cc-safe-setup 29.6.25 → 29.6.27

package/README.md

@@ -4,7 +4,7 @@
 [![npm downloads](https://img.shields.io/npm/dw/cc-safe-setup)](https://www.npmjs.com/package/cc-safe-setup)
 [![tests](https://github.com/yurukusa/cc-safe-setup/actions/workflows/test.yml/badge.svg)](https://github.com/yurukusa/cc-safe-setup/actions/workflows/test.yml)
 
-**One command to make Claude Code safe for autonomous operation.** 1,000+ installs/day · [日本語](docs/README.ja.md)
+**One command to make Claude Code safe for autonomous operation.** 507 example hooks · 7,341 tests · 1,000+ installs/day · [日本語](docs/README.ja.md)
 
 ```bash
 npx cc-safe-setup
@@ -117,7 +117,7 @@ Install any of these: `npx cc-safe-setup --install-example <name>`
 | `--scan [--apply]` | Tech stack detection |
 | `--export / --import` | Team config sharing |
 | `--verify` | Test each hook |
-| `--install-example <name>` | Install from 446 examples |
+| `--install-example <name>` | Install from 507 examples |
 | `--examples [filter]` | Browse examples by keyword |
 | `--full` | All-in-one setup |
 | `--status` | Check installed hooks |
@@ -184,6 +184,7 @@ Install any of these: `npx cc-safe-setup --install-example <name>`
 | Multiline commands skip pattern matching | [#11932](https://github.com/anthropics/claude-code/issues/11932) (47👍) | Use hooks instead of allowlist patterns for complex commands |
 | No notification when Claude asks a question | [#13024](https://github.com/anthropics/claude-code/issues/13024) (52👍) | `npx cc-safe-setup --install-example notify-waiting` |
 | `allow` overrides `ask` in permissions | [#6527](https://github.com/anthropics/claude-code/issues/6527) (17👍) | Use hooks to block dangerous commands instead of `ask` rules |
+| Plans stored in `~/.claude/` with random names | [#12619](https://github.com/anthropics/claude-code/issues/12619) (163👍) | `npx cc-safe-setup --install-example plan-repo-sync` |
 
 ## How It Works
 

package/examples/ansible-vault-guard.sh

@@ -0,0 +1,8 @@
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+[[ -z "$COMMAND" ]] && exit 0
+if echo "$COMMAND" | grep -qE 'ansible-vault\s+decrypt\b'; then
+    echo "WARNING: Decrypting Ansible vault." >&2
+    echo "Remember to re-encrypt before committing." >&2
+fi
+exit 0

package/examples/api-rate-limit-guard.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+# ================================================================
+# api-rate-limit-guard.sh — Throttle rapid API calls to prevent rate limiting
+# ================================================================
+# PURPOSE:
+#   Claude often makes rapid successive curl/API calls that trigger
+#   rate limits (429 Too Many Requests). This hook tracks the last
+#   call time and enforces a minimum interval between API requests.
+#
+#   Default: 1 second between curl/wget/httpie calls.
+#   Customize MIN_INTERVAL_MS for your API's rate limit.
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
+#
+# Usage:
+# {
+#   "hooks": {
+#     "PreToolUse": [{
+#       "matcher": "Bash",
+#       "hooks": [{
+#         "type": "command",
+#         "if": "Bash(curl *)",
+#         "command": "~/.claude/hooks/api-rate-limit-guard.sh"
+#       }]
+#     }]
+#   }
+# }
+# ================================================================
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+[ -z "$COMMAND" ] && exit 0
+
+# Only check HTTP client commands
+echo "$COMMAND" | grep -qE '^\s*(curl|wget|http|https)\s' || exit 0
+
+# Configurable minimum interval (milliseconds)
+MIN_INTERVAL_MS="${CC_API_RATE_LIMIT_MS:-1000}"
+
+TIMESTAMP_FILE="/tmp/.cc-api-rate-limit-$$"
+NOW_MS=$(date +%s%N | cut -b1-13 2>/dev/null || date +%s)
+
+if [ -f "$TIMESTAMP_FILE" ]; then
+    LAST_MS=$(cat "$TIMESTAMP_FILE" 2>/dev/null || echo "0")
+    DIFF=$((NOW_MS - LAST_MS))
+    if [ "$DIFF" -lt "$MIN_INTERVAL_MS" ] 2>/dev/null; then
+        WAIT=$((MIN_INTERVAL_MS - DIFF))
+        echo "⚠ Rate limit guard: ${WAIT}ms cooldown remaining." >&2
+        echo "  Set CC_API_RATE_LIMIT_MS to adjust (current: ${MIN_INTERVAL_MS}ms)." >&2
+        # Note: exit 0 = warn only. Change to exit 2 to hard-block.
+    fi
+fi
+
+echo "$NOW_MS" > "$TIMESTAMP_FILE"
+exit 0

package/examples/bash-timeout-guard.sh

@@ -0,0 +1,63 @@
+#!/bin/bash
+# ================================================================
+# bash-timeout-guard.sh — Warn on commands likely to hang or run
+# indefinitely without a timeout
+#
+# Solves: Claude running commands that hang forever (e.g., servers,
+# watchers, interactive tools) causing the session to stall.
+# Common pattern: `npm start`, `python app.py`, `tail -f`,
+# `docker logs -f`, or `while true` loops.
+#
+# This hook warns (but doesn't block) when a command looks like
+# it will run indefinitely, suggesting `timeout` prefix.
+#
+# Usage: Add to settings.json as a PreToolUse hook
+#
+# {
+#   "hooks": {
+#     "PreToolUse": [{
+#       "matcher": "Bash",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/bash-timeout-guard.sh" }]
+#     }]
+#   }
+# }
+# ================================================================
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+
+[[ -z "$COMMAND" ]] && exit 0
+
+# Already has timeout — good
+if echo "$COMMAND" | grep -qE '^\s*timeout\s'; then
+    exit 0
+fi
+
+# Detect commands that typically run forever
+INFINITE=0
+REASON=""
+
+# Server/watcher start commands
+if echo "$COMMAND" | grep -qE '(npm|yarn|pnpm)\s+(start|run\s+dev|run\s+serve)'; then
+    INFINITE=1; REASON="dev server (runs indefinitely)"
+elif echo "$COMMAND" | grep -qE 'python\s+.*\b(app|server|manage\.py\s+runserver|flask\s+run|uvicorn|gunicorn)'; then
+    INFINITE=1; REASON="Python server"
+elif echo "$COMMAND" | grep -qE 'node\s+.*\b(server|app|index)\b'; then
+    INFINITE=1; REASON="Node.js server"
+elif echo "$COMMAND" | grep -qE '(tail|docker\s+logs)\s+-f'; then
+    INFINITE=1; REASON="follow mode (runs indefinitely)"
+elif echo "$COMMAND" | grep -qE 'while\s+(true|:|\[\s*1\s*\])'; then
+    INFINITE=1; REASON="infinite loop"
+elif echo "$COMMAND" | grep -qE '(nc|netcat|ncat)\s+.*-l'; then
+    INFINITE=1; REASON="network listener"
+elif echo "$COMMAND" | grep -qE 'inotifywait|fswatch|watchman'; then
+    INFINITE=1; REASON="file watcher"
+fi
+
+if [[ "$INFINITE" -eq 1 ]]; then
+    echo "WARNING: This command may run indefinitely ($REASON)." >&2
+    echo "Command: $COMMAND" >&2
+    echo "Consider: timeout 30 $COMMAND" >&2
+fi
+
+exit 0

package/examples/bulk-file-delete-guard.sh

@@ -0,0 +1,88 @@
+#!/bin/bash
+# bulk-file-delete-guard.sh — Block commands that delete many files at once
+#
+# Solves: Agent deleting thousands of untracked files without user consent
+#         (#23913 — 2,229 files deleted with rm -rf and Remove-Item)
+#
+# How it works: Detects recursive delete patterns and estimates the number
+#   of files that would be affected. Blocks if above threshold.
+#
+# Default threshold: 10 files. Change THRESHOLD below.
+#
+# Patterns detected:
+#   - rm -rf / rm -r with wildcards or broad paths
+#   - find ... -delete / find ... -exec rm
+#   - Remove-Item -Recurse (PowerShell)
+#   - git clean -fd (removes untracked files)
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+[[ -z "$COMMAND" ]] && exit 0
+
+THRESHOLD=10
+
+# Check for recursive delete patterns
+IS_BULK=0
+TARGET=""
+
+# rm -rf / rm -r with wildcards or broad directory paths
+if echo "$COMMAND" | grep -qE 'rm\s+(-[a-zA-Z]*r[a-zA-Z]*f?|(-[a-zA-Z]*f[a-zA-Z]*r))\s'; then
+    # Extract the target path
+    TARGET=$(echo "$COMMAND" | grep -oE 'rm\s+-[a-zA-Z]+\s+(.+)' | sed 's/rm\s\+-[a-zA-Z]\+\s\+//')
+    IS_BULK=1
+fi
+
+# find ... -delete
+if echo "$COMMAND" | grep -qE 'find\s+.*-delete'; then
+    TARGET=$(echo "$COMMAND" | grep -oE 'find\s+(\S+)' | sed 's/find\s\+//')
+    IS_BULK=1
+fi
+
+# find ... -exec rm
+if echo "$COMMAND" | grep -qE 'find\s+.*-exec\s+rm'; then
+    TARGET=$(echo "$COMMAND" | grep -oE 'find\s+(\S+)' | sed 's/find\s\+//')
+    IS_BULK=1
+fi
+
+# Remove-Item -Recurse (PowerShell)
+if echo "$COMMAND" | grep -qiE 'Remove-Item.*-Recurse|Remove-Item.*-r\b'; then
+    IS_BULK=1
+fi
+
+# git clean -fd (removes untracked files)
+if echo "$COMMAND" | grep -qE 'git\s+clean\s+-[a-zA-Z]*[fd]'; then
+    IS_BULK=1
+    # Count untracked files
+    UNTRACKED=$(git ls-files --others --exclude-standard 2>/dev/null | wc -l)
+    if [[ "$UNTRACKED" -gt "$THRESHOLD" ]]; then
+        echo "BLOCKED: git clean would delete $UNTRACKED untracked files (threshold: $THRESHOLD)" >&2
+        echo "Command: $COMMAND" >&2
+        echo "" >&2
+        echo "Review files first: git ls-files --others --exclude-standard" >&2
+        exit 2
+    fi
+    exit 0
+fi
+
+if [[ "$IS_BULK" -eq 1 ]]; then
+    # Try to count affected files
+    if [[ -n "$TARGET" ]] && [[ -d "$TARGET" ]]; then
+        COUNT=$(find "$TARGET" -type f 2>/dev/null | head -$((THRESHOLD + 1)) | wc -l)
+        if [[ "$COUNT" -gt "$THRESHOLD" ]]; then
+            echo "BLOCKED: Recursive delete would affect $COUNT+ files (threshold: $THRESHOLD)" >&2
+            echo "Command: $COMMAND" >&2
+            echo "Target: $TARGET" >&2
+            echo "" >&2
+            echo "Delete specific files instead of using recursive patterns." >&2
+            exit 2
+        fi
+    else
+        # Can't count files (target doesn't exist or is a glob), warn
+        echo "WARNING: Recursive delete detected but can't estimate impact." >&2
+        echo "Command: $COMMAND" >&2
+    fi
+fi
+
+exit 0

package/examples/cargo-publish-guard.sh

@@ -0,0 +1,10 @@
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+[[ -z "$COMMAND" ]] && exit 0
+if echo "$COMMAND" | grep -qE 'cargo\s+publish\b' && ! echo "$COMMAND" | grep -q "\-\-dry-run"; then
+    echo "BLOCKED: cargo publish to crates.io." >&2
+    echo "Command: $COMMAND" >&2
+    echo "Use: cargo publish --dry-run (to test first)" >&2
+    exit 2
+fi
+exit 0

package/examples/check-test-exists.sh

@@ -0,0 +1,82 @@
+#!/bin/bash
+# ================================================================
+# check-test-exists.sh — Warn when editing code without a test file
+# ================================================================
+# PURPOSE:
+#   When Claude edits a source file, check if a corresponding test
+#   file exists. If not, warn that the change is untested. This
+#   catches the common pattern where Claude modifies code but skips
+#   adding or updating tests.
+#
+#   Supports: JS/TS (*.test.*, *.spec.*), Python (*_test.py, test_*),
+#   Go (*_test.go), Ruby (*_spec.rb), Java (*Test.java)
+#
+# TRIGGER: PostToolUse  MATCHER: "Edit|Write"
+#
+# Usage:
+# {
+#   "hooks": {
+#     "PostToolUse": [{
+#       "matcher": "Edit|Write",
+#       "hooks": [{
+#         "type": "command",
+#         "command": "~/.claude/hooks/check-test-exists.sh"
+#       }]
+#     }]
+#   }
+# }
+# ================================================================
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[ -z "$FILE" ] && exit 0
+
+# Skip test files themselves, configs, docs
+case "$FILE" in
+    *.test.*|*.spec.*|*_test.*|test_*|*Test.java|*_spec.rb) exit 0 ;;
+    *.md|*.json|*.yaml|*.yml|*.toml|*.cfg|*.ini|*.env*) exit 0 ;;
+    *.css|*.scss|*.html|*.svg|*.png|*.jpg) exit 0 ;;
+esac
+
+DIR=$(dirname "$FILE")
+BASE=$(basename "$FILE")
+NAME="${BASE%.*}"
+EXT="${BASE##*.}"
+
+# Check for corresponding test file
+FOUND=0
+case "$EXT" in
+    js|jsx|ts|tsx|mjs)
+        for pattern in "$DIR/$NAME.test.$EXT" "$DIR/$NAME.spec.$EXT" "$DIR/__tests__/$NAME.$EXT" "$DIR/../__tests__/$BASE"; do
+            [ -f "$pattern" ] && FOUND=1 && break
+        done
+        ;;
+    py)
+        for pattern in "$DIR/test_$BASE" "$DIR/${NAME}_test.py" "$DIR/tests/test_$BASE" "$DIR/../tests/test_$BASE"; do
+            [ -f "$pattern" ] && FOUND=1 && break
+        done
+        ;;
+    go)
+        [ -f "$DIR/${NAME}_test.go" ] && FOUND=1
+        ;;
+    rb)
+        for pattern in "$DIR/${NAME}_spec.rb" "$DIR/../spec/${NAME}_spec.rb"; do
+            [ -f "$pattern" ] && FOUND=1 && break
+        done
+        ;;
+    java)
+        for pattern in "$DIR/${NAME}Test.java" "$DIR/../test/${NAME}Test.java"; do
+            [ -f "$pattern" ] && FOUND=1 && break
+        done
+        ;;
+    *)
+        exit 0  # Unknown language, skip
+        ;;
+esac
+
+if [ "$FOUND" -eq 0 ]; then
+    echo "⚠ No test file found for $BASE" >&2
+    echo "  Consider adding tests before committing this change." >&2
+fi
+
+exit 0

package/examples/chmod-guard.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+# ================================================================
+# chmod-guard.sh — Block overly permissive chmod commands
+#
+# Solves: Claude running chmod 777 or chmod a+rwx on project files,
+# creating security vulnerabilities. World-writable files are a
+# common attack vector and violate least-privilege principles.
+#
+# Blocks: chmod 777, chmod 666, chmod a+w, chmod o+w
+# Allows: chmod +x (make executable), chmod 755, chmod 644
+#
+# Usage: Add to settings.json as a PreToolUse hook
+#
+# {
+#   "hooks": {
+#     "PreToolUse": [{
+#       "matcher": "Bash",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/chmod-guard.sh" }]
+#     }]
+#   }
+# }
+# ================================================================
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+
+[[ -z "$COMMAND" ]] && exit 0
+
+# Only check actual chmod commands (not inside echo/printf/comments)
+ACTUAL_CMD=$(echo "$COMMAND" | sed 's/echo .*//; s/printf .*//; s/#.*//')
+if ! echo "$ACTUAL_CMD" | grep -qE '\bchmod\b'; then
+    exit 0
+fi
+
+# Block world-writable permissions
+if echo "$ACTUAL_CMD" | grep -qE 'chmod\s+(777|666|a\+[rwx]*w|o\+[rwx]*w)'; then
+    echo "BLOCKED: World-writable permissions detected." >&2
+    echo "Command: $COMMAND" >&2
+    echo "" >&2
+    echo "chmod 777/666 creates security vulnerabilities." >&2
+    echo "Use instead: chmod 755 (dirs) or chmod 644 (files)." >&2
+    exit 2
+fi
+
+exit 0

package/examples/chown-guard.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+# ================================================================
+# chown-guard.sh — Block dangerous ownership changes
+#
+# Solves: Claude running chown root or recursive chown on system
+# directories, which can break file permissions and lock the user
+# out of their own files.
+#
+# Blocks: chown root, chown -R on system paths, chown on /etc /var
+# Allows: chown on project files
+#
+# Usage: Add to settings.json as a PreToolUse hook
+#
+# {
+#   "hooks": {
+#     "PreToolUse": [{
+#       "matcher": "Bash",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/chown-guard.sh" }]
+#     }]
+#   }
+# }
+# ================================================================
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+
+[[ -z "$COMMAND" ]] && exit 0
+
+# Only check actual chown commands (not inside echo/printf/comments)
+ACTUAL_CMD=$(echo "$COMMAND" | sed 's/echo .*//; s/printf .*//; s/#.*//')
+if ! echo "$ACTUAL_CMD" | grep -qE '\bchown\b'; then
+    exit 0
+fi
+
+# Block chown to root
+if echo "$ACTUAL_CMD" | grep -qE 'chown\s+(-R\s+)?root[: ]'; then
+    echo "BLOCKED: Changing ownership to root." >&2
+    echo "Command: $COMMAND" >&2
+    echo "This can lock you out of your files." >&2
+    exit 2
+fi
+
+# Block recursive chown on system directories
+if echo "$ACTUAL_CMD" | grep -qE 'chown\s+-R.*\s+/(etc|var|usr|bin|sbin|lib|boot|sys|proc|dev)\b'; then
+    echo "BLOCKED: Recursive chown on system directory." >&2
+    echo "Command: $COMMAND" >&2
+    exit 2
+fi
+
+# Block chown on home directory root
+if echo "$ACTUAL_CMD" | grep -qE 'chown\s+-R.*\s+(~|/home/\w+)\s*$'; then
+    echo "BLOCKED: Recursive chown on entire home directory." >&2
+    echo "Command: $COMMAND" >&2
+    exit 2
+fi
+
+exit 0

package/examples/composer-guard.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+# ================================================================
+# composer-guard.sh — Block dangerous Composer operations
+#
+# Blocks: composer global require (affects system PHP),
+#         composer remove (accidental dependency removal)
+# Warns: composer require without --dev flag
+#
+# Usage: Add to settings.json as a PreToolUse hook
+#
+# {
+#   "hooks": {
+#     "PreToolUse": [{
+#       "matcher": "Bash",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/composer-guard.sh" }]
+#     }]
+#   }
+# }
+# ================================================================
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+
+[[ -z "$COMMAND" ]] && exit 0
+
+# Block global require
+if echo "$COMMAND" | grep -qE 'composer\s+global\s+require'; then
+    echo "BLOCKED: Global Composer package installation." >&2
+    echo "Command: $COMMAND" >&2
+    echo "Global packages affect the entire system." >&2
+    echo "Use: composer require <package> (local project only)" >&2
+    exit 2
+fi
+
+exit 0

package/examples/console-log-count.sh

@@ -0,0 +1,11 @@
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[[ -z "$FILE" ]] && exit 0
+[[ ! -f "$FILE" ]] && exit 0
+case "$FILE" in *.ts|*.tsx|*.js|*.jsx) ;; *) exit 0 ;; esac
+COUNT=$(grep -c 'console\.log' "$FILE" 2>/dev/null)
+if [[ "$COUNT" -gt 5 ]]; then
+    echo "WARNING: $COUNT console.log statements in $(basename "$FILE")." >&2
+    echo "Consider cleaning up debug logs before committing." >&2
+fi
+exit 0

package/examples/django-migrate-guard.sh

@@ -0,0 +1,39 @@
+#!/bin/bash
+# ================================================================
+# django-migrate-guard.sh — Block destructive Django DB operations
+#
+# Blocks: manage.py flush, manage.py sqlflush, manage.py reset
+# Warns: manage.py migrate --fake
+# Allows: manage.py migrate, manage.py makemigrations
+#
+# Usage: Add to settings.json as a PreToolUse hook
+#
+# {
+#   "hooks": {
+#     "PreToolUse": [{
+#       "matcher": "Bash",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/django-migrate-guard.sh" }]
+#     }]
+#   }
+# }
+# ================================================================
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+
+[[ -z "$COMMAND" ]] && exit 0
+
+# Block destructive Django commands
+if echo "$COMMAND" | grep -qE 'manage\.py\s+(flush|sqlflush)\b'; then
+    echo "BLOCKED: Django flush destroys all data." >&2
+    echo "Command: $COMMAND" >&2
+    exit 2
+fi
+
+# Warn on fake migrations
+if echo "$COMMAND" | grep -qE 'manage\.py\s+migrate\s+.*--fake'; then
+    echo "WARNING: Fake migration — database schema won't change." >&2
+    echo "This can leave DB and migration history out of sync." >&2
+fi
+
+exit 0

package/examples/dockerfile-latest-guard.sh

@@ -0,0 +1,12 @@
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[[ -z "$FILE" ]] && exit 0
+[[ ! -f "$FILE" ]] && exit 0
+if ! echo "$FILE" | grep -qiE 'Dockerfile'; then exit 0; fi
+LATEST=$(grep -nP '^FROM\s+\S+:latest\b' "$FILE" 2>/dev/null | head -3)
+if [[ -n "$LATEST" ]]; then
+    echo "WARNING: :latest tag in Dockerfile:" >&2
+    echo "$LATEST" >&2
+    echo "Pin to a specific version for reproducible builds." >&2
+fi
+exit 0

package/examples/dotnet-build-on-edit.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+# ================================================================
+# dotnet-build-on-edit.sh — Run dotnet build after C#/F# edits
+#
+# Checks compilation after editing .cs or .fs files.
+# Warns on build errors but doesn't block.
+#
+# Usage: Add to settings.json as a PostToolUse hook
+#
+# {
+#   "hooks": {
+#     "PostToolUse": [{
+#       "matcher": "Edit|Write",
+#       "if": "Edit(*.cs) || Edit(*.fs) || Write(*.cs) || Write(*.fs)",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/dotnet-build-on-edit.sh" }]
+#     }]
+#   }
+# }
+# ================================================================
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+
+[[ -z "$FILE" ]] && exit 0
+
+# Only check C#/F# files
+case "$FILE" in
+    *.cs|*.fs) ;;
+    *) exit 0 ;;
+esac
+
+# Check if dotnet is available and we're in a .NET project
+if command -v dotnet &>/dev/null; then
+    # Find nearest .csproj or .fsproj
+    DIR=$(dirname "$FILE")
+    while [[ "$DIR" != "/" ]]; do
+        if ls "$DIR"/*.csproj "$DIR"/*.fsproj 2>/dev/null | head -1 | grep -q .; then
+            RESULT=$(cd "$DIR" && dotnet build --no-restore -q 2>&1 | tail -5)
+            if [[ $? -ne 0 ]]; then
+                echo "Build error after editing $(basename "$FILE"):" >&2
+                echo "$RESULT" | head -5 >&2
+            fi
+            break
+        fi
+        DIR=$(dirname "$DIR")
+    done
+fi
+
+exit 0

package/examples/drizzle-migrate-guard.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+# ================================================================
+# drizzle-migrate-guard.sh — Block destructive Drizzle ORM operations
+#
+# Blocks: drizzle-kit drop, drizzle-kit push with --force
+# Allows: drizzle-kit generate, drizzle-kit migrate
+#
+# Usage: Add to settings.json as a PreToolUse hook
+#
+# {
+#   "hooks": {
+#     "PreToolUse": [{
+#       "matcher": "Bash",
+#       "hooks": [{ "type": "command", "command": "~/.claude/hooks/drizzle-migrate-guard.sh" }]
+#     }]
+#   }
+# }
+# ================================================================
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+
+[[ -z "$COMMAND" ]] && exit 0
+
+# Block destructive Drizzle commands
+if echo "$COMMAND" | grep -qE 'drizzle-kit\s+drop'; then
+    echo "BLOCKED: drizzle-kit drop destroys migration files." >&2
+    echo "Command: $COMMAND" >&2
+    exit 2
+fi
+
+exit 0