cc-safe-setup 11.6.0 → 11.8.0

package/docs/index.html

@@ -1,271 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>cc-safe-setup — Claude Code Safety Suite</title>
-<meta name="description" content="Audit, build, browse, and learn Claude Code hooks. All in one page, 100% client-side.">
-<style>
-*{box-sizing:border-box;margin:0;padding:0}
-body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',sans-serif;background:#0d1117;color:#c9d1d9;min-height:100vh}
-.nav{display:flex;background:#161b22;border-bottom:1px solid #30363d;overflow-x:auto}
-.nav a{padding:.75rem 1.2rem;color:#8b949e;text-decoration:none;font-size:.85rem;white-space:nowrap;border-bottom:2px solid transparent;cursor:pointer}
-.nav a.active{color:#f0f6fc;border-bottom-color:#f78166}
-.nav a:hover{color:#c9d1d9}
-.page{display:none;max-width:800px;margin:0 auto;padding:1.5rem}
-.page.active{display:block}
-h1{font-size:1.3rem;color:#f0f6fc;margin-bottom:.5rem}
-h2{font-size:1.1rem;color:#f0f6fc;margin:1.5rem 0 .5rem}
-h3{font-size:.95rem;color:#c9d1d9;margin:1rem 0 .3rem}
-p,.sub{color:#8b949e;font-size:.85rem;margin-bottom:.75rem}
-a{color:#58a6ff;text-decoration:none}
-textarea,input,select{width:100%;padding:.5rem;background:#161b22;border:1px solid #30363d;border-radius:4px;color:#c9d1d9;font-family:monospace;font-size:.8rem;margin:.25rem 0}
-textarea{height:150px;resize:vertical}
-button,.btn{background:#238636;color:#fff;border:none;padding:.5rem 1rem;border-radius:4px;cursor:pointer;font-size:.85rem;margin:.25rem .25rem .25rem 0}
-button:hover,.btn:hover{background:#2ea043}
-.btn-sm{padding:.25rem .5rem;font-size:.75rem}
-.btn-secondary{background:#30363d}
-pre{background:#161b22;border:1px solid #30363d;border-radius:4px;padding:.6rem;font-size:.75rem;overflow-x:auto;position:relative;margin:.3rem 0}
-.copy{position:absolute;top:.3rem;right:.3rem;background:#30363d;color:#c9d1d9;border:none;padding:.15rem .4rem;border-radius:3px;font-size:.65rem;cursor:pointer}
-.score{font-size:1.8rem;font-weight:bold;margin:.5rem 0}
-.score.good{color:#3fb950} .score.mid{color:#d29922} .score.bad{color:#f85149}
-.risk{background:#161b22;border:1px solid #30363d;border-radius:4px;padding:.75rem;margin:.3rem 0;font-size:.8rem}
-.good-item{color:#3fb950;margin:.2rem 0;font-size:.8rem}
-table{width:100%;border-collapse:collapse;font-size:.8rem;margin:.5rem 0}
-th,td{text-align:left;padding:.35rem .5rem;border-bottom:1px solid #21262d}
-th{font-weight:600;color:#f0f6fc}
-.recipe{background:#161b22;border:1px solid #30363d;border-radius:4px;margin:.3rem 0;overflow:hidden}
-.recipe summary{padding:.5rem .75rem;cursor:pointer;font-weight:600;color:#f0f6fc;font-size:.85rem}
-.recipe-body{padding:0 .75rem .5rem}
-.filter{padding:.2rem .5rem;border-radius:3px;border:1px solid #30363d;background:transparent;color:#8b949e;cursor:pointer;font-size:.7rem;margin:.15rem}
-.filter.active{background:#238636;border-color:#238636;color:#fff}
-.badge{display:inline-block;padding:.1rem .3rem;border-radius:3px;font-size:.65rem;font-weight:bold}
-.badge-bash{background:#1f6feb22;color:#58a6ff;border:1px solid #1f6feb44}
-.badge-js{background:#f0e68c22;color:#f0e68c;border:1px solid #f0e68c44}
-.badge-py{background:#3fb95022;color:#3fb950;border:1px solid #3fb95044}
-.badge-ts{background:#388bfd22;color:#388bfd;border:1px solid #388bfd44}
-.check{color:#3fb950} .cross{color:#484f58}
-.footer{text-align:center;color:#484f58;font-size:.7rem;padding:2rem 1rem}
-@media print{.nav{display:none} .page{display:block!important}}
-</style>
-</head>
-<body>
-
-<nav class="nav">
-  <a onclick="go('audit')" id="nav-audit" class="active">Audit</a>
-  <a onclick="go('builder')" id="nav-builder">Hook Builder</a>
-  <a onclick="go('cookbook')" id="nav-cookbook">Cookbook</a>
-  <a onclick="go('ecosystem')" id="nav-ecosystem">Ecosystem</a>
-  <a onclick="go('cheatsheet')" id="nav-cheatsheet">Cheat Sheet</a>
-</nav>
-
-<!-- PAGE: AUDIT -->
-<div class="page active" id="page-audit">
-<h1>Safety Audit</h1>
-<p>Paste your <code>~/.claude/settings.json</code>. Nothing leaves your browser.</p>
-<textarea id="settings" placeholder='{"permissions":{"allow":["Bash(git:*)"]},"hooks":{"PreToolUse":[...]}}'></textarea>
-<button onclick="runAudit()">Run Audit</button>
-<button class="btn-secondary" onclick="generateFresh()">Generate Fresh Setup</button>
-<div id="audit-results"></div>
-</div>
-
-<!-- PAGE: HOOK BUILDER -->
-<div class="page" id="page-builder">
-<h1>Hook Builder</h1>
-<p>Build a custom hook without writing code.</p>
-<div style="display:flex;gap:.75rem;flex-wrap:wrap">
-  <div style="flex:1;min-width:180px">
-    <label style="font-size:.75rem;color:#8b949e">Action</label>
-    <select id="hb-action"><option value="block">Block</option><option value="warn">Warn</option><option value="approve">Auto-approve</option></select>
-  </div>
-  <div style="flex:2;min-width:250px">
-    <label style="font-size:.75rem;color:#8b949e">Pattern (regex)</label>
-    <input id="hb-pattern" placeholder="e.g. rm\s+-rf, git push --force">
-  </div>
-</div>
-<label style="font-size:.75rem;color:#8b949e">Message</label>
-<input id="hb-message" placeholder="e.g. Run tests before pushing">
-<button onclick="buildHook()">Generate</button>
-<div id="hb-result"></div>
-</div>
-
-<!-- PAGE: COOKBOOK -->
-<div class="page" id="page-cookbook">
-<h1>Hooks Cookbook</h1>
-<p>Copy-paste recipes from real GitHub Issues.</p>
-<input id="cb-search" placeholder="Search... (database, git, deploy)" oninput="filterRecipes()">
-<div style="margin:.3rem 0" id="cb-filters"></div>
-<div id="cb-count" style="color:#8b949e;font-size:.8rem"></div>
-<div id="cb-list"></div>
-</div>
-
-<!-- PAGE: ECOSYSTEM -->
-<div class="page" id="page-ecosystem">
-<h1>Ecosystem Comparison</h1>
-<p>All major Claude Code hook projects compared.</p>
-<table>
-<tr><th>Project</th><th>Lang</th><th>Hooks</th><th>Install</th></tr>
-<tr><td><a href="https://github.com/kenryu42/claude-code-safety-net">safety-net</a></td><td><span class="badge badge-ts">TS</span></td><td>5</td><td>npx</td></tr>
-<tr><td><a href="https://github.com/yurukusa/cc-safe-setup">cc-safe-setup</a></td><td><span class="badge badge-bash">Bash</span></td><td>8+39</td><td>npx</td></tr>
-<tr><td><a href="https://github.com/karanb192/claude-code-hooks">karanb192</a></td><td><span class="badge badge-js">JS</span></td><td>5+</td><td>copy</td></tr>
-<tr><td><a href="https://github.com/disler/claude-code-hooks-mastery">mastery</a></td><td><span class="badge badge-py">Python</span></td><td>12</td><td>copy</td></tr>
-<tr><td><a href="https://github.com/lasso-security/claude-hooks">lasso</a></td><td><span class="badge badge-py">Python</span></td><td>1</td><td>install.sh</td></tr>
-</table>
-<h2>Feature Matrix</h2>
-<table>
-<tr><th>Feature</th><th>safety-net</th><th>cc-safe-setup</th><th>karanb192</th><th>mastery</th></tr>
-<tr><td>rm -rf blocker</td><td class="check">✓</td><td class="check">✓</td><td class="check">✓</td><td class="check">✓</td></tr>
-<tr><td>Branch guard</td><td class="check">✓</td><td class="check">✓</td><td class="cross">-</td><td class="cross">-</td></tr>
-<tr><td>Secret guard</td><td class="cross">-</td><td class="check">✓</td><td class="check">✓</td><td class="cross">-</td></tr>
-<tr><td>Syntax check</td><td class="cross">-</td><td class="check">✓</td><td class="cross">-</td><td class="cross">-</td></tr>
-<tr><td>Context monitor</td><td class="cross">-</td><td class="check">✓</td><td class="cross">-</td><td class="cross">-</td></tr>
-<tr><td>Hook generator</td><td class="cross">-</td><td class="check">✓</td><td class="cross">-</td><td class="cross">-</td></tr>
-<tr><td>Dashboard</td><td class="cross">-</td><td class="check">✓</td><td class="cross">-</td><td class="cross">-</td></tr>
-<tr><td>GitHub Action</td><td class="cross">-</td><td class="check">✓</td><td class="cross">-</td><td class="cross">-</td></tr>
-</table>
-</div>
-
-<!-- PAGE: CHEAT SHEET -->
-<div class="page" id="page-cheatsheet">
-<h1>Hooks Cheat Sheet</h1>
-<p>Print this page (Ctrl+P) for a quick reference.</p>
-
-<h3>Lifecycle</h3>
-<pre>Prompt → PreToolUse → Tool → PostToolUse → Stop</pre>
-
-<h3>Exit Codes</h3>
-<table><tr><th>Code</th><th>Meaning</th></tr>
-<tr><td><code>0</code></td><td>Allow</td></tr>
-<tr><td><code>2</code></td><td><strong>Block</strong></td></tr></table>
-
-<h3>Minimal Block Hook</h3>
-<pre>#!/bin/bash
-CMD=$(cat | jq -r '.tool_input.command // empty')
-[ -z "$CMD" ] && exit 0
-echo "$CMD" | grep -qE 'PATTERN' && echo "BLOCKED" >&2 && exit 2
-exit 0</pre>
-
-<h3>Auto-Approve Hook</h3>
-<pre>#!/bin/bash
-CMD=$(cat | jq -r '.tool_input.command // empty')
-[ -z "$CMD" ] && exit 0
-echo "$CMD" | grep -qE '^git\s+(status|log|diff)' && \
-  jq -n '{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow"}}'
-exit 0</pre>
-
-<h3>Quick Commands</h3>
-<table>
-<tr><td><code>npx cc-safe-setup</code></td><td>Install 8 hooks</td></tr>
-<tr><td><code>--create "desc"</code></td><td>Generate hook</td></tr>
-<tr><td><code>--audit</code></td><td>Score 0-100</td></tr>
-<tr><td><code>--dashboard</code></td><td>Live status</td></tr>
-<tr><td><code>--doctor</code></td><td>Diagnose</td></tr>
-<tr><td><code>--benchmark</code></td><td>Speed test</td></tr>
-</table>
-</div>
-
-<div class="footer">
-  cc-safe-setup · 100% client-side · <a href="https://github.com/yurukusa/cc-safe-setup">GitHub</a> · <a href="https://www.npmjs.com/package/cc-safe-setup">npm</a>
-</div>
-
-<script>
-// Navigation
-function go(page) {
-  document.querySelectorAll('.page').forEach(p => p.classList.remove('active'));
-  document.querySelectorAll('.nav a').forEach(a => a.classList.remove('active'));
-  document.getElementById('page-' + page).classList.add('active');
-  document.getElementById('nav-' + page).classList.add('active');
-}
-
-// AUDIT
-function runAudit() {
-  const raw = document.getElementById('settings').value.trim();
-  const el = document.getElementById('audit-results');
-  if (!raw) { generateFresh(); return; }
-  let s; try { s = JSON.parse(raw); } catch { el.innerHTML='<p style="color:#f85149">Invalid JSON</p>'; return; }
-  const {risks,good,score} = analyze(s);
-  renderAudit(risks, good, score, el);
-}
-function generateFresh() {
-  const {risks,good,score} = analyze({});
-  renderAudit(risks, good, score, document.getElementById('audit-results'));
-}
-function analyze(s) {
-  const risks=[], good=[];
-  const pre=s.hooks?.PreToolUse||[], post=s.hooks?.PostToolUse||[];
-  const all=JSON.stringify(pre).toLowerCase();
-  if(!pre.length) risks.push({s:'CRITICAL',i:'No PreToolUse hooks',f:'npx cc-safe-setup'});
-  else { good.push('PreToolUse ('+pre.length+')');
-    if(!all.match(/destructive|guard|rm.*rf/)) risks.push({s:'HIGH',i:'No destructive guard',f:'npx cc-safe-setup'});
-    else good.push('Destructive protection');
-    if(!all.match(/branch|push|main/)) risks.push({s:'HIGH',i:'No branch guard',f:'npx cc-safe-setup'});
-    else good.push('Branch protection');
-    if(!all.match(/secret|env|credential/)) risks.push({s:'HIGH',i:'No secret guard',f:'npx cc-safe-setup'});
-    else good.push('Secret protection');
-  }
-  if(!post.length) risks.push({s:'MEDIUM',i:'No PostToolUse hooks',f:'npx cc-safe-setup'});
-  else good.push('PostToolUse ('+post.length+')');
-  const score=Math.max(0,100-risks.reduce((n,r)=>n+(r.s==='CRITICAL'?30:r.s==='HIGH'?20:10),0));
-  return {risks,good,score};
-}
-function renderAudit(risks,good,score,el) {
-  const cls=score>=80?'good':score>=50?'mid':'bad';
-  let h='<div class="score '+cls+'">'+score+'/100</div>';
-  if(good.length) { h+='<h3 style="color:#3fb950">Working</h3>'; good.forEach(g=>h+='<div class="good-item">✓ '+g+'</div>'); }
-  if(risks.length) { h+='<h3>Risks ('+risks.length+')</h3>'; risks.forEach(r=>h+='<div class="risk"><strong>['+r.s+']</strong> '+r.i+'<br><code>'+r.f+'</code></div>'); }
-  if(!risks.length) h+='<p style="color:#3fb950">No risks detected.</p>';
-  el.innerHTML=h;
-}
-
-// HOOK BUILDER
-function buildHook() {
-  const action=document.getElementById('hb-action').value;
-  const pattern=document.getElementById('hb-pattern').value.trim();
-  const message=document.getElementById('hb-message').value.trim()||'Blocked';
-  const el=document.getElementById('hb-result');
-  if(!pattern){el.innerHTML='<p style="color:#f85149">Enter a pattern</p>';return;}
-  let s='#!/bin/bash\nCMD=$(cat | jq -r \'.tool_input.command // empty\' 2>/dev/null)\n[ -z "$CMD" ] && exit 0\n';
-  if(action==='block') s+='echo "$CMD" | grep -qE \''+pattern+'\' && echo "BLOCKED: '+message+'" >&2 && exit 2\n';
-  else if(action==='warn') s+='echo "$CMD" | grep -qE \''+pattern+'\' && echo "WARNING: '+message+'" >&2\n';
-  else s+='echo "$CMD" | grep -qE \''+pattern+'\' && jq -n \'{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow"}}\'\n';
-  s+='exit 0';
-  el.innerHTML='<h3>Script</h3><pre>'+esc(s)+'</pre><p style="font-size:.75rem;color:#8b949e">Save as ~/.claude/hooks/custom.sh, chmod +x, add to settings.json</p>';
-}
-
-// COOKBOOK
-const RECIPES=[
-  {cat:'block',t:'Block rm -rf',d:'Destructive commands (#36339)',code:'CMD=$(cat|jq -r \'.tool_input.command // empty\')\n[ -z "$CMD" ] && exit 0\necho "$CMD"|grep -qE \'rm\\s+(-[rf]+\\s+)*/\' && echo "BLOCKED" >&2 && exit 2\nexit 0',trigger:'PreToolUse'},
-  {cat:'block',t:'Block force push',d:'Branch protection',code:'CMD=$(cat|jq -r \'.tool_input.command // empty\')\n[ -z "$CMD" ] && exit 0\necho "$CMD"|grep -qE \'git\\s+push.*--force\' && echo "BLOCKED" >&2 && exit 2\nexit 0',trigger:'PreToolUse'},
-  {cat:'block',t:'Block .env staging',d:'Secret leak prevention (#6527)',code:'CMD=$(cat|jq -r \'.tool_input.command // empty\')\n[ -z "$CMD" ] && exit 0\necho "$CMD"|grep -qiE \'git\\s+add.*\\.env\' && echo "BLOCKED" >&2 && exit 2\nexit 0',trigger:'PreToolUse'},
-  {cat:'block',t:'Block database wipe',d:'migrate:fresh, DROP DATABASE (#37405)',code:'CMD=$(cat|jq -r \'.tool_input.command // empty\')\n[ -z "$CMD" ] && exit 0\necho "$CMD"|grep -qiE \'migrate:fresh|DROP\\s+DATABASE|prisma\\s+migrate\\s+reset\' && echo "BLOCKED" >&2 && exit 2\nexit 0',trigger:'PreToolUse'},
-  {cat:'approve',t:'Auto-approve git read',d:'git status/log/diff with -C flag (#36900)',code:'CMD=$(cat|jq -r \'.tool_input.command // empty\')\n[ -z "$CMD" ] && exit 0\necho "$CMD"|grep -qE \'^\\s*git\\s+(-C\\s+\\S+\\s+)?(status|log|diff|branch|show)\' && jq -n \'{"hookSpecificOutput":{"hookEventName":"PreToolUse","permissionDecision":"allow"}}\'\nexit 0',trigger:'PreToolUse'},
-  {cat:'approve',t:'Compound commands',d:'cd && git log auto-approve (#30519)',code:'# Full: npx cc-safe-setup --install-example compound-command-approver',trigger:'PreToolUse'},
-  {cat:'detect',t:'Loop detector',d:'Break command repetition (5+ times)',code:'CMD=$(cat|jq -r \'.tool_input.command // empty\')\n[ -z "$CMD" ] && exit 0\nSTATE=/tmp/cc-loop\necho "$CMD">>$STATE\ntail -n 10 $STATE>${STATE}.tmp&&mv ${STATE}.tmp $STATE\nCOUNT=$(grep -cF "$CMD" $STATE||echo 0)\n[ "$COUNT" -ge 5 ]&&echo "BLOCKED: repeated $COUNT times" >&2&&exit 2\nexit 0',trigger:'PreToolUse'},
-  {cat:'utility',t:'Session handoff',d:'Save state for next session',code:'# npx cc-safe-setup --install-example session-handoff',trigger:'Stop'},
-  {cat:'utility',t:'Cost tracker',d:'Estimate session token cost',code:'# npx cc-safe-setup --install-example cost-tracker',trigger:'PostToolUse'},
-  {cat:'utility',t:'tmp cleanup',d:'/tmp/claude-*-cwd files (#8856)',code:'find /tmp -maxdepth 1 -name \'claude-*-cwd\' -type f -mmin +60 -delete 2>/dev/null\nexit 0',trigger:'Stop'},
-];
-
-function initCookbook() {
-  const cats=['all','block','approve','detect','utility'];
-  document.getElementById('cb-filters').innerHTML=cats.map(c=>'<button class="filter'+(c==='all'?' active':'')+'" onclick="setCbFilter(\''+c+'\')">'+c+'</button>').join('');
-  filterRecipes();
-}
-let cbFilter='all';
-function setCbFilter(f){cbFilter=f;document.querySelectorAll('#cb-filters .filter').forEach(b=>b.classList.toggle('active',b.textContent===f));filterRecipes();}
-function filterRecipes(){
-  const q=(document.getElementById('cb-search')?.value||'').toLowerCase();
-  const filtered=RECIPES.filter(r=>(cbFilter==='all'||r.cat===cbFilter)&&(!q||r.t.toLowerCase().includes(q)||r.d.toLowerCase().includes(q)||(r.code||'').toLowerCase().includes(q)));
-  document.getElementById('cb-count').textContent=filtered.length+' recipe(s)';
-  document.getElementById('cb-list').innerHTML=filtered.map(r=>'<details class="recipe"><summary>'+esc(r.t)+' <span style="color:#484f58;font-size:.7rem">['+r.trigger+']</span></summary><div class="recipe-body"><p style="color:#8b949e;font-size:.8rem">'+esc(r.d)+'</p>'+(r.code?'<pre>'+esc(r.code)+'</pre>':'')+'</div></details>').join('');
-}
-
-function esc(s){return(s||'').replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;');}
-
-// URL param
-(function(){const p=new URLSearchParams(location.search);const c=p.get('config');if(c){try{document.getElementById('settings').value=atob(c);runAudit();}catch{}}})();
-
-initCookbook();
-</script>
-</body>
-</html>

package/docs/matrix.html

@@ -1,139 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>Claude Code Hooks Matrix — 112 Hooks at a Glance</title>
-<meta name="description" content="Interactive matrix of all 112 Claude Code hooks. Filter by trigger, category, and action type.">
-<style>
-*{box-sizing:border-box;margin:0;padding:0}
-body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',sans-serif;background:#0d1117;color:#c9d1d9;padding:1rem;font-size:.82rem}
-.c{max-width:1100px;margin:0 auto}
-h1{color:#f0f6fc;font-size:1.3rem;margin-bottom:.2rem}
-.sub{color:#8b949e;font-size:.8rem;margin-bottom:.8rem}
-a{color:#58a6ff;text-decoration:none}
-input{width:100%;padding:.5rem;background:#161b22;border:1px solid #30363d;border-radius:6px;color:#c9d1d9;font-size:.85rem;margin-bottom:.5rem}
-input::placeholder{color:#484f58}
-.filters{display:flex;gap:.3rem;flex-wrap:wrap;margin-bottom:.5rem}
-.f{padding:.2rem .5rem;border-radius:3px;border:1px solid #30363d;background:transparent;color:#8b949e;cursor:pointer;font-size:.7rem}
-.f.on{background:#238636;border-color:#238636;color:#fff}
-table{width:100%;border-collapse:collapse}
-th,td{padding:.3rem .4rem;border:1px solid #21262d;text-align:left;font-size:.75rem}
-th{background:#161b22;color:#f0f6fc;position:sticky;top:0;cursor:pointer}
-th:hover{background:#21262d}
-tr:hover td{background:#161b2288}
-.act-block{color:#f85149;font-weight:bold}
-.act-warn{color:#d29922}
-.act-approve{color:#3fb950}
-.act-monitor{color:#58a6ff}
-.count{color:#8b949e;font-size:.78rem;margin:.3rem 0}
-.footer{text-align:center;color:#484f58;font-size:.65rem;margin-top:1rem}
-td code{background:#21262d;padding:.1rem .2rem;border-radius:2px;font-size:.7rem;cursor:pointer}
-td code:hover{color:#58a6ff}
-</style>
-</head>
-<body>
-<div class="c">
-<h1>Hook Matrix</h1>
-<p class="sub">112 hooks. Click column headers to sort. Search to filter.</p>
-
-<input id="q" placeholder="Filter hooks..." oninput="render()">
-<div class="filters" id="filters"></div>
-<div class="count" id="count"></div>
-<div style="overflow-x:auto"><table id="tbl"><thead><tr>
-<th onclick="sortBy('name')">Hook</th>
-<th onclick="sortBy('cat')">Category</th>
-<th onclick="sortBy('trigger')">Trigger</th>
-<th onclick="sortBy('action')">Action</th>
-<th>Description</th>
-<th>Install</th>
-</tr></thead><tbody id="tbody"></tbody></table></div>
-
-<div class="footer">
-<a href="hooks-cheatsheet.html">Cheat Sheet</a> ·
-<a href="builder.html">Builder</a> ·
-<a href="troubleshooting.html">Troubleshoot</a> ·
-<a href="https://github.com/yurukusa/cc-safe-setup">GitHub</a>
-</div>
-</div>
-
-<script>
-const H=[
-{n:'destructive-guard',c:'safety',t:'Pre',a:'block',d:'rm -rf, git reset --hard, git clean',i:'npx cc-safe-setup'},
-{n:'branch-guard',c:'safety',t:'Pre',a:'block',d:'Push to main/master, force-push',i:'npx cc-safe-setup'},
-{n:'secret-guard',c:'safety',t:'Pre',a:'block',d:'git add .env, credential files',i:'npx cc-safe-setup'},
-{n:'syntax-check',c:'quality',t:'Post',a:'warn',d:'Python/Shell/JSON/JS syntax after edits',i:'npx cc-safe-setup'},
-{n:'context-monitor',c:'monitor',t:'Post',a:'warn',d:'Context warnings at 40/25/20/15%',i:'npx cc-safe-setup'},
-{n:'comment-strip',c:'utility',t:'Pre',a:'warn',d:'Fix bash comments breaking permissions',i:'npx cc-safe-setup'},
-{n:'cd-git-allow',c:'approve',t:'Pre',a:'approve',d:'Auto-approve cd && git compounds',i:'npx cc-safe-setup'},
-{n:'api-error-alert',c:'monitor',t:'Stop',a:'monitor',d:'Notify on session API errors',i:'npx cc-safe-setup'},
-{n:'scope-guard',c:'safety',t:'Pre',a:'block',d:'Block operations outside project',i:'--install-example scope-guard'},
-{n:'no-sudo-guard',c:'safety',t:'Pre',a:'block',d:'Block all sudo commands',i:'--install-example no-sudo-guard'},
-{n:'protect-claudemd',c:'safety',t:'Pre',a:'block',d:'Block edits to CLAUDE.md/settings',i:'--install-example protect-claudemd'},
-{n:'protect-dotfiles',c:'safety',t:'Pre',a:'block',d:'Block .bashrc, .aws/, .ssh/ changes',i:'--install-example protect-dotfiles'},
-{n:'block-database-wipe',c:'safety',t:'Pre',a:'block',d:'DROP DATABASE, migrate:fresh, prisma reset',i:'--install-example block-database-wipe'},
-{n:'deploy-guard',c:'deploy',t:'Pre',a:'warn',d:'Warn deploy with uncommitted changes',i:'--install-example deploy-guard'},
-{n:'no-deploy-friday',c:'deploy',t:'Pre',a:'block',d:'Block deploys on Fridays',i:'--install-example no-deploy-friday'},
-{n:'work-hours-guard',c:'deploy',t:'Pre',a:'warn',d:'Restrict risky ops outside hours',i:'--install-example work-hours-guard'},
-{n:'uncommitted-work-guard',c:'safety',t:'Pre',a:'block',d:'Block destructive git when dirty',i:'--install-example uncommitted-work-guard'},
-{n:'test-deletion-guard',c:'quality',t:'Pre',a:'warn',d:'Warn when removing test assertions',i:'--install-example test-deletion-guard'},
-{n:'overwrite-guard',c:'safety',t:'Pre',a:'warn',d:'Warn before overwriting files',i:'--install-example overwrite-guard'},
-{n:'memory-write-guard',c:'safety',t:'Pre',a:'warn',d:'Log writes to ~/.claude/',i:'--install-example memory-write-guard'},
-{n:'fact-check-gate',c:'quality',t:'Post',a:'warn',d:'Docs reference unread source files',i:'--install-example fact-check-gate'},
-{n:'token-budget-guard',c:'monitor',t:'Post',a:'block',d:'Block when cost exceeds budget',i:'--install-example token-budget-guard'},
-{n:'conflict-marker-guard',c:'quality',t:'Pre',a:'block',d:'Block commits with conflict markers',i:'--install-example conflict-marker-guard'},
-{n:'error-memory-guard',c:'safety',t:'Post',a:'block',d:'Block retries of failed commands',i:'--install-example error-memory-guard'},
-{n:'strict-allowlist',c:'safety',t:'Pre',a:'block',d:'Only allow permitted commands',i:'--install-example strict-allowlist'},
-{n:'hardcoded-secret-detector',c:'security',t:'Post',a:'warn',d:'Detect AWS keys, passwords, JWT',i:'--install-example hardcoded-secret-detector'},
-{n:'auto-approve-build',c:'approve',t:'Pre',a:'approve',d:'npm test, cargo build, go test',i:'--install-example auto-approve-build'},
-{n:'auto-approve-python',c:'approve',t:'Pre',a:'approve',d:'pytest, mypy, ruff, black',i:'--install-example auto-approve-python'},
-{n:'auto-approve-docker',c:'approve',t:'Pre',a:'approve',d:'docker build, compose, ps',i:'--install-example auto-approve-docker'},
-{n:'auto-approve-go',c:'approve',t:'Pre',a:'approve',d:'go build/test/vet/fmt',i:'--install-example auto-approve-go'},
-{n:'auto-approve-cargo',c:'approve',t:'Pre',a:'approve',d:'cargo build/test/clippy',i:'--install-example auto-approve-cargo'},
-{n:'auto-approve-make',c:'approve',t:'Pre',a:'approve',d:'make build/test/lint',i:'--install-example auto-approve-make'},
-{n:'auto-approve-gradle',c:'approve',t:'Pre',a:'approve',d:'gradle build/test',i:'--install-example auto-approve-gradle'},
-{n:'auto-approve-maven',c:'approve',t:'Pre',a:'approve',d:'mvn compile/test/verify',i:'--install-example auto-approve-maven'},
-{n:'loop-detector',c:'safety',t:'Pre',a:'block',d:'Break command repetition loops',i:'--install-example loop-detector'},
-{n:'cost-tracker',c:'monitor',t:'Post',a:'monitor',d:'Estimate session token cost',i:'--install-example cost-tracker'},
-{n:'session-handoff',c:'utility',t:'Stop',a:'monitor',d:'Save state for next session',i:'--install-example session-handoff'},
-{n:'revert-helper',c:'utility',t:'Stop',a:'monitor',d:'Show undo on session end',i:'--install-example revert-helper'},
-{n:'compact-reminder',c:'utility',t:'Stop',a:'warn',d:'Suggest /compact after N calls',i:'--install-example compact-reminder'},
-{n:'env-drift-guard',c:'quality',t:'Post',a:'warn',d:'.env vs .env.example mismatch',i:'--install-example env-drift-guard'},
-{n:'package-script-guard',c:'quality',t:'Pre',a:'warn',d:'Warn on package.json script changes',i:'--install-example package-script-guard'},
-{n:'git-blame-context',c:'quality',t:'Pre',a:'monitor',d:'Show file ownership before edits',i:'--install-example git-blame-context'},
-{n:'import-cycle-warn',c:'quality',t:'Post',a:'warn',d:'Detect circular imports',i:'--install-example import-cycle-warn'},
-{n:'lockfile-guard',c:'quality',t:'Pre',a:'warn',d:'Warn when lockfiles modified',i:'--install-example lockfile-guard'},
-{n:'context-snapshot',c:'utility',t:'Stop',a:'monitor',d:'Save branch/files/TODOs state',i:'--install-example context-snapshot'},
-{n:'prompt-injection-guard',c:'security',t:'Post',a:'warn',d:'Detect injection in output',i:'--install-example prompt-injection-guard'},
-{n:'no-eval',c:'security',t:'Post',a:'warn',d:'Warn on eval() usage',i:'--install-example no-eval'},
-{n:'no-console-log',c:'quality',t:'Post',a:'warn',d:'Warn on console.log in prod',i:'--install-example no-console-log'},
-{n:'no-wildcard-import',c:'quality',t:'Post',a:'warn',d:'Warn on import * patterns',i:'--install-example no-wildcard-import'},
-];
-
-const cats=[...new Set(H.map(h=>h.c))].sort();
-const actClass={block:'act-block',warn:'act-warn',approve:'act-approve',monitor:'act-monitor'};
-let filter='all',sortKey='name',sortDir=1;
-
-document.getElementById('filters').innerHTML=['all',...cats].map(c=>`<button class="f${c==='all'?' on':''}" onclick="setF('${c}')">${c}</button>`).join('');
-
-function setF(f){filter=f;document.querySelectorAll('.f').forEach(b=>b.classList.toggle('on',b.textContent===f));render();}
-function sortBy(k){if(sortKey===k)sortDir*=-1;else{sortKey=k;sortDir=1;}render();}
-
-function render(){
-  const q=document.getElementById('q').value.toLowerCase();
-  let list=H.filter(h=>(filter==='all'||h.c===filter)&&(!q||h.n.includes(q)||h.d.toLowerCase().includes(q)||h.c.includes(q)));
-  list.sort((a,b)=>{const av=a[sortKey]||'',bv=b[sortKey]||'';return av<bv?-sortDir:av>bv?sortDir:0;});
-  document.getElementById('count').textContent=list.length+'/'+H.length+' hooks';
-  document.getElementById('tbody').innerHTML=list.map(h=>`<tr>
-    <td><strong>${h.n}</strong></td>
-    <td>${h.c}</td>
-    <td>${h.t}</td>
-    <td class="${actClass[h.a]||''}">${h.a}</td>
-    <td>${h.d}</td>
-    <td><code onclick="navigator.clipboard.writeText('npx cc-safe-setup ${h.i}');this.textContent='✓'">${h.i.substring(0,25)}</code></td>
-  </tr>`).join('');
-}
-render();
-</script>
-</body>
-</html>

package/docs/migration-guide.html

@@ -1,198 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="UTF-8">
-<meta name="viewport" content="width=device-width, initial-scale=1.0">
-<title>Claude Code Hooks — Migration Guide from Other AI Tools</title>
-<meta name="description" content="Moving from Cursor, Windsurf, Aider, or Copilot to Claude Code? Here's how to set up equivalent safety using hooks.">
-<style>
-*{box-sizing:border-box;margin:0;padding:0}
-body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',sans-serif;background:#0d1117;color:#c9d1d9;padding:1.5rem;line-height:1.6}
-.c{max-width:800px;margin:0 auto}
-h1{color:#f0f6fc;font-size:1.5rem;margin-bottom:.3rem}
-h2{color:#f0f6fc;font-size:1.1rem;margin:1.5rem 0 .5rem;padding-bottom:.3rem;border-bottom:1px solid #21262d}
-h3{color:#c9d1d9;font-size:.9rem;margin:.8rem 0 .3rem}
-.sub{color:#8b949e;font-size:.85rem;margin-bottom:1.5rem}
-a{color:#58a6ff;text-decoration:none}
-code{background:#161b22;padding:.15rem .3rem;border-radius:3px;font-size:.85rem}
-pre{background:#161b22;border:1px solid #30363d;border-radius:6px;padding:.7rem;font-size:.8rem;color:#e6edf3;overflow-x:auto;margin:.4rem 0}
-table{width:100%;border-collapse:collapse;margin:.5rem 0;font-size:.82rem}
-th,td{padding:.4rem .6rem;border:1px solid #21262d;text-align:left}
-th{background:#161b22;color:#f0f6fc}
-.note{background:#161b22;border-left:3px solid #58a6ff;padding:.5rem .8rem;margin:.5rem 0;font-size:.82rem;color:#8b949e}
-.tool{background:#161b22;border:1px solid #30363d;border-radius:6px;padding:.8rem;margin:.6rem 0}
-.tool-name{font-weight:600;color:#f0f6fc;font-size:.95rem}
-.tool-desc{color:#8b949e;font-size:.82rem;margin:.3rem 0}
-.footer{text-align:center;color:#484f58;font-size:.7rem;margin-top:2rem;padding-top:1rem;border-top:1px solid #21262d}
-.quick{background:#238636;color:#fff;padding:.5rem 1rem;border-radius:6px;font-family:monospace;font-size:.85rem;border:none;display:block;width:100%;text-align:center;margin:.5rem 0;cursor:pointer}
-</style>
-</head>
-<body>
-<div class="c">
-
-<h1>Migrating to Claude Code</h1>
-<p class="sub">Safety setup guide for developers coming from Cursor, Windsurf, Aider, or Copilot</p>
-
-<button class="quick" onclick="navigator.clipboard.writeText('npx cc-safe-setup --shield');this.textContent='Copied!';setTimeout(()=>this.textContent='npx cc-safe-setup --shield — one command to set up everything',1500)">npx cc-safe-setup --shield — one command to set up everything</button>
-
-<h2>Why Claude Code is Different</h2>
-
-<p>Unlike Cursor or Copilot, Claude Code has <strong>full terminal access</strong>. It can run any command, edit any file, push to any branch. This is powerful but requires safety hooks.</p>
-
-<table>
-<tr><th>Feature</th><th>Cursor/Copilot</th><th>Claude Code</th></tr>
-<tr><td>Terminal access</td><td>Limited/sandboxed</td><td><strong>Full access</strong></td></tr>
-<tr><td>File editing</td><td>IDE-controlled</td><td><strong>Direct filesystem</strong></td></tr>
-<tr><td>Git operations</td><td>Via IDE UI</td><td><strong>Direct git commands</strong></td></tr>
-<tr><td>Safety model</td><td>IDE sandbox</td><td><strong>Hooks (you configure)</strong></td></tr>
-<tr><td>Autonomous mode</td><td>No</td><td><strong>Yes (headless)</strong></td></tr>
-</table>
-
-<div class="note">
-<strong>Key difference:</strong> Cursor/Copilot run inside an IDE sandbox. Claude Code runs in your actual terminal. Hooks replace the sandbox.
-</div>
-
-<h2>From Cursor</h2>
-
-<div class="tool">
-<div class="tool-name">Cursor → Claude Code</div>
-<div class="tool-desc">Cursor Rules (.cursorrules) → CLAUDE.md + hooks</div>
-</div>
-
-<h3>What you had in Cursor</h3>
-<ul>
-<li><code>.cursorrules</code> — project-specific instructions</li>
-<li>IDE-level file protection</li>
-<li>Built-in git safety (can't force-push from UI)</li>
-</ul>
-
-<h3>What you need in Claude Code</h3>
-<pre><code># 1. Convert .cursorrules to CLAUDE.md
-cp .cursorrules CLAUDE.md  # Then edit to Claude Code format
-
-# 2. Install safety hooks
-npx cc-safe-setup --shield
-
-# 3. Add auto-approve for your workflow
-npx cc-safe-setup --install-example auto-approve-build
-</code></pre>
-
-<h3>Key hooks for Cursor migrants</h3>
-<table>
-<tr><th>Cursor feature</th><th>Hook equivalent</th></tr>
-<tr><td>Can't delete system files</td><td><code>destructive-guard</code> + <code>scope-guard</code></td></tr>
-<tr><td>IDE confirms before push</td><td><code>branch-guard</code></td></tr>
-<tr><td>Lint on save</td><td><code>syntax-check</code></td></tr>
-<tr><td>.env excluded from commits</td><td><code>secret-guard</code></td></tr>
-</table>
-
-<h2>From Windsurf</h2>
-
-<div class="tool">
-<div class="tool-name">Windsurf → Claude Code</div>
-<div class="tool-desc">Windsurf Rules → CLAUDE.md + hooks</div>
-</div>
-
-<pre><code># Convert Windsurf cascade rules
-# Windsurf's "Flows" → Claude Code's autonomous mode + hooks
-
-npx cc-safe-setup --shield
-npx cc-safe-setup --install-example context-snapshot  # Preserve state across sessions
-npx cc-safe-setup --install-example session-handoff   # Hand off between sessions
-</code></pre>
-
-<h2>From Aider</h2>
-
-<div class="tool">
-<div class="tool-name">Aider → Claude Code</div>
-<div class="tool-desc">.aider.conf → CLAUDE.md, /lint → syntax-check hook</div>
-</div>
-
-<pre><code># Aider auto-commits → Claude Code needs explicit control
-npx cc-safe-setup --shield
-npx cc-safe-setup --install-example auto-checkpoint   # Similar to Aider's auto-commit
-npx cc-safe-setup --install-example verify-before-done # Ensure tests pass before commit
-
-# Aider's /lint → already covered by syntax-check hook
-# Aider's /test → use auto-approve-build to skip prompts
-</code></pre>
-
-<h2>From GitHub Copilot Workspace</h2>
-
-<div class="tool">
-<div class="tool-name">Copilot Workspace → Claude Code</div>
-<div class="tool-desc">Copilot's plan-execute → Claude Code's plan mode + hooks</div>
-</div>
-
-<pre><code># Copilot Workspace creates PRs automatically
-# Claude Code needs branch protection
-npx cc-safe-setup --shield
-npx cc-safe-setup --install-example deploy-guard       # Prevent accidental deploys
-npx cc-safe-setup --install-example diff-size-guard    # Warn on large changes
-npx cc-safe-setup --install-example pr-description-check # Ensure PR quality
-</code></pre>
-
-<h2>Universal Setup (Any Tool)</h2>
-
-<pre><code># Step 1: Maximum safety
-npx cc-safe-setup --shield
-
-# Step 2: Check what's installed
-npx cc-safe-setup --status
-
-# Step 3: Verify everything works
-npx cc-safe-setup --verify
-
-# Step 4: View your safety score
-npx cc-safe-setup --audit
-</code></pre>
-
-<h2>CLAUDE.md Template</h2>
-
-<p>Create a <code>CLAUDE.md</code> in your project root:</p>
-
-<pre><code># Project Rules
-
-## Safety
-- Do not push to main/master directly
-- Do not force-push
-- Do not delete files outside this project
-- Do not commit .env or credential files
-- Run tests before committing
-
-## Code Style
-- Follow existing conventions in this codebase
-- Keep functions small and focused
-
-## Git
-- Use descriptive commit messages
-- One logical change per commit
-- Create feature branches for new work
-</code></pre>
-
-<div class="note">
-<strong>CLAUDE.md vs .cursorrules:</strong> Same concept, but CLAUDE.md is also read by Claude in the API (not just the CLI). Hooks add enforcement — CLAUDE.md is advisory, hooks are mandatory.
-</div>
-
-<h2>Safety Profile Comparison</h2>
-
-<table>
-<tr><th>Profile</th><th>Hooks</th><th>Best for</th></tr>
-<tr><td><code>minimal</code></td><td>8</td><td>Experienced users, quick tasks</td></tr>
-<tr><td><code>standard</code></td><td>20</td><td>Daily development, balanced safety</td></tr>
-<tr><td><code>strict</code></td><td>33</td><td>Autonomous sessions, production repos</td></tr>
-</table>
-
-<pre><code>npx cc-safe-setup --profile strict  # For autonomous/production use
-</code></pre>
-
-<div class="footer">
-  <a href="hooks-cheatsheet.html">Cheat Sheet</a> ·
-  <a href="builder.html">Hook Builder</a> ·
-  <a href="faq.html">FAQ</a> ·
-  <a href="https://yurukusa.github.io/cc-hook-registry/playground.html">Playground</a> ·
-  <a href="https://github.com/yurukusa/cc-safe-setup">GitHub</a>
-</div>
-</div>
-</body>
-</html>