veto-leash 0.1.2 → 1.0.0

package/dist/ast/parser.js

@@ -0,0 +1,210 @@
+// src/ast/parser.ts
+import { Parser, Language } from 'web-tree-sitter';
+import * as fs from 'fs';
+import * as path from 'path';
+import { fileURLToPath } from 'url';
+// Module state
+let initialized = false;
+let initPromise = null;
+const languages = new Map();
+const parsers = new Map();
+const treeCache = new Map();
+// Language WASM file URLs - these need to be downloaded/bundled
+const LANGUAGE_WASM_URLS = {
+    typescript: 'https://github.com/AdeAttwood/tree-sitter-typescript-wasm/releases/download/0.23.0/tree-sitter-typescript.wasm',
+    tsx: 'https://github.com/AdeAttwood/tree-sitter-typescript-wasm/releases/download/0.23.0/tree-sitter-tsx.wasm',
+    javascript: 'https://github.com/AdeAttwood/tree-sitter-javascript-wasm/releases/download/0.21.0/tree-sitter-javascript.wasm',
+    jsx: 'https://github.com/AdeAttwood/tree-sitter-javascript-wasm/releases/download/0.21.0/tree-sitter-javascript.wasm',
+};
+/**
+ * Initialize the tree-sitter WASM runtime.
+ * Must be called before any parsing operations.
+ */
+export async function initParser() {
+    if (initialized)
+        return;
+    if (initPromise)
+        return initPromise;
+    initPromise = (async () => {
+        try {
+            await Parser.init();
+            initialized = true;
+        }
+        catch (error) {
+            console.warn('Failed to initialize tree-sitter:', error);
+            throw error;
+        }
+    })();
+    return initPromise;
+}
+/**
+ * Check if the parser is initialized
+ */
+export function isInitialized() {
+    return initialized;
+}
+/**
+ * Load a language from a WASM file
+ */
+export async function loadLanguage(languageType) {
+    if (languages.has(languageType)) {
+        return languages.get(languageType);
+    }
+    await initParser();
+    // Check for local WASM file first
+    const localWasmPath = getLocalWasmPath(languageType);
+    let language;
+    if (localWasmPath && fs.existsSync(localWasmPath)) {
+        language = await Language.load(localWasmPath);
+    }
+    else {
+        // Try to fetch from URL (requires network access)
+        const url = LANGUAGE_WASM_URLS[languageType];
+        try {
+            language = await Language.load(url);
+        }
+        catch (error) {
+            throw new Error(`Failed to load language ${languageType}. ` +
+                `Please download the WASM file from ${url} to ${localWasmPath || 'the languages directory'}`);
+        }
+    }
+    languages.set(languageType, language);
+    return language;
+}
+/**
+ * Get local WASM file path if it exists
+ */
+function getLocalWasmPath(languageType) {
+    const wasmFile = `tree-sitter-${languageType === 'jsx' ? 'javascript' : languageType}.wasm`;
+    // Try multiple locations
+    const candidates = [
+        // From process.cwd() (most reliable)
+        path.resolve(process.cwd(), 'languages', wasmFile),
+        // From import.meta.url
+        (() => {
+            try {
+                const __dirname = path.dirname(fileURLToPath(import.meta.url));
+                return path.resolve(__dirname, '..', '..', 'languages', wasmFile);
+            }
+            catch {
+                return null;
+            }
+        })(),
+    ].filter((p) => p !== null);
+    for (const candidate of candidates) {
+        if (fs.existsSync(candidate)) {
+            return candidate;
+        }
+    }
+    return null;
+}
+/**
+ * Get or create a parser for the given language
+ */
+export async function getParser(languageType) {
+    if (parsers.has(languageType)) {
+        return parsers.get(languageType);
+    }
+    const language = await loadLanguage(languageType);
+    const parser = new Parser();
+    parser.setLanguage(language);
+    parsers.set(languageType, parser);
+    return parser;
+}
+/**
+ * Get the language object for query creation
+ */
+export async function getLanguageObject(languageType) {
+    return loadLanguage(languageType);
+}
+/**
+ * Parse file content into AST
+ * Uses caching for performance
+ */
+export async function parseFile(content, filePath, languageType) {
+    const start = performance.now();
+    const parser = await getParser(languageType);
+    // Check cache
+    const hash = hashContent(content);
+    const cached = treeCache.get(filePath);
+    let tree;
+    if (cached && cached.hash === hash) {
+        tree = cached.tree;
+    }
+    else {
+        // Don't use incremental parsing when content changed - web-tree-sitter
+        // has issues with incremental updates from different source text
+        const result = parser.parse(content);
+        if (!result) {
+            throw new Error(`Failed to parse ${filePath}`);
+        }
+        tree = result;
+        treeCache.set(filePath, { tree, hash });
+    }
+    return {
+        tree,
+        language: languageType,
+        parseTimeMs: performance.now() - start,
+    };
+}
+/**
+ * Detect language from file extension
+ */
+export function detectLanguage(filePath) {
+    const ext = filePath.split('.').pop()?.toLowerCase();
+    switch (ext) {
+        case 'ts':
+            return 'typescript';
+        case 'tsx':
+            return 'tsx';
+        case 'js':
+        case 'mjs':
+        case 'cjs':
+            return 'javascript';
+        case 'jsx':
+            return 'jsx';
+        default:
+            return null;
+    }
+}
+/**
+ * Clear the tree cache for a specific file or all files
+ */
+export function clearTreeCache(filePath) {
+    if (filePath) {
+        treeCache.delete(filePath);
+    }
+    else {
+        treeCache.clear();
+    }
+}
+/**
+ * Reset all parser state (for testing)
+ */
+export function resetParserState() {
+    treeCache.clear();
+    languages.clear();
+    parsers.clear();
+}
+/**
+ * Get cache statistics
+ */
+export function getCacheStats() {
+    return {
+        parserCount: parsers.size,
+        treeCacheSize: treeCache.size,
+        languageCount: languages.size,
+    };
+}
+/**
+ * Fast hash function for cache invalidation
+ */
+function hashContent(content) {
+    let hash = 0;
+    for (let i = 0; i < content.length; i++) {
+        hash = ((hash << 5) - hash) + content.charCodeAt(i);
+        hash = hash & hash; // Convert to 32-bit integer
+    }
+    return hash.toString(36);
+}
+//# sourceMappingURL=parser.js.map

package/dist/ast/parser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/ast/parser.ts"],"names":[],"mappings":"AAAA,oBAAoB;AACpB,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAe,MAAM,iBAAiB,CAAC;AAChE,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AAapC,eAAe;AACf,IAAI,WAAW,GAAG,KAAK,CAAC;AACxB,IAAI,WAAW,GAAyB,IAAI,CAAC;AAC7C,MAAM,SAAS,GAAG,IAAI,GAAG,EAA0B,CAAC;AACpD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAwB,CAAC;AAChD,MAAM,SAAS,GAAG,IAAI,GAAG,EAAwC,CAAC;AAElE,gEAAgE;AAChE,MAAM,kBAAkB,GAAiC;IACvD,UAAU,EAAE,gHAAgH;IAC5H,GAAG,EAAE,yGAAyG;IAC9G,UAAU,EAAE,gHAAgH;IAC5H,GAAG,EAAE,gHAAgH;CACtH,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU;IAC9B,IAAI,WAAW;QAAE,OAAO;IACxB,IAAI,WAAW;QAAE,OAAO,WAAW,CAAC;IAEpC,WAAW,GAAG,CAAC,KAAK,IAAI,EAAE;QACxB,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;YACpB,WAAW,GAAG,IAAI,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;YACzD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,YAA0B;IAC3D,IAAI,SAAS,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;QAChC,OAAO,SAAS,CAAC,GAAG,CAAC,YAAY,CAAE,CAAC;IACtC,CAAC;IAED,MAAM,UAAU,EAAE,CAAC;IAEnB,kCAAkC;IAClC,MAAM,aAAa,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;IACrD,IAAI,QAAkB,CAAC;IAEvB,IAAI,aAAa,IAAI,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QAClD,QAAQ,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAChD,CAAC;SAAM,CAAC;QACN,kDAAkD;QAClD,MAAM,GAAG,GAAG,kBAAkB,CAAC,YAAY,CAAC,CAAC;QAC7C,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CACb,2BAA2B,YAAY,IAAI;gBAC3C,sCAAsC,GAAG,OAAO,aAAa,IAAI,yBAAyB,EAAE,CAC7F,CAAC;QACJ,CAAC;IACH,CAAC;IAED,SAAS,CAAC,GAAG,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACtC,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,YAA0B;IAClD,MAAM,QAAQ,GAAG,eAAe,YAAY,KAAK,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY,OAAO,CAAC;IAE5F,yBAAyB;IACzB,MAAM,UAAU,GAAG;QACjB,qCAAqC;QACrC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,QAAQ,CAAC;QAClD,uBAAuB;QACvB,CAAC,GAAG,EAAE;YACJ,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC/D,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;YACpE,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC,CAAC,EAAE;KACL,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;IAEzC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,YAA0B;IACxD,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;QAC9B,OAAO,OAAO,CAAC,GAAG,CAAC,YAAY,CAAE,CAAC;IACpC,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,CAAC;IAClD,MAAM,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;IAC5B,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC7B,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAClC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,YAA0B;IAChE,OAAO,YAAY,CAAC,YAAY,CAAC,CAAC;AACpC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,OAAe,EACf,QAAgB,EAChB,YAA0B;IAE1B,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAChC,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,CAAC;IAE7C,cAAc;IACd,MAAM,IAAI,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IAClC,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAEvC,IAAI,IAAU,CAAC;IACf,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;QACnC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;IACrB,CAAC;SAAM,CAAC;QACN,uEAAuE;QACvE,iEAAiE;QACjE,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,mBAAmB,QAAQ,EAAE,CAAC,CAAC;QACjD,CAAC;QACD,IAAI,GAAG,MAAM,CAAC;QACd,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,OAAO;QACL,IAAI;QACJ,QAAQ,EAAE,YAAY;QACtB,WAAW,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,KAAK;KACvC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,QAAgB;IAC7C,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,CAAC;IACrD,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,IAAI;YACP,OAAO,YAAY,CAAC;QACtB,KAAK,KAAK;YACR,OAAO,KAAK,CAAC;QACf,KAAK,IAAI,CAAC;QACV,KAAK,KAAK,CAAC;QACX,KAAK,KAAK;YACR,OAAO,YAAY,CAAC;QACtB,KAAK,KAAK;YACR,OAAO,KAAK,CAAC;QACf;YACE,OAAO,IAAI,CAAC;IAChB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,QAAiB;IAC9C,IAAI,QAAQ,EAAE,CAAC;QACb,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,SAAS,CAAC,KAAK,EAAE,CAAC;IACpB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB;IAC9B,SAAS,CAAC,KAAK,EAAE,CAAC;IAClB,SAAS,CAAC,KAAK,EAAE,CAAC;IAClB,OAAO,CAAC,KAAK,EAAE,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,IAAI;QACzB,aAAa,EAAE,SAAS,CAAC,IAAI;QAC7B,aAAa,EAAE,SAAS,CAAC,IAAI;KAC9B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,OAAe;IAClC,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,IAAI,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QACpD,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,4BAA4B;IAClD,CAAC;IACD,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;AAC3B,CAAC"}

package/dist/ast/query.d.ts

@@ -0,0 +1,48 @@
+import { Query } from 'web-tree-sitter';
+import type { ASTRule } from '../types.js';
+import { type LanguageType, type Tree } from './parser.js';
+export interface ASTMatch {
+    /** Named captures from the query */
+    captures: Map<string, {
+        text: string;
+        line: number;
+        column: number;
+    }>;
+    /** Line number (1-indexed) */
+    line: number;
+    /** Column number (1-indexed) */
+    column: number;
+    /** The matched text (truncated for display) */
+    text: string;
+    /** The rule that matched */
+    ruleId: string;
+}
+/**
+ * Get or create a compiled query
+ */
+export declare function getQuery(queryString: string, languageType: LanguageType): Promise<Query>;
+/**
+ * Run an AST query against a parse tree
+ */
+export declare function runQuery(tree: Tree, queryString: string, languageType: LanguageType, ruleId: string): Promise<ASTMatch[]>;
+/**
+ * Check content against an AST rule
+ * Returns null if allowed, or match details if blocked
+ */
+export declare function checkASTRule(content: string, tree: Tree, languageType: LanguageType, rule: ASTRule): Promise<ASTMatch | null>;
+/**
+ * Check content against multiple AST rules
+ * Returns the first match found, or null if all pass
+ */
+export declare function checkASTRules(content: string, tree: Tree, languageType: LanguageType, rules: ASTRule[]): Promise<ASTMatch | null>;
+/**
+ * Clear the query cache
+ */
+export declare function clearQueryCache(): void;
+/**
+ * Get query cache statistics
+ */
+export declare function getQueryCacheStats(): {
+    size: number;
+};
+//# sourceMappingURL=query.d.ts.map

package/dist/ast/query.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"query.d.ts","sourceRoot":"","sources":["../../src/ast/query.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AACxC,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAqB,KAAK,YAAY,EAAE,KAAK,IAAI,EAAiB,MAAM,aAAa,CAAC;AAE7F,MAAM,WAAW,QAAQ;IACvB,oCAAoC;IACpC,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACtE,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,gCAAgC;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,+CAA+C;IAC/C,IAAI,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,MAAM,EAAE,MAAM,CAAC;CAChB;AAYD;;GAEG;AACH,wBAAsB,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,CAQ9F;AAED;;GAEG;AACH,wBAAsB,QAAQ,CAC5B,IAAI,EAAE,IAAI,EACV,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,YAAY,EAC1B,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,QAAQ,EAAE,CAAC,CA8BrB;AAED;;;GAGG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,YAAY,EAC1B,IAAI,EAAE,OAAO,GACZ,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAsB1B;AAED;;;GAGG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,YAAY,EAC1B,KAAK,EAAE,OAAO,EAAE,GACf,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAQ1B;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI,IAAI,CAEtC;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAErD"}

package/dist/ast/query.js

@@ -0,0 +1,102 @@
+// src/ast/query.ts
+import { Query } from 'web-tree-sitter';
+import { getLanguageObject } from './parser.js';
+// Query cache - parsed queries are expensive, reuse them
+const queryCache = new Map();
+/**
+ * Get cache key for a query + language combination
+ */
+function getQueryCacheKey(queryString, languageType) {
+    return `${languageType}:${queryString}`;
+}
+/**
+ * Get or create a compiled query
+ */
+export async function getQuery(queryString, languageType) {
+    const cacheKey = getQueryCacheKey(queryString, languageType);
+    if (!queryCache.has(cacheKey)) {
+        const language = await getLanguageObject(languageType);
+        const query = new Query(language, queryString);
+        queryCache.set(cacheKey, query);
+    }
+    return queryCache.get(cacheKey);
+}
+/**
+ * Run an AST query against a parse tree
+ */
+export async function runQuery(tree, queryString, languageType, ruleId) {
+    const query = await getQuery(queryString, languageType);
+    const matches = [];
+    for (const match of query.matches(tree.rootNode)) {
+        const captures = new Map();
+        for (const capture of match.captures) {
+            captures.set(capture.name, {
+                text: capture.node.text,
+                line: capture.node.startPosition.row + 1,
+                column: capture.node.startPosition.column + 1,
+            });
+        }
+        // Use first capture as primary match location
+        const primaryCapture = match.captures[0];
+        if (!primaryCapture)
+            continue;
+        const primaryNode = primaryCapture.node;
+        matches.push({
+            captures,
+            line: primaryNode.startPosition.row + 1,
+            column: primaryNode.startPosition.column + 1,
+            text: primaryNode.text.slice(0, 100), // Truncate for display
+            ruleId,
+        });
+    }
+    return matches;
+}
+/**
+ * Check content against an AST rule
+ * Returns null if allowed, or match details if blocked
+ */
+export async function checkASTRule(content, tree, languageType, rule) {
+    // Fast pre-filter: skip AST query if regex doesn't match
+    if (rule.regexPreFilter) {
+        if (!content.includes(rule.regexPreFilter)) {
+            return null; // Fast exit - content doesn't contain the pattern
+        }
+    }
+    // Check if rule applies to this language
+    const normalizedLanguage = languageType === 'tsx' ? 'typescript' : languageType === 'jsx' ? 'javascript' : languageType;
+    if (!rule.languages.includes(normalizedLanguage)) {
+        return null; // Rule doesn't apply to this language
+    }
+    // Run AST query
+    const matches = await runQuery(tree, rule.query, languageType, rule.id);
+    if (matches.length === 0) {
+        return null; // Allowed
+    }
+    return matches[0]; // Return first match
+}
+/**
+ * Check content against multiple AST rules
+ * Returns the first match found, or null if all pass
+ */
+export async function checkASTRules(content, tree, languageType, rules) {
+    for (const rule of rules) {
+        const match = await checkASTRule(content, tree, languageType, rule);
+        if (match) {
+            return match;
+        }
+    }
+    return null;
+}
+/**
+ * Clear the query cache
+ */
+export function clearQueryCache() {
+    queryCache.clear();
+}
+/**
+ * Get query cache statistics
+ */
+export function getQueryCacheStats() {
+    return { size: queryCache.size };
+}
+//# sourceMappingURL=query.js.map

package/dist/ast/query.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"query.js","sourceRoot":"","sources":["../../src/ast/query.ts"],"names":[],"mappings":"AAAA,mBAAmB;AACnB,OAAO,EAAE,KAAK,EAAE,MAAM,iBAAiB,CAAC;AAExC,OAAO,EAAE,iBAAiB,EAA+C,MAAM,aAAa,CAAC;AAe7F,yDAAyD;AACzD,MAAM,UAAU,GAAG,IAAI,GAAG,EAAiB,CAAC;AAE5C;;GAEG;AACH,SAAS,gBAAgB,CAAC,WAAmB,EAAE,YAA0B;IACvE,OAAO,GAAG,YAAY,IAAI,WAAW,EAAE,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,WAAmB,EAAE,YAA0B;IAC5E,MAAM,QAAQ,GAAG,gBAAgB,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAC7D,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9B,MAAM,QAAQ,GAAG,MAAM,iBAAiB,CAAC,YAAY,CAAC,CAAC;QACvD,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAC/C,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAClC,CAAC;IACD,OAAO,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAE,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,IAAU,EACV,WAAmB,EACnB,YAA0B,EAC1B,MAAc;IAEd,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IACxD,MAAM,OAAO,GAAe,EAAE,CAAC;IAE/B,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjD,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA0D,CAAC;QACnF,KAAK,MAAM,OAAO,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YACrC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE;gBACzB,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,IAAI;gBACvB,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,GAAG,CAAC;gBACxC,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC;aAC9C,CAAC,CAAC;QACL,CAAC;QAED,8CAA8C;QAC9C,MAAM,cAAc,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,cAAc;YAAE,SAAS;QAE9B,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC;QAExC,OAAO,CAAC,IAAI,CAAC;YACX,QAAQ;YACR,IAAI,EAAE,WAAW,CAAC,aAAa,CAAC,GAAG,GAAG,CAAC;YACvC,MAAM,EAAE,WAAW,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC;YAC5C,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,uBAAuB;YAC7D,MAAM;SACP,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAAe,EACf,IAAU,EACV,YAA0B,EAC1B,IAAa;IAEb,yDAAyD;IACzD,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;YAC3C,OAAO,IAAI,CAAC,CAAC,kDAAkD;QACjE,CAAC;IACH,CAAC;IAED,yCAAyC;IACzC,MAAM,kBAAkB,GAAG,YAAY,KAAK,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY,KAAK,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC;IACxH,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACjD,OAAO,IAAI,CAAC,CAAC,sCAAsC;IACrD,CAAC;IAED,gBAAgB;IAChB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IAExE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,IAAI,CAAC,CAAC,UAAU;IACzB,CAAC;IAED,OAAO,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;AAC1C,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAe,EACf,IAAU,EACV,YAA0B,EAC1B,KAAgB;IAEhB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;QACpE,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe;IAC7B,UAAU,CAAC,KAAK,EAAE,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,EAAE,CAAC;AACnC,CAAC"}

package/dist/ast/validate-cli.d.ts

@@ -0,0 +1,21 @@
+#!/usr/bin/env node
+/**
+ * AST Validation CLI
+ *
+ * Called by native validators (Python/shell) to perform AST-based content checking.
+ *
+ * Usage:
+ *   echo '{"file":"test.ts","content":"...","restriction":"no lodash"}' | node validate-cli.js
+ *
+ * Input (JSON on stdin):
+ *   - file: File path (used for language detection)
+ *   - content: File content to check
+ *   - restriction: The policy description (e.g., "no lodash", "no any")
+ *
+ * Output (JSON on stdout):
+ *   - allowed: boolean
+ *   - match?: { line, column, text, reason, suggest, ruleId }
+ *   - method: 'ast' | 'skipped'
+ */
+export {};
+//# sourceMappingURL=validate-cli.d.ts.map

package/dist/ast/validate-cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate-cli.d.ts","sourceRoot":"","sources":["../../src/ast/validate-cli.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;GAiBG"}

package/dist/ast/validate-cli.js

@@ -0,0 +1,73 @@
+#!/usr/bin/env node
+/**
+ * AST Validation CLI
+ *
+ * Called by native validators (Python/shell) to perform AST-based content checking.
+ *
+ * Usage:
+ *   echo '{"file":"test.ts","content":"...","restriction":"no lodash"}' | node validate-cli.js
+ *
+ * Input (JSON on stdin):
+ *   - file: File path (used for language detection)
+ *   - content: File content to check
+ *   - restriction: The policy description (e.g., "no lodash", "no any")
+ *
+ * Output (JSON on stdout):
+ *   - allowed: boolean
+ *   - match?: { line, column, text, reason, suggest, ruleId }
+ *   - method: 'ast' | 'skipped'
+ */
+import { checkContentAST } from './checker.js';
+import { initParser, loadLanguage, detectLanguage } from './parser.js';
+async function readStdin() {
+    const chunks = [];
+    for await (const chunk of process.stdin) {
+        chunks.push(chunk);
+    }
+    return Buffer.concat(chunks).toString('utf-8');
+}
+async function main() {
+    try {
+        // Initialize parser
+        await initParser();
+        // Read input
+        const inputText = await readStdin();
+        if (!inputText.trim()) {
+            console.log(JSON.stringify({ allowed: true, method: 'skipped', error: 'Empty input' }));
+            return;
+        }
+        const input = JSON.parse(inputText);
+        const { file, content, restriction } = input;
+        if (!file || !content || !restriction) {
+            console.log(JSON.stringify({ allowed: true, method: 'skipped', error: 'Missing required fields' }));
+            return;
+        }
+        // Detect language and load parser
+        const language = detectLanguage(file);
+        if (!language) {
+            console.log(JSON.stringify({ allowed: true, method: 'skipped', reason: 'Unsupported file type' }));
+            return;
+        }
+        await loadLanguage(language);
+        // Create policy from restriction
+        const policy = {
+            action: 'modify',
+            include: ['**/*'],
+            exclude: [],
+            description: restriction,
+        };
+        // Run AST check
+        const result = await checkContentAST(content, file, policy);
+        console.log(JSON.stringify(result));
+    }
+    catch (error) {
+        // On any error, allow (fail open) but log error
+        console.log(JSON.stringify({
+            allowed: true,
+            method: 'skipped',
+            error: error instanceof Error ? error.message : String(error),
+        }));
+    }
+}
+main();
+//# sourceMappingURL=validate-cli.js.map

package/dist/ast/validate-cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate-cli.js","sourceRoot":"","sources":["../../src/ast/validate-cli.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AASvE,KAAK,UAAU,SAAS;IACtB,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrB,CAAC;IACD,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACjD,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,IAAI,CAAC;QACH,oBAAoB;QACpB,MAAM,UAAU,EAAE,CAAC;QAEnB,aAAa;QACb,MAAM,SAAS,GAAG,MAAM,SAAS,EAAE,CAAC;QACpC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC;YACxF,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAkB,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACnD,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;QAE7C,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,yBAAyB,EAAE,CAAC,CAAC,CAAC;YACpG,OAAO;QACT,CAAC;QAED,kCAAkC;QAClC,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;QACtC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC,CAAC,CAAC;YACnG,OAAO;QACT,CAAC;QAED,MAAM,YAAY,CAAC,QAAQ,CAAC,CAAC;QAE7B,iCAAiC;QACjC,MAAM,MAAM,GAAW;YACrB,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE,CAAC,MAAM,CAAC;YACjB,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,WAAW;SACzB,CAAC;QAEF,gBAAgB;QAChB,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IACtC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,gDAAgD;QAChD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;YACzB,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,SAAS;YACjB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC9D,CAAC,CAAC,CAAC;IACN,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC"}

package/dist/cli.js

@@ -6,13 +6,13 @@ import { createWrapperDir, cleanupWrapperDir } from './wrapper/shims.js';
 import { spawnAgent } from './wrapper/spawn.js';
 import { COLORS, SYMBOLS, createSpinner } from './ui/colors.js';
 import { clearCache } from './compiler/cache.js';
-import { installAgent, uninstallAgent, addPolicyToAgents, listPolicies, AGENTS, } from './native/index.js';
+import { installAgent, uninstallAgent, addPolicyToAgents, listPolicies, AGENTS, detectInstalledAgents, } from './native/index.js';
 import { startWatchdog, stopWatchdog } from './watchdog/index.js';
-import { findLeashConfig, loadLeashConfig, compileLeashConfig, createLeashConfig, } from './config/loader.js';
+import { findLeashConfig, loadLeashConfig, compileLeashConfig, createLeashConfig, hasLeashConfig, } from './config/loader.js';
 import { printAuditLog, clearAuditLog } from './audit/index.js';
 import { login as cloudLogin, printCloudStatus } from './cloud/index.js';
 import { getActiveSessions } from './wrapper/sessions.js';
-const VERSION = '0.1.2';
+const VERSION = '0.2.0';
 async function main() {
     const args = process.argv.slice(2);
     // Handle flags
@@ -49,7 +49,7 @@ async function main() {
             await runUninstall(args[1]);
             break;
         case 'init':
-            runInit();
+            await runInit();
             break;
         case 'sync':
             await runSync(args[1]);
@@ -105,14 +105,37 @@ async function runWrapper(agent, restriction) {
     console.log(`\n${COLORS.success}${SYMBOLS.success} veto-leash active${COLORS.reset}\n`);
     console.log(`  ${COLORS.dim}Policy:${COLORS.reset} ${policy.description}`);
     console.log(`  ${COLORS.dim}Action:${COLORS.reset} ${policy.action}\n`);
-    console.log(`  ${COLORS.dim}Protecting:${COLORS.reset}`);
-    console.log(`    ${policy.include.slice(0, 5).join('  ')}`);
-    if (policy.include.length > 5) {
-        console.log(`    ${COLORS.dim}...and ${policy.include.length - 5} more${COLORS.reset}`);
+    // Show file patterns if present
+    if (policy.include.length > 0) {
+        console.log(`  ${COLORS.dim}Protecting files:${COLORS.reset}`);
+        console.log(`    ${policy.include.slice(0, 5).join('  ')}`);
+        if (policy.include.length > 5) {
+            console.log(`    ${COLORS.dim}...and ${policy.include.length - 5} more${COLORS.reset}`);
+        }
+        if (policy.exclude.length > 0) {
+            console.log(`\n  ${COLORS.dim}Allowing (exceptions):${COLORS.reset}`);
+            console.log(`    ${policy.exclude.join('  ')}`);
+        }
     }
-    if (policy.exclude.length > 0) {
-        console.log(`\n  ${COLORS.dim}Allowing (exceptions):${COLORS.reset}`);
-        console.log(`    ${policy.exclude.join('  ')}`);
+    // Show command rules if present
+    if (policy.commandRules && policy.commandRules.length > 0) {
+        console.log(`  ${COLORS.dim}Blocking commands:${COLORS.reset}`);
+        for (const rule of policy.commandRules) {
+            console.log(`    ${COLORS.error}${rule.block.slice(0, 3).join(', ')}${COLORS.reset}`);
+            if (rule.suggest) {
+                console.log(`    ${COLORS.dim}→ Use:${COLORS.reset} ${rule.suggest}`);
+            }
+        }
+    }
+    // Show content rules if present (Phase 2)
+    if (policy.contentRules && policy.contentRules.length > 0) {
+        console.log(`  ${COLORS.dim}Checking content for:${COLORS.reset}`);
+        for (const rule of policy.contentRules.slice(0, 3)) {
+            console.log(`    ${COLORS.error}${rule.reason}${COLORS.reset}`);
+        }
+        if (policy.contentRules.length > 3) {
+            console.log(`    ${COLORS.dim}...and ${policy.contentRules.length - 3} more rules${COLORS.reset}`);
+        }
     }
     console.log(`\n  Press Ctrl+C to exit\n`);
     // Start daemon
@@ -163,10 +186,38 @@ async function runExplain(restriction) {
     console.log('\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\n');
     console.log(`Restriction: "${restriction}"\n`);
     console.log(`Action: ${policy.action}\n`);
-    console.log(`Patterns:`);
-    console.log(`  ${COLORS.dim}include:${COLORS.reset} ${policy.include.join(', ')}`);
-    console.log(`  ${COLORS.dim}exclude:${COLORS.reset} ${policy.exclude.join(', ') || '(none)'}`);
-    console.log(`\nDescription: ${policy.description}`);
+    // Show file patterns if present
+    if (policy.include.length > 0) {
+        console.log(`${COLORS.bold}File Patterns:${COLORS.reset}`);
+        console.log(`  ${COLORS.dim}include:${COLORS.reset} ${policy.include.join(', ')}`);
+        console.log(`  ${COLORS.dim}exclude:${COLORS.reset} ${policy.exclude.join(', ') || '(none)'}`);
+    }
+    // Show command rules if present
+    if (policy.commandRules && policy.commandRules.length > 0) {
+        console.log(`${COLORS.bold}Command Rules:${COLORS.reset}`);
+        for (const rule of policy.commandRules) {
+            console.log(`  ${COLORS.error}block:${COLORS.reset} ${rule.block.join(', ')}`);
+            if (rule.suggest) {
+                console.log(`  ${COLORS.success}suggest:${COLORS.reset} ${rule.suggest}`);
+            }
+            console.log(`  ${COLORS.dim}reason:${COLORS.reset} ${rule.reason}`);
+            console.log('');
+        }
+    }
+    // Show content rules if present (Phase 2)
+    if (policy.contentRules && policy.contentRules.length > 0) {
+        console.log(`${COLORS.bold}Content Rules:${COLORS.reset}`);
+        for (const rule of policy.contentRules) {
+            console.log(`  ${COLORS.error}pattern:${COLORS.reset} ${rule.pattern}`);
+            console.log(`  ${COLORS.dim}fileTypes:${COLORS.reset} ${rule.fileTypes.join(', ')}`);
+            if (rule.suggest) {
+                console.log(`  ${COLORS.success}suggest:${COLORS.reset} ${rule.suggest}`);
+            }
+            console.log(`  ${COLORS.dim}reason:${COLORS.reset} ${rule.reason}`);
+            console.log('');
+        }
+    }
+    console.log(`${COLORS.dim}Description:${COLORS.reset} ${policy.description}`);
     console.log(`\nRun 'leash <agent> "${restriction}"' to enforce.\n`);
 }
 async function runWatchdog(restriction) {
@@ -313,10 +364,43 @@ async function runUninstall(agent) {
         process.exit(1);
     }
 }
-function runInit() {
-    createLeashConfig();
-    console.log(`\nEdit .leash to customize your policies.`);
-    console.log(`Then run: ${COLORS.dim}leash sync${COLORS.reset}\n`);
+async function runInit() {
+    console.log(`\n${COLORS.bold}Detecting AI coding agents...${COLORS.reset}`);
+    // Detect installed agents
+    const detected = detectInstalledAgents();
+    if (detected.length === 0) {
+        console.log(`  ${COLORS.dim}No agents detected${COLORS.reset}`);
+        console.log(`\n${COLORS.dim}Tip: Install Claude Code, Cursor, OpenCode, or Windsurf first.${COLORS.reset}`);
+    }
+    else {
+        for (const agent of detected) {
+            console.log(`  ${COLORS.success}${SYMBOLS.success} ${agent.name} found${COLORS.reset}`);
+        }
+    }
+    // Create .leash file if not exists
+    if (!hasLeashConfig()) {
+        console.log(`\n${COLORS.bold}Creating .leash config...${COLORS.reset}`);
+        createLeashConfig();
+    }
+    else {
+        console.log(`\n${COLORS.success}${SYMBOLS.success} .leash already exists${COLORS.reset}`);
+    }
+    // Install hooks for detected agents with native support
+    const nativeAgents = detected.filter(a => a.hasNativeHooks);
+    if (nativeAgents.length > 0) {
+        console.log(`\n${COLORS.bold}Installing enforcement hooks...${COLORS.reset}`);
+        for (const agent of nativeAgents) {
+            try {
+                await installAgent(agent.id);
+            }
+            catch {
+                console.log(`  ${COLORS.warning}${SYMBOLS.warning} Could not install ${agent.name} hooks${COLORS.reset}`);
+            }
+        }
+    }
+    console.log(`\n${COLORS.success}${SYMBOLS.success} Done!${COLORS.reset} Policies enforced automatically.`);
+    console.log(`\nEdit ${COLORS.bold}.leash${COLORS.reset} to customize your policies.`);
+    console.log(`Run ${COLORS.dim}leash sync${COLORS.reset} to apply changes.\n`);
 }
 async function runSync(agent) {
     const configPath = findLeashConfig();
@@ -385,9 +469,9 @@ ${COLORS.bold}USAGE${COLORS.reset}
 
 ${COLORS.bold}AGENTS (native integration)${COLORS.reset}
   cc, claude-code    Claude Code     PreToolUse hooks
-  ws, windsurf       Windsurf        Cascade hooks
   oc, opencode       OpenCode        permission.bash rules
-  cursor             Cursor          .cursorrules (guidance only)
+  cursor             Cursor CLI      hooks.json (v1.7+)
+  ws, windsurf       Windsurf        Cascade hooks
   aider              Aider           .aider.conf.yml read-only
 
 ${COLORS.bold}AGENTS (wrapper/watchdog)${COLORS.reset}