mobbdev 1.4.0 → 1.4.1

package/dist/index.mjs

@@ -263,10 +263,12 @@ var init_client_generates = __esm({
       IssueType_Enum2["ImproperExceptionHandling"] = "IMPROPER_EXCEPTION_HANDLING";
       IssueType_Enum2["ImproperResourceShutdownOrRelease"] = "IMPROPER_RESOURCE_SHUTDOWN_OR_RELEASE";
       IssueType_Enum2["ImproperStringFormatting"] = "IMPROPER_STRING_FORMATTING";
+      IssueType_Enum2["ImproperValidationOfArrayIndex"] = "IMPROPER_VALIDATION_OF_ARRAY_INDEX";
       IssueType_Enum2["IncompleteHostnameRegex"] = "INCOMPLETE_HOSTNAME_REGEX";
       IssueType_Enum2["IncompleteSanitization"] = "INCOMPLETE_SANITIZATION";
       IssueType_Enum2["IncompleteUrlSanitization"] = "INCOMPLETE_URL_SANITIZATION";
       IssueType_Enum2["IncompleteUrlSchemeCheck"] = "INCOMPLETE_URL_SCHEME_CHECK";
+      IssueType_Enum2["IncorrectIntegerConversion"] = "INCORRECT_INTEGER_CONVERSION";
       IssueType_Enum2["IncorrectSqlApiUsage"] = "INCORRECT_SQL_API_USAGE";
       IssueType_Enum2["InformationExposureViaHeaders"] = "INFORMATION_EXPOSURE_VIA_HEADERS";
       IssueType_Enum2["InsecureBinderConfiguration"] = "INSECURE_BINDER_CONFIGURATION";
@@ -291,6 +293,7 @@ var init_client_generates = __esm({
       IssueType_Enum2["MissingUser"] = "MISSING_USER";
       IssueType_Enum2["MissingWhitespace"] = "MISSING_WHITESPACE";
       IssueType_Enum2["MissingWorkflowPermissions"] = "MISSING_WORKFLOW_PERMISSIONS";
+      IssueType_Enum2["MissingXFrameOptions"] = "MISSING_X_FRAME_OPTIONS";
       IssueType_Enum2["ModifiedDefaultParam"] = "MODIFIED_DEFAULT_PARAM";
       IssueType_Enum2["NonFinalPublicStaticField"] = "NON_FINAL_PUBLIC_STATIC_FIELD";
       IssueType_Enum2["NonReadonlyField"] = "NON_READONLY_FIELD";
@@ -408,6 +411,7 @@ var init_client_generates = __esm({
       return Vulnerability_Report_Issue_Tag_Enum3;
     })(Vulnerability_Report_Issue_Tag_Enum || {});
     Vulnerability_Report_Vendor_Enum = /* @__PURE__ */ ((Vulnerability_Report_Vendor_Enum3) => {
+      Vulnerability_Report_Vendor_Enum3["BlackDuck"] = "blackDuck";
       Vulnerability_Report_Vendor_Enum3["Checkmarx"] = "checkmarx";
       Vulnerability_Report_Vendor_Enum3["CheckmarxXml"] = "checkmarxXml";
       Vulnerability_Report_Vendor_Enum3["Codeql"] = "codeql";
@@ -1467,7 +1471,10 @@ var init_getIssueType = __esm({
       ["REDUNDANT_NIL_ERROR_CHECK" /* RedundantNilErrorCheck */]: "Redundant Nil Error Check",
       ["MISSING_WORKFLOW_PERMISSIONS" /* MissingWorkflowPermissions */]: "Missing Workflow Permissions",
       ["EXCESSIVE_SECRETS_EXPOSURE" /* ExcessiveSecretsExposure */]: "Excessive Secrets Exposure",
-      ["TAINTED_NUMERIC_CAST" /* TaintedNumericCast */]: "Tainted Numeric Cast"
+      ["TAINTED_NUMERIC_CAST" /* TaintedNumericCast */]: "Tainted Numeric Cast",
+      ["MISSING_X_FRAME_OPTIONS" /* MissingXFrameOptions */]: "Missing X-Frame-Options Header",
+      ["IMPROPER_VALIDATION_OF_ARRAY_INDEX" /* ImproperValidationOfArrayIndex */]: "Improper Validation of Array Index",
+      ["INCORRECT_INTEGER_CONVERSION" /* IncorrectIntegerConversion */]: "Incorrect Integer Conversion"
     };
     issueTypeZ = z.nativeEnum(IssueType_Enum);
     getIssueTypeFriendlyString = (issueType) => {
@@ -4660,7 +4667,10 @@ var fixDetailsData = {
   ["REDUNDANT_NIL_ERROR_CHECK" /* RedundantNilErrorCheck */]: void 0,
   ["MISSING_WORKFLOW_PERMISSIONS" /* MissingWorkflowPermissions */]: void 0,
   ["EXCESSIVE_SECRETS_EXPOSURE" /* ExcessiveSecretsExposure */]: void 0,
-  ["TAINTED_NUMERIC_CAST" /* TaintedNumericCast */]: void 0
+  ["TAINTED_NUMERIC_CAST" /* TaintedNumericCast */]: void 0,
+  ["MISSING_X_FRAME_OPTIONS" /* MissingXFrameOptions */]: void 0,
+  ["IMPROPER_VALIDATION_OF_ARRAY_INDEX" /* ImproperValidationOfArrayIndex */]: void 0,
+  ["INCORRECT_INTEGER_CONVERSION" /* IncorrectIntegerConversion */]: void 0
 };
 
 // src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
@@ -5997,6 +6007,19 @@ var headerMaxAge = {
   }
 };
 
+// src/features/analysis/scm/shared/src/storedQuestionData/js/missingXFrameOptions.ts
+var xFrameOptionsValue = {
+  xFrameOptionsValue: {
+    content: () => "Please provide the value for the X-Frame-Options header",
+    description: () => `The \`X-Frame-Options\` HTTP response header tells the browser whether the page is allowed to be rendered inside a \`<frame>\`, \`<iframe>\`, \`<embed>\` or \`<object>\`. Without it, attackers can embed your application in an invisible iframe and trick users into clicking on it \u2014 a class of attacks known as clickjacking (UI redressing).    
+&nbsp;    
+&nbsp;    **Allowed values:**    
+&nbsp;    - \`DENY\` \u2014 the page cannot be framed by any site, including your own. Recommended default for any page that does not need to be embedded.    
+&nbsp;    - \`SAMEORIGIN\` \u2014 the page can only be framed by pages served from the same origin. Use this only if your own application legitimately embeds this page in an iframe.`,
+    guidance: () => ``
+  }
+};
+
 // src/features/analysis/scm/shared/src/storedQuestionData/js/noLimitsOrThrottling.ts
 var noLimitsOrThrottling2 = {
   setGlobalLimiter: {
@@ -6141,6 +6164,7 @@ var vulnerabilities13 = {
   ["UNCHECKED_LOOP_CONDITION" /* UncheckedLoopCondition */]: uncheckedLoopCondition2,
   ["NO_LIMITS_OR_THROTTLING" /* NoLimitsOrThrottling */]: noLimitsOrThrottling2,
   ["MISSING_CSP_HEADER" /* MissingCspHeader */]: cspHeaderValue,
+  ["MISSING_X_FRAME_OPTIONS" /* MissingXFrameOptions */]: xFrameOptionsValue,
   ["HARDCODED_DOMAIN_IN_HTML" /* HardcodedDomainInHtml */]: hardcodedDomainInHtml,
   ["CSRF" /* Csrf */]: csrf2
 };
@@ -6461,6 +6485,13 @@ var ReferenceType = /* @__PURE__ */ ((ReferenceType2) => {
   ReferenceType2["TAG"] = "TAG";
   return ReferenceType2;
 })(ReferenceType || {});
+var GithubFullShaZ = z13.string().regex(/^[a-f0-9]{40}$/);
+var MergedPrSurvivalMetadataZ = z13.object({
+  mergeCommitShas: z13.array(GithubFullShaZ).min(1).refine((shas) => new Set(shas).size === shas.length, {
+    message: "mergeCommitShas must contain unique SHAs"
+  }),
+  targetBranch: z13.string().min(1)
+});
 var ScmLibScmType = /* @__PURE__ */ ((ScmLibScmType2) => {
   ScmLibScmType2["GITHUB"] = "GITHUB";
   ScmLibScmType2["GITLAB"] = "GITLAB";
@@ -7147,7 +7178,7 @@ async function getAdoSdk(params) {
       const url = new URL(repoUrl);
       const origin = url.origin.toLowerCase().endsWith(".visualstudio.com") ? DEFUALT_ADO_ORIGIN : url.origin.toLowerCase();
       const params2 = `path=/&versionDescriptor[versionOptions]=0&versionDescriptor[versionType]=commit&versionDescriptor[version]=${branch}&resolveLfs=true&$format=zip&api-version=5.0&download=true`;
-      const path34 = [
+      const path35 = [
         prefixPath,
         owner,
         projectName,
@@ -7158,7 +7189,7 @@ async function getAdoSdk(params) {
         "items",
         "items"
       ].filter(Boolean).join("/");
-      return new URL(`${path34}?${params2}`, origin).toString();
+      return new URL(`${path35}?${params2}`, origin).toString();
     },
     async getAdoBranchList({ repoUrl }) {
       try {
@@ -7247,8 +7278,8 @@ async function getAdoSdk(params) {
         const changeType = entry.changeType;
         return changeType !== 16 && entry.item?.path;
       }).map((entry) => {
-        const path34 = entry.item.path;
-        return path34.startsWith("/") ? path34.slice(1) : path34;
+        const path35 = entry.item.path;
+        return path35.startsWith("/") ? path35.slice(1) : path35;
       });
     },
     async searchAdoPullRequests({
@@ -7649,6 +7680,12 @@ var SCMLib = class {
   async getPrDataBatch(_repoUrl, _prNumbers) {
     throw new Error("getPrDataBatch not implemented for this SCM provider");
   }
+  /**
+   * GitHub: merge detection for main-branch survival. Other providers return null.
+   */
+  async getMergedPrSurvivalMetadata(_prNumber) {
+    return null;
+  }
   getAccessToken() {
     return this.accessToken || "";
   }
@@ -8910,6 +8947,24 @@ async function encryptSecret(secret, key) {
   return sodium.to_base64(encBytes, sodium.base64_variants.ORIGINAL);
 }
 
+// src/features/analysis/scm/github/utils/mergeCommitShas.ts
+async function commitShasBetweenBaseAndMerge(githubSdk, args) {
+  let compare;
+  try {
+    compare = await githubSdk.compareCommitsBasehead({
+      owner: args.owner,
+      repo: args.repo,
+      basehead: `${args.baseSha}...${args.mergeCommitSha}`
+    });
+  } catch (err) {
+    throw new Error(
+      `Failed to compare commits ${args.baseSha}...${args.mergeCommitSha}: ${err instanceof Error ? err.message : String(err)}`
+    );
+  }
+  const shas = compare.data.commits.map((c) => c.sha);
+  return shas.length > 0 ? shas : [args.mergeCommitSha];
+}
+
 // src/features/analysis/scm/github/utils/utils.ts
 import { Octokit } from "octokit";
 import { fetch as fetch2, ProxyAgent } from "undici";
@@ -9642,6 +9697,12 @@ function getGithubSdk(params = {}) {
       );
       return res;
     },
+    async listPullRequestCommits(params2) {
+      return octokit.rest.pulls.listCommits(params2);
+    },
+    async compareCommitsBasehead(params2) {
+      return octokit.rest.repos.compareCommitsWithBasehead(params2);
+    },
     /**
      * List PRs using GitHub's REST `/repos/{owner}/{repo}/pulls` endpoint.
      * https://docs.github.com/en/rest/pulls/pulls?apiVersion=2022-11-28#list-pull-requests
@@ -10456,6 +10517,34 @@ var GithubSCMLib = class extends SCMLib {
       commentIds
     };
   }
+  /**
+   * Detect merge strategy and SHAs on the target branch for main-branch survival (GitHub only).
+   */
+  async getMergedPrSurvivalMetadata(prNumber) {
+    this._validateAccessTokenAndUrl();
+    const { owner, repo } = parseGithubOwnerAndRepo(this.url);
+    const pr = await this.githubSdk.getPr({
+      owner,
+      repo,
+      pull_number: prNumber
+    });
+    if (pr.data.merged !== true || !pr.data.merge_commit_sha) {
+      return null;
+    }
+    const mergeCommitSha = pr.data.merge_commit_sha;
+    const targetBranch = pr.data.base.ref;
+    const baseSha = pr.data.base.sha;
+    const mergeCommitShas = await commitShasBetweenBaseAndMerge(
+      this.githubSdk,
+      {
+        owner,
+        repo,
+        baseSha,
+        mergeCommitSha
+      }
+    );
+    return { mergeCommitShas, targetBranch };
+  }
 };
 
 // src/features/analysis/scm/gitlab/gitlab.ts
@@ -12462,7 +12551,8 @@ var SCANNERS = {
   Snyk: "snyk",
   Sonarqube: "sonarqube",
   Semgrep: "semgrep",
-  Datadog: "datadog"
+  Datadog: "datadog",
+  BlackDuck: "blackduck"
 };
 var scannerToVulnerabilityReportVendorEnum = {
   [SCANNERS.Checkmarx]: "checkmarx" /* Checkmarx */,
@@ -12471,7 +12561,8 @@ var scannerToVulnerabilityReportVendorEnum = {
   [SCANNERS.Codeql]: "codeql" /* Codeql */,
   [SCANNERS.Fortify]: "fortify" /* Fortify */,
   [SCANNERS.Semgrep]: "semgrep" /* Semgrep */,
-  [SCANNERS.Datadog]: "datadog" /* Datadog */
+  [SCANNERS.Datadog]: "datadog" /* Datadog */,
+  [SCANNERS.BlackDuck]: "blackDuck" /* BlackDuck */
 };
 var SupportedScannersZ = z25.enum([SCANNERS.Checkmarx, SCANNERS.Snyk]);
 var envVariablesSchema = z25.object({
@@ -14890,7 +14981,8 @@ var scannerToFriendlyString = {
   snyk: "Snyk",
   sonarqube: "Sonarqube",
   semgrep: "Semgrep",
-  datadog: "Datadog"
+  datadog: "Datadog",
+  blackduck: "Black Duck"
 };
 
 // src/features/analysis/add_fix_comments_for_pr/utils/buildCommentBody.ts
@@ -15080,7 +15172,7 @@ async function postIssueComment(params) {
     fpDescription
   } = params;
   const {
-    path: path34,
+    path: path35,
     startLine,
     vulnerabilityReportIssue: {
       vulnerabilityReportIssueTags,
@@ -15095,7 +15187,7 @@ async function postIssueComment(params) {
 Refresh the page in order to see the changes.`,
     pull_number: pullRequest,
     commit_id: commitSha,
-    path: path34,
+    path: path35,
     line: startLine
   });
   const commentId = commentRes.data.id;
@@ -15129,7 +15221,7 @@ async function postFixComment(params) {
     scanner
   } = params;
   const {
-    path: path34,
+    path: path35,
     startLine,
     vulnerabilityReportIssue: { fixId, vulnerabilityReportIssueTags, category },
     vulnerabilityReportIssueId
@@ -15147,7 +15239,7 @@ async function postFixComment(params) {
 Refresh the page in order to see the changes.`,
     pull_number: pullRequest,
     commit_id: commitSha,
-    path: path34,
+    path: path35,
     line: startLine
   });
   const commentId = commentRes.data.id;
@@ -16998,7 +17090,7 @@ function analyzeBuilder(yargs2) {
     alias: "scan-file",
     type: "string",
     describe: chalk10.bold(
-      "Select the vulnerability report to analyze (Checkmarx, Snyk, Fortify, CodeQL, Sonarqube, Semgrep, Datadog)"
+      "Select the vulnerability report to analyze (Checkmarx, Snyk, Fortify, CodeQL, Sonarqube, Semgrep, Datadog, Black Duck)"
     )
   }).option("repo", repoOption).option("p", {
     alias: "src-path",
@@ -17069,7 +17161,7 @@ import { spawn } from "child_process";
 
 // src/features/claude_code/daemon.ts
 import { readFileSync, writeFileSync as writeFileSync2 } from "fs";
-import path21 from "path";
+import path22 from "path";
 import { setTimeout as sleep2 } from "timers/promises";
 import Configstore3 from "configstore";
 
@@ -17083,6 +17175,10 @@ var KILL_SWITCH_ENV = "MOBB_TRACY_SKILL_QUARANTINE_DISABLE";
 var MALICIOUS_VERDICT = "MALICIOUS";
 var ORPHAN_SWEEP_GRACE_MS = 10 * 60 * 1e3;
 
+// src/features/analysis/skill_quarantine/enumerateInstalledSkills.ts
+import { homedir as homedir2 } from "os";
+import path15 from "path";
+
 // src/features/analysis/context_file_processor.ts
 import { createHash } from "crypto";
 import path13 from "path";
@@ -17136,7 +17232,7 @@ async function processContextFiles(regularFiles, skillGroups) {
 }
 
 // src/features/analysis/context_file_scanner.ts
-import { lstat, readFile, stat } from "fs/promises";
+import { lstat, readdir, readFile, realpath, stat } from "fs/promises";
 import { homedir } from "os";
 import path14 from "path";
 import { globby as globby2 } from "globby";
@@ -17160,15 +17256,15 @@ var SCAN_PATHS = {
       root: "home"
     },
     { kind: "skill-bundle", skillsRoot: ".claude/skills", root: "workspace" },
-    { glob: ".claude/commands/*.md", category: "command", root: "workspace" },
+    { glob: ".claude/commands/*.md", category: "skill", root: "workspace" },
     {
       glob: ".claude/agents/*.md",
-      category: "agent-config",
+      category: SKILL_CATEGORY,
       root: "workspace"
     },
     { kind: "skill-bundle", skillsRoot: ".claude/skills", root: "home" },
-    { glob: ".claude/commands/*.md", category: "command", root: "home" },
-    { glob: ".claude/agents/*.md", category: "agent-config", root: "home" },
+    { glob: ".claude/commands/*.md", category: "skill", root: "home" },
+    { glob: ".claude/agents/*.md", category: SKILL_CATEGORY, root: "home" },
     { glob: ".claude/settings.json", category: "config", root: "workspace" },
     {
       glob: ".claude/settings.local.json",
@@ -17247,7 +17343,7 @@ var SCAN_PATHS = {
     },
     {
       glob: ".claude/agents/*.md",
-      category: "agent-config",
+      category: SKILL_CATEGORY,
       root: "workspace"
     },
     // Agent skills — Copilot discovers skills in all three roots (VS Code docs:
@@ -17279,7 +17375,7 @@ var SCAN_PATHS = {
     // Cross-compat home paths (Copilot reads Claude / generic agent dirs too)
     { glob: ".claude/CLAUDE.md", category: "rule", root: "home" },
     { glob: ".claude/rules/**/*.md", category: "rule", root: "home" },
-    { glob: ".claude/agents/*.md", category: "agent-config", root: "home" },
+    { glob: ".claude/agents/*.md", category: SKILL_CATEGORY, root: "home" },
     { kind: "skill-bundle", skillsRoot: ".claude/skills", root: "home" },
     { kind: "skill-bundle", skillsRoot: ".agents/skills", root: "home" }
   ]
@@ -17450,11 +17546,11 @@ async function readJsoncSettings(settingsPath) {
   putSettingsCache(settingsPath, { mtimeMs, parsed: payload });
   return payload;
 }
-function putSettingsCache(path34, entry) {
-  if (!settingsCache.has(path34) && settingsCache.size >= MAX_SETTINGS_CACHE_SIZE) {
+function putSettingsCache(path35, entry) {
+  if (!settingsCache.has(path35) && settingsCache.size >= MAX_SETTINGS_CACHE_SIZE) {
     settingsCache.delete(settingsCache.keys().next().value);
   }
-  settingsCache.set(path34, entry);
+  settingsCache.set(path35, entry);
 }
 async function readCopilotCustomLocations(workspaceRoot) {
   const parsed = await readJsoncSettings(
@@ -17704,7 +17800,7 @@ async function enumerateGlob(pattern, cwd, category, isDynamic) {
   } catch {
     return [];
   }
-  return files.map((path34) => ({ path: path34, category }));
+  return files.map((path35) => ({ path: path35, category }));
 }
 async function enumerateSkillBundle(baseDir, skillsRoot) {
   const skillsDir = path14.resolve(baseDir, skillsRoot);
@@ -17738,7 +17834,68 @@ async function enumerateSkillBundle(baseDir, skillsRoot) {
       }
     })
   );
-  return perSkillResults.flat().map((p) => ({ path: p, category: "skill" }));
+  const standaloneFiles = await enumerateStandaloneSkills(skillsDir);
+  const symlinkResults = await enumerateSymlinkedSkills(skillsDir);
+  return [
+    ...perSkillResults.flat().map((p) => ({ path: p, category: "skill" })),
+    ...standaloneFiles.map((p) => ({ path: p, category: "skill" })),
+    ...symlinkResults
+  ];
+}
+async function enumerateStandaloneSkills(skillsDir) {
+  try {
+    return await globby2("*.md", {
+      cwd: skillsDir,
+      absolute: true,
+      onlyFiles: true,
+      dot: false,
+      followSymbolicLinks: false
+    });
+  } catch {
+    return [];
+  }
+}
+async function enumerateSymlinkedSkills(skillsDir) {
+  let dirEntries;
+  try {
+    dirEntries = await readdir(skillsDir, {
+      withFileTypes: true,
+      encoding: "utf8"
+    });
+  } catch {
+    return [];
+  }
+  const results = [];
+  for (const entry of dirEntries) {
+    if (!entry.isSymbolicLink()) continue;
+    const entryPath = path14.join(skillsDir, entry.name);
+    try {
+      const st = await stat(entryPath);
+      if (st.isDirectory()) {
+        const hasManifest = await stat(path14.join(entryPath, "SKILL.md")).then(() => true).catch(() => false);
+        if (!hasManifest) continue;
+        const realDir = await realpath(entryPath);
+        const realFiles = await globby2("**/*", {
+          cwd: realDir,
+          absolute: true,
+          onlyFiles: true,
+          dot: true,
+          followSymbolicLinks: false,
+          deep: SKILL_BUNDLE_MAX_DEPTH
+        }).catch(() => []);
+        for (const f of realFiles) {
+          results.push({
+            path: path14.join(entryPath, path14.relative(realDir, f)),
+            category: "skill"
+          });
+        }
+      } else if (st.isFile() && entry.name.endsWith(".md")) {
+        results.push({ path: entryPath, category: "skill" });
+      }
+    } catch {
+    }
+  }
+  return results;
 }
 var DYNAMIC_SCAN_MAX_DEPTH = 6;
 var SKILL_MANIFEST_SCAN_DEPTH = 2;
@@ -17769,15 +17926,26 @@ function deriveIdentifier(filePath, baseDir) {
 
 // src/features/analysis/skill_quarantine/enumerateInstalledSkills.ts
 async function enumerateInstalledSkills(workspaceRoot) {
-  const { skillGroups } = await scanContextFiles(
+  const { skillGroups, regularFiles } = await scanContextFiles(
     workspaceRoot,
     "claude-code",
     void 0
   );
-  if (skillGroups.length === 0) {
+  const home = homedir2();
+  const agentGroups = regularFiles.filter((f) => f.category === "agent-config").map((f) => ({
+    name: path15.basename(f.path, path15.extname(f.path)),
+    root: f.path.startsWith(home + path15.sep) ? "home" : "workspace",
+    skillPath: f.path,
+    files: [f],
+    isFolder: false,
+    maxMtimeMs: f.mtimeMs,
+    sessionKey: `agent-config:${f.path}`
+  }));
+  const allGroups = [...skillGroups, ...agentGroups];
+  if (allGroups.length === 0) {
     return [];
   }
-  const { skills } = await processContextFiles([], skillGroups);
+  const { skills } = await processContextFiles([], allGroups);
   return skills.map((s) => {
     const parts = s.group.skillPath.split(/[\\/]/);
     const origName = parts[parts.length - 1] || s.group.name;
@@ -17818,31 +17986,33 @@ var Metric = {
 import { randomUUID } from "crypto";
 import { existsSync as existsSync2 } from "fs";
 import {
+  lstat as lstat2,
   mkdir,
-  readdir,
+  readdir as readdir2,
   readFile as readFile2,
   rename,
   rm,
   stat as stat2,
+  unlink,
   writeFile
 } from "fs/promises";
-import path16 from "path";
+import path17 from "path";
 import { move } from "fs-extra";
 
 // src/features/analysis/skill_quarantine/paths.ts
-import { homedir as homedir2 } from "os";
-import path15 from "path";
+import { homedir as homedir3 } from "os";
+import path16 from "path";
 function getQuarantineRoot() {
-  return path15.join(homedir2(), ".tracy", "quarantine", "claude", "skills");
+  return path16.join(homedir3(), ".tracy", "quarantine", "claude", "skills");
 }
 function getQuarantinedHashDir(md5) {
-  return path15.join(getQuarantineRoot(), md5);
+  return path16.join(getQuarantineRoot(), md5);
 }
 function getQuarantinedTargetPath(md5, origName) {
-  return path15.join(getQuarantinedHashDir(md5), origName);
+  return path16.join(getQuarantinedHashDir(md5), origName);
 }
 function getStagingDir(md5, pid, uuid) {
-  return path15.join(getQuarantineRoot(), `${md5}_tmp_${pid}_${uuid}`);
+  return path16.join(getQuarantineRoot(), `${md5}_tmp_${pid}_${uuid}`);
 }
 var STAGING_DIR_REGEX = /^([0-9a-f]{32})_tmp_/;
 
@@ -17907,8 +18077,61 @@ async function quarantineSkill(params) {
     );
     return { status: "already_quarantined" };
   }
+  let isSymlink = false;
+  try {
+    const lst = await lstat2(skillPath);
+    isSymlink = lst.isSymbolicLink();
+  } catch {
+  }
+  if (isSymlink) {
+    const stubContent2 = renderStub({
+      md5,
+      isFolder,
+      // Symlinks have no quarantine archive; note that in the stub.
+      quarantinedPath: `(symlink at ${skillPath} replaced \u2014 original content was not moved)`,
+      origPath: skillPath,
+      summary: verdict.summary,
+      scannerName: verdict.scannerName,
+      scannerVersion: verdict.scannerVersion,
+      scannedAt: verdict.scannedAt
+    });
+    try {
+      await mkdir(hashDir, { recursive: true });
+      if (isFolder) {
+        const tmpDir = `${skillPath}.__tracy_tmp__`;
+        await mkdir(tmpDir, { recursive: true });
+        await writeFile(path17.join(tmpDir, "SKILL.md"), stubContent2, "utf8");
+        await unlink(skillPath);
+        await rename(tmpDir, skillPath);
+      } else {
+        const tmpFile = `${skillPath}.__tracy_tmp__`;
+        await writeFile(tmpFile, stubContent2, "utf8");
+        await unlink(skillPath);
+        await rename(tmpFile, skillPath);
+      }
+    } catch (err) {
+      log2.error(
+        { err, md5, skillPath, metric: Metric.STUB_ERROR },
+        "skill_quarantine: symlink stub write failed"
+      );
+      return { status: "stub_error", err };
+    }
+    await preRegisterStubMd5(skillPath, isFolder, log2);
+    log2.info(
+      {
+        md5,
+        verdict: verdict.verdict,
+        shape: isFolder ? "folder" : "standalone",
+        scanner: verdict.scannerName,
+        scannerVersion: verdict.scannerVersion,
+        metric: Metric.QUARANTINED
+      },
+      "skill_quarantine: quarantined (symlink)"
+    );
+    return { status: "quarantined" };
+  }
   const stagingDir = getStagingDir(md5, process.pid, randomUUID());
-  const stagingTarget = path16.join(stagingDir, origName);
+  const stagingTarget = path17.join(stagingDir, origName);
   const finalTarget = getQuarantinedTargetPath(md5, origName);
   try {
     await mkdir(stagingDir, { recursive: true });
@@ -17958,7 +18181,7 @@ async function quarantineSkill(params) {
   try {
     if (isFolder) {
       await mkdir(skillPath, { recursive: true });
-      await writeFile(path16.join(skillPath, "SKILL.md"), stubContent, "utf8");
+      await writeFile(path17.join(skillPath, "SKILL.md"), stubContent, "utf8");
     } else {
       await writeFile(skillPath, stubContent, "utf8");
     }
@@ -17987,7 +18210,7 @@ async function preRegisterStubMd5(skillPath, isFolder, log2) {
   try {
     const stubEntries = await gatherStubEntries(skillPath, isFolder);
     const stubGroup = {
-      name: path16.basename(skillPath).replace(/\.md$/i, ""),
+      name: path17.basename(skillPath).replace(/\.md$/i, ""),
       root: "workspace",
       skillPath,
       files: stubEntries,
@@ -18008,14 +18231,14 @@ async function preRegisterStubMd5(skillPath, isFolder, log2) {
 }
 async function gatherStubEntries(skillPath, isFolder) {
   const now = Date.now();
-  const target = isFolder ? path16.join(skillPath, "SKILL.md") : skillPath;
+  const target = isFolder ? path17.join(skillPath, "SKILL.md") : skillPath;
   const [st, content] = await Promise.all([
     stat2(target),
     readFile2(target, "utf8")
   ]);
   return [
     {
-      name: isFolder ? "SKILL.md" : path16.basename(skillPath),
+      name: isFolder ? "SKILL.md" : path17.basename(skillPath),
       path: target,
       content,
       sizeBytes: st.size,
@@ -18028,7 +18251,7 @@ async function sweepOrphanStagingDirs(log2) {
   const root = getQuarantineRoot();
   let entries;
   try {
-    entries = await readdir(root);
+    entries = await readdir2(root);
   } catch (err) {
     if (err.code === "ENOENT") return 0;
     log2.warn({ err, root }, "skill_quarantine: orphan sweep readdir failed");
@@ -18038,7 +18261,7 @@ async function sweepOrphanStagingDirs(log2) {
   let swept = 0;
   for (const entry of entries) {
     if (!STAGING_DIR_REGEX.test(entry)) continue;
-    const full = path16.join(root, entry);
+    const full = path17.join(root, entry);
     let mtimeMs;
     try {
       mtimeMs = (await stat2(full)).mtimeMs;
@@ -18171,7 +18394,7 @@ async function runQuarantineCheckIfNeeded(opts) {
 // src/features/claude_code/daemon_pid_file.ts
 import fs13 from "fs";
 import os4 from "os";
-import path17 from "path";
+import path18 from "path";
 
 // src/features/claude_code/data_collector_constants.ts
 var CC_VERSION_CACHE_KEY = "claudeCode.detectedCCVersion";
@@ -18188,20 +18411,21 @@ var DAEMON_POLL_INTERVAL_MS = (() => {
 var HEARTBEAT_STALE_MS = 3e4;
 var TRANSCRIPT_MAX_AGE_MS = 24 * 60 * 60 * 1e3;
 var DAEMON_CHUNK_SIZE = 50;
+var CONTEXT_SCAN_INTERVAL_MS = 5e3;
 
 // src/features/claude_code/daemon_pid_file.ts
 function getMobbdevDir() {
-  return path17.join(os4.homedir(), ".mobbdev");
+  return path18.join(os4.homedir(), ".mobbdev");
 }
 function getDaemonCheckScriptPath() {
-  return path17.join(getMobbdevDir(), "daemon-check.js");
+  return path18.join(getMobbdevDir(), "daemon-check.js");
 }
 var DaemonPidFile = class {
   constructor() {
     __publicField(this, "data", null);
   }
   get filePath() {
-    return path17.join(getMobbdevDir(), "daemon.pid");
+    return path18.join(getMobbdevDir(), "daemon.pid");
   }
   /** Ensure ~/.mobbdev/ directory exists. */
   ensureDir() {
@@ -18263,8 +18487,8 @@ var DaemonPidFile = class {
 // src/features/claude_code/data_collector.ts
 import { execFile } from "child_process";
 import { createHash as createHash3 } from "crypto";
-import { access, open as open4, readdir as readdir2, readFile as readFile3, unlink } from "fs/promises";
-import path18 from "path";
+import { access, open as open4, readdir as readdir3, readFile as readFile3, unlink as unlink2 } from "fs/promises";
+import path19 from "path";
 import { promisify } from "util";
 
 // src/features/analysis/context_file_uploader.ts
@@ -18529,8 +18753,8 @@ function createConfigstoreStream(store, opts) {
       heartbeatBuffer.length = 0;
     }
   }
-  function setScopePath(path34) {
-    scopePath = path34;
+  function setScopePath(path35) {
+    scopePath = path35;
   }
   return { writable, flush, setScopePath };
 }
@@ -18754,7 +18978,7 @@ function createLogger(config2) {
 
 // src/features/claude_code/hook_logger.ts
 var DD_RUM_TOKEN = true ? "pubf59c0182545bfb4c299175119f1abf9b" : "";
-var CLI_VERSION = true ? "1.4.0" : "unknown";
+var CLI_VERSION = true ? "1.4.1" : "unknown";
 var NAMESPACE = "mobbdev-claude-code-hook-logs";
 var claudeCodeVersion;
 function buildDdTags() {
@@ -18845,12 +19069,12 @@ async function resolveTranscriptPath(transcriptPath, sessionId) {
     return transcriptPath;
   } catch {
   }
-  const filename = path18.basename(transcriptPath);
-  const dirName = path18.basename(path18.dirname(transcriptPath));
-  const projectsDir = path18.dirname(path18.dirname(transcriptPath));
+  const filename = path19.basename(transcriptPath);
+  const dirName = path19.basename(path19.dirname(transcriptPath));
+  const projectsDir = path19.dirname(path19.dirname(transcriptPath));
   const baseDirName = dirName.replace(/[-.]claude-worktrees-.+$/, "");
   if (baseDirName !== dirName) {
-    const candidate = path18.join(projectsDir, baseDirName, filename);
+    const candidate = path19.join(projectsDir, baseDirName, filename);
     try {
       await access(candidate);
       hookLog.info(
@@ -18869,10 +19093,10 @@ async function resolveTranscriptPath(transcriptPath, sessionId) {
     }
   }
   try {
-    const dirs = await readdir2(projectsDir);
+    const dirs = await readdir3(projectsDir);
     for (const dir of dirs) {
       if (dir === dirName) continue;
-      const candidate = path18.join(projectsDir, dir, filename);
+      const candidate = path19.join(projectsDir, dir, filename);
       try {
         await access(candidate);
         hookLog.info(
@@ -19053,11 +19277,11 @@ async function cleanupStaleSessions(configDir) {
   const now = Date.now();
   const prefix = getSessionFilePrefix();
   try {
-    const files = await readdir2(configDir);
+    const files = await readdir3(configDir);
     let deletedCount = 0;
     for (const file of files) {
       if (!file.startsWith(prefix) || !file.endsWith(".json")) continue;
-      const filePath = path18.join(configDir, file);
+      const filePath = path19.join(configDir, file);
       try {
         const content = JSON.parse(await readFile3(filePath, "utf-8"));
         let newest = 0;
@@ -19069,7 +19293,7 @@ async function cleanupStaleSessions(configDir) {
           }
         }
         if (newest > 0 && now - newest > STALE_KEY_MAX_AGE_MS) {
-          await unlink(filePath);
+          await unlink2(filePath);
           deletedCount++;
         }
       } catch {
@@ -19209,16 +19433,6 @@ async function processTranscript(input, sessionStore, log2, maxEntries = DAEMON_
       entriesSkipped: filteredOut,
       claudeCodeVersion: getClaudeCodeVersion()
     });
-    if (input.cwd) {
-      uploadContextFilesIfNeeded(
-        input.session_id,
-        input.cwd,
-        gqlClient,
-        log2
-      ).catch((err) => {
-        log2.error({ data: { err } }, "uploadContextFilesIfNeeded failed");
-      });
-    }
     return {
       entriesUploaded: entries.length,
       entriesSkipped: filteredOut,
@@ -19305,14 +19519,14 @@ async function uploadContextFilesIfNeeded(sessionId, cwd, gqlClient, log2) {
 import fs14 from "fs";
 import fsPromises4 from "fs/promises";
 import os6 from "os";
-import path19 from "path";
+import path20 from "path";
 import chalk11 from "chalk";
 
 // src/features/claude_code/daemon-check-shim.tmpl.js
 var daemon_check_shim_tmpl_default = "// Mobb daemon shim \u2014 checks if daemon is alive, spawns if dead.\n// Auto-generated by mobbdev CLI. Do not edit.\nvar fs = require('fs')\nvar spawn = require('child_process').spawn\nvar path = require('path')\nvar os = require('os')\n\nvar pidFile = path.join(os.homedir(), '.mobbdev', 'daemon.pid')\nvar HEARTBEAT_STALE_MS = __HEARTBEAT_STALE_MS__\n\ntry {\n  var data = JSON.parse(fs.readFileSync(pidFile, 'utf8'))\n  if (Date.now() - data.heartbeat > HEARTBEAT_STALE_MS) throw new Error('stale')\n  process.kill(data.pid, 0) // throws ESRCH if the process is gone\n} catch (e) {\n  var localCli = process.env.MOBBDEV_LOCAL_CLI\n  var child = localCli\n    ? spawn('node', [localCli, 'claude-code-daemon'], { detached: true, stdio: 'ignore', windowsHide: true })\n    : spawn('npx', ['--yes', 'mobbdev@latest', 'claude-code-daemon'], { detached: true, stdio: 'ignore', shell: true, windowsHide: true })\n  child.unref()\n}\n";
 
 // src/features/claude_code/install_hook.ts
-var CLAUDE_SETTINGS_PATH = path19.join(os6.homedir(), ".claude", "settings.json");
+var CLAUDE_SETTINGS_PATH = path20.join(os6.homedir(), ".claude", "settings.json");
 var RECOMMENDED_MATCHER = "*";
 async function claudeSettingsExists() {
   try {
@@ -19458,18 +19672,18 @@ async function installMobbHooks(options = {}) {
 }
 
 // src/features/claude_code/transcript_scanner.ts
-import { open as open5, readdir as readdir3, stat as stat3 } from "fs/promises";
+import { open as open5, readdir as readdir4, stat as stat3 } from "fs/promises";
 import os7 from "os";
-import path20 from "path";
+import path21 from "path";
 var UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
 function getClaudeProjectsDirs() {
   const dirs = [];
   const configDir = process.env["CLAUDE_CONFIG_DIR"];
   if (configDir) {
-    dirs.push(path20.join(configDir, "projects"));
+    dirs.push(path21.join(configDir, "projects"));
   }
-  dirs.push(path20.join(os7.homedir(), ".config", "claude", "projects"));
-  dirs.push(path20.join(os7.homedir(), ".claude", "projects"));
+  dirs.push(path21.join(os7.homedir(), ".config", "claude", "projects"));
+  dirs.push(path21.join(os7.homedir(), ".claude", "projects"));
   return dirs;
 }
 async function collectJsonlFiles(files, dir, projectDir, seen, now, results) {
@@ -19477,7 +19691,7 @@ async function collectJsonlFiles(files, dir, projectDir, seen, now, results) {
     if (!file.endsWith(".jsonl")) continue;
     const sessionId = file.replace(".jsonl", "");
     if (!UUID_RE.test(sessionId)) continue;
-    const filePath = path20.join(dir, file);
+    const filePath = path21.join(dir, file);
     if (seen.has(filePath)) continue;
     seen.add(filePath);
     let fileStat;
@@ -19503,12 +19717,12 @@ async function scanForTranscripts(projectsDirs = getClaudeProjectsDirs()) {
   for (const projectsDir of projectsDirs) {
     let projectDirs;
     try {
-      projectDirs = await readdir3(projectsDir);
+      projectDirs = await readdir4(projectsDir);
     } catch {
       continue;
     }
     for (const projName of projectDirs) {
-      const projPath = path20.join(projectsDir, projName);
+      const projPath = path21.join(projectsDir, projName);
       let projStat;
       try {
         projStat = await stat3(projPath);
@@ -19518,18 +19732,18 @@ async function scanForTranscripts(projectsDirs = getClaudeProjectsDirs()) {
       if (!projStat.isDirectory()) continue;
       let files;
       try {
-        files = await readdir3(projPath);
+        files = await readdir4(projPath);
       } catch {
         continue;
       }
       await collectJsonlFiles(files, projPath, projPath, seen, now, results);
       for (const entry of files) {
         if (!UUID_RE.test(entry)) continue;
-        const subagentsDir = path20.join(projPath, entry, "subagents");
+        const subagentsDir = path21.join(projPath, entry, "subagents");
         try {
           const s = await stat3(subagentsDir);
           if (!s.isDirectory()) continue;
-          const subFiles = await readdir3(subagentsDir);
+          const subFiles = await readdir4(subagentsDir);
           await collectJsonlFiles(
             subFiles,
             subagentsDir,
@@ -19613,6 +19827,8 @@ async function startDaemon() {
   const startedAt = Date.now();
   const lastSeen = /* @__PURE__ */ new Map();
   let cleanupConfigDir;
+  const sessionCwdCache = /* @__PURE__ */ new Map();
+  let lastContextScanMs = 0;
   while (true) {
     if (shuttingDown) {
       await gracefulExit(0, "signal");
@@ -19626,9 +19842,29 @@ async function startDaemon() {
       for (const transcript of changed) {
         const sessionStore = createSessionConfigStore(transcript.sessionId);
         if (!cleanupConfigDir) {
-          cleanupConfigDir = path21.dirname(sessionStore.path);
+          cleanupConfigDir = path22.dirname(sessionStore.path);
+        }
+        await drainTranscript(
+          transcript,
+          sessionStore,
+          gqlClient,
+          sessionCwdCache
+        );
+      }
+      if (lastSeen.size > 0) {
+        for (const filePath of sessionCwdCache.keys()) {
+          if (!lastSeen.has(filePath)) sessionCwdCache.delete(filePath);
+        }
+      }
+      const now = Date.now();
+      if (now - lastContextScanMs >= CONTEXT_SCAN_INTERVAL_MS) {
+        lastContextScanMs = now;
+        for (const { sessionId, cwd } of sessionCwdCache.values()) {
+          const log2 = createScopedHookLog(cwd, { daemonMode: true });
+          uploadContextFilesIfNeeded(sessionId, cwd, gqlClient, log2).catch(
+            (err) => log2.warn({ err }, "Context file scan failed")
+          );
         }
-        await drainTranscript(transcript, sessionStore, gqlClient);
       }
       if (cleanupConfigDir) {
         await cleanupStaleSessions(cleanupConfigDir);
@@ -19669,11 +19905,17 @@ async function authenticateOrExit(exit) {
     return exit(1, "auth failed");
   }
 }
-async function drainTranscript(transcript, sessionStore, gqlClient) {
+async function drainTranscript(transcript, sessionStore, gqlClient, sessionCwdCache) {
   const cwd = await extractCwdFromTranscript(transcript.filePath);
   const log2 = createScopedHookLog(cwd ?? transcript.projectDir, {
     daemonMode: true
   });
+  if (cwd) {
+    sessionCwdCache.set(transcript.filePath, {
+      sessionId: transcript.sessionId,
+      cwd
+    });
+  }
   try {
     let hasMore = true;
     while (hasMore) {
@@ -19897,8 +20139,8 @@ var WorkspaceService = class {
    * Sets a known workspace path that was discovered through successful validation
    * @param path The validated workspace path to store
    */
-  static setKnownWorkspacePath(path34) {
-    this.knownWorkspacePath = path34;
+  static setKnownWorkspacePath(path35) {
+    this.knownWorkspacePath = path35;
   }
   /**
    * Gets the known workspace path that was previously validated
@@ -20759,7 +21001,7 @@ async function createAuthenticatedMcpGQLClient({
 import { execSync as execSync2 } from "child_process";
 import fs15 from "fs";
 import os8 from "os";
-import path22 from "path";
+import path23 from "path";
 var IDEs = ["cursor", "windsurf", "webstorm", "vscode", "claude"];
 var runCommand = (cmd) => {
   try {
@@ -20774,7 +21016,7 @@ var gitInfo = {
 };
 var getClaudeWorkspacePaths = () => {
   const home = os8.homedir();
-  const claudeIdePath = path22.join(home, ".claude", "ide");
+  const claudeIdePath = path23.join(home, ".claude", "ide");
   const workspacePaths = [];
   if (!fs15.existsSync(claudeIdePath)) {
     return workspacePaths;
@@ -20782,7 +21024,7 @@ var getClaudeWorkspacePaths = () => {
   try {
     const lockFiles = fs15.readdirSync(claudeIdePath).filter((file) => file.endsWith(".lock"));
     for (const lockFile of lockFiles) {
-      const lockFilePath = path22.join(claudeIdePath, lockFile);
+      const lockFilePath = path23.join(claudeIdePath, lockFile);
       try {
         const lockContent = JSON.parse(fs15.readFileSync(lockFilePath, "utf8"));
         if (lockContent.workspaceFolders && Array.isArray(lockContent.workspaceFolders)) {
@@ -20807,24 +21049,24 @@ var getMCPConfigPaths = (hostName) => {
   switch (hostName.toLowerCase()) {
     case "cursor":
       return [
-        path22.join(currentDir, ".cursor", "mcp.json"),
+        path23.join(currentDir, ".cursor", "mcp.json"),
         // local first
-        path22.join(home, ".cursor", "mcp.json")
+        path23.join(home, ".cursor", "mcp.json")
       ];
     case "windsurf":
       return [
-        path22.join(currentDir, ".codeium", "mcp_config.json"),
+        path23.join(currentDir, ".codeium", "mcp_config.json"),
         // local first
-        path22.join(home, ".codeium", "windsurf", "mcp_config.json")
+        path23.join(home, ".codeium", "windsurf", "mcp_config.json")
       ];
     case "webstorm":
       return [];
     case "visualstudiocode":
     case "vscode":
       return [
-        path22.join(currentDir, ".vscode", "mcp.json"),
+        path23.join(currentDir, ".vscode", "mcp.json"),
         // local first
-        process.platform === "win32" ? path22.join(home, "AppData", "Roaming", "Code", "User", "mcp.json") : path22.join(
+        process.platform === "win32" ? path23.join(home, "AppData", "Roaming", "Code", "User", "mcp.json") : path23.join(
           home,
           "Library",
           "Application Support",
@@ -20835,13 +21077,13 @@ var getMCPConfigPaths = (hostName) => {
       ];
     case "claude": {
       const claudePaths = [
-        path22.join(currentDir, ".claude.json"),
+        path23.join(currentDir, ".claude.json"),
         // local first
-        path22.join(home, ".claude.json")
+        path23.join(home, ".claude.json")
       ];
       const workspacePaths = getClaudeWorkspacePaths();
       for (const workspacePath of workspacePaths) {
-        claudePaths.push(path22.join(workspacePath, ".mcp.json"));
+        claudePaths.push(path23.join(workspacePath, ".mcp.json"));
       }
       return claudePaths;
     }
@@ -21002,10 +21244,10 @@ var getHostInfo = (additionalMcpList) => {
   const ideConfigPaths = /* @__PURE__ */ new Set();
   for (const ide of IDEs) {
     const configPaths = getMCPConfigPaths(ide);
-    configPaths.forEach((path34) => ideConfigPaths.add(path34));
+    configPaths.forEach((path35) => ideConfigPaths.add(path35));
   }
   const uniqueAdditionalPaths = additionalMcpList.filter(
-    (path34) => !ideConfigPaths.has(path34)
+    (path35) => !ideConfigPaths.has(path35)
   );
   for (const ide of IDEs) {
     const cfg = readMCPConfig(ide);
@@ -21127,7 +21369,7 @@ init_configs();
 init_configs();
 import fs16 from "fs";
 import os9 from "os";
-import path23 from "path";
+import path24 from "path";
 var MAX_DEPTH = 2;
 var patterns = ["mcp", "claude"];
 var isFileMatch = (fileName) => {
@@ -21147,7 +21389,7 @@ var searchDir = async (dir, depth = 0) => {
   if (depth > MAX_DEPTH) return results;
   const entries = await fs16.promises.readdir(dir, { withFileTypes: true }).catch(() => []);
   for (const entry of entries) {
-    const fullPath = path23.join(dir, entry.name);
+    const fullPath = path24.join(dir, entry.name);
     if (entry.isFile() && isFileMatch(entry.name)) {
       results.push(fullPath);
     } else if (entry.isDirectory()) {
@@ -21164,14 +21406,14 @@ var findSystemMCPConfigs = async () => {
     const home = os9.homedir();
     const platform2 = os9.platform();
     const knownDirs = platform2 === "win32" ? [
-      path23.join(home, ".cursor"),
-      path23.join(home, "Documents"),
-      path23.join(home, "Downloads")
+      path24.join(home, ".cursor"),
+      path24.join(home, "Documents"),
+      path24.join(home, "Downloads")
     ] : [
-      path23.join(home, ".cursor"),
-      process.env["XDG_CONFIG_HOME"] || path23.join(home, ".config"),
-      path23.join(home, "Documents"),
-      path23.join(home, "Downloads")
+      path24.join(home, ".cursor"),
+      process.env["XDG_CONFIG_HOME"] || path24.join(home, ".config"),
+      path24.join(home, "Documents"),
+      path24.join(home, "Downloads")
     ];
     const timeoutPromise = new Promise(
       (resolve) => setTimeout(() => {
@@ -23587,13 +23829,13 @@ For a complete security audit workflow, use the \`full-security-audit\` prompt.
 // src/mcp/services/McpDetectionService/CursorMcpDetectionService.ts
 import * as fs19 from "fs";
 import * as os12 from "os";
-import * as path25 from "path";
+import * as path26 from "path";
 
 // src/mcp/services/McpDetectionService/BaseMcpDetectionService.ts
 init_configs();
 import * as fs18 from "fs";
 import fetch7 from "node-fetch";
-import * as path24 from "path";
+import * as path25 from "path";
 
 // src/mcp/services/McpDetectionService/McpDetectionServiceUtils.ts
 import * as fs17 from "fs";
@@ -23602,14 +23844,14 @@ import * as os11 from "os";
 // src/mcp/services/McpDetectionService/VscodeMcpDetectionService.ts
 import * as fs20 from "fs";
 import * as os13 from "os";
-import * as path26 from "path";
+import * as path27 from "path";
 
 // src/mcp/tools/checkForNewAvailableFixes/CheckForNewAvailableFixesTool.ts
 import { z as z42 } from "zod";
 
 // src/mcp/services/PathValidation.ts
 import fs21 from "fs";
-import path27 from "path";
+import path28 from "path";
 async function validatePath(inputPath) {
   logDebug("Validating MCP path", { inputPath });
   if (/^\/[a-zA-Z]:\//.test(inputPath)) {
@@ -23641,7 +23883,7 @@ async function validatePath(inputPath) {
     logError(error);
     return { isValid: false, error, path: inputPath };
   }
-  const normalizedPath = path27.normalize(inputPath);
+  const normalizedPath = path28.normalize(inputPath);
   if (normalizedPath.includes("..")) {
     const error = `Normalized path contains path traversal patterns: ${inputPath}`;
     logError(error);
@@ -24293,7 +24535,7 @@ init_configs();
 import fs22 from "fs/promises";
 import nodePath from "path";
 var getLocalFiles = async ({
-  path: path34,
+  path: path35,
   maxFileSize = MCP_MAX_FILE_SIZE,
   maxFiles,
   isAllFilesScan,
@@ -24301,17 +24543,17 @@ var getLocalFiles = async ({
   scanRecentlyChangedFiles
 }) => {
   logDebug(`[${scanContext}] Starting getLocalFiles`, {
-    path: path34,
+    path: path35,
     maxFileSize,
     maxFiles,
     isAllFilesScan,
     scanRecentlyChangedFiles
   });
   try {
-    const resolvedRepoPath = await fs22.realpath(path34);
+    const resolvedRepoPath = await fs22.realpath(path35);
     logDebug(`[${scanContext}] Resolved repository path`, {
       resolvedRepoPath,
-      originalPath: path34
+      originalPath: path35
     });
     const gitService = new GitService(resolvedRepoPath, log);
     const gitValidation = await gitService.validateRepository();
@@ -24324,7 +24566,7 @@ var getLocalFiles = async ({
     if (!gitValidation.isValid || isAllFilesScan) {
       try {
         files = await FileUtils.getLastChangedFiles({
-          dir: path34,
+          dir: path35,
           maxFileSize,
           maxFiles,
           isAllFilesScan
@@ -24416,7 +24658,7 @@ var getLocalFiles = async ({
     logError(`${scanContext}Unexpected error in getLocalFiles`, {
       error: error instanceof Error ? error.message : String(error),
       stack: error instanceof Error ? error.stack : void 0,
-      path: path34
+      path: path35
     });
     throw error;
   }
@@ -24426,7 +24668,7 @@ var getLocalFiles = async ({
 init_client_generates();
 init_GitService();
 import fs23 from "fs";
-import path28 from "path";
+import path29 from "path";
 import { z as z41 } from "zod";
 function extractPathFromPatch(patch) {
   const match = patch?.match(/diff --git a\/([^\s]+) b\//);
@@ -24512,7 +24754,7 @@ var LocalMobbFolderService = class {
           "[LocalMobbFolderService] Non-git repository detected, skipping .gitignore operations"
         );
       }
-      const mobbFolderPath = path28.join(
+      const mobbFolderPath = path29.join(
         this.repoPath,
         this.defaultMobbFolderName
       );
@@ -24684,7 +24926,7 @@ var LocalMobbFolderService = class {
         mobbFolderPath,
         baseFileName
       );
-      const filePath = path28.join(mobbFolderPath, uniqueFileName);
+      const filePath = path29.join(mobbFolderPath, uniqueFileName);
       await fs23.promises.writeFile(filePath, patch, "utf8");
       logInfo("[LocalMobbFolderService] Patch saved successfully", {
         filePath,
@@ -24742,11 +24984,11 @@ var LocalMobbFolderService = class {
    * @returns Unique filename that doesn't conflict with existing files
    */
   getUniqueFileName(folderPath, baseFileName) {
-    const baseName = path28.parse(baseFileName).name;
-    const extension = path28.parse(baseFileName).ext;
+    const baseName = path29.parse(baseFileName).name;
+    const extension = path29.parse(baseFileName).ext;
     let uniqueFileName = baseFileName;
     let index = 1;
-    while (fs23.existsSync(path28.join(folderPath, uniqueFileName))) {
+    while (fs23.existsSync(path29.join(folderPath, uniqueFileName))) {
       uniqueFileName = `${baseName}-${index}${extension}`;
       index++;
       if (index > 1e3) {
@@ -24777,7 +25019,7 @@ var LocalMobbFolderService = class {
     logDebug("[LocalMobbFolderService] Logging patch info", { fixId: fix.id });
     try {
       const mobbFolderPath = await this.getFolder();
-      const patchInfoPath = path28.join(mobbFolderPath, "patchInfo.md");
+      const patchInfoPath = path29.join(mobbFolderPath, "patchInfo.md");
       const markdownContent = this.generateFixMarkdown(fix, savedPatchFileName);
       let existingContent = "";
       if (fs23.existsSync(patchInfoPath)) {
@@ -24819,7 +25061,7 @@ var LocalMobbFolderService = class {
     const timestamp = (/* @__PURE__ */ new Date()).toISOString();
     const patch = this.extractPatchFromFix(fix);
     const relativePatchedFilePath = patch ? extractPathFromPatch(patch) : null;
-    const patchedFilePath = relativePatchedFilePath ? path28.resolve(this.repoPath, relativePatchedFilePath) : null;
+    const patchedFilePath = relativePatchedFilePath ? path29.resolve(this.repoPath, relativePatchedFilePath) : null;
     const fixIdentifier = savedPatchFileName ? savedPatchFileName.replace(".patch", "") : fix.id;
     let markdown = `# Fix ${fixIdentifier}
 
@@ -25163,14 +25405,14 @@ import {
 } from "fs";
 import fs24 from "fs/promises";
 import parseDiff2 from "parse-diff";
-import path29 from "path";
+import path30 from "path";
 var PatchApplicationService = class {
   /**
    * Gets the appropriate comment syntax for a file based on its extension
    */
   static getCommentSyntax(filePath) {
-    const ext = path29.extname(filePath).toLowerCase();
-    const basename2 = path29.basename(filePath);
+    const ext = path30.extname(filePath).toLowerCase();
+    const basename2 = path30.basename(filePath);
     const commentMap = {
       // C-style languages (single line comments)
       ".js": "//",
@@ -25378,7 +25620,7 @@ var PatchApplicationService = class {
         }
       );
     }
-    const dirPath = path29.dirname(normalizedFilePath);
+    const dirPath = path30.dirname(normalizedFilePath);
     mkdirSync(dirPath, { recursive: true });
     writeFileSync3(normalizedFilePath, finalContent, "utf8");
     return normalizedFilePath;
@@ -25387,9 +25629,9 @@ var PatchApplicationService = class {
     repositoryPath,
     targetPath
   }) {
-    const repoRoot = path29.resolve(repositoryPath);
-    const normalizedPath = path29.resolve(repoRoot, targetPath);
-    const repoRootWithSep = repoRoot.endsWith(path29.sep) ? repoRoot : `${repoRoot}${path29.sep}`;
+    const repoRoot = path30.resolve(repositoryPath);
+    const normalizedPath = path30.resolve(repoRoot, targetPath);
+    const repoRootWithSep = repoRoot.endsWith(path30.sep) ? repoRoot : `${repoRoot}${path30.sep}`;
     if (normalizedPath !== repoRoot && !normalizedPath.startsWith(repoRootWithSep)) {
       throw new Error(
         `Security violation: target path ${targetPath} resolves outside repository`
@@ -25398,7 +25640,7 @@ var PatchApplicationService = class {
     return {
       repoRoot,
       normalizedPath,
-      relativePath: path29.relative(repoRoot, normalizedPath)
+      relativePath: path30.relative(repoRoot, normalizedPath)
     };
   }
   /**
@@ -25680,7 +25922,7 @@ var PatchApplicationService = class {
         continue;
       }
       try {
-        const absolutePath = path29.resolve(repositoryPath, targetFile);
+        const absolutePath = path30.resolve(repositoryPath, targetFile);
         if (existsSync7(absolutePath)) {
           const stats = await fs24.stat(absolutePath);
           const fileModTime = stats.mtime.getTime();
@@ -25906,7 +26148,7 @@ var PatchApplicationService = class {
       fix,
       scanContext
     });
-    appliedFiles.push(path29.relative(repositoryPath, actualPath));
+    appliedFiles.push(path30.relative(repositoryPath, actualPath));
     logDebug(`[${scanContext}] Created new file: ${relativePath}`);
   }
   /**
@@ -25955,7 +26197,7 @@ var PatchApplicationService = class {
         fix,
         scanContext
       });
-      appliedFiles.push(path29.relative(repositoryPath, actualPath));
+      appliedFiles.push(path30.relative(repositoryPath, actualPath));
       logDebug(`[${scanContext}] Modified file: ${relativePath}`);
     }
   }
@@ -26152,7 +26394,7 @@ init_configs();
 // src/mcp/services/FileOperations.ts
 init_FileUtils();
 import fs25 from "fs";
-import path30 from "path";
+import path31 from "path";
 import AdmZip4 from "adm-zip";
 var FileOperations = class {
   /**
@@ -26172,10 +26414,10 @@ var FileOperations = class {
     let packedFilesCount = 0;
     const packedFiles = [];
     const excludedFiles = [];
-    const resolvedRepoPath = path30.resolve(repositoryPath);
+    const resolvedRepoPath = path31.resolve(repositoryPath);
     for (const filepath of fileList) {
-      const absoluteFilepath = path30.join(repositoryPath, filepath);
-      const resolvedFilePath = path30.resolve(absoluteFilepath);
+      const absoluteFilepath = path31.join(repositoryPath, filepath);
+      const resolvedFilePath = path31.resolve(absoluteFilepath);
       if (!resolvedFilePath.startsWith(resolvedRepoPath)) {
         const reason = "potential path traversal security risk";
         logDebug(`[FileOperations] Skipping ${filepath} due to ${reason}`);
@@ -26222,11 +26464,11 @@ var FileOperations = class {
     fileList,
     repositoryPath
   }) {
-    const resolvedRepoPath = path30.resolve(repositoryPath);
+    const resolvedRepoPath = path31.resolve(repositoryPath);
     const validatedPaths = [];
     for (const filepath of fileList) {
-      const absoluteFilepath = path30.join(repositoryPath, filepath);
-      const resolvedFilePath = path30.resolve(absoluteFilepath);
+      const absoluteFilepath = path31.join(repositoryPath, filepath);
+      const resolvedFilePath = path31.resolve(absoluteFilepath);
       if (!resolvedFilePath.startsWith(resolvedRepoPath)) {
         logDebug(
           `[FileOperations] Rejecting ${filepath} - path traversal attempt detected`
@@ -26254,7 +26496,7 @@ var FileOperations = class {
     for (const absolutePath of filePaths) {
       try {
         const content = await fs25.promises.readFile(absolutePath);
-        const relativePath = path30.basename(absolutePath);
+        const relativePath = path31.basename(absolutePath);
         fileDataArray.push({
           relativePath,
           absolutePath,
@@ -26566,14 +26808,14 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
    * since the last scan.
    */
   async scanForSecurityVulnerabilities({
-    path: path34,
+    path: path35,
     isAllDetectionRulesScan,
     isAllFilesScan,
     scanContext
   }) {
     this.hasAuthenticationFailed = false;
     logDebug(`[${scanContext}] Scanning for new security vulnerabilities`, {
-      path: path34
+      path: path35
     });
     if (!this.gqlClient) {
       logInfo(`[${scanContext}] No GQL client found, skipping scan`);
@@ -26589,11 +26831,11 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       }
       logDebug(
         `[${scanContext}] Connected to the API, assembling list of files to scan`,
-        { path: path34 }
+        { path: path35 }
       );
       const isBackgroundScan = scanContext === ScanContext.BACKGROUND_INITIAL || scanContext === ScanContext.BACKGROUND_PERIODIC;
       const files = await getLocalFiles({
-        path: path34,
+        path: path35,
         isAllFilesScan,
         scanContext,
         scanRecentlyChangedFiles: !isBackgroundScan
@@ -26619,13 +26861,13 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       });
       const { fixReportId, projectId } = await scanFiles({
         fileList: filesToScan.map((file) => file.relativePath),
-        repositoryPath: path34,
+        repositoryPath: path35,
         gqlClient: this.gqlClient,
         isAllDetectionRulesScan,
         scanContext
       });
       logInfo(
-        `[${scanContext}] Security scan completed for ${path34} reportId: ${fixReportId} projectId: ${projectId}`
+        `[${scanContext}] Security scan completed for ${path35} reportId: ${fixReportId} projectId: ${projectId}`
       );
       if (isAllFilesScan) {
         return;
@@ -26919,13 +27161,13 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
     });
     return scannedFiles.some((file) => file.relativePath === fixFile);
   }
-  async getFreshFixes({ path: path34 }) {
+  async getFreshFixes({ path: path35 }) {
     const scanContext = ScanContext.USER_REQUEST;
-    logDebug(`[${scanContext}] Getting fresh fixes`, { path: path34 });
-    if (this.path !== path34) {
-      this.path = path34;
+    logDebug(`[${scanContext}] Getting fresh fixes`, { path: path35 });
+    if (this.path !== path35) {
+      this.path = path35;
       this.reset();
-      logInfo(`[${scanContext}] Reset service state for new path`, { path: path34 });
+      logInfo(`[${scanContext}] Reset service state for new path`, { path: path35 });
     }
     try {
       const loginContext = createMcpLoginContext("check_new_fixes");
@@ -26944,7 +27186,7 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       }
       throw error;
     }
-    this.triggerScan({ path: path34, gqlClient: this.gqlClient });
+    this.triggerScan({ path: path35, gqlClient: this.gqlClient });
     let isMvsAutoFixEnabled = null;
     try {
       isMvsAutoFixEnabled = await this.gqlClient.getMvsAutoFixSettings();
@@ -26978,33 +27220,33 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
     return noFreshFixesPrompt;
   }
   triggerScan({
-    path: path34,
+    path: path35,
     gqlClient
   }) {
-    if (this.path !== path34) {
-      this.path = path34;
+    if (this.path !== path35) {
+      this.path = path35;
       this.reset();
-      logInfo(`Reset service state for new path in triggerScan`, { path: path34 });
+      logInfo(`Reset service state for new path in triggerScan`, { path: path35 });
     }
     this.gqlClient = gqlClient;
     if (!this.intervalId) {
-      this.startPeriodicScanning(path34);
-      this.executeInitialScan(path34);
-      void this.executeInitialFullScan(path34);
+      this.startPeriodicScanning(path35);
+      this.executeInitialScan(path35);
+      void this.executeInitialFullScan(path35);
     }
   }
-  startPeriodicScanning(path34) {
+  startPeriodicScanning(path35) {
     const scanContext = ScanContext.BACKGROUND_PERIODIC;
     logDebug(
       `[${scanContext}] Starting periodic scan for new security vulnerabilities`,
       {
-        path: path34
+        path: path35
       }
     );
     this.intervalId = setInterval(() => {
-      logDebug(`[${scanContext}] Triggering periodic security scan`, { path: path34 });
+      logDebug(`[${scanContext}] Triggering periodic security scan`, { path: path35 });
       this.scanForSecurityVulnerabilities({
-        path: path34,
+        path: path35,
         scanContext
       }).catch((error) => {
         logError(`[${scanContext}] Error during periodic security scan`, {
@@ -27013,45 +27255,45 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       });
     }, MCP_PERIODIC_CHECK_INTERVAL);
   }
-  async executeInitialFullScan(path34) {
+  async executeInitialFullScan(path35) {
     const scanContext = ScanContext.FULL_SCAN;
-    logDebug(`[${scanContext}] Triggering initial full security scan`, { path: path34 });
+    logDebug(`[${scanContext}] Triggering initial full security scan`, { path: path35 });
     logDebug(`[${scanContext}] Full scan paths scanned`, {
       fullScanPathsScanned: this.fullScanPathsScanned
     });
-    if (this.fullScanPathsScanned.includes(path34)) {
+    if (this.fullScanPathsScanned.includes(path35)) {
       logDebug(`[${scanContext}] Full scan already executed for this path`, {
-        path: path34
+        path: path35
       });
       return;
     }
     configStore.set("fullScanPathsScanned", [
       ...this.fullScanPathsScanned,
-      path34
+      path35
     ]);
     try {
       await this.scanForSecurityVulnerabilities({
-        path: path34,
+        path: path35,
         isAllFilesScan: true,
         isAllDetectionRulesScan: true,
         scanContext: ScanContext.FULL_SCAN
       });
-      if (!this.fullScanPathsScanned.includes(path34)) {
-        this.fullScanPathsScanned.push(path34);
+      if (!this.fullScanPathsScanned.includes(path35)) {
+        this.fullScanPathsScanned.push(path35);
         configStore.set("fullScanPathsScanned", this.fullScanPathsScanned);
       }
-      logInfo(`[${scanContext}] Full scan completed`, { path: path34 });
+      logInfo(`[${scanContext}] Full scan completed`, { path: path35 });
     } catch (error) {
       logError(`[${scanContext}] Error during initial full security scan`, {
         error
       });
     }
   }
-  executeInitialScan(path34) {
+  executeInitialScan(path35) {
     const scanContext = ScanContext.BACKGROUND_INITIAL;
-    logDebug(`[${scanContext}] Triggering initial security scan`, { path: path34 });
+    logDebug(`[${scanContext}] Triggering initial security scan`, { path: path35 });
     this.scanForSecurityVulnerabilities({
-      path: path34,
+      path: path35,
       scanContext: ScanContext.BACKGROUND_INITIAL
     }).catch((error) => {
       logError(`[${scanContext}] Error during initial security scan`, { error });
@@ -27148,9 +27390,9 @@ Example payload:
         `Invalid path: potential security risk detected in path: ${pathValidationResult.error}`
       );
     }
-    const path34 = pathValidationResult.path;
+    const path35 = pathValidationResult.path;
     const resultText = await this.newFixesService.getFreshFixes({
-      path: path34
+      path: path35
     });
     logInfo("CheckForNewAvailableFixesTool execution completed", {
       resultText
@@ -27328,8 +27570,8 @@ Call this tool instead of ${MCP_TOOL_SCAN_AND_FIX_VULNERABILITIES} when you only
         `Invalid path: potential security risk detected in path: ${pathValidationResult.error}`
       );
     }
-    const path34 = pathValidationResult.path;
-    const gitService = new GitService(path34, log);
+    const path35 = pathValidationResult.path;
+    const gitService = new GitService(path35, log);
     const gitValidation = await gitService.validateRepository();
     if (!gitValidation.isValid) {
       throw new Error(`Invalid git repository: ${gitValidation.error}`);
@@ -27714,9 +27956,9 @@ Example payload:
         `Invalid path: potential security risk detected in path: ${pathValidationResult.error}`
       );
     }
-    const path34 = pathValidationResult.path;
+    const path35 = pathValidationResult.path;
     const files = await getLocalFiles({
-      path: path34,
+      path: path35,
       maxFileSize: MCP_MAX_FILE_SIZE,
       maxFiles: args.maxFiles,
       scanContext: ScanContext.USER_REQUEST,
@@ -27736,7 +27978,7 @@ Example payload:
     try {
       const fixResult = await this.vulnerabilityFixService.processVulnerabilities({
         fileList: files.map((file) => file.relativePath),
-        repositoryPath: path34,
+        repositoryPath: path35,
         offset: args.offset,
         limit: args.limit,
         isRescan: args.rescan || !!args.maxFiles
@@ -28037,10 +28279,10 @@ init_client_generates();
 init_urlParser2();
 
 // src/features/codeium_intellij/codeium_language_server_grpc_client.ts
-import path31 from "path";
+import path32 from "path";
 import * as grpc from "@grpc/grpc-js";
 import * as protoLoader from "@grpc/proto-loader";
-var PROTO_PATH = path31.join(
+var PROTO_PATH = path32.join(
   getModuleRootDir(),
   "src/features/codeium_intellij/proto/exa/language_server_pb/language_server.proto"
 );
@@ -28052,7 +28294,7 @@ function loadProto() {
     defaults: true,
     oneofs: true,
     includeDirs: [
-      path31.join(getModuleRootDir(), "src/features/codeium_intellij/proto")
+      path32.join(getModuleRootDir(), "src/features/codeium_intellij/proto")
     ]
   });
   return grpc.loadPackageDefinition(
@@ -28108,28 +28350,28 @@ async function getGrpcClient(port, csrf3) {
 // src/features/codeium_intellij/parse_intellij_logs.ts
 import fs27 from "fs";
 import os14 from "os";
-import path32 from "path";
+import path33 from "path";
 function getLogsDir() {
   if (process.platform === "darwin") {
-    return path32.join(os14.homedir(), "Library/Logs/JetBrains");
+    return path33.join(os14.homedir(), "Library/Logs/JetBrains");
   } else if (process.platform === "win32") {
-    return path32.join(
-      process.env["LOCALAPPDATA"] || path32.join(os14.homedir(), "AppData/Local"),
+    return path33.join(
+      process.env["LOCALAPPDATA"] || path33.join(os14.homedir(), "AppData/Local"),
       "JetBrains"
     );
   } else {
-    return path32.join(os14.homedir(), ".cache/JetBrains");
+    return path33.join(os14.homedir(), ".cache/JetBrains");
   }
 }
 function parseIdeLogDir(ideLogDir) {
   const logFiles = fs27.readdirSync(ideLogDir).filter((f) => /^idea(\.\d+)?\.log$/.test(f)).map((f) => ({
     name: f,
-    mtime: fs27.statSync(path32.join(ideLogDir, f)).mtimeMs
+    mtime: fs27.statSync(path33.join(ideLogDir, f)).mtimeMs
   })).sort((a, b) => a.mtime - b.mtime).map((f) => f.name);
   let latestCsrf = null;
   let latestPort = null;
   for (const logFile of logFiles) {
-    const lines = fs27.readFileSync(path32.join(ideLogDir, logFile), "utf-8").split("\n");
+    const lines = fs27.readFileSync(path33.join(ideLogDir, logFile), "utf-8").split("\n");
     for (const line of lines) {
       if (!line.includes(
         "com.codeium.intellij.language_server.LanguageServerProcessHandler"
@@ -28157,9 +28399,9 @@ function findRunningCodeiumLanguageServers() {
   const logsDir = getLogsDir();
   if (!fs27.existsSync(logsDir)) return results;
   for (const ide of fs27.readdirSync(logsDir)) {
-    let ideLogDir = path32.join(logsDir, ide);
+    let ideLogDir = path33.join(logsDir, ide);
     if (process.platform !== "darwin") {
-      ideLogDir = path32.join(ideLogDir, "log");
+      ideLogDir = path33.join(ideLogDir, "log");
     }
     if (!fs27.existsSync(ideLogDir) || !fs27.statSync(ideLogDir).isDirectory()) {
       continue;
@@ -28342,10 +28584,10 @@ function processChatStepCodeAction(step) {
 // src/features/codeium_intellij/install_hook.ts
 import fsPromises5 from "fs/promises";
 import os15 from "os";
-import path33 from "path";
+import path34 from "path";
 import chalk14 from "chalk";
 function getCodeiumHooksPath() {
-  return path33.join(os15.homedir(), ".codeium", "hooks.json");
+  return path34.join(os15.homedir(), ".codeium", "hooks.json");
 }
 async function readCodeiumHooks() {
   const hooksPath = getCodeiumHooksPath();
@@ -28358,7 +28600,7 @@ async function readCodeiumHooks() {
 }
 async function writeCodeiumHooks(config2) {
   const hooksPath = getCodeiumHooksPath();
-  const dir = path33.dirname(hooksPath);
+  const dir = path34.dirname(hooksPath);
   await fsPromises5.mkdir(dir, { recursive: true });
   await fsPromises5.writeFile(
     hooksPath,