty();
+      return;
+    }
     const targets: CweScanTarget[] = [];
     if (isCursorHookFormat() && (shellCommand || isShellTool(toolName))) {
@@ -4173,7 +4223,7 @@ import {
   loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag,
   reconstructContent, readStdin, findNearestDeps, filePathFromToolInput, log,
   outputJson, outputEmpty, setupCursorHookSignals, isEditTool, hookSessionId, dispatchFinding, dispatchCapture, dispatchScanResult, extractTranscript, emitBlockScanFindings, resolveTranscriptPath, GATEWAY_URL,
-  isCursorHookFormat,
+  isCursorHookFormat, synkroFilePresent, noSynkroSkipMessage,
 } from './_synkro-common.ts';
 import { basename } from 'node:path';
 import { readFileSync } from 'node:fs';
@@ -4219,6 +4269,13 @@ async function main() {
     if (filePath.includes('/.synkro/hooks/')) { outputEmpty(); return; }
+    if (!synkroFilePresent(cwd)) {
+      const _skipMsg = noSynkroSkipMessage(sessionId);
+      if (_skipMsg) outputJson({ systemMessage: _skipMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: _skipMsg } });
+      else outputEmpty();
+      return;
+    }
     const fileShort = basename(filePath);
     let jwt = loadJwt();
@@ -4455,7 +4512,7 @@ import {
   loadJwt, ensureFreshJwt, detectRepo, loadConfig, route, tag,
   readStdin, runInstallScan, emitBlockScanFindings, dispatchCapture, dispatchScanResult, hashCommand,
   outputJson, outputEmpty, setupCursorHookSignals, isShellTool, hookSessionId, log, GATEWAY_URL,
-  resolveTranscriptPath, isCursorHookFormat, loadSynkroFile, effectiveGraderPool,
+  resolveTranscriptPath, isCursorHookFormat, loadSynkroFile, effectiveGraderPool, synkroFilePresent, noSynkroSkipMessage,
 } from './_synkro-common.ts';
 import { writeFileSync, mkdirSync } from 'node:fs';
 import { join } from 'node:path';
@@ -4480,6 +4537,14 @@ async function main() {
     // beforeShellExecution supplies command directly; preToolUse uses tool_name + tool_input.
     if (!isShellTool(toolName) && typeof payload.command !== 'string') { outputEmpty(); return; }
+    const _cwd = payload.cwd || (Array.isArray(payload.workspace_roots) ? payload.workspace_roots[0] : '') || '';
+    if (!synkroFilePresent(_cwd)) {
+      const _skipMsg = noSynkroSkipMessage(hookSessionId(payload));
+      if (_skipMsg) outputJson({ systemMessage: _skipMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: _skipMsg } });
+      else outputEmpty();
+      return;
+    }
     let jwt = loadJwt();
     if (!jwt) { outputEmpty(); return; }
     jwt = await ensureFreshJwt(jwt);
@@ -4576,7 +4641,7 @@ import {
   extractTranscript, readLastPrompt, appendSessionAction, readSessionLog, compressSessionLog, log,
   outputJson, outputEmpty, setupCursorHookSignals, installHookWatchdog, isShellTool, hookSessionId, GATEWAY_URL,
   logGraderUnavailable, graderUnavailableMessage, filterRules, ruleFilterText, normalizeMode, appendLocalTelemetry, isSafeInRepoRead,
-  loadSynkroFile, effectiveGraderPool,
+  loadSynkroFile, effectiveGraderPool, synkroFilePresent, noSynkroSkipMessage,
   hashCommand, resolveTranscriptPath, isCursorHookFormat,
   type HookConfig, type Rule,
 } from './_synkro-common.ts';
@@ -4657,6 +4722,13 @@ async function main() {
     const gitRepo = detectRepo(cwd, transcriptPath, command, workspaceRoots);
+    if (!synkroFilePresent(cwd)) {
+      const _skipMsg = noSynkroSkipMessage(sessionId);
+      if (_skipMsg) outputJson({ systemMessage: _skipMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: _skipMsg } });
+      else outputEmpty();
+      return;
+    }
     if (isDuplicate(command, sessionId)) {
       log('bashGuard skip (dedup): ' + command.slice(0, 80));
       outputEmpty();
@@ -4874,7 +4946,7 @@ import {
   extractTranscript, readLastPrompt, appendSessionAction, readSessionLog, compressSessionLog, log,
   outputJson, outputEmpty, setupCursorHookSignals, installHookWatchdog, isAgentTool, hookSessionId, GATEWAY_URL,
   logGraderUnavailable, graderUnavailableMessage, filterRules, normalizeMode, resolveTranscriptPath, isCursorInvokingCcHook,
-  loadSynkroFile, effectiveGraderPool,
+  loadSynkroFile, effectiveGraderPool, synkroFilePresent, noSynkroSkipMessage,
   type HookConfig, type Rule,
 } from './_synkro-common.ts';
@@ -4905,6 +4977,13 @@ async function main() {
     const permissionMode = payload.permission_mode || '';
     const transcriptPath = resolveTranscriptPath(payload);
+    if (!synkroFilePresent(cwd)) {
+      const _skipMsg = noSynkroSkipMessage(sessionId);
+      if (_skipMsg) outputJson({ systemMessage: _skipMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: _skipMsg } });
+      else outputEmpty();
+      return;
+    }
     const prompt = toolInput.prompt || '';
     const description = toolInput.description || '';
     const subagentType = toolInput.subagent_type || 'general-purpose';
@@ -5062,7 +5141,7 @@ import {
   parseVerdict, dispatchCapture, appendSessionAction, readSessionLog, compressSessionLog, postWithRetry, readStdin, log,
   outputJson, outputEmpty, setupCursorHookSignals, installHookWatchdog, isPlanTool, hookSessionId, GATEWAY_URL,
   filterRules, graderUnavailableMessage, resolveTranscriptPath, isCursorInvokingCcHook,
-  loadSynkroFile, effectiveGraderPool,
+  loadSynkroFile, effectiveGraderPool, synkroFilePresent, noSynkroSkipMessage,
 } from './_synkro-common.ts';
 import { existsSync, readFileSync, writeFileSync, readdirSync, statSync } from 'node:fs';
 import { join } from 'node:path';
@@ -5135,6 +5214,13 @@ async function main() {
     const transcriptPath = resolveTranscriptPath(payload);
     const gitRepo = detectRepo(cwd, transcriptPath, plan, workspaceRoots);
+    if (!synkroFilePresent(cwd)) {
+      const _skipMsg = noSynkroSkipMessage(sessionId);
+      if (_skipMsg) outputJson({ systemMessage: _skipMsg, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: _skipMsg } });
+      else outputEmpty();
+      return;
+    }
     appendSessionAction(sessionId, { ts: new Date().toISOString(), tool: 'ExitPlanMode', summary: 'plan review: ' + plan.slice(0, 80) });
     const planShort = plan.slice(0, 80);
@@ -5249,7 +5335,7 @@ main();
 import {
   loadJwt, detectRepo, loadConfig, tag, readStdin, aggregateUsage, cleanupSessionLog,
   outputJson, outputEmpty, shipCloud, setupCursorHookSignals, hookSessionId, GATEWAY_URL,
-  resolveTranscriptPath, emitUsageTick, cursorModelFromPayload, log,
+  resolveTranscriptPath, emitUsageTick, cursorModelFromPayload, log, synkroFilePresent,
 } from './_synkro-common.ts';
 async function main() {
@@ -5264,6 +5350,7 @@ async function main() {
     const workspaceRoots = Array.isArray(payload.workspace_roots) ? payload.workspace_roots as string[] : [];
     const cwd = payload.cwd || workspaceRoots[0] || '';
+    if (!synkroFilePresent(cwd)) { outputEmpty(); return; }
     const transcriptPath = resolveTranscriptPath(payload);
     const gitRepo = detectRepo(cwd, transcriptPath, '', workspaceRoots);
     const modelFallback = cursorModelFromPayload(payload);
@@ -5317,7 +5404,7 @@ main();
 import {
   loadJwt, detectRepo, channelUp, tag, readStdin, writeCachedRepo,
   outputJson, outputEmpty, setupCursorHookSignals, hookSessionId, resolveTranscriptPath, GATEWAY_URL,
-  isLocalStorageMode, loadSynkroFile, log, type HookConfig,
+  isLocalStorageMode, loadSynkroFile, log, synkroFilePresent, type HookConfig,
 } from './_synkro-common.ts';
 async function main() {
@@ -5329,6 +5416,7 @@ async function main() {
     const payload = JSON.parse(input);
     const workspaceRoots = Array.isArray(payload.workspace_roots) ? payload.workspace_roots as string[] : [];
     const cwd = payload.cwd || workspaceRoots[0] || '';
+    if (!synkroFilePresent(cwd)) { outputEmpty(); return; }
     const transcriptPath = resolveTranscriptPath(payload);
     const sessionId = hookSessionId(payload);
     const gitRepo = detectRepo(cwd, transcriptPath, '', workspaceRoots);
@@ -5408,7 +5496,7 @@ main();
 import {
   loadJwt, loadConfig, readStdin, hashCommand, consentGrant, consentHasActive, consentConsume,
   appendSessionAction,
-  outputEmpty, appendLocalTelemetry, shipCloud, setupCursorHookSignals, isShellTool, hookSessionId, GATEWAY_URL,
+  outputEmpty, appendLocalTelemetry, shipCloud, setupCursorHookSignals, isShellTool, hookSessionId, GATEWAY_URL, synkroFilePresent,
 } from './_synkro-common.ts';
 async function main() {
@@ -5418,6 +5506,8 @@ async function main() {
     if (!input.trim()) { outputEmpty(); return; }
     const payload = JSON.parse(input);
+    const _cwd = payload.cwd || (Array.isArray(payload.workspace_roots) ? payload.workspace_roots[0] : '') || '';
+    if (!synkroFilePresent(_cwd)) { outputEmpty(); return; }
     const toolName = payload.tool_name || '';
     const shellCmd = typeof payload.command === 'string' ? payload.command : (payload.tool_input?.command || '');
     if (!isShellTool(toolName) && !shellCmd) { outputEmpty(); return; }
@@ -5472,7 +5562,7 @@ main();
 import {
   loadJwt, detectRepo, readStdin, aggregateUsage, appendLocalTelemetry,
   outputEmpty, setupCursorHookSignals, hookSessionId, GATEWAY_URL, readSessionLog, shipCloud,
-  resolveTranscriptPath, syncConversationTranscript, emitUsageTick, cursorModelFromPayload,
+  resolveTranscriptPath, syncConversationTranscript, emitUsageTick, cursorModelFromPayload, synkroFilePresent,
 } from './_synkro-common.ts';
 import { readFileSync } from 'node:fs';
@@ -5486,6 +5576,7 @@ async function main() {
     const sessionId = hookSessionId(payload);
     const workspaceRoots = Array.isArray(payload.workspace_roots) ? payload.workspace_roots as string[] : [];
     const cwd = payload.cwd || workspaceRoots[0] || '';
+    if (!synkroFilePresent(cwd)) { outputEmpty(); return; }
     const transcriptPath = resolveTranscriptPath(payload);
     if (!sessionId || !transcriptPath) {
@@ -5531,7 +5622,7 @@ async function main() {
 main();
 `;
     USER_PROMPT_SUBMIT_TS = `#!/usr/bin/env bun
-import { readStdin, appendLocalTelemetry, aggregateUsage, outputEmpty, setupCursorHookSignals, hookSessionId, detectRepo, resolveTranscriptPath, syncConversationTranscript, emitUsageTick, cursorModelFromPayload } from './_synkro-common.ts';
+import { readStdin, appendLocalTelemetry, aggregateUsage, outputEmpty, setupCursorHookSignals, hookSessionId, detectRepo, resolveTranscriptPath, syncConversationTranscript, emitUsageTick, cursorModelFromPayload, synkroFilePresent } from './_synkro-common.ts';
 import { writeFileSync, mkdirSync } from 'node:fs';
 import { join, dirname } from 'node:path';
 import { homedir } from 'node:os';
@@ -5542,7 +5633,12 @@ async function main() {
     const input = await readStdin();
     if (!input.trim()) { outputEmpty(); return; }
     const payload = JSON.parse(input);
-    const msg = payload.message || payload.prompt || payload.content || '';
+    const _cwd = typeof payload.cwd === 'string' ? payload.cwd
+      : (Array.isArray(payload.workspace_roots) && typeof payload.workspace_roots[0] === 'string' ? payload.workspace_roots[0] : '');
+    if (!synkroFilePresent(_cwd)) { outputEmpty(); return; }
+    const msg = typeof payload.message === 'string' ? payload.message
+      : typeof payload.prompt === 'string' ? payload.prompt
+      : typeof payload.content === 'string' ? payload.content : '';
     if (msg) {
       const promptFile = join(homedir(), '.synkro', '.last-prompt');
       mkdirSync(dirname(promptFile), { recursive: true, mode: 0o700 });
@@ -5581,7 +5677,7 @@ import {
   isSafeInRepoRead, resolveTranscriptPath, postWithRetry, readStdin, hashCommand,
   extractTranscript, readLastPrompt, readSessionLog, compressSessionLog,
   appendLocalTelemetry, logGraderUnavailable, graderUnavailableMessage, log, GATEWAY_URL,
-  loadSynkroFile, effectiveGraderPool,
+  loadSynkroFile, effectiveGraderPool, synkroFilePresent,
   type Rule,
 } from './_synkro-common.ts';
 import { createHash } from 'node:crypto';
@@ -5699,6 +5795,10 @@ async function main() {
     const model = rawModel ? (rawModel.startsWith('cursor/') ? rawModel : 'cursor/' + rawModel) : 'cursor';
     const repo = detectRepo(cwd, transcriptPath, command, workspaceRoots);
+    // No .synkro at the resolved repo root \u2192 Synkro is dormant here; allow
+    // without grading. Keyed off the validated detectRepo() root, not raw cwd.
+    if (!repo || !synkroFilePresent(repo)) finishAllow();
     const cmdShort = command.slice(0, 80);
     log('bashGuard checking: ' + cmdShort);
@@ -5882,7 +5982,7 @@ import {
   loadJwt, ensureFreshJwt, detectRepo, readStdin, resolveTranscriptPath,
   appendSessionAction, appendLocalTelemetry, shipCloud, log, GATEWAY_URL,
   countEditLineDelta, dispatchCapture, hookSessionId, cursorModelFromPayload,
-  isLocalStorageMode,
+  isLocalStorageMode, synkroFilePresent, isPathUnder,
 } from './_synkro-common.ts';
 import { existsSync, readFileSync } from 'node:fs';
 import { basename, dirname, join } from 'node:path';
@@ -5908,6 +6008,10 @@ async function main() {
     const filePath = String(payload.file_path || payload.path || payload.target_file || '');
     if (!filePath) finish();
+    // No .synkro at the resolved repo root \u2192 Synkro is dormant here; skip capture.
+    const _root = detectRepo((typeof payload.cwd === 'string' && payload.cwd) || dirname(filePath), '', filePath, []);
+    if (!_root || !isPathUnder(filePath, _root) || !synkroFilePresent(_root)) finish();
     const workspaceRoots = Array.isArray(payload.workspace_roots)
       ? (payload.workspace_roots as unknown[]).filter((r): r is string => typeof r === 'string')
       : [];
@@ -6010,7 +6114,7 @@ main().catch((e) => {
 /** Capture Cursor agent thinking/response text before transcript JSONL redacts it. */
 import {
   readStdin, outputEmpty, setupCursorHookSignals, hookSessionId, detectRepo,
-  appendThoughtOverlay, pushConversationMessage,
+  appendThoughtOverlay, pushConversationMessage, synkroFilePresent,
 } from './_synkro-common.ts';
 async function main() {
@@ -6030,6 +6134,7 @@ async function main() {
       ? payload.workspace_roots.filter((r): r is string => typeof r === 'string')
       : [];
     const cwd = (typeof payload.cwd === 'string' && payload.cwd) || workspaceRoots[0] || '';
+    if (!synkroFilePresent(cwd)) { outputEmpty(); return; }
     const gitRepo = detectRepo(cwd, '', '', workspaceRoots);
     if (event === 'afterAgentThought') {
@@ -6047,6 +6152,149 @@ async function main() {
 main();
 `;
+    STUB_COMMON_TS = String.raw`import { existsSync, readFileSync, mkdirSync, writeFileSync } from 'node:fs';
+import { execSync } from 'node:child_process';
+import { homedir } from 'node:os';
+import { join } from 'node:path';
+const HOME = homedir();
+const PORT = process.env.SYNKRO_MCP_PORT || '18931';
+function loadMcpJwt(): string {
+  try { return readFileSync(join(HOME, '.synkro', '.mcp-jwt'), 'utf-8').trim(); } catch { return ''; }
+}
+async function readStdin(): Promise<string> {
+  const chunks: Buffer[] = [];
+  for await (const chunk of process.stdin) chunks.push(Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk));
+  return Buffer.concat(chunks).toString('utf-8');
+}
+function isCursor(harnessOpt?: string): boolean {
+  return harnessOpt === 'cursor' || process.argv.includes('--cursor') || process.env.SYNKRO_HOOK_FORMAT === 'cursor';
+}
+function failOpen(harness: string): string {
+  return harness === 'cursor' ? '{"permission":"allow"}' : '{}';
+}
+function out(s: string): void { try { process.stdout.write(s + '\n'); } catch {} }
+function gitRoot(cwd: string): string {
+  if (!cwd) return '';
+  try {
+    return execSync('git rev-parse --show-toplevel', { cwd, timeout: 2000, encoding: 'utf-8', stdio: ['pipe', 'pipe', 'pipe'] }).trim();
+  } catch { return ''; }
+}
+// Once-per-session onboarding hint for repos with no .synkro file.
+function noSynkroHint(sessionId: string): string | null {
+  const dir = join(HOME, '.synkro', '.no-synkro-hint');
+  try {
+    mkdirSync(dir, { recursive: true });
+    const key = (sessionId || 'nosession').replace(/[^a-zA-Z0-9_-]/g, '_');
+    const marker = join(dir, key);
+    if (existsSync(marker)) return null;
+    writeFileSync(marker, '', { flag: 'w' });
+  } catch {}
+  return '[synkro] No .synkro config in this repo — grading skipped. Run synkro install here to enable Synkro.';
+}
+function filePathFromToolInput(ti: any): string {
+  if (!ti || typeof ti !== 'object') return '';
+  return ti.file_path || ti.notebook_path || ti.path || ti.target_file || '';
+}
+interface StubOpts {
+  needsFile?: boolean;
+  needsTranscript?: boolean;
+  // Ship the WHOLE transcript (not just the 200KB tail). Sync surfaces need it
+  // so the server can compute stable absolute message indices + total usage.
+  fullTranscript?: boolean;
+  needsPlan?: boolean;
+  telemetry?: boolean;
+  harness?: string;
+}
+export async function runStub(surface: string, opts: StubOpts = {}): Promise<void> {
+  const harness = isCursor(opts.harness) ? 'cursor' : 'cc';
+  try {
+    const input = await readStdin();
+    if (!input.trim()) { out(failOpen(harness)); return; }
+    const payload = JSON.parse(input);
+    const workspaceRoots = Array.isArray(payload.workspace_roots) ? payload.workspace_roots : [];
+    const cwd = (typeof payload.cwd === 'string' && payload.cwd) || workspaceRoots[0] || '';
+    const sessionId = String(payload.session_id || payload.conversation_id || '');
+    const root = gitRoot(cwd);
+    // Dormancy: a repo is onboarded only if it has a .synkro at its git root.
+    let synkroFileText = '';
+    if (root && existsSync(join(root, '.synkro'))) {
+      try { synkroFileText = readFileSync(join(root, '.synkro'), 'utf-8'); } catch {}
+    }
+    if (!synkroFileText) {
+      if (opts.telemetry) { out(failOpen(harness)); return; }
+      const hint = noSynkroHint(sessionId);
+      if (!hint) { out(failOpen(harness)); return; }
+      if (harness === 'cursor') out(JSON.stringify({ permission: 'allow', user_message: hint }));
+      else out(JSON.stringify({ systemMessage: hint, hookSpecificOutput: { hookEventName: 'PreToolUse', additionalContext: hint } }));
+      return;
+    }
+    // Gather host-only inputs the container can't read.
+    const envelope: any = { payload, harness, cwd: root || cwd, sessionId, synkroFileText };
+    if (opts.needsFile) {
+      const fp = filePathFromToolInput(payload.tool_input || {});
+      if (fp && existsSync(fp)) {
+        try { envelope.baseContent = readFileSync(fp, 'utf-8').slice(0, 65536); } catch {}
+      }
+    }
+    if (opts.needsTranscript) {
+      const tp = typeof payload.transcript_path === 'string' ? payload.transcript_path : '';
+      if (tp && existsSync(tp)) {
+        try {
+          const t = readFileSync(tp, 'utf-8');
+          envelope.transcript = (opts.fullTranscript || t.length <= 200000) ? t : t.slice(t.length - 200000);
+        } catch {}
+      }
+    }
+    if (opts.needsPlan) {
+      const ti = payload.tool_input || {};
+      envelope.planText = String(ti.plan || ti.content || payload.plan || '');
+    }
+    const timeoutMs = opts.telemetry ? 6000 : 28000;
+    const url = 'http://127.0.0.1:' + PORT + '/api/scan/' + surface + (harness === 'cursor' ? '?harness=cursor' : '');
+    const resp = await fetch(url, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json', Authorization: 'Bearer ' + loadMcpJwt() },
+      body: JSON.stringify(envelope),
+      signal: AbortSignal.timeout(timeoutMs),
+    });
+    const text = await resp.text();
+    out(resp.ok ? (text.trim() || failOpen(harness)) : failOpen(harness));
+  } catch {
+    out(failOpen(harness));
+  }
+}
+`;
+    STUB_EDIT_PRECHECK_TS = stubHook("edit-precheck", "{ needsFile: true, needsTranscript: true }");
+    STUB_CWE_PRECHECK_TS = stubHook("cwe-precheck", "{ needsFile: true, needsTranscript: true }");
+    STUB_CVE_PRECHECK_TS = stubHook("cve-precheck", "{ needsFile: true, needsTranscript: true }");
+    STUB_BASH_JUDGE_TS = stubHook("bash-judge", "{ needsTranscript: true }");
+    STUB_INSTALL_SCAN_TS = stubHook("install-scan", "{ needsTranscript: true }");
+    STUB_AGENT_JUDGE_TS = stubHook("agent-judge", "{ needsTranscript: true }");
+    STUB_PLAN_JUDGE_TS = stubHook("plan-judge", "{ needsPlan: true }");
+    STUB_STOP_SUMMARY_TS = stubHook("stop-summary", "{ needsTranscript: true, fullTranscript: true, telemetry: true }");
+    STUB_SESSION_START_TS = stubHook("session-start", "{ telemetry: true }");
+    STUB_TRANSCRIPT_SYNC_TS = stubHook("transcript-sync", "{ needsTranscript: true, fullTranscript: true, telemetry: true }");
+    STUB_USER_PROMPT_SUBMIT_TS = stubHook("prompt-submit", "{ telemetry: true }");
+    STUB_BASH_FOLLOWUP_TS = stubHook("bash-followup", "{ telemetry: true }");
+    STUB_CURSOR_BASH_JUDGE_TS = stubHook("bash-judge", "{ needsTranscript: true, harness: 'cursor' }");
+    STUB_CURSOR_EDIT_CAPTURE_TS = stubHook("edit-precheck", "{ needsFile: true, needsTranscript: true, harness: 'cursor' }");
+    STUB_CURSOR_AGENT_CAPTURE_TS = stubHook("agent-judge", "{ needsTranscript: true, harness: 'cursor' }");
   }
 });
@@ -7392,10 +7640,20 @@ async function dockerInstall(opts = {}) {
   } else {
     mkdirSync7(join6(homedir6(), ".claude"), { recursive: true });
   }
-  console.log(`  Pulling ${image}...`);
-  const pull = spawnSync2("docker", ["pull", image], { encoding: "utf-8", stdio: "inherit", timeout: 6e5 });
-  if (pull.status !== 0) {
-    throw new DockerInstallError(`docker pull ${image} failed`);
+  const imageExistsLocally = () => spawnSync2("docker", ["image", "inspect", image], { stdio: "ignore", timeout: 3e4 }).status === 0;
+  const skipPull = process.env.SYNKRO_SKIP_PULL === "1" || process.env.SYNKRO_SKIP_PULL === "true";
+  if (skipPull && imageExistsLocally()) {
+    console.log(`  Using local image ${image} (SYNKRO_SKIP_PULL set \u2014 pull skipped).`);
+  } else {
+    console.log(`  Pulling ${image}...`);
+    const pull = spawnSync2("docker", ["pull", image], { encoding: "utf-8", stdio: "inherit", timeout: 6e5 });
+    if (pull.status !== 0) {
+      if (imageExistsLocally()) {
+        console.warn(`  \u26A0 docker pull ${image} failed \u2014 falling back to the existing local image.`);
+      } else {
+        throw new DockerInstallError(`docker pull ${image} failed`);
+      }
+    }
   }
   const existing = dockerStatus();
   if (existing.running) {
@@ -8066,11 +8324,21 @@ __export(install_exports, {
   syncSkillFiles: () => syncSkillFiles,
   writeHookScripts: () => writeHookScripts
 });
-import { existsSync as existsSync10, mkdirSync as mkdirSync8, writeFileSync as writeFileSync7, chmodSync as chmodSync2, readFileSync as readFileSync8, readdirSync as readdirSync3 } from "fs";
+import { existsSync as existsSync10, mkdirSync as mkdirSync8, writeFileSync as writeFileSync7, chmodSync as chmodSync2, readFileSync as readFileSync8, readdirSync as readdirSync3, unlinkSync as unlinkSync4 } from "fs";
 import { homedir as homedir8 } from "os";
 import { join as join8 } from "path";
 import { execSync as execSync6 } from "child_process";
 import { createInterface as createInterface3 } from "readline";
+function resolvePersistedHookMode() {
+  if (process.env.SYNKRO_HOOK_MODE === "stub") return "stub";
+  if (process.env.SYNKRO_HOOK_MODE === "full") return "full";
+  try {
+    const env = readFileSync8(CONFIG_PATH2, "utf-8");
+    if (/^SYNKRO_HOOK_MODE=['"]?stub['"]?\s*$/m.test(env)) return "stub";
+  } catch {
+  }
+  return "full";
+}
 function sanitizeGatewayCandidate(raw) {
   if (!raw) return void 0;
   return /^https?:\/\//.test(raw) ? raw : void 0;
@@ -8085,7 +8353,13 @@ function parseArgs(argv) {
     else if (a === "--no-mcp") opts.noMcp = true;
     else if (a === "--force" || a === "-f") opts.force = true;
     else if (a === "--link-repo") opts.linkRepo = true;
+    else if (a === "--stub" || a === "--mode=stub") opts.hookMode = "stub";
+    else if (a === "--mode=full") opts.hookMode = "full";
   }
+  const modeIdx = argv.indexOf("--mode");
+  if (modeIdx >= 0 && argv[modeIdx + 1] === "stub") opts.hookMode = "stub";
+  if (modeIdx >= 0 && argv[modeIdx + 1] === "full") opts.hookMode = "full";
+  if (!opts.hookMode && process.env.SYNKRO_HOOK_MODE === "stub") opts.hookMode = "stub";
   if (!opts.gatewayUrl) {
     const fromEnv = sanitizeGatewayCandidate(process.env.SYNKRO_GATEWAY_URL);
     if (fromEnv) opts.gatewayUrl = fromEnv;
@@ -8196,7 +8470,7 @@ function ensureSynkroDir() {
   mkdirSync8(OFFSETS_DIR, { recursive: true });
   mkdirSync8(join8(SYNKRO_DIR4, "sessions"), { recursive: true });
 }
-function writeHookScripts() {
+function writeHookScripts(mode = "full") {
   const installExtractCorePath = join8(HOOKS_DIR, "installExtractCore.ts");
   const bashScriptPath = join8(HOOKS_DIR, "cc-bash-judge.ts");
   const bashFollowupScriptPath = join8(HOOKS_DIR, "cc-bash-followup.ts");
@@ -8216,6 +8490,56 @@ function writeHookScripts() {
   const cursorEditCapturePath = join8(HOOKS_DIR, "cursor-edit-capture.ts");
   const cursorAgentCapturePath = join8(HOOKS_DIR, "cursor-agent-capture.ts");
   const mcpStdioProxyPath = join8(HOOKS_DIR, "mcp-stdio-proxy.ts");
+  if (mode === "stub") {
+    const stubCommonPath = join8(HOOKS_DIR, "_synkro-stub-common.ts");
+    const stubFiles = [
+      [stubCommonPath, STUB_COMMON_TS],
+      [bashScriptPath, STUB_BASH_JUDGE_TS],
+      [bashFollowupScriptPath, STUB_BASH_FOLLOWUP_TS],
+      [editPrecheckScriptPath, STUB_EDIT_PRECHECK_TS],
+      [cwePrecheckScriptPath, STUB_CWE_PRECHECK_TS],
+      [cvePrecheckScriptPath, STUB_CVE_PRECHECK_TS],
+      [planJudgeScriptPath, STUB_PLAN_JUDGE_TS],
+      [agentJudgeScriptPath, STUB_AGENT_JUDGE_TS],
+      [stopSummaryScriptPath, STUB_STOP_SUMMARY_TS],
+      [sessionStartScriptPath, STUB_SESSION_START_TS],
+      [transcriptSyncScriptPath, STUB_TRANSCRIPT_SYNC_TS],
+      [userPromptSubmitScriptPath, STUB_USER_PROMPT_SUBMIT_TS],
+      [installScanScriptPath, STUB_INSTALL_SCAN_TS],
+      [cursorBashJudgePath, STUB_CURSOR_BASH_JUDGE_TS],
+      [cursorEditCapturePath, STUB_CURSOR_EDIT_CAPTURE_TS],
+      [cursorAgentCapturePath, STUB_CURSOR_AGENT_CAPTURE_TS]
+    ];
+    for (const [p, content] of stubFiles) {
+      writeFileSync7(p, content, "utf-8");
+      chmodSync2(p, 493);
+    }
+    writeFileSync7(mcpStdioProxyPath, MCP_STDIO_PROXY_SRC, "utf-8");
+    chmodSync2(mcpStdioProxyPath, 493);
+    for (const stale of ["_synkro-common.ts", "_synkro-common.sh", "installExtractCore.ts"]) {
+      try {
+        unlinkSync4(join8(HOOKS_DIR, stale));
+      } catch {
+      }
+    }
+    return {
+      bashScript: bashScriptPath,
+      bashFollowupScript: bashFollowupScriptPath,
+      editPrecheckScript: editPrecheckScriptPath,
+      cwePrecheckScript: cwePrecheckScriptPath,
+      cvePrecheckScript: cvePrecheckScriptPath,
+      planJudgeScript: planJudgeScriptPath,
+      agentJudgeScript: agentJudgeScriptPath,
+      stopSummaryScript: stopSummaryScriptPath,
+      sessionStartScript: sessionStartScriptPath,
+      transcriptSyncScript: transcriptSyncScriptPath,
+      userPromptSubmitScript: userPromptSubmitScriptPath,
+      installScanScript: installScanScriptPath,
+      cursorBashJudgeScript: cursorBashJudgePath,
+      cursorEditCaptureScript: cursorEditCapturePath,
+      cursorAgentCaptureScript: cursorAgentCapturePath
+    };
+  }
   writeFileSync7(bashScriptPath, BASH_JUDGE_TS, "utf-8");
   writeFileSync7(bashFollowupScriptPath, BASH_FOLLOWUP_TS, "utf-8");
   writeFileSync7(editPrecheckScriptPath, EDIT_PRECHECK_TS, "utf-8");
@@ -8234,7 +8558,7 @@ function writeHookScripts() {
   writeFileSync7(cursorEditCapturePath, CURSOR_EDIT_CAPTURE_TS, "utf-8");
   writeFileSync7(cursorAgentCapturePath, CURSOR_AGENT_CAPTURE_TS, "utf-8");
   writeFileSync7(mcpStdioProxyPath, MCP_STDIO_PROXY_SRC, "utf-8");
-  writeFileSync7(installExtractCorePath, "/**\n * Deterministic install-command extraction \u2014 no LLM, no network.\n * Shared by the API pkg-scan route and the hook scripts (copied to ~/.synkro/hooks/).\n */\nimport { parse as shellParse } from 'shell-quote';\n\nexport interface DeterministicPkgRequest {\n  name: string;\n  version: string;\n  ecosystem: string;\n}\n\ninterface RawInstall {\n  ecosystem: string;\n  name: string;\n  versionSpec: string | null;\n  source: 'registry' | 'git' | 'local' | 'url' | 'unknown';\n}\n\nconst SEPARATOR_OPS = new Set(['&&', '||', ';', '|', '&', '\\n']);\n\n/** Split a shell command into command segments (each an argv string array). */\nexport function segmentCommand(command: string): string[][] {\n  let tokens: unknown[];\n  try {\n    tokens = shellParse(command) as unknown[];\n  } catch {\n    return [command.split(/\\s+/).filter(Boolean)];\n  }\n  const segments: string[][] = [];\n  let current: string[] = [];\n  for (const tok of tokens) {\n    if (typeof tok === 'string') {\n      current.push(tok);\n      continue;\n    }\n    if (tok && typeof tok === 'object') {\n      const op = (tok as { op?: string }).op;\n      const pattern = (tok as { pattern?: string }).pattern;\n      if (op && SEPARATOR_OPS.has(op)) {\n        if (current.length) segments.push(current);\n        current = [];\n      } else if (typeof pattern === 'string') {\n        current.push(pattern);\n      }\n    }\n  }\n  if (current.length) segments.push(current);\n  return segments;\n}\n\nconst PM_TABLE: Record<string, { subs: Set<string>; ecosystem: string }> = {\n  npm:      { subs: new Set(['install', 'i', 'add', 'ci']),  ecosystem: 'npm' },\n  pnpm:     { subs: new Set(['add', 'install', 'i', 'dlx']), ecosystem: 'npm' },\n  yarn:     { subs: new Set(['add', 'install']),             ecosystem: 'npm' },\n  bun:      { subs: new Set(['add', 'install', 'i']),        ecosystem: 'npm' },\n  pip:      { subs: new Set(['install']),                    ecosystem: 'PyPI' },\n  pip3:     { subs: new Set(['install']),                    ecosystem: 'PyPI' },\n  cargo:    { subs: new Set(['add', 'install']),             ecosystem: 'crates.io' },\n  go:       { subs: new Set(['get', 'install']),             ecosystem: 'Go' },\n  gem:      { subs: new Set(['install']),                    ecosystem: 'RubyGems' },\n  composer: { subs: new Set(['require']),                    ecosystem: 'Packagist' },\n};\nconst SYSTEM_PMS = new Set(['apt', 'apt-get', 'apk', 'brew', 'dnf', 'yum', 'pacman']);\nconst SYSTEM_SUBS = new Set(['install', 'add']);\n\nconst WRAPPERS = new Set(['sudo', 'doas', 'command', 'env', 'xargs', 'nice', 'time']);\nconst VALUE_FLAGS = new Set([\n  '--filter', '-F', '-C', '--dir', '--prefix', '--registry', '--tag', '--features',\n  '-v', '--version', '--index-url', '--extra-index-url', '--target', '-t',\n]);\n\nfunction basename(p: string): string {\n  const i = p.lastIndexOf('/');\n  return i >= 0 ? p.slice(i + 1) : p;\n}\n\nfunction stripPrefixes(argv: string[]): string[] {\n  let i = 0;\n  while (i < argv.length) {\n    const t = argv[i];\n    if (WRAPPERS.has(basename(t).toLowerCase())) { i++; continue; }\n    if (/^[A-Za-z_][A-Za-z0-9_]*=/.test(t)) { i++; continue; }\n    break;\n  }\n  return argv.slice(i);\n}\n\nfunction looksLikePath(tok: string): boolean {\n  return tok === '.' || tok === '..' || /^\\.{0,2}\\//.test(tok) || tok.startsWith('~/') || tok.startsWith('file:');\n}\n\n/** Shell redirect fragments (e.g. `2>&1` \u2192 argv `2`, `1`) \u2014 not package names. */\nfunction isRedirectFragment(tok: string): boolean {\n  if (/^\\d+$/.test(tok)) return true;\n  if (/^[<>]|[<>]$/.test(tok)) return true;\n  if (tok === '&' || tok === '|') return true;\n  if (/^\\d*[<>]/.test(tok)) return true;\n  return false;\n}\n\nfunction parsePackageToken(tok: string, ecosystem: string): RawInstall | null {\n  if (/^(https?:)?\\/\\//.test(tok) || tok.startsWith('git+') || tok.startsWith('git:')) {\n    return { ecosystem, name: tok, versionSpec: null, source: tok.includes('git') ? 'git' : 'url' };\n  }\n  if (looksLikePath(tok)) {\n    return { ecosystem, name: basename(tok.replace(/\\/+$/, '')) || tok, versionSpec: null, source: 'local' };\n  }\n  if (ecosystem === 'PyPI') {\n    const noExtras = tok.replace(/\\[[^\\]]*\\]/g, '');\n    const m = noExtras.match(/^([A-Za-z0-9_.-]+)\\s*([=~!<>].*)?$/);\n    if (!m) return null;\n    return { ecosystem, name: m[1], versionSpec: m[2] ? m[2].trim() : null, source: 'registry' };\n  }\n  const at = tok.lastIndexOf('@');\n  if (at > 0) {\n    return { ecosystem, name: tok.slice(0, at), versionSpec: tok.slice(at + 1) || null, source: 'registry' };\n  }\n  return { ecosystem, name: tok, versionSpec: null, source: 'registry' };\n}\n\n/** Deterministic extraction for a single command segment. */\nexport function extractSegment(rawArgv: string[]): RawInstall[] {\n  let argv = stripPrefixes(rawArgv);\n  if (argv.length < 2) return [];\n  let bin = basename(argv[0]).toLowerCase();\n\n  if (bin === 'uv' && argv[1] === 'pip') { argv = argv.slice(1); bin = 'pip'; }\n  if ((bin === 'python' || bin === 'python3') && argv.includes('-m')) {\n    const mi = argv.indexOf('-m');\n    if (argv[mi + 1] === 'pip') { argv = ['pip', ...argv.slice(mi + 2)]; bin = 'pip'; }\n  }\n\n  const isSystem = SYSTEM_PMS.has(bin);\n  const entry = PM_TABLE[bin];\n  if (!entry && !isSystem) return [];\n  const ecosystem = entry ? entry.ecosystem : 'system';\n  const subs = entry ? entry.subs : SYSTEM_SUBS;\n\n  let subIdx = -1;\n  for (let i = 1; i < argv.length; i++) {\n    if (subs.has(argv[i].toLowerCase())) { subIdx = i; break; }\n  }\n  if (subIdx === -1) return [];\n\n  const installs: RawInstall[] = [];\n  for (let i = subIdx + 1; i < argv.length; i++) {\n    const tok = argv[i];\n    if (isRedirectFragment(tok)) break;\n    if (tok.startsWith('-')) {\n      if (VALUE_FLAGS.has(tok)) i++;\n      continue;\n    }\n    const parsed = parsePackageToken(tok, ecosystem);\n    if (parsed) installs.push(parsed);\n  }\n  return installs;\n}\n\nconst ECO_TO_OSV: Record<string, string | null> = {\n  npm: 'npm',\n  pypi: 'PyPI', PyPI: 'PyPI',\n  cargo: 'crates.io', 'crates.io': 'crates.io',\n  go: 'Go', Go: 'Go',\n  rubygems: 'RubyGems', RubyGems: 'RubyGems',\n  packagist: 'Packagist', Packagist: 'Packagist',\n  maven: 'Maven', Maven: 'Maven',\n  nuget: 'NuGet', NuGet: 'NuGet',\n  apt: null, brew: null, system: null, other: null,\n};\n\nfunction normalizeName(name: string, osvEco: string): string {\n  const n = name.trim();\n  if (osvEco === 'npm') return n.toLowerCase();\n  if (osvEco === 'PyPI') return n.toLowerCase().replace(/[-_.]+/g, '-');\n  return n;\n}\n\nfunction concretePin(spec: string | null): string | null {\n  if (!spec) return null;\n  const c = spec.trim().replace(/^[v=\\s]+/, '');\n  if (c.toLowerCase() === 'latest' || c === '') return null;\n  if (/[\\^~><|*\\sx]/i.test(c)) return null;\n  return /^\\d[\\w.\\-+]*$/.test(c) ? c : null;\n}\n\nconst PKG_JSON_DEP_FIELDS = ['dependencies', 'devDependencies', 'peerDependencies', 'optionalDependencies'];\n\nfunction safeParseObject(text: string): Record<string, any> | null {\n  try {\n    const v = JSON.parse(text);\n    return v && typeof v === 'object' && !Array.isArray(v) ? v : null;\n  } catch {\n    return null;\n  }\n}\n\n/**\n * Diff two package.json contents and return the registry packages that are\n * newly added or whose version spec changed in the new content. The caller\n * scans these against the vuln DB before letting the edit land \u2014 so a bare\n * `pnpm install` afterwards has nothing left to vet. Non-registry sources\n * (file:, link:, workspace:, git, http, relative paths) are skipped.\n */\nexport function extractPackageJsonDelta(oldText: string, newText: string): DeterministicPkgRequest[] {\n  const newJson = safeParseObject(newText);\n  if (!newJson) return [];\n  const oldJson = safeParseObject(oldText) || {};\n\n  const out = new Map<string, DeterministicPkgRequest>();\n  for (const field of PKG_JSON_DEP_FIELDS) {\n    const oldDeps = (oldJson[field] && typeof oldJson[field] === 'object') ? oldJson[field] : {};\n    const newDeps = (newJson[field] && typeof newJson[field] === 'object') ? newJson[field] : {};\n    for (const [rawName, version] of Object.entries(newDeps)) {\n      if (typeof version !== 'string') continue;\n      if (oldDeps[rawName] === version) continue;\n      const spec = version.trim();\n      if (\n        spec.startsWith('file:') || spec.startsWith('link:') ||\n        spec.startsWith('http') || spec.startsWith('git') ||\n        spec.startsWith('workspace:') || spec.startsWith('catalog:') ||\n        spec.startsWith('npm:') ||\n        spec.startsWith('./') || spec.startsWith('../') ||\n        spec === '' || spec === '*'\n      ) continue;\n      const name = rawName.toLowerCase();\n      out.set(name, {\n        name,\n        version: concretePin(spec) ?? '*',\n        ecosystem: 'npm',\n      });\n    }\n  }\n  return [...out.values()];\n}\n\n/**\n * Parse registry installs from a shell command without LLM/network.\n * Unpinned versions use '*' so OSV scans the full advisory history.\n */\nexport function extractDeterministicPkgRequests(command: string): DeterministicPkgRequest[] {\n  const merged = new Map<string, DeterministicPkgRequest>();\n  for (const r of segmentCommand(command).flatMap(extractSegment)) {\n    if (r.source !== 'registry') continue;\n    const osvEco = ECO_TO_OSV[r.ecosystem] ?? ECO_TO_OSV[r.ecosystem.toLowerCase()] ?? null;\n    if (!osvEco) continue;\n    const name = normalizeName(r.name, osvEco);\n    if (!name) continue;\n    const key = osvEco + '|' + name.toLowerCase();\n    const version = concretePin(r.versionSpec) ?? '*';\n    const prev = merged.get(key);\n    if (!prev || (prev.version === '*' && version !== '*')) {\n      merged.set(key, { name, version, ecosystem: osvEco });\n    }\n  }\n  return [...merged.values()];\n}\n", "utf-8");
+  writeFileSync7(installExtractCorePath, "/**\n * Deterministic install-command extraction \u2014 no LLM, no network.\n * Shared by the API pkg-scan route and the hook scripts (copied to ~/.synkro/hooks/).\n */\nimport { parse as shellParse } from 'shell-quote';\n\nexport interface DeterministicPkgRequest {\n  name: string;\n  version: string;\n  ecosystem: string;\n}\n\ninterface RawInstall {\n  ecosystem: string;\n  name: string;\n  versionSpec: string | null;\n  source: 'registry' | 'git' | 'local' | 'url' | 'unknown';\n}\n\nconst SEPARATOR_OPS = new Set(['&&', '||', ';', '|', '&', '\\n']);\n\n/** Split a shell command into command segments (each an argv string array). */\nexport function segmentCommand(command: string): string[][] {\n  let tokens: unknown[];\n  try {\n    tokens = shellParse(command) as unknown[];\n  } catch {\n    return [command.split(/\\s+/).filter(Boolean)];\n  }\n  const segments: string[][] = [];\n  let current: string[] = [];\n  for (const tok of tokens) {\n    if (typeof tok === 'string') {\n      current.push(tok);\n      continue;\n    }\n    if (tok && typeof tok === 'object') {\n      const op = (tok as { op?: string }).op;\n      const pattern = (tok as { pattern?: string }).pattern;\n      if (op && SEPARATOR_OPS.has(op)) {\n        if (current.length) segments.push(current);\n        current = [];\n      } else if (typeof pattern === 'string') {\n        current.push(pattern);\n      }\n    }\n  }\n  if (current.length) segments.push(current);\n  return segments;\n}\n\nconst PM_TABLE: Record<string, { subs: Set<string>; ecosystem: string }> = {\n  npm:      { subs: new Set(['install', 'i', 'add', 'ci']),  ecosystem: 'npm' },\n  pnpm:     { subs: new Set(['add', 'install', 'i', 'dlx']), ecosystem: 'npm' },\n  yarn:     { subs: new Set(['add', 'install']),             ecosystem: 'npm' },\n  bun:      { subs: new Set(['add', 'install', 'i']),        ecosystem: 'npm' },\n  pip:      { subs: new Set(['install']),                    ecosystem: 'PyPI' },\n  pip3:     { subs: new Set(['install']),                    ecosystem: 'PyPI' },\n  cargo:    { subs: new Set(['add', 'install']),             ecosystem: 'crates.io' },\n  go:       { subs: new Set(['get', 'install']),             ecosystem: 'Go' },\n  gem:      { subs: new Set(['install']),                    ecosystem: 'RubyGems' },\n  composer: { subs: new Set(['require']),                    ecosystem: 'Packagist' },\n};\nconst SYSTEM_PMS = new Set(['apt', 'apt-get', 'apk', 'brew', 'dnf', 'yum', 'pacman']);\nconst SYSTEM_SUBS = new Set(['install', 'add']);\n\nconst WRAPPERS = new Set(['sudo', 'doas', 'command', 'env', 'xargs', 'nice', 'time']);\nconst VALUE_FLAGS = new Set([\n  '--filter', '-F', '-C', '--dir', '--prefix', '--registry', '--tag', '--features',\n  '-v', '--version', '--index-url', '--extra-index-url', '--target', '-t',\n]);\n\nfunction basename(p: string): string {\n  const i = p.lastIndexOf('/');\n  return i >= 0 ? p.slice(i + 1) : p;\n}\n\nfunction stripPrefixes(argv: string[]): string[] {\n  let i = 0;\n  while (i < argv.length) {\n    const t = argv[i];\n    if (WRAPPERS.has(basename(t).toLowerCase())) { i++; continue; }\n    if (/^[A-Za-z_][A-Za-z0-9_]*=/.test(t)) { i++; continue; }\n    break;\n  }\n  return argv.slice(i);\n}\n\nfunction looksLikePath(tok: string): boolean {\n  return tok === '.' || tok === '..' || /^\\.{0,2}\\//.test(tok) || tok.startsWith('~/') || tok.startsWith('file:');\n}\n\n/** Shell redirect fragments (e.g. `2>&1` \u2192 argv `2`, `1`) \u2014 not package names. */\nfunction isRedirectFragment(tok: string): boolean {\n  if (/^\\d+$/.test(tok)) return true;\n  if (/^[<>]|[<>]$/.test(tok)) return true;\n  if (tok === '&' || tok === '|') return true;\n  if (/^\\d*[<>]/.test(tok)) return true;\n  return false;\n}\n\nfunction parsePackageToken(tok: string, ecosystem: string): RawInstall | null {\n  if (/^(https?:)?\\/\\//.test(tok) || tok.startsWith('git+') || tok.startsWith('git:')) {\n    return { ecosystem, name: tok, versionSpec: null, source: tok.includes('git') ? 'git' : 'url' };\n  }\n  if (looksLikePath(tok)) {\n    return { ecosystem, name: basename(tok.replace(/\\/+$/, '')) || tok, versionSpec: null, source: 'local' };\n  }\n  if (ecosystem === 'PyPI') {\n    const noExtras = tok.replace(/\\[[^\\]]*\\]/g, '');\n    const m = noExtras.match(/^([A-Za-z0-9_.-]+)\\s*([=~!<>].*)?$/);\n    if (!m) return null;\n    return { ecosystem, name: m[1], versionSpec: m[2] ? m[2].trim() : null, source: 'registry' };\n  }\n  if (ecosystem === 'Packagist') {\n    // composer uses vendor/package:version-constraint (e.g. monolog/monolog:1.0.0).\n    // Split on the first ':' after the vendor/ slash; never on the '/'.\n    const ci = tok.indexOf(':');\n    if (ci > 0) return { ecosystem, name: tok.slice(0, ci), versionSpec: tok.slice(ci + 1) || null, source: 'registry' };\n    return { ecosystem, name: tok, versionSpec: null, source: 'registry' };\n  }\n  const at = tok.lastIndexOf('@');\n  if (at > 0) {\n    return { ecosystem, name: tok.slice(0, at), versionSpec: tok.slice(at + 1) || null, source: 'registry' };\n  }\n  return { ecosystem, name: tok, versionSpec: null, source: 'registry' };\n}\n\n/** Deterministic extraction for a single command segment. */\nexport function extractSegment(rawArgv: string[]): RawInstall[] {\n  let argv = stripPrefixes(rawArgv);\n  if (argv.length < 2) return [];\n  let bin = basename(argv[0]).toLowerCase();\n\n  if (bin === 'uv' && argv[1] === 'pip') { argv = argv.slice(1); bin = 'pip'; }\n  if ((bin === 'python' || bin === 'python3') && argv.includes('-m')) {\n    const mi = argv.indexOf('-m');\n    if (argv[mi + 1] === 'pip') { argv = ['pip', ...argv.slice(mi + 2)]; bin = 'pip'; }\n  }\n\n  const isSystem = SYSTEM_PMS.has(bin);\n  const entry = PM_TABLE[bin];\n  if (!entry && !isSystem) return [];\n  const ecosystem = entry ? entry.ecosystem : 'system';\n  const subs = entry ? entry.subs : SYSTEM_SUBS;\n\n  let subIdx = -1;\n  for (let i = 1; i < argv.length; i++) {\n    if (subs.has(argv[i].toLowerCase())) { subIdx = i; break; }\n  }\n  if (subIdx === -1) return [];\n\n  const installs: RawInstall[] = [];\n  // gem pins the version with a separate `-v`/`--version` flag rather than an\n  // inline spec; capture it and apply to the package(s) in this segment.\n  let flagVersion: string | null = null;\n  for (let i = subIdx + 1; i < argv.length; i++) {\n    const tok = argv[i];\n    if (isRedirectFragment(tok)) break;\n    if (tok.startsWith('-')) {\n      const lower = tok.toLowerCase();\n      if (ecosystem === 'RubyGems' && (lower === '-v' || lower === '--version')) {\n        flagVersion = (argv[i + 1] || '').replace(/^[v=\\s]+/, '') || null;\n        i++;\n        continue;\n      }\n      if (VALUE_FLAGS.has(tok)) i++;\n      continue;\n    }\n    const parsed = parsePackageToken(tok, ecosystem);\n    if (parsed) installs.push(parsed);\n  }\n  if (flagVersion) {\n    for (const ins of installs) {\n      if (ins.source === 'registry' && !ins.versionSpec) ins.versionSpec = flagVersion;\n    }\n  }\n  return installs;\n}\n\nconst ECO_TO_OSV: Record<string, string | null> = {\n  npm: 'npm',\n  pypi: 'PyPI', PyPI: 'PyPI',\n  cargo: 'crates.io', 'crates.io': 'crates.io',\n  go: 'Go', Go: 'Go',\n  rubygems: 'RubyGems', RubyGems: 'RubyGems',\n  packagist: 'Packagist', Packagist: 'Packagist',\n  maven: 'Maven', Maven: 'Maven',\n  nuget: 'NuGet', NuGet: 'NuGet',\n  apt: null, brew: null, system: null, other: null,\n};\n\nfunction normalizeName(name: string, osvEco: string): string {\n  const n = name.trim();\n  if (osvEco === 'npm') return n.toLowerCase();\n  if (osvEco === 'PyPI') return n.toLowerCase().replace(/[-_.]+/g, '-');\n  return n;\n}\n\nfunction concretePin(spec: string | null): string | null {\n  if (!spec) return null;\n  const c = spec.trim().replace(/^[v=\\s]+/, '');\n  if (c.toLowerCase() === 'latest' || c === '') return null;\n  if (/[\\^~><|*\\sx]/i.test(c)) return null;\n  return /^\\d[\\w.\\-+]*$/.test(c) ? c : null;\n}\n\nconst PKG_JSON_DEP_FIELDS = ['dependencies', 'devDependencies', 'peerDependencies', 'optionalDependencies'];\n\nfunction safeParseObject(text: string): Record<string, any> | null {\n  try {\n    const v = JSON.parse(text);\n    return v && typeof v === 'object' && !Array.isArray(v) ? v : null;\n  } catch {\n    return null;\n  }\n}\n\n/**\n * Diff two package.json contents and return the registry packages that are\n * newly added or whose version spec changed in the new content. The caller\n * scans these against the vuln DB before letting the edit land \u2014 so a bare\n * `pnpm install` afterwards has nothing left to vet. Non-registry sources\n * (file:, link:, workspace:, git, http, relative paths) are skipped.\n */\nexport function extractPackageJsonDelta(oldText: string, newText: string): DeterministicPkgRequest[] {\n  const newJson = safeParseObject(newText);\n  if (!newJson) return [];\n  const oldJson = safeParseObject(oldText) || {};\n\n  const out = new Map<string, DeterministicPkgRequest>();\n  for (const field of PKG_JSON_DEP_FIELDS) {\n    const oldDeps = (oldJson[field] && typeof oldJson[field] === 'object') ? oldJson[field] : {};\n    const newDeps = (newJson[field] && typeof newJson[field] === 'object') ? newJson[field] : {};\n    for (const [rawName, version] of Object.entries(newDeps)) {\n      if (typeof version !== 'string') continue;\n      if (oldDeps[rawName] === version) continue;\n      const spec = version.trim();\n      if (\n        spec.startsWith('file:') || spec.startsWith('link:') ||\n        spec.startsWith('http') || spec.startsWith('git') ||\n        spec.startsWith('workspace:') || spec.startsWith('catalog:') ||\n        spec.startsWith('npm:') ||\n        spec.startsWith('./') || spec.startsWith('../') ||\n        spec === '' || spec === '*'\n      ) continue;\n      const name = rawName.toLowerCase();\n      out.set(name, {\n        name,\n        version: concretePin(spec) ?? '*',\n        ecosystem: 'npm',\n      });\n    }\n  }\n  return [...out.values()];\n}\n\n/**\n * Parse registry installs from a shell command without LLM/network.\n * Unpinned versions use '*' so OSV scans the full advisory history.\n */\nexport function extractDeterministicPkgRequests(command: string): DeterministicPkgRequest[] {\n  const merged = new Map<string, DeterministicPkgRequest>();\n  for (const r of segmentCommand(command).flatMap(extractSegment)) {\n    if (r.source !== 'registry') continue;\n    const osvEco = ECO_TO_OSV[r.ecosystem] ?? ECO_TO_OSV[r.ecosystem.toLowerCase()] ?? null;\n    if (!osvEco) continue;\n    const name = normalizeName(r.name, osvEco);\n    if (!name) continue;\n    const key = osvEco + '|' + name.toLowerCase();\n    const version = concretePin(r.versionSpec) ?? '*';\n    const prev = merged.get(key);\n    if (!prev || (prev.version === '*' && version !== '*')) {\n      merged.set(key, { name, version, ecosystem: osvEco });\n    }\n  }\n  return [...merged.values()];\n}\n", "utf-8");
   chmodSync2(bashScriptPath, 493);
   chmodSync2(bashFollowupScriptPath, 493);
   chmodSync2(editPrecheckScriptPath, 493);
@@ -8254,6 +8578,10 @@ function writeHookScripts() {
   chmodSync2(cursorAgentCapturePath, 493);
   chmodSync2(mcpStdioProxyPath, 493);
   chmodSync2(installExtractCorePath, 493);
+  try {
+    unlinkSync4(join8(HOOKS_DIR, "_synkro-stub-common.ts"));
+  } catch {
+  }
   return {
     bashScript: bashScriptPath,
     bashFollowupScript: bashFollowupScriptPath,
@@ -8301,7 +8629,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.6.45")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.6.47")}`
   ];
   if (safeSynkroBin) lines.push(`SYNKRO_CLI_BIN=${shellQuoteSingle(safeSynkroBin)}`);
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
@@ -8315,6 +8643,7 @@ function writeConfigEnv(opts) {
   lines.push(`SYNKRO_DEPLOYMENT_MODE=${shellQuoteSingle(safeMode)}`);
   lines.push(`SYNKRO_GRADING_MODE=${shellQuoteSingle(sanitizeConfigValue(opts.gradingMode ?? "local", 16))}`);
   lines.push(`SYNKRO_STORAGE_MODE=${shellQuoteSingle(sanitizeConfigValue(opts.storageMode ?? "local", 16))}`);
+  lines.push(`SYNKRO_HOOK_MODE=${shellQuoteSingle(sanitizeConfigValue(opts.hookMode ?? "full", 8))}`);
   lines.push("");
   writeFileSync7(CONFIG_PATH2, lines.join("\n"), "utf-8");
   chmodSync2(CONFIG_PATH2, 384);
@@ -8533,7 +8862,8 @@ async function installCommand(opts = {}) {
     }
   }
   ensureSynkroDir();
-  const scripts = writeHookScripts();
+  const hookMode = opts.hookMode || resolvePersistedHookMode();
+  const scripts = writeHookScripts(hookMode);
   console.log("Wrote hook scripts to ~/.synkro/hooks/\n");
   for (const mode of ["edit", "bash"]) {
     const pidFile = join8(SYNKRO_DIR4, "daemon", mode, "daemon.pid");
@@ -8704,7 +9034,7 @@ async function installCommand(opts = {}) {
   }
   const synkroBundle = resolveSynkroBundle();
   const persistedMode = resolveDeploymentMode();
-  writeConfigEnv({ gatewayUrl, userId, orgId, email, tier: profile.tier, inference: profile.inference, synkroBin: synkroBundle, transcriptConsent, localInference: profile.localInference, deploymentMode: persistedMode, gradingMode, storageMode });
+  writeConfigEnv({ gatewayUrl, userId, orgId, email, tier: profile.tier, inference: profile.inference, synkroBin: synkroBundle, transcriptConsent, localInference: profile.localInference, deploymentMode: persistedMode, gradingMode, storageMode, hookMode });
   console.log(`Wrote config to ${CONFIG_PATH2}`);
   console.log(`  inference: ${profile.inference} (server-side grading)`);
   if (profile.localInference) console.log(`  local inference: enabled (gradingProvider=claude-code)`);
@@ -9008,7 +9338,7 @@ function reconcileHarness() {
   const wantCC = sf.harness.includes("claude-code");
   const wantCursor = sf.harness.includes("cursor");
   console.log(`.synkro: harness=[${sf.harness.join(", ")}] pool=${sf.grader.pool} mode=${sf.grader.mode}`);
-  const scripts = writeHookScripts();
+  const scripts = writeHookScripts(resolvePersistedHookMode());
   console.log("Wrote hook scripts to ~/.synkro/hooks/");
   const ccSettings = join8(homedir8(), ".claude", "settings.json");
   if (wantCC) {
@@ -9366,6 +9696,7 @@ var init_install = __esm({
     init_skillParser();
     init_hookScripts();
     init_hookScriptsTs();
+    init_hookScriptsTs();
     init_stub();
     init_repoConnect();
     init_projects();
@@ -9426,7 +9757,7 @@ rl.on('line', async (line) => {
 });
 // cli/local-cc/install.ts
-import { existsSync as existsSync11, mkdirSync as mkdirSync9, writeFileSync as writeFileSync8, readFileSync as readFileSync9, chmodSync as chmodSync3, copyFileSync as copyFileSync2, renameSync as renameSync4, unlinkSync as unlinkSync4, openSync, fsyncSync, closeSync } from "fs";
+import { existsSync as existsSync11, mkdirSync as mkdirSync9, writeFileSync as writeFileSync8, readFileSync as readFileSync9, chmodSync as chmodSync3, copyFileSync as copyFileSync2, renameSync as renameSync4, unlinkSync as unlinkSync5, openSync, fsyncSync, closeSync } from "fs";
 import { join as join9 } from "path";
 import { homedir as homedir9 } from "os";
 import { spawnSync as spawnSync4 } from "child_process";
@@ -9507,7 +9838,7 @@ function safelyMutateClaudeJson(mutator) {
     renameSync4(tmpPath, CLAUDE_JSON_PATH);
   } catch (err) {
     try {
-      unlinkSync4(tmpPath);
+      unlinkSync5(tmpPath);
     } catch {
     }
     try {
@@ -11386,7 +11717,7 @@ var args = process.argv.slice(2);
 var cmd = args[0] || "";
 var subArgs = args.slice(1);
 function printVersion() {
-  console.log("1.6.45");
+  console.log("1.6.47");
 }
 function printHelp2() {
   console.log(`Synkro CLI \u2014 runtime safety for AI coding agents