@windyroad/risk-scorer 0.12.8 → 0.13.0-preview.679

package/.claude-plugin/plugin.json

@@ -310,5 +310,5 @@
     }
   },
   "name": "wr-risk-scorer",
-  "version": "0.12.8"
+  "version": "0.13.0"
 }

package/hooks/hooks.json

@@ -1,5 +1,8 @@
 {
   "hooks": {
+    "SessionStart": [
+      { "matcher": "startup", "hooks": [{ "type": "command", "command": "${CLAUDE_PLUGIN_ROOT}/hooks/risk-scorer-scaffold-nudge.sh" }] }
+    ],
     "UserPromptSubmit": [
       { "hooks": [{ "type": "command", "command": "${CLAUDE_PLUGIN_ROOT}/hooks/risk-score.sh" }] }
     ],

package/hooks/risk-scorer-scaffold-nudge.sh

@@ -0,0 +1,43 @@
+#!/usr/bin/env bash
+# wr-risk-scorer — SessionStart hook (ADR-047 Amendment 2026-06-08, P297)
+#
+# Surfaces a one-line nudge when this project has a RISK-POLICY.md (the
+# trigger condition for an ISO 31000 / ISO 27001 standing-risk register)
+# but lacks the docs/risks/ directory the register lives in. The user
+# scaffolds the register on-demand via /wr-risk-scorer:bootstrap-catalog
+# (ADR-059); this hook is the discovery surface — it does NOT write.
+#
+# Read-only, side-effect-free. Modelled on
+# packages/architect/hooks/architect-oversight-nudge.sh (ADR-066) and
+# packages/jtbd/hooks/jtbd-oversight-nudge.sh (ADR-068). Per ADR-040 the
+# SessionStart surface stays read-mostly — this hook does not write to
+# the adopter tree; the scaffold write is gated behind the user
+# invoking the on-demand skill.
+#
+# AFK self-suppress (JTBD-006 friction guard): AFK orchestrators set
+# WR_SUPPRESS_OVERSIGHT_NUDGE=1 before spawning each `claude -p` iteration
+# so this interactive scaffold-confirm nudge never fires into an
+# absent-user subprocess. The suite-wide env var is established by
+# ADR-068 — one suppress variable governs every oversight-class nudge,
+# scaffold-class included. Only the literal "1" suppresses.
+
+set -euo pipefail
+
+if [ "${WR_SUPPRESS_OVERSIGHT_NUDGE:-}" = "1" ]; then
+  exit 0
+fi
+
+PROJECT_DIR="${CLAUDE_PROJECT_DIR:-.}"
+POLICY_FILE="$PROJECT_DIR/RISK-POLICY.md"
+REGISTER_DIR="$PROJECT_DIR/docs/risks"
+
+# Silent when the project does not have a risk policy. The policy file
+# presence is the user authorisation for the register to exist; without
+# it, the absence of docs/risks/ is not a governance gap.
+[ -f "$POLICY_FILE" ] || exit 0
+
+# Silent when the register directory already exists — the scaffold has
+# either already happened or the user has populated it manually.
+[ -d "$REGISTER_DIR" ] && exit 0
+
+echo "[wr-risk-scorer] RISK-POLICY.md present but docs/risks/ is missing — run /wr-risk-scorer:bootstrap-catalog to scaffold the standing-risk register."

package/hooks/test/risk-scorer-scaffold-nudge.bats

@@ -0,0 +1,68 @@
+#!/usr/bin/env bats
+
+# ADR-047 Amendment 2026-06-08 (P297): risk-scorer-scaffold-nudge.sh
+# (SessionStart) emits a one-line nudge when RISK-POLICY.md exists but the
+# docs/risks/ standing-risk register directory is missing, is silent
+# otherwise, and self-suppresses under the AFK guard
+# (WR_SUPPRESS_OVERSIGHT_NUDGE=1 per ADR-068) so the interactive
+# scaffold-confirm never fires into an absent-user iteration (JTBD-006).
+# Behavioural — exercises the hook against fixture trees and asserts on stdout.
+
+setup() {
+  REPO_ROOT="$(cd "$(dirname "$BATS_TEST_FILENAME")/../../../.." && pwd)"
+  HOOK="$REPO_ROOT/packages/risk-scorer/hooks/risk-scorer-scaffold-nudge.sh"
+  PLUGIN_ROOT="$REPO_ROOT/packages/risk-scorer"
+  DIR="$(mktemp -d)"
+}
+
+teardown() {
+  rm -rf "$DIR"
+}
+
+@test "emits a scaffold nudge when RISK-POLICY.md exists and docs/risks/ is missing" {
+  printf 'placeholder policy\n' > "$DIR/RISK-POLICY.md"
+  run env CLAUDE_PROJECT_DIR="$DIR" CLAUDE_PLUGIN_ROOT="$PLUGIN_ROOT" bash "$HOOK"
+  [ "$status" -eq 0 ]
+  [[ "$output" == *"RISK-POLICY.md present but docs/risks/ is missing"* ]]
+  [[ "$output" == *"/wr-risk-scorer:bootstrap-catalog"* ]]
+}
+
+@test "silent when RISK-POLICY.md exists and docs/risks/ also exists" {
+  printf 'placeholder policy\n' > "$DIR/RISK-POLICY.md"
+  mkdir -p "$DIR/docs/risks"
+  run env CLAUDE_PROJECT_DIR="$DIR" CLAUDE_PLUGIN_ROOT="$PLUGIN_ROOT" bash "$HOOK"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}
+
+@test "silent when RISK-POLICY.md is absent (no policy file = no register expectation)" {
+  run env CLAUDE_PROJECT_DIR="$DIR" CLAUDE_PLUGIN_ROOT="$PLUGIN_ROOT" bash "$HOOK"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}
+
+@test "silent when RISK-POLICY.md is absent even if docs/risks/ exists" {
+  mkdir -p "$DIR/docs/risks"
+  run env CLAUDE_PROJECT_DIR="$DIR" CLAUDE_PLUGIN_ROOT="$PLUGIN_ROOT" bash "$HOOK"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}
+
+@test "AFK guard WR_SUPPRESS_OVERSIGHT_NUDGE=1 suppresses the nudge entirely" {
+  printf 'placeholder policy\n' > "$DIR/RISK-POLICY.md"
+  run env WR_SUPPRESS_OVERSIGHT_NUDGE=1 CLAUDE_PROJECT_DIR="$DIR" CLAUDE_PLUGIN_ROOT="$PLUGIN_ROOT" bash "$HOOK"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}
+
+@test "guard value other than 1 does not suppress" {
+  printf 'placeholder policy\n' > "$DIR/RISK-POLICY.md"
+  run env WR_SUPPRESS_OVERSIGHT_NUDGE=0 CLAUDE_PROJECT_DIR="$DIR" CLAUDE_PLUGIN_ROOT="$PLUGIN_ROOT" bash "$HOOK"
+  [[ "$output" == *"docs/risks/ is missing"* ]]
+}
+
+@test "silent when CLAUDE_PROJECT_DIR points at a non-existent path" {
+  run env CLAUDE_PROJECT_DIR="$DIR/nonexistent" CLAUDE_PLUGIN_ROOT="$PLUGIN_ROOT" bash "$HOOK"
+  [ "$status" -eq 0 ]
+  [ -z "$output" ]
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@windyroad/risk-scorer",
-  "version": "0.12.8",
+  "version": "0.13.0-preview.679",
   "description": "Pipeline risk scoring, commit/push gates, and secret leak detection",
   "bin": {
     "windyroad-risk-scorer": "./bin/install.mjs"