cc-safe-setup 7.3.0 → 7.4.0

package/examples/disk-space-guard.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+# ================================================================
+# disk-space-guard.sh — Warn when disk space is running low
+# ================================================================
+# PURPOSE:
+#   Long Claude Code sessions can generate large files, logs, and
+#   build artifacts. This hook warns before writes when disk space
+#   is below a threshold.
+#
+# TRIGGER: PreToolUse  MATCHER: "Write|Bash"
+#
+# CONFIG:
+#   CC_DISK_WARN_PCT=90  (warn at this percentage used)
+# ================================================================
+
+WARN_PCT="${CC_DISK_WARN_PCT:-90}"
+
+# Check disk usage (percentage used on the working directory's partition)
+USAGE=$(df --output=pcent . 2>/dev/null | tail -1 | tr -d ' %')
+[ -z "$USAGE" ] && exit 0
+
+if [ "$USAGE" -ge "$WARN_PCT" ]; then
+    AVAIL=$(df -h --output=avail . 2>/dev/null | tail -1 | tr -d ' ')
+    echo "WARNING: Disk usage is ${USAGE}% (${AVAIL} available)." >&2
+    echo "Consider cleaning up build artifacts, logs, or /tmp files." >&2
+fi
+
+exit 0

package/examples/memory-write-guard.sh

@@ -0,0 +1,40 @@
+#!/bin/bash
+# ================================================================
+# memory-write-guard.sh — Log writes to ~/.claude/ directory
+# ================================================================
+# PURPOSE:
+#   Claude auto-writes to ~/.claude/projects/*/memory/ without
+#   user visibility. This hook logs all writes to ~/.claude/ paths
+#   so users know what's being stored.
+#
+# TRIGGER: PreToolUse  MATCHER: "Write|Edit"
+#
+# Born from: https://github.com/anthropics/claude-code/issues/38040
+#   "No way to enforce approval on all file modifications"
+# ================================================================
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[ -z "$FILE" ] && exit 0
+
+# Check if targeting ~/.claude/
+case "$FILE" in
+    */.claude/*|~/.claude/*)
+        # Log the write
+        LOG="$HOME/.claude/memory-writes.log"
+        echo "[$(date -Iseconds)] Write to: $FILE" >> "$LOG" 2>/dev/null
+
+        # Only warn (don't block) — memory writes are usually intentional
+        echo "NOTE: Writing to Claude config directory: $FILE" >&2
+
+        # Block writes to settings.json unless explicitly allowed
+        case "$FILE" in
+            */settings.json|*/settings.local.json)
+                echo "WARNING: Modifying Claude Code settings file." >&2
+                echo "Verify this change is intentional." >&2
+                ;;
+        esac
+        ;;
+esac
+
+exit 0

package/examples/overwrite-guard.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+# ================================================================
+# overwrite-guard.sh — Warn before overwriting existing files
+# ================================================================
+# PURPOSE:
+#   Claude's Write tool can silently overwrite files without
+#   confirmation. This hook warns when a Write targets a file
+#   that already exists, giving visibility into potential data loss.
+#
+# TRIGGER: PreToolUse  MATCHER: "Write"
+#
+# Born from: https://github.com/anthropics/claude-code/issues/37595
+#   "/export overwrites existing files without warning"
+# ================================================================
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[ -z "$FILE" ] && exit 0
+
+# Expand ~ to home directory
+FILE="${FILE/#\~/$HOME}"
+
+if [ -f "$FILE" ]; then
+    SIZE=$(wc -c < "$FILE" 2>/dev/null || echo 0)
+    if [ "$SIZE" -gt 0 ]; then
+        LINES=$(wc -l < "$FILE" 2>/dev/null || echo 0)
+        echo "WARNING: Overwriting existing file: $FILE ($LINES lines, $SIZE bytes)" >&2
+        echo "Use Edit tool instead to make targeted changes." >&2
+    fi
+fi
+
+exit 0

package/examples/prompt-injection-guard.sh

@@ -0,0 +1,51 @@
+#!/bin/bash
+# ================================================================
+# prompt-injection-guard.sh — Detect prompt injection in tool output
+# ================================================================
+# PURPOSE:
+#   When Claude reads files or fetches web content, malicious
+#   instructions can be injected. This hook warns when tool output
+#   contains common prompt injection patterns.
+#
+# TRIGGER: PostToolUse  MATCHER: ""
+#
+# Born from: https://github.com/anthropics/claude-code/issues/38046
+#   "Prompt Injection in /insights output"
+# ================================================================
+
+INPUT=$(cat)
+OUTPUT=$(echo "$INPUT" | jq -r '.tool_result // empty' 2>/dev/null)
+[ -z "$OUTPUT" ] && exit 0
+
+# Check for common prompt injection patterns
+SUSPICIOUS=0
+
+# "Ignore previous instructions" pattern
+if echo "$OUTPUT" | grep -qiE 'ignore\s+(all\s+)?previous\s+instructions'; then
+    echo "WARNING: Possible prompt injection detected: 'ignore previous instructions'" >&2
+    SUSPICIOUS=1
+fi
+
+# "You are now" role reassignment
+if echo "$OUTPUT" | grep -qiE 'you\s+are\s+now\s+(a|an)\s+'; then
+    echo "WARNING: Possible prompt injection detected: role reassignment" >&2
+    SUSPICIOUS=1
+fi
+
+# "System prompt" manipulation
+if echo "$OUTPUT" | grep -qiE '(new|updated|override)\s+system\s+prompt'; then
+    echo "WARNING: Possible prompt injection detected: system prompt override" >&2
+    SUSPICIOUS=1
+fi
+
+# Hidden instructions in HTML comments or zero-width chars
+if echo "$OUTPUT" | grep -qP '<!--.*(?:execute|run|delete|remove).*-->'; then
+    echo "WARNING: Possible prompt injection in HTML comment" >&2
+    SUSPICIOUS=1
+fi
+
+if [ "$SUSPICIOUS" -eq 1 ]; then
+    echo "Review the output carefully before acting on it." >&2
+fi
+
+exit 0

package/examples/test-deletion-guard.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+# ================================================================
+# test-deletion-guard.sh — Block deletion of test assertions
+# ================================================================
+# PURPOSE:
+#   Claude sometimes deletes or comments out failing tests instead
+#   of fixing the underlying code. This hook detects when an Edit
+#   to a test file removes test assertions.
+#
+# TRIGGER: PreToolUse  MATCHER: "Edit"
+#
+# Born from: https://github.com/anthropics/claude-code/issues/38050
+#   "Claude skips/deletes tests instead of fixing them"
+# ================================================================
+
+INPUT=$(cat)
+FILE=$(echo "$INPUT" | jq -r '.tool_input.file_path // empty' 2>/dev/null)
+[ -z "$FILE" ] && exit 0
+
+# Only check test files
+case "$FILE" in
+    *test*|*spec*|*__tests__*|*_test.go|*_test.py|*Test.java|*Test.kt)
+        ;;
+    *)
+        exit 0
+        ;;
+esac
+
+OLD=$(echo "$INPUT" | jq -r '.tool_input.old_string // empty' 2>/dev/null)
+NEW=$(echo "$INPUT" | jq -r '.tool_input.new_string // empty' 2>/dev/null)
+[ -z "$OLD" ] && exit 0
+
+# Count test assertions in old vs new
+count_tests() {
+    echo "$1" | grep -cE '(it\(|test\(|describe\(|def test_|#\[test\]|@Test|assert|expect\(|should\b)' 2>/dev/null || echo 0
+}
+
+OLD_COUNT=$(count_tests "$OLD")
+NEW_COUNT=$(count_tests "$NEW")
+
+if [ "$OLD_COUNT" -gt 0 ] && [ "$NEW_COUNT" -lt "$OLD_COUNT" ]; then
+    REMOVED=$((OLD_COUNT - NEW_COUNT))
+    echo "WARNING: This edit removes $REMOVED test assertion(s) from $FILE." >&2
+    echo "If tests are failing, fix the code instead of deleting tests." >&2
+    echo "Old assertions: $OLD_COUNT → New assertions: $NEW_COUNT" >&2
+fi
+
+exit 0

package/examples/uncommitted-work-guard.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+# ================================================================
+# uncommitted-work-guard.sh — Block destructive git when dirty
+# ================================================================
+# PURPOSE:
+#   Claude sometimes runs git checkout --, git reset --hard, or
+#   git stash drop when there are uncommitted changes, destroying
+#   hours of work. This hook checks git status before allowing
+#   destructive git commands.
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
+#
+# Born from: https://github.com/anthropics/claude-code/issues/37888
+#   "Claude runs forbidden destructive git commands, destroys work twice"
+# ================================================================
+
+COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
+[ -z "$COMMAND" ] && exit 0
+
+# Only check destructive git commands
+DESTRUCTIVE=0
+echo "$COMMAND" | grep -qE '\bgit\s+checkout\s+--\s' && DESTRUCTIVE=1
+echo "$COMMAND" | grep -qE '\bgit\s+checkout\s+\.\s*$' && DESTRUCTIVE=1
+echo "$COMMAND" | grep -qE '\bgit\s+restore\s+--staged\s+\.' && DESTRUCTIVE=1
+echo "$COMMAND" | grep -qE '\bgit\s+restore\s+\.\s*$' && DESTRUCTIVE=1
+echo "$COMMAND" | grep -qE '\bgit\s+reset\s+--hard' && DESTRUCTIVE=1
+echo "$COMMAND" | grep -qE '\bgit\s+clean\s+-[a-zA-Z]*f' && DESTRUCTIVE=1
+echo "$COMMAND" | grep -qE '\bgit\s+stash\s+drop' && DESTRUCTIVE=1
+
+[ "$DESTRUCTIVE" -eq 0 ] && exit 0
+
+# Check for uncommitted changes
+DIRTY=$(git status --porcelain 2>/dev/null | head -20)
+if [ -n "$DIRTY" ]; then
+    COUNT=$(echo "$DIRTY" | wc -l)
+    echo "BLOCKED: Destructive git command with $COUNT uncommitted change(s)." >&2
+    echo "Changes that would be lost:" >&2
+    echo "$DIRTY" | head -10 | sed 's/^/  /' >&2
+    [ "$COUNT" -gt 10 ] && echo "  ... and $((COUNT-10)) more" >&2
+    echo "" >&2
+    echo "Commit or stash your changes first, then retry." >&2
+    exit 2
+fi
+
+exit 0

package/examples/verify-before-done.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+# ================================================================
+# verify-before-done.sh — Warn when committing without running tests
+# ================================================================
+# PURPOSE:
+#   Claude Code often declares fixes "done" and commits without
+#   verifying the fix actually works. This hook warns when a commit
+#   is made in a project that has tests, but no test command was
+#   run recently in the session.
+#
+# TRIGGER: PreToolUse  MATCHER: "Bash"
+#
+# Born from: https://github.com/anthropics/claude-code/issues/37818
+#   "Claude repeatedly declares fixes done without verification"
+# ================================================================
+
+COMMAND=$(cat | jq -r '.tool_input.command // empty' 2>/dev/null)
+[ -z "$COMMAND" ] && exit 0
+
+# Only check on git commit
+echo "$COMMAND" | grep -qE '^\s*git\s+commit' || exit 0
+
+# Track test execution via state file
+STATE="/tmp/cc-tests-ran-$(pwd | md5sum | cut -c1-8)"
+
+# Check if tests were run in this session
+if [ ! -f "$STATE" ]; then
+    # Detect if project has tests
+    HAS_TESTS=0
+    [ -f "package.json" ] && grep -q '"test"' package.json 2>/dev/null && HAS_TESTS=1
+    [ -f "pytest.ini" ] || [ -f "setup.cfg" ] || [ -f "pyproject.toml" ] && HAS_TESTS=1
+    [ -f "Cargo.toml" ] && HAS_TESTS=1
+    [ -f "go.mod" ] && HAS_TESTS=1
+    [ -f "Makefile" ] && grep -q 'test:' Makefile 2>/dev/null && HAS_TESTS=1
+
+    if [ "$HAS_TESTS" -eq 1 ]; then
+        echo "WARNING: Committing without running tests first." >&2
+        echo "Run your test suite before committing to verify changes work." >&2
+        echo "To suppress: touch $STATE" >&2
+    fi
+fi
+
+exit 0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cc-safe-setup",
-  "version": "7.3.0",
+  "version": "7.4.0",
   "description": "One command to make Claude Code safe. 59 hooks (8 built-in + 51 examples). 26 CLI commands: dashboard, create, audit, lint, diff, migrate, compare, generate-ci. 284 tests.",
   "main": "index.mjs",
   "bin": {