aiignore-cli 1.0.0

package/LICENSE

@@ -0,0 +1,190 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to the Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by the Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding any notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2026 yjcho9317
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.ko.md

@@ -0,0 +1,104 @@
+# aiignore
+
+AI 코딩 도구로부터 민감 파일을 보호하는 CLI.
+
+AI 도구마다 ignore 방식이 다르다 — `.cursorignore`, `.geminiignore`, `.codeiumignore`, `.claude/settings.json`, `.aiignore` — 포맷도 다르고 알려지지 않은 우회 버그도 있다. `aiignore`는 프로젝트를 스캔하고, 사용 중인 도구를 감지하고, 각 도구에 맞는 설정 파일을 자동 생성한다.
+
+## 빠른 시작
+
+```bash
+npx aiignore init
+```
+
+또는 전역 설치:
+
+```bash
+npm install -g aiignore
+aiignore init
+```
+
+Node.js 18 이상.
+
+## 왜 직접 안 만들고?
+
+만들 수 있다. `.cursorignore` 하나 쓰는 데 30초면 된다. 그런데:
+
+- Cursor는 `.cursorignore`, Claude Code는 `settings.json` deny 규칙, Gemini CLI는 `.geminiignore`, JetBrains는 `.aiignore`, Windsurf는 아직 `.codeiumignore`를 쓴다는 걸 알고 있는가?
+- Cursor의 ignore가 "best-effort"이고 CVE가 2개 있다는 것, Gemini의 부정 패턴이 깨져있다는 것, Copilot은 ignore 파일 자체가 없다는 걸 알고 있는가?
+- 새 프로젝트 세팅할 때마다 각 도구의 포맷을 찾아볼 생각인가?
+
+`aiignore`가 조사를 대신 해준다. 각 도구의 보안 현황 데이터가 진짜 가치고, CLI는 그걸 적용하는 수단이다.
+
+## 명령어
+
+```bash
+aiignore                             # aiignore init과 동일
+aiignore init                        # 자동 감지 후 생성
+aiignore init --all                  # 감지 건너뛰고 전체 도구 대상
+aiignore init --only cursor          # 특정 도구만
+aiignore init --only cursor,gemini   # 여러 도구 지정 (쉼표 구분)
+aiignore init --append               # 기존 파일에 누락 패턴만 추가
+aiignore init --dry-run              # 미리보기 (파일 생성 안 함)
+aiignore init --force                # 기존 파일 덮어쓰기
+aiignore init -q                     # 무출력 모드
+
+aiignore verify                      # 보호 상태 테이블
+aiignore verify --ci                 # 미보호 시 exit 1
+aiignore verify --strict             # unreliable 이상이면 exit 1
+aiignore verify --json               # JSON 출력
+
+aiignore list                        # 지원 도구 및 별칭 목록
+```
+
+## 지원 도구
+
+| 도구 | 생성 파일 | 신뢰도 | 주요 이슈 |
+|------|----------|--------|----------|
+| Cursor | `.cursorignore` | 낮음 | "best-effort", Agent 우회, `@` 참조 우회 |
+| Claude Code | `.claude/settings.json` | 중간 | `Read()` deny가 Bash cat도 차단 (테스트 확인) |
+| Copilot | 가이드 문서만 | 없음 | 개인 개발자용 ignore 파일 없음 |
+| Gemini CLI | `.geminiignore` | 낮음 | 부정 패턴 깨짐, `.env`/`.pem` 자체 차단 정책 있음 |
+| JetBrains AI | `.aiignore` | 높음 | 가장 안정적. 민감 파일명은 AI가 자체 REDACT |
+| Windsurf | `.codeiumignore` | 중간 | 부정 패턴이 `.gitignore` 무시 불가 |
+
+## 보호 대상
+
+기본 패턴 + `.gitignore`의 보안 관련 항목을 자동 병합:
+
+| 분류 | 패턴 |
+|------|------|
+| 환경변수 | `.env`, `.env.*`, `.env.local` |
+| 인증정보 | `credentials.json`, `service-account*.json`, `*secret*`, `token.json` |
+| 키 | `*.pem`, `*.key`, `*.p12`, `*.pfx`, `*.jks` |
+| SSH | `.ssh/`, `id_rsa*`, `id_ed25519*`, `id_ecdsa*` |
+| 클라우드 | `.aws/`, `.gcp/`, `.azure/`, `gcloud/` |
+| 앱 시크릿 | `config/secrets.yml`, `config/master.key`, `vault.json` |
+| 데이터베이스 | `*.sqlite`, `*.db`, `dump.sql` |
+| 인증서 | `*.crt`, `*.cer`, `*.ca-bundle` |
+
+## 도구 별칭
+
+`--only` 옵션에서 사용 가능 (쉼표로 여러 개 지정):
+
+```
+cursor                     -> Cursor
+claude / claude-code       -> Claude Code
+copilot                    -> GitHub Copilot
+gemini / gemini-cli        -> Gemini CLI
+jetbrains / jb             -> JetBrains AI
+windsurf / codeium         -> Windsurf/Codeium
+```
+
+`aiignore list`로 전체 목록 확인 가능.
+
+## 한계
+
+어떤 AI 도구도 파일 접근을 100% 차단하지 못한다. 모든 도구의 공통 약점: Agent/터미널 모드에서 셸 명령으로 ignore 파일을 우회할 수 있다. Copilot은 개인 개발자용 ignore 자체가 없다.
+
+이 도구는 방어의 한 레이어다. 프로덕션 시크릿은 시크릿 매니저, pre-commit hook(`gitleaks`, `trufflehog`), 프로젝트 디렉토리 외부 보관을 병행해야 한다.
+
+도구별 상세 내용(CVE, 버그, 테스트 결과)은 [AI Coding Tool Security Reference](docs/test-report.md) 참고.
+
+## 라이선스
+
+Apache-2.0

package/README.md

@@ -0,0 +1,104 @@
+# aiignore
+
+One command to protect your secrets from all AI coding tools.
+
+Every AI tool has a different ignore mechanism — `.cursorignore`, `.geminiignore`, `.codeiumignore`, `.claude/settings.json`, `.aiignore` — each with its own quirks and undocumented bypass bugs. `aiignore` scans your project, detects which tools you use, and generates the right config for each one.
+
+## Quick Start
+
+```bash
+npx aiignore init
+```
+
+Or install globally:
+
+```bash
+npm install -g aiignore
+aiignore init
+```
+
+Requires Node.js 18+.
+
+## Why not just create the files manually?
+
+You could. A `.cursorignore` takes 30 seconds to write. But:
+
+- Do you know that Cursor also needs `.cursorignore`, Claude Code needs `settings.json` deny rules, Gemini CLI needs `.geminiignore`, JetBrains needs `.aiignore`, and Windsurf still uses `.codeiumignore`?
+- Do you know that Cursor's ignore is "best-effort" with 2 known CVEs, that Gemini's negation patterns are broken, or that Copilot has no ignore file at all?
+- Do you want to research each tool's format every time you set up a new project?
+
+`aiignore` does the research for you. The security data behind each tool is the real value — the CLI just applies it.
+
+## Commands
+
+```bash
+aiignore                             # same as aiignore init
+aiignore init                        # auto-detect and generate
+aiignore init --all                  # all tools, skip detection
+aiignore init --only cursor          # single tool
+aiignore init --only cursor,gemini   # multiple tools (comma-separated)
+aiignore init --append               # add missing patterns to existing files
+aiignore init --dry-run              # preview only
+aiignore init --force                # overwrite existing files
+aiignore init -q                     # quiet mode (no output)
+
+aiignore verify                      # protection status table
+aiignore verify --ci                 # exit 1 if unprotected
+aiignore verify --strict             # exit 1 if any tool is unreliable
+aiignore verify --json               # machine-readable output
+
+aiignore list                        # show supported tools and aliases
+```
+
+## Tool Support
+
+| Tool | File Generated | Reliability | Key Issue |
+|------|---------------|-------------|-----------|
+| Cursor | `.cursorignore` | Low | "best-effort", agent bypass, `@` reference bypass |
+| Claude Code | `.claude/settings.json` | Medium | `Read()` deny covers Bash too (tested) |
+| Copilot | guide only | None | no ignore file exists for individual devs |
+| Gemini CLI | `.geminiignore` | Low | negation patterns broken, self-blocks `.env`/`.pem` |
+| JetBrains AI | `.aiignore` | High | most reliable; AI redacts sensitive filenames |
+| Windsurf | `.codeiumignore` | Medium | negation can't override `.gitignore` |
+
+## What Gets Protected
+
+Patterns are sourced from built-in defaults + security-related entries in your `.gitignore`:
+
+| Category | Patterns |
+|----------|----------|
+| Environment | `.env`, `.env.*`, `.env.local` |
+| Credentials | `credentials.json`, `service-account*.json`, `*secret*`, `token.json` |
+| Keys | `*.pem`, `*.key`, `*.p12`, `*.pfx`, `*.jks` |
+| SSH | `.ssh/`, `id_rsa*`, `id_ed25519*`, `id_ecdsa*` |
+| Cloud | `.aws/`, `.gcp/`, `.azure/`, `gcloud/` |
+| App Secrets | `config/secrets.yml`, `config/master.key`, `vault.json` |
+| Database | `*.sqlite`, `*.db`, `dump.sql` |
+| Certificates | `*.crt`, `*.cer`, `*.ca-bundle` |
+
+## Tool Aliases
+
+`--only` accepts these names (comma-separated):
+
+```
+cursor                     -> Cursor
+claude / claude-code       -> Claude Code
+copilot                    -> GitHub Copilot
+gemini / gemini-cli        -> Gemini CLI
+jetbrains / jb             -> JetBrains AI
+windsurf / codeium         -> Windsurf/Codeium
+```
+
+Run `aiignore list` to see all tools and aliases.
+
+## Limitations
+
+No AI tool guarantees 100% file exclusion. All tools share a common weakness: agent/terminal modes can bypass ignore files by running shell commands directly. Copilot has no ignore mechanism at all for individual developers.
+
+This tool is one layer of defense. For production secrets, also use a secrets manager, pre-commit hooks (`gitleaks`, `trufflehog`), and keep secrets out of your project directory entirely.
+
+For per-tool details (CVEs, known bugs, tested behavior), see [AI Coding Tool Security Reference](docs/test-report.md).
+
+## License
+
+Apache-2.0

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+
+export {  }

package/dist/index.js

@@ -0,0 +1,930 @@
+#!/usr/bin/env node
+
+// src/index.ts
+import { Command } from "commander";
+
+// src/commands/init.ts
+import ora from "ora";
+import chalk2 from "chalk";
+
+// src/scanners/secret-detector.ts
+import fg from "fast-glob";
+import fs from "fs";
+import path from "path";
+
+// src/data/default-patterns.ts
+var DEFAULT_PATTERNS = {
+  secrets: [
+    ".env",
+    ".env.*",
+    ".env.local",
+    ".env.*.local"
+  ],
+  credentials: [
+    "credentials.json",
+    "service-account*.json",
+    "*secret*",
+    "*credential*",
+    "token.json"
+  ],
+  keys: [
+    "*.pem",
+    "*.key",
+    "*.p12",
+    "*.pfx",
+    "*.jks",
+    "*.keystore"
+  ],
+  ssh: [
+    ".ssh/",
+    "id_rsa*",
+    "id_ed25519*",
+    "id_ecdsa*",
+    "known_hosts"
+  ],
+  cloud: [
+    ".aws/",
+    ".gcp/",
+    ".azure/",
+    "gcloud/"
+  ],
+  app: [
+    "config/secrets.yml",
+    "config/master.key",
+    ".secret",
+    "vault.json",
+    "*.secrets"
+  ],
+  database: [
+    "*.sqlite",
+    "*.db",
+    "dump.sql",
+    "*.dump"
+  ],
+  certs: [
+    "*.crt",
+    "*.cer",
+    "*.ca-bundle"
+  ]
+};
+function getAllPatterns() {
+  return Object.values(DEFAULT_PATTERNS).flat();
+}
+
+// src/scanners/secret-detector.ts
+async function scanForSecrets(projectDir) {
+  const defaultPatterns = getAllPatterns();
+  const foundFiles = [];
+  for (const pattern of defaultPatterns) {
+    const matches = await fg(pattern, {
+      cwd: projectDir,
+      dot: true,
+      onlyFiles: true,
+      ignore: ["node_modules/**", ".git/**"],
+      suppressErrors: true
+    });
+    foundFiles.push(...matches);
+  }
+  const gitignorePatterns = readGitignorePatterns(projectDir);
+  const allPatterns = [.../* @__PURE__ */ new Set([...defaultPatterns, ...gitignorePatterns])];
+  return {
+    foundFiles: [...new Set(foundFiles)],
+    patterns: allPatterns
+  };
+}
+function readGitignorePatterns(projectDir) {
+  const gitignorePath = path.join(projectDir, ".gitignore");
+  if (!fs.existsSync(gitignorePath)) {
+    return [];
+  }
+  const content = fs.readFileSync(gitignorePath, "utf-8");
+  const securityRelated = [];
+  for (const line of content.split("\n")) {
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith("#")) continue;
+    if (isSecurityPattern(trimmed)) {
+      securityRelated.push(trimmed);
+    }
+  }
+  return securityRelated;
+}
+function isSecurityPattern(pattern) {
+  const securityKeywords = [
+    ".env",
+    ".pem",
+    ".key",
+    ".p12",
+    ".pfx",
+    ".jks",
+    "secret",
+    "credential",
+    "token",
+    "password",
+    ".ssh",
+    ".aws",
+    ".gcp",
+    ".azure",
+    "id_rsa",
+    "id_ed25519",
+    "id_ecdsa",
+    "vault",
+    "master.key",
+    ".keystore"
+  ];
+  const lower = pattern.toLowerCase();
+  return securityKeywords.some((kw) => lower.includes(kw));
+}
+
+// src/scanners/tool-detector.ts
+import fs2 from "fs";
+import path2 from "path";
+var TOOL_SIGNALS = {
+  cursor: {
+    name: "Cursor",
+    paths: [".cursor/", ".cursorignore", ".cursorrules"]
+  },
+  claudeCode: {
+    name: "Claude Code",
+    paths: [".claude/", ".claude/settings.json", "CLAUDE.md"]
+  },
+  copilot: {
+    name: "GitHub Copilot",
+    paths: [".github/copilot-instructions.md"]
+  },
+  geminiCli: {
+    name: "Gemini CLI",
+    paths: [".geminiignore", ".gemini/"]
+  },
+  jetbrains: {
+    name: "JetBrains AI",
+    paths: [".idea/", ".aiignore", ".aiexclude"]
+  },
+  windsurf: {
+    name: "Windsurf/Codeium",
+    paths: [".codeiumignore", ".windsurf/"]
+  }
+};
+function detectTools(projectDir) {
+  const results = [];
+  for (const [id, config] of Object.entries(TOOL_SIGNALS)) {
+    const foundSignals = [];
+    for (const signalPath of config.paths) {
+      const fullPath = path2.join(projectDir, signalPath);
+      if (fs2.existsSync(fullPath)) {
+        foundSignals.push(signalPath);
+      }
+    }
+    results.push({
+      name: config.name,
+      id,
+      detected: foundSignals.length > 0,
+      signals: foundSignals
+    });
+  }
+  return results;
+}
+var ALL_TOOL_IDS = Object.keys(TOOL_SIGNALS);
+
+// src/generators/cursorignore.ts
+import fs3 from "fs";
+import path3 from "path";
+function generateCursorignore(projectDir, patterns, mode) {
+  const filePath = path3.join(projectDir, ".cursorignore");
+  const exists = fs3.existsSync(filePath);
+  if (exists && mode === "default") {
+    return skipResult("cursor", "Cursor", ".cursorignore");
+  }
+  if (exists && mode === "append") {
+    const added = appendPatterns(filePath, patterns);
+    return {
+      toolId: "cursor",
+      toolName: "Cursor",
+      filePath: ".cursorignore",
+      created: added > 0,
+      skipped: added === 0,
+      message: added > 0 ? `${added} pattern(s) added` : "No new patterns to add"
+    };
+  }
+  const content = buildIgnoreFile("Cursor", ".cursorignore", patterns, [
+    'NOTE: Cursor treats .cursorignore as "best-effort" \u2014 not guaranteed.',
+    "CVE-2025-59944: case-sensitivity bypass known.",
+    "CVE-2025-64110: agent rewrite bypass known."
+  ]);
+  fs3.writeFileSync(filePath, content, "utf-8");
+  return {
+    toolId: "cursor",
+    toolName: "Cursor",
+    filePath: ".cursorignore",
+    created: true,
+    skipped: false,
+    message: '"best-effort" \u2014 not guaranteed'
+  };
+}
+function buildIgnoreFile(toolName, fileName, patterns, warnings = []) {
+  const lines = [
+    `# ${fileName}`,
+    `# Generated by aiignore \u2014 https://github.com/yjcho9317/aiignore`,
+    `# Protects sensitive files from ${toolName}`,
+    "#"
+  ];
+  if (warnings.length > 0) {
+    for (const warn of warnings) {
+      lines.push(`# WARNING: ${warn}`);
+    }
+    lines.push("#");
+  }
+  lines.push("");
+  lines.push("# Secrets & Environment");
+  lines.push(...patterns.filter((p) => p.includes(".env") || p.includes("secret") || p.includes("credential") || p.includes("token")));
+  lines.push("");
+  lines.push("# Keys & Certificates");
+  lines.push(...patterns.filter(
+    (p) => p.includes(".pem") || p.includes(".key") || p.includes(".p12") || p.includes(".pfx") || p.includes(".jks") || p.includes(".keystore") || p.includes(".crt") || p.includes(".cer") || p.includes(".ca-bundle")
+  ));
+  lines.push("");
+  lines.push("# SSH");
+  lines.push(...patterns.filter(
+    (p) => p.includes("ssh") || p.includes("id_rsa") || p.includes("id_ed25519") || p.includes("id_ecdsa") || p.includes("known_hosts")
+  ));
+  lines.push("");
+  lines.push("# Cloud Providers");
+  lines.push(...patterns.filter(
+    (p) => p.includes(".aws") || p.includes(".gcp") || p.includes(".azure") || p.includes("gcloud")
+  ));
+  lines.push("");
+  lines.push("# Application Secrets & Database");
+  lines.push(...patterns.filter(
+    (p) => p.includes("vault") || p.includes("master.key") || p.includes(".secret") || p.includes(".sqlite") || p.includes(".db") || p.includes("dump.sql") || p.includes(".dump") || p.includes("secrets.yml")
+  ));
+  lines.push("");
+  return lines.join("\n");
+}
+function appendPatterns(filePath, patterns) {
+  const existing = fs3.readFileSync(filePath, "utf-8");
+  const newPatterns = patterns.filter((p) => !existing.includes(p));
+  if (newPatterns.length === 0) return 0;
+  const addition = "\n# Added by aiignore\n" + newPatterns.join("\n") + "\n";
+  fs3.appendFileSync(filePath, addition, "utf-8");
+  return newPatterns.length;
+}
+function skipResult(toolId, toolName, filePath) {
+  return {
+    toolId,
+    toolName,
+    filePath,
+    created: false,
+    skipped: true,
+    message: "Already exists (use --force to overwrite or --append to add patterns)"
+  };
+}
+
+// src/generators/claude-settings.ts
+import fs4 from "fs";
+import path4 from "path";
+
+// src/utils/logger.ts
+import chalk from "chalk";
+var logger = {
+  info(msg) {
+    console.log(chalk.blue("i"), msg);
+  },
+  success(msg) {
+    console.log(chalk.green("+"), msg);
+  },
+  warn(msg) {
+    console.log(chalk.yellow("!"), msg);
+  },
+  error(msg) {
+    console.log(chalk.red("x"), msg);
+  },
+  dim(msg) {
+    console.log(chalk.dim(msg));
+  },
+  heading(msg) {
+    console.log();
+    console.log(chalk.bold(msg));
+  }
+};
+
+// src/generators/claude-settings.ts
+function generateClaudeSettings(projectDir, patterns, mode) {
+  const settingsDir = path4.join(projectDir, ".claude");
+  const settingsPath = path4.join(settingsDir, "settings.json");
+  let existing = {};
+  if (fs4.existsSync(settingsPath)) {
+    try {
+      existing = JSON.parse(fs4.readFileSync(settingsPath, "utf-8"));
+    } catch {
+      logger.warn("Existing .claude/settings.json has invalid JSON \u2014 creating new");
+    }
+  }
+  const existingPerms = existing.permissions ?? {};
+  const existingDeny = existingPerms.deny ?? [];
+  const aiignorePatterns = new Set(patterns.map((p) => `Read(${p})`));
+  const userDeny = mode === "force" ? existingDeny.filter((d) => !isAiignorePattern(d)) : existingDeny;
+  const newDeny = [.../* @__PURE__ */ new Set([
+    ...userDeny,
+    ...aiignorePatterns
+  ])];
+  if (mode === "append" && newDeny.length === existingDeny.length) {
+    return {
+      toolId: "claudeCode",
+      toolName: "Claude Code",
+      filePath: ".claude/settings.json",
+      created: false,
+      skipped: true,
+      message: "No new patterns to add"
+    };
+  }
+  const merged = {
+    ...existing,
+    permissions: {
+      ...existingPerms,
+      deny: newDeny
+    }
+  };
+  if (!fs4.existsSync(settingsDir)) {
+    fs4.mkdirSync(settingsDir, { recursive: true });
+  }
+  fs4.writeFileSync(settingsPath, JSON.stringify(merged, null, 2) + "\n", "utf-8");
+  return {
+    toolId: "claudeCode",
+    toolName: "Claude Code",
+    filePath: ".claude/settings.json",
+    created: true,
+    skipped: false,
+    message: "Deny patterns added \u2014 hooks recommended for stronger protection"
+  };
+}
+function isAiignorePattern(pattern) {
+  return pattern.startsWith("Read(") || pattern.startsWith("Bash(cat:") || pattern.startsWith("Bash(cat ");
+}
+
+// src/generators/copilot-guide.ts
+import fs5 from "fs";
+import path5 from "path";
+var GUIDE_CONTENT = `# Copilot Security Guide
+
+> Generated by [aiignore](https://github.com/yjcho9317/aiignore)
+
+## No File-Level Protection Available
+
+GitHub Copilot does **not** have a \`.copilotignore\` file or any file-level
+ignore mechanism for individual developers.
+
+### What exists (but doesn't help individual devs):
+
+- **Content Exclusion**: Organization/Enterprise only setting
+  - Configured by org admins in GitHub Settings
+  - Not available for personal accounts or free plans
+  - Does NOT work in Agent mode, Edit mode, or Copilot CLI
+
+### Recommended alternatives:
+
+1. **Keep secrets outside your project directory**
+   - Use environment variables from your shell profile
+   - Use a secrets manager (1Password CLI, Vault, etc.)
+
+2. **Use .gitignore** (partial protection)
+   - Copilot may still read gitignored files for context
+   - But it reduces the chance of secrets in suggestions
+
+3. **If you have Business/Enterprise plan**:
+   - Ask your org admin to configure Content Exclusion
+   - Settings -> Copilot -> Content exclusion -> Add paths
+
+### References:
+- [GitHub Docs: Content Exclusion](https://docs.github.com/en/copilot/managing-copilot/configuring-content-exclusions)
+`;
+function generateCopilotGuide(projectDir, _patterns, mode) {
+  const dirPath = path5.join(projectDir, ".github");
+  const filePath = path5.join(dirPath, "copilot-security-guide.md");
+  if (fs5.existsSync(filePath) && mode !== "force") {
+    return {
+      toolId: "copilot",
+      toolName: "GitHub Copilot",
+      filePath: ".github/copilot-security-guide.md",
+      created: false,
+      skipped: true,
+      message: "Already exists (use --force to overwrite)"
+    };
+  }
+  if (!fs5.existsSync(dirPath)) {
+    fs5.mkdirSync(dirPath, { recursive: true });
+  }
+  fs5.writeFileSync(filePath, GUIDE_CONTENT, "utf-8");
+  return {
+    toolId: "copilot",
+    toolName: "GitHub Copilot",
+    filePath: ".github/copilot-security-guide.md",
+    created: true,
+    skipped: false,
+    message: "No file-level protection \u2014 guide created instead"
+  };
+}
+
+// src/generators/geminiignore.ts
+import fs6 from "fs";
+import path6 from "path";
+function generateGeminiignore(projectDir, patterns, mode) {
+  const filePath = path6.join(projectDir, ".geminiignore");
+  const exists = fs6.existsSync(filePath);
+  if (exists && mode === "default") {
+    return skipResult("geminiCli", "Gemini CLI", ".geminiignore");
+  }
+  if (exists && mode === "append") {
+    const added = appendPatterns(filePath, patterns);
+    return {
+      toolId: "geminiCli",
+      toolName: "Gemini CLI",
+      filePath: ".geminiignore",
+      created: added > 0,
+      skipped: added === 0,
+      message: added > 0 ? `${added} pattern(s) added` : "No new patterns to add"
+    };
+  }
+  const content = buildIgnoreFile("Gemini CLI", ".geminiignore", patterns, [
+    "NOTE: Negation patterns (!) are broken in Gemini CLI.",
+    "list_dir may ignore .geminiignore in Antigravity mode."
+  ]);
+  fs6.writeFileSync(filePath, content, "utf-8");
+  return {
+    toolId: "geminiCli",
+    toolName: "Gemini CLI",
+    filePath: ".geminiignore",
+    created: true,
+    skipped: false,
+    message: "Negation patterns broken"
+  };
+}
+
+// src/generators/codeiumignore.ts
+import fs7 from "fs";
+import path7 from "path";
+function generateCodeiumignore(projectDir, patterns, mode) {
+  const filePath = path7.join(projectDir, ".codeiumignore");
+  const exists = fs7.existsSync(filePath);
+  if (exists && mode === "default") {
+    return skipResult("windsurf", "Windsurf/Codeium", ".codeiumignore");
+  }
+  if (exists && mode === "append") {
+    const added = appendPatterns(filePath, patterns);
+    return {
+      toolId: "windsurf",
+      toolName: "Windsurf/Codeium",
+      filePath: ".codeiumignore",
+      created: added > 0,
+      skipped: added === 0,
+      message: added > 0 ? `${added} pattern(s) added` : "No new patterns to add"
+    };
+  }
+  const content = buildIgnoreFile("Windsurf/Codeium", ".codeiumignore", patterns, [
+    "NOTE: Negation (!) cannot override .gitignore exclusions (Issue #133).",
+    "Still uses .codeiumignore (not .windsurfignore)."
+  ]);
+  fs7.writeFileSync(filePath, content, "utf-8");
+  return {
+    toolId: "windsurf",
+    toolName: "Windsurf/Codeium",
+    filePath: ".codeiumignore",
+    created: true,
+    skipped: false,
+    message: "Negation cannot override .gitignore"
+  };
+}
+
+// src/generators/aiignore-jb.ts
+import fs8 from "fs";
+import path8 from "path";
+function generateAiignoreJB(projectDir, patterns, mode) {
+  const filePath = path8.join(projectDir, ".aiignore");
+  const exists = fs8.existsSync(filePath);
+  if (exists && mode === "default") {
+    return skipResult("jetbrains", "JetBrains AI", ".aiignore");
+  }
+  if (exists && mode === "append") {
+    const added = appendPatterns(filePath, patterns);
+    return {
+      toolId: "jetbrains",
+      toolName: "JetBrains AI",
+      filePath: ".aiignore",
+      created: added > 0,
+      skipped: added === 0,
+      message: added > 0 ? `${added} pattern(s) added` : "No new patterns to add"
+    };
+  }
+  const content = buildIgnoreFile("JetBrains AI", ".aiignore", patterns, [
+    "JetBrains native format. Also supports .aiexclude for compatibility."
+  ]);
+  fs8.writeFileSync(filePath, content, "utf-8");
+  return {
+    toolId: "jetbrains",
+    toolName: "JetBrains AI",
+    filePath: ".aiignore",
+    created: true,
+    skipped: false,
+    message: "Most reliable ignore mechanism"
+  };
+}
+
+// src/generators/index.ts
+var generators = {
+  cursor: generateCursorignore,
+  claudeCode: generateClaudeSettings,
+  copilot: generateCopilotGuide,
+  geminiCli: generateGeminiignore,
+  jetbrains: generateAiignoreJB,
+  windsurf: generateCodeiumignore
+};
+function runGenerators(projectDir, patterns, toolIds, mode) {
+  const results = [];
+  for (const toolId of toolIds) {
+    const generator = generators[toolId];
+    if (generator) {
+      results.push(generator(projectDir, patterns, mode));
+    }
+  }
+  return results;
+}
+
+// src/data/tool-status.ts
+var TOOL_STATUS = {
+  cursor: {
+    tool: "Cursor",
+    ignoreFile: ".cursorignore",
+    reliability: "low",
+    knownLimitations: [
+      '"best-effort" \u2014 not guaranteed (official docs)',
+      "CVE-2025-59944: case-sensitivity bypass",
+      "CVE-2025-64110: agent rewrite bypass",
+      "Agent mode can bypass via terminal commands",
+      "@file reference ignores .cursorignore (user can attach protected files)"
+    ],
+    recommendedApproach: ".cursorignore file with gitignore syntax",
+    source: "https://docs.cursor.com/context/ignore-files"
+  },
+  claudeCode: {
+    tool: "Claude Code",
+    ignoreFile: ".claude/settings.json",
+    reliability: "medium",
+    knownLimitations: [
+      "permissions.deny has enforcement bugs (#6699, #6631, #8961)",
+      "Read() deny also blocks Bash cat (tested) \u2014 separate Bash deny not needed",
+      ".claudeignore exists but only blocks Read tool"
+    ],
+    recommendedApproach: "settings.json deny patterns + PreToolUse hooks",
+    source: "https://code.claude.com/docs/en/settings"
+  },
+  copilot: {
+    tool: "GitHub Copilot",
+    ignoreFile: "none",
+    reliability: "none",
+    knownLimitations: [
+      ".copilotignore does NOT exist",
+      "Content Exclusion is Business/Enterprise only",
+      "Not supported in Agent, Edit, or CLI modes",
+      "Individual developers have NO file-level protection"
+    ],
+    recommendedApproach: "No file-level protection available for individual developers",
+    source: "https://docs.github.com/en/copilot/managing-copilot/configuring-content-exclusions"
+  },
+  geminiCli: {
+    tool: "Gemini CLI",
+    ignoreFile: ".geminiignore",
+    reliability: "low",
+    knownLimitations: [
+      "Negation patterns (!) are broken",
+      "list_dir ignores .geminiignore in Antigravity mode",
+      ".aiignore/.aiexclude NOT supported (only Gemini Code Assist IDE)",
+      "Gemini CLI self-blocks .env, .pem, .env.local regardless of .geminiignore (built-in policy)"
+    ],
+    recommendedApproach: ".geminiignore file with gitignore syntax (avoid negation)",
+    source: "https://github.com/google-gemini/gemini-cli"
+  },
+  jetbrains: {
+    tool: "JetBrains AI",
+    ignoreFile: ".aiignore",
+    reliability: "high",
+    knownLimitations: [
+      "Not 100% guaranteed (YouTrack LLM-17544)",
+      "Claude Agent inside JetBrains may ignore .aiignore (LLM-20693)",
+      "Sensitive-looking content (.env, .pem) may show REDACT instead of full block (AI policy overlap)"
+    ],
+    recommendedApproach: ".aiignore file (native) with gitignore syntax",
+    source: "https://www.jetbrains.com/help/ai-assistant/disable-ai-assistant.html"
+  },
+  windsurf: {
+    tool: "Windsurf/Codeium",
+    ignoreFile: ".codeiumignore",
+    reliability: "medium",
+    knownLimitations: [
+      "Negation (!) cannot override .gitignore exclusions (Issue #133)",
+      '"Allow Cascade to access .gitignore files" toggle does not work (Issue #225)',
+      "Autocomplete blocking is indirect (via indexing), not explicitly documented",
+      "Still uses .codeiumignore (not .windsurfignore)"
+    ],
+    recommendedApproach: ".codeiumignore file with gitignore syntax (avoid negation)",
+    source: "https://docs.windsurf.com/context-awareness/windsurf-ignore"
+  }
+};
+
+// src/utils/aliases.ts
+var TOOL_ALIASES = {
+  cursor: "cursor",
+  claude: "claudeCode",
+  "claude-code": "claudeCode",
+  claudecode: "claudeCode",
+  copilot: "copilot",
+  gemini: "geminiCli",
+  "gemini-cli": "geminiCli",
+  jetbrains: "jetbrains",
+  jb: "jetbrains",
+  windsurf: "windsurf",
+  codeium: "windsurf"
+};
+function resolveToolId(input) {
+  return TOOL_ALIASES[input.toLowerCase()];
+}
+function resolveToolIds(input) {
+  const parts = input.split(",").map((s) => s.trim()).filter(Boolean);
+  const ids = [];
+  const invalid = [];
+  for (const part of parts) {
+    const resolved = resolveToolId(part);
+    if (resolved) {
+      ids.push(resolved);
+    } else {
+      invalid.push(part);
+    }
+  }
+  return { ids: [...new Set(ids)], invalid };
+}
+
+// src/commands/init.ts
+async function initCommand(options) {
+  const projectDir = process.cwd();
+  const log = options.quiet ? { dim: noop, info: noop, warn: noop, success: noop, heading: noop } : logger;
+  const spinner = options.quiet ? null : ora("Scanning project for sensitive files...").start();
+  const scanResult = await scanForSecrets(projectDir);
+  spinner?.succeed(
+    `Found ${scanResult.foundFiles.length} sensitive file(s), ${scanResult.patterns.length} patterns`
+  );
+  if (scanResult.foundFiles.length > 0 && !options.quiet) {
+    logger.dim("  Found: " + scanResult.foundFiles.slice(0, 5).join(", ") + (scanResult.foundFiles.length > 5 ? ` (+${scanResult.foundFiles.length - 5} more)` : ""));
+  }
+  const spinnerTools = options.quiet ? null : ora("Detecting AI coding tools...").start();
+  const detectedTools = detectTools(projectDir);
+  const activeTools = detectedTools.filter((t) => t.detected);
+  if (options.all) {
+    spinnerTools?.succeed(`Using all ${ALL_TOOL_IDS.length} supported tools`);
+  } else if (options.only) {
+    const { ids, invalid } = resolveToolIds(options.only);
+    if (invalid.length > 0) {
+      spinnerTools?.fail(`Unknown tool(s): ${invalid.join(", ")}`);
+      logger.info("Run `aiignore list` to see available tools.");
+      process.exit(1);
+    }
+    spinnerTools?.succeed(`Targeting: ${ids.length} tool(s)`);
+  } else if (activeTools.length > 0) {
+    spinnerTools?.succeed(
+      `Detected ${activeTools.length} tool(s): ${activeTools.map((t) => t.name).join(", ")}`
+    );
+  } else {
+    spinnerTools?.warn("No AI tools detected");
+    log.info("Use --all to generate for all tools, or --only to pick specific ones.");
+    log.info("Run `aiignore list` to see available tools.");
+    return;
+  }
+  let targetToolIds;
+  if (options.all) {
+    targetToolIds = ALL_TOOL_IDS;
+  } else if (options.only) {
+    targetToolIds = resolveToolIds(options.only).ids;
+  } else {
+    targetToolIds = activeTools.map((t) => t.id);
+  }
+  if (options.dryRun) {
+    log.heading("Dry run \u2014 files that would be created:");
+    for (const toolId of targetToolIds) {
+      const status = TOOL_STATUS[toolId];
+      if (status) {
+        console.log(`  ${status.ignoreFile === "none" ? "  guide" : "  " + status.ignoreFile} (${status.tool})`);
+      }
+    }
+    console.log();
+    log.info("Run without --dry-run to create files.");
+    return;
+  }
+  const mode = options.force ? "force" : options.append ? "append" : "default";
+  log.heading("Generating ignore files...");
+  const results = runGenerators(projectDir, scanResult.patterns, targetToolIds, mode);
+  if (!options.quiet) {
+    console.log();
+    for (const result of results) {
+      if (result.skipped) {
+        logger.dim(`  skip ${result.filePath} \u2014 ${result.message}`);
+      } else if (result.created) {
+        console.log(`    ${chalk2.green("+")} ${chalk2.bold(result.filePath)} ${chalk2.dim(`(${result.toolName})`)}`);
+        if (result.message) {
+          logger.dim(`     ${result.message}`);
+        }
+      }
+    }
+  }
+  const created = results.filter((r) => r.created).length;
+  const skipped = results.filter((r) => r.skipped).length;
+  if (!options.quiet) {
+    console.log();
+    logger.success(`${created} file(s) created${skipped > 0 ? `, ${skipped} skipped` : ""}`);
+  }
+  if (targetToolIds.includes("claudeCode") && !options.quiet) {
+    console.log();
+    logger.warn("Claude Code: Read() deny blocks Bash cat too, but permissions.deny has known bugs");
+    logger.info("For stronger protection, set up PreToolUse hooks:");
+    logger.dim("  -> https://code.claude.com/docs/en/hooks");
+  }
+  if (targetToolIds.includes("copilot") && !options.quiet) {
+    console.log();
+    logger.warn("Copilot: No file-level protection for individual developers");
+    logger.info("See .github/copilot-security-guide.md for alternatives");
+  }
+}
+function noop(_msg) {
+}
+
+// src/commands/verify.ts
+import chalk3 from "chalk";
+import fs9 from "fs";
+import path9 from "path";
+var REQUIRED_PATTERNS = [".env", "*.pem", "*.key", "credentials.json"];
+async function verifyCommand(options) {
+  const projectDir = process.cwd();
+  const detectedTools = detectTools(projectDir);
+  const results = [];
+  for (const tool of detectedTools) {
+    if (!tool.detected) continue;
+    const status = TOOL_STATUS[tool.id];
+    if (!status) continue;
+    const ignoreExists = checkIgnoreExists(projectDir, tool.id, status.ignoreFile);
+    const missingPatterns = ignoreExists ? checkMissingPatterns(projectDir, tool.id, status.ignoreFile) : [];
+    let protectionStatus;
+    if (status.reliability === "none" || !ignoreExists) {
+      protectionStatus = "none";
+    } else if (status.reliability === "high") {
+      protectionStatus = "best-effort";
+    } else {
+      protectionStatus = "unreliable";
+    }
+    results.push({
+      tool: status.tool,
+      status: protectionStatus,
+      reliability: status.reliability,
+      ignoreFile: status.ignoreFile,
+      exists: ignoreExists,
+      missingPatterns,
+      limitations: status.knownLimitations
+    });
+  }
+  if (options.json) {
+    console.log(JSON.stringify(results, null, 2));
+    return;
+  }
+  if (results.length === 0) {
+    logger.warn("No AI tools detected in this project.");
+    logger.info("Run `aiignore init --all` to generate ignore files for all tools.");
+    return;
+  }
+  logger.heading("AI Tool Protection Status");
+  console.log();
+  const statusLabel = (s) => {
+    switch (s) {
+      case "best-effort":
+        return chalk3.green("[ok] Best-effort");
+      case "unreliable":
+        return chalk3.yellow("[!] Unreliable");
+      case "none":
+        return chalk3.red("[x] None");
+      default:
+        return s;
+    }
+  };
+  for (const r of results) {
+    console.log(`  ${chalk3.bold(r.tool.padEnd(20))} ${statusLabel(r.status)}`);
+    if (r.exists) {
+      logger.dim(`    File: ${r.ignoreFile}`);
+    } else if (r.ignoreFile !== "none") {
+      logger.dim(`    Missing: ${r.ignoreFile}`);
+    }
+    if (r.missingPatterns.length > 0) {
+      logger.warn(`    Missing patterns: ${r.missingPatterns.join(", ")}`);
+    }
+    if (r.limitations.length > 0 && !options.ci) {
+      logger.dim(`    Limitation: ${r.limitations[0]}`);
+    }
+  }
+  const bestEffortCount = results.filter((r) => r.status === "best-effort").length;
+  const unreliableCount = results.filter((r) => r.status === "unreliable").length;
+  const noneCount = results.filter((r) => r.status === "none").length;
+  console.log();
+  logger.info(
+    `Coverage: ${bestEffortCount} best-effort | ${unreliableCount} unreliable | ${noneCount} none`
+  );
+  if (noneCount > 0 || unreliableCount > 0) {
+    console.log();
+    logger.info("Run `aiignore init` to improve protection.");
+  }
+  if (options.ci && noneCount > 0) {
+    process.exit(1);
+  }
+  if (options.strict && (noneCount > 0 || unreliableCount > 0)) {
+    process.exit(1);
+  }
+}
+function checkIgnoreExists(projectDir, toolId, ignoreFile) {
+  if (ignoreFile === "none") return false;
+  const filePath = path9.join(projectDir, ignoreFile);
+  if (fs9.existsSync(filePath)) return true;
+  if (toolId === "claudeCode") {
+    const settingsPath = path9.join(projectDir, ".claude", "settings.json");
+    if (fs9.existsSync(settingsPath)) {
+      try {
+        const settings = JSON.parse(fs9.readFileSync(settingsPath, "utf-8"));
+        const deny = settings?.permissions?.deny;
+        return Array.isArray(deny) && deny.some((d) => d.startsWith("Read("));
+      } catch {
+        return false;
+      }
+    }
+  }
+  return false;
+}
+function checkMissingPatterns(projectDir, toolId, ignoreFile) {
+  if (toolId === "claudeCode") {
+    return checkClaudePatterns(projectDir);
+  }
+  const filePath = path9.join(projectDir, ignoreFile);
+  if (!fs9.existsSync(filePath)) return REQUIRED_PATTERNS;
+  const content = fs9.readFileSync(filePath, "utf-8");
+  return REQUIRED_PATTERNS.filter((p) => !content.includes(p));
+}
+function checkClaudePatterns(projectDir) {
+  const settingsPath = path9.join(projectDir, ".claude", "settings.json");
+  if (!fs9.existsSync(settingsPath)) return REQUIRED_PATTERNS;
+  try {
+    const settings = JSON.parse(fs9.readFileSync(settingsPath, "utf-8"));
+    const deny = settings?.permissions?.deny ?? [];
+    return REQUIRED_PATTERNS.filter((p) => !deny.some((d) => d.includes(p)));
+  } catch {
+    return REQUIRED_PATTERNS;
+  }
+}
+
+// src/commands/list.ts
+import chalk4 from "chalk";
+function listCommand() {
+  console.log();
+  console.log(chalk4.bold("Supported tools:"));
+  console.log();
+  for (const [id, status] of Object.entries(TOOL_STATUS)) {
+    const reliability = formatReliability(status.reliability);
+    const file = status.ignoreFile === "none" ? chalk4.dim("(no ignore file)") : status.ignoreFile;
+    console.log(`  ${chalk4.bold(status.tool.padEnd(20))} ${file.toString().padEnd(30)} ${reliability}`);
+  }
+  console.log();
+  console.log(chalk4.bold("Aliases for --only:"));
+  console.log();
+  const grouped = {};
+  for (const [alias, toolId] of Object.entries(TOOL_ALIASES)) {
+    if (!grouped[toolId]) grouped[toolId] = [];
+    grouped[toolId].push(alias);
+  }
+  for (const [toolId, aliases] of Object.entries(grouped)) {
+    const status = TOOL_STATUS[toolId];
+    if (status) {
+      console.log(`  ${aliases.join(", ").padEnd(35)} ${chalk4.dim(status.tool)}`);
+    }
+  }
+  console.log();
+}
+function formatReliability(level) {
+  switch (level) {
+    case "high":
+      return chalk4.green(level);
+    case "medium":
+      return chalk4.yellow(level);
+    case "low":
+      return chalk4.red(level);
+    case "none":
+      return chalk4.dim(level);
+    default:
+      return level;
+  }
+}
+
+// src/index.ts
+var program = new Command();
+program.name("aiignore").description("Protect your secrets from AI coding tools").version("1.0.0");
+program.command("init", { isDefault: true }).description("Generate ignore files for detected AI coding tools").option("--all", "Generate for all supported tools (skip detection)").option("--only <tools>", "Generate for specific tools (comma-separated)").option("--append", "Add missing patterns to existing files instead of skipping").option("--dry-run", "Preview what would be created without writing files").option("--force", "Overwrite existing ignore files").option("-q, --quiet", "Suppress non-essential output").action(initCommand);
+program.command("verify").description("Check protection status for detected AI tools").option("--ci", "CI mode: exit code 1 if unprotected").option("--strict", "Strict mode: exit code 1 if any tool is unreliable or unprotected").option("--json", "Output results as JSON").option("-q, --quiet", "Suppress non-essential output").action(verifyCommand);
+program.command("list").description("Show all supported AI tools and aliases").action(listCommand);
+program.parse();

package/package.json

@@ -0,0 +1,59 @@
+{
+  "name": "aiignore-cli",
+  "version": "1.0.0",
+  "description": "One command to protect your secrets from all AI coding tools",
+  "type": "module",
+  "main": "dist/index.js",
+  "bin": {
+    "aiignore": "dist/index.js"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "lint": "tsc --noEmit"
+  },
+  "keywords": [
+    "ai",
+    "ignore",
+    "security",
+    "secrets",
+    "ai-security",
+    "ai-ignore",
+    "cursor",
+    "cursorignore",
+    "cursor-ignore",
+    "claude-code",
+    "claude-ignore",
+    "copilot",
+    "gemini",
+    "geminiignore",
+    "windsurf",
+    "codeium",
+    "codeiumignore",
+    "jetbrains",
+    "aiignore",
+    "dotfiles"
+  ],
+  "author": "yjcho9317",
+  "license": "Apache-2.0",
+  "engines": {
+    "node": ">=18"
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "chalk": "^5.6.2",
+    "commander": "^14.0.3",
+    "fast-glob": "^3.3.3",
+    "ora": "^9.3.0"
+  },
+  "devDependencies": {
+    "@types/node": "^25.5.0",
+    "tsup": "^8.5.1",
+    "typescript": "^5.9.3",
+    "vitest": "^3.2.4"
+  }
+}