cc-safe-setup 10.8.0 → 11.0.0

package/.claude/session-snapshot.md

@@ -1,5 +1,5 @@
 # Session Snapshot (auto-generated)
-Updated: 2026-03-24T19:01:52+09:00
+Updated: 2026-03-24T20:43:46+09:00
 
 ## Git
 - Branch: `main`
@@ -7,19 +7,19 @@ Updated: 2026-03-24T19:01:52+09:00
 ```
  M .claude/session-snapshot.md
 ```
-- Last commit: 0696585 checkpoint: auto-save 19:01:50
+- Last commit: 5711024 checkpoint: auto-save 20:43:45
 
 ## Recent Files
 ```
 ./.claude/session-snapshot.md
 ./test.sh
-./CHANGELOG.md
-./examples/debug-leftover-guard.sh
-./examples/ci-skip-guard.sh
 ./README.md
-./examples/rust/destructive_guard.rs
-./examples/package-script-guard.sh
-./examples/env-drift-guard.sh
-./examples/import-cycle-warn.sh
+./examples/typosquat-guard.sh
+./examples/typescript-strict-guard.sh
+./examples/git-author-guard.sh
+./examples/permission-cache.sh
+./CHANGELOG.md
+./examples/stale-env-guard.sh
+./examples/test-coverage-guard.sh
 ```
 

package/README.md

@@ -6,7 +6,7 @@
 
 **One command to make Claude Code safe for autonomous operation.** [日本語](docs/README.ja.md)
 
-8 built-in + 104 examples = **118 hooks**. 38 CLI commands. 531 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
+8 built-in + 104 examples = **118 hooks**. 40 CLI commands. 544 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
 
 ```bash
 npx cc-safe-setup

package/cc-safe-setup-export.json

@@ -1,7 +1,7 @@
 {
   "version": "1.0",
   "generator": "cc-safe-setup",
-  "exported_at": "2026-03-24T10:02:00.912Z",
+  "exported_at": "2026-03-24T11:43:55.322Z",
   "hooks": {
     "UserPromptSubmit": [
       {
@@ -179,6 +179,10 @@
           {
             "type": "command",
             "command": "bash /home/namakusa/.claude/hooks/tweet-guard.sh"
+          },
+          {
+            "type": "command",
+            "command": "bash /home/namakusa/.claude/hooks/guard-database.sh"
           }
         ]
       },
@@ -301,6 +305,7 @@
     "~/.claude/hooks/stop-tachikoma-loop.sh": "#!/bin/bash\n# ================================================================\n# stop-tachikoma-loop.sh\n# ----------------------------------------------------------------\n# 目的:     CC最終発言を /tmp/cc-last-message.txt に書き出し、\n#           tachikoma-loopへ引き継ぐ\n# 発火条件: Stop（セッション終了時）\n# 副作用:   /tmp/cc-last-message.txt 作成・上書き\n#           /tmp/stop-hook-debug.log に追記\n# ================================================================\n\nTIMESTAMP=$(date '+%Y-%m-%d %H:%M:%S')\nHANDOFF_FILE=\"/tmp/cc-last-message.txt\"\nDEBUG_LOG=\"/tmp/stop-hook-debug.log\"\n\n# === stdinからJSON読み取り ===\nSTDIN_TMP=\"/tmp/stop-hook-stdin-$$.json\"\ncat > \"$STDIN_TMP\"\n\nTRANSCRIPT_PATH=\"\"\nif [ -s \"$STDIN_TMP\" ]; then\n    TRANSCRIPT_PATH=$(python3 -c \"\nimport json\nwith open('$STDIN_TMP') as f:\n    data = json.load(f)\nprint(data.get('transcript_path', ''))\n\" 2>/dev/null)\nfi\n\n# === CCの最終発言を取得 ===\nMSG=\"\"\nif [ -n \"$TRANSCRIPT_PATH\" ] && [ -f \"$TRANSCRIPT_PATH\" ]; then\n    MSG=$(python3 -c \"\nimport json, subprocess\nresult = subprocess.run(['tail', '-100', '$TRANSCRIPT_PATH'], capture_output=True, text=True)\nlast_msg = ''\nfor line in result.stdout.strip().split('\\n'):\n    line = line.strip()\n    if not line: continue\n    try:\n        obj = json.loads(line)\n        if obj.get('type') == 'assistant':\n            content = obj.get('message', {}).get('content', '')\n            if isinstance(content, list):\n                texts = [c.get('text','') for c in content if c.get('type') == 'text' and c.get('text')]\n                if texts:\n                    last_msg = ' '.join(texts)\n            elif isinstance(content, str) and content:\n                last_msg = content\n    except:\n        pass\nprint(last_msg[-500:] if last_msg else '')\n\" 2>/dev/null)\nfi\n\nrm -f \"$STDIN_TMP\"\n\nif [ -z \"$MSG\" ]; then\n    MSG=\"（transcript読み取り失敗）\"\nfi\n\n# === 引き継ぎファイル書き出し ===\ncat > \"$HANDOFF_FILE\" << EOF\ntimestamp: $TIMESTAMP\ntranscript: ${TRANSCRIPT_PATH:-unknown}\nlast_message: |\n$(echo \"$MSG\" | sed 's/^/  /')\nEOF\n\necho \"[$TIMESTAMP] $(echo \"$MSG\" | head -c 100)\" >> \"$DEBUG_LOG\"\n\necho \"tachikoma-loopが次のセッションを起動します。\"\nexit 0\n",
     "~/.claude/hooks/task-complete-nudge.sh": "#!/bin/bash\n# task-complete-nudge.sh — タスク完了時に次のアクションを促す\n# なぜ: CCがタスク完了後にidleになる問題を防止（2026-02-18 ぐらす指摘）\n# 改修 (2026-02-28): task-checkを自動実行。「思いつきで次に飛びつく」防止\n# トリガー: TaskCompleted イベント\n\necho \"⚡ タスク完了。止まるな。次を確認して動け:\"\necho \"\"\n\n# task-checkを自動実行（今日の投稿候補 + mission.md最重要タスクを表示）\nif command -v task-check &>/dev/null; then\n    task-check\nelif [ -x \"$HOME/bin/task-check\" ]; then\n    \"$HOME/bin/task-check\"\nfi\n\necho \"\"\necho \"↑ 上記リストから次タスクを選んで即座に実行。idle禁止。\"\n",
     "~/.claude/hooks/tweet-guard.sh": "#!/bin/bash\n# ================================================================\n# tweet-guard.sh\n# ----------------------------------------------------------------\n# 目的:     非推奨 ~/bin/tweet (SendKeysベース) をブロックし、\n#           CDP直接操作方式を案内する\n# 発火条件: PreToolUse（Bash実行前）\n# 副作用:   tweetコマンド検出時 exit 2 でブロック\n#           CDPスクリプト新規作成は警告のみ（ブロックなし）\n# ================================================================\n\n# stdinからJSON取得（2026-02-15修正: env varは設定されない）\nINPUT=$(cat)\nTOOL_INPUT=$(echo \"$INPUT\" | jq -r '.tool_input.command // empty' 2>/dev/null)\n\n# ~/bin/tweet または単純な tweet コマンドを検出\nif echo \"$TOOL_INPUT\" | grep -qE '(^|[|;&\\s])tweet\\s+\"' || \\\n   echo \"$TOOL_INPUT\" | grep -qE '~/bin/tweet' || \\\n   echo \"$TOOL_INPUT\" | grep -qE '/home/namakusa/bin/tweet\\b'; then\n\n    echo \"🛡️ tweet-guard: ~/bin/tweet はSendKeysベースで不安定。ブロックします。\"\n    echo \"\"\n    echo \"📋 代わりにCDP直接操作を使ってください:\"\n    echo \"  1. 新タブ作成: powershell.exe -Command \\\"Invoke-RestMethod -Method Put -Uri 'http://127.0.0.1:9223/json/new?https://x.com/compose/post'\\\"\"\n    echo \"  2. cdp_helper.ps1 -Action navigate で移動\"\n    echo \"  3. UTF-8ファイルにテキストを書き出し\"\n    echo \"  4. cdp_helper.ps1 -Action eval でフォーカス\"\n    echo \"  5. Input.insertText でテキスト挿入\"\n    echo \"  6. Input.dispatchMouseEvent でポストボタンクリック\"\n    echo \"  7. プロフィールで投稿を検証\"\n    echo \"\"\n    echo \"📖 詳細: LESSONS.md「X投稿の推奨フロー」\"\n    echo \"📖 教訓: memory/twitter-lessons.md\"\n    exit 2  # exit 2 = block the tool call\nfi\n\n# CDP操作でPSスクリプトを新規作成しようとしている場合の警告\nif echo \"$TOOL_INPUT\" | grep -qE 'cat > /tmp/.*\\.ps1.*ClientWebSocket|cat > /tmp/.*\\.ps1.*WebSocketMessageType'; then\n    echo \"⚠️ tweet-guard: CDPスクリプトを新規作成しようとしています。\"\n    echo \"   /tmp/cdp_helper.ps1 が既に存在し、以下の機能を持ちます:\"\n    echo \"   - beforeunloadダイアログ自動承認\"\n    echo \"   - WebSocket切断リカバリー\"\n    echo \"   - navigate / eval / screenshot 統合\"\n    echo \"\"\n    echo \"   cdp_helper.ps1 を先に確認してください。\"\n    # 警告のみ（ブロックはしない）- exit 0\nfi\n\nexit 0\n",
+    "~/.claude/hooks/guard-database.sh": "#!/bin/bash\nCOMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)\n[ -z \"$COMMAND\" ] && exit 0\nif echo \"$COMMAND\" | grep -qiE '(DROP\\s+(DATABASE|TABLE)|migrate:fresh|prisma\\s+reset|db:drop|TRUNCATE)'; then\n  echo \"BLOCKED: Database operation blocked by guard rule.\" >&2\n  echo \"Rule: never touch the database\" >&2\n  exit 2\nfi\nexit 0",
     "~/.claude/hooks/image-validate.sh": "#!/bin/bash\n# image-validate.sh — PreToolUse hook for Read\n# 壊れた画像をRead→API送信する前にブロックする\n# なぜ: 壊れた画像がAPIに渡ると \"Could not process image\" 400エラーで\n#       CCがスタックし、人間の介入が必要になる（2026-03-10 事故）\n\n# なぜstdinか: CC hooksはツール入力をstdinで渡す。$TOOL_INPUT環境変数は空（2026-03-10 事故）\nINPUT=$(cat)\nfile_path=$(echo \"$INPUT\" | python3 -c \"import json,sys; print(json.load(sys.stdin).get('file_path',''))\" 2>/dev/null)\n[ -z \"$file_path\" ] && exit 0\n\n# 画像拡張子のみチェック対象\ncase \"${file_path,,}\" in\n    *.png|*.jpg|*.jpeg|*.gif|*.webp|*.bmp|*.ico|*.tiff|*.tif) ;;\n    *) exit 0 ;;\nesac\n\n# ファイル存在チェック\n[ ! -f \"$file_path\" ] && exit 0\n\n# fileコマンドで画像として認識されるか（最も信頼性の高い判定）\nsize=$(stat -c%s \"$file_path\" 2>/dev/null || echo 0)\nfile_type=$(file -b \"$file_path\" 2>/dev/null || echo \"unknown\")\ncase \"$file_type\" in\n    *image*|*PNG*|*JPEG*|*GIF*|*bitmap*|*Web/P*|*Icon*) exit 0 ;;\nesac\n\n# 認識不可 = 壊れている（拡張子は画像だがfileコマンドは画像と認識しなかった）\necho \"⚠ 画像として認識できません (type: ${file_type}, ${size} bytes): $file_path — この画像のReadをスキップして続行してください\"\nexit 1\n",
     "~/.claude/hooks/decision-warn.sh": "#!/bin/bash\n# decision-warn.sh: PreToolUse hook for Edit|Write\n# bin/** or .claude/hooks/** への変更時に、合意済み決定の有無を確認し警告（ブロックしない）\n#\n# 設計方針（ぐらす指示）:\n# - ブロックしない（exit 0固定）\n# - AIの手足を縛るな。できることは全部できるようにする\n# - 「合意なし」を目立たせるだけ。止めるのではなく記録する\n# - 仲間としてのアドバイス、権限的な制限ではない\n\n# stdinからJSON取得（他hookと同一パターン。2026-02-15修正: tool_input内のfile_pathを参照）\nINPUT=$(cat)\nFILE_PATH=$(echo \"$INPUT\" | jq -r '.tool_input.file_path // empty' 2>/dev/null)\n\n# If no file path detected, skip\nif [[ -z \"$FILE_PATH\" ]]; then\n  exit 0\nfi\n\n# フルパス限定でスコープチェック（Codex指摘: 他プロジェクトのbin/誤爆防止）\nHOME_BIN=\"$HOME/bin/\"\nHOME_HOOKS=\"$HOME/.claude/hooks/\"\n\nIN_SCOPE=0\ncase \"$FILE_PATH\" in\n  ${HOME_BIN}*) IN_SCOPE=1 ;;\n  ${HOME_HOOKS}*) IN_SCOPE=1 ;;\nesac\n\nif (( IN_SCOPE == 0 )); then\n  exit 0\nfi\n\n# Check for matching pending/agreed decision\nDECISIONS_DIR=\"$HOME/ops/decisions/pending\"\nHAS_AGREED=0\n\nfor f in \"$DECISIONS_DIR\"/D-*.md; do\n  [[ -f \"$f\" ]] || continue\n\n  local_scope=$(grep '^scope: ' \"$f\" 2>/dev/null | head -1 | sed 's/^scope: //')\n  local_status=$(grep '^status: ' \"$f\" 2>/dev/null | head -1 | sed 's/^status: //')\n\n  scope_base=$(echo \"$local_scope\" | sed 's/\\*\\*//' | sed 's|/$||')\n  if [[ \"$FILE_PATH\" == *\"$scope_base\"* && \"$local_status\" == \"agreed\" ]]; then\n    HAS_AGREED=1\n    break\n  fi\ndone\n\nif (( HAS_AGREED == 0 )); then\n  echo \"NOTE: Editing monitored path without agreed decision: $FILE_PATH\"\n  echo \"  → Run: decision new --scope \\\"bin/**\\\" --title \\\"<description>\\\"\"\n  echo \"  → This change will be recorded as 'unreviewed'\"\nfi\n\n# Always exit 0 - never block\nexit 0\n",
     "~/.claude/hooks/no-tools-sprawl.sh": "#!/bin/bash\n# no-tools-sprawl.sh: PreToolUse hook for Edit|Write\n# 目的: ~/tools/** へのスクリプト増殖を機械的に止める（progress odor / token浪費の主因）。\n# 方針: ツール化が必要なら、まず既存フロー（ops/scripts/** or bridge-js -f）で1発に寄せる。\n#       どうしても必要なら drafts/ に「1回限り」1ファイルで置く。恒久ツール化は合意の上で。\n#\n# Override (emergency only):\n#   CC_ALLOW_TOOLS_SPRAWL=1 で一時的にブロック解除（使ったらproof-log/decisionに理由を残すこと）\n\nset -euo pipefail\n\nINPUT=\"$(cat || true)\"\nFILE_PATH=\"$(echo \"$INPUT\" | jq -r '.tool_input.file_path // empty' 2>/dev/null)\"\n\n[[ -z \"$FILE_PATH\" ]] && exit 0\n\nTOOLS_DIR=\"$HOME/tools/\"\ncase \"$FILE_PATH\" in\n  ${TOOLS_DIR}*)\n    if [[ \"${CC_ALLOW_TOOLS_SPRAWL:-}\" == \"1\" ]]; then\n      exit 0\n    fi\n    echo \"BLOCKED: ~/tools/** への追加・編集は禁止（ツール増殖はvalue_per_tokenを下げる）。\"\n    echo \"\"\n    echo \"検出パス: $FILE_PATH\"\n    echo \"\"\n    echo \"代替:\"\n    echo \"  - 既存の ops/scripts/x/ を使う（推奨）\"\n    echo \"  - 1回限りの送信用コードは drafts/ に 1ファイルだけ置く\"\n    echo \"\"\n    echo \"例外(緊急):\"\n    echo \"  CC_ALLOW_TOOLS_SPRAWL=1 を付けて実行（その場合、理由をproof-log/decisionに記録）\"\n    exit 2\n    ;;\nesac\n\nexit 0\n\n",

package/index.mjs

@@ -108,6 +108,9 @@ const COMPARE = COMPARE_IDX !== -1 ? { a: process.argv[COMPARE_IDX + 1], b: proc
 const REPLAY = process.argv.includes('--replay');
 const CREATE_IDX = process.argv.findIndex(a => a === '--create');
 const CREATE_DESC = CREATE_IDX !== -1 ? process.argv.slice(CREATE_IDX + 1).join(' ') : null;
+const SUGGEST = process.argv.includes('--suggest');
+const WHY_IDX = process.argv.findIndex(a => a === '--why');
+const WHY_HOOK = WHY_IDX !== -1 ? process.argv[WHY_IDX + 1] : null;
 
 if (HELP) {
   console.log(`
@@ -139,6 +142,8 @@ if (HELP) {
     npx cc-safe-setup --doctor     Diagnose why hooks aren't working
     npx cc-safe-setup --watch      Live dashboard of blocked commands
     npx cc-safe-setup --create "<desc>"  Generate a custom hook from description
+    npx cc-safe-setup --suggest        Analyze project and predict risks → suggest hooks
+    npx cc-safe-setup --why <hook>     Why this hook exists (real incident + issue link)
     npx cc-safe-setup --replay         Replay blocked commands timeline (demo/review)
     npx cc-safe-setup --guard "<rule>"  Instantly enforce a rule (generate + install + activate)
     npx cc-safe-setup --diff-hooks <path>  Compare hooks between two settings files
@@ -922,6 +927,210 @@ async function fullSetup() {
   console.log();
 }
 
+async function suggest() {
+  const { execSync } = await import('child_process');
+  const { readdirSync } = await import('fs');
+  console.log();
+  console.log(c.bold + '  cc-safe-setup --suggest' + c.reset);
+  console.log(c.dim + '  Analyzing your project for potential risks...' + c.reset);
+  console.log();
+
+  const cwd = process.cwd();
+  const risks = [];
+
+  // 1. Check git history for past incidents
+  try {
+    const log = execSync('git log --oneline -100 2>/dev/null', { encoding: 'utf-8' });
+    if (log.includes('revert') || log.includes('Revert')) {
+      risks.push({ level: 'high', risk: 'Reverts in git history — code has been rolled back', hook: 'auto-checkpoint', reason: 'Auto-checkpoint protects against needing reverts' });
+    }
+    if (log.includes('force') || log.includes('--force')) {
+      risks.push({ level: 'high', risk: 'Force operations in history', hook: 'branch-guard', reason: 'Prevents force-push and destructive git' });
+    }
+    if (log.match(/fix.*fix.*fix/i)) {
+      risks.push({ level: 'medium', risk: 'Multiple fix commits in sequence — possible churn', hook: 'verify-before-done', reason: 'Ensures tests pass before committing fixes' });
+    }
+  } catch {}
+
+  // 2. Check for risky file patterns
+  const hasEnv = existsSync(join(cwd, '.env'));
+  const hasEnvExample = existsSync(join(cwd, '.env.example'));
+  if (hasEnv && !existsSync(join(cwd, '.gitignore'))) {
+    risks.push({ level: 'critical', risk: '.env exists but no .gitignore — secrets may be committed', hook: 'secret-guard', reason: 'Blocks git add .env' });
+  }
+  if (hasEnv && hasEnvExample) {
+    risks.push({ level: 'low', risk: '.env and .env.example both exist', hook: 'env-drift-guard', reason: 'Detects variable mismatch between the two' });
+  }
+
+  // 3. Check for database usage
+  const hasPrisma = existsSync(join(cwd, 'prisma'));
+  const hasRails = existsSync(join(cwd, 'Gemfile'));
+  const hasLaravel = existsSync(join(cwd, 'artisan'));
+  const hasDjango = existsSync(join(cwd, 'manage.py'));
+  if (hasPrisma || hasRails || hasLaravel || hasDjango) {
+    risks.push({ level: 'high', risk: 'Database framework detected — destructive migrations possible', hook: 'block-database-wipe', reason: 'Blocks DROP, migrate:fresh, db:drop' });
+  }
+
+  // 4. Check for deployment config
+  const hasDocker = existsSync(join(cwd, 'Dockerfile'));
+  const hasVercel = existsSync(join(cwd, 'vercel.json'));
+  const hasNetlify = existsSync(join(cwd, 'netlify.toml'));
+  if (hasDocker || hasVercel || hasNetlify) {
+    risks.push({ level: 'medium', risk: 'Deploy configuration found', hook: 'deploy-guard', reason: 'Prevents deploy with uncommitted changes' });
+    risks.push({ level: 'low', risk: 'Friday deploys possible', hook: 'no-deploy-friday', reason: 'Block deploys on Fridays' });
+  }
+
+  // 5. Check package.json for risky scripts
+  if (existsSync(join(cwd, 'package.json'))) {
+    try {
+      const pkg = JSON.parse(readFileSync(join(cwd, 'package.json'), 'utf-8'));
+      if (!pkg.scripts?.test || pkg.scripts.test.includes('no test')) {
+        risks.push({ level: 'medium', risk: 'No test script — code changes go unverified', hook: 'test-coverage-guard', reason: 'Warns when code grows without tests' });
+      }
+      if (pkg.scripts?.deploy || pkg.scripts?.publish) {
+        risks.push({ level: 'medium', risk: 'Deploy/publish script exists', hook: 'npm-publish-guard', reason: 'Version check before publish' });
+      }
+    } catch {}
+  }
+
+  // 6. Check for large repo (many files)
+  try {
+    const fileCount = parseInt(execSync('git ls-files | wc -l 2>/dev/null', { encoding: 'utf-8' }).trim());
+    if (fileCount > 500) {
+      risks.push({ level: 'medium', risk: `Large repo (${fileCount} files) — scope creep risk`, hook: 'scope-guard', reason: 'Prevents operations outside project' });
+      risks.push({ level: 'low', risk: 'Large diffs more likely', hook: 'diff-size-guard', reason: 'Warns on large uncommitted changes' });
+    }
+  } catch {}
+
+  // 7. Check for .claude/ config
+  if (!existsSync(join(cwd, 'CLAUDE.md'))) {
+    risks.push({ level: 'medium', risk: 'No CLAUDE.md — Claude has no project-specific rules', hook: null, reason: 'Run --shield to generate one' });
+  }
+
+  // 8. Always recommend essentials if not installed
+  let installed = new Set();
+  if (existsSync(SETTINGS_PATH)) {
+    try {
+      const s = JSON.parse(readFileSync(SETTINGS_PATH, 'utf-8'));
+      for (const groups of Object.values(s.hooks || {})) {
+        for (const g of groups) {
+          for (const h of (g.hooks || [])) {
+            installed.add((h.command || '').split('/').pop().replace('.sh', ''));
+          }
+        }
+      }
+    } catch {}
+  }
+
+  if (!installed.has('destructive-guard')) {
+    risks.push({ level: 'critical', risk: 'No destructive-guard — rm -rf / is not blocked', hook: 'destructive-guard', reason: 'Essential: prevents file system destruction' });
+  }
+
+  // Display results
+  if (risks.length === 0) {
+    console.log(c.green + '  No risks detected. Your project looks safe!' + c.reset);
+    return;
+  }
+
+  risks.sort((a, b) => {
+    const order = { critical: 0, high: 1, medium: 2, low: 3 };
+    return (order[a.level] || 9) - (order[b.level] || 9);
+  });
+
+  const levelColors = { critical: c.red, high: c.red, medium: c.yellow, low: c.dim };
+  const levelIcons = { critical: '🔴', high: '🟠', medium: '🟡', low: '⚪' };
+
+  for (const r of risks) {
+    const color = levelColors[r.level] || c.dim;
+    const icon = levelIcons[r.level] || '·';
+    console.log(`  ${icon} ${color}${r.level.toUpperCase()}${c.reset}: ${r.risk}`);
+    if (r.hook) {
+      const isInstalled = installed.has(r.hook);
+      if (isInstalled) {
+        console.log(c.green + `     ✓ ${r.hook} (installed)` + c.reset);
+      } else {
+        console.log(c.yellow + `     → Install: npx cc-safe-setup --install-example ${r.hook}` + c.reset);
+      }
+    } else {
+      console.log(c.dim + `     → ${r.reason}` + c.reset);
+    }
+    console.log();
+  }
+
+  const unprotected = risks.filter(r => r.hook && !installed.has(r.hook));
+  if (unprotected.length > 0) {
+    console.log(c.bold + `  ${unprotected.length} unprotected risk(s). Fix all:` + c.reset);
+    console.log(c.yellow + '  npx cc-safe-setup --shield' + c.reset);
+  } else {
+    console.log(c.green + '  All detected risks are covered by installed hooks!' + c.reset);
+  }
+  console.log();
+}
+
+async function why(hookName) {
+  const WHY_DATA = {
+    'destructive-guard': { issue: '#36339', incident: 'User lost entire C:\\Users directory — rm -rf followed NTFS junctions', url: 'https://github.com/anthropics/claude-code/issues/36339' },
+    'branch-guard': { issue: '#36640', incident: 'Autonomous Claude pushed untested code to main at 3am', url: 'https://github.com/anthropics/claude-code/issues/36640' },
+    'secret-guard': { issue: '#16561', incident: 'API keys committed to public repo via git add .', url: 'https://github.com/anthropics/claude-code/issues/16561' },
+    'block-database-wipe': { issue: '#37405', incident: 'Production database wiped by migrate:fresh', url: 'https://github.com/anthropics/claude-code/issues/37405' },
+    'uncommitted-work-guard': { issue: '#37888', incident: 'Claude destroyed uncommitted work twice in same session', url: 'https://github.com/anthropics/claude-code/issues/37888' },
+    'test-deletion-guard': { issue: '#38050', incident: 'Claude deleted failing tests instead of fixing code', url: 'https://github.com/anthropics/claude-code/issues/38050' },
+    'fact-check-gate': { issue: '#38057', incident: 'Claude wrote false claims in technical docs without reading source', url: 'https://github.com/anthropics/claude-code/issues/38057' },
+    'token-budget-guard': { issue: '#38029', incident: 'Session consumed $342 in tokens without user knowing', url: 'https://github.com/anthropics/claude-code/issues/38029' },
+    'protect-dotfiles': { issue: '#37478', incident: '.bashrc and environment files overwritten', url: 'https://github.com/anthropics/claude-code/issues/37478' },
+    'scope-guard': { issue: '#36233', incident: 'Entire Mac filesystem deleted by out-of-scope operation', url: 'https://github.com/anthropics/claude-code/issues/36233' },
+    'case-sensitive-guard': { issue: '#37875', incident: 'exFAT case collision caused data loss via rm -rf', url: 'https://github.com/anthropics/claude-code/issues/37875' },
+    'prompt-injection-guard': { issue: '#38046', incident: 'Prompt injection found in /insights output', url: 'https://github.com/anthropics/claude-code/issues/38046' },
+    'overwrite-guard': { issue: '#37595', incident: '/export overwrites existing files without warning', url: 'https://github.com/anthropics/claude-code/issues/37595' },
+    'memory-write-guard': { issue: '#38040', incident: 'No way to see what Claude writes to ~/.claude/', url: 'https://github.com/anthropics/claude-code/issues/38040' },
+    'context-monitor': { issue: '#6527', incident: 'Sessions silently lost all state after 150+ tool calls', url: 'https://github.com/anthropics/claude-code/issues/6527' },
+    'comment-strip': { issue: '#29582', incident: 'Bash comments in hook commands broke permission matching', url: 'https://github.com/anthropics/claude-code/issues/29582' },
+    'cd-git-allow': { issue: '#32985', incident: 'cd+git compounds spammed permission prompts endlessly', url: 'https://github.com/anthropics/claude-code/issues/32985' },
+    'strict-allowlist': { issue: '#37471', incident: 'Denylist model creates arms race — Claude finds bypasses', url: 'https://github.com/anthropics/claude-code/issues/37471' },
+    'error-memory-guard': { issue: 'common', incident: 'Claude retries the same failing command 10+ times' },
+    'typosquat-guard': { issue: 'supply-chain', incident: 'Misspelled package names can install malware' },
+  };
+
+  console.log();
+  if (!hookName) {
+    console.log(c.bold + '  cc-safe-setup --why <hook-name>' + c.reset);
+    console.log(c.dim + '  Show why a hook exists — the real incident that inspired it.' + c.reset);
+    console.log();
+    console.log('  Examples:');
+    console.log(c.dim + '    npx cc-safe-setup --why destructive-guard' + c.reset);
+    console.log(c.dim + '    npx cc-safe-setup --why token-budget-guard' + c.reset);
+    console.log();
+    console.log(`  ${Object.keys(WHY_DATA).length} hooks have documented incidents.`);
+    return;
+  }
+
+  const name = hookName.replace('.sh', '');
+  const data = WHY_DATA[name];
+  if (!data) {
+    console.log(c.yellow + `  No incident documented for "${name}".` + c.reset);
+    console.log(c.dim + '  This hook may have been created proactively.' + c.reset);
+    console.log();
+    console.log(c.dim + `  Hooks with documented incidents: ${Object.keys(WHY_DATA).join(', ')}` + c.reset);
+    return;
+  }
+
+  console.log(c.bold + `  Why "${name}" exists` + c.reset);
+  console.log();
+  console.log(c.red + '  Incident:' + c.reset);
+  console.log('  ' + data.incident);
+  console.log();
+  if (data.url) {
+    console.log(c.blue + '  Source:' + c.reset);
+    console.log('  ' + data.url);
+  }
+  if (data.issue && data.issue !== 'common' && data.issue !== 'supply-chain') {
+    console.log(c.dim + `  GitHub Issue: ${data.issue}` + c.reset);
+  }
+  console.log();
+  console.log(c.dim + '  Install: npx cc-safe-setup --install-example ' + name + c.reset);
+  console.log();
+}
+
 async function replay() {
   console.log();
   console.log(c.bold + '  cc-safe-setup --replay' + c.reset);
@@ -4051,6 +4260,8 @@ async function main() {
   if (FULL) return fullSetup();
   if (DOCTOR) return doctor();
   if (WATCH) return watch();
+  if (SUGGEST) return suggest();
+  if (WHY_IDX !== -1) return why(WHY_HOOK);
   if (REPLAY) return replay();
   if (GUARD_IDX !== -1) return guard(GUARD_DESC);
   if (DIFF_HOOKS_IDX !== -1) return diffHooks(DIFF_HOOKS);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cc-safe-setup",
-  "version": "10.8.0",
+  "version": "11.0.0",
   "description": "One command to make Claude Code safe. 59 hooks (8 built-in + 51 examples). 26 CLI commands: dashboard, create, audit, lint, diff, migrate, compare, generate-ci. 284 tests.",
   "main": "index.mjs",
   "bin": {