pqcheck 0.15.0 → 0.15.1

package/README.md

@@ -27,7 +27,9 @@ The same scanner that powers [cipherwake.io](https://cipherwake.io), the browser
 | `npx pqcheck onboard <domain>` | One command: scan → scaffold the GitHub Action → capture a vendor lockfile → set a baseline → commit + push. Zero copy-paste from docs. |
 | **`npx pqcheck guard --domain <D> -- <cmd>`** 🆕 | **Deploy guard wrapper.** Wraps any deploy command. Runs `deploy-check` first; conditionally runs `<cmd>` based on `ship_decision`. Modes: `--gate-mode balanced` (default) / `advisory` / `strict`. ONE command instead of two — the strongest single artifact for AI-coder workflows because the AI never has to remember to chain check + deploy. |
 | **`npx pqcheck protocol install`** 🆕 | **Opt-in installer** for the AI Coder Protocol — appends the pre-deploy verification rule to your `CLAUDE.md` / `.cursorrules` / `.aider.conf.yml` with explicit consent (Rule 17). One upfront question (auto / manual / no). Never silent writes. |
-| **`npx pqcheck setup --auto --domain <D>`** 🆕 | **One-command full setup for every AI coder.** Installs (idempotently): GitHub Action workflow, AI Coder Protocol across all detected rules files (Claude / Cursor / Copilot / Aider / Windsurf / Continue / Cline / AGENTS.md) using fenced markers (`<!-- CIPHERWAKE_AI_CODER_PROTOCOL_START/END -->`), git pre-push hook, Claude Code statusLine + chat-hook (PostToolUse Bash). Skip flags available. Backups taken before any `~/.claude/settings.json` write. Audit trail at `~/.config/cipherwake/install-prefs.json`; install manifest at `~/.config/cipherwake/install-manifest.json`. |
+| **`npx pqcheck setup --auto --domain <D>`** 🆕 | **One-command full setup for every AI coder.** Installs (idempotently): GitHub Action workflow, AI Coder Protocol across all detected rules files (Claude / Cursor / Copilot / Aider / Windsurf / Continue / Cline / AGENTS.md) using fenced markers (`<!-- CIPHERWAKE_AI_CODER_PROTOCOL_START/END -->`), git pre-push hook, Claude Code statusLine + 2 hooks (PostToolUse Bash + **UserPromptSubmit** ⓝ), per-repo `.cipherwake/last-status.json` for Cursor / Copilot / Continue to read as context. Skip flags available. Backups taken before any `~/.claude/settings.json` write. Audit trail at `~/.config/cipherwake/install-prefs.json`; install manifest at `~/.config/cipherwake/install-manifest.json`. |
+| **`UserPromptSubmit` hook** (v0.15.1 ⓝ) | **Claude sees `ship_decision` before responding to every prompt.** When `pqcheck setup --auto` runs, it wires `cipherwake-prompt-hook` as a Claude Code UserPromptSubmit hook. On every user prompt, the hook injects `additionalContext` with the current scan's `ship_decision` IF it's `review`/`block` and the state is <24h old. Silent when state is missing, stale, or `pass`. Different timing from the PostToolUse chat-hook: this fires *before* Claude thinks (proactive), the chat-hook fires *after* a Bash command (reactive). |
+| **Per-repo state file** `.cipherwake/last-status.json` (v0.15.1 ⓝ) | **Cursor / Copilot / Continue read this for workspace context.** Every `pqcheck` scan writes the same payload as the per-user file. Created by `setup --auto`; auto-added to `.gitignore` (per-developer state, not committable). Gives AI agents inside VS Code-family editors a repo-local artifact they pick up automatically when reading workspace files. |
 | **`npx pqcheck setup --plan --domain <D>`** 🆕 | **Dry-run mode.** Prints every file change `--auto` would make (target paths + operation type: create / append-markered / deep-merge / backup-first) without writing anything. Run this first when you're not sure what `--auto` will touch. |
 | **`npx pqcheck debug-network`** 🆕 | **Connectivity diagnostic.** Probes cipherwake.io API, homepage, crt.sh upstream, and the direct Vercel URL (bypassing Cloudflare). Reports HTTP status + timing per hop. Use when "scan hung" / "command not found" / corporate proxy issues come up — surfaces the actual broken hop with an actionable cause list. |
 | **`--ai` flag** (any of the above) | **AI Coder Mode** (0.15.0). Three-layer output (banner / body / structured `CIPHERWAKE_AI_GUARD_RESULT` block) tuned for Claude Code / Cursor / Aider / Zed. Includes a `ship_decision=pass\|review\|block` field your AI coworker parses to decide whether to announce the deploy, ask you, or revert. See [/methodology/ai-coder-mode](https://cipherwake.io/methodology/ai-coder-mode). |

package/bin/cipherwake-prompt-hook.js

@@ -0,0 +1,111 @@
+#!/usr/bin/env node
+// =============================================================================
+// cipherwake-prompt-hook — Claude Code UserPromptSubmit hook (v0.15.1 parity)
+// =============================================================================
+// Fires BEFORE Claude responds to every user prompt. Injects the latest scan
+// state from ~/.config/cipherwake/last-scan.json into Claude's context, so
+// the AI sees ship_decision proactively (e.g., when the user says "ok deploy
+// this", Claude already knows the trust posture).
+//
+// Different timing from cipherwake-chat-hook (PostToolUse Bash) — that one
+// fires AFTER a tool runs and pushes a chat message reactively. This one
+// fires BEFORE the model thinks, by injecting additionalContext via the
+// hookSpecificOutput shape.
+//
+// Silent (no injection) when:
+//   • state file missing
+//   • state file > 24h old (don't anchor on stale data)
+//   • ship_decision === "pass" (no need to spam the model with good news)
+//
+// Wire-up via `pqcheck setup --auto` writes the entry to
+// ~/.claude/settings.json under `hooks.UserPromptSubmit`.
+// =============================================================================
+
+import { readFileSync } from "node:fs";
+import { join } from "node:path";
+import { homedir } from "node:os";
+
+const STATE_FILE = process.env.CIPHERWAKE_STATE_FILE
+  || join(homedir(), ".config", "cipherwake", "last-scan.json");
+
+const MAX_STATE_AGE_MS = 24 * 60 * 60 * 1000; // 24h — older than this, don't inject
+
+function readStdin() {
+  return new Promise((resolve) => {
+    let data = "";
+    process.stdin.setEncoding("utf8");
+    process.stdin.on("data", (chunk) => (data += chunk));
+    process.stdin.on("end", () => resolve(data));
+    // If no stdin (manual invocation), resolve empty immediately
+    if (process.stdin.isTTY) resolve("");
+  });
+}
+
+function silent() {
+  // Output nothing — Claude Code treats empty output as "no injection".
+  process.exit(0);
+}
+
+async function main() {
+  // Drain stdin (Claude Code sends a JSON event payload). We don't actually
+  // need the event content here — we just decide based on cached state.
+  try { await readStdin(); } catch { /* ignore */ }
+
+  let state;
+  try {
+    state = JSON.parse(readFileSync(STATE_FILE, "utf8"));
+  } catch {
+    silent();
+    return;
+  }
+
+  // Freshness: only inject if the last scan is recent. Anchoring Claude on
+  // a week-old REVIEW state would be misleading after the user has likely
+  // already fixed the issue.
+  const writtenAt = state.written_at ? new Date(state.written_at).getTime() : 0;
+  if (!writtenAt || Date.now() - writtenAt > MAX_STATE_AGE_MS) {
+    silent();
+    return;
+  }
+
+  // Only inject for non-pass states. Don't spam the model with good news on
+  // every prompt — Claude already trusts that no news is good news.
+  const shipDecision = String(state.ship_decision || "").toLowerCase();
+  if (shipDecision !== "review" && shipDecision !== "block") {
+    silent();
+    return;
+  }
+
+  const emoji = shipDecision === "block" ? "⛔" : "⚠";
+  const sevLabel = shipDecision === "block" ? "BLOCK" : "REVIEW";
+  const dbr = typeof state.score === "number" ? state.score.toFixed(1) : "?";
+  const grade = state.grade || "?";
+  const maxSev = String(state.max_severity || "").toUpperCase();
+  const top = state.top_issue || "—";
+  const ago = Math.floor((Date.now() - writtenAt) / 60000);
+  const ageStr = ago < 1 ? "just now" : ago < 60 ? `${ago}m ago` : `${Math.floor(ago / 60)}h ago`;
+
+  // Build the context-injection block. Brevity matters — this lands in every
+  // user prompt's context, so it should be a one-paragraph reminder, not a
+  // multi-screen status report.
+  const additionalContext =
+    `${emoji} Cipherwake — latest scan of ${state.domain || "configured domain"}: ship_decision=${shipDecision} ` +
+    `(${sevLabel}, DBR ${dbr} ${grade}, max ${maxSev}, last scanned ${ageStr}). ` +
+    `Top issue: ${top}. ` +
+    `Before announcing a deploy, run \`npx pqcheck deploy-check ${state.domain || "<domain>"} --ai\` to refresh. ` +
+    `If ship_decision is still ${shipDecision}, surface the change to the user per the AI Coder Protocol ` +
+    `(https://cipherwake.io/methodology/ai-coder-protocol) — don't auto-announce.`;
+
+  // Claude Code's UserPromptSubmit hook accepts hookSpecificOutput.additionalContext
+  // which is injected into the model's input on this turn. The hook returns
+  // synchronously; suppressOutput hides anything on stdout from the UI.
+  process.stdout.write(JSON.stringify({
+    hookSpecificOutput: {
+      hookEventName: "UserPromptSubmit",
+      additionalContext,
+    },
+    suppressOutput: true,
+  }));
+}
+
+main().catch(() => silent());

package/bin/pqcheck.js

@@ -24,7 +24,7 @@
 })();
 
 const API_BASE = process.env.PQCHECK_API_BASE || "https://cipherwake.io";
-const VERSION = "0.15.0";
+const VERSION = "0.15.1";
 
 // API-key support — paid tiers (Starter $29 / Growth $79 / Scale $199) get
 // per-account monthly quotas instead of the per-IP rate limit. Set via:
@@ -633,18 +633,39 @@ function formatAiFooterBlock(fields) {
 }
 
 // Persist last-scan state to ~/.config/cipherwake/last-scan.json.
-// Feeds the optional cipherwake-statusline script (v0.16.0) so users get
-// persistent ambient state in their AI coder's status line. Best-effort —
-// never throws (a write failure here doesn't break the scan).
+// Feeds the cipherwake-statusline + cipherwake-prompt-hook + cipherwake-chat-hook
+// scripts so users get persistent ambient state in their AI coder's surfaces.
+//
+// v0.15.1 (2026-05-22): ALSO writes a per-repo state file at
+// .cipherwake/last-status.json IF that directory exists in cwd (created by
+// `pqcheck setup --auto`). This gives Cursor / Copilot / Continue / Cline
+// agents a read-on-demand surface inside the repo — they see the latest
+// trust posture for the customer's primary domain when scanning repo state.
+//
+// Best-effort — never throws (a write failure doesn't break the scan).
 async function writeLastScanFile(payload) {
   try {
     const os = await import("node:os");
     const path = await import("node:path");
     const fs = await import("node:fs/promises");
-    const dir = path.join(os.homedir(), ".config", "cipherwake");
-    await fs.mkdir(dir, { recursive: true });
-    const file = path.join(dir, "last-scan.json");
-    await fs.writeFile(file, JSON.stringify({ ...payload, written_at: new Date().toISOString() }, null, 2));
+    const enriched = { ...payload, written_at: new Date().toISOString() };
+
+    // Per-user state file (primary, always written)
+    const userDir = path.join(os.homedir(), ".config", "cipherwake");
+    await fs.mkdir(userDir, { recursive: true });
+    await fs.writeFile(path.join(userDir, "last-scan.json"), JSON.stringify(enriched, null, 2));
+
+    // Per-repo state file (secondary, only if .cipherwake/ exists in cwd
+    // — i.e., this repo went through `pqcheck setup --auto`). Gives Cursor/
+    // Copilot/Continue/Cline agents a repo-local artifact they pick up
+    // automatically when reading workspace state.
+    const repoDir = path.join(process.cwd(), ".cipherwake");
+    try {
+      await fs.access(repoDir);
+      await fs.writeFile(path.join(repoDir, "last-status.json"), JSON.stringify(enriched, null, 2));
+    } catch {
+      // .cipherwake/ doesn't exist here — that's fine, user didn't run setup --auto in this repo
+    }
   } catch {
     // best-effort
   }
@@ -4991,6 +5012,96 @@ async function runSetupCommand(args) {
     }
   }
 
+  // -------------------------------------------------------------------------
+  // Component 4c: Claude Code prompt-hook (UserPromptSubmit → cipherwake-prompt-hook)
+  // v0.15.1 — pinnedai-parity item. Injects ship_decision into Claude's
+  // context BEFORE Claude responds to every user prompt. Different timing
+  // from 4b: chat-hook fires AFTER a tool ran (reactive), prompt-hook fires
+  // BEFORE Claude responds (proactive). Silent when state is missing / stale
+  // / ship_decision=pass (no spam).
+  // -------------------------------------------------------------------------
+  if (!skipStatusline) {
+    const settingsPath = path.join(os.homedir(), ".claude", "settings.json");
+    try {
+      let settings = {};
+      let existed = false;
+      try {
+        const raw = await fs.readFile(settingsPath, "utf8");
+        settings = JSON.parse(raw);
+        existed = true;
+      } catch { /* will create */ }
+      settings.hooks = settings.hooks || {};
+      settings.hooks.UserPromptSubmit = settings.hooks.UserPromptSubmit || [];
+
+      const cipherwakeHookCmd = "npx cipherwake-prompt-hook";
+      const alreadyInstalled = settings.hooks.UserPromptSubmit.some(
+        (entry) => Array.isArray(entry?.hooks) && entry.hooks.some(
+          (h) => h?.type === "command" && typeof h?.command === "string" && h.command.includes("cipherwake-prompt-hook"),
+        ),
+      );
+
+      if (alreadyInstalled) {
+        console.log(color("dim", `  ⊝ prompt-hook already configured in ~/.claude/settings.json UserPromptSubmit — skipping`));
+        installSummary.push({ component: "Claude Code prompt-hook", path: settingsPath, status: "skipped-already-present" });
+      } else {
+        const backupPath = existed ? await backupSettingsJson(settingsPath) : null;
+        if (backupPath) console.log(color("dim", `    backup: ${backupPath}`));
+        settings.hooks.UserPromptSubmit.push({ hooks: [{ type: "command", command: cipherwakeHookCmd }] });
+        await fs.mkdir(path.dirname(settingsPath), { recursive: true });
+        await fs.writeFile(settingsPath, JSON.stringify(settings, null, 2) + "\n", "utf8");
+        console.log(color("green", `  ✓ added prompt-hook (UserPromptSubmit) → ~/.claude/settings.json`));
+        console.log(color("dim", `    Claude will see latest ship_decision in context on every prompt (when REVIEW/BLOCK)`));
+        installSummary.push({ component: "Claude Code prompt-hook", path: settingsPath, status: existed ? "installed-updated" : "installed-created", backup: backupPath });
+      }
+    } catch (err) {
+      console.log(color("red", `  ✗ prompt-hook install failed: ${err.message}`));
+      installSummary.push({ component: "Claude Code prompt-hook", status: "failed", error: String(err?.message || err) });
+    }
+  }
+
+  // -------------------------------------------------------------------------
+  // Component 4d: Per-repo state directory (.cipherwake/) for Cursor / Copilot
+  // v0.15.1 — pinnedai-parity item. Cursor/Copilot/Continue/Cline read repo
+  // state for context. Creating .cipherwake/ in the repo gives them a
+  // read-on-demand surface that subsequent `pqcheck` runs (via the
+  // writeLastScanFile path) populate with the latest scan state. Also adds
+  // .cipherwake/ to .gitignore if not already there — per-developer state,
+  // not committable.
+  // -------------------------------------------------------------------------
+  if (!skipStatusline) {
+    try {
+      const repoStateDir = path.join(process.cwd(), ".cipherwake");
+      await fs.mkdir(repoStateDir, { recursive: true });
+      // Write an initial placeholder so the file exists immediately. Subsequent
+      // scans via writeLastScanFile will overwrite with real data.
+      const placeholderPath = path.join(repoStateDir, "last-status.json");
+      try {
+        await fs.access(placeholderPath);
+        // Already exists — preserve it.
+      } catch {
+        await fs.writeFile(placeholderPath, JSON.stringify({
+          domain,
+          ship_decision: "unknown",
+          note: "Initial placeholder — run `npx pqcheck deploy-check " + domain + " --ai` to populate",
+          written_at: new Date().toISOString(),
+        }, null, 2));
+      }
+      // Add .cipherwake/ to .gitignore if missing (don't commit per-developer state).
+      const gitignorePath = path.join(process.cwd(), ".gitignore");
+      let gitignore = "";
+      try { gitignore = await fs.readFile(gitignorePath, "utf8"); } catch { /* may not exist */ }
+      if (!/^\.cipherwake\/?\s*$/m.test(gitignore)) {
+        const appended = gitignore + (gitignore.endsWith("\n") || gitignore.length === 0 ? "" : "\n") + "\n# Cipherwake per-developer scan state (read-on-demand by AI coders)\n.cipherwake/\n";
+        await fs.writeFile(gitignorePath, appended);
+      }
+      console.log(color("green", `  ✓ created .cipherwake/last-status.json (Cursor/Copilot/Continue read this for context)`));
+      installSummary.push({ component: "Per-repo state file", path: placeholderPath, status: "installed" });
+    } catch (err) {
+      console.log(color("red", `  ✗ per-repo state install failed: ${err.message}`));
+      installSummary.push({ component: "Per-repo state file", status: "failed", error: String(err?.message || err) });
+    }
+  }
+
   // -------------------------------------------------------------------------
   // Component 5: VS Code / Cursor extension (via `code` CLI if available)
   // -------------------------------------------------------------------------

package/package.json

@@ -1,21 +1,29 @@
 {
   "name": "pqcheck",
-  "version": "0.15.0",
-  "description": "HTTPS posture scanner with Preview Deploy Trust Diff for PRs, Trust Diff for CI, vendor lockfile + drift alerts, cross-tenant key map, and HNDL/quantum-decryption risk scoring. Free, no signup.",
+  "version": "0.15.1",
+  "description": "Deploy gate for AI-coded web apps. `pqcheck deploy-check --ai` returns ship_decision=pass|review|block for Claude Code / Cursor / Copilot / Aider to gate deploys before they ship. Anonymous, no signup, free for first use.",
   "keywords": [
-    "post-quantum",
-    "cryptography",
+    "ai-coder",
+    "claude-code",
+    "cursor",
+    "copilot",
+    "aider",
+    "deploy-gate",
+    "deploy-check",
+    "ai-coder-mode",
+    "ship-decision",
+    "deploy-guard",
+    "ci",
     "security",
     "tls",
     "ssl",
     "scanner",
+    "post-quantum",
     "harvest-now-decrypt-later",
     "hndl",
     "blast-radius",
     "pqc",
-    "quantum",
-    "crypto-audit",
-    "crypto-inventory"
+    "quantum"
   ],
   "homepage": "https://cipherwake.io",
   "bugs": "https://cipherwake.io",
@@ -33,7 +41,8 @@
   "bin": {
     "pqcheck": "./bin/pqcheck.js",
     "cipherwake-statusline": "./bin/cipherwake-statusline.js",
-    "cipherwake-chat-hook": "./bin/cipherwake-chat-hook.js"
+    "cipherwake-chat-hook": "./bin/cipherwake-chat-hook.js",
+    "cipherwake-prompt-hook": "./bin/cipherwake-prompt-hook.js"
   },
   "files": [
     "bin/",