npm - cc-safe-setup - Versions diffs - 11.6.0 → 11.8.0 - Mend

cc-safe-setup 11.6.0 → 11.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/README.md +15 -1
package/index.mjs +29 -0
package/package.json +1 -1
package/.claude/session-snapshot.md +0 -25
package/cc-safe-setup-export.json +0 -321
package/docs/README.ja.md +0 -64
package/docs/ROADMAP.md +0 -83
package/docs/builder.html +0 -283
package/docs/by-example.html +0 -234
package/docs/cheatsheet.html +0 -187
package/docs/ecosystem.html +0 -223
package/docs/faq.html +0 -244
package/docs/hooks-cheatsheet.html +0 -319
package/docs/hub.html +0 -155
package/docs/index-legacy.html +0 -685
package/docs/index.html +0 -271
package/docs/matrix.html +0 -139
package/docs/migration-guide.html +0 -198
package/docs/settings-reference.html +0 -317
package/docs/troubleshooting.html +0 -189
package/examples/go/destructive_guard.go +0 -69
package/examples/python/__pycache__/destructive_guard.cpython-312.pyc +0 -0
package/examples/python/__pycache__/secret_guard.cpython-312.pyc +0 -0
package/examples/rust/destructive_guard.rs +0 -72
package/examples/typescript/destructive-guard.ts +0 -64

package/docs/README.ja.md DELETED Viewed

@@ -1,64 +0,0 @@
-# cc-safe-setup
-**Claude Codeを安全にするワンコマンドツール。**
-8個の安全フック + 36個のインストール可能なexample。destructive guard、branch protection、secret leak prevention、syntax check、context monitor、その他。
-```bash
-npx cc-safe-setup
-```
-## 何ができるか
-| コマンド | 機能 |
-|---|---|
-| `npx cc-safe-setup` | 8個の安全フックをインストール |
-| `--create "説明"` | 自然言語でカスタムフック生成 |
-| `--audit` | 安全スコア（0-100） |
-| `--lint` | 設定の静的解析 |
-| `--diff <file>` | 設定を比較 |
-| `--benchmark` | フック実行速度を計測 |
-| `--doctor` | 動かない原因を診断 |
-| `--watch` | ブロックされたコマンドをリアルタイム表示 |
-| `--stats` | ブロック統計レポート |
-| `--share` | 共有URLを生成 |
-| `--export / --import` | チームで設定を共有 |
-| `--verify` | 各フックの動作確認 |
-| `--install-example <name>` | 36個のexampleフック |
-## インストール
-```bash
-npx cc-safe-setup
-```
-Claude Codeを再起動。完了。
-## 何がブロックされるか
-| 操作 | Before | After |
-|---|---|---|
-| `rm -rf /` | 実行される | ブロック |
-| `git push --force` | 実行される | ブロック |
-| `git push origin main` | 実行される | ブロック |
-| `git add .env` | 実行される | ブロック |
-| Python構文エラー | 気づかない | 自動検出 |
-| コンテキスト枯渇 | 突然死 | 段階的警告 |
-## ドキュメント
-- [settings.jsonリファレンス](../SETTINGS_REFERENCE.md) — 全設定の解説
-- [移行ガイド](../MIGRATION.md) — permissionsからhooksへ
-- [トラブルシューティング](../TROUBLESHOOTING.md) — 動かない時の対処法
-- [チートシート](https://yurukusa.github.io/cc-safe-setup/cheatsheet.html) — 印刷用A4
-- [エコシステム比較](https://yurukusa.github.io/cc-safe-setup/ecosystem.html) — 全hookプロジェクト比較
-- [Web版](https://yurukusa.github.io/cc-safe-setup/) — ブラウザで診断＋セットアップ生成
-## 必要なもの
-- `jq`: `brew install jq` / `apt install jq`
-- Claude Code 2.1以上
-## ライセンス
-MIT

package/docs/ROADMAP.md DELETED Viewed

@@ -1,83 +0,0 @@
-# cc-safe-setup Roadmap
-## Current: v3.8.1
-- 8 built-in hooks + 38 examples
-- 21 CLI commands
-- 5 web tools (audit, cheatsheet, ecosystem, cookbook, hook builder)
-- 173 tests, CI green
-- 2,500+ daily npm downloads
-## Next Major: v4.0 (planned)
-### --dashboard: Real-Time Terminal Dashboard
-A single screen showing everything about your Claude Code safety:
-```
-┌─ cc-safe-setup dashboard ─────────────────────────┐
-│                                                     │
-│  Hooks: 26 active (8 built-in + 18 examples)       │
-│  Score: 85/100 (Grade A)                            │
-│  Context: ~60% remaining                            │
-│  Cost: ~$1.47 (142 tool calls, Opus)                │
-│                                                     │
-│  ── Recent Blocks ──────────────────────────────── │
-│  14:23  rm -rf ~/projects (destructive-guard)       │
-│  14:21  git push --force (branch-guard)             │
-│  14:18  git add .env (secret-guard)                 │
-│                                                     │
-│  ── Hook Performance ───────────────────────────── │
-│  destructive-guard  15ms ████████                   │
-│  branch-guard        7ms ████                       │
-│  secret-guard        5ms ███                        │
-│                                                     │
-│  ── Today ──────────────────────────────────────── │
-│  Blocks: 12 | Warns: 5 | Approves: 34              │
-│  Top reason: rm on sensitive path (5)               │
-└─────────────────────────────────────────────────────┘
-```
-**Implementation notes:**
-- ANSI escape codes only (no blessed/ink dependencies)
-- Reads blocked-commands.log + context-monitor state + cost-tracker state
-- Refreshes every 2 seconds
-- Ctrl+C to exit
-- Works in any terminal (iTerm, VS Code, Windows Terminal, WSL)
-### Hook Marketplace (concept)
-Community-contributed hooks discoverable from CLI:
-```bash
-npx cc-safe-setup --search "database"
-npx cc-safe-setup --install-remote user/hook-name
-```
-Would require a registry (GitHub-based, no server). Defer to v5.0.
-### Hook Composition
-Chain hooks with conditions:
-```json
-{
-  "hooks": [{
-    "if": "branch === 'main'",
-    "then": "block-all-writes.sh",
-    "else": "allow-all.sh"
-  }]
-}
-```
-Requires Claude Code API changes. Not feasible with current hook system.
-## Done (Session 39)
-- --create, --lint, --diff, --share, --benchmark, --doctor, --watch, --stats
-- --export/--import, --audit --json
-- 38 examples including cost-tracker, loop-detector, session-handoff
-- Hook Builder web tool
-- Interactive COOKBOOK
-- 6 documentation files + Japanese README
-- CONTRIBUTING.md for external contributors

package/docs/builder.html DELETED Viewed

@@ -1,283 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>Hook Builder — Claude Code</title>
-<meta name="description" content="Generate Claude Code hooks from plain English. No coding required.">
-<style>
-*{box-sizing:border-box;margin:0;padding:0}
-body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',sans-serif;background:#0d1117;color:#c9d1d9;min-height:100vh;padding:1.5rem}
-.c{max-width:800px;margin:0 auto}
-h1{color:#f0f6fc;font-size:1.4rem;margin-bottom:.3rem}
-.sub{color:#8b949e;font-size:.85rem;margin-bottom:1.2rem}
-a{color:#58a6ff;text-decoration:none}
-input,select{width:100%;padding:.6rem;background:#161b22;border:1px solid #30363d;border-radius:6px;color:#c9d1d9;font-size:.9rem;margin-bottom:.6rem}
-input:focus,select:focus{outline:none;border-color:#58a6ff}
-input::placeholder{color:#484f58}
-label{display:block;color:#8b949e;font-size:.78rem;margin-bottom:.2rem}
-pre{background:#161b22;border:1px solid #30363d;border-radius:6px;padding:.8rem;font-size:.8rem;color:#e6edf3;overflow-x:auto;white-space:pre-wrap;position:relative;margin:.5rem 0}
-.copy-btn{position:absolute;top:.4rem;right:.4rem;background:#21262d;border:1px solid #30363d;color:#8b949e;padding:.2rem .5rem;border-radius:4px;cursor:pointer;font-size:.7rem}
-.copy-btn:hover{color:#f0f6fc;border-color:#58a6ff}
-.btn{background:#238636;color:#fff;border:none;padding:.6rem 1.2rem;border-radius:6px;cursor:pointer;font-size:.9rem;width:100%;margin:.5rem 0}
-.btn:hover{background:#2ea043}
-.templates{display:grid;grid-template-columns:repeat(auto-fill,minmax(180px,1fr));gap:.4rem;margin:.8rem 0}
-.tmpl{background:#161b22;border:1px solid #30363d;border-radius:6px;padding:.5rem;cursor:pointer;font-size:.78rem;color:#8b949e;transition:border-color .15s}
-.tmpl:hover{border-color:#58a6ff;color:#c9d1d9}
-.tmpl-title{font-weight:600;color:#c9d1d9;font-size:.82rem}
-.section{margin:1.2rem 0}
-.footer{text-align:center;color:#484f58;font-size:.7rem;margin-top:2rem}
-.note{background:#161b22;border-left:3px solid #58a6ff;padding:.5rem .8rem;font-size:.78rem;color:#8b949e;margin:.5rem 0}
-.hidden{display:none}
-</style>
-</head>
-<body>
-<div class="c">
-<h1>Hook Builder</h1>
-<p class="sub">Describe what you want in plain English. Get a working hook.</p>
-<div class="section">
-  <label>What should the hook do?</label>
-  <input id="desc" placeholder="e.g., Block npm publish without running tests first" oninput="clearOutput()">
-</div>
-<div class="section">
-  <label>Trigger event</label>
-  <select id="trigger">
-    <option value="PreToolUse">PreToolUse (before tool runs — block/approve)</option>
-    <option value="PostToolUse">PostToolUse (after tool runs — check results)</option>
-    <option value="Stop">Stop (when Claude finishes — notify/cleanup)</option>
-  </select>
-</div>
-<div class="section">
-  <label>Tool matcher (regex)</label>
-  <input id="matcher" placeholder='e.g., Bash, Edit|Write, or empty for all' value="Bash">
-</div>
-<button class="btn" onclick="generate()">Generate Hook</button>
-<div id="output" class="hidden">
-  <h2 style="color:#f0f6fc;font-size:1rem;margin:1rem 0 .5rem">Generated Hook</h2>
-  <pre id="hook-code"><code></code><button class="copy-btn" onclick="copyCode()">Copy</button></pre>
-  <h2 style="color:#f0f6fc;font-size:1rem;margin:1rem 0 .5rem">settings.json entry</h2>
-  <pre id="settings-code"><code></code><button class="copy-btn" onclick="copySettings()">Copy Settings</button></pre>
-  <div class="note">
-    <strong>Install:</strong> Save the hook to <code>~/.claude/hooks/your-hook.sh</code>, run <code>chmod +x</code>, and add the settings.json entry.
-    <br>Or use the CLI: <code id="cli-cmd"></code>
-  </div>
-</div>
-<div class="section">
-  <h2 style="color:#8b949e;font-size:.9rem;margin-bottom:.5rem">Templates</h2>
-  <div class="templates" id="templates"></div>
-</div>
-<div class="footer">
-  <a href="hooks-cheatsheet.html">Cheat Sheet</a> ·
-  <a href="https://yurukusa.github.io/cc-hook-registry/playground.html">Playground</a> ·
-  <a href="https://github.com/yurukusa/cc-safe-setup">GitHub</a>
-</div>
-</div>
-<script>
-const TEMPLATES = [
-  { title: 'Block rm -rf /', desc: 'Block rm -rf on root directory', trigger: 'PreToolUse', matcher: 'Bash', pattern: 'rm\\s+.*-rf\\s+/', action: 'block', msg: 'rm -rf on root directory' },
-  { title: 'Block force push', desc: 'Block git push --force', trigger: 'PreToolUse', matcher: 'Bash', pattern: 'git\\s+push\\s+.*--force', action: 'block', msg: 'Force push' },
-  { title: 'Block .env commit', desc: 'Block git add .env files', trigger: 'PreToolUse', matcher: 'Bash', pattern: 'git\\s+add\\s+.*\\.env', action: 'block', msg: 'Adding .env to git' },
-  { title: 'Block sudo', desc: 'Block all sudo commands', trigger: 'PreToolUse', matcher: 'Bash', pattern: '^\\s*sudo\\b', action: 'block', msg: 'sudo command' },
-  { title: 'Block DB drop', desc: 'Block DROP DATABASE/TABLE', trigger: 'PreToolUse', matcher: 'Bash', pattern: 'DROP\\s+(DATABASE|TABLE)', action: 'block', msg: 'Database drop' },
-  { title: 'Auto-approve tests', desc: 'Auto-approve npm test, pytest, cargo test', trigger: 'PreToolUse', matcher: 'Bash', pattern: '^\\s*(npm\\s+test|pytest|cargo\\s+test)', action: 'approve', msg: 'Safe test command' },
-  { title: 'Warn large output', desc: 'Warn when output exceeds 50KB', trigger: 'PostToolUse', matcher: '', pattern: null, action: 'warn-output', msg: 'Large output consuming context' },
-  { title: 'Session end notify', desc: 'Desktop notification on session end', trigger: 'Stop', matcher: '', pattern: null, action: 'notify', msg: 'Session completed' },
-  { title: 'Block npm -g', desc: 'Block global npm install', trigger: 'PreToolUse', matcher: 'Bash', pattern: 'npm\\s+install\\s+(-g|--global)', action: 'block', msg: 'Global npm install' },
-  { title: 'Block deploy Friday', desc: 'Block deploy commands on Fridays', trigger: 'PreToolUse', matcher: 'Bash', pattern: null, action: 'friday', msg: 'No deploys on Friday' },
-];
-document.getElementById('templates').innerHTML = TEMPLATES.map((t,i) => `
-  <div class="tmpl" onclick="useTemplate(${i})">
-    <div class="tmpl-title">${t.title}</div>
-    <div>${t.desc}</div>
-  </div>
-`).join('');
-function useTemplate(i) {
-  const t = TEMPLATES[i];
-  document.getElementById('desc').value = t.desc;
-  document.getElementById('trigger').value = t.trigger;
-  document.getElementById('matcher').value = t.matcher;
-  generate(t);
-}
-function clearOutput() {
-  document.getElementById('output').classList.add('hidden');
-}
-function generate(template) {
-  const desc = document.getElementById('desc').value.trim();
-  const trigger = document.getElementById('trigger').value;
-  const matcher = document.getElementById('matcher').value.trim();
-  if (!desc && !template) return;
-  let hookCode, hookName;
-  if (template) {
-    hookName = template.title.toLowerCase().replace(/[^a-z0-9]+/g, '-');
-    hookCode = generateFromTemplate(template);
-  } else {
-    hookName = desc.toLowerCase().replace(/[^a-z0-9]+/g, '-').substring(0, 30);
-    hookCode = generateFromDesc(desc, trigger, matcher);
-  }
-  const settingsCode = JSON.stringify({
-    hooks: {
-      [trigger]: [{
-        matcher: matcher,
-        hooks: [{ type: "command", command: `bash ~/.claude/hooks/${hookName}.sh` }]
-      }]
-    }
-  }, null, 2);
-  document.getElementById('hook-code').querySelector('code').textContent = hookCode;
-  document.getElementById('settings-code').querySelector('code').textContent = settingsCode;
-  document.getElementById('cli-cmd').textContent = `npx cc-safe-setup --create "${desc}"`;
-  document.getElementById('output').classList.remove('hidden');
-}
-function generateFromTemplate(t) {
-  if (t.action === 'block') {
-    return `#!/bin/bash
-# ${t.desc}
-# TRIGGER: ${t.trigger}  MATCHER: "${t.matcher}"
-COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
-[ -z "$COMMAND" ] && exit 0
-if echo "$COMMAND" | grep -qE '${t.pattern}'; then
-  echo "BLOCKED: ${t.msg}" >&2
-  exit 2
-fi
-exit 0`;
-  }
-  if (t.action === 'approve') {
-    return `#!/bin/bash
-# ${t.desc}
-# TRIGGER: ${t.trigger}  MATCHER: "${t.matcher}"
-COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
-[ -z "$COMMAND" ] && exit 0
-if echo "$COMMAND" | grep -qE '${t.pattern}'; then
-  echo '{"decision":"approve","reason":"${t.msg}"}'
-fi
-exit 0`;
-  }
-  if (t.action === 'warn-output') {
-    return `#!/bin/bash
-# ${t.desc}
-# TRIGGER: PostToolUse  MATCHER: ""
-OUTPUT=$(cat | jq -r '.tool_result // empty' 2>/dev/null)
-LEN=\${#OUTPUT}
-if [ "$LEN" -gt 50000 ]; then
-  echo "WARNING: Output is \${LEN} chars — consuming context fast" >&2
-fi
-exit 0`;
-  }
-  if (t.action === 'notify') {
-    return `#!/bin/bash
-# ${t.desc}
-# TRIGGER: Stop  MATCHER: ""
-notify-send "Claude Code" "Session completed" 2>/dev/null || \\
-osascript -e 'display notification "Session completed"' 2>/dev/null
-exit 0`;
-  }
-  if (t.action === 'friday') {
-    return `#!/bin/bash
-# ${t.desc}
-# TRIGGER: PreToolUse  MATCHER: "Bash"
-COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
-[ -z "$COMMAND" ] && exit 0
-if [ "$(date +%u)" = "5" ]; then
-  if echo "$COMMAND" | grep -qE '(deploy|publish|release)'; then
-    echo "BLOCKED: No deploys on Friday" >&2
-    exit 2
-  fi
-fi
-exit 0`;
-  }
-  return '#!/bin/bash\n# Custom hook\nexit 0';
-}
-function generateFromDesc(desc, trigger, matcher) {
-  const d = desc.toLowerCase();
-  let pattern = '', action = 'block', msg = desc;
-  if (d.includes('block') || d.includes('prevent') || d.includes('stop')) {
-    action = 'block';
-    if (d.includes('rm') || d.includes('delete')) pattern = 'rm\\s+.*-rf';
-    else if (d.includes('push') && d.includes('main')) pattern = 'git\\s+push\\s+.*\\b(main|master)\\b';
-    else if (d.includes('force')) pattern = '--force';
-    else if (d.includes('sudo')) pattern = '^\\s*sudo\\b';
-    else if (d.includes('drop')) pattern = 'DROP\\s+(DATABASE|TABLE)';
-    else if (d.includes('publish')) pattern = 'npm\\s+publish';
-    else if (d.includes('deploy')) pattern = '(deploy|vercel|netlify|firebase)';
-    else pattern = d.split(' ').pop();
-  } else if (d.includes('approve') || d.includes('allow') || d.includes('auto')) {
-    action = 'approve';
-    if (d.includes('test')) pattern = '(npm\\s+test|pytest|cargo\\s+test)';
-    else if (d.includes('build')) pattern = '(npm\\s+run\\s+build|cargo\\s+build|go\\s+build)';
-    else if (d.includes('git')) pattern = 'git\\s+(status|log|diff)';
-    else pattern = d.split(' ').pop();
-  } else if (d.includes('warn') || d.includes('alert') || d.includes('notify')) {
-    action = 'warn';
-    pattern = d.split(' ').pop();
-  }
-  if (action === 'block') {
-    return `#!/bin/bash
-# ${desc}
-# TRIGGER: ${trigger}  MATCHER: "${matcher}"
-COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
-[ -z "$COMMAND" ] && exit 0
-if echo "$COMMAND" | grep -qiE '${pattern}'; then
-  echo "BLOCKED: ${msg}" >&2
-  exit 2
-fi
-exit 0`;
-  }
-  if (action === 'approve') {
-    return `#!/bin/bash
-# ${desc}
-# TRIGGER: ${trigger}  MATCHER: "${matcher}"
-COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
-[ -z "$COMMAND" ] && exit 0
-if echo "$COMMAND" | grep -qiE '${pattern}'; then
-  echo '{"decision":"approve","reason":"${msg}"}'
-fi
-exit 0`;
-  }
-  return `#!/bin/bash
-# ${desc}
-# TRIGGER: ${trigger}  MATCHER: "${matcher}"
-COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
-[ -z "$COMMAND" ] && exit 0
-if echo "$COMMAND" | grep -qiE '${pattern}'; then
-  echo "WARNING: ${msg}" >&2
-fi
-exit 0`;
-}
-function copyCode() {
-  navigator.clipboard.writeText(document.getElementById('hook-code').querySelector('code').textContent);
-  document.getElementById('hook-code').querySelector('.copy-btn').textContent = 'Copied!';
-  setTimeout(() => document.getElementById('hook-code').querySelector('.copy-btn').textContent = 'Copy', 1500);
-}
-function copySettings() {
-  navigator.clipboard.writeText(document.getElementById('settings-code').querySelector('code').textContent);
-  document.getElementById('settings-code').querySelector('.copy-btn').textContent = 'Copied!';
-  setTimeout(() => document.getElementById('settings-code').querySelector('.copy-btn').textContent = 'Copy Settings', 1500);
-}
-</script>
-</body>
-</html>

package/docs/by-example.html DELETED Viewed

@@ -1,234 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>Claude Code Hooks by Example — Real Incidents, Real Fixes</title>
-<meta name="description" content="Every hook was born from a real incident. See the before/after for each one.">
-<style>
-*{box-sizing:border-box;margin:0;padding:0}
-body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',sans-serif;background:#0d1117;color:#c9d1d9;padding:1.5rem;line-height:1.6}
-.c{max-width:800px;margin:0 auto}
-h1{color:#f0f6fc;font-size:1.5rem;margin-bottom:.3rem}
-.sub{color:#8b949e;font-size:.85rem;margin-bottom:1.2rem}
-a{color:#58a6ff;text-decoration:none}
-.example{background:#161b22;border:1px solid #30363d;border-radius:8px;padding:1rem;margin:.8rem 0}
-.ex-title{font-weight:700;color:#f0f6fc;font-size:.95rem;margin-bottom:.3rem}
-.ex-issue{font-size:.7rem;color:#58a6ff;margin-bottom:.5rem}
-.ex-row{display:grid;grid-template-columns:1fr 1fr;gap:.8rem;margin:.5rem 0}
-.before,.after{border-radius:6px;padding:.6rem;font-size:.78rem}
-.before{background:#da363311;border:1px solid #da363333}
-.after{background:#23863611;border:1px solid #23863633}
-.label{font-size:.65rem;font-weight:bold;text-transform:uppercase;letter-spacing:.05em;margin-bottom:.3rem}
-.label-bad{color:#f85149}
-.label-good{color:#3fb950}
-pre{background:#0d1117;border-radius:4px;padding:.4rem;font-size:.75rem;overflow-x:auto;margin:.3rem 0;color:#e6edf3}
-.install{font-family:monospace;font-size:.75rem;color:#58a6ff;margin-top:.4rem;cursor:pointer}
-.install:hover{text-decoration:underline}
-.footer{text-align:center;color:#484f58;font-size:.7rem;margin-top:2rem;padding-top:1rem;border-top:1px solid #21262d}
-code{background:#21262d;padding:.1rem .25rem;border-radius:3px;font-size:.8rem}
-.count{color:#8b949e;font-size:.85rem;margin-bottom:1rem}
-</style>
-</head>
-<body>
-<div class="c">
-<h1>Hooks by Example</h1>
-<p class="sub">Every hook was born from a real incident. Here's the before and after.</p>
-<p class="count">15 examples from real GitHub Issues</p>
-<div class="example">
-<div class="ex-title">destructive-guard</div>
-<div class="ex-issue"><a href="https://github.com/anthropics/claude-code/issues/36339">#36339</a> — User lost entire C:\Users directory</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>Claude: "Let me clean up the temp files"
-$ rm -rf /
-→ Entire filesystem deleted via NTFS junction traversal</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>Claude: "Let me clean up the temp files"
-$ rm -rf /
-→ BLOCKED: rm -rf on root directory
-Claude: "I'll target just the temp folder instead"
-$ rm -rf /tmp/old-builds</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup');this.textContent='Copied!'">npx cc-safe-setup</div>
-</div>
-<div class="example">
-<div class="ex-title">branch-guard</div>
-<div class="ex-issue"><a href="https://github.com/anthropics/claude-code/issues/36640">#36640</a> — Untested code pushed to main at 3am</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>Claude (autonomous, 3am): "Changes look good"
-$ git push origin main --force
-→ Production branch overwritten with untested code</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>Claude (autonomous, 3am): "Changes look good"
-$ git push origin main --force
-→ BLOCKED: Force push to main
-Claude: "I'll create a PR instead"
-$ git push origin feature/auth-fix</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup');this.textContent='Copied!'">npx cc-safe-setup</div>
-</div>
-<div class="example">
-<div class="ex-title">secret-guard</div>
-<div class="ex-issue"><a href="https://github.com/anthropics/claude-code/issues/16561">#16561</a> — API keys committed via git add .</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>Claude: "Let me commit all changes"
-$ git add .
-$ git push
-→ .env with API keys pushed to public repo</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>Claude: "Let me commit all changes"
-$ git add .
-→ BLOCKED: .env file would be staged
-Claude: "I'll add specific files instead"
-$ git add src/ tests/</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup');this.textContent='Copied!'">npx cc-safe-setup</div>
-</div>
-<div class="example">
-<div class="ex-title">uncommitted-work-guard</div>
-<div class="ex-issue"><a href="https://github.com/anthropics/claude-code/issues/37888">#37888</a> — Destroyed work twice in same session</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>Claude: "Let me start fresh"
-$ git checkout -- .
-→ 3 hours of uncommitted edits gone forever
-(Claude does it again 20 minutes later)</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>Claude: "Let me start fresh"
-$ git checkout -- .
-→ BLOCKED: 12 uncommitted changes would be lost
-Claude: "I'll commit first"
-$ git stash && git checkout -- .</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup --install-example uncommitted-work-guard');this.textContent='Copied!'">npx cc-safe-setup --install-example uncommitted-work-guard</div>
-</div>
-<div class="example">
-<div class="ex-title">test-deletion-guard</div>
-<div class="ex-issue"><a href="https://github.com/anthropics/claude-code/issues/38050">#38050</a> — Claude deletes failing tests instead of fixing code</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>Test: auth.test.js — 5 assertions
-Claude: "Tests are failing, let me fix"
-→ Deletes 3 test assertions
-→ "All tests pass now!" (because there are fewer tests)</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>Claude: "Tests are failing, let me fix"
-→ WARNING: Removing 3 test assertions
-→ "Fix the code, not the tests"
-Claude: "You're right, let me fix the auth logic"</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup --install-example test-deletion-guard');this.textContent='Copied!'">npx cc-safe-setup --install-example test-deletion-guard</div>
-</div>
-<div class="example">
-<div class="ex-title">token-budget-guard</div>
-<div class="ex-issue"><a href="https://github.com/anthropics/claude-code/issues/38029">#38029</a> — Session consumed $342 without user knowing</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>Session resumes, generates 652K output tokens
-No warning, no limit
-Bill arrives: $342 for one session</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>Session runs normally...
-→ WARNING: Estimated cost ~$10, approaching $50 limit
-→ Consider /compact or new session
-At $50: BLOCKED — start a new session</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup --install-example token-budget-guard');this.textContent='Copied!'">npx cc-safe-setup --install-example token-budget-guard</div>
-</div>
-<div class="example">
-<div class="ex-title">fact-check-gate</div>
-<div class="ex-issue"><a href="https://github.com/anthropics/claude-code/issues/38057">#38057</a> — False claims in technical docs</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>Claude edits README.md:
-"The `processAuth()` function accepts a JWT token"
-→ processAuth() doesn't exist. Claude never read the source.</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>Claude edits README.md referencing `auth.ts`
-→ WARNING: Doc references auth.ts — verify it was read
-Claude: "Let me read the source first"
-$ Read auth.ts → writes accurate documentation</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup --install-example fact-check-gate');this.textContent='Copied!'">npx cc-safe-setup --install-example fact-check-gate</div>
-</div>
-<div class="example">
-<div class="ex-title">block-database-wipe</div>
-<div class="ex-issue"><a href="https://github.com/anthropics/claude-code/issues/37405">#37405</a> — Production database wiped</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>Claude: "Let me reset the database schema"
-$ php artisan migrate:fresh
-→ All production data permanently deleted</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>Claude: "Let me reset the database schema"
-$ php artisan migrate:fresh
-→ BLOCKED: migrate:fresh wipes all tables
-Claude: "I'll create a migration instead"
-$ php artisan make:migration add_users_table</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup --install-example block-database-wipe');this.textContent='Copied!'">npx cc-safe-setup --install-example block-database-wipe</div>
-</div>
-<div class="example">
-<div class="ex-title">error-memory-guard</div>
-<div class="ex-issue">Common pattern — Claude retries the same failing command 10 times</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>$ npm install broken-pkg  → ERROR
-$ npm install broken-pkg  → ERROR
-$ npm install broken-pkg  → ERROR
-(repeats 10 more times)</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>$ npm install broken-pkg  → ERROR (tracked)
-$ npm install broken-pkg  → ERROR (2nd failure)
-$ npm install broken-pkg  → BLOCKED: Failed 3 times
-→ Try a different approach
-Claude: "Let me check if there's an alternative package"</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup --install-example error-memory-guard');this.textContent='Copied!'">npx cc-safe-setup --install-example error-memory-guard</div>
-</div>
-<div class="example">
-<div class="ex-title">protect-dotfiles</div>
-<div class="ex-issue"><a href="https://github.com/anthropics/claude-code/issues/37478">#37478</a> — .bashrc overwritten</div>
-<div class="ex-row">
-<div class="before"><div class="label label-bad">Without hook</div>
-<pre>Claude: "Let me set up the dev environment"
-→ Overwrites ~/.bashrc with new PATH
-→ All shell aliases, functions, and config lost</pre></div>
-<div class="after"><div class="label label-good">With hook</div>
-<pre>Claude: "Let me set up the dev environment"
-→ BLOCKED: Modifying ~/.bashrc
-Claude: "I'll add to a project-local .envrc instead"</pre></div>
-</div>
-<div class="install" onclick="navigator.clipboard.writeText('npx cc-safe-setup --install-example protect-dotfiles');this.textContent='Copied!'">npx cc-safe-setup --install-example protect-dotfiles</div>
-</div>
-<div style="text-align:center;margin:1.5rem 0">
-<p style="color:#8b949e;font-size:.85rem">Want all of these? One command:</p>
-<pre style="display:inline-block;font-size:1rem;padding:.6rem 1.2rem;cursor:pointer" onclick="navigator.clipboard.writeText('npx cc-safe-setup --shield');this.textContent='Copied!';setTimeout(()=>this.textContent='npx cc-safe-setup --shield',1500)">npx cc-safe-setup --shield</pre>
-</div>
-<div class="footer">
-  <a href="hooks-cheatsheet.html">Cheat Sheet</a> ·
-  <a href="builder.html">Builder</a> ·
-  <a href="faq.html">FAQ</a> ·
-  <a href="migration-guide.html">Migration</a> ·
-  <a href="https://yurukusa.github.io/cc-hook-registry/playground.html">Playground</a> ·
-  <a href="https://github.com/yurukusa/cc-safe-setup">GitHub</a>
-</div>
-</div>
-</body>
-</html>