safeword 0.12.1 → 0.13.0

package/dist/{setup-C6NF3YJ5.js → setup-4PQV6EV2.js}

@@ -6,9 +6,10 @@ import {
 import {
   SAFEWORD_SCHEMA,
   createProjectContext,
+  installDependencies,
   isGitRepo,
   reconcile
-} from "./chunk-O4LAXZK3.js";
+} from "./chunk-XLOXGDJG.js";
 import {
   VERSION
 } from "./chunk-ORQHKDT2.js";
@@ -24,7 +25,6 @@ import {
 } from "./chunk-DYLHQBW3.js";
 
 // src/commands/setup.ts
-import { execSync } from "child_process";
 import nodePath from "path";
 function ensurePackageJson(cwd) {
   const packageJsonPath = nodePath.join(cwd, "package.json");
@@ -34,19 +34,6 @@ function ensurePackageJson(cwd) {
   writeJson(packageJsonPath, defaultPackageJson);
   return true;
 }
-function installDependencies(cwd, packages) {
-  if (packages.length === 0) return;
-  info("\nInstalling linting dependencies...");
-  const installCmd = `npm install -D ${packages.join(" ")}`;
-  info(`Running: ${installCmd}`);
-  try {
-    execSync(installCmd, { cwd, stdio: "inherit" });
-    success("Installed linting dependencies");
-  } catch {
-    warn("Failed to install dependencies. Run manually:");
-    listItem(installCmd);
-  }
-}
 function printSetupSummary(result, packageJsonCreated, archFiles = []) {
   header("Setup Complete");
   const allCreated = [...result.created, ...archFiles];
@@ -98,7 +85,7 @@ async function setup(options) {
 Architecture detected: ${detected.join("; ")}`);
       info("Generated dependency-cruiser config for /audit command");
     }
-    installDependencies(cwd, result.packagesToInstall);
+    installDependencies(cwd, result.packagesToInstall, "linting dependencies");
     if (!isGitRepo(cwd)) {
       const isNonInteractive = options.yes || !process.stdin.isTTY;
       warn(
@@ -116,4 +103,4 @@ Architecture detected: ${detected.join("; ")}`);
 export {
   setup
 };
-//# sourceMappingURL=setup-C6NF3YJ5.js.map
+//# sourceMappingURL=setup-4PQV6EV2.js.map

package/dist/setup-4PQV6EV2.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/commands/setup.ts"],"sourcesContent":["/**\n * Setup command - Initialize safeword in a project\n *\n * Uses reconcile() with mode='install' to create all managed files.\n */\n\nimport nodePath from 'node:path';\n\nimport { reconcile, type ReconcileResult } from '../reconcile.js';\nimport { SAFEWORD_SCHEMA } from '../schema.js';\nimport { createProjectContext } from '../utils/context.js';\nimport { exists, writeJson } from '../utils/fs.js';\nimport { isGitRepo } from '../utils/git.js';\nimport { installDependencies } from '../utils/install.js';\nimport { error, header, info, listItem, success, warn } from '../utils/output.js';\nimport { VERSION } from '../version.js';\nimport { buildArchitecture, hasArchitectureDetected, syncConfigCore } from './sync-config.js';\n\nexport interface SetupOptions {\n  yes?: boolean;\n}\n\ninterface PackageJson {\n  name?: string;\n  version?: string;\n  scripts?: Record<string, string>;\n  dependencies?: Record<string, string>;\n  devDependencies?: Record<string, string>;\n  'lint-staged'?: Record<string, string[]>;\n}\n\nfunction ensurePackageJson(cwd: string): boolean {\n  const packageJsonPath = nodePath.join(cwd, 'package.json');\n  if (exists(packageJsonPath)) return false;\n\n  const dirName = nodePath.basename(cwd) || 'project';\n  const defaultPackageJson: PackageJson = { name: dirName, version: '0.1.0', scripts: {} };\n  writeJson(packageJsonPath, defaultPackageJson);\n  return true;\n}\n\nfunction printSetupSummary(\n  result: ReconcileResult,\n  packageJsonCreated: boolean,\n  archFiles: string[] = [],\n): void {\n  header('Setup Complete');\n\n  const allCreated = [...result.created, ...archFiles];\n  if (allCreated.length > 0 || packageJsonCreated) {\n    info('\\nCreated:');\n    if (packageJsonCreated) listItem('package.json');\n    for (const file of allCreated) listItem(file);\n  }\n\n  if (result.updated.length > 0) {\n    info('\\nModified:');\n    for (const file of result.updated) listItem(file);\n  }\n\n  info('\\nNext steps:');\n  listItem('Run `safeword check` to verify setup');\n  listItem('Commit the new files to git');\n\n  success(`\\nSafeword ${VERSION} installed successfully!`);\n}\n\nexport async function setup(options: SetupOptions): Promise<void> {\n  const cwd = process.cwd();\n  const safewordDirectory = nodePath.join(cwd, '.safeword');\n\n  if (exists(safewordDirectory)) {\n    error('Already configured. Run `safeword upgrade` to update.');\n    process.exit(1);\n  }\n\n  const packageJsonCreated = ensurePackageJson(cwd);\n\n  header('Safeword Setup');\n  info(`Version: ${VERSION}`);\n  if (packageJsonCreated) info('Created package.json (none found)');\n\n  try {\n    info('\\nCreating safeword configuration...');\n    const ctx = createProjectContext(cwd);\n    const result = await reconcile(SAFEWORD_SCHEMA, 'install', ctx);\n    success('Created .safeword directory and configuration');\n\n    // Detect architecture and workspaces, generate depcruise configs if found\n    const arch = buildArchitecture(cwd);\n    const archFiles: string[] = [];\n\n    if (hasArchitectureDetected(arch)) {\n      const syncResult = syncConfigCore(cwd, arch);\n      if (syncResult.generatedConfig) archFiles.push('.safeword/depcruise-config.js');\n      if (syncResult.createdMainConfig) archFiles.push('.dependency-cruiser.js');\n\n      const detected: string[] = [];\n      if (arch.elements.length > 0) {\n        detected.push(arch.elements.map(element => element.location).join(', '));\n      }\n      if (arch.workspaces && arch.workspaces.length > 0) {\n        detected.push(`workspaces: ${arch.workspaces.join(', ')}`);\n      }\n      info(`\\nArchitecture detected: ${detected.join('; ')}`);\n      info('Generated dependency-cruiser config for /audit command');\n    }\n\n    installDependencies(cwd, result.packagesToInstall, 'linting dependencies');\n\n    if (!isGitRepo(cwd)) {\n      const isNonInteractive = options.yes || !process.stdin.isTTY;\n      warn(\n        isNonInteractive\n          ? 'Skipped Husky setup (no git repository)'\n          : 'Skipped Husky setup (no .git directory)',\n      );\n      if (!isNonInteractive)\n        info('Initialize git and run safeword upgrade to enable pre-commit hooks');\n    }\n\n    printSetupSummary(result, packageJsonCreated, archFiles);\n  } catch (error_) {\n    error(`Setup failed: ${error_ instanceof Error ? error_.message : 'Unknown error'}`);\n    process.exit(1);\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA,OAAO,cAAc;AAyBrB,SAAS,kBAAkB,KAAsB;AAC/C,QAAM,kBAAkB,SAAS,KAAK,KAAK,cAAc;AACzD,MAAI,OAAO,eAAe,EAAG,QAAO;AAEpC,QAAM,UAAU,SAAS,SAAS,GAAG,KAAK;AAC1C,QAAM,qBAAkC,EAAE,MAAM,SAAS,SAAS,SAAS,SAAS,CAAC,EAAE;AACvF,YAAU,iBAAiB,kBAAkB;AAC7C,SAAO;AACT;AAEA,SAAS,kBACP,QACA,oBACA,YAAsB,CAAC,GACjB;AACN,SAAO,gBAAgB;AAEvB,QAAM,aAAa,CAAC,GAAG,OAAO,SAAS,GAAG,SAAS;AACnD,MAAI,WAAW,SAAS,KAAK,oBAAoB;AAC/C,SAAK,YAAY;AACjB,QAAI,mBAAoB,UAAS,cAAc;AAC/C,eAAW,QAAQ,WAAY,UAAS,IAAI;AAAA,EAC9C;AAEA,MAAI,OAAO,QAAQ,SAAS,GAAG;AAC7B,SAAK,aAAa;AAClB,eAAW,QAAQ,OAAO,QAAS,UAAS,IAAI;AAAA,EAClD;AAEA,OAAK,eAAe;AACpB,WAAS,sCAAsC;AAC/C,WAAS,6BAA6B;AAEtC,UAAQ;AAAA,WAAc,OAAO,0BAA0B;AACzD;AAEA,eAAsB,MAAM,SAAsC;AAChE,QAAM,MAAM,QAAQ,IAAI;AACxB,QAAM,oBAAoB,SAAS,KAAK,KAAK,WAAW;AAExD,MAAI,OAAO,iBAAiB,GAAG;AAC7B,UAAM,uDAAuD;AAC7D,YAAQ,KAAK,CAAC;AAAA,EAChB;AAEA,QAAM,qBAAqB,kBAAkB,GAAG;AAEhD,SAAO,gBAAgB;AACvB,OAAK,YAAY,OAAO,EAAE;AAC1B,MAAI,mBAAoB,MAAK,mCAAmC;AAEhE,MAAI;AACF,SAAK,sCAAsC;AAC3C,UAAM,MAAM,qBAAqB,GAAG;AACpC,UAAM,SAAS,MAAM,UAAU,iBAAiB,WAAW,GAAG;AAC9D,YAAQ,+CAA+C;AAGvD,UAAM,OAAO,kBAAkB,GAAG;AAClC,UAAM,YAAsB,CAAC;AAE7B,QAAI,wBAAwB,IAAI,GAAG;AACjC,YAAM,aAAa,eAAe,KAAK,IAAI;AAC3C,UAAI,WAAW,gBAAiB,WAAU,KAAK,+BAA+B;AAC9E,UAAI,WAAW,kBAAmB,WAAU,KAAK,wBAAwB;AAEzE,YAAM,WAAqB,CAAC;AAC5B,UAAI,KAAK,SAAS,SAAS,GAAG;AAC5B,iBAAS,KAAK,KAAK,SAAS,IAAI,aAAW,QAAQ,QAAQ,EAAE,KAAK,IAAI,CAAC;AAAA,MACzE;AACA,UAAI,KAAK,cAAc,KAAK,WAAW,SAAS,GAAG;AACjD,iBAAS,KAAK,eAAe,KAAK,WAAW,KAAK,IAAI,CAAC,EAAE;AAAA,MAC3D;AACA,WAAK;AAAA,yBAA4B,SAAS,KAAK,IAAI,CAAC,EAAE;AACtD,WAAK,wDAAwD;AAAA,IAC/D;AAEA,wBAAoB,KAAK,OAAO,mBAAmB,sBAAsB;AAEzE,QAAI,CAAC,UAAU,GAAG,GAAG;AACnB,YAAM,mBAAmB,QAAQ,OAAO,CAAC,QAAQ,MAAM;AACvD;AAAA,QACE,mBACI,4CACA;AAAA,MACN;AACA,UAAI,CAAC;AACH,aAAK,oEAAoE;AAAA,IAC7E;AAEA,sBAAkB,QAAQ,oBAAoB,SAAS;AAAA,EACzD,SAAS,QAAQ;AACf,UAAM,iBAAiB,kBAAkB,QAAQ,OAAO,UAAU,eAAe,EAAE;AACnF,YAAQ,KAAK,CAAC;AAAA,EAChB;AACF;","names":[]}

package/dist/{upgrade-C2I22FAB.js → upgrade-BIMRJENC.js}

@@ -4,8 +4,10 @@ import {
 import {
   SAFEWORD_SCHEMA,
   createProjectContext,
+  detectPackageManager,
+  installDependencies,
   reconcile
-} from "./chunk-O4LAXZK3.js";
+} from "./chunk-XLOXGDJG.js";
 import {
   VERSION
 } from "./chunk-ORQHKDT2.js";
@@ -26,7 +28,7 @@ function getProjectVersion(safewordDirectory) {
   const versionPath = nodePath.join(safewordDirectory, "version");
   return readFileSafe(versionPath)?.trim() ?? "0.0.0";
 }
-function printUpgradeSummary(result, projectVersion) {
+function printUpgradeSummary(result, projectVersion, cwd) {
   header("Upgrade Complete");
   info(`
 Version: v${projectVersion} \u2192 v${VERSION}`);
@@ -39,13 +41,15 @@ Version: v${projectVersion} \u2192 v${VERSION}`);
     for (const file of result.updated) listItem(file);
   }
   if (result.packagesToRemove.length > 0) {
+    const pm = detectPackageManager(cwd);
+    const uninstallCmd = pm === "yarn" ? "yarn remove" : `${pm} uninstall`;
     warn(
       `
 ${result.packagesToRemove.length} package(s) are now bundled in eslint-plugin-safeword:`
     );
     for (const pkg of result.packagesToRemove) listItem(pkg);
     info("\nIf you don't use these elsewhere, you can remove them:");
-    listItem(`npm uninstall ${result.packagesToRemove.join(" ")}`);
+    listItem(`${uninstallCmd} ${result.packagesToRemove.join(" ")}`);
   }
   success(`
 Safeword upgraded to v${VERSION}`);
@@ -59,8 +63,9 @@ async function upgrade() {
   }
   const projectVersion = getProjectVersion(safewordDirectory);
   if (compareVersions(VERSION, projectVersion) < 0) {
+    const pm = detectPackageManager(cwd);
     error(`CLI v${VERSION} is older than project v${projectVersion}.`);
-    error("Update the CLI first: npm install -g safeword");
+    error(`Update the CLI first: ${pm} install -g safeword`);
     process.exit(1);
   }
   header("Safeword Upgrade");
@@ -68,7 +73,8 @@ async function upgrade() {
   try {
     const ctx = createProjectContext(cwd);
     const result = await reconcile(SAFEWORD_SCHEMA, "upgrade", ctx);
-    printUpgradeSummary(result, projectVersion);
+    installDependencies(cwd, result.packagesToInstall, "missing packages");
+    printUpgradeSummary(result, projectVersion, cwd);
   } catch (error_) {
     error(`Upgrade failed: ${error_ instanceof Error ? error_.message : "Unknown error"}`);
     process.exit(1);
@@ -77,4 +83,4 @@ async function upgrade() {
 export {
   upgrade
 };
-//# sourceMappingURL=upgrade-C2I22FAB.js.map
+//# sourceMappingURL=upgrade-BIMRJENC.js.map

package/dist/upgrade-BIMRJENC.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/commands/upgrade.ts"],"sourcesContent":["/**\n * Upgrade command - Update safeword configuration to latest version\n *\n * Uses reconcile() with mode='upgrade' to update all managed files.\n */\n\nimport nodePath from 'node:path';\n\nimport { reconcile, type ReconcileResult } from '../reconcile.js';\nimport { SAFEWORD_SCHEMA } from '../schema.js';\nimport { createProjectContext } from '../utils/context.js';\nimport { exists, readFileSafe } from '../utils/fs.js';\nimport { detectPackageManager, installDependencies } from '../utils/install.js';\nimport { error, header, info, listItem, success, warn } from '../utils/output.js';\nimport { compareVersions } from '../utils/version.js';\nimport { VERSION } from '../version.js';\n\nfunction getProjectVersion(safewordDirectory: string): string {\n  const versionPath = nodePath.join(safewordDirectory, 'version');\n  return readFileSafe(versionPath)?.trim() ?? '0.0.0';\n}\n\nfunction printUpgradeSummary(result: ReconcileResult, projectVersion: string, cwd: string): void {\n  header('Upgrade Complete');\n  info(`\\nVersion: v${projectVersion} → v${VERSION}`);\n\n  if (result.created.length > 0) {\n    info('\\nCreated:');\n    for (const file of result.created) listItem(file);\n  }\n\n  if (result.updated.length > 0) {\n    info('\\nUpdated:');\n    for (const file of result.updated) listItem(file);\n  }\n\n  if (result.packagesToRemove.length > 0) {\n    const pm = detectPackageManager(cwd);\n    const uninstallCmd = pm === 'yarn' ? 'yarn remove' : `${pm} uninstall`;\n    warn(\n      `\\n${result.packagesToRemove.length} package(s) are now bundled in eslint-plugin-safeword:`,\n    );\n    for (const pkg of result.packagesToRemove) listItem(pkg);\n    info(\"\\nIf you don't use these elsewhere, you can remove them:\");\n    listItem(`${uninstallCmd} ${result.packagesToRemove.join(' ')}`);\n  }\n\n  success(`\\nSafeword upgraded to v${VERSION}`);\n}\n\nexport async function upgrade(): Promise<void> {\n  const cwd = process.cwd();\n  const safewordDirectory = nodePath.join(cwd, '.safeword');\n\n  if (!exists(safewordDirectory)) {\n    error('Not configured. Run `safeword setup` first.');\n    process.exit(1);\n  }\n\n  const projectVersion = getProjectVersion(safewordDirectory);\n\n  if (compareVersions(VERSION, projectVersion) < 0) {\n    const pm = detectPackageManager(cwd);\n    error(`CLI v${VERSION} is older than project v${projectVersion}.`);\n    error(`Update the CLI first: ${pm} install -g safeword`);\n    process.exit(1);\n  }\n\n  header('Safeword Upgrade');\n  info(`Upgrading from v${projectVersion} to v${VERSION}`);\n\n  try {\n    const ctx = createProjectContext(cwd);\n    const result = await reconcile(SAFEWORD_SCHEMA, 'upgrade', ctx);\n    installDependencies(cwd, result.packagesToInstall, 'missing packages');\n    printUpgradeSummary(result, projectVersion, cwd);\n  } catch (error_) {\n    error(`Upgrade failed: ${error_ instanceof Error ? error_.message : 'Unknown error'}`);\n    process.exit(1);\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAMA,OAAO,cAAc;AAWrB,SAAS,kBAAkB,mBAAmC;AAC5D,QAAM,cAAc,SAAS,KAAK,mBAAmB,SAAS;AAC9D,SAAO,aAAa,WAAW,GAAG,KAAK,KAAK;AAC9C;AAEA,SAAS,oBAAoB,QAAyB,gBAAwB,KAAmB;AAC/F,SAAO,kBAAkB;AACzB,OAAK;AAAA,YAAe,cAAc,YAAO,OAAO,EAAE;AAElD,MAAI,OAAO,QAAQ,SAAS,GAAG;AAC7B,SAAK,YAAY;AACjB,eAAW,QAAQ,OAAO,QAAS,UAAS,IAAI;AAAA,EAClD;AAEA,MAAI,OAAO,QAAQ,SAAS,GAAG;AAC7B,SAAK,YAAY;AACjB,eAAW,QAAQ,OAAO,QAAS,UAAS,IAAI;AAAA,EAClD;AAEA,MAAI,OAAO,iBAAiB,SAAS,GAAG;AACtC,UAAM,KAAK,qBAAqB,GAAG;AACnC,UAAM,eAAe,OAAO,SAAS,gBAAgB,GAAG,EAAE;AAC1D;AAAA,MACE;AAAA,EAAK,OAAO,iBAAiB,MAAM;AAAA,IACrC;AACA,eAAW,OAAO,OAAO,iBAAkB,UAAS,GAAG;AACvD,SAAK,0DAA0D;AAC/D,aAAS,GAAG,YAAY,IAAI,OAAO,iBAAiB,KAAK,GAAG,CAAC,EAAE;AAAA,EACjE;AAEA,UAAQ;AAAA,wBAA2B,OAAO,EAAE;AAC9C;AAEA,eAAsB,UAAyB;AAC7C,QAAM,MAAM,QAAQ,IAAI;AACxB,QAAM,oBAAoB,SAAS,KAAK,KAAK,WAAW;AAExD,MAAI,CAAC,OAAO,iBAAiB,GAAG;AAC9B,UAAM,6CAA6C;AACnD,YAAQ,KAAK,CAAC;AAAA,EAChB;AAEA,QAAM,iBAAiB,kBAAkB,iBAAiB;AAE1D,MAAI,gBAAgB,SAAS,cAAc,IAAI,GAAG;AAChD,UAAM,KAAK,qBAAqB,GAAG;AACnC,UAAM,QAAQ,OAAO,2BAA2B,cAAc,GAAG;AACjE,UAAM,yBAAyB,EAAE,sBAAsB;AACvD,YAAQ,KAAK,CAAC;AAAA,EAChB;AAEA,SAAO,kBAAkB;AACzB,OAAK,mBAAmB,cAAc,QAAQ,OAAO,EAAE;AAEvD,MAAI;AACF,UAAM,MAAM,qBAAqB,GAAG;AACpC,UAAM,SAAS,MAAM,UAAU,iBAAiB,WAAW,GAAG;AAC9D,wBAAoB,KAAK,OAAO,mBAAmB,kBAAkB;AACrE,wBAAoB,QAAQ,gBAAgB,GAAG;AAAA,EACjD,SAAS,QAAQ;AACf,UAAM,mBAAmB,kBAAkB,QAAQ,OAAO,UAAU,eAAe,EAAE;AACrF,YAAQ,KAAK,CAAC;AAAA,EAChB;AACF;","names":[]}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "safeword",
-  "version": "0.12.1",
+  "version": "0.13.0",
   "description": "CLI for setting up and managing safeword development environments",
   "type": "module",
   "bin": {
@@ -29,11 +29,11 @@
     "typecheck": "tsc --noEmit",
     "lint": "eslint src tests",
     "clean": "rm -rf dist",
-    "prepublishOnly": "bun run build && bun run test"
+    "prepublishOnly": "node scripts/check-bun-publish.js && bun run build && bun run test"
   },
   "dependencies": {
     "commander": "^12.1.0",
-    "eslint-plugin-safeword": "workspace:^"
+    "eslint-plugin-safeword": "^0.5.3"
   },
   "devDependencies": {
     "@types/node": "^20.10.0",

package/templates/hooks/cursor/after-file-edit.ts

@@ -0,0 +1,47 @@
+#!/usr/bin/env bun
+// Safeword: Cursor adapter for afterFileEdit
+// Auto-lints changed files, sets marker for stop hook
+
+import { existsSync } from 'node:fs';
+
+import { lintFile } from '../lib/lint.ts';
+
+interface CursorInput {
+  workspace_roots?: string[];
+  file_path?: string;
+  conversation_id?: string;
+}
+
+// Read hook input from stdin
+let input: CursorInput;
+try {
+  input = await Bun.stdin.json();
+} catch (error) {
+  if (process.env.DEBUG) console.error('[cursor/after-file-edit] stdin parse error:', error);
+  process.exit(0);
+}
+
+const workspace = input.workspace_roots?.[0];
+const file = input.file_path;
+const convId = input.conversation_id ?? 'default';
+
+// Exit silently if no file or file doesn't exist
+if (!file || !(await Bun.file(file).exists())) {
+  process.exit(0);
+}
+
+// Change to workspace directory
+if (workspace) {
+  process.chdir(workspace);
+}
+
+// Check for .safeword directory
+if (!existsSync('.safeword')) {
+  process.exit(0);
+}
+
+// Set marker file for stop hook to know edits were made
+await Bun.write(`/tmp/safeword-cursor-edited-${convId}`, '');
+
+// Lint the file
+await lintFile(file, process.cwd());

package/templates/hooks/cursor/stop.ts

@@ -0,0 +1,73 @@
+#!/usr/bin/env bun
+// Safeword: Cursor adapter for stop hook
+// Checks for marker file from afterFileEdit to determine if files were modified
+// Uses followup_message to inject quality review prompt into conversation
+
+import { existsSync } from 'node:fs';
+import { unlink } from 'node:fs/promises';
+
+import { QUALITY_REVIEW_MESSAGE } from '../lib/quality.ts';
+
+interface CursorInput {
+  workspace_roots?: string[];
+  conversation_id?: string;
+  status?: string;
+  loop_count?: number;
+}
+
+interface StopOutput {
+  followup_message?: string;
+}
+
+// Read hook input from stdin
+let input: CursorInput;
+try {
+  input = await Bun.stdin.json();
+} catch (error) {
+  if (process.env.DEBUG) console.error('[cursor/stop] stdin parse error:', error);
+  console.log('{}');
+  process.exit(0);
+}
+
+const workspace = input.workspace_roots?.[0];
+
+// Change to workspace directory
+if (workspace) {
+  process.chdir(workspace);
+}
+
+// Check for .safeword directory
+if (!existsSync('.safeword')) {
+  console.log('{}');
+  process.exit(0);
+}
+
+// Check status - only proceed on completed (not aborted/error)
+if (input.status !== 'completed') {
+  console.log('{}');
+  process.exit(0);
+}
+
+// Get loop_count to prevent infinite review loops
+// When review is triggered, agent runs again with loop_count >= 1
+const loopCount = input.loop_count ?? 0;
+if (loopCount >= 1) {
+  console.log('{}');
+  process.exit(0);
+}
+
+// Check if any file edits occurred in this session by looking for marker file
+const convId = input.conversation_id ?? 'default';
+const markerFile = `/tmp/safeword-cursor-edited-${convId}`;
+
+if (await Bun.file(markerFile).exists()) {
+  // Clean up marker
+  await unlink(markerFile).catch(() => {});
+
+  const output: StopOutput = {
+    followup_message: QUALITY_REVIEW_MESSAGE,
+  };
+  console.log(JSON.stringify(output));
+} else {
+  console.log('{}');
+}

package/templates/hooks/lib/lint.ts

@@ -0,0 +1,49 @@
+// Shared linting logic for Claude Code and Cursor hooks
+// Used by: post-tool-lint.ts, cursor/after-file-edit.ts
+
+import { existsSync } from 'node:fs';
+
+import { $ } from 'bun';
+
+// File extensions for different linting strategies
+const JS_EXTENSIONS = new Set(['js', 'jsx', 'ts', 'tsx', 'mjs', 'mts', 'cjs', 'cts', 'vue', 'svelte', 'astro']);
+const PRETTIER_EXTENSIONS = new Set(['md', 'json', 'css', 'scss', 'html', 'yaml', 'yml', 'graphql']);
+
+/**
+ * Lint a file based on its extension.
+ * Runs ESLint + Prettier for JS/TS, Prettier only for other formats,
+ * and shellcheck + Prettier for shell scripts.
+ *
+ * @param file - Path to the file to lint
+ * @param projectDir - Project root directory (for finding prettier-plugin-sh)
+ */
+export async function lintFile(file: string, projectDir: string): Promise<void> {
+  const extension = file.split('.').pop()?.toLowerCase() ?? '';
+
+  // JS/TS and framework files - ESLint first (fix code), then Prettier (format)
+  if (JS_EXTENSIONS.has(extension)) {
+    const eslintResult = await $`npx eslint --fix ${file}`.nothrow().quiet();
+    if (eslintResult.exitCode !== 0 && eslintResult.stderr.length > 0) {
+      console.log(eslintResult.stderr.toString());
+    }
+    await $`npx prettier --write ${file}`.nothrow().quiet();
+    return;
+  }
+
+  // Other supported formats - prettier only
+  if (PRETTIER_EXTENSIONS.has(extension)) {
+    await $`npx prettier --write ${file}`.nothrow().quiet();
+    return;
+  }
+
+  // Shell scripts - shellcheck (if available), then Prettier (if plugin installed)
+  if (extension === 'sh') {
+    const shellcheckResult = await $`npx shellcheck ${file}`.nothrow().quiet();
+    if (shellcheckResult.exitCode !== 0 && shellcheckResult.stderr.length > 0) {
+      console.log(shellcheckResult.stderr.toString());
+    }
+    if (existsSync(`${projectDir}/node_modules/prettier-plugin-sh`)) {
+      await $`npx prettier --write ${file}`.nothrow().quiet();
+    }
+  }
+}

package/templates/hooks/lib/quality.ts

@@ -0,0 +1,30 @@
+// Shared quality review message for Claude Code and Cursor hooks
+// Used by: stop-quality.ts, cursor/stop.ts
+
+/**
+ * The quality review prompt shown when changes are made.
+ * Used by both Claude Code Stop hook and Cursor stop hook.
+ */
+export const QUALITY_REVIEW_MESSAGE = `SAFEWORD Quality Review:
+
+Double check and critique your work again just in case.
+Assume you've never seen it before.
+
+- Is it correct?
+- Is it elegant?
+- Does it follow latest docs/best practices?
+- Ask me any non-obvious questions.
+- Avoid bloat.
+- If you asked a question above that's still relevant after review, re-ask it.`;
+
+export const QUESTION_RESEARCH_MESSAGE = `SAFEWORD Research Prompt:
+
+Before asking this question, do your research and investigate.
+Explore and debate the options.
+
+- What's most correct?
+- What's most elegant?
+- What's most in line with latest docs and best practices?
+- Think hard and avoid bloat.
+
+Then re-ask your question with the context you've gathered.`;

package/templates/hooks/post-tool-lint.ts

@@ -0,0 +1,33 @@
+#!/usr/bin/env bun
+// Safeword: Auto-lint changed files (PostToolUse)
+// Silently auto-fixes, only outputs unfixable errors
+
+import { lintFile } from './lib/lint.ts';
+
+interface HookInput {
+  tool_input?: {
+    file_path?: string;
+    notebook_path?: string;
+  };
+}
+
+// Read hook input from stdin
+let input: HookInput;
+try {
+  input = await Bun.stdin.json();
+} catch (error) {
+  if (process.env.DEBUG) console.error('[post-tool-lint] stdin parse error:', error);
+  process.exit(0);
+}
+
+const file = input.tool_input?.file_path ?? input.tool_input?.notebook_path;
+
+// Exit silently if no file or file doesn't exist
+if (!file || !(await Bun.file(file).exists())) {
+  process.exit(0);
+}
+
+const projectDir = process.env.CLAUDE_PROJECT_DIR ?? process.cwd();
+process.chdir(projectDir);
+
+await lintFile(file, projectDir);

package/templates/hooks/prompt-questions.ts

@@ -0,0 +1,32 @@
+#!/usr/bin/env bun
+// Safeword: Question protocol guidance (UserPromptSubmit)
+// Reminds Claude to ask 1-5 clarifying questions for ambiguous tasks
+
+import { existsSync } from 'node:fs';
+
+const projectDir = process.env.CLAUDE_PROJECT_DIR ?? process.cwd();
+const safewordDir = `${projectDir}/.safeword`;
+
+// Not a safeword project, skip silently
+if (!existsSync(safewordDir)) {
+  process.exit(0);
+}
+
+// Read the user prompt from stdin
+let input: string;
+try {
+  input = await Bun.stdin.text();
+} catch (error) {
+  if (process.env.DEBUG) console.error('[prompt-questions] stdin read error:', error);
+  process.exit(0);
+}
+
+// Only trigger on substantial prompts (more than 20 chars)
+if (input.length < 20) {
+  process.exit(0);
+}
+
+console.log(`SAFEWORD Question Protocol: For ambiguous or complex requests, ask 1-5 clarifying questions before proceeding. Focus on:
+- Scope boundaries (what's included/excluded)
+- Technical constraints (frameworks, patterns, compatibility)
+- Success criteria (how will we know it's done)`);

package/templates/hooks/prompt-timestamp.ts

@@ -0,0 +1,30 @@
+#!/usr/bin/env bun
+// Safeword: Inject timestamp (UserPromptSubmit)
+// Outputs current timestamp for Claude's context awareness
+// Helps with accurate ticket timestamps and time-based reasoning
+
+const now = new Date();
+
+// Natural language day/time in UTC
+const natural = now.toLocaleDateString('en-US', {
+  weekday: 'long',
+  year: 'numeric',
+  month: 'long',
+  day: 'numeric',
+  hour: '2-digit',
+  minute: '2-digit',
+  timeZone: 'UTC',
+  timeZoneName: 'short',
+});
+
+// ISO 8601 UTC
+const iso = now.toISOString();
+
+// Local timezone
+const local = now.toLocaleTimeString('en-US', {
+  hour: '2-digit',
+  minute: '2-digit',
+  timeZoneName: 'short',
+});
+
+console.log(`Current time: ${natural} (${iso}) | Local: ${local}`);

package/templates/hooks/session-lint-check.ts

@@ -0,0 +1,62 @@
+#!/usr/bin/env bun
+// Safeword: Lint configuration sync check (SessionStart)
+// Warns if ESLint or Prettier configs are missing or out of sync
+
+import { existsSync } from 'node:fs';
+
+const projectDir = process.env.CLAUDE_PROJECT_DIR ?? process.cwd();
+const safewordDir = `${projectDir}/.safeword`;
+
+// Not a safeword project, skip silently
+if (!existsSync(safewordDir)) {
+  process.exit(0);
+}
+
+const warnings: string[] = [];
+
+// Check for ESLint config
+const eslintConfigs = [
+  'eslint.config.mjs',
+  'eslint.config.js',
+  '.eslintrc.json',
+  '.eslintrc.js',
+];
+const hasEslint = await Promise.all(
+  eslintConfigs.map(f => Bun.file(`${projectDir}/${f}`).exists()),
+);
+if (!hasEslint.some(Boolean)) {
+  warnings.push("ESLint config not found - run 'npm run lint' may fail");
+}
+
+// Check for Prettier config
+const prettierConfigs = ['.prettierrc', '.prettierrc.json', 'prettier.config.js'];
+const hasPrettier = await Promise.all(
+  prettierConfigs.map(f => Bun.file(`${projectDir}/${f}`).exists()),
+);
+if (!hasPrettier.some(Boolean)) {
+  warnings.push('Prettier config not found - formatting may be inconsistent');
+}
+
+// Check for required dependencies in package.json
+const pkgJsonFile = Bun.file(`${projectDir}/package.json`);
+if (await pkgJsonFile.exists()) {
+  try {
+    const pkgJson = await pkgJsonFile.text();
+    if (!pkgJson.includes('"eslint"')) {
+      warnings.push("ESLint not in package.json - run 'npm install -D eslint'");
+    }
+    if (!pkgJson.includes('"prettier"')) {
+      warnings.push("Prettier not in package.json - run 'npm install -D prettier'");
+    }
+  } catch (error) {
+    if (process.env.DEBUG) console.error('[session-lint-check] package.json parse error:', error);
+  }
+}
+
+// Output warnings if any
+if (warnings.length > 0) {
+  console.log('SAFEWORD Lint Check:');
+  for (const warning of warnings) {
+    console.log(`  ⚠️  ${warning}`);
+  }
+}

package/templates/hooks/session-verify-agents.ts

@@ -0,0 +1,32 @@
+#!/usr/bin/env bun
+// Safeword: Verify AGENTS.md link (SessionStart)
+// Self-heals by restoring the link if removed
+
+import { existsSync } from 'node:fs';
+
+const LINK = '**⚠️ ALWAYS READ FIRST:** `.safeword/SAFEWORD.md`';
+
+const projectDir = process.env.CLAUDE_PROJECT_DIR ?? process.cwd();
+const safewordDir = `${projectDir}/.safeword`;
+
+// Not a safeword project, skip silently
+if (!existsSync(safewordDir)) {
+  process.exit(0);
+}
+
+const agentsFile = Bun.file(`${projectDir}/AGENTS.md`);
+
+if (!(await agentsFile.exists())) {
+  // AGENTS.md doesn't exist, create it
+  await Bun.write(agentsFile, `${LINK}\n`);
+  console.log('SAFEWORD: Created AGENTS.md with safeword link');
+  process.exit(0);
+}
+
+// Check if link is present
+const content = await agentsFile.text();
+if (!content.includes('.safeword/SAFEWORD.md')) {
+  // Link missing, prepend it
+  await Bun.write(agentsFile, `${LINK}\n\n${content}`);
+  console.log('SAFEWORD: Restored AGENTS.md link (was removed)');
+}

package/templates/hooks/session-version.ts

@@ -0,0 +1,18 @@
+#!/usr/bin/env bun
+// Safeword: Display version on session start (SessionStart)
+// Shows current safeword version and confirms hooks are active
+
+import { existsSync } from 'node:fs';
+
+const projectDir = process.env.CLAUDE_PROJECT_DIR ?? process.cwd();
+const safewordDir = `${projectDir}/.safeword`;
+
+// Not a safeword project, skip silently
+if (!existsSync(safewordDir)) {
+  process.exit(0);
+}
+
+const versionFile = Bun.file(`${safewordDir}/version`);
+const version = (await versionFile.exists()) ? (await versionFile.text()).trim() : 'unknown';
+
+console.log(`SAFE WORD Claude Config v${version} installed - auto-linting and quality review active`);