CHANGELOG.md 27 KB
Changelog
All notable changes to claude-config will be documented in this file.
Format follows Keep a Changelog.
[Unreleased]
[3.3.0] — 2026-04-08
Breaking
security-guidanceremoved — never existed as a marketplace plugin (anthropic/claude-plugins-officialis a non-existent repo). RTK covers security hooks.pr-review-toolkitremoved — same non-existent marketplace. No replacement available.frontend-designreclassified from TOGGLE plugin to built-in Claude Code skill (/mnt/skills/public/frontend-design/). Always available, 0 token cost, not toggleable.skill-creatorreclassified from TOGGLE plugin to built-in Claude Code skill (/mnt/skills/examples/skill-creator/). Always available, 0 token cost, not toggleable.anthropic/claude-plugins-officialmarketplace reference removed frominstall-plugins.sh— this GitHub repo does not exist.
Changed
install-plugins.sh: fake marketplace block replaced with built-in skill notes; install summary updatedlib/detect-plugins.sh:detect_frontend_design()removed (built-in skill, always available); notes added for all removed pluginshooks/session-start.sh:frontend_designremoved from toggle loop;security-guidanceremoved from always-on display; new🔵 BUILT-INline showsfrontend-design skill-creator; token cost estimate no longer counts frontend-designagents/plugin-advisor.md: decision table, compatibility matrix, recommended sets, conditional rules all updated — frontend-design and skill-creator marked as built-in (0t, not toggleable); security-guidance and pr-review-toolkit removed; passive cost estimates recalculatedREADME.md: plugin reference table split into installable plugins + built-in skills; compatibility matrix updated; recommended sets recalculated; removed pr-review-toolkit from slash commands; added "Removed plugins" note explaining what happenedUSAGE.md: all references updated — quick reference, case studies, session-start boxes, signal→plugin tableversion.txt: 3.2.1 → 3.3.0
[3.2.1] — 2026-04-07
Fixed
agents/plugin-advisor.md: 4 signals had entries in the signal table but no conditional rule — added rules forskill-creation,browser-qa,design-system, andcomplex-arch
Changed
version.txt: 3.2.0 → 3.2.1
[3.2.0] — 2026-04-07
Fixed
doctor.sh: EXPECTED_SKILLS pass message uses${#EXPECTED_SKILLS[@]}(dynamic count) instead of hardcoded 9agents/plugin-advisor.md:setup.pyandpyproject.tomladded as counterindicators for embedded signal — prevents Python C-extensions from false-triggering embeddedagents/status-reporter.md: PHP phpunit added to manifest fallback (composer.json→./vendor/bin/phpunit)skills/health/SKILL.md: post-result guidance added — CRITICAL/WARNING/errors/warnings/all-pass handling
Added
USAGE.md: "Erreurs fréquentes" — embedded signal not detected entry
Changed
version.txt: 3.1.0 → 3.2.0
[3.1.0] — 2026-04-07
Fixed
agents/plugin-advisor.md:Makefilerestored as embedded indicator —Makefile+src/*.c+ no Node/Rust/Go manifest = embedded;.cfiles alone still not sufficient (Rust FFI counterindicated)agents/onboarder.md: PHASE 6 — checkcommand -v gsdbefore generating ROADMAP.md; if absent, ROADMAP.md still generated with install instructions; same pattern as init-project STEP 13
Added
doctor.sh: expected skills check — verifies all 9 skills (analyze, health, init-project, onboard, plugin-check, readme, refactor, ship-feature, status) present in~/.claude/skills/skills/analyze/SKILL.md: description updated to mention DEBUG mode (read-only analysis OR error/stack trace → DEBUG mode)USAGE.md: token cost estimates on workflow patterns (Pattern A ~3000-5000t, B ~1500-2500t/session, D ~500-800t, E ~600-900t); budget note at top of Patterns section
Changed
version.txt: 3.0.0 → 3.1.0
[3.0.0] — 2026-04-07
Fixed
agents/plugin-advisor.md: embedded false positive removed —src/*.calone no longer triggers embedded signal (Rust FFI projects have .c files); onlyplatformio.inior*.ld/*.ldslinker scripts are reliable triggersagents/status-reporter.md: flat awk scoped to## Milestoneheadings — no longer matches## Prerequisites,## Notes, or other non-milestone##headings in ROADMAP.md
Added
agents/status-reporter.md: Go test runner in manifest fallback (go.mod→ "go test ./...")USAGE.md: GSD v2 active/interrupted node in decision tree — /gsd auto, /gsd steer, /gsd forensicsskills/analyze/SKILL.md: argument-hint updated to mention DEBUG mode (pass error/stack trace)
Breaking
agents/plugin-advisor.md: embedded detection no longer triggers on C/C++ files alone — projects relying on .c file detection must addplatformio.inior a*.ldlinker script
Changed
version.txt: 2.9.0 → 3.0.0
[2.9.0] — 2026-04-07
Fixed
agents/plugin-advisor.md: PHASE 1 — filesystem embedded detection added (platformio.ini, .ld linker scripts, src/.c without package.json/Dockerfile); signal description updatedagents/status-reporter.md: PHASE 3 — flat ROADMAP fallback awk command for milestones with tasks directly under ## (no ### slices); marked with "(flat)" in outputagents/status-reporter.md: pytest cache parsing — JSON{}= "all passing" instead of "0 failing"; uses python3 for proper JSON parse instead ofcat | head
Added
USAGE.md: analyze → refactor → analyze cycle documented in decision tree (refactoring profond)README.md: link to USAGE.md in intro section
Changed
version.txt: 2.8.0 → 2.9.0
[2.8.0] — 2026-04-07
Fixed
agents/status-reporter.md: awk milestone detection usesindex()instead of regex negation — portable across macOS nawk and GNU awkagents/status-reporter.md: Tests field fallback improved — shows "run '' to check" when no result found but test manifest exists; shows "N/A" only when no test infrastructure at allagents/plugin-advisor.md:embeddedsignal added — firmware/bare-metal/microcontroller detection; DECISION TABLE row; conditional rule disabling all toggles, superpowers optionaldoctor.sh: agents pass message now lists all 8 agent names inline for quick visual confirmationUSAGE.md: section "Quel skill utiliser ?" — decision tree for all 9 skills with quick-reference tableREADME.md:/statusadded to Maintenance Diagnostic section alongside/healthversion.txt: 2.7.0 → 2.8.0agents/status-reporter.md: milestone detection algorithm — usesawkto find first##heading with pending###slices (top-to-bottom scan), nottail -5of all##headingsskills/ship-feature/SKILL.md:git lognow uses--format="%h %<(50,trunc)%s"to truncate long commit messages at 50 charsagents/status-reporter.md: PHASE 2 — best-effort build/test status check (pytest cache, Jest coverage, log files);Testsfield in outputdoctor.sh:check_symlink "lib"added;_EXPECTED_LINKSupdated 6 → 7agents/plugin-advisor.md:skill-creationsignal added to PHASE 2; WARN rule if skill-creator active without skill-creation signalUSAGE.md: Exemple 9 — firmware C/C++ STM32, workflow minimaliste sans superpowers ni GSDversion.txt: 2.6.0 → 2.7.0agents/status-reporter.md: PHASE 3 now counts slices (### headings) not tasks (- [ ]) — correct progress metric matching GSD v2 dashboardhooks/session-start.sh: continuation line uses 13-space prefix (verified 60 bytes) for consistent box alignmentagents/onboarder.md: PHASE 5b clarifies .gitignore target path per mode (A=workspace root, B=PACKAGE_ROOT, C=per-package)skills/ship-feature/SKILL.md: STEP 0b now prints PROJECT CONTEXT header when CLAUDE.md found — project name, stack, current branch, last 3 commits, GSD milestoneUSAGE.md: Exemple 8 — full session resume workflow with /status + GSD v2 step mode + /gsd discussversion.txt: 2.5.0 → 2.6.0skills/init-project/SKILL.md: STEP 1 — checks bothCLAUDE.mdand.claude/CLAUDE.md; pre-fills interview from either locationagents/status-reporter.md: PHASE 3 GSD — replaced fragileSTATUS.mdread with robust ROADMAP.md checkbox parsing; handles missing ROADMAP.md; never reads binarystate.dbagents/onboarder.md: PHASE 5b added — .gitignore safety check; appends.claude/settings.local.jsonto existing .gitignore or creates minimal one; applies to all monorepo optionsdoctor.sh: expected agents check in Consistency section — warns if any of 8 expected.mdagent files are missing from~/.claude/agents/README.md+USAGE.md:/statusadded to Pattern B (multi-session) and Pattern C (onboarding) workflowshooks/session-start.sh: 2-line display for >4 active/inactive plugins — all plugin names shown, split at 4 per lineversion.txt: 2.4.0 → 2.5.0skills/init-project/SKILL.md: STEP 1 — reads existing CLAUDE.md if present; pre-fills interview answers already documented; asks only genuinely missing fieldsagents/onboarder.md: Option B fully implemented — explicit PACKAGE_ROOT scoping; all PHASE 3-5 paths relative to selected package; no root CLAUDE.md generatedagents/plugin-advisor.md: upstream monorepo detection in PHASE 1 — checks../turbo.json,../pnpm-workspace.yaml,../../turbo.jsonfor sub-package context; signal table updated to describe upstream detectionagents/status-reporter.md+skills/status/SKILL.md: new/statusskill — consolidated read-only snapshot (plugins + token cost + git state + recent commits + GSD v2 milestone)USAGE.md: section "Erreurs fréquentes" — quick-reference table of 14 common errors with causes and solutionsdoctor.sh: symlink counter — reportsN/6 OKafter symlink checkshooks/session-start.sh:+N moredisplay — shows first 2 active/inactive plugins + count of remaining instead of truncated stringREADME.md: /status added to skill table and file treeversion.txt: 2.3.0 → 2.4.0skills/ship-feature/SKILL.md: STEP 0b added — checks for CLAUDE.md before starting; blocks with/onboardinstruction if missingskills/ship-feature/SKILL.md: STEP 4b option B enhanced — scans remaining tasks for dependents before skipping a failed task; prompts to skip dependent tasks tooagents/onboarder.md: Option C (sequential monorepo onboarding) fully implemented — iterates all packages, generates per-package CLAUDE.md + settings + .claudeignore, summary table, optional root ROADMAP.mdagents/plugin-advisor.md:monoreposignal added to PHASE 1 detection (turbo.json, pnpm-workspace, nx.json), PHASE 2 signal table, DECISION TABLE, and conditional rules — recommends plugins per-package, not for the whole repodoctor.sh:check_symlink "templates"added — detects missing templates/ symlink (pre-v2.0.0 installations)hooks/session-start.sh: ACTIVE_STR and INACTIVE_STR truncated to 37 chars +…indicator when overflow detectedUSAGE.md: Exemple 7 — refactoring module Python legacy; full/analyze→/refactor→/analyzecycle; shows report-before-modify behavior and test-first recommendationversion.txt: 2.2.0 → 2.3.0skills/init-project/SKILL.md: STEP 13 — guardcommand -v gsdbefore runninggsd init; prints install instructions if GSD v2 not in PATH instead of failing silentlyskills/ship-feature/SKILL.md: STEP 4b added — structured error recovery when a subagent fails (build error, failing test, type error); DEBUG mode analysis + user gate before any fix; max 2 retry attempts; never auto-patchesagents/onboarder.md: monorepo detection added (PHASE 1) — detectsapps/,packages/,pnpm-workspace.yaml,turbo.json,nx.json,lerna.json; interactive gate (onboard whole workspace / single package / each separately)agents/plugin-advisor.md:mobilesignal added to PHASE 2 signal table + DECISION TABLE + conditional rules — React Native / Expo / Flutter explicitly handled; gstack disabled for mobile, Docker N/Adoctor.sh: GStackskills/subdirectory check added after symlink verification — warns if GStack is symlinked but has no skills (needs./setup)hooks/session-start.sh: TOKEN_WARN truncated to 44 chars to prevent box overflow with emoji widthUSAGE.md: Exemple 6 — CLI Rust from scratch; illustrates minimal workflow (superpowers only, no frontend plugins, cargo check as verify, no GSD v2)version.txt: 2.1.0 → 2.2.0agents/scaffolder.md: React Native/Expo + Flutter support — PHASE 0 (Docker exclusion), PHASE 3 (stack templates), PHASE 4 (install commands), PHASE 5 (verify commands per stack)agents/analyzer.md: DEBUG MODE section — structured error diagnosis with root cause hypotheses, trace, and affected filesagents/onboarder.md: new agent — onboard existing projects (discovery → interview → CLAUDE.md + settings + .claudeignore + optional GSD v2 ROADMAP)skills/onboard/SKILL.md: new skill/onboardinvoking the onboarder agentskills/init-project/SKILL.md: STEP 13 (optional) — propose GSD v2 init at end of init-project when multi-session signal detectedMakefile:make onboardtargetREADME.md: Workflow patterns section (5 patterns: new short, new long, onboarding, hotfix, refactor); /onboard in skill table and tree; make onboard in maintenanceagents/plugin-advisor.md: "Next.js + context7 not configured" moved from BLOCK → WARN with force option — Context7 requires manual API key, should not hard-block project startlib/detect-plugins.sh:detect_ruflo()now uses 3-level fallback (npm binary → MCP config grep + ruvnet/claude-flow variants →claude mcp list)hooks/session-start.sh: passive token cost estimate added to session display — warns at >25%, alerts at >50% of Pro session budgetversion.txt: 2.0.0 → 2.1.0- GSD v1 (
glittercowboy/get-shit-done-cc) removed entirely - GSD v1 commands (
/gsd:discuss-phase,/gsd:plan-phase,/gsd:execute-phase,/gsd:ship,/gsd:next) no longer available — these were Claude Code slash commands; they do not exist in v2 - GSD v2 (
gsd-pi) is a standalone CLI (Pi SDK), not a Claude Code plugin — usage model is entirely different - GSD v2 integration (
gsd-build/gsd-2, npm:gsd-pi2.64.0) — standalone CLI with autonomous mode (/gsd auto), state machine per-task execution, crash recovery, cost tracking, parallel workers, worktree isolation - Ruflo plugin (
ruvnet/ruflo, npm:ruflo3.5.58) — enterprise multi-agent MCP server (formerly claude-flow), 310+ tools, 100+ agent types, WASM kernel; 🔄 TOGGLE, ~500-1500t passive - Full plugin compatibility matrix in
agents/plugin-advisor.md— all 12 plugins analyzed pairwise, conditional rules, recommended sets by project type - Ruflo auto-detection in
lib/detect-plugins.sh,doctor.sh,hooks/session-start.sh - GSD v2 CLI status in
session-start.sh— dedicated🖥️ CLIline (separate from CC plugin toggles) - 8 new deny rules in
settings.json:source /dev/stdin,mkfifo *,python3 -c *,node -e *,xargs * .env*,tar * .env*,zip * .env*,base64 .env*— covers runtime secret access and exfiltration vectors disableAutoMode: "disable"added to globalsettings.json# TODO: VERIFY syntax in CC v2.1.89templates/symlink inlink.sh—~/.claude/templates/now resolves correctly for scaffolder and init-project- Token budget breakdown in
doctor.sh— CLAUDE.md + skill descriptions + plugin passive cost, thresholds vs Pro session budget (~11k tokens/5h) - GStack pinning warning in
doctor.shandupdate-all.sh(confirmation prompt before--remoteupdate) - GStack false-positive fix in
doctor.sh— submodule check now requires.gitpresence, not just directory existence - Ruflo install instructions in
install-plugins.sh(Step 5, manual — enterprise tool) - Ruflo update step in
update-all.sh - GSD v2 update step in
update-all.sh plugins.lock.json: GSD v1 (npm:get-shit-done-cc) → GSD v2 (npm:gsd-pi2.64.0); ruflo (npm:ruflo3.5.58) addedinstall-plugins.sh: STEP 4 GSD v2 (npm install -g gsd-pi), STEP 5 ruflo (manual instructions), steps renumbered 6-7lib/detect-plugins.sh:detect_gsd()now checkscommand -v gsd(not~/.claude/skills/grep);detect_ruflo()addeddoctor.sh: GSD v2 check, ruflo check, GStack false-positive fix, GStack pinning warning, EXPECTED_DENY 92→100, token budget Pro-aware with breakdown,readlink -fportability fixhooks/session-start.sh: GSD v2 removed from toggle loop → dedicated🖥️ CLIline; ruflo added to toggle loopupdate-all.sh: GStack confirmation prompt, GSD v2 update step, ruflo update step, steps renumbered 1-7agents/plugin-advisor.md: complete rewrite — PHASE 1 detection (GSD v2, ruflo), PHASE 2 signal table, full compatibility matrix, conditional rules, recommended sets by project type, WARN/BLOCK updatedlink.sh:templates/added to symlink loopsettings.json: 92→100 deny rules,disableAutoModeaddedREADME.md: comprehensive update — GSD v2 full usage guide, ruflo install/usage, plugin compatibility matrix section, updated plugin table (GSD v2 as CLI, ruflo as TOGGLE), version pinning examples, troubleshooting entries for GSD v2 and ruflo, Known Limitations updatedversion.txt: 1.0.4 → 2.0.0link.sh:templates/not symlinked — scaffolder and init-project now find~/.claude/templates/project-CLAUDE.mddoctor.sh: GStack submodule check was a false positive when directory existed but submodule was uninitialiseddoctor.sh:readlink -ffallback made explicit for BSD macOS compatibilitydoctor.sh: token budget used incorrect "~8000 tokens" reference — now uses Pro session budget (~11k)doctor.sh: EXPECTED_DENY hardcoded at 92 — updated to 100 after new deny rulesupdate-all.sh: GStack update had no confirmation prompt — added; GStack step structure had mismatchedif/fiagents/plugin-advisor.md: GSD detection usedls ~/.claude/skills/ | grep gsd— broken for v2 (CLI not a skill)hooks/session-start.sh: GSD v2 (standalone CLI) was in the CC plugin toggle loop — incorrect, moved to dedicated CLI lineskills/*/SKILL.md: agent paths changed from.claude/agents/to$HOME/.claude/agents/— unambiguous user-scope resolution regardless of working directoryhooks/session-start.sh:CONFIG_VERSIONnow displayed in session-start box (was computed but never shown)settings.json+ templates: removed non-standard_readmekey (silently ignored by Claude Code but triggers schema warnings)agents/plugin-advisor.md: RTK detection re-added in PHASE 1 (was removed in v1.0.3 compression)skills/health/SKILL.md: fallback command simplified — removed 3-level quote nestinginstall-plugins.sh: removed duplicate "→ Restart Claude Code" line- README: Superpowers command table now shows actual skill names (
superpowers:brainstorming,superpowers:writing-plans,superpowers:subagent-driven-development, etc.) - README: install step 6 — replaced
/reload-plugins(nonexistent command) with "Restart Claude Code — plugins load automatically" - README: Context7 API key URL corrected from
context7.comtoupstash.com - README: Known Limitations — clarified agent frontmatter fields ARE enforced in v2.1.x; added
disableAutoModenote - README: Makefile command list in Maintenance section now includes
make new-skill lib/detect-plugins.sh:detect_context7()no longer spawnsclaudeCLI — reads~/.claude.jsonand~/.mcp.jsondirectly (no subprocess overhead at session start)CLAUDE.md: 1414t → 418t (-70%) — rewritten as dense rule list, no prose paddingagents/plugin-advisor.md: 1251t → 536t (-57%) — DECISION MATRIX removed (duplicated THRESHOLDS), output template compressedagents/interviewer.md: 1088t → 438t (-60%) — PROJECT BRIEF ASCII art → compact YAML-style, question groups flattenedagents/readme-updater.md: 2224t → 792t (-64%) — Docker detection unified to one block, template skeleton condensed, phases as tight checklistsagents/scaffolder.md: 2402t → 1041t (-57%) — Dockerfile/compose templates replaced by 3-line descriptions, Phase 0 compressedskills/init-project/SKILL.md: 2452t → 915t (-63%) — AGENTS LOADED section removed, each STEP condensed to 2-4 linesskills/ship-feature/SKILL.md: 1236t → 537t (-57%) — same treatment as init-projectagents/interviewer.md: if prompt already contains name + purpose + stack + features + architecture → generate BRIEF directly, no questions askedagents/readme-updater.md: Docker detection defined once at top, referenced in all modes (no duplication)hooks/session-start.sh: always-on plugins (security-guidance, rtk, superpowers) now explicitly shown in session start displayskills/health/SKILL.md: fallback path when~/.claude/doctor.shnot found (follows CLAUDE.md symlink to locate repo)skills/plugin-check/SKILL.md: argument-hint now shows concrete exampleMakefile:make new-skill name=<n>— scaffolds agent + skill files from template in one commandtemplates/project-CLAUDE.md: inline examples per section (FastAPI-based) — usable without /init-project- README: bundled skills section (
/batch,/debug,/simplify) - README: accurate progressive loading explanation (description only at startup, body on-demand)
link.sh: idempotent — reports "already up to date" or count of updated symlinksBash(git add .env*)andBash(git add **/.env*)added to deny — prevents staging secretsBash(cp **/id_rsa*),Bash(cp **/id_ed25519*),Bash(cp **/.ssh/*)added to deny — closes SSH key copy bypassdenytotal: 87 → 92 rulesnpx *moved from allow to ask in project template settings — arbitrary npm package execution now requires confirmationdocker stop *anddocker rm *moved from allow to ask in project template settingsskill-creatorandpr-review-toolkitreclassified from ALWAYS ON to TOGGLE — saves ~400 tokens/session by defaultagents/scaffolder.md: removed Go, PHP/WordPress, Flutter/Dart stack templates (unused)CLAUDE.md: STRICT MODE section removed — rules inlined intoskills/init-project/SKILL.mdandskills/ship-feature/SKILL.mdwhere they apply, reducing global context weightCLAUDE.md: FAIL FAST MODE cleaned up (removed contradictory "override all" claim)agents/readme-updater.md: mode detection changed from substring match to exact first-word match —/readme update Xno longer silently triggers SYNC modetemplates/settings/SETTINGS.md: stripped sections duplicating README (precedence table, what-goes-where) — 132 → 58 linesplugins.lock.json: removed unusedinstall_cmdandnodefields- README: GStack 14-command table collapsed to a single reference line
- README: plugin table updated to reflect new toggle status
install-plugins.sh: GStack./setupnow runs in subshell with existence+executable guard (same fix as update-all.sh)install-plugins.sh: log setup guarded against read-only filesystem — no longer crashes before outputinstall-plugins.sh:rtk init -gnow skipped if RTK hook already present in settings.jsondoctor.sh: CRLF detection ported fromgrep -qP(Linux-only) togrep -c $'\r'(portable macOS/Linux)doctor.sh: token budget breakdown now lists top consumers per file when estimate exceeds 2000 tokenslib/detect-plugins.sh: removed three never-called functions (detect_security_guidance,detect_skill_creator,detect_pr_review_toolkit)hooks/session-start.sh: removed unreachable inline fallback — replaced with clean exit messageenvandprintenv *moved from allow to deny — blocks secret exposure via process environmentexport *added to deny — prevents environment variable injectioncp .env*,cp **/.env*,mv .env*,mv **/.env*added to deny — closes copy-then-read bypass on secret filescp **/secrets/*,mv **/secrets/*added to deny — extends secret move protection to secrets/ directorysed *moved from allow to ask — all sed (including in-place-i) now requires confirmationsed -i *andsed -i'' *removed from ask (consolidated intosed *)git stash*(broad allow) split into safe variants in allow (git stash,push*,list*,show*) and destructive variants in ask (pop*,drop*,clear)doctor.shtoken budget estimate now uses full skill/agent file sizes instead of description-only char count — produces accurate token estimates (~4 chars/token)doctor.shdeny rule count now checks against expected value (87) and warns on mismatchdoctor.shpython3 one-liner wrapped in|| echo "?"— diagnosis no longer crashes on missing python3update-all.shGStack./setupnow runs in a subshell — upstream setup failure no longer crashes the update script mid-execution underset -euo pipefailupdate-all.shguards./setupexistence and executable bit before invoking it- 6 custom agents: analyzer, interviewer, plugin-advisor, readme-updater, refactorer, scaffolder
- 6 custom skills: analyze, init-project, plugin-check, readme, refactor, ship-feature
- 2 orchestrators with validation gates: init-project (13 steps), ship-feature (8 steps)
- Multi-OS install script (apt/dnf/pacman/brew)
- GStack as git submodule at skills-external/gstack
- Session start hook with plugin toggle status and health check
- Global settings.json with deny/ask/allow permission tiers
- Per-project templates: settings.json, settings.local.json, .claudeignore, project-CLAUDE.md
- Settings reference (SETTINGS.md)
- doctor.sh — full setup diagnostic
- update-all.sh — one-command update for all components
- plugins.lock.json — version pinning for non-marketplace dependencies
- /health skill — run doctor.sh from within Claude Code
- Makefile — unified entry point for install/link/doctor/update
- deny rules cover: destructive commands, secrets access, privilege escalation, code injection (eval, bash -c, xargs), pipe-to-shell, and secrets via bash (cat .env)
- disableBypassPermissionsMode enforced globally
- .claudeignore template with comprehensive exclusions