cc-safe-setup 29.6.32 → 29.6.36

package/index.mjs

@@ -377,161 +377,654 @@ function examples() {
   const examplesDir = join(__dirname, 'examples');
   const CATEGORIES = {
     'Safety Guards': {
-      'allowlist.sh': 'Block everything not in allowlist (inverse permission model)',
-      'block-database-wipe.sh': 'Block destructive DB commands (migrate:fresh, DROP DATABASE, Prisma)',
-      'deploy-guard.sh': 'Block deploy when uncommitted changes exist',
-      'env-var-check.sh': 'Block hardcoded API keys in export commands',
-      'network-guard.sh': 'Warn on suspicious network commands (data exfiltration)',
-      'path-traversal-guard.sh': 'Block Edit/Write with path traversal (../../)',
-      'protect-dotfiles.sh': 'Block modifications to ~/.bashrc, ~/.aws/, ~/.ssh/',
-      'scope-guard.sh': 'Block file operations outside project directory',
-      'test-before-push.sh': 'Block git push when tests have not passed',
-      'timeout-guard.sh': 'Warn before long-running commands (servers, watchers)',
+      'absolute-rule-enforcer.sh': 'Enforce CLAUDE.md "ABSOLUTE RULE" markers',
+      'allowlist.sh': 'Only allow explicitly approved commands',
+      'ansible-vault-guard.sh': 'Ansible Vault Guard',
+      'api-endpoint-guard.sh': 'Warn on requests to internal/sensitive APIs',
+      'api-key-in-url-guard.sh': 'Block API keys embedded in URLs',
+      'api-overload-backoff.sh': 'Track API overload errors and enforce backoff',
+      'api-rate-limit-guard.sh': 'Throttle rapid API calls to prevent rate limiting',
+      'api-retry-limiter.sh': 'Limit API error retries to prevent token waste',
+      'aws-production-guard.sh': 'Block dangerous AWS CLI operations',
+      'aws-region-guard.sh': 'Warn when AWS commands target unexpected regions',
+      'banned-command-guard.sh': 'Block commands that are explicitly banned',
+      'bash-domain-allowlist.sh': 'Block curl/wget to unauthorized domains',
+      'bash-timeout-guard.sh': 'Warn on commands likely to hang or run',
+      'bash-trace-guard.sh': 'Block debug tracing that exposes secrets',
+      'bg-task-cooldown-guard.sh': 'Cooldown after background task notifications',
+      'binary-upload-guard.sh': 'Block committing binary files to git',
+      'block-database-wipe.sh': 'Block destructive database commands',
+      'bulk-file-delete-guard.sh': 'Block commands that delete many files at once',
+      'cargo-publish-guard.sh': 'Cargo Publish Guard',
+      'case-sensitive-guard.sh': 'Case-Insensitive Filesystem Safety Guard',
+      'check-csrf-protection.sh': 'Check Csrf Protection',
+      'chmod-guard.sh': 'Block overly permissive chmod commands',
+      'chown-guard.sh': 'Block dangerous ownership changes',
+      'ci-workflow-guard.sh': 'Prevent dangerous CI/CD workflow modifications',
+      'claude-cache-gc.sh': 'Claude Cache Gc',
+      'claudeignore-enforce-guard.sh': 'Enforce .claudeignore at the tool level',
+      'claudemd-enforcer.sh': 'Claudemd Enforcer',
+      'clear-command-confirm-guard.sh': 'Block accidental /clear command',
+      'cloud-cli-guard.sh': 'Block destructive GCP/Azure CLI operations',
+      'compact-blocker.sh': 'Block auto-compaction entirely',
+      'compaction-transcript-guard.sh': 'Save conversation state before compaction',
+      'composer-guard.sh': 'Block dangerous Composer operations',
+      'compound-command-allow.sh': 'Auto-approve compound commands when all parts are safe',
+      'compound-command-approver.sh': 'Auto-approve safe compound commands',
+      'compound-inject-guard.sh': 'Block destructive commands hidden in compound statements',
+      'concurrent-edit-lock.sh': 'Prevent file corruption from concurrent Claude sessions',
+      'core-file-protect-guard.sh': 'Block edits to core/config/rules files',
+      'credential-exfil-guard.sh': 'Block credential hunting commands',
+      'credential-file-cat-guard.sh': 'Block cat/read of package manager credential files',
+      'cron-modification-guard.sh': 'Block unreviewed cron job modifications',
+      'crontab-guard.sh': 'Warn before modifying crontab',
+      'cwd-project-boundary-guard.sh': 'Warn when cd leaves the project directory',
+      'db-connect-guard.sh': 'Warn on direct database connections',
+      'denied-action-retry-guard.sh': 'Block re-attempts of denied tool calls',
+      'dependency-install-guard.sh': 'PreToolUse hook',
+      'dependency-version-pin.sh': 'Warn on unpinned dependency versions',
+      'deploy-guard.sh': 'Block deploy commands when uncommitted changes exist',
+      'deploy-path-verify-guard.sh': 'Verify deployment target path before writes',
+      'deployment-verify-guard.sh': 'Warn if committing without post-deploy verification',
+      'disk-partition-guard.sh': 'Block disk partitioning and mount operations',
+      'django-migrate-guard.sh': 'Block destructive Django DB operations',
+      'dns-config-guard.sh': 'Block DNS/hosts file modifications',
+      'docker-dangerous-guard.sh': 'Block dangerous Docker operations',
+      'docker-prune-guard.sh': 'Warn before docker system prune',
+      'docker-volume-guard.sh': 'Docker Volume Guard',
+      'dockerfile-latest-guard.sh': 'Dockerfile Latest Guard',
+      'dotenv-commit-guard.sh': 'Prevent committing .env files with secrets',
+      'drizzle-migrate-guard.sh': 'Block destructive Drizzle ORM operations',
+      'edit-guard.sh': 'Block Edit/Write to protected files',
+      'edit-retry-loop-guard.sh': 'Detect Edit tool stuck retrying the same file',
+      'encoding-preserve-guard.sh': 'Warn when file encoding changes',
+      'env-inherit-guard.sh': 'Detect inherited production env vars in',
+      'env-inline-secret-guard.sh': 'Block .env values from appearing in commands',
+      'env-prod-guard.sh': 'Env Prod Guard',
+      'env-source-guard.sh': 'Block sourcing .env into shell environment',
+      'env-var-check.sh': 'Warn when setting environment variables with secrets',
+      'expo-eject-guard.sh': 'Expo Eject Guard',
+      'export-overwrite-guard.sh': 'Prevent /export from overwriting existing files',
+      'file-age-guard.sh': 'Warn before editing files not modified in 30+ days',
+      'firewall-guard.sh': 'Block firewall rule modifications',
+      'flask-debug-guard.sh': 'Warn when Flask runs with debug=True',
+      'gem-push-guard.sh': 'Gem Push Guard',
+      'gh-cli-destructive-guard.sh': 'Block destructive GitHub CLI operations',
+      'git-checkout-safety-guard.sh': 'Prevent file loss from careless branch switching',
+      'git-checkout-uncommitted-guard.sh': 'Block branch switching with uncommitted changes',
       'git-config-guard.sh': 'Block git config --global modifications',
-      'case-sensitive-guard.sh': 'Detect case-insensitive FS collisions (exFAT/NTFS/HFS+)',
-      'compound-command-approver.sh': 'Auto-approve safe compound commands (cd && git log)',
-      'uncommitted-work-guard.sh': 'Block destructive git with uncommitted changes',
+      'git-crypt-worktree-guard.sh': 'Block worktree creation in git-crypt repos',
+      'git-history-rewrite-guard.sh': 'Block git history rewriting commands',
+      'git-hook-bypass-guard.sh': 'Git Hook Bypass Guard',
+      'git-index-lock-cleanup.sh': 'Remove stale .git/index.lock after git commands',
+      'git-merge-conflict-prevent.sh': 'Git Merge Conflict Prevent',
+      'git-operations-require-approval.sh': 'Block git write operations',
+      'git-remote-guard.sh': 'Block push/fetch to unknown git remotes',
+      'git-signed-commit-guard.sh': 'Warn on unsigned git commits',
+      'git-submodule-guard.sh': 'Git Submodule Guard',
+      'git-tag-guard.sh': 'Git Tag Guard',
+      'github-actions-guard.sh': 'Validate GitHub Actions workflow changes',
+      'github-actions-secret-guard.sh': 'Prevent hardcoded secrets in GitHub Actions workflows',
+      'gitops-drift-guard.sh': 'Warn when editing infrastructure files without PR',
+      'hardcoded-ip-guard.sh': 'Hardcoded Ip Guard',
+      'headless-empty-result-guard.sh': 'Detect empty results in headless mode',
+      'headless-stop-guard.sh': 'Skip Stop hooks in headless (-p) mode',
+      'helm-install-guard.sh': 'Helm Install Guard',
+      'hook-permission-fixer.sh': 'Auto-fix missing execute permissions on hooks',
+      'hook-tamper-guard.sh': 'Prevent Claude from modifying its own hooks',
+      'issue-draft-redact-guard.sh': 'Redact sensitive info from public issue drafts',
+      'k8s-production-guard.sh': 'Block destructive Kubernetes operations on production',
+      'kill-process-guard.sh': 'Block dangerous process termination commands',
+      'kubernetes-guard.sh': 'Block destructive kubectl commands',
+      'laravel-artisan-guard.sh': 'Laravel Artisan Guard',
+      'large-file-guard.sh': 'Warn when Write tool creates oversized files',
+      'large-file-write-guard.sh': 'Warn when writing large files',
+      'line-ending-guard.sh': 'Warn on CRLF/LF mismatch',
+      'log-level-guard.sh': 'Log Level Guard',
+      'log-truncation-guard.sh': 'Block log file truncation/deletion',
+      'max-edit-size-guard.sh': 'Max Edit Size Guard',
+      'max-file-delete-count.sh': 'Max File Delete Count',
+      'memory-write-guard.sh': 'Log writes to ~/.claude/ directory',
+      'migration-safety.sh': 'Require backup before database migrations',
+      'migration-verify-guard.sh': 'Require verification before destructive migrations',
+      'monorepo-scope-guard.sh': 'Restrict edits to the current package',
+      'network-exfil-guard.sh': 'Block data exfiltration via network commands',
+      'network-guard.sh': 'Warn on network commands that send file contents',
+      'network-interface-guard.sh': 'Block network interface modifications',
+      'nextjs-env-guard.sh': 'Prevent exposing server secrets in Next.js',
+      'no-absolute-import.sh': 'No Absolute Import',
+      'no-alert-confirm-prompt.sh': 'No Alert Confirm Prompt',
+      'no-anonymous-default-export.sh': 'No Anonymous Default Export',
+      'no-any-type.sh': 'No Any Type',
+      'no-any-typescript.sh': 'No Any Typescript',
+      'no-ask-human.sh': 'Block commands that require human input',
+      'no-assignment-in-condition.sh': 'No Assignment In Condition',
+      'no-base64-exfil.sh': 'Block base64 encoding of sensitive files',
+      'no-callback-hell.sh': 'No Callback Hell',
+      'no-catch-all-route.sh': 'No Catch All Route',
+      'no-circular-dependency.sh': 'No Circular Dependency',
+      'no-class-in-functional.sh': 'No Class In Functional',
+      'no-cleartext-storage.sh': 'No Cleartext Storage',
+      'no-commented-code.sh': 'No Commented Code',
+      'no-commit-fixup.sh': 'No Commit Fixup',
+      'no-cors-wildcard.sh': 'No Cors Wildcard',
+      'no-curl-upload.sh': 'No Curl Upload',
+      'no-dangerouslySetInnerHTML.sh': 'No DangerouslySetInnerHTML',
+      'no-dangling-await.sh': 'No Dangling Await',
+      'no-debug-commit.sh': 'Block commits containing debug artifacts',
+      'no-debug-in-commit.sh': 'No Debug In Commit',
+      'no-deep-nesting.sh': 'No Deep Nesting',
+      'no-deep-relative-import.sh': 'No Deep Relative Import',
+      'no-default-credentials.sh': 'No Default Credentials',
       'no-deploy-friday.sh': 'Block deploys on Fridays',
-      'work-hours-guard.sh': 'Restrict risky operations outside business hours',
-      'symlink-guard.sh': 'Detect symlink/junction traversal in rm targets',
-      'env-source-guard.sh': 'Block sourcing .env files into shell',
-      'strict-allowlist.sh': 'Only allow explicitly permitted commands',
+      'no-deprecated-api.sh': 'No Deprecated Api',
+      'no-direct-dom-manipulation.sh': 'No Direct Dom Manipulation',
+      'no-disabled-test.sh': 'No Disabled Test',
+      'no-document-cookie.sh': 'No Document Cookie',
+      'no-document-write.sh': 'No Document Write',
+      'no-empty-function.sh': 'No Empty Function',
+      'no-exec-user-input.sh': 'No Exec User Input',
+      'no-expose-internal-ids.sh': 'No Expose Internal Ids',
+      'no-exposed-port-in-dockerfile.sh': 'Warn about exposing port 22 in Dockerfile',
+      'no-fixme-ship.sh': 'Block git push when FIXME/HACK comments exist',
+      'no-floating-promises.sh': 'No Floating Promises',
+      'no-force-flag.sh': 'Block dangerous --force flags',
+      'no-force-install.sh': 'No Force Install',
+      'no-git-amend-push.sh': 'Block amending already-pushed commits',
+      'no-git-amend.sh': 'Block git commit --amend to prevent overwriting previous commits',
+      'no-git-rebase-public.sh': 'No Git Rebase Public',
+      'no-global-install.sh': 'Block global package installations',
+      'no-global-state.sh': 'No Global State',
+      'no-hardcoded-ip.sh': 'Detect hardcoded IP addresses in code',
+      'no-hardcoded-port.sh': 'No Hardcoded Port',
+      'no-hardcoded-url.sh': 'No Hardcoded Url',
+      'no-hardlink.sh': 'Warn on hard link creation',
+      'no-helmet-missing.sh': 'No Helmet Missing',
+      'no-http-in-code.sh': 'Warn about http:// URLs in code (should be https://)',
+      'no-http-url.sh': 'No Http Url',
+      'no-http-without-https.sh': 'No Http Without Https',
+      'no-index-as-key.sh': 'No Index As Key',
+      'no-infinite-scroll-mem.sh': 'No Infinite Scroll Mem',
+      'no-inline-event-handler.sh': 'No Inline Event Handler',
+      'no-inline-handler.sh': 'No Inline Handler',
+      'no-inline-style.sh': 'No Inline Style',
+      'no-inline-styles.sh': 'No Inline Styles',
+      'no-innerhtml.sh': 'No Innerhtml',
+      'no-install-global.sh': 'No Install Global',
+      'no-jwt-in-url.sh': 'No Jwt In Url',
+      'no-large-commit.sh': 'No Large Commit',
+      'no-localhost-expose.sh': 'No Localhost Expose',
+      'no-long-switch.sh': 'No Long Switch',
+      'no-magic-number.sh': 'No Magic Number',
+      'no-md5-sha1.sh': 'No Md5 Sha1',
+      'no-memory-leak-interval.sh': 'No Memory Leak Interval',
+      'no-mixed-line-endings.sh': 'No Mixed Line Endings',
+      'no-mutation-in-reducer.sh': 'No Mutation In Reducer',
+      'no-mutation-observer-leak.sh': 'No Mutation Observer Leak',
+      'no-nested-subscribe.sh': 'No Nested Subscribe',
+      'no-nested-ternary.sh': 'No Nested Ternary',
+      'no-network-exfil.sh': 'No Network Exfil',
+      'no-new-array-fill.sh': 'No New Array Fill',
+      'no-object-freeze-mutation.sh': 'No Object Freeze Mutation',
+      'no-open-redirect.sh': 'No Open Redirect',
+      'no-output-truncation.sh': 'Block piped tail/head that discards command output',
+      'no-package-downgrade.sh': 'No Package Downgrade',
+      'no-package-lock-edit.sh': 'No Package Lock Edit',
+      'no-path-join-user-input.sh': 'No Path Join User Input',
+      'no-port-bind.sh': 'No Port Bind',
+      'no-process-exit.sh': 'No Process Exit',
+      'no-prototype-pollution.sh': 'No Prototype Pollution',
+      'no-push-without-ci.sh': 'No Push Without Ci',
+      'no-push-without-tests.sh': 'Block git push if tests haven\'t been run',
+      'no-raw-password-in-url.sh': 'No Raw Password In Url',
+      'no-raw-ref.sh': 'No Raw Ref',
+      'no-redundant-fragment.sh': 'No Redundant Fragment',
+      'no-render-in-loop.sh': 'No Render In Loop',
+      'no-root-user-docker.sh': 'No Root User Docker',
+      'no-root-write.sh': 'No Root Write',
+      'no-secrets-in-args.sh': 'No Secrets In Args',
+      'no-secrets-in-logs.sh': 'No Secrets In Logs',
+      'no-self-signed-cert.sh': 'Warn when generating self-signed certificates',
+      'no-side-effects-in-render.sh': 'No Side Effects In Render',
+      'no-sleep-in-hooks.sh': 'No Sleep In Hooks',
+      'no-star-import-python.sh': 'No Star Import Python',
+      'no-string-concat-sql.sh': 'No String Concat Sql',
+      'no-sudo-guard.sh': 'No Sudo Guard',
+      'no-sync-external-call.sh': 'No Sync External Call',
+      'no-sync-fs.sh': 'No Sync Fs',
+      'no-table-layout.sh': 'No Table Layout',
+      'no-throw-string.sh': 'No Throw String',
+      'no-todo-in-merge.sh': 'No Todo In Merge',
+      'no-todo-in-production.sh': 'No Todo In Production',
+      'no-todo-without-issue.sh': 'No Todo Without Issue',
+      'no-triple-slash-ref.sh': 'No Triple Slash Ref',
+      'no-unreachable-code.sh': 'No Unreachable Code',
+      'no-unused-import.sh': 'No Unused Import',
+      'no-unused-state.sh': 'No Unused State',
+      'no-var-keyword.sh': 'No Var Keyword',
+      'no-verify-blocker.sh': 'Block --no-verify on git commands',
+      'no-wget-piped-bash.sh': 'Block curl/wget piped directly to bash',
+      'no-window-location.sh': 'No Window Location',
+      'no-with-statement.sh': 'No With Statement',
+      'no-write-outside-src.sh': 'No Write Outside Src',
+      'no-xml-external-entity.sh': 'No Xml External Entity',
+      'npm-global-install-guard.sh': 'Block npm global installs',
+      'npm-publish-guard.sh': 'Npm Publish Guard',
+      'npm-script-injection.sh': 'Npm Script Injection',
+      'npm-supply-chain-guard.sh': 'Detect npm supply chain attack patterns',
+      'nuxt-config-guard.sh': 'Nuxt Config Guard',
+      'output-credential-scan.sh': 'Detect credentials in command output',
+      'output-secret-mask.sh': 'Mask secrets in tool output before Claude sees them',
       'overwrite-guard.sh': 'Warn before overwriting existing files',
-      'memory-write-guard.sh': 'Log writes to ~/.claude/ directory',
-      'worktree-guard.sh': 'Warn on destructive git in worktrees',
-      'no-curl-upload.sh': 'Warn on curl POST/upload commands',
-      'no-port-bind.sh': 'Warn on network port binding',
-      'docker-prune-guard.sh': 'Warn before docker system prune',
-      'pip-venv-guard.sh': 'Warn on pip install outside venv',
-      'no-git-amend-push.sh': 'Warn on amending pushed commits',
-      'typosquat-guard.sh': 'Detect npm/pip typosquatting attacks',
-      'variable-expansion-guard.sh': 'Block rm/mv with unexpanded shell variables (prevents system path deletion)',
-      'bash-trace-guard.sh': 'Block bash -x debug tracing that exposes secrets',
-      'strip-coauthored-by.sh': 'Warn on Co-Authored-By trailers in commit messages',
-      'session-drift-guard.sh': 'Progressive safety as session ages (warn at 200, block at 500 calls)',
-      'post-compact-safety.sh': 'Block irreversible commands after context compaction',
+      'package-json-guard.sh': 'Package Json Guard',
+      'package-lock-frozen.sh': 'Block modifications to lockfiles',
+      'parallel-session-guard.sh': 'Warn when multiple Claude sessions',
+      'path-deny-bash-guard.sh': 'Enforce path deny rules on Bash commands',
+      'path-traversal-guard.sh': 'Block path traversal in Edit/Write operations',
+      'pip-publish-guard.sh': 'Pip Publish Guard',
+      'pip-requirements-guard.sh': 'Enforce pip install from requirements.txt only',
+      'pip-venv-guard.sh': 'Warn when pip install runs outside a virtual environment',
+      'pip-venv-required.sh': 'Block pip install outside of a virtual environment',
+      'polyglot-rm-guard.sh': 'Block file deletion via any language, not just rm',
+      'post-compact-safety.sh': 'Guard against autonomous actions after compaction',
+      'prisma-migrate-guard.sh': 'Block destructive Prisma operations',
+      'prompt-injection-guard.sh': 'Detect prompt injection in tool output',
+      'protect-claudemd.sh': 'Block edits to CLAUDE.md and settings files',
+      'protect-commands-dir.sh': 'Backup .claude/commands/ on session start',
+      'protect-dotfiles.sh': 'Block destructive operations on home directory config files',
+      'public-repo-push-guard.sh': 'Block pushing proprietary code to public repos',
+      'rails-migration-guard.sh': 'Block destructive Rails migrations',
+      'read-all-files-enforcer.sh': 'Track which files have been read in a directory',
       'read-budget-guard.sh': 'Limit excessive file reading to prevent token waste',
-      'hook-permission-fixer.sh': 'Auto-fix missing execute permissions on hooks (SessionStart)',
-      'response-budget-guard.sh': 'Track and limit tool calls per response (anti-loop)',
+      'redis-flushall-guard.sh': 'Redis Flushall Guard',
+      'registry-publish-guard.sh': 'Block publishing to package registries',
+      'relative-path-guard.sh': 'Warn on relative file paths in Edit/Write',
+      'response-budget-guard.sh': 'Track and limit tool calls per response',
+      'resume-context-guard.sh': 'Warn when resuming large sessions',
+      'rm-safety-net.sh': 'Extra layer of rm protection beyond destructive-guard',
+      'role-tool-guard.sh': 'Restrict tools based on current agent role',
+      'schema-migration-guard.sh': 'Warn on database schema migrations without backup',
+      'scope-guard.sh': 'Block file operations outside the project directory',
+      'secret-file-read-guard.sh': 'Block Read/Grep of files containing secrets',
+      'self-modify-bypass-guard.sh': 'Auto-allow .claude/ writes in bypass mode',
+      'sensitive-file-read-guard.sh': 'Block reading sensitive system/user files',
+      'sensitive-log-guard.sh': 'Sensitive Log Guard',
+      'session-drift-guard.sh': 'Progressive safety as session ages',
+      'session-duration-guard.sh': 'Warn on long-running sessions',
+      'session-permission-reset-guard.sh': 'Override session-cached permissions',
+      'shell-wrapper-guard.sh': 'Detect destructive commands hidden in shell wrappers',
+      'spec-file-scope-guard.sh': 'Restrict edits to files mentioned in a spec document',
+      'spring-profile-guard.sh': 'Spring Profile Guard',
+      'ssh-key-protect.sh': 'Block reading/copying SSH private keys',
+      'staged-secret-scan.sh': 'Block git commit if staged diff contains secrets',
+      'strict-allowlist.sh': 'Only allow explicitly permitted commands',
+      'strip-coauthored-by.sh': 'Remove or warn about Co-Authored-By trailers',
+      'symlink-guard.sh': 'Detect symlink/junction traversal before rm',
+      'symlink-protect.sh': 'Symlink Protect',
+      'system-package-guard.sh': 'Block system-level package installations',
+      'systemd-service-guard.sh': 'Block dangerous systemd service operations',
+      'terraform-guard.sh': 'Warn before terraform destroy/apply',
+      'timeout-guard.sh': 'Warn before long-running commands',
+      'timezone-guard.sh': 'Timezone Guard',
+      'tmp-output-size-guard.sh': 'Monitor and warn about large tmp output files',
+      'turbo-cache-guard.sh': 'Warn before clearing Turborepo cache',
+      'typosquat-guard.sh': 'Detect potential typosquatting in npm install',
+      'uncommitted-changes-stop.sh': 'Uncommitted Changes Stop',
+      'uncommitted-discard-guard.sh': 'Block commands that discard uncommitted changes',
+      'uncommitted-work-guard.sh': 'Block destructive git when dirty',
+      'uncommitted-work-shield.sh': 'Auto-stash before destructive git operations',
+      'user-account-guard.sh': 'Block user/group account modifications',
+      'variable-expansion-guard.sh': 'Block destructive commands with shell variable expansion',
+      'windows-path-guard.sh': 'Prevent NTFS junction/symlink traversal destruction',
+      'work-hours-guard.sh': 'Restrict risky operations outside work hours',
+      'worktree-cleanup-guard.sh': 'Warn on worktree removal with unmerged commits',
+      'worktree-delete-guard.sh': 'Block git worktree removal',
+      'worktree-guard.sh': 'Warn when operating in a git worktree',
+      'worktree-memory-guard.sh': 'Warn when memory path resolves to main worktree',
+      'worktree-path-validator.sh': 'Warn when file operations target main workspace instead of worktree',
+      'worktree-project-unify.sh': 'Worktree Project Unify',
+      'worktree-unmerged-guard.sh': 'Prevent worktree cleanup with unmerged commits',
+      'write-overwrite-confirm.sh': 'Warn when Write tool overwrites large files',
+      'write-secret-guard.sh': 'Block secrets from being written to files',
+      'write-shrink-guard.sh': 'Block writes that drastically shrink files',
     },
     'Auto-Approve': {
-      'auto-approve-build.sh': 'Auto-approve npm/yarn/cargo/go build, test, lint',
-      'auto-approve-docker.sh': 'Auto-approve docker build, compose, ps, logs',
-      'auto-approve-git-read.sh': 'Auto-approve git status/log/diff even with -C flags',
-      'auto-approve-python.sh': 'Auto-approve pytest, mypy, ruff, black, isort',
-      'auto-approve-ssh.sh': 'Auto-approve safe SSH commands (uptime, whoami)',
-      'auto-approve-go.sh': 'Auto-approve go build/test/vet/fmt',
-      'auto-approve-cargo.sh': 'Auto-approve cargo build/test/clippy',
-      'auto-approve-make.sh': 'Auto-approve make build/test/lint',
-      'auto-approve-gradle.sh': 'Auto-approve gradle/gradlew build/test',
-      'auto-approve-maven.sh': 'Auto-approve mvn compile/test/verify',
-      'permission-cache.sh': 'Auto-approve previously approved commands in session',
-      'auto-approve-readonly.sh': 'Auto-approve 50+ read-only commands (cat, ls, grep, find)',
-      'auto-approve-compound-git.sh': 'PermissionRequest: auto-approve compound git commands (cd && git)',
-      'allow-git-hooks-dir.sh': 'PermissionRequest: allow writes to .git/hooks/ directory',
-      'allow-claude-settings.sh': 'PermissionRequest: allow writes to .claude/ (isolated environments)',
-      'allow-protected-dirs.sh': 'PermissionRequest: allow ALL protected directory writes (containers only)',
+      'allow-claude-settings.sh': 'PermissionRequest hook',
+      'allow-git-hooks-dir.sh': 'PermissionRequest hook',
+      'allow-protected-dirs.sh': 'PermissionRequest hook',
+      'auto-approve-build.sh': 'Auto-approve build and test commands',
+      'auto-approve-cargo.sh': 'Auto-approve Rust cargo commands',
+      'auto-approve-compound-git.sh': 'PermissionRequest hook',
+      'auto-approve-docker.sh': 'Auto Approve Docker',
+      'auto-approve-git-read.sh': 'Auto-approve read-only git commands',
+      'auto-approve-go.sh': 'Auto-approve Go build/test/vet commands',
+      'auto-approve-gradle.sh': 'Auto-approve Gradle build/test commands',
+      'auto-approve-make.sh': 'Auto-approve common Make targets',
+      'auto-approve-maven.sh': 'Auto-approve Maven build/test commands',
+      'auto-approve-python.sh': 'Auto-approve Python development commands',
+      'auto-approve-readonly-tools.sh': 'Auto Approve Readonly Tools',
+      'auto-approve-readonly.sh': 'Auto-approve all read-only commands',
+      'auto-approve-ssh.sh': 'Auto-approve safe SSH commands',
+      'auto-approve-test.sh': 'Auto Approve Test',
+      'auto-compact-prep.sh': 'Save checkpoint before context compaction',
+      'auto-mode-safe-commands.sh': 'Fix Auto Mode false positives on safe commands',
+      'auto-push-worktree.sh': 'Auto-push worktree branches before session end',
+      'bash-heuristic-approver.sh': 'Auto-approve bash safety heuristic prompts',
+      'bash-safety-auto-deny.sh': 'Auto-deny commands that trigger safety prompts',
+      'classifier-fallback-allow.sh': 'Allow read-only commands when Auto Mode classifier is unavailable',
+      'direnv-auto-reload.sh': 'Auto-reload environment when directory changes',
+      'edit-always-allow.sh': 'Auto-approve all Edit prompts in configured directories',
+      'gitignore-auto-add.sh': 'Suggest .gitignore entries for common patterns',
+      'heredoc-backtick-approver.sh': 'Auto-approve backtick warnings in heredoc strings',
+      'multiline-command-approver.sh': 'Auto-approve multiline commands by first-line matching',
+      'permission-audit-log.sh': 'Log all tool invocations for permission debugging',
+      'permission-cache.sh': 'Remember approved commands in session',
+      'permission-entry-validator.sh': 'Clean broken permission entries from settings',
+      'permission-mode-drift-guard.sh': 'Detect permission mode changes mid-session',
+      'permission-pattern-auto-allow.sh': 'Auto-allow commands matching user-defined patterns',
+      'quoted-flag-approver.sh': 'Auto-approve commands with quoted flag values',
+      'webfetch-domain-allow.sh': 'Auto-approve WebFetch for allowed domains',
     },
     'Quality': {
-      'branch-name-check.sh': 'Warn on non-conventional branch names',
-      'commit-message-check.sh': 'Warn on non-conventional commit messages',
-      'edit-guard.sh': 'Block Edit/Write to protected files (.env, credentials)',
-      'enforce-tests.sh': 'Warn when source files change without test files',
-      'large-file-guard.sh': 'Warn when Write creates files over 500KB',
-      'todo-check.sh': 'Warn when committing files with TODO/FIXME markers',
-      'verify-before-commit.sh': 'Block commit unless tests passed recently',
-      'test-deletion-guard.sh': 'Warn when removing test assertions',
+      'bash-secret-output-detector.sh': 'Warn when Bash output contains secrets',
+      'bashrc-safety-check.sh': 'Warn about .bashrc lines that hang in non-interactive shells',
+      'branch-name-check.sh': 'Warn when creating branches with non-standard names',
+      'branch-naming-convention.sh': 'Branch Naming Convention',
+      'changelog-reminder.sh': 'Remind to update CHANGELOG on version bump',
+      'check-abort-controller.sh': 'Check Abort Controller',
+      'check-accessibility.sh': 'Check Accessibility',
+      'check-aria-labels.sh': 'Check Aria Labels',
+      'check-async-await-consistency.sh': 'Check Async Await Consistency',
+      'check-before-act-enforcer.sh': 'Require Read before Edit/Write',
+      'check-charset-meta.sh': 'Check Charset Meta',
+      'check-cleanup-effect.sh': 'Check Cleanup Effect',
+      'check-content-type.sh': 'Check Content Type',
+      'check-controlled-input.sh': 'Check Controlled Input',
+      'check-cookie-flags.sh': 'Check Cookie Flags',
+      'check-cors-config.sh': 'Check Cors Config',
+      'check-csp-headers.sh': 'Check Csp Headers',
+      'check-debounce.sh': 'Check Debounce',
+      'check-dependency-age.sh': 'Check Dependency Age',
+      'check-dependency-license.sh': 'Check Dependency License',
+      'check-dockerfile-best-practice.sh': 'Check Dockerfile Best Practice',
+      'check-error-boundaries.sh': 'Check Error Boundaries',
+      'check-error-class.sh': 'Check Error Class',
+      'check-error-handling.sh': 'Check Error Handling',
+      'check-error-logging.sh': 'Check Error Logging',
+      'check-error-message.sh': 'Check Error Message',
+      'check-error-page.sh': 'Check Error Page',
+      'check-error-stack.sh': 'Check Error Stack',
+      'check-favicon.sh': 'Check Favicon',
+      'check-form-validation.sh': 'Check Form Validation',
+      'check-git-hooks-compat.sh': 'Check Git Hooks Compat',
+      'check-gitattributes.sh': 'Check Gitattributes',
+      'check-https-redirect.sh': 'Check Https Redirect',
+      'check-image-optimization.sh': 'Check Image Optimization',
+      'check-input-validation.sh': 'Check Input Validation',
+      'check-key-prop.sh': 'Check Key Prop',
+      'check-lang-attribute.sh': 'Check Lang Attribute',
+      'check-lazy-loading.sh': 'Check Lazy Loading',
+      'check-loading-state.sh': 'Check Loading State',
+      'check-memo-deps.sh': 'Check Memo Deps',
+      'check-meta-description.sh': 'Check Meta Description',
+      'check-npm-scripts-exist.sh': 'Check Npm Scripts Exist',
+      'check-null-check.sh': 'Check Null Check',
+      'check-package-size.sh': 'Check Package Size',
+      'check-pagination.sh': 'Check Pagination',
+      'check-port-availability.sh': 'Check Port Availability',
+      'check-promise-all.sh': 'Check Promise All',
+      'check-prop-types.sh': 'Check Prop Types',
+      'check-rate-limiting.sh': 'Check Rate Limiting',
+      'check-responsive-design.sh': 'Check Responsive Design',
+      'check-retry-logic.sh': 'Check Retry Logic',
+      'check-return-types.sh': 'Check Return Types',
+      'check-semantic-html.sh': 'Check Semantic Html',
+      'check-semantic-versioning.sh': 'Check Semantic Versioning',
+      'check-suspense-fallback.sh': 'Check Suspense Fallback',
+      'check-test-exists.sh': 'Warn when editing code without a test file',
+      'check-test-naming.sh': 'Check Test Naming',
+      'check-timeout-cleanup.sh': 'Check Timeout Cleanup',
+      'check-tls-version.sh': 'Check Tls Version',
+      'check-type-coercion.sh': 'Check Type Coercion',
+      'check-unsubscribe.sh': 'Check Unsubscribe',
+      'check-viewport-meta.sh': 'Check Viewport Meta',
+      'check-worker-terminate.sh': 'Check Worker Terminate',
+      'ci-skip-guard.sh': 'Warn when commit message skips CI',
+      'claudemd-violation-detector.sh': 'Remind critical CLAUDE.md rules after tool use',
+      'commit-message-check.sh': 'Warn when commit messages don\'t follow conventions',
+      'commit-message-quality.sh': 'Warn about low-quality commit messages',
+      'commit-quality-gate.sh': 'Enforce commit message quality',
+      'commit-scope-guard.sh': 'Warn when committing too many files',
+      'conflict-marker-guard.sh': 'Block commits with conflict markers',
+      'console-log-count.sh': 'Console Log Count',
+      'context-warning-verifier.sh': 'Verify context warnings are genuine',
+      'cors-star-warn.sh': 'PostToolUse matcher: Edit|Write',
+      'cwd-drift-detector.sh': 'Warn when destructive commands run outside project root',
+      'debug-leftover-guard.sh': 'Detect debug code in commits',
+      'detect-mixed-indentation.sh': 'Warn about mixed tabs/spaces',
+      'dockerfile-lint.sh': 'Basic Dockerfile validation after editing',
+      'dotenv-example-sync.sh': 'Warn when .env changes but .env.example doesn\'t',
+      'dotenv-validate.sh': 'Validate .env syntax after edits',
+      'dotenv-watch.sh': 'Alert when .env files change on disk',
+      'dotnet-build-on-edit.sh': 'Run dotnet build after C#/F# edits',
+      'edit-old-string-validator.sh': 'Pre-validate Edit tool old_string exists',
+      'edit-verify.sh': 'Edit Verify',
+      'enforce-tests.sh': 'Warn when source files are edited without tests',
+      'env-drift-guard.sh': 'Detect .env vs .env.example drift',
+      'env-file-gitignore-check.sh': 'Warn if .env is not in .gitignore',
+      'env-naming-convention.sh': 'Env Naming Convention',
+      'env-required-check.sh': 'Env Required Check',
       'fact-check-gate.sh': 'Warn when docs reference unread source files',
-      'conflict-marker-guard.sh': 'Block commits with merge conflict markers',
-      'commit-quality-gate.sh': 'Warn on vague commit messages',
-      'commit-scope-guard.sh': 'Warn when committing 15+ files at once',
-      'require-issue-ref.sh': 'Warn when commit lacks issue reference',
-      'no-console-log.sh': 'Warn on console.log in production code',
-      'no-eval.sh': 'Warn on eval() usage (security risk)',
-      'no-wildcard-import.sh': 'Warn on import * patterns',
-      'no-todo-ship.sh': 'Warn on TODO/FIXME in commits',
-      'test-coverage-guard.sh': 'Warn when code grows without tests',
-      'ci-skip-guard.sh': 'Warn on [skip ci] and --no-verify',
-      'debug-leftover-guard.sh': 'Detect debugger/pdb/binding.pry in staged code',
-      'typescript-strict-guard.sh': 'Warn when tsconfig strict mode disabled',
-      'sensitive-regex-guard.sh': 'Detect ReDoS-vulnerable regex patterns',
-      'git-author-guard.sh': 'Verify git author is configured',
+      'file-reference-check.sh': 'Verify referenced file paths exist',
+      'git-author-guard.sh': 'Verify commit author is configured correctly',
       'git-blame-context.sh': 'Show file ownership before major edits',
-      'import-cycle-warn.sh': 'Detect circular import patterns',
-      'env-drift-guard.sh': 'Detect .env vs .env.example mismatch',
+      'git-lfs-guard.sh': 'Suggest Git LFS for large binary files',
+      'git-message-length-check.sh': 'Warn on too-short commit messages',
+      'git-message-length.sh': 'Git Message Length',
+      'gitignore-check.sh': 'Gitignore Check',
+      'go-mod-tidy-warn.sh': 'Go Mod Tidy Warn',
+      'go-vet-after-edit.sh': 'Run go vet after editing Go files',
+      'hallucination-url-check.sh': 'Detect potentially hallucinated URLs',
+      'hardcoded-secret-detector.sh': 'Detect hardcoded secrets in edits',
+      'import-cycle-warn.sh': 'Detect potential circular imports',
+      'java-compile-on-edit.sh': 'Check Java compilation after edits',
+      'json-syntax-check.sh': 'Validate JSON files after editing',
+      'license-check.sh': 'Warn when creating files without a license header',
+      'lockfile-guard.sh': 'Warn when lockfiles are modified unexpectedly',
+      'magic-number-warn.sh': 'Magic Number Warn',
+      'main-branch-warn.sh': 'Warn when working directly on main/master',
+      'markdown-link-check.sh': 'Verify local file links in markdown',
+      'max-function-length.sh': 'Max Function Length',
+      'max-import-count.sh': 'Max Import Count',
+      'max-line-length-check.sh': 'Warn on lines exceeding max length after edit',
+      'no-console-assert.sh': 'No Console Assert',
+      'no-console-error-swallow.sh': 'No Console Error Swallow',
+      'no-console-in-prod.sh': 'No Console In Prod',
+      'no-console-log-commit.sh': 'Block commits containing console.log',
+      'no-console-time.sh': 'No Console Time',
+      'no-eval-in-template.sh': 'No Eval In Template',
+      'no-eval-template.sh': 'No Eval Template',
+      'no-eval.sh': 'No Eval',
+      'no-todo-ship.sh': 'Block commits with TODO/FIXME/HACK markers',
+      'no-wildcard-cors.sh': 'No Wildcard Cors',
+      'no-wildcard-delete.sh': 'No Wildcard Delete',
+      'no-wildcard-import.sh': 'No Wildcard Import',
+      'npm-audit-warn.sh': 'Npm Audit Warn',
+      'output-explosion-detector.sh': 'Detect abnormally large tool outputs',
+      'output-pii-detect.sh': 'Detect PII/sensitive data in tool output',
+      'output-token-env-check.sh': 'Warn if max output tokens is not configured',
       'package-script-guard.sh': 'Warn when package.json scripts change',
-      'lockfile-guard.sh': 'Warn when lockfiles modified in commits',
-      'git-lfs-guard.sh': 'Suggest Git LFS for large files',
-      'python-ruff-on-edit.sh': 'PostToolUse: lint Python files after edit (ruff/flake8/pylint)',
-      'typescript-lint-on-edit.sh': 'PostToolUse: type check TypeScript files after edit (tsc --noEmit)',
+      'php-lint-on-edit.sh': 'Run PHP syntax check after editing PHP files',
+      'plain-language-danger-warn.sh': 'Add plain-language warnings to dangerous commands',
+      'port-conflict-check.sh': 'Warn before starting a server on an occupied port',
+      'pr-description-check.sh': 'Pr Description Check',
+      'prefer-builtin-tools.sh': 'Deny bash commands that have dedicated built-in tool equivalents',
+      'prefer-const.sh': 'Prefer Const',
+      'prefer-dedicated-tools.sh': 'Force use of dedicated tools instead of Bash equivalents',
+      'prefer-optional-chaining.sh': 'Prefer Optional Chaining',
+      'push-requires-test-pass-record.sh': 'Record when tests pass (companion to push-requires-test-pass.sh)',
+      'push-requires-test-pass.sh': 'Block git push to main/production without test verification',
+      'python-import-check.sh': 'Detect unused imports in Python files',
+      'python-ruff-on-edit.sh': 'Run ruff lint after editing Python files',
+      'react-key-warn.sh': 'Warn about missing key props in JSX lists',
+      'readme-exists-check.sh': 'Readme Exists Check',
+      'readme-update-reminder.sh': 'Remind to update README when APIs change',
+      'require-issue-ref.sh': 'Warn when commit message lacks issue reference',
+      'ruby-lint-on-edit.sh': 'Run RuboCop after editing Ruby files',
+      'rust-clippy-after-edit.sh': 'Run cargo clippy after editing Rust files',
+      'sandbox-write-verify.sh': 'Verify file existence before overwrite in sandbox mode',
+      'sensitive-regex-guard.sh': 'Warn on ReDoS-vulnerable regex patterns',
+      'session-start-safety-check.sh': 'Warn about uncommitted changes on session start',
+      'settings-mutation-detector.sh': 'Detect unauthorized changes to Claude settings files',
+      'skill-injection-detector.sh': 'Detect silently injected skills/plugins',
+      'sql-injection-detect.sh': 'Sql Injection Detect',
+      'svelte-lint-on-edit.sh': 'Svelte Lint On Edit',
+      'swift-build-on-edit.sh': 'Run swift build check after editing Swift files',
+      'test-after-edit.sh': 'Remind to run tests after editing test files',
+      'test-before-commit.sh': 'Test Before Commit',
+      'test-before-push.sh': 'Block git push when tests haven\'t passed',
+      'test-coverage-guard.sh': 'Warn when code grows without tests',
+      'test-coverage-reminder.sh': 'Remind to run tests after code changes',
+      'test-deletion-guard.sh': 'Block deletion of test assertions',
+      'test-exit-code-verify.sh': 'Verify test command exit codes match results',
+      'todo-check.sh': 'Warn when committing files with TODO/FIXME/HACK comments',
+      'todo-deadline-warn.sh': 'Warn about expired TODO deadlines in edited files',
+      'typescript-lint-on-edit.sh': 'Run TypeScript type check after editing .ts/.tsx files',
+      'typescript-strict-check.sh': 'Warn when TypeScript strict mode is disabled',
+      'typescript-strict-guard.sh': 'Warn when tsconfig.json strict mode is disabled',
+      'unicode-corruption-check.sh': 'Detect Unicode corruption after Edit/Write',
+      'usage-warn.sh': 'Usage Warn',
+      'verify-before-commit.sh': 'Block git commit unless tests passed recently',
+      'verify-before-done.sh': 'Warn when committing without running tests',
+      'vue-lint-on-edit.sh': 'Vue Lint On Edit',
+      'write-test-ratio.sh': 'Write Test Ratio',
+      'yaml-syntax-check.sh': 'Validate YAML after editing',
+    },
+    'Monitoring': {
+      'api-rate-limit-tracker.sh': 'Track API call frequency and warn on burst',
+      'cost-tracker.sh': 'Estimate session token cost',
+      'cross-session-error-log.sh': 'Persist error patterns across sessions',
+      'daily-usage-tracker.sh': 'Track daily tool call count',
+      'edit-counter-test-gate.sh': 'Require testing after N consecutive edits',
+      'edit-error-counter.sh': 'Warn when Edit tool fails repeatedly',
+      'file-change-monitor.sh': 'Track all files modified during a session',
+      'file-change-tracker.sh': 'Track all file modifications in a session',
+      'mcp-tool-audit-log.sh': 'Log all MCP tool calls for security auditing',
+      'no-console-log.sh': 'No Console Log',
+      'no-sensitive-log.sh': 'No Sensitive Log',
+      'read-audit-log.sh': 'Log all file read operations for forensics',
+      'session-budget-alert.sh': 'Show session budget status on start',
+      'session-end-logger.sh': 'Log session activity at exit',
+      'session-error-rate-monitor.sh': 'Detect session quality degradation',
+      'session-health-monitor.sh': 'Monitor session health metrics',
+      'session-memory-watchdog.sh': 'Session Memory Watchdog',
+      'session-quota-tracker.sh': 'Track cumulative tool calls per session',
+      'session-token-counter.sh': 'Track tool usage count per session',
+      'token-usage-tracker.sh': 'Token Usage Tracker',
+      'tool-call-rate-limiter.sh': 'Prevent runaway tool calls',
+      'tool-file-logger.sh': 'Log file paths from Read/Write/Edit to stderr',
+      'usage-cache-local.sh': 'Cache usage info locally to avoid API calls',
     },
     'Recovery': {
-      'auto-checkpoint.sh': 'Auto-commit after edits for rollback protection',
-      'auto-snapshot.sh': 'Auto-save file snapshots before edits (rollback protection)',
-      'session-checkpoint.sh': 'Save session state before context compaction',
+      'auto-checkpoint.sh': 'Auto-commit after every edit for rollback protection',
+      'auto-git-checkpoint.sh': 'Auto Git Checkpoint',
+      'auto-snapshot.sh': 'Automatic file snapshots before every edit',
+      'auto-stash-before-pull.sh': 'Suggest stash before git pull/merge',
+      'backup-before-refactor.sh': 'Backup Before Refactor',
+      'checkpoint-tamper-guard.sh': 'Block manipulation of hook state/checkpoint files',
+      'context-compact-advisor.sh': 'Context Compact Advisor',
+      'context-snapshot.sh': 'Save session state before context loss',
+      'file-change-undo-tracker.sh': 'Track file changes for easy undo',
+      'file-edit-backup.sh': 'Auto-backup files before Edit/Write overwrites them',
+      'file-recycle-bin.sh': 'Move deleted files to recycle bin instead of permanent deletion',
+      'git-stash-before-checkout.sh': 'Auto-stash before risky git checkouts',
+      'git-stash-before-danger.sh': 'Auto-stash before risky git operations',
+      'post-compact-restore.sh': 'Restore context after /compact',
+      'pre-compact-checkpoint.sh': 'Auto-save before context compaction',
+      'pre-compact-knowledge-save.sh': 'Save critical context before compaction',
+      'pre-compact-transcript-export.sh': 'Export conversation before compaction',
+      'revert-helper.sh': 'Show revert command when session ends badly',
+      'session-checkpoint.sh': 'Auto-save session state on every stop',
+      'session-handoff.sh': 'Auto-save session state for next session',
+      'session-resume-env-fix.sh': 'Fix CLAUDE_ENV_FILE path on session resume',
+      'session-resume-guard.sh': 'Verify context is loaded after session resume',
+      'session-state-saver.sh': 'Session State Saver',
+      'session-summary-stop.sh': 'Print session change summary on stop',
+      'session-summary.sh': 'Session Summary',
+      'settings-auto-backup.sh': 'Auto-backup settings on session start',
+      'terminal-state-restore.sh': 'terminal-state-restore — restore terminal to clean state on session exit',
     },
     'UX': {
-      'prompt-length-guard.sh': 'UserPromptSubmit: warn on long prompts (>5000 chars)',
-      'prompt-injection-detector.sh': 'UserPromptSubmit: detect prompt injection patterns',
-      'auto-answer-question.sh': 'PreToolUse: auto-answer AskUserQuestion for headless mode (v2.1.85)',
-      'notify-waiting.sh': 'Desktop notification when Claude waits for input',
-      'tmp-cleanup.sh': 'Clean up /tmp/claude-*-cwd files on session end',
-      'hook-debug-wrapper.sh': 'Wrap any hook to log input/output/exit/timing',
+      'auto-answer-question.sh': 'Auto-answer AskUserQuestion for headless/autonomous mode',
+      'binary-file-guard.sh': 'Warn when Write creates binary/large files',
+      'compact-reminder.sh': 'Remind to /compact when context is low',
+      'consecutive-error-breaker.sh': 'Stop after N consecutive errors',
+      'consecutive-failure-circuit-breaker.sh': 'Stop after repeated failures',
+      'context-threshold-alert.sh': 'Alert at configurable context usage thresholds',
+      'cwd-reminder.sh': 'Remind Claude of the current working directory',
+      'dangling-process-guard.sh': 'Detect background processes left running',
+      'dependency-audit.sh': 'Warn before installing unknown packages',
+      'diff-size-guard.sh': 'Warn on large uncommitted changes',
+      'disk-space-check.sh': 'Warn if disk space is low at session start',
+      'disk-space-guard.sh': 'Warn when disk space is running low',
+      'encoding-guard.sh': 'Warn when writing to non-UTF-8 files',
+      'error-memory-guard.sh': 'Detect repeated failed commands',
+      'file-size-limit.sh': 'File Size Limit',
+      'fish-shell-wrapper.sh': 'Run Bash tool commands in fish shell',
+      'five-hundred-milestone.sh': 'Five Hundred Milestone',
+      'git-show-flag-sanitizer.sh': 'Strip invalid --no-stat from git show',
+      'hook-debug-wrapper.sh': 'Debug wrapper for any Claude Code hook',
+      'hook-stdout-sanitizer.sh': 'Prevent hook stdout from corrupting tool results',
+      'large-read-guard.sh': 'Warn before reading large files',
+      'long-session-reminder.sh': 'Warn when session runs too long',
       'loop-detector.sh': 'Detect and break command repetition loops',
-      'session-handoff.sh': 'Auto-save session state for next session resume',
-      'commit-quality-gate.sh': 'Warn on vague or too-long commit messages',
-      'diff-size-guard.sh': 'Warn/block on large diffs (10+ files warn, 50+ block)',
-      'dependency-audit.sh': 'Warn on new package installs not in manifest',
-      'binary-file-guard.sh': 'Warn when Write targets binary file types',
-      'stale-branch-guard.sh': 'Warn when branch is far behind default',
-      'symlink-guard.sh': 'Detect symlink/junction traversal in rm targets',
-      'cost-tracker.sh': 'Estimate session token cost ($1 warn, $5 alert)',
-      'read-before-edit.sh': 'Warn when editing files not recently read',
-      'no-sudo-guard.sh': 'Block all sudo commands',
-      'no-install-global.sh': 'Block npm -g and system-wide pip',
-      'no-curl-upload.sh': 'Warn on curl POST/upload',
-      'no-port-bind.sh': 'Warn on network port binding',
-      'git-tag-guard.sh': 'Block pushing all tags at once',
-      'npm-publish-guard.sh': 'Version check before npm publish',
-      'max-file-count-guard.sh': 'Warn when 20+ files created per session',
-      'protect-claudemd.sh': 'Block edits to CLAUDE.md and settings files',
-      'reinject-claudemd.sh': 'Re-inject CLAUDE.md rules after compaction',
-      'token-budget-guard.sh': 'Block when estimated cost exceeds budget',
-      'output-length-guard.sh': 'Warn when tool output exceeds 50KB',
-      'error-memory-guard.sh': 'Block retries of already-failed commands',
-      'parallel-edit-guard.sh': 'Detect concurrent edits to same file',
-      'large-read-guard.sh': 'Warn before catting large files',
-      'context-snapshot.sh': 'Auto-save session state before context loss',
-      'compact-reminder.sh': 'Suggest /compact after N tool calls',
-      'revert-helper.sh': 'Show undo command when session ends',
-      'hardcoded-secret-detector.sh': 'Detect AWS keys, passwords, JWT in code',
-      'prompt-injection-guard.sh': 'Detect injection patterns in tool output',
-      'verify-before-done.sh': 'Warn when committing without running tests',
-      'disk-space-guard.sh': 'Warn when disk space is low',
-      'changelog-reminder.sh': 'Remind to update CHANGELOG on version bump',
-      'rate-limit-guard.sh': 'Detect rapid-fire tool calls',
-      'stale-env-guard.sh': 'Warn when .env is 90+ days old',
-      'node-version-guard.sh': 'Detect .nvmrc version mismatch',
-      'auto-stash-before-pull.sh': 'Warn before pull/merge with dirty tree',
-      'license-check.sh': 'Note missing license headers in source files',
-      'backup-before-refactor.sh': 'Auto-stash before large refactors',
-      'file-size-limit.sh': 'Block creating files over 1MB',
-      'branch-naming-convention.sh': 'Enforce feat/fix/chore branch prefixes',
-      'pr-description-check.sh': 'Ensure PRs have description body',
+      'max-file-count-guard.sh': 'Max File Count Guard',
       'max-session-duration.sh': 'Warn when session exceeds time limit',
-      'dangling-process-guard.sh': 'Detect background processes after session',
-      'encoding-guard.sh': 'Warn on non-UTF-8 file edits',
-      'post-compact-restore.sh': 'Restore context after /compact',
-      'ssh-key-protect.sh': 'Block reading SSH private keys',
-      'git-signed-commit-guard.sh': 'Warn on --no-gpg-sign',
-      'terraform-guard.sh': 'Block terraform destroy',
-      'kubernetes-guard.sh': 'Block kubectl delete namespace',
-      'subagent-scope-guard.sh': 'Limit subagent file access',
-      'git-remote-guard.sh': 'Warn on non-origin remotes',
-      'aws-region-guard.sh': 'Warn on unexpected AWS region',
-      'api-endpoint-guard.sh': 'Block cloud metadata endpoints',
-      'crontab-guard.sh': 'Warn before modifying crontab',
-      'typosquat-guard.sh': 'Detect package typosquatting',
+      'node-version-check.sh': 'Warn if Node.js version is too old',
+      'node-version-guard.sh': 'Warn when Node.js version doesn\'t match .nvmrc',
+      'notify-waiting.sh': 'Desktop notification when Claude needs input',
+      'output-length-guard.sh': 'Warn when tool output is very large',
+      'parallel-edit-guard.sh': 'Detect concurrent edits to same file',
+      'plan-mode-edit-guard.sh': 'Warn when editing non-plan files during plan mode',
+      'plan-mode-enforcer.sh': 'Hard-enforce Plan Mode read-only constraint',
+      'plan-mode-strict-guard.sh': 'Hard-block all write operations during plan mode',
+      'plan-repo-sync.sh': 'Sync plan files from ~/.claude/ into your repo',
+      'plugin-process-cleanup.sh': 'Kill leaked plugin subprocesses on session end',
+      'prompt-injection-detector.sh': 'UserPromptSubmit hook',
+      'prompt-length-guard.sh': 'UserPromptSubmit hook',
+      'rate-limit-guard.sh': 'Rate Limit Guard',
+      'read-before-edit.sh': 'Warn when editing files not recently read',
+      'reinject-claudemd.sh': 'Re-inject CLAUDE.md content after compact',
+      'session-time-limit.sh': 'Warn when session exceeds time limit',
+      'skill-gate.sh': 'Skill Gate',
+      'stale-branch-guard.sh': 'Warn when working on a stale branch',
+      'stale-env-guard.sh': 'Warn when .env files are very old',
+      'system-message-workaround.sh': 'Ensure hook warnings reach both user and model',
+      'temp-file-cleanup-stop.sh': 'Clean up tmpclaude-* files on session end',
+      'temp-file-cleanup.sh': 'Stop hook',
+      'tmp-cleanup.sh': 'Clean up /tmp/claude-*-cwd temp files',
+      'token-budget-guard.sh': 'Estimate and limit session token cost',
+      'token-budget-per-task.sh': 'Track and warn on per-task token usage',
+      'virtual-cwd-helper.sh': 'Remind about virtual working directory',
+    },
+    'Agent Controls': {
+      'max-concurrent-agents.sh': 'Limit number of simultaneous subagents',
+      'max-subagent-count.sh': 'Max Subagent Count',
+      'mcp-config-freeze.sh': 'Prevent MCP configuration changes during session',
+      'mcp-data-boundary.sh': 'Prevent MCP tools from accessing sensitive paths',
+      'mcp-orphan-process-guard.sh': 'Detect orphaned MCP server processes',
+      'mcp-server-allowlist.sh': 'Restrict MCP tool calls to allowed servers',
+      'mcp-server-guard.sh': 'Block unauthorized MCP server configuration changes',
+      'mcp-tool-guard.sh': 'Mcp Tool Guard',
+      'subagent-budget-guard.sh': 'Subagent Budget Guard',
+      'subagent-claudemd-inject.sh': 'Inject CLAUDE.md rules into subagent prompts',
+      'subagent-context-size-guard.sh': 'Warn on thin subagent prompts',
+      'subagent-scope-guard.sh': 'Limit subagent file access scope',
+      'subagent-scope-validator.sh': 'Validate subagent task scope before launch',
+      'subagent-tool-call-limiter.sh': 'Limit total tool calls per session',
+    },
+    'Other': {
+      'token-spike-alert.sh': 'Alert on abnormal token consumption per turn',
     },
   };