cc-safe-setup 29.6.0 → 29.6.2

package/examples/session-quota-tracker.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+# session-quota-tracker.sh — Track cumulative tool calls per session
+#
+# Solves: Token consumption spiraling without warning (#23706, #38335)
+#         Users hit Max plan limits unexpectedly. This hook tracks
+#         tool call count per session and warns at thresholds.
+#
+# Tracks: cumulative tool calls in a session file
+# Warns at: 50, 100, 200, 500 tool calls
+#
+# TRIGGER: PostToolUse
+# MATCHER: ""
+#
+# Usage:
+# {
+#   "hooks": {
+#     "PostToolUse": [{
+#       "matcher": "",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/session-quota-tracker.sh" }]
+#     }]
+#   }
+# }
+
+# Session tracking file
+SESSION_FILE="/tmp/cc-quota-tracker-$$"
+
+# Increment counter
+if [ -f "$SESSION_FILE" ]; then
+  COUNT=$(cat "$SESSION_FILE")
+  COUNT=$((COUNT + 1))
+else
+  COUNT=1
+fi
+echo "$COUNT" > "$SESSION_FILE"
+
+# Warn at thresholds
+case "$COUNT" in
+  50)  echo "[Session: 50 tool calls. Consider saving work.]" >&2 ;;
+  100) echo "[Session: 100 tool calls. Token usage may be high.]" >&2 ;;
+  200) echo "[Session: 200 tool calls. Check your usage dashboard.]" >&2 ;;
+  500) echo "[Session: 500 tool calls. Consider starting a new session.]" >&2 ;;
+esac
+
+exit 0

package/examples/session-start-safety-check.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+# session-start-safety-check.sh — Warn about uncommitted changes on session start
+#
+# Solves: Claude Code running destructive git commands on session startup
+#         that destroy uncommitted work (#34327, #39394)
+#
+# How it works:
+#   On SessionStart, checks for:
+#   1. Uncommitted changes (modified/new files)
+#   2. Unpushed commits
+#   3. Stashed changes that may need attention
+#
+#   Prints warnings but does NOT block (exit 0 always).
+#   The goal is awareness, not prevention.
+#
+# TRIGGER: SessionStart
+# MATCHER: ""
+#
+# Usage:
+# {
+#   "hooks": {
+#     "SessionStart": [{
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/session-start-safety-check.sh" }]
+#     }]
+#   }
+# }
+
+# Only run in git repos
+git rev-parse --git-dir > /dev/null 2>&1 || exit 0
+
+WARNINGS=0
+
+# Check for uncommitted changes
+CHANGES=$(git status --porcelain 2>/dev/null | wc -l)
+if [ "$CHANGES" -gt 0 ]; then
+    echo "⚠ WARNING: $CHANGES uncommitted changes detected." >&2
+    echo "  Consider: git stash  (before destructive operations)" >&2
+    WARNINGS=$((WARNINGS + 1))
+fi
+
+# Check for unpushed commits
+UNPUSHED=$(git log --oneline @{upstream}..HEAD 2>/dev/null | wc -l)
+if [ "$UNPUSHED" -gt 0 ]; then
+    echo "⚠ WARNING: $UNPUSHED unpushed commits." >&2
+    echo "  Consider: git push  (to protect against local data loss)" >&2
+    WARNINGS=$((WARNINGS + 1))
+fi
+
+# Check for stashes
+STASHES=$(git stash list 2>/dev/null | wc -l)
+if [ "$STASHES" -gt 0 ]; then
+    echo "ℹ NOTE: $STASHES stashed changes exist." >&2
+    echo "  Review: git stash list" >&2
+fi
+
+if [ "$WARNINGS" -eq 0 ]; then
+    echo "✓ Working tree clean, all commits pushed." >&2
+fi
+
+exit 0

package/examples/session-summary-stop.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+# session-summary-stop.sh — Print session change summary on stop
+#
+# Solves: No quick way to see what Claude changed during a session.
+#         Git diff shows code changes but not the full picture.
+#
+# How it works: Stop hook that runs `git diff --stat` and outputs
+#               a summary of all modified files since the session started.
+#
+# Usage: Add to settings.json as a Stop hook
+#
+# {
+#   "hooks": {
+#     "Stop": [{
+#       "matcher": "",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/session-summary-stop.sh" }]
+#     }]
+#   }
+# }
+
+INPUT=$(cat)
+
+# Only run if in a git repo
+if ! git rev-parse --is-inside-work-tree > /dev/null 2>&1; then
+    exit 0
+fi
+
+# Get change summary
+CHANGES=$(git diff --stat HEAD 2>/dev/null)
+STAGED=$(git diff --cached --stat 2>/dev/null)
+UNTRACKED=$(git ls-files --others --exclude-standard 2>/dev/null | wc -l)
+
+if [ -n "$CHANGES" ] || [ -n "$STAGED" ] || [ "$UNTRACKED" -gt 0 ]; then
+    echo "--- Session Change Summary ---" >&2
+    if [ -n "$CHANGES" ]; then
+        echo "Modified:" >&2
+        echo "$CHANGES" | head -20 >&2
+    fi
+    if [ -n "$STAGED" ]; then
+        echo "Staged:" >&2
+        echo "$STAGED" | head -10 >&2
+    fi
+    if [ "$UNTRACKED" -gt 0 ]; then
+        echo "Untracked files: $UNTRACKED" >&2
+    fi
+    echo "---" >&2
+fi
+
+exit 0

package/examples/session-time-limit.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+# session-time-limit.sh — Warn when session exceeds time limit
+#
+# Prevents: Unbounded autonomous sessions that consume excessive tokens.
+#           Default: warn at 2 hours, configurable via CC_SESSION_LIMIT_HOURS.
+#
+# TRIGGER: PostToolUse
+# MATCHER: ""
+
+INPUT=$(cat)
+
+# Track session start
+MARKER="/tmp/cc-session-start-$$"
+NOW=$(date +%s)
+
+if [ ! -f "$MARKER" ]; then
+  echo "$NOW" > "$MARKER"
+  exit 0
+fi
+
+START=$(cat "$MARKER")
+ELAPSED=$(( (NOW - START) / 60 ))  # minutes
+LIMIT_HOURS="${CC_SESSION_LIMIT_HOURS:-2}"
+LIMIT_MIN=$((LIMIT_HOURS * 60))
+WARN_MIN=$((LIMIT_MIN * 3 / 4))  # warn at 75%
+
+if [ "$ELAPSED" -ge "$LIMIT_MIN" ]; then
+  echo "SESSION TIME LIMIT: ${ELAPSED}min elapsed (limit: ${LIMIT_HOURS}h)." >&2
+  echo "  Consider saving work and starting a new session." >&2
+elif [ "$ELAPSED" -ge "$WARN_MIN" ]; then
+  echo "[Session: ${ELAPSED}min / ${LIMIT_HOURS}h limit]" >&2
+fi
+
+exit 0

package/examples/strip-coauthored-by.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# strip-coauthored-by.sh — Remove or warn about Co-Authored-By trailers
+#
+# Solves: Claude auto-appending Co-Authored-By to every commit without
+# user consent. 489 commits branded without the user wanting it.
+# See: https://github.com/anthropics/claude-code/issues/29999
+#
+# TRIGGER: PreToolUse
+# MATCHER: Bash
+#
+# Usage:
+# {
+#   "hooks": {
+#     "PreToolUse": [{
+#       "matcher": "Bash",
+#       "hooks": [{
+#         "type": "command",
+#         "if": "Bash(git commit *)",
+#         "command": "~/.claude/hooks/strip-coauthored-by.sh"
+#       }]
+#     }]
+#   }
+# }
+#
+# Config: CC_ALLOW_COAUTHOR=1 to allow (default: 0 = block/warn)
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+[ -z "$COMMAND" ] && exit 0
+
+# Only check git commit commands
+echo "$COMMAND" | grep -qE '^\s*git\s+commit' || exit 0
+
+# Check if Co-Authored-By is in the commit message
+if echo "$COMMAND" | grep -qiE 'Co-Authored-By.*Claude\|Co-Authored-By.*Anthropic\|Co-Authored-By.*noreply@anthropic'; then
+    if [ "${CC_ALLOW_COAUTHOR:-0}" = "1" ]; then
+        exit 0  # User explicitly allows
+    fi
+    echo "⚠ Co-Authored-By trailer detected in commit message" >&2
+    echo "  Set CC_ALLOW_COAUTHOR=1 to allow, or remove the trailer." >&2
+    echo "  See: https://github.com/anthropics/claude-code/issues/29999" >&2
+    # Warn but don't block — user can decide
+    exit 0
+fi
+
+exit 0

package/examples/temp-file-cleanup.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+# temp-file-cleanup.sh — Stop hook
+# Trigger: Stop
+# Matcher: (empty — runs on session end)
+#
+# Cleans up temporary files created by Claude Code sessions.
+# Claude Code creates /tmp/claude-*-cwd files for directory tracking
+# but never deletes them, accumulating 500+ files/day.
+#
+# See: https://github.com/anthropics/claude-code/issues/8856
+#
+# Usage: Add to settings.json as a Stop hook
+#
+# {
+#   "hooks": {
+#     "Stop": [{
+#       "matcher": "",
+#       "hooks": [{ "type": "command", "command": "bash /path/to/temp-file-cleanup.sh" }]
+#     }]
+#   }
+# }
+
+# Count before cleanup
+COUNT=$(find /tmp -maxdepth 1 -name "claude-*" -type f 2>/dev/null | wc -l)
+
+if [ "$COUNT" -eq 0 ]; then
+    exit 0
+fi
+
+# Clean up Claude Code temp files older than 1 hour
+find /tmp -maxdepth 1 -name "claude-*-cwd" -type f -mmin +60 -delete 2>/dev/null
+find /tmp -maxdepth 1 -name "claude-*" -type f -mmin +60 -delete 2>/dev/null
+
+REMAINING=$(find /tmp -maxdepth 1 -name "claude-*" -type f 2>/dev/null | wc -l)
+CLEANED=$((COUNT - REMAINING))
+
+if [ "$CLEANED" -gt 0 ]; then
+    echo "Cleaned $CLEANED Claude temp files (${REMAINING} recent files kept)" >&2
+fi
+
+exit 0

package/examples/test-before-push.sh

@@ -12,10 +12,17 @@
 #   "hooks": {
 #     "PreToolUse": [{
 #       "matcher": "Bash",
-#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/test-before-push.sh" }]
+#       "hooks": [{
+#         "type": "command",
+#         "if": "Bash(git push *)",
+#         "command": "~/.claude/hooks/test-before-push.sh"
+#       }]
 #     }]
 #   }
 # }
+#
+# The "if" field (v2.1.85+) eliminates process spawning for non-push commands.
+# Without "if", the hook still works — it checks internally and exits early.
 
 INPUT=$(cat)
 COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)

package/examples/test-coverage-reminder.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+# test-coverage-reminder.sh — Remind to run tests after code changes
+#
+# Prevents: Pushing untested code. Claude often edits files
+#           without running the test suite afterward.
+#
+# Tracks: number of Edit/Write calls since last test run.
+# Warns at: 5 edits without tests, blocks at 10.
+#
+# TRIGGER: PostToolUse
+# MATCHER: "Write|Edit|Bash"
+#
+# Usage:
+# {
+#   "hooks": {
+#     "PostToolUse": [{
+#       "matcher": "Write|Edit|Bash",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/test-coverage-reminder.sh" }]
+#     }]
+#   }
+# }
+
+COUNTER_FILE="/tmp/cc-edit-since-test-$$"
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)
+
+case "$TOOL" in
+  Write|Edit)
+    # Increment edit counter
+    COUNT=$(cat "$COUNTER_FILE" 2>/dev/null || echo 0)
+    COUNT=$((COUNT + 1))
+    echo "$COUNT" > "$COUNTER_FILE"
+
+    if [ "$COUNT" -eq 5 ]; then
+      echo "REMINDER: 5 files changed since last test run. Consider running tests." >&2
+    elif [ "$COUNT" -ge 10 ]; then
+      echo "WARNING: $COUNT files changed without running tests. Run tests now." >&2
+    fi
+    ;;
+  Bash)
+    # Reset counter if a test command was run
+    CMD=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+    if echo "$CMD" | grep -qiE '(npm\s+test|npx\s+jest|npx\s+vitest|pytest|go\s+test|cargo\s+test|make\s+test|bash\s+test)'; then
+      echo "0" > "$COUNTER_FILE"
+    fi
+    ;;
+esac
+
+exit 0

package/examples/test-exit-code-verify.sh

@@ -0,0 +1,60 @@
+#!/bin/bash
+# test-exit-code-verify.sh — Verify test command exit codes match results
+#
+# Problem: Claude reports "tests passed" even when they didn't run or failed.
+# This PostToolUse hook checks the actual exit code of test commands and
+# emits a warning if the exit code indicates failure.
+#
+# GitHub Issue: #1501 (Claude reports false test results)
+#
+# Usage: Add to settings.json as a PostToolUse hook on "Bash"
+#
+# How it works:
+# 1. Detects test-like commands (npm test, pytest, jest, go test, etc.)
+# 2. Checks the actual exit code from tool output
+# 3. If exit code != 0, warns Claude via stderr so it cannot claim success
+# 4. If no output was captured, warns about phantom test runs
+#
+# Why stderr: PostToolUse hook stderr is shown to Claude as feedback.
+# This forces Claude to acknowledge test failures instead of fabricating results.
+
+INPUT=$(cat)
+
+# Extract command and exit code
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+EXIT_CODE=$(echo "$INPUT" | jq -r '.tool_result.exitCode // .tool_result.exit_code // empty' 2>/dev/null)
+STDOUT=$(echo "$INPUT" | jq -r '.tool_result.stdout // empty' 2>/dev/null)
+
+[ -z "$COMMAND" ] && exit 0
+
+# Detect test commands
+is_test_command() {
+    local cmd="$1"
+    echo "$cmd" | grep -qiE '(npm\s+test|npx\s+jest|npx\s+vitest|pytest|python\s+-m\s+pytest|go\s+test|cargo\s+test|bundle\s+exec\s+rspec|mix\s+test|dotnet\s+test|mvn\s+test|gradle\s+test|make\s+test|bash\s+test\.sh)'
+}
+
+if ! is_test_command "$COMMAND"; then
+    exit 0
+fi
+
+# Check exit code
+if [ -n "$EXIT_CODE" ] && [ "$EXIT_CODE" != "0" ]; then
+    echo "⚠️ TEST FAILURE DETECTED" >&2
+    echo "Command: $(echo "$COMMAND" | head -c 100)" >&2
+    echo "Exit code: $EXIT_CODE" >&2
+    echo "Do NOT report these tests as passing. The exit code proves failure." >&2
+    echo "Re-read the output above and fix the failing tests." >&2
+    exit 0
+fi
+
+# Check for empty output (phantom test run)
+if [ -z "$STDOUT" ] || [ ${#STDOUT} -lt 10 ]; then
+    echo "⚠️ TEST OUTPUT SUSPICIOUSLY SHORT" >&2
+    echo "Command: $(echo "$COMMAND" | head -c 100)" >&2
+    echo "Output length: ${#STDOUT} chars" >&2
+    echo "Verify tests actually ran. Short output may indicate no tests executed." >&2
+    exit 0
+fi
+
+# Tests appear to have run and passed
+exit 0

package/examples/tool-file-logger.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# tool-file-logger.sh — Log file paths from Read/Write/Edit to stderr
+#
+# Solves: "No indication of WHICH file for READ tool" (#21151 — 180 reactions)
+#         Users must expand every Read/Write/Edit to see the file path.
+#         This hook shows the file path in the collapsed view.
+#
+# Output format:
+#   [Read: src/components/App.tsx]
+#   [Write: package.json]
+#   [Edit: src/utils/helpers.ts]
+#
+# TRIGGER: PostToolUse
+# MATCHER: "Read|Write|Edit"
+#
+# Usage:
+# {
+#   "hooks": {
+#     "PostToolUse": [{
+#       "matcher": "Read|Write|Edit",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/tool-file-logger.sh" }]
+#     }]
+#   }
+# }
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)
+[ -z "$TOOL" ] && exit 0
+
+# Extract file path from tool input
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // .tool_input.filePath // empty' 2>/dev/null)
+[ -z "$FILE" ] && exit 0
+
+# Show just the filename for brevity, full path available in expanded view
+BASENAME=$(basename "$FILE")
+DIR=$(dirname "$FILE")
+
+# For paths inside home directory, show relative path
+if echo "$DIR" | grep -q "^$HOME"; then
+  RELDIR=$(echo "$DIR" | sed "s|^$HOME|~|")
+  echo "[$TOOL: $RELDIR/$BASENAME]" >&2
+else
+  echo "[$TOOL: $FILE]" >&2
+fi
+
+exit 0

package/examples/typescript-lint-on-edit.sh

@@ -0,0 +1,61 @@
+#!/bin/bash
+# typescript-lint-on-edit.sh — Run TypeScript type check after editing .ts/.tsx files
+#
+# TRIGGER: PostToolUse
+# MATCHER: Edit
+#
+# Best with v2.1.85 "if" field:
+# {
+#   "hooks": {
+#     "PostToolUse": [{
+#       "matcher": "Edit",
+#       "hooks": [{
+#         "type": "command",
+#         "if": "Edit(*.ts)",
+#         "command": "~/.claude/hooks/typescript-lint-on-edit.sh"
+#       }]
+#     }]
+#   }
+# }
+#
+# Without "if", the hook checks file extension internally.
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+
+# Skip non-TypeScript files
+case "$FILE" in
+    *.ts|*.tsx) ;;
+    *) exit 0 ;;
+esac
+
+[ ! -f "$FILE" ] && exit 0
+
+# Find tsconfig.json in parent directories
+DIR=$(dirname "$FILE")
+TSCONFIG=""
+while [ "$DIR" != "/" ]; do
+    if [ -f "$DIR/tsconfig.json" ]; then
+        TSCONFIG="$DIR/tsconfig.json"
+        break
+    fi
+    DIR=$(dirname "$DIR")
+done
+
+# No tsconfig = no type checking possible
+[ -z "$TSCONFIG" ] && exit 0
+
+# Run tsc --noEmit on the specific file
+PROJECT_DIR=$(dirname "$TSCONFIG")
+ISSUES=$(cd "$PROJECT_DIR" && npx tsc --noEmit --pretty false 2>&1 | grep "$(basename "$FILE")" | head -10)
+
+if [ -n "$ISSUES" ]; then
+    COUNT=$(echo "$ISSUES" | wc -l)
+    echo "⚠ TypeScript: $COUNT error(s) in $(basename "$FILE")" >&2
+    echo "$ISSUES" | head -5 >&2
+    if [ "$COUNT" -gt 5 ]; then
+        echo "  ... and $((COUNT - 5)) more" >&2
+    fi
+fi
+
+exit 0

package/examples/typescript-strict-check.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+# typescript-strict-check.sh — Warn when TypeScript strict mode is disabled
+#
+# Prevents: Claude silently setting "strict": false in tsconfig.json
+#           to bypass type errors instead of fixing them.
+#
+# TRIGGER: PostToolUse
+# MATCHER: "Write|Edit"
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[ -z "$FILE" ] && exit 0
+
+BASENAME=$(basename "$FILE")
+[ "$BASENAME" != "tsconfig.json" ] && exit 0
+[ ! -f "$FILE" ] && exit 0
+
+# Check if strict is explicitly set to false
+if python3 -c "
+import json
+with open('$FILE') as f:
+    config = json.load(f)
+opts = config.get('compilerOptions', {})
+if opts.get('strict') == False:
+    exit(1)
+if opts.get('noImplicitAny') == False:
+    exit(1)
+" 2>/dev/null; then
+  : # OK
+else
+  echo "WARNING: TypeScript strict mode is disabled in $FILE." >&2
+  echo "  Consider enabling 'strict: true' for better type safety." >&2
+fi
+
+exit 0

package/examples/uncommitted-changes-stop.sh

@@ -0,0 +1,16 @@
+INPUT=$(cat)
+if ! git rev-parse --is-inside-work-tree > /dev/null 2>&1; then
+    exit 0
+fi
+MODIFIED=$(git diff --name-only 2>/dev/null | wc -l)
+STAGED=$(git diff --cached --name-only 2>/dev/null | wc -l)
+UNTRACKED=$(git ls-files --others --exclude-standard 2>/dev/null | wc -l)
+TOTAL=$((MODIFIED + STAGED + UNTRACKED))
+if [ "$TOTAL" -gt 0 ]; then
+    echo "⚠ WARNING: $TOTAL uncommitted changes:" >&2
+    [ "$MODIFIED" -gt 0 ] && echo "  Modified: $MODIFIED files" >&2
+    [ "$STAGED" -gt 0 ] && echo "  Staged: $STAGED files" >&2
+    [ "$UNTRACKED" -gt 0 ] && echo "  Untracked: $UNTRACKED files" >&2
+    echo "  Consider: git add -A && git commit -m 'session checkpoint'" >&2
+fi
+exit 0

package/examples/uncommitted-discard-guard.sh

@@ -0,0 +1,72 @@
+#!/bin/bash
+# uncommitted-discard-guard.sh — Block commands that discard uncommitted changes
+#
+# Solves: Claude running "git checkout -- ." or "git restore ." to discard
+#         hours of uncommitted work. Real incident: #37888 — 30+ files of
+#         manual edits destroyed twice in one session.
+#
+# Detects:
+#   git checkout -- <files>   (discards working tree changes)
+#   git checkout .            (discards all changes)
+#   git restore <files>       (same effect as checkout --)
+#   git restore .             (discards all working tree changes)
+#   git stash drop            (permanently deletes stashed changes)
+#
+# Does NOT block:
+#   git checkout <branch>     (switching branches — safe)
+#   git checkout -b <branch>  (creating branches — safe)
+#   git restore --staged      (unstaging — non-destructive)
+#   git stash                 (saving changes — safe)
+#   git stash pop             (restoring changes — safe)
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+
+[ -z "$COMMAND" ] && exit 0
+
+# Block: git checkout -- <files> (discard working tree changes)
+# The "--" separator followed by paths means "discard changes to these files"
+if echo "$COMMAND" | grep -qE 'git\s+checkout\s+--\s+\S'; then
+    echo "BLOCKED: git checkout -- <files> discards uncommitted changes permanently." >&2
+    echo "" >&2
+    echo "Command: $COMMAND" >&2
+    echo "" >&2
+    echo "If you need to discard changes, commit or stash first:" >&2
+    echo "  git stash        # save changes for later" >&2
+    echo "  git stash pop    # restore saved changes" >&2
+    exit 2
+fi
+
+# Block: git checkout . (discard ALL changes)
+if echo "$COMMAND" | grep -qE 'git\s+checkout\s+\.\s*$'; then
+    echo "BLOCKED: git checkout . discards ALL uncommitted changes." >&2
+    echo "" >&2
+    echo "This would destroy every uncommitted modification in the working tree." >&2
+    echo "Commit or stash your changes first." >&2
+    exit 2
+fi
+
+# Block: git restore <files> without --staged (discards working tree changes)
+if echo "$COMMAND" | grep -qE 'git\s+restore\s+' && ! echo "$COMMAND" | grep -qE 'git\s+restore\s+--staged'; then
+    # Allow "git restore --staged" (just unstages, non-destructive)
+    # Block "git restore <files>" and "git restore ."
+    echo "BLOCKED: git restore discards uncommitted changes." >&2
+    echo "" >&2
+    echo "Command: $COMMAND" >&2
+    echo "" >&2
+    echo "Use 'git restore --staged <file>' to unstage without losing changes." >&2
+    echo "Use 'git stash' to save changes for later." >&2
+    exit 2
+fi
+
+# Block: git stash drop (permanently deletes stashed changes)
+if echo "$COMMAND" | grep -qE 'git\s+stash\s+drop'; then
+    echo "BLOCKED: git stash drop permanently deletes stashed changes." >&2
+    echo "" >&2
+    echo "If you're sure, use 'git stash pop' to apply and remove in one step." >&2
+    exit 2
+fi
+
+exit 0