cc-safe-setup 29.6.32 → 29.6.36

package/examples/deploy-path-verify-guard.sh

@@ -0,0 +1,62 @@
+#!/bin/bash
+# deploy-path-verify-guard.sh — Verify deployment target path before writes
+#
+# Solves: Writing files to wrong filesystem path in Docker setups (#40421).
+#         Claude wrote to host /srv/ instead of Docker mount /opt/acestream/public/
+#         three times, each time claiming deployment was successful.
+#
+# How it works: Before writing to paths matching CC_DEPLOY_PATHS pattern,
+#   verifies the target is actually mounted/accessible. Catches host-vs-container
+#   path confusion.
+#
+# CONFIG:
+#   CC_DEPLOY_PATHS="/srv:/opt/acestream/public:/var/www"
+#   CC_DEPLOY_VERIFY_CMD="docker inspect --format '{{.Mounts}}' mycontainer"
+#
+# TRIGGER: PreToolUse
+# MATCHER: "Bash|Write"
+
+set -euo pipefail
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)
+
+DEPLOY_PATHS="${CC_DEPLOY_PATHS:-/srv:/var/www:/opt}"
+
+# For Write tool, check file_path
+if [ "$TOOL" = "Write" ]; then
+  FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+  [ -z "$FILE" ] && exit 0
+
+  IFS=':' read -ra PATHS <<< "$DEPLOY_PATHS"
+  for dp in "${PATHS[@]}"; do
+    if [[ "$FILE" == "$dp"* ]]; then
+      echo "WARNING: Writing to deployment path $dp." >&2
+      echo "File: $FILE" >&2
+      echo "" >&2
+      echo "Verify this is the correct target:" >&2
+      echo "  - Is this inside a Docker container or on the host?" >&2
+      echo "  - Run 'docker inspect' to check bind mounts first." >&2
+      # Warning only (exit 0), not blocking — change to exit 2 to block
+      exit 0
+    fi
+  done
+fi
+
+# For Bash tool, check commands that write to deploy paths
+if [ "$TOOL" = "Bash" ]; then
+  COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+  [ -z "$COMMAND" ] && exit 0
+
+  IFS=':' read -ra PATHS <<< "$DEPLOY_PATHS"
+  for dp in "${PATHS[@]}"; do
+    if echo "$COMMAND" | grep -qE "(cp|mv|tee|cat.*>|echo.*>).*${dp}"; then
+      echo "WARNING: Bash command targets deployment path $dp." >&2
+      echo "Command: $COMMAND" >&2
+      echo "Verify the target path is correct (host vs container)." >&2
+      exit 0
+    fi
+  done
+fi
+
+exit 0

package/examples/deployment-verify-guard.sh

@@ -0,0 +1,81 @@
+#!/bin/bash
+# ================================================================
+# deployment-verify-guard.sh — Warn if committing without post-deploy verification
+# ================================================================
+# PURPOSE:
+#   Claude Code sometimes reports "deployment successful" without
+#   actually verifying the deployment works. This hook tracks deploy
+#   commands and checks that functional verification was performed
+#   before the next git commit.
+#
+# How it works:
+#   1. When a deploy command is detected, logs timestamp to a marker file
+#   2. When verification commands (test, curl, log grep) run, clears the marker
+#   3. When git commit is attempted after a deploy without verification,
+#      emits a warning (non-blocking, exit 0)
+#
+# See: https://github.com/anthropics/claude-code/issues/40861
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
+#
+# Configuration:
+#   CC_DEPLOY_COMMANDS — regex pattern for deploy commands
+#   Default: "systemctl restart|docker restart|docker-compose up|deploy|kubectl apply|terraform apply|heroku push"
+#
+#   CC_VERIFY_COMMANDS — regex pattern for verification commands
+#   Default: "curl|wget|test |pytest|npm test|jest|mocha|rspec|go test|cargo test|make test|grep.*log|tail.*log|journalctl|docker logs|health"
+# ================================================================
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+
+[ -z "$COMMAND" ] && exit 0
+
+MARKER="/tmp/cc-deploy-pending-$$"
+
+# Configurable deploy command patterns
+DEPLOY_PATTERN="${CC_DEPLOY_COMMANDS:-systemctl\s+restart|docker\s+restart|docker-compose\s+up|docker\s+compose\s+up|\bdeploy\b|kubectl\s+apply|terraform\s+apply|heroku\s+.*push|fly\s+deploy}"
+
+# Configurable verify command patterns
+VERIFY_PATTERN="${CC_VERIFY_COMMANDS:-\bcurl\b|\bwget\b|\btest\s|\bpytest\b|npm\s+test|\bjest\b|\bmocha\b|\brspec\b|go\s+test|cargo\s+test|make\s+test|grep.*log|tail.*log|\bjournalctl\b|docker\s+logs|\bhealth}"
+
+# Skip echo/printf
+echo "$COMMAND" | grep -qE '^\s*(echo|printf)\s' && exit 0
+
+# Check if this is a deploy command
+if echo "$COMMAND" | grep -qiE "$DEPLOY_PATTERN"; then
+    date +%s > "$MARKER"
+    echo "Deploy detected. Verification will be required before commit." >&2
+    exit 0
+fi
+
+# Check if this is a verification command — clear the deploy marker
+if echo "$COMMAND" | grep -qiE "$VERIFY_PATTERN"; then
+    if [ -f "$MARKER" ]; then
+        rm -f "$MARKER"
+    fi
+    exit 0
+fi
+
+# Check if this is a git commit after an unverified deploy
+if echo "$COMMAND" | grep -qE '\bgit\s+commit\b'; then
+    if [ -f "$MARKER" ]; then
+        DEPLOY_TIME=$(cat "$MARKER" 2>/dev/null || echo "unknown")
+        echo "WARNING: Committing after deployment without verification." >&2
+        echo "" >&2
+        echo "A deploy command was run (at timestamp $DEPLOY_TIME) but no" >&2
+        echo "verification command was detected since then." >&2
+        echo "" >&2
+        echo "Recommended verifications:" >&2
+        echo "  curl http://localhost:<port>/health" >&2
+        echo "  npm test / pytest / go test" >&2
+        echo "  docker logs <container> | tail" >&2
+        echo "  journalctl -u <service> --since '5 min ago'" >&2
+        echo "" >&2
+        echo "See: https://github.com/anthropics/claude-code/issues/40861" >&2
+        # Non-blocking — just warn
+        rm -f "$MARKER"
+    fi
+fi
+
+exit 0

package/examples/django-migrate-guard.sh

@@ -17,6 +17,8 @@
 #   }
 # }
 # ================================================================
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 
 INPUT=$(cat)
 COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)

package/examples/docker-volume-guard.sh

@@ -1,4 +1,6 @@
 #!/bin/bash
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
 [ -z "$COMMAND" ] && exit 0
 if echo "$COMMAND" | grep -qE '\bdocker\s+volume\s+(rm|prune)\b'; then

package/examples/dockerfile-latest-guard.sh

@@ -1,3 +1,5 @@
+#
+# TRIGGER: PreToolUse  MATCHER: "Edit|Write"
 INPUT=$(cat)
 FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
 [[ -z "$FILE" ]] && exit 0

package/examples/dotenv-commit-guard.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+# dotenv-commit-guard.sh — Prevent committing .env files with secrets
+#
+# Solves: Claude adding .env files to git staging and committing them.
+#         Even with .gitignore, Claude can `git add -f .env` to force-add.
+#
+# How it works: PreToolUse hook on Bash that detects git add/commit
+#   commands including .env files and blocks them.
+#
+# TRIGGER: PreToolUse
+# MATCHER: "Bash"
+
+set -euo pipefail
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+[ -z "$COMMAND" ] && exit 0
+
+# Check for git add with .env files
+# Allow .env.example, .env.sample, .env.template
+if echo "$COMMAND" | grep -qE 'git\s+add\s+.*\.env\.(example|sample|template)'; then
+    exit 0
+fi
+if echo "$COMMAND" | grep -qE 'git\s+add\s+.*\.env'; then
+    echo "BLOCKED: Adding .env file to git staging." >&2
+    echo "  .env files contain secrets and should not be committed." >&2
+    echo "  Use .env.example with placeholder values instead." >&2
+    exit 2
+fi
+
+# Check for git add -A/-f that might include .env
+if echo "$COMMAND" | grep -qE 'git\s+add\s+(-A|--all|-f|--force)\b'; then
+    # Check if .env exists in the working directory
+    if [ -f ".env" ] || [ -f ".env.local" ] || [ -f ".env.production" ]; then
+        # Check if .gitignore excludes it
+        if ! git check-ignore -q .env 2>/dev/null; then
+            echo "WARNING: 'git add -A' with .env file not in .gitignore." >&2
+            echo "  Add .env to .gitignore before staging all files." >&2
+            # Warning only for git add -A
+        fi
+    fi
+fi
+
+exit 0

package/examples/dotenv-example-sync.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+# ================================================================
+# dotenv-example-sync.sh — Warn when .env changes but .env.example doesn't
+# ================================================================
+# PURPOSE:
+#   When Claude edits .env (adding/removing variables), .env.example
+#   should be updated to match. This hook warns if .env was modified
+#   but .env.example still has different keys, preventing deployment
+#   failures when team members don't have the new variables.
+#
+# TRIGGER: PostToolUse
+# MATCHER: "Edit|Write"
+#
+# DECISION: Advisory only (exit 0). Warns via stderr.
+# ================================================================
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[ -z "$FILE" ] && exit 0
+
+# Only trigger when .env is edited (not .env.example itself)
+case "$(basename "$FILE")" in
+    .env|.env.local|.env.development|.env.production) ;;
+    *) exit 0 ;;
+esac
+
+# Find corresponding .env.example
+DIR=$(dirname "$FILE")
+EXAMPLE=""
+for candidate in "$DIR/.env.example" "$DIR/.env.sample" "$DIR/.env.template"; do
+    if [ -f "$candidate" ]; then
+        EXAMPLE="$candidate"
+        break
+    fi
+done
+
+[ -z "$EXAMPLE" ] && exit 0
+[ ! -f "$FILE" ] && exit 0
+
+# Extract variable names (lines with KEY=)
+ENV_KEYS=$(grep -oE '^[A-Z_][A-Z0-9_]*=' "$FILE" 2>/dev/null | sort -u)
+EXAMPLE_KEYS=$(grep -oE '^[A-Z_][A-Z0-9_]*=' "$EXAMPLE" 2>/dev/null | sort -u)
+
+# Find keys in .env but not in .env.example
+MISSING=$(comm -23 <(echo "$ENV_KEYS") <(echo "$EXAMPLE_KEYS"))
+
+if [ -n "$MISSING" ]; then
+    echo "⚠ .env has variables not in $(basename "$EXAMPLE"):" >&2
+    echo "$MISSING" | sed 's/=$//' | while read key; do
+        echo "  + $key" >&2
+    done
+    echo "  Update $(basename "$EXAMPLE") so teammates have the full variable list." >&2
+fi
+
+exit 0

package/examples/dotnet-build-on-edit.sh

@@ -17,6 +17,8 @@
 #   }
 # }
 # ================================================================
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 
 INPUT=$(cat)
 FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)

package/examples/drizzle-migrate-guard.sh

@@ -16,6 +16,8 @@
 #   }
 # }
 # ================================================================
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 
 INPUT=$(cat)
 COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)

package/examples/edit-counter-test-gate.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+# edit-counter-test-gate.sh — Require testing after N consecutive edits
+#
+# Solves: Reactive cycling through fixes without testing (#40401).
+#         Opus writing 4 different fix approaches in sequence without
+#         verifying any of them actually work.
+#
+# How it works: PostToolUse hook on Edit that counts consecutive edits.
+#   After CC_MAX_EDITS_BEFORE_TEST (default 3) edits without a Bash
+#   command (assumed test/build), warns the model to test first.
+#
+# TRIGGER: PostToolUse
+# MATCHER: "Edit|Bash"
+
+set -euo pipefail
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)
+MAX_EDITS="${CC_MAX_EDITS_BEFORE_TEST:-3}"
+COUNTER_FILE="/tmp/claude-edit-test-gate-${PPID:-0}"
+
+case "$TOOL" in
+  Edit|Write)
+    # Increment edit counter
+    COUNT=$(cat "$COUNTER_FILE" 2>/dev/null || echo 0)
+    COUNT=$((COUNT + 1))
+    echo "$COUNT" > "$COUNTER_FILE"
+
+    if [ "$COUNT" -ge "$MAX_EDITS" ]; then
+      echo "WARNING: $COUNT consecutive edits without testing." >&2
+      echo "" >&2
+      echo "Run your test/build command before making more changes." >&2
+      echo "Untested fixes compound — verify each approach works" >&2
+      echo "before trying the next one." >&2
+      # Warning only — change to exit 2 to block
+    fi
+    ;;
+  Bash)
+    # Bash command (likely test/build) — reset counter
+    echo "0" > "$COUNTER_FILE"
+    ;;
+esac
+
+exit 0

package/examples/edit-error-counter.sh

@@ -19,6 +19,8 @@
 #   }
 # }
 # ================================================================
+#
+# TRIGGER: PreToolUse  MATCHER: "Edit|Write"
 
 INPUT=$(cat)
 TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)

package/examples/edit-guard.sh

@@ -16,6 +16,8 @@
 #     }]
 #   }
 # }
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 
 INPUT=$(cat)
 TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)

package/examples/edit-old-string-validator.sh

@@ -0,0 +1,37 @@
+#!/bin/bash
+# edit-old-string-validator.sh — Pre-validate Edit tool old_string exists
+#
+# Solves: Parallel Edit tool calls cascade-fail when one Edit's
+#         old_string doesn't match the file content (#22264).
+#         By catching mismatches before execution, sibling
+#         edits in the same batch can proceed normally.
+#
+# How it works: Reads the Edit tool input, checks if old_string
+#   exists in the target file. If not found, blocks with exit 2
+#   and a descriptive error message.
+#
+# TRIGGER: PreToolUse
+# MATCHER: "Edit"
+
+set -euo pipefail
+INPUT=$(cat)
+
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+OLD_STRING=$(echo "$INPUT" | jq -r '.tool_input.old_string // empty' 2>/dev/null)
+
+# Skip if no file or old_string
+[ -z "$FILE" ] && exit 0
+[ -z "$OLD_STRING" ] && exit 0
+
+# Skip if file doesn't exist (Edit tool will handle that error)
+[ ! -f "$FILE" ] && exit 0
+
+# Check if old_string exists in the file
+if ! grep -qF "$OLD_STRING" "$FILE" 2>/dev/null; then
+  echo "BLOCKED: old_string not found in $FILE." >&2
+  echo "The file may have been modified by a prior edit in this batch." >&2
+  echo "Re-read the file to get the current content before retrying." >&2
+  exit 2
+fi
+
+exit 0

package/examples/edit-retry-loop-guard.sh

@@ -6,6 +6,8 @@
 #
 # Tracks consecutive Edit failures on the same file. After 3 failures,
 # warns the model to verify the file path.
+#
+# TRIGGER: PreToolUse  MATCHER: "Edit|Write"
 
 INPUT=$(cat)
 TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)

package/examples/edit-verify.sh

@@ -1,4 +1,6 @@
 #!/bin/bash
+#
+# TRIGGER: PreToolUse  MATCHER: "Edit|Write"
 INPUT=$(cat)
 TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)
 FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)

package/examples/encoding-preserve-guard.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+# ================================================================
+# encoding-preserve-guard.sh — Warn when file encoding changes
+# ================================================================
+# PURPOSE:
+#   Claude's Write tool always outputs UTF-8. When editing files
+#   that use different encodings (UTF-8 BOM, Latin-1, Shift-JIS),
+#   the encoding silently changes, potentially corrupting content.
+#   Common in legacy codebases, .csv exports, Windows batch files.
+#
+# TRIGGER: PreToolUse
+# MATCHER: "Write|Edit"
+# ================================================================
+
+INPUT=$(cat)
+TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+
+[[ "$TOOL" != "Write" && "$TOOL" != "Edit" ]] && exit 0
+[ -z "$FILE" ] || [ ! -f "$FILE" ] && exit 0
+
+# Check for BOM (Byte Order Mark)
+if head -c 3 "$FILE" 2>/dev/null | od -An -tx1 | grep -q "ef bb bf"; then
+    echo "WARNING: $FILE has UTF-8 BOM. Write tool may strip the BOM." >&2
+fi
+
+# Check for non-UTF-8 encoding using file command
+ENCODING=$(file -bi "$FILE" 2>/dev/null | grep -oP 'charset=\K\S+')
+if [ -n "$ENCODING" ] && [ "$ENCODING" != "utf-8" ] && [ "$ENCODING" != "us-ascii" ]; then
+    echo "WARNING: $FILE uses $ENCODING encoding. Write tool outputs UTF-8." >&2
+    echo "  This may corrupt non-ASCII characters in the file." >&2
+fi
+
+exit 0

package/examples/enforce-tests.sh

@@ -8,6 +8,8 @@
 # Usage: Add to settings.json as a PostToolUse hook on "Edit|Write"
 #
 # Customize TEST_PATTERN for your project's test file naming convention.
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 
 INPUT=$(cat)
 FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)

package/examples/env-inherit-guard.sh

@@ -23,6 +23,8 @@
 #   }
 # }
 # ================================================================
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 
 INPUT=$(cat)
 COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)

package/examples/env-inline-secret-guard.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+# env-inline-secret-guard.sh — Block .env values from appearing in commands
+#
+# Solves: Claude reading .env and hardcoding secrets into inline scripts (#24185).
+#         API keys, database URLs, and tokens get embedded in bash commands,
+#         potentially leaking to logs, history, or screen recordings.
+#
+# How it works: PreToolUse hook on Bash that detects common secret patterns
+#   (API keys, tokens, connection strings) in command text.
+#   If found, blocks with exit 2 and suggests environment variable usage.
+#
+# TRIGGER: PreToolUse
+# MATCHER: "Bash"
+
+set -euo pipefail
+
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
+[ -z "$COMMAND" ] && exit 0
+
+# Detect inline secrets: known API key prefixes (20+ chars)
+# sk- (OpenAI), ghp_/ghu_ (GitHub), AKIA (AWS)
+if echo "$COMMAND" | grep -qE '(sk-[a-zA-Z0-9]{20,}|ghp_[a-zA-Z0-9]{36}|ghu_[a-zA-Z0-9]{36}|AKIA[0-9A-Z]{16}|xoxb-[0-9]+-[0-9]+-[a-zA-Z0-9]+)'; then
+  echo "BLOCKED: Possible secret/credential detected in command." >&2
+  echo "Use environment variables instead of inline secrets." >&2
+  exit 2
+fi
+
+# Detect generic long tokens in auth headers or parameters
+if echo "$COMMAND" | grep -qE "(Authorization:|Bearer |token=|api[_-]?key=|secret=|password=)['\"]?[a-zA-Z0-9+/=_-]{32,}"; then
+  echo "BLOCKED: Long token/key detected inline in command." >&2
+  echo "Use environment variables or a secrets file instead." >&2
+  exit 2
+fi
+
+exit 0

package/examples/env-prod-guard.sh

@@ -1,4 +1,6 @@
 #!/bin/bash
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
 [ -z "$COMMAND" ] && exit 0
 if echo "$COMMAND" | grep -qiE "(NODE_ENV|RAILS_ENV|FLASK_ENV)=production"; then echo "WARNING: Production env detected in command" >&2; fi

package/examples/env-required-check.sh

@@ -1,4 +1,6 @@
 #!/bin/bash
+#
+# TRIGGER: PreToolUse  MATCHER: "Edit|Write"
 CONTENT=$(cat | jq -r '.tool_input.new_string // .tool_input.content // empty' 2>/dev/null)
 [ -z "$CONTENT" ] && exit 0
 echo "$CONTENT" | grep -qE "process\.env\.\w+\s*\|\|" || echo "$CONTENT" | grep -qE "process\.env\.\w+!" && echo "NOTE: Env var without default — add fallback" >&2

package/examples/env-var-check.sh

@@ -14,6 +14,8 @@
 #     }]
 #   }
 # }
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 
 INPUT=$(cat)
 COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)

package/examples/expo-eject-guard.sh

@@ -1,3 +1,5 @@
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
 INPUT=$(cat)
 COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
 [[ -z "$COMMAND" ]] && exit 0

package/examples/export-overwrite-guard.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+# export-overwrite-guard.sh — Prevent /export from overwriting existing files
+#
+# Solves: /export command overwrites files without warning (#37595).
+#         Users lose existing files when Claude exports to the same path.
+#
+# How it works: PreToolUse hook on Write that checks if the target file
+#   exists and contains content. If so, warns before allowing overwrite.
+#
+# TRIGGER: PreToolUse
+# MATCHER: "Write"
+
+set -euo pipefail
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[ -z "$FILE" ] && exit 0
+
+# Check if file exists and has content
+if [ -f "$FILE" ] && [ -s "$FILE" ]; then
+  SIZE=$(wc -c < "$FILE" 2>/dev/null || echo 0)
+  if [ "$SIZE" -gt 100 ]; then
+    echo "WARNING: Overwriting existing file '$FILE' ($SIZE bytes)." >&2
+    echo "Consider writing to a different path or backing up first." >&2
+    # Don't block — just warn via stderr
+  fi
+fi
+
+exit 0

package/examples/file-change-tracker.sh

@@ -23,6 +23,8 @@
 # }
 #
 # View changes: cat ~/.claude/session-changes.log
+#
+# TRIGGER: PreToolUse  MATCHER: "Edit|Write"
 
 INPUT=$(cat)
 TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty' 2>/dev/null)

package/examples/file-change-undo-tracker.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# file-change-undo-tracker.sh — Track file changes for easy undo
+#
+# Solves: After Claude makes unwanted changes across multiple files,
+#         users have no easy way to identify and revert all affected files.
+#         git diff works but only for tracked files.
+#
+# How it works: FileChanged hook that logs every file modification
+#   with timestamp and change type. Creates a revert script
+#   that can undo all changes from the current session.
+#
+# Usage: After session, run: bash /tmp/claude-undo-session.sh
+#
+# TRIGGER: FileChanged
+# MATCHER: ""
+
+set -euo pipefail
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.file // empty' 2>/dev/null)
+EVENT=$(echo "$INPUT" | jq -r '.event // empty' 2>/dev/null)
+
+[ -z "$FILE" ] && exit 0
+
+LOG_FILE="/tmp/claude-file-changes-${PPID:-0}.log"
+UNDO_FILE="/tmp/claude-undo-session-${PPID:-0}.sh"
+TIMESTAMP=$(date +"%H:%M:%S")
+
+# Log the change
+echo "${TIMESTAMP} ${EVENT:-modified} ${FILE}" >> "$LOG_FILE"
+
+# Track for undo (git-tracked files only)
+if git ls-files --error-unmatch "$FILE" &>/dev/null 2>&1; then
+    # File is git-tracked — can be reverted with git checkout
+    if ! grep -qF "git checkout -- \"$FILE\"" "$UNDO_FILE" 2>/dev/null; then
+        echo "git checkout -- \"$FILE\"  # ${EVENT:-modified} at ${TIMESTAMP}" >> "$UNDO_FILE"
+    fi
+fi
+
+# Count changes
+COUNT=$(wc -l < "$LOG_FILE" 2>/dev/null || echo 0)
+if [ "$((COUNT % 10))" -eq 0 ] && [ "$COUNT" -gt 0 ]; then
+    echo "Session file changes: $COUNT files modified. Undo: bash $UNDO_FILE" >&2
+fi
+
+exit 0