cc-safe-setup 13.2.0 → 13.4.0

package/README.md

@@ -6,7 +6,7 @@
 
 **One command to make Claude Code safe for autonomous operation.** [日本語](docs/README.ja.md)
 
-8 built-in + 124 examples = **138 hooks**. 43 CLI commands. 561 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Wizard](https://yurukusa.github.io/cc-safe-setup/wizard.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
+8 built-in + 124 examples = **138 hooks**. 44 CLI commands. 561 tests. 5 languages. [**Hub**](https://yurukusa.github.io/cc-safe-setup/hub.html) · [Wizard](https://yurukusa.github.io/cc-safe-setup/wizard.html) · [Cheat Sheet](https://yurukusa.github.io/cc-safe-setup/hooks-cheatsheet.html) · [Builder](https://yurukusa.github.io/cc-safe-setup/builder.html) · [FAQ](https://yurukusa.github.io/cc-safe-setup/faq.html) · [Examples](https://yurukusa.github.io/cc-safe-setup/by-example.html) · [Matrix](https://yurukusa.github.io/cc-safe-setup/matrix.html) · [Playground](https://yurukusa.github.io/cc-hook-registry/playground.html)
 
 ```bash
 npx cc-safe-setup

package/index.mjs

@@ -112,6 +112,7 @@ const CREATE_IDX = process.argv.findIndex(a => a === '--create');
 const CREATE_DESC = CREATE_IDX !== -1 ? process.argv.slice(CREATE_IDX + 1).join(' ') : null;
 const SUGGEST = process.argv.includes('--suggest');
 const INIT_PROJECT = process.argv.includes('--init-project');
+const SCORE_ONLY = process.argv.includes('--score');
 const TEST_HOOK_IDX = process.argv.findIndex(a => a === '--test-hook');
 const TEST_HOOK = TEST_HOOK_IDX !== -1 ? process.argv[TEST_HOOK_IDX + 1] : null;
 const WHY_IDX = process.argv.findIndex(a => a === '--why');
@@ -149,6 +150,7 @@ if (HELP) {
     npx cc-safe-setup --create "<desc>"  Generate a custom hook from description
     npx cc-safe-setup --test-hook <name>  Test a specific hook with sample inputs
     npx cc-safe-setup --save-profile <name>  Save current hooks as a named profile
+    npx cc-safe-setup --score           Print safety score (0-100) and exit
     npx cc-safe-setup --init-project    Complete project setup (CLAUDE.md + hooks + CI + .gitignore)
     npx cc-safe-setup --suggest        Analyze project and predict risks → suggest hooks
     npx cc-safe-setup --why <hook>     Why this hook exists (real incident + issue link)
@@ -537,8 +539,28 @@ function examples() {
     console.log();
   }
 
-  console.log();
-  console.log(c.dim + '  Copy any example to ~/.claude/hooks/ and add to settings.json.' + c.reset);
+  // Show batch install command if filtered
+  const allFiltered = [];
+  for (const [cat, hooks] of Object.entries(CATEGORIES)) {
+    const fh = filter
+      ? Object.entries(hooks).filter(([file, desc]) =>
+          cat.toLowerCase().includes(filter) ||
+          file.toLowerCase().includes(filter) ||
+          desc.toLowerCase().includes(filter))
+      : Object.entries(hooks);
+    for (const [file] of fh) allFiltered.push(file.replace('.sh', ''));
+  }
+
+  if (filter && allFiltered.length > 0 && allFiltered.length <= 20) {
+    console.log(c.dim + '  Install all filtered hooks:' + c.reset);
+    for (const h of allFiltered) {
+      console.log(c.dim + `    npx cc-safe-setup --install-example ${h}` + c.reset);
+    }
+    console.log();
+  }
+
+  console.log(c.dim + '  Or install any single hook:' + c.reset);
+  console.log(c.dim + '    npx cc-safe-setup --install-example <name>' + c.reset);
   console.log(c.dim + '  Source: ' + c.blue + 'https://github.com/yurukusa/cc-safe-setup/tree/main/examples' + c.reset);
   console.log();
 }
@@ -1072,6 +1094,44 @@ async function saveProfile(name) {
   console.log();
 }
 
+async function scoreOnly() {
+  const { readdirSync } = await import('fs');
+  let score = 0;
+
+  // Hooks installed (max 50 points)
+  const hookDir = join(HOME, '.claude', 'hooks');
+  const hookCount = existsSync(hookDir) ? readdirSync(hookDir).filter(f => f.endsWith('.sh') || f.endsWith('.py')).length : 0;
+  score += Math.min(hookCount * 3, 50);
+
+  // Critical hooks (max 20 points)
+  const critical = ['destructive-guard', 'branch-guard', 'secret-guard'];
+  if (existsSync(SETTINGS_PATH)) {
+    try {
+      const s = JSON.parse(readFileSync(SETTINGS_PATH, 'utf-8'));
+      const cmds = JSON.stringify(s.hooks || {});
+      for (const h of critical) {
+        if (cmds.includes(h)) score += 7;
+      }
+    } catch {}
+  }
+
+  // CLAUDE.md exists (10 points)
+  if (existsSync(join(process.cwd(), 'CLAUDE.md'))) score += 10;
+
+  // .gitignore has .env (10 points)
+  const gi = existsSync(join(process.cwd(), '.gitignore')) ? readFileSync(join(process.cwd(), '.gitignore'), 'utf-8') : '';
+  if (gi.includes('.env')) score += 10;
+
+  // CI workflow (10 points)
+  if (existsSync(join(process.cwd(), '.github', 'workflows', 'claude-code-safety.yml'))) score += 10;
+
+  score = Math.min(score, 100);
+
+  // Output just the score for piping
+  console.log(score);
+  process.exit(score >= 70 ? 0 : 1);
+}
+
 async function initProject() {
   console.log();
   console.log(c.bold + '  cc-safe-setup --init-project' + c.reset);
@@ -4498,6 +4558,7 @@ async function main() {
   if (WATCH) return watch();
   if (TEST_HOOK_IDX !== -1) return testHook(TEST_HOOK);
   if (SAVE_PROFILE_IDX !== -1) return saveProfile(SAVE_PROFILE);
+  if (SCORE_ONLY) return scoreOnly();
   if (INIT_PROJECT) return initProject();
   if (SUGGEST) return suggest();
   if (WHY_IDX !== -1) return why(WHY_HOOK);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cc-safe-setup",
-  "version": "13.2.0",
+  "version": "13.4.0",
   "description": "One command to make Claude Code safe. 59 hooks (8 built-in + 51 examples). 26 CLI commands: dashboard, create, audit, lint, diff, migrate, compare, generate-ci. 284 tests.",
   "main": "index.mjs",
   "bin": {