cc-safe-setup 29.6.40 → 29.8.0

package/tests/test-dangerous-pip-flag-guard.sh

@@ -0,0 +1,56 @@
+#!/bin/bash
+# Tests for dangerous-pip-flag-guard.sh
+# Run: bash tests/test-dangerous-pip-flag-guard.sh
+set -euo pipefail
+
+PASS=0
+FAIL=0
+HOOK="$(dirname "$0")/../examples/dangerous-pip-flag-guard.sh"
+
+test_hook() {
+    local input="$1" expected_exit="$2" desc="$3"
+    local actual_exit=0
+    echo "$input" | bash "$HOOK" > /dev/null 2>/dev/null || actual_exit=$?
+    if [ "$actual_exit" -eq "$expected_exit" ]; then
+        echo "  PASS: $desc"
+        PASS=$((PASS + 1))
+    else
+        echo "  FAIL: $desc (expected exit $expected_exit, got $actual_exit)"
+        FAIL=$((FAIL + 1))
+    fi
+}
+
+echo "dangerous-pip-flag-guard.sh tests"
+echo ""
+
+# --- Block: --break-system-packages ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":"pip install --break-system-packages requests"}}' 2 "Block --break-system-packages"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"pip3 install --break-system-packages numpy"}}' 2 "Block pip3 --break-system-packages"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"pip install requests --break-system-packages"}}' 2 "Block flag after package name"
+
+# --- Block: sudo pip install ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":"sudo pip install flask"}}' 2 "Block sudo pip install"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"sudo pip3 install django"}}' 2 "Block sudo pip3 install"
+
+# --- Block: targeting system directories ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":"pip install --target=/usr/lib/python3/dist-packages requests"}}' 2 "Block install to /usr/lib"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"pip install --target /opt/python/lib requests"}}' 2 "Block install to /opt"
+
+# --- Allow: normal pip install ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":"pip install requests"}}' 0 "Allow normal pip install"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"pip install --user requests"}}' 0 "Allow --user install"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"pip install -r requirements.txt"}}' 0 "Allow requirements.txt"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"pip3 install flask==2.0"}}' 0 "Allow versioned install"
+
+# --- Allow: non-pip commands ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":"npm install express"}}' 0 "Allow npm install"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"git status"}}' 0 "Allow git status"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"echo hello"}}' 0 "Allow echo"
+
+# --- Allow: empty/missing ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":""}}' 0 "Allow empty command"
+test_hook '{"tool_name":"Bash","tool_input":{}}' 0 "Allow no command"
+
+echo ""
+echo "Results: $PASS passed, $FAIL failed out of $((PASS + FAIL))"
+[ "$FAIL" -eq 0 ] && echo "ALL TESTS PASSED" || exit 1

package/tests/test-dotfile-protection-guard.sh

@@ -0,0 +1,68 @@
+#!/bin/bash
+# Tests for dotfile-protection-guard.sh
+# Run: bash tests/test-dotfile-protection-guard.sh
+set -euo pipefail
+
+PASS=0
+FAIL=0
+HOOK="$(dirname "$0")/../examples/dotfile-protection-guard.sh"
+
+test_hook() {
+    local input="$1" expected_exit="$2" desc="$3"
+    local actual_exit=0
+    echo "$input" | bash "$HOOK" > /dev/null 2>/dev/null || actual_exit=$?
+    if [ "$actual_exit" -eq "$expected_exit" ]; then
+        echo "  PASS: $desc"
+        PASS=$((PASS + 1))
+    else
+        echo "  FAIL: $desc (expected exit $expected_exit, got $actual_exit)"
+        FAIL=$((FAIL + 1))
+    fi
+}
+
+echo "dotfile-protection-guard.sh tests"
+echo ""
+
+# --- Block: Shell config files ---
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.bashrc\"}}" 2 "Block Write to .bashrc"
+test_hook "{\"tool_name\":\"Edit\",\"tool_input\":{\"file_path\":\"$HOME/.zshrc\"}}" 2 "Block Edit to .zshrc"
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.bash_profile\"}}" 2 "Block Write to .bash_profile"
+test_hook "{\"tool_name\":\"Edit\",\"tool_input\":{\"file_path\":\"$HOME/.profile\"}}" 2 "Block Edit to .profile"
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.zshenv\"}}" 2 "Block Write to .zshenv"
+
+# --- Block: SSH ---
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.ssh/id_rsa\"}}" 2 "Block Write to .ssh/id_rsa"
+test_hook "{\"tool_name\":\"Edit\",\"tool_input\":{\"file_path\":\"$HOME/.ssh/config\"}}" 2 "Block Edit to .ssh/config"
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.ssh/authorized_keys\"}}" 2 "Block Write to .ssh/authorized_keys"
+
+# --- Block: Git credentials ---
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.git-credentials\"}}" 2 "Block Write to .git-credentials"
+test_hook "{\"tool_name\":\"Edit\",\"tool_input\":{\"file_path\":\"$HOME/.gitconfig\"}}" 2 "Block Edit to .gitconfig"
+
+# --- Block: Other credentials ---
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.npmrc\"}}" 2 "Block Write to .npmrc"
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.aws/credentials\"}}" 2 "Block Write to .aws/credentials"
+test_hook "{\"tool_name\":\"Edit\",\"tool_input\":{\"file_path\":\"$HOME/.config/gh/hosts.yml\"}}" 2 "Block Edit to gh hosts.yml"
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.netrc\"}}" 2 "Block Write to .netrc"
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.docker/config.json\"}}" 2 "Block Write to docker config"
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.kube/config\"}}" 2 "Block Write to kube config"
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.gnupg/trustdb.gpg\"}}" 2 "Block Write to gnupg"
+
+# --- Allow: Claude Code config ---
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"$HOME/.claude/settings.json\"}}" 0 "Allow Write to .claude/settings.json"
+test_hook "{\"tool_name\":\"Edit\",\"tool_input\":{\"file_path\":\"$HOME/.claude/CLAUDE.md\"}}" 0 "Allow Edit to .claude/CLAUDE.md"
+
+# --- Allow: Project files ---
+test_hook '{"tool_name":"Write","tool_input":{"file_path":"/home/user/project/src/main.py"}}' 0 "Allow Write to project file"
+test_hook '{"tool_name":"Edit","tool_input":{"file_path":"./README.md"}}' 0 "Allow Edit to relative path"
+
+# --- Allow: Empty input ---
+test_hook '{}' 0 "Allow empty input"
+test_hook '{"tool_name":"Write","tool_input":{}}' 0 "Allow missing file_path"
+
+# --- Block: Tilde expansion ---
+test_hook "{\"tool_name\":\"Write\",\"tool_input\":{\"file_path\":\"~/.bashrc\"}}" 2 "Block Write to ~/.bashrc (tilde)"
+
+echo ""
+echo "Results: $PASS passed, $FAIL failed out of $((PASS + FAIL)) tests"
+[ "$FAIL" -eq 0 ] && exit 0 || exit 1

package/tests/test-effort-tracking-logger.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+# Tests for effort-tracking-logger.sh
+HOOK="examples/effort-tracking-logger.sh"
+PASS=0 FAIL=0
+
+assert_contains() { if echo "$2" | grep -q "$3"; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: $1 (expected '$3')"; fi; }
+assert_exit() { if [ "$2" -eq "$3" ]; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: $1 (exit $2, expected $3)"; fi; }
+
+LOG_DIR="${HOME}/.claude/effort-log"
+LOG_FILE="$LOG_DIR/$(date +%Y-%m-%d).jsonl"
+rm -rf "$LOG_DIR"
+
+# Test 1: Creates log directory
+echo '{"tool_name":"Bash","was_error":"false"}' | bash "$HOOK" 2>&1
+RC=$?
+assert_exit "exit 0" "$RC" 0
+if [ -d "$LOG_DIR" ]; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: log dir not created"; fi
+
+# Test 2: Log file created with valid JSONL
+if [ -f "$LOG_FILE" ]; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: log file not created"; fi
+ENTRY=$(cat "$LOG_FILE")
+assert_contains "has timestamp" "$ENTRY" "timestamp"
+assert_contains "has tool name" "$ENTRY" "Bash"
+assert_contains "has error field" "$ENTRY" "error"
+
+# Test 3: Valid JSON
+python3 -c "import json; json.loads(open('$LOG_FILE').read().strip())" 2>/dev/null
+if [ $? -eq 0 ]; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: invalid JSON"; fi
+
+# Test 4: Multiple entries appended
+echo '{"tool_name":"Read","was_error":"false"}' | bash "$HOOK" 2>&1
+echo '{"tool_name":"Edit","was_error":"true"}' | bash "$HOOK" 2>&1
+LINES=$(wc -l < "$LOG_FILE")
+if [ "$LINES" -eq 3 ]; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: expected 3 lines, got $LINES"; fi
+
+# Test 5: Error field correctly parsed
+LAST=$(tail -1 "$LOG_FILE")
+assert_contains "error=true parsed" "$LAST" '"error": true'
+
+# Test 6: Tool name correctly parsed
+SECOND=$(sed -n '2p' "$LOG_FILE")
+assert_contains "Read tool name" "$SECOND" '"tool": "Read"'
+
+# Test 7: Unknown tool handled
+echo '{}' | bash "$HOOK" 2>&1
+RC=$?
+assert_exit "unknown tool exit 0" "$RC" 0
+LAST=$(tail -1 "$LOG_FILE")
+assert_contains "unknown tool logged" "$LAST" "unknown"
+
+# Cleanup
+rm -rf "$LOG_DIR"
+
+echo "effort-tracking-logger: $PASS passed, $FAIL failed"
+exit $FAIL

package/tests/test-exploration-budget-guard.sh

@@ -0,0 +1,164 @@
+#!/bin/bash
+# Tests for exploration-budget-guard.sh
+set -euo pipefail
+
+HOOK="$(dirname "$0")/../examples/exploration-budget-guard.sh"
+PASS=0
+FAIL=0
+STATE_FILE="/tmp/.cc-exploration-budget/exploration-count"
+
+setup() {
+    rm -f "$STATE_FILE"
+    mkdir -p /tmp/.cc-exploration-budget
+}
+
+run_hook() {
+    echo "$1" | bash "$HOOK" 2>&1 || true
+}
+
+assert_pass() {
+    local desc="$1"
+    local input="$2"
+    output=$(echo "$input" | bash "$HOOK" 2>&1) && rc=0 || rc=$?
+    if [ "$rc" -eq 0 ] && ! echo "$output" | grep -q "WARNING\|BLOCKED"; then
+        PASS=$((PASS + 1))
+        echo "  PASS: $desc"
+    else
+        FAIL=$((FAIL + 1))
+        echo "  FAIL: $desc (expected clean pass, rc=$rc)"
+        echo "    output: $output"
+    fi
+}
+
+assert_warn() {
+    local desc="$1"
+    local input="$2"
+    output=$(echo "$input" | bash "$HOOK" 2>&1) && rc=0 || rc=$?
+    if [ $rc -eq 0 ] && echo "$output" | grep -q "WARNING"; then
+        PASS=$((PASS + 1))
+        echo "  PASS: $desc"
+    else
+        FAIL=$((FAIL + 1))
+        echo "  FAIL: $desc (expected warning, rc=$rc)"
+        echo "    output: $output"
+    fi
+}
+
+assert_block() {
+    local desc="$1"
+    local input="$2"
+    output=$(echo "$input" | bash "$HOOK" 2>&1) && rc=0 || rc=$?
+    if [ $rc -eq 2 ] && echo "$output" | grep -q "BLOCKED"; then
+        PASS=$((PASS + 1))
+        echo "  PASS: $desc"
+    else
+        FAIL=$((FAIL + 1))
+        echo "  FAIL: $desc (expected block, rc=$rc)"
+        echo "    output: $output"
+    fi
+}
+
+READ_INPUT='{"tool_name":"Read","tool_input":{"file_path":"/tmp/test.txt"}}'
+GLOB_INPUT='{"tool_name":"Glob","tool_input":{"pattern":"*.ts"}}'
+GREP_INPUT='{"tool_name":"Grep","tool_input":{"pattern":"foo"}}'
+EDIT_INPUT='{"tool_name":"Edit","tool_input":{"file_path":"/tmp/test.txt","old_string":"a","new_string":"b"}}'
+WRITE_INPUT='{"tool_name":"Write","tool_input":{"file_path":"/tmp/test.txt","content":"hello"}}'
+OTHER_INPUT='{"tool_name":"Bash","tool_input":{"command":"ls"}}'
+
+echo "=== exploration-budget-guard tests ==="
+
+# Test 1: Single read passes
+setup
+assert_pass "single Read passes" "$READ_INPUT"
+
+# Test 2: Non-tracked tool passes
+setup
+assert_pass "Bash is not tracked" "$OTHER_INPUT"
+
+# Test 3: Edit resets counter
+setup
+for i in $(seq 1 20); do
+    echo "$READ_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+echo "$EDIT_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+assert_pass "Read after Edit reset passes" "$READ_INPUT"
+
+# Test 4: Write resets counter
+setup
+for i in $(seq 1 20); do
+    echo "$READ_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+echo "$WRITE_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+assert_pass "Read after Write reset passes" "$READ_INPUT"
+
+# Test 5: Warning at threshold
+setup
+for i in $(seq 1 24); do
+    echo "$READ_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+assert_warn "warns at 25 reads" "$READ_INPUT"
+
+# Test 6: Different read tools count together
+setup
+for i in $(seq 1 8); do
+    echo "$READ_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+    echo "$GLOB_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+    echo "$GREP_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+assert_warn "mixed read tools warn at 25" "$READ_INPUT"
+
+# Test 7: Block at 40
+setup
+for i in $(seq 1 39); do
+    echo "$READ_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+assert_block "blocks at 40 reads" "$READ_INPUT"
+
+# Test 8: Block shows count
+setup
+for i in $(seq 1 41); do
+    echo "$READ_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+output=$(echo "$READ_INPUT" | bash "$HOOK" 2>&1 || true)
+if echo "$output" | grep -q "EXCEEDED"; then
+    PASS=$((PASS + 1))
+    echo "  PASS: block message shows EXCEEDED"
+else
+    FAIL=$((FAIL + 1))
+    echo "  FAIL: block message should show EXCEEDED"
+fi
+
+# Test 9: Timeout reset (simulate 11 min gap)
+setup
+for i in $(seq 1 30); do
+    echo "$READ_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+# Fake old timestamp
+echo "30 $(($(date +%s) - 700))" > "$STATE_FILE"
+assert_pass "resets after 10min gap" "$READ_INPUT"
+
+# Test 10: Glob passes normally
+setup
+assert_pass "single Glob passes" "$GLOB_INPUT"
+
+# Test 11: Grep passes normally
+setup
+assert_pass "single Grep passes" "$GREP_INPUT"
+
+# Test 12: Counter persists across different read tools
+setup
+for i in $(seq 1 10); do
+    echo "$READ_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+for i in $(seq 1 10); do
+    echo "$GLOB_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+for i in $(seq 1 5); do
+    echo "$GREP_INPUT" | bash "$HOOK" >/dev/null 2>&1 || true
+done
+# Count should be 25 now
+assert_warn "warns at 25 mixed reads" "$GREP_INPUT"
+
+echo ""
+echo "Results: $PASS passed, $FAIL failed out of $((PASS + FAIL)) tests"
+[ "$FAIL" -eq 0 ] && exit 0 || exit 1

package/tests/test-financial-operation-guard.sh

@@ -0,0 +1,59 @@
+#!/bin/bash
+# Tests for financial-operation-guard.sh
+# Run: bash tests/test-financial-operation-guard.sh
+set -euo pipefail
+
+PASS=0
+FAIL=0
+HOOK="$(dirname "$0")/../examples/financial-operation-guard.sh"
+
+test_hook() {
+    local input="$1" expected_exit="$2" desc="$3"
+    local actual_exit=0
+    echo "$input" | bash "$HOOK" > /dev/null 2>/dev/null || actual_exit=$?
+    if [ "$actual_exit" -eq "$expected_exit" ]; then
+        echo "  PASS: $desc"
+        PASS=$((PASS + 1))
+    else
+        echo "  FAIL: $desc (expected exit $expected_exit, got $actual_exit)"
+        FAIL=$((FAIL + 1))
+    fi
+}
+
+echo "financial-operation-guard.sh tests"
+echo ""
+
+# --- Block: Exchange API calls (#46828 pattern) ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":"python3 -c \"ex.transfer(USDT, 1446.65, spot, swap)\" bitget"}}' 2 "Block Bitget fund transfer (#46828 exact pattern)"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"curl https://api.binance.com/api/v3/order -X POST"}}' 2 "Block Binance order API"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"python3 trade.py --exchange bybit --withdraw 500"}}' 2 "Block Bybit withdrawal"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"ccxt kraken transfer USDT from spot to futures"}}' 2 "Block Kraken transfer via ccxt"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"python3 -c \"coinbase.create_order(symbol, side, amount)\""}}' 2 "Block Coinbase order"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"curl -X POST https://api.okx.com/api/v5/trade/order"}}' 2 "Block OKX trade order"
+
+# --- Block: Generic crypto transfers ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":"python3 -c \"transfer(USDT, 1000, wallet_a, wallet_b)\""}}' 2 "Block USDT transfer"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"send_eth --to 0xabc --amount 5 --wallet main"}}' 2 "Block ETH send"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"python3 withdraw_btc.py --balance 0.5"}}' 2 "Block BTC withdrawal"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"python3 -c \"swap(usdc, 500, from_wallet)\""}}' 2 "Block USDC swap"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"bridge sol from mainnet to polygon --funds 100"}}' 2 "Block SOL bridge"
+
+# --- Block: Payment processor operations ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":"curl -X POST https://api.stripe.com/v1/charges -d amount=5000"}}' 2 "Block Stripe charge"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"python3 -c \"stripe.Transfer.create(amount=1000)\""}}' 2 "Block Stripe transfer"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"paypal-cli send payment --to user@email.com --amount 200"}}' 2 "Block PayPal payment"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"python3 -c \"square.payments.create_payment(body)\""}}' 2 "Block Square payment"
+
+# --- Allow: Safe operations ---
+test_hook '{"tool_name":"Bash","tool_input":{"command":"curl https://api.example.com/data"}}' 0 "Allow normal API call"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"python3 analyze_trades.py --read-only"}}' 0 "Allow read-only trade analysis"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"cat balance.txt"}}' 0 "Allow reading balance file"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"echo transfer complete"}}' 0 "Allow echo containing transfer"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"git push origin main"}}' 0 "Allow git push"
+test_hook '{"tool_name":"Bash","tool_input":{"command":"npm install stripe"}}' 0 "Allow npm install stripe (not an operation)"
+test_hook '{}' 0 "Allow empty input"
+test_hook '{"tool_name":"Bash","tool_input":{}}' 0 "Allow no command"
+
+echo ""
+echo "Results: $PASS passed, $FAIL failed out of $((PASS + FAIL)) tests"
+[ "$FAIL" -eq 0 ] && exit 0 || exit 1

package/tests/test-home-critical-bash-guard.sh

@@ -0,0 +1,59 @@
+#!/bin/bash
+# Tests for home-critical-bash-guard.sh
+# Run: bash tests/test-home-critical-bash-guard.sh
+set -euo pipefail
+
+PASS=0
+FAIL=0
+HOOK="$(dirname "$0")/../examples/home-critical-bash-guard.sh"
+
+test_hook() {
+    local input="$1" expected_exit="$2" desc="$3"
+    local actual_exit=0
+    echo "$input" | bash "$HOOK" > /dev/null 2>/dev/null || actual_exit=$?
+    if [ "$actual_exit" -eq "$expected_exit" ]; then
+        echo "  PASS: $desc"
+        PASS=$((PASS + 1))
+    else
+        echo "  FAIL: $desc (expected exit $expected_exit, got $actual_exit)"
+        FAIL=$((FAIL + 1))
+    fi
+}
+
+echo "home-critical-bash-guard.sh tests"
+echo ""
+
+# --- Block: rm on critical paths ---
+test_hook "{\"tool_input\":{\"command\":\"rm -rf $HOME/.ssh\"}}" 2 "Block rm -rf ~/.ssh"
+test_hook "{\"tool_input\":{\"command\":\"rm $HOME/.git-credentials\"}}" 2 "Block rm ~/.git-credentials"
+test_hook "{\"tool_input\":{\"command\":\"rm -f $HOME/.bashrc\"}}" 2 "Block rm ~/.bashrc"
+test_hook "{\"tool_input\":{\"command\":\"sudo rm $HOME/.zshrc\"}}" 2 "Block sudo rm ~/.zshrc"
+test_hook "{\"tool_input\":{\"command\":\"rm $HOME/.npmrc\"}}" 2 "Block rm ~/.npmrc"
+test_hook "{\"tool_input\":{\"command\":\"rm -rf $HOME/.gnupg\"}}" 2 "Block rm -rf ~/.gnupg"
+test_hook "{\"tool_input\":{\"command\":\"rm $HOME/.aws/credentials\"}}" 2 "Block rm ~/.aws/credentials"
+
+# --- Block: mv on critical paths ---
+test_hook "{\"tool_input\":{\"command\":\"mv $HOME/.bashrc /tmp/\"}}" 2 "Block mv ~/.bashrc"
+test_hook "{\"tool_input\":{\"command\":\"mv $HOME/.ssh/config /tmp/bak\"}}" 2 "Block mv ~/.ssh/config"
+
+# --- Block: Truncation via redirect ---
+test_hook "{\"tool_input\":{\"command\":\"> $HOME/.bashrc\"}}" 2 "Block > ~/.bashrc truncation"
+test_hook "{\"tool_input\":{\"command\":\"echo '' > $HOME/.zshrc\"}}" 2 "Block echo > ~/.zshrc"
+
+# --- Block: chmod 777 on critical files ---
+test_hook "{\"tool_input\":{\"command\":\"chmod 777 $HOME/.ssh/id_rsa\"}}" 2 "Block chmod 777 on .ssh/id_rsa"
+
+# --- Allow: Safe commands ---
+test_hook '{"tool_input":{"command":"rm -rf node_modules"}}' 0 "Allow rm node_modules"
+test_hook '{"tool_input":{"command":"rm /tmp/test.txt"}}' 0 "Allow rm in /tmp"
+test_hook '{"tool_input":{"command":"ls -la ~/.ssh"}}' 0 "Allow ls on .ssh (read-only)"
+test_hook '{"tool_input":{"command":"cat ~/.bashrc"}}' 0 "Allow cat on .bashrc (read-only)"
+test_hook '{"tool_input":{"command":"git status"}}' 0 "Allow git commands"
+
+# --- Allow: Empty input ---
+test_hook '{}' 0 "Allow empty input"
+test_hook '{"tool_input":{}}' 0 "Allow missing command"
+
+echo ""
+echo "Results: $PASS passed, $FAIL failed out of $((PASS + FAIL)) tests"
+[ "$FAIL" -eq 0 ] && exit 0 || exit 1

package/tests/test-model-version-change-alert.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+# Tests for model-version-change-alert.sh
+HOOK="examples/model-version-change-alert.sh"
+PASS=0 FAIL=0
+
+assert_contains() { if echo "$2" | grep -q "$3"; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: $1 (expected '$3')"; fi; }
+assert_not_contains() { if ! echo "$2" | grep -q "$3"; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: $1 (unexpected '$3')"; fi; }
+assert_exit() { if [ "$2" -eq "$3" ]; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: $1 (exit $2, expected $3)"; fi; }
+
+HISTORY="/tmp/cc-model-version-history"
+rm -f "$HISTORY"
+
+# Test 1: First run (no history) — no alert
+OUT=$(CLAUDE_MODEL="opus-4.7" bash "$HOOK" 2>&1)
+RC=$?
+assert_not_contains "first run should not alert" "$OUT" "MODEL CHANGED"
+assert_exit "first run exit 0" "$RC" 0
+
+# Test 2: Same model — no alert
+OUT=$(CLAUDE_MODEL="opus-4.7" bash "$HOOK" 2>&1)
+assert_not_contains "same model no alert" "$OUT" "MODEL CHANGED"
+
+# Test 3: Model changed — should alert
+OUT=$(CLAUDE_MODEL="opus-4.6" bash "$HOOK" 2>&1)
+assert_contains "model change should alert" "$OUT" "MODEL CHANGED"
+assert_contains "should show old model" "$OUT" "opus-4.7"
+assert_contains "should show new model" "$OUT" "opus-4.6"
+assert_contains "should reference issue" "$OUT" "#49689"
+
+# Test 4: Exit code always 0
+RC=$?
+assert_exit "exit 0 on alert" "$RC" 0
+
+# Test 5: Unknown model — no update, no alert
+echo "opus-4.7" > "$HISTORY"
+OUT=$(bash "$HOOK" 2>&1)  # No CLAUDE_MODEL set
+assert_not_contains "unknown model no alert" "$OUT" "MODEL CHANGED"
+
+# Test 6: History file is updated correctly
+echo "opus-4.6" > "$HISTORY"
+CLAUDE_MODEL="opus-4.7" bash "$HOOK" > /dev/null 2>&1
+STORED=$(cat "$HISTORY")
+if [ "$STORED" = "opus-4.7" ]; then PASS=$((PASS+1)); else FAIL=$((FAIL+1)); echo "FAIL: history should store new model (got $STORED)"; fi
+
+# Test 7: Back-to-back changes detected
+CLAUDE_MODEL="sonnet-4.5" bash "$HOOK" > /dev/null 2>&1
+OUT=$(CLAUDE_MODEL="haiku-4.5" bash "$HOOK" 2>&1)
+assert_contains "sequential change detected" "$OUT" "MODEL CHANGED"
+assert_contains "shows sonnet" "$OUT" "sonnet-4.5"
+
+# Cleanup
+rm -f "$HISTORY"
+
+echo "model-version-change-alert: $PASS passed, $FAIL failed"
+exit $FAIL

package/tests/test-move-delete-sequence-guard.sh

@@ -0,0 +1,63 @@
+#!/bin/bash
+# Tests for move-delete-sequence-guard.sh
+# Run: bash tests/test-move-delete-sequence-guard.sh
+set -euo pipefail
+
+PASS=0
+FAIL=0
+HOOK="$(dirname "$0")/../examples/move-delete-sequence-guard.sh"
+
+test_hook() {
+    local input="$1" expected_exit="$2" desc="$3"
+    local actual_exit=0
+    echo "$input" | bash "$HOOK" > /dev/null 2>/dev/null || actual_exit=$?
+    if [ "$actual_exit" -eq "$expected_exit" ]; then
+        echo "  PASS: $desc"
+        PASS=$((PASS + 1))
+    else
+        echo "  FAIL: $desc (expected exit $expected_exit, got $actual_exit)"
+        FAIL=$((FAIL + 1))
+    fi
+}
+
+echo "move-delete-sequence-guard.sh tests"
+echo ""
+
+# --- Block: mv + rm -rf on parent directory (#49129 pattern) ---
+test_hook '{"tool_input":{"command":"mv /home/user/project/important.txt /tmp/ && rm -rf /home/user/project"}}' 2 "Block mv file then rm -rf parent (&&)"
+test_hook '{"tool_input":{"command":"mv /home/user/project/src/main.py /tmp/backup/ ; rm -rf /home/user/project/src"}}' 2 "Block mv file then rm -rf parent (;)"
+test_hook '{"tool_input":{"command":"mv /data/app/config.yml /tmp/ || rm -rf /data/app"}}' 2 "Block mv file then rm -rf parent (||)"
+
+# --- Block: mv + rm -rf on same path ---
+test_hook '{"tool_input":{"command":"mv /home/user/mydir /tmp/backup && rm -rf /home/user/mydir"}}' 2 "Block mv dir then rm -rf same dir"
+
+# --- Block: mv + rm -rf on ancestor directory ---
+test_hook '{"tool_input":{"command":"mv /home/user/project/src/lib/util.py /tmp/ && rm -rf /home/user/project"}}' 2 "Block mv file then rm -rf ancestor"
+test_hook '{"tool_input":{"command":"mv /var/data/app/logs/today.log /tmp/ ; rm -rf /var/data"}}' 2 "Block mv file then rm -rf distant ancestor"
+
+# --- Allow: mv and rm on unrelated paths ---
+test_hook '{"tool_input":{"command":"mv /tmp/old.txt /tmp/new.txt && rm /var/log/app.log"}}' 0 "Allow mv and rm on unrelated paths"
+test_hook '{"tool_input":{"command":"mv file.txt backup/ && rm other_file.txt"}}' 0 "Allow mv and rm on different files"
+
+# --- Allow: mv only (no rm) ---
+test_hook '{"tool_input":{"command":"mv /home/user/file.txt /tmp/"}}' 0 "Allow mv without rm"
+
+# --- Allow: rm only (no mv) ---
+test_hook '{"tool_input":{"command":"rm -rf /tmp/junk"}}' 0 "Allow rm without mv"
+
+# --- Allow: Empty/missing input ---
+test_hook '{}' 0 "Allow empty input"
+test_hook '{"tool_input":{}}' 0 "Allow missing command"
+test_hook '{"tool_input":{"command":""}}' 0 "Allow empty command"
+
+# --- Allow: Safe operations ---
+test_hook '{"tool_input":{"command":"ls -la && echo done"}}' 0 "Allow non-destructive compound command"
+test_hook '{"tool_input":{"command":"git mv old.txt new.txt"}}' 0 "Allow git mv (no rm)"
+
+# --- Block: Real-world attack patterns ---
+test_hook '{"tool_input":{"command":"mv /home/user/projects/webapp/src/index.js /tmp/safe/ && rm -rf /home/user/projects/webapp/src"}}' 2 "Block real-world: save one file, delete rest of src"
+test_hook '{"tool_input":{"command":"mv /home/user/data/important.db /tmp/ ; rm -r /home/user/data"}}' 2 "Block real-world: save DB, delete data dir"
+
+echo ""
+echo "Results: $PASS passed, $FAIL failed out of $((PASS + FAIL)) tests"
+[ "$FAIL" -eq 0 ] && exit 0 || exit 1

package/tests/test-pr-duplicate-guard.sh

@@ -0,0 +1,29 @@
+set -euo pipefail
+PASS=0
+FAIL=0
+HOOK="$(dirname "$0")/../examples/pr-duplicate-guard.sh"
+test_hook() {
+    local input="$1" expected_exit="$2" desc="$3"
+    local actual_exit=0
+    echo "$input" | bash "$HOOK" > /dev/null 2>/dev/null || actual_exit=$?
+    if [ "$actual_exit" -eq "$expected_exit" ]; then
+        echo "  PASS: $desc"
+        PASS=$((PASS + 1))
+    else
+        echo "  FAIL: $desc (expected exit $expected_exit, got $actual_exit)"
+        FAIL=$((FAIL + 1))
+    fi
+}
+echo "=== pr-duplicate-guard.sh ==="
+test_hook '{"tool_input":{"command":"git push origin main"}}' 0 "git push passes through"
+test_hook '{"tool_input":{"command":"npm publish"}}' 0 "npm publish passes through"
+test_hook '{"tool_input":{"command":"echo hello"}}' 0 "echo passes through"
+test_hook '{"tool_input":{"command":"gh pr list"}}' 0 "gh pr list passes through"
+test_hook '{"tool_input":{"command":"gh pr view 123"}}' 0 "gh pr view passes through"
+test_hook '{"tool_input":{"command":"gh issue create --title test"}}' 0 "gh issue create passes through"
+test_hook '{"tool_input":{"command":"gh pr create --title \"test\" --body \"test\""}}' 0 "gh pr create on unique branch passes"
+test_hook '{}' 0 "empty input passes"
+test_hook '' 0 "blank input passes"
+echo ""
+echo "Results: $PASS passed, $FAIL failed"
+[ "$FAIL" -eq 0 ] && exit 0 || exit 1