ralph-cli-sandboxed 0.6.2 → 0.6.3

package/dist/commands/branch.js

@@ -1,10 +1,9 @@
 import { execSync } from "child_process";
-import { existsSync, readFileSync, writeFileSync } from "fs";
-import { extname, join } from "path";
-import { getRalphDir, getPrdFiles, loadBranchState, getProjectName } from "../utils/config.js";
+import { existsSync } from "fs";
+import { join } from "path";
+import { getPrdFiles, loadBranchState, getProjectName } from "../utils/config.js";
 import { readPrdFile, writePrdAuto } from "../utils/prd-validator.js";
 import { promptConfirm } from "../utils/prompt.js";
-import YAML from "yaml";
 /**
  * Converts a branch name to a worktree directory name, prefixed with the project name.
  * e.g., "feat/login" -> "myproject_feat-login"
@@ -37,11 +36,11 @@ function loadPrdEntries() {
     return { entries: parsed.content, prdPath: prdFiles.primary };
 }
 /**
- * Gets the base branch (the branch that /workspace is on).
+ * Gets the base branch (the current branch of the project).
  */
 function getBaseBranch() {
     try {
-        return execSync("git -C /workspace rev-parse --abbrev-ref HEAD", { encoding: "utf-8" }).trim();
+        return execSync("git rev-parse --abbrev-ref HEAD", { encoding: "utf-8" }).trim();
     }
     catch {
         return "main";
@@ -151,17 +150,17 @@ async function branchMerge(args) {
         console.log("Merge cancelled.");
         return;
     }
-    // Perform the merge from /workspace (which is on the base branch)
+    // Perform the merge into the base branch
     try {
         console.log(`\nMerging "${branchName}" into "${baseBranch}"...`);
-        execSync(`git -C /workspace merge "${branchName}" --no-edit`, { stdio: "pipe" });
+        execSync(`git merge "${branchName}" --no-edit`, { stdio: "pipe" });
         console.log(`\x1b[32mSuccessfully merged "${branchName}" into "${baseBranch}".\x1b[0m`);
     }
     catch (err) {
         // Check if this is a merge conflict
         let conflictingFiles = [];
         try {
-            const status = execSync("git -C /workspace status --porcelain", { encoding: "utf-8" });
+            const status = execSync("git status --porcelain", { encoding: "utf-8" });
             conflictingFiles = status
                 .split("\n")
                 .filter((line) => line.startsWith("UU") || line.startsWith("AA") || line.startsWith("DD") || line.startsWith("AU") || line.startsWith("UA") || line.startsWith("DU") || line.startsWith("UD"))
@@ -179,7 +178,7 @@ async function branchMerge(args) {
             }
             // Abort the merge
             try {
-                execSync("git -C /workspace merge --abort", { stdio: "pipe" });
+                execSync("git merge --abort", { stdio: "pipe" });
                 console.error(`\n\x1b[36mMerge aborted.\x1b[0m`);
             }
             catch {
@@ -197,7 +196,7 @@ async function branchMerge(args) {
             console.error(`\x1b[31mMerge failed: ${message}\x1b[0m`);
             // Try to abort in case merge is in progress
             try {
-                execSync("git -C /workspace merge --abort", { stdio: "pipe" });
+                execSync("git merge --abort", { stdio: "pipe" });
             }
             catch {
                 // Ignore if nothing to abort
@@ -209,7 +208,7 @@ async function branchMerge(args) {
     if (existsSync(worktreePath)) {
         console.log(`\nCleaning up worktree at ${worktreePath}...`);
         try {
-            execSync(`git -C /workspace worktree remove "${worktreePath}"`, { stdio: "pipe" });
+            execSync(`git worktree remove "${worktreePath}"`, { stdio: "pipe" });
             console.log(`\x1b[32mWorktree removed.\x1b[0m`);
         }
         catch (err) {
@@ -222,57 +221,31 @@ async function branchMerge(args) {
     console.log(`\n\x1b[32mDone!\x1b[0m Branch "${branchName}" has been merged into "${baseBranch}".`);
 }
 /**
- * Gets the PRD file path, preferring the primary if it exists.
+ * Create a pull request for a branch using the gh CLI on the host.
  */
-function getPrdPath() {
-    const prdFiles = getPrdFiles();
-    if (prdFiles.primary) {
-        return prdFiles.primary;
+async function branchPr(args) {
+    const branchName = args[0];
+    if (!branchName) {
+        console.error("Usage: ralph branch pr <branch-name>");
+        console.error("\nExample: ralph branch pr feat/login");
+        process.exit(1);
     }
-    return join(getRalphDir(), "prd.json");
-}
-/**
- * Parses a PRD file (YAML or JSON) and returns the entries.
- */
-function parsePrdFile(path) {
-    const content = readFileSync(path, "utf-8");
-    const ext = extname(path).toLowerCase();
+    // Pre-flight: verify gh is installed
     try {
-        let result;
-        if (ext === ".yaml" || ext === ".yml") {
-            result = YAML.parse(content);
-        }
-        else {
-            result = JSON.parse(content);
-        }
-        return result ?? [];
+        execSync("gh --version", { stdio: "pipe" });
     }
     catch {
-        console.error(`Error parsing ${path}. Run 'ralph fix-prd' to attempt automatic repair.`);
+        console.error("\x1b[31mError: 'gh' CLI is not installed.\x1b[0m");
+        console.error("Install it from https://cli.github.com/");
         process.exit(1);
     }
-}
-/**
- * Saves PRD entries to the PRD file (YAML or JSON based on extension).
- */
-function savePrd(entries) {
-    const path = getPrdPath();
-    const ext = extname(path).toLowerCase();
-    if (ext === ".yaml" || ext === ".yml") {
-        writeFileSync(path, YAML.stringify(entries));
-    }
-    else {
-        writeFileSync(path, JSON.stringify(entries, null, 2) + "\n");
+    // Pre-flight: verify gh is authenticated
+    try {
+        execSync("gh auth status", { stdio: "pipe" });
     }
-}
-/**
- * Create a PRD item to open a pull request for a branch.
- */
-function branchPr(args) {
-    const branchName = args[0];
-    if (!branchName) {
-        console.error("Usage: ralph branch pr <branch-name>");
-        console.error("\nExample: ralph branch pr feat/login");
+    catch {
+        console.error("\x1b[31mError: Not authenticated with GitHub.\x1b[0m");
+        console.error("Run 'gh auth login' first.");
         process.exit(1);
     }
     // Verify the branch exists
@@ -280,26 +253,88 @@ function branchPr(args) {
         console.error(`\x1b[31mError: Branch "${branchName}" does not exist.\x1b[0m`);
         process.exit(1);
     }
+    // Verify a git remote exists
+    let remote;
+    try {
+        remote = execSync("git remote", { encoding: "utf-8" }).trim().split("\n")[0];
+        if (!remote)
+            throw new Error("no remote");
+    }
+    catch {
+        console.error("\x1b[31mError: No git remote configured.\x1b[0m");
+        process.exit(1);
+    }
     const baseBranch = getBaseBranch();
-    const entry = {
-        category: "feature",
-        description: `Create a pull request from \`${branchName}\` into \`${baseBranch}\``,
-        steps: [
-            `Ensure all changes on \`${branchName}\` are committed`,
-            `Push \`${branchName}\` to the remote if not already pushed`,
-            `Create a pull request from \`${branchName}\` into \`${baseBranch}\` using the appropriate tool (e.g. gh pr create)`,
-            "Include a descriptive title and summary of the changes in the PR",
-        ],
-        passes: false,
-        branch: branchName,
-    };
-    const prdPath = getPrdPath();
-    const prd = parsePrdFile(prdPath);
-    prd.push(entry);
-    savePrd(prd);
-    console.log(`Added PRD entry #${prd.length}: Create PR for ${branchName} → ${baseBranch}`);
-    console.log(`Branch field set to: ${branchName}`);
-    console.log("Run 'ralph run' or 'ralph once' to execute.");
+    // Auto-push: if branch has no upstream tracking, push it
+    try {
+        execSync(`git rev-parse --abbrev-ref "${branchName}@{upstream}"`, { stdio: "pipe" });
+    }
+    catch {
+        console.log(`Pushing "${branchName}" to ${remote}...`);
+        try {
+            execSync(`git push -u "${remote}" "${branchName}"`, { stdio: "inherit" });
+        }
+        catch {
+            console.error(`\x1b[31mError: Failed to push "${branchName}" to ${remote}.\x1b[0m`);
+            process.exit(1);
+        }
+    }
+    // Build PR title from branch name
+    const prTitle = branchName;
+    // Build PR body
+    const bodyParts = [];
+    // PRD Items section
+    const result = loadPrdEntries();
+    if (result) {
+        const branchItems = result.entries.filter((e) => e.branch === branchName);
+        if (branchItems.length > 0) {
+            bodyParts.push("## PRD Items\n");
+            for (const item of branchItems) {
+                const check = item.passes ? "x" : " ";
+                bodyParts.push(`- [${check}] ${item.description}`);
+            }
+            bodyParts.push("");
+        }
+    }
+    // Commits section
+    try {
+        const log = execSync(`git log "${baseBranch}..${branchName}" --oneline --no-decorate`, {
+            encoding: "utf-8",
+        }).trim();
+        if (log) {
+            bodyParts.push("## Commits\n");
+            bodyParts.push(log);
+            bodyParts.push("");
+        }
+    }
+    catch {
+        // No commits or branch comparison failed — skip
+    }
+    const prBody = bodyParts.join("\n");
+    // Show summary and confirm
+    console.log(`\nCreate PR: ${branchName} → ${baseBranch}`);
+    console.log(`Title: ${prTitle}`);
+    if (prBody) {
+        console.log(`\n${prBody}`);
+    }
+    const confirmed = await promptConfirm("Create this pull request?", true);
+    if (!confirmed) {
+        console.log("Cancelled.");
+        return;
+    }
+    // Create the PR using gh, piping body via stdin to avoid shell escaping issues
+    try {
+        const prUrl = execSync(`gh pr create --base "${baseBranch}" --head "${branchName}" --title "${prTitle.replace(/"/g, '\\"')}" --body-file -`, {
+            encoding: "utf-8",
+            input: prBody,
+        }).trim();
+        console.log(`\n\x1b[32mPR created:\x1b[0m ${prUrl}`);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        console.error(`\x1b[31mFailed to create PR: ${message}\x1b[0m`);
+        process.exit(1);
+    }
 }
 /**
  * Delete a branch: remove worktree, delete git branch, and untag PRD items.
@@ -344,7 +379,7 @@ async function branchDelete(args) {
     if (hasWorktree) {
         console.log(`\nRemoving worktree at ${worktreePath}...`);
         try {
-            execSync(`git -C /workspace worktree remove "${worktreePath}" --force`, { stdio: "pipe" });
+            execSync(`git worktree remove "${worktreePath}" --force`, { stdio: "pipe" });
             console.log(`\x1b[32mWorktree removed.\x1b[0m`);
         }
         catch (err) {
@@ -356,7 +391,7 @@ async function branchDelete(args) {
     // Step 2: Delete the git branch
     console.log(`Deleting branch "${branchName}"...`);
     try {
-        execSync(`git -C /workspace branch -D "${branchName}"`, { stdio: "pipe" });
+        execSync(`git branch -D "${branchName}"`, { stdio: "pipe" });
         console.log(`\x1b[32mBranch deleted.\x1b[0m`);
     }
     catch (err) {
@@ -394,7 +429,7 @@ export async function branch(args) {
             await branchDelete(args.slice(1));
             break;
         case "pr":
-            branchPr(args.slice(1));
+            await branchPr(args.slice(1));
             break;
         default:
             console.error("Usage: ralph branch <subcommand>");
@@ -402,7 +437,7 @@ export async function branch(args) {
             console.error("  list             List all branches and their status");
             console.error("  merge <name>     Merge a branch worktree into the base branch");
             console.error("  delete <name>    Delete a branch and its worktree");
-            console.error("  pr <name>        Create a PRD item to open a PR for a branch");
+            console.error("  pr <name>        Create a pull request for a branch using gh CLI");
             process.exit(1);
     }
 }

package/dist/commands/chat.js

@@ -6,6 +6,7 @@ import { existsSync, readFileSync, writeFileSync, watch } from "fs";
 import { join, basename, extname } from "path";
 import { execSync, spawn } from "child_process";
 import YAML from "yaml";
+import { robustYamlParse } from "../utils/prd-validator.js";
 import { loadConfig, getRalphDir, isRunningInContainer, getPrdFiles, loadBranchState, getProjectName as getConfigProjectName } from "../utils/config.js";
 import { createTelegramClient } from "../providers/telegram.js";
 import { createSlackClient } from "../providers/slack.js";
@@ -62,7 +63,7 @@ function parsePrdContent(filePath, content) {
     try {
         let parsed;
         if (ext === ".yaml" || ext === ".yml") {
-            parsed = YAML.parse(content);
+            parsed = robustYamlParse(content);
         }
         else {
             parsed = JSON.parse(content);
@@ -253,7 +254,7 @@ async function handleBranchList(chatId, client, state) {
     await client.sendMessage(chatId, lines.join("\n"));
 }
 /**
- * Handle /branch pr <name> — add a PRD item to create a pull request.
+ * Handle /branch pr <name> — create a pull request using gh CLI on the host.
  */
 async function handleBranchPr(args, chatId, client, state) {
     const branchName = args[0];
@@ -264,42 +265,101 @@ async function handleBranchPr(args, chatId, client, state) {
         await client.sendMessage(chatId, `${state.projectName}: Usage: ${usage}`);
         return;
     }
+    // Pre-flight: verify gh is installed
+    try {
+        execSync("gh --version", { stdio: "pipe" });
+    }
+    catch {
+        await client.sendMessage(chatId, `${state.projectName}: Error: 'gh' CLI is not installed.`);
+        return;
+    }
+    // Pre-flight: verify gh is authenticated
+    try {
+        execSync("gh auth status", { stdio: "pipe" });
+    }
+    catch {
+        await client.sendMessage(chatId, `${state.projectName}: Error: Not authenticated with GitHub. Run 'gh auth login' on the host.`);
+        return;
+    }
     if (!branchExists(branchName)) {
         await client.sendMessage(chatId, `${state.projectName}: Branch "${branchName}" does not exist.`);
         return;
     }
+    // Verify a git remote exists
+    let remote;
+    try {
+        remote = execSync("git remote", { encoding: "utf-8", cwd: process.cwd() }).trim().split("\n")[0];
+        if (!remote)
+            throw new Error("no remote");
+    }
+    catch {
+        await client.sendMessage(chatId, `${state.projectName}: Error: No git remote configured.`);
+        return;
+    }
     const baseBranch = getBaseBranch();
+    const cwd = process.cwd();
+    // Auto-push: if branch has no upstream tracking, push it
+    try {
+        execSync(`git rev-parse --abbrev-ref "${branchName}@{upstream}"`, { stdio: "pipe", cwd });
+    }
+    catch {
+        try {
+            execSync(`git push -u "${remote}" "${branchName}"`, { stdio: "pipe", cwd });
+        }
+        catch {
+            await client.sendMessage(chatId, `${state.projectName}: Error: Failed to push "${branchName}" to ${remote}.`);
+            return;
+        }
+    }
+    // Build PR body
+    const bodyParts = [];
+    // PRD Items section
     const prdFiles = getPrdFiles();
-    if (prdFiles.none || !prdFiles.primary) {
-        await client.sendMessage(chatId, `${state.projectName}: No PRD file found.`);
-        return;
+    if (!prdFiles.none && prdFiles.primary) {
+        const content = readFileSync(prdFiles.primary, "utf-8");
+        const items = parsePrdContent(prdFiles.primary, content);
+        if (Array.isArray(items)) {
+            const branchItems = items.filter((e) => e.branch === branchName);
+            if (branchItems.length > 0) {
+                bodyParts.push("## PRD Items\n");
+                for (const item of branchItems) {
+                    const check = item.passes ? "x" : " ";
+                    bodyParts.push(`- [${check}] ${item.description}`);
+                }
+                bodyParts.push("");
+            }
+        }
     }
-    const content = readFileSync(prdFiles.primary, "utf-8");
-    const items = parsePrdContent(prdFiles.primary, content);
-    if (!Array.isArray(items)) {
-        await client.sendMessage(chatId, `${state.projectName}: Failed to parse PRD file.`);
-        return;
+    // Commits section
+    try {
+        const log = execSync(`git log "${baseBranch}..${branchName}" --oneline --no-decorate`, {
+            encoding: "utf-8",
+            cwd,
+        }).trim();
+        if (log) {
+            bodyParts.push("## Commits\n");
+            bodyParts.push(log);
+            bodyParts.push("");
+        }
     }
-    items.push({
-        category: "feature",
-        description: `Create a pull request from \`${branchName}\` into \`${baseBranch}\``,
-        steps: [
-            `Ensure all changes on \`${branchName}\` are committed`,
-            `Push \`${branchName}\` to the remote if not already pushed`,
-            `Create a pull request from \`${branchName}\` into \`${baseBranch}\` using the appropriate tool (e.g. gh pr create)`,
-            "Include a descriptive title and summary of the changes in the PR",
-        ],
-        passes: false,
-        branch: branchName,
-    });
-    const ext = extname(prdFiles.primary).toLowerCase();
-    if (ext === ".yaml" || ext === ".yml") {
-        writeFileSync(prdFiles.primary, YAML.stringify(items));
+    catch {
+        // No commits or branch comparison failed — skip
     }
-    else {
-        writeFileSync(prdFiles.primary, JSON.stringify(items, null, 2) + "\n");
+    const prBody = bodyParts.join("\n");
+    const prTitle = branchName;
+    // Create the PR
+    try {
+        const prUrl = execSync(`gh pr create --base "${baseBranch}" --head "${branchName}" --title "${prTitle.replace(/"/g, '\\"')}" --body-file -`, {
+            encoding: "utf-8",
+            input: prBody,
+            cwd,
+        }).trim();
+        await client.sendMessage(chatId, `${state.projectName}: PR created: ${prUrl}`);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        await client.sendMessage(chatId, `${state.projectName}: Failed to create PR: ${message}`);
     }
-    await client.sendMessage(chatId, `${state.projectName}: Added PRD entry: Create PR for ${branchName} -> ${baseBranch}`);
 }
 /**
  * Handle /branch merge <name> — merge branch into base branch.
@@ -731,11 +791,11 @@ async function handleCommand(command, client, config, state, debug) {
                 default: {
                     const usage = client.provider === "slack"
                         ? `/ralph branch list - List branches
-/ralph branch pr <name> - Add PRD item to create PR
+/ralph branch pr <name> - Create a GitHub PR
 /ralph branch merge <name> - Merge branch into base
 /ralph branch delete <name> - Delete branch and worktree`
                         : `/branch list - List branches
-/branch pr <name> - Add PRD item to create PR
+/branch pr <name> - Create a GitHub PR
 /branch merge <name> - Merge branch into base
 /branch delete <name> - Delete branch and worktree`;
                     await client.sendMessage(chatId, `${state.projectName}: ${usage}`);

package/dist/commands/docker.js

@@ -544,6 +544,116 @@ function generateSkillFile(skill) {
     lines.push("---", "", skill.instructions, "");
     return lines.join("\n");
 }
+// Generate dangerous_patterns.txt content
+// Each line is a grep-compatible pattern that will be matched against Bash commands.
+// Lines starting with # are comments. Empty lines are ignored.
+function generateDangerousPatterns() {
+    return `# Dangerous command patterns for Claude Code hooks
+# Each line is a grep -E pattern matched against Bash commands.
+# Lines starting with # are comments. Empty lines are ignored.
+# Add your own patterns below to extend the blocklist.
+
+# Destructive git operations
+git clean -fd
+git checkout \\.
+git reset --hard
+git push.*--force
+git push.*-f
+git branch -D
+
+# Destructive file operations
+rm -rf /
+rm -rf \\*
+rm -rf \\.
+mkfs\\.
+dd if=.*of=/dev/
+
+# Database destruction
+DROP TABLE
+DROP DATABASE
+TRUNCATE TABLE
+
+# System-level destructive commands
+:(){ :|:& };:
+chmod -R 777 /
+chown -R.*:/
+`;
+}
+// Generate block-dangerous-commands.sh hook script
+function generateBlockDangerousCommandsHook() {
+    return `#!/bin/bash
+# Claude Code PreToolUse hook: blocks dangerous Bash commands
+# Generated by ralph-cli
+#
+# This script reads dangerous patterns from dangerous_patterns.txt
+# and blocks any Bash command that matches a pattern.
+
+set -e
+
+# Read the command from hook JSON input on stdin
+INPUT=$(cat)
+COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty')
+
+if [ -z "$COMMAND" ]; then
+  exit 0
+fi
+
+# Locate the dangerous_patterns.txt file next to this script
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+PATTERNS_FILE="$SCRIPT_DIR/dangerous_patterns.txt"
+
+if [ ! -f "$PATTERNS_FILE" ]; then
+  exit 0
+fi
+
+# Build grep pattern from file (skip comments and empty lines)
+PATTERNS=$(grep -v '^#' "$PATTERNS_FILE" | grep -v '^$' || true)
+
+if [ -z "$PATTERNS" ]; then
+  exit 0
+fi
+
+# Check if command matches any dangerous pattern
+MATCHED_PATTERN=$(echo "$PATTERNS" | while IFS= read -r pattern; do
+  if echo "$COMMAND" | grep -qE "$pattern"; then
+    echo "$pattern"
+    break
+  fi
+done)
+
+if [ -n "$MATCHED_PATTERN" ]; then
+  # Output JSON to deny the command
+  jq -n --arg reason "Blocked by safety hook: command matches dangerous pattern ($MATCHED_PATTERN)" '{
+    hookSpecificOutput: {
+      hookEventName: "PreToolUse",
+      permissionDecision: "deny",
+      permissionDecisionReason: $reason
+    }
+  }'
+else
+  exit 0
+fi
+`;
+}
+// Generate .claude/settings.json with hooks configuration
+function generateClaudeSettings() {
+    const settings = {
+        hooks: {
+            PreToolUse: [
+                {
+                    matcher: "Bash",
+                    hooks: [
+                        {
+                            type: "command",
+                            command: "\"$CLAUDE_PROJECT_DIR\"/.claude/hooks/block-dangerous-commands.sh",
+                        },
+                    ],
+                },
+            ],
+        },
+    };
+    return JSON.stringify(settings, null, 2) + "\n";
+}
 async function generateFiles(ralphDir, language, imageName, force = false, javaVersion, cliProvider, dockerConfig, claudeConfig) {
     const dockerDir = join(ralphDir, DOCKER_DIR);
     // Create docker directory
@@ -622,6 +732,62 @@ async function generateFiles(ralphDir, language, imageName, force = false, javaV
             console.log(`Created .claude/commands/${skill.name}.md`);
         }
     }
+    // Generate Claude Hooks for blocking dangerous commands
+    const hooksDir = join(projectRoot, ".claude", "hooks");
+    if (!existsSync(hooksDir)) {
+        mkdirSync(hooksDir, { recursive: true });
+        console.log("Created .claude/hooks/");
+    }
+    // Generate dangerous_patterns.txt (extendable list of blocked command patterns)
+    const patternsPath = join(hooksDir, "dangerous_patterns.txt");
+    if (existsSync(patternsPath) && !force) {
+        const overwrite = await promptConfirm(".claude/hooks/dangerous_patterns.txt already exists. Overwrite?");
+        if (overwrite) {
+            writeFileSync(patternsPath, generateDangerousPatterns());
+            console.log("Created .claude/hooks/dangerous_patterns.txt");
+        }
+        else {
+            console.log("Skipped .claude/hooks/dangerous_patterns.txt");
+        }
+    }
+    else {
+        writeFileSync(patternsPath, generateDangerousPatterns());
+        console.log("Created .claude/hooks/dangerous_patterns.txt");
+    }
+    // Generate block-dangerous-commands.sh hook script
+    const hookScriptPath = join(hooksDir, "block-dangerous-commands.sh");
+    if (existsSync(hookScriptPath) && !force) {
+        const overwrite = await promptConfirm(".claude/hooks/block-dangerous-commands.sh already exists. Overwrite?");
+        if (overwrite) {
+            writeFileSync(hookScriptPath, generateBlockDangerousCommandsHook());
+            chmodSync(hookScriptPath, 0o755);
+            console.log("Created .claude/hooks/block-dangerous-commands.sh");
+        }
+        else {
+            console.log("Skipped .claude/hooks/block-dangerous-commands.sh");
+        }
+    }
+    else {
+        writeFileSync(hookScriptPath, generateBlockDangerousCommandsHook());
+        chmodSync(hookScriptPath, 0o755);
+        console.log("Created .claude/hooks/block-dangerous-commands.sh");
+    }
+    // Generate .claude/settings.json with hooks configuration
+    const settingsPath = join(projectRoot, ".claude", "settings.json");
+    if (existsSync(settingsPath) && !force) {
+        const overwrite = await promptConfirm(".claude/settings.json already exists. Overwrite?");
+        if (overwrite) {
+            writeFileSync(settingsPath, generateClaudeSettings());
+            console.log("Created .claude/settings.json");
+        }
+        else {
+            console.log("Skipped .claude/settings.json");
+        }
+    }
+    else {
+        writeFileSync(settingsPath, generateClaudeSettings());
+        console.log("Created .claude/settings.json");
+    }
     // Save config hash for change detection
     const configForHash = {
         language,
@@ -1122,6 +1288,12 @@ FILES GENERATED:
   ├── docker-compose.yml    Container orchestration
   └── .dockerignore         Build exclusions
 
+  .claude/
+  ├── settings.json         Hooks configuration
+  └── hooks/
+      ├── block-dangerous-commands.sh  PreToolUse hook script
+      └── dangerous_patterns.txt       Extendable blocklist of patterns
+
 AUTHENTICATION:
   Pro/Max users: Your ~/.claude credentials are mounted automatically.
   API key users: Uncomment ANTHROPIC_API_KEY in docker-compose.yml.

package/dist/commands/fix-prd.js

@@ -2,7 +2,7 @@ import { existsSync, readFileSync, copyFileSync } from "fs";
 import { join, isAbsolute, extname } from "path";
 import { getPaths, getRalphDir, getPrdFiles } from "../utils/config.js";
 import { validatePrd, attemptRecovery, createBackup, findLatestBackup, createTemplatePrd, readPrdFile, writePrdAuto, } from "../utils/prd-validator.js";
-import YAML from "yaml";
+import { robustYamlParse } from "../utils/prd-validator.js";
 /**
  * Resolves a backup path - can be absolute, relative, or just a filename.
  */
@@ -25,7 +25,7 @@ function resolveBackupPath(backupArg) {
 function parseBackupContent(backupPath, content) {
     const ext = extname(backupPath).toLowerCase();
     if (ext === ".yaml" || ext === ".yml") {
-        return YAML.parse(content);
+        return robustYamlParse(content);
     }
     return JSON.parse(content);
 }