chore(wheelhouse): cascade template@7babe316

Auto-applied by socket-wheelhouse sync-scaffolding into cascade-socket-cli-36260.
149 file(s) touched:
  - .claude/commands/fleet/update-hooks-dry.md
  - .claude/hooks/fleet/_shared/public-surfaces.mts
  - .claude/hooks/fleet/_shared/unbacked-claims.mts
  - .claude/hooks/fleet/ai-config-drift-reminder/index.mts
  - .claude/hooks/fleet/alpha-sort-reminder/index.mts
  - .claude/hooks/fleet/changelog-no-empty-guard/index.mts
  - .claude/hooks/fleet/claude-md-rule-add-guard/README.md
  - .claude/hooks/fleet/claude-md-rule-add-guard/index.mts
  - .claude/hooks/fleet/claude-md-rule-add-guard/package.json
  - .claude/hooks/fleet/claude-md-rule-add-guard/test/index.test.mts
  - .claude/hooks/fleet/claude-md-rule-add-guard/tsconfig.json
  - .claude/hooks/fleet/copy-on-select-hint-reminder/test/index.test.mts
  - .claude/hooks/fleet/dated-citation-guard/README.md
  - .claude/hooks/fleet/dated-citation-guard/index.mts
  - .claude/hooks/fleet/dated-citation-guard/package.json
  - .claude/hooks/fleet/dated-citation-guard/test/index.test.mts
  - .claude/hooks/fleet/dated-citation-guard/tsconfig.json
  - .claude/hooks/fleet/dated-citation-reminder/README.md
  - .claude/hooks/fleet/dirty-lockfile-reminder/index.mts
  - .claude/hooks/fleet/dirty-worktree-stop-guard/index.mts
  ... and 129 more

Author: jdalton

.claude/commands/fleet/update-hooks-dry.md

@@ -0,0 +1,11 @@
+---
+description: Read-only DRY/KISS sweep of the fleet hook tree + oxlint plugin; writes a consolidation plan to .claude/reports/ via the updating-hooks-dry skill.
+---
+
+Scan `.claude/hooks/fleet/**` and `.config/oxlint-plugin/fleet/**` for bloat: copy-paste clusters that should share a `_shared/` helper, dead `_shared/` exports, overlapping guards / redundant lint rules, and KISS smells (a hook far longer than its siblings, raw regex where the shared AST parser exists). Ranks findings by leverage and writes a report to `.claude/reports/hooks-dry-sweep-<date>.md` with evidence + a concrete consolidation sketch per cluster.
+
+**Plan-only**: applies nothing, opens no PR — a human (or a follow-up `refactor-cleaner`) executes from the report. The mechanical, safe slice (dead `_shared/` exports) is already a `check --all` gate; this is the broader advisory sweep.
+
+Use periodically, or after `codifying-disciplines` lands a burst of new hooks and the tree feels repetitive.
+
+Invokes the `updating-hooks-dry` skill.

.claude/hooks/fleet/_shared/public-surfaces.mts

@@ -1,6 +1,6 @@
 /**
  * @file Shared "is this command a public-facing publish?" check. The
- *   public-surface-reminder (Stop, nudges) and private-name-guard (PreToolUse,
+ *   public-surface-reminder (Stop, nudges) and private-name-reminder (PreToolUse,
  *   blocks a private name reaching a public surface) both gate on the same set
  *   of outward-facing commands — commit, push, gh pr/issue/release, mutating gh
  *   api. One source keeps the two gates from drifting.

.claude/hooks/fleet/_shared/unbacked-claims.mts

@@ -0,0 +1,135 @@
+// Shared detection for unbacked success claims — consumed by BOTH
+// `stop-claim-verify-reminder` (Stop-time nudge) and
+// `unbacked-claim-commit-guard` (PreToolUse block on commit/push). One matcher,
+// two enforcement points, no drift.
+//
+// The fleet rule (CLAUDE.md "Judgment & self-evaluation" → "Verify before you
+// claim"): never assert "tests pass" / "builds" / "typechecks" / "lint passes"
+// / "render verified" without a tool call THIS SESSION that ran or read it.
+// A claim fires only when NONE of its backing-command patterns appear in any
+// Bash command run this session.
+
+import {
+  extractToolUseBlocks,
+  readLines,
+  resolveRoleAndContent,
+  stripCodeFences,
+} from './transcript.mts'
+
+export interface ClaimRule {
+  // Category label.
+  readonly label: string
+  // Matches the self-claim in the assistant's prose.
+  readonly claim: RegExp
+  // Substrings that, in ANY Bash command this session, back the claim.
+  readonly backedBy: readonly RegExp[]
+  // One-line hint.
+  readonly hint: string
+}
+
+export const CLAIM_RULES: readonly ClaimRule[] = [
+  {
+    label: 'tests pass',
+    claim:
+      /\b(?:all )?tests?\b[^.!?\n]{0,30}\b(?:pass(?:ed|ing)?|green|succeed(?:ed)?)\b/i,
+    backedBy: [/\bvitest\b/, /\bpnpm\s+(?:run\s+)?test\b/, /\bnode\s+--test\b/],
+    hint: 'run the test command (`pnpm test` / `vitest run <file>`) or qualify the claim',
+  },
+  {
+    label: 'build succeeds',
+    claim:
+      /\bbuild(?:s|ed)?\b[^.!?\n]{0,30}\b(?:succeed(?:ed|s)?|clean|pass(?:ed|es)?|work(?:s|ed)?)\b/i,
+    backedBy: [/\bpnpm\s+(?:run\s+)?build\b/, /\brun\s+build\b/, /\brolldown\b/],
+    hint: 'run the build or qualify the claim',
+  },
+  {
+    label: 'typechecks',
+    claim:
+      /\b(?:type[- ]?checks?\b[^.!?\n]{0,20}\b(?:pass(?:es|ed)?|clean)|no type errors)\b/i,
+    backedBy: [/\btsgo\b/, /\btsc\b/, /\bpnpm\s+(?:run\s+)?check\b/],
+    hint: 'run tsgo / `pnpm run check` or qualify the claim',
+  },
+  {
+    label: 'lint passes',
+    claim: /\blint(?:ing)?\b[^.!?\n]{0,25}\b(?:pass(?:es|ed)?|clean|green)\b/i,
+    backedBy: [
+      /\boxlint\b/,
+      /\bpnpm\s+(?:run\s+)?lint\b/,
+      /\bpnpm\s+(?:run\s+)?check\b/,
+    ],
+    hint: 'run `pnpm run lint` / `pnpm run check` or qualify the claim',
+  },
+  {
+    label: 'render verified',
+    // A self-claim that the UI / popup / page was visually checked — "verified
+    // the popup", "the UI renders correctly", "looks good on screen", "rendered
+    // to PNG", "visually verified". Backed ONLY by an actual render this session.
+    claim:
+      /\b(?:visually verif(?:y|ied)|verif(?:y|ied)\b[^.!?\n]{0,30}\b(?:popup|render|ui\b|screen|pixels?)|(?:popup|ui|render(?:ed|s)?|page|screen)\b[^.!?\n]{0,30}\b(?:looks? (?:good|correct|right)|renders? (?:correctly|fine)|verified))\b/i,
+    backedBy: [
+      /\bscreenshot\.mts\b/,
+      /\brendering-chromium-to-png\b/,
+      /\bplaywright\b/,
+      /\bchromium\b/,
+    ],
+    hint: 'render the page to a PNG (rendering-chromium-to-png / screenshot.mts) and Read the pixels this session, or qualify the claim — bundle/build success is not visual verification',
+  },
+]
+
+export interface UnbackedClaim {
+  readonly label: string
+  readonly hint: string
+}
+
+// Every Bash command string the assistant ran across the whole session.
+export function sessionBashCommands(
+  transcriptPath: string | undefined,
+): string[] {
+  const lines = readLines(transcriptPath)
+  const commands: string[] = []
+  for (let i = 0, { length } = lines; i < length; i += 1) {
+    let evt: unknown
+    try {
+      evt = JSON.parse(lines[i]!)
+    } catch {
+      continue
+    }
+    const r = resolveRoleAndContent(evt)
+    if (!r || r.role !== 'assistant') {
+      continue
+    }
+    const tools = extractToolUseBlocks(r.content)
+    for (let j = 0, { length: tl } = tools; j < tl; j += 1) {
+      const t = tools[j]!
+      if (t.name !== 'Bash') {
+        continue
+      }
+      const cmd = t.input['command']
+      if (typeof cmd === 'string') {
+        commands.push(cmd)
+      }
+    }
+  }
+  return commands
+}
+
+// Claims in `assistantText` that no Bash command this session backs.
+export function findUnbackedClaims(
+  assistantText: string,
+  bashCommands: readonly string[],
+): UnbackedClaim[] {
+  const text = stripCodeFences(assistantText)
+  const joined = bashCommands.join('\n')
+  const out: UnbackedClaim[] = []
+  for (let i = 0, { length } = CLAIM_RULES; i < length; i += 1) {
+    const rule = CLAIM_RULES[i]!
+    if (!rule.claim.test(text)) {
+      continue
+    }
+    const backed = rule.backedBy.some(re => re.test(joined))
+    if (!backed) {
+      out.push({ label: rule.label, hint: rule.hint })
+    }
+  }
+  return out
+}

.claude/hooks/fleet/ai-config-drift-reminder/index.mts

@@ -105,9 +105,14 @@ async function main(): Promise<void> {
   process.stderr.write(lines.join('\n'))
 }
 
-main().catch(e => {
-  // Fail open: a reminder bug must not disrupt the turn.
-  process.stderr.write(
-    `ai-config-drift-reminder: hook error (continuing): ${(e as Error).message}\n`,
-  )
-})
+// Entrypoint-guarded: run main() only when invoked directly, NOT when the test
+// imports this module for its pure helpers — otherwise main() blocks reading
+// stdin on import and the test file never terminates.
+if (process.argv[1] && import.meta.url === `file://${process.argv[1]}`) {
+  main().catch(e => {
+    // Fail open: a reminder bug must not disrupt the turn.
+    process.stderr.write(
+      `ai-config-drift-reminder: hook error (continuing): ${(e as Error).message}\n`,
+    )
+  })
+}

.claude/hooks/fleet/alpha-sort-reminder/index.mts

@@ -244,7 +244,12 @@ async function main(): Promise<void> {
   }
 }
 
-main().catch(e => {
-  // Fail open — a reminder hook must never break a tool call.
-  process.stderr.write(`[alpha-sort-reminder] skipped: ${String(e)}\n`)
-})
+// Entrypoint-guarded: run main() only when invoked directly, NOT when the test
+// imports this module for its pure helpers (else main() blocks on stdin at
+// import and the test file never terminates).
+if (process.argv[1] && import.meta.url === `file://${process.argv[1]}`) {
+  main().catch(e => {
+    // Fail open — a reminder hook must never break a tool call.
+    process.stderr.write(`[alpha-sort-reminder] skipped: ${String(e)}\n`)
+  })
+}

.claude/hooks/fleet/changelog-no-empty-guard/index.mts

@@ -223,8 +223,13 @@ async function main(): Promise<void> {
   process.exit(2)
 }
 
-main().catch(e => {
-  process.stderr.write(
-    `[changelog-no-empty-guard] hook error (continuing): ${(e as Error).message}\n`,
-  )
-})
+// Entrypoint-guarded: run main() only when invoked directly, NOT when the test
+// imports this module for its pure helpers (else main() blocks on stdin at
+// import and the test file never terminates).
+if (process.argv[1] && import.meta.url === `file://${process.argv[1]}`) {
+  main().catch(e => {
+    process.stderr.write(
+      `[changelog-no-empty-guard] hook error (continuing): ${(e as Error).message}\n`,
+    )
+  })
+}

.claude/hooks/fleet/claude-md-rule-add-guard/README.md

@@ -0,0 +1,39 @@
+# claude-md-rule-add-guard
+
+PreToolUse(Edit|Write|MultiEdit) hook that blocks **hand-adding a new rule** to a
+`CLAUDE.md` and routes it through `scripts/fleet/codify-rule.mts` instead.
+
+Adding a rule by hand means re-fighting the 40KB whole-file cap, the per-`###`
+section ≤8-line cap, and the defer-to-`docs/agents.md/<scope>/` split every time.
+`codify-rule.mts` owns that: given a recorded memory file it uses the socket-lib
+AI helper (`spawnAiAgent`) to write the terse CLAUDE.md bullet within budget AND
+author the matching detail doc. This guard makes the script the path.
+
+## Fires when
+
+An Edit/Write to a `CLAUDE.md` whose added content introduces a new rule surface:
+
+- a new `### ` (or `#### `) section heading, or
+- a new `- ` bullet carrying a 🚨 hard-rule marker or an enforcer citation
+  (`.claude/hooks/`, `socket/<rule>`, `scripts/fleet/check/`).
+
+## Does NOT fire
+
+- Rewording an existing line (no new heading / marked bullet in the added text).
+- Edits to non-`CLAUDE.md` files.
+- The sanctioned writers: `FLEET_SYNC=1` (the cascade copies CLAUDE.md verbatim)
+  and `SOCKET_CODIFY_RULE=1` (the codify-rule agent's own write).
+
+## How to add a rule (the routed path)
+
+1. Record the lesson as a memory file (frontmatter + the *why*).
+2. `node scripts/fleet/codify-rule.mts --memory <path> --apply`
+
+It writes the terse CLAUDE.md bullet in the right section (fleet block for a
+fleet-wide invariant, the `🏗️ …-Specific` postamble for a repo rule) + the
+`docs/agents.md/{fleet,repo}/<topic>.md` detail doc, all within budget.
+
+## Bypass
+
+`Allow claude-md-rule-add bypass` (verbatim, recent user turn) — for the rare
+genuine one-off manual edit. Fails open on a malformed payload.

.claude/hooks/fleet/claude-md-rule-add-guard/index.mts

@@ -0,0 +1,112 @@
+#!/usr/bin/env node
+// Claude Code PreToolUse hook — claude-md-rule-add-guard.
+//
+// Blocks HAND-ADDING a new rule to CLAUDE.md and routes it through
+// `scripts/fleet/codify-rule.mts` instead. Adding a rule by hand means
+// re-fighting the 40KB whole-file cap + the per-`###`-section ≤8-line cap
+// + the defer-to-`docs/agents.md/<scope>/` split every single time. The
+// codify-rule script owns that: given a recorded memory file it uses the
+// socket-lib AI helper to write the terse CLAUDE.md bullet within budget
+// AND author the matching detail doc. This guard makes the script the path.
+//
+// Fires ONLY when an Edit/Write to a `CLAUDE.md` adds a NEW rule surface:
+//   - a new `### ` section heading, or
+//   - a new `- ` bullet carrying a 🚨 hard-rule marker or an enforcer
+//     citation (`.claude/hooks/` / `socket/<rule>` / `scripts/fleet/check/`).
+// It does NOT fire on rewording an existing line, on non-CLAUDE.md files,
+// or on the sanctioned writers:
+//   - FLEET_SYNC=1 (the cascade copies the canonical CLAUDE.md verbatim).
+//   - SOCKET_CODIFY_RULE=1 (the codify-rule.mts agent's own write).
+//
+// Exit 2 = block with the route-through message. Bypass: `Allow
+// claude-md-rule-add bypass` for the rare genuine manual edit.
+//
+// Fails open on parse / payload errors (a guard bug must not block edits).
+
+import process from 'node:process'
+
+import { withEditGuard } from '../_shared/payload.mts'
+import { bypassPhrasePresent } from '../_shared/transcript.mts'
+
+const BYPASS_PHRASE = 'Allow claude-md-rule-add bypass'
+
+// True when the edited path is a CLAUDE.md (the repo-root or template copy).
+export function isClaudeMd(filePath: string): boolean {
+  return /(?:^|\/)CLAUDE\.md$/.test(filePath.replaceAll('\\', '/'))
+}
+
+// True when the new content introduces a new rule surface: a `### ` heading or
+// a `- ` bullet that carries a hard-rule marker / enforcer citation. Scans the
+// added text (the Edit new_string / Write content); a reword that doesn't add a
+// heading or a marked bullet won't match.
+export function addsRuleSurface(content: string): boolean {
+  const lines = content.split('\n')
+  for (let i = 0, { length } = lines; i < length; i += 1) {
+    const line = lines[i]!
+    // A new `### ` section is always a rule-surface add.
+    if (/^#{3,4}\s+\S/.test(line)) {
+      return true
+    }
+    // A new `- ` bullet that carries a hard-rule marker or an enforcer
+    // citation is a codifiable rule (not prose).
+    if (/^\s*-\s/.test(line)) {
+      if (
+        line.includes('🚨') ||
+        line.includes('.claude/hooks/') ||
+        /\bsocket\/[a-z-]+/.test(line) ||
+        line.includes('scripts/fleet/check/')
+      ) {
+        return true
+      }
+    }
+  }
+  return false
+}
+
+await withEditGuard((filePath, content, payload) => {
+  if (!isClaudeMd(filePath) || !content) {
+    return
+  }
+  // Sanctioned writers: the cascade (verbatim copy) + the codify script's
+  // own agent write. Both legitimately add rule surfaces.
+  if (
+    process.env['FLEET_SYNC'] === '1' ||
+    process.env['SOCKET_CODIFY_RULE'] === '1'
+  ) {
+    return
+  }
+  if (!addsRuleSurface(content)) {
+    return
+  }
+  const transcriptPath =
+    typeof payload.transcript_path === 'string'
+      ? payload.transcript_path
+      : undefined
+  if (
+    transcriptPath &&
+    bypassPhrasePresent(transcriptPath, [BYPASS_PHRASE], 8)
+  ) {
+    return
+  }
+  process.stderr.write(
+    [
+      '🚨 claude-md-rule-add-guard: blocked a hand-added CLAUDE.md rule.',
+      '',
+      `  File:  ${filePath}`,
+      '',
+      '  Adding a rule by hand re-fights the 40KB whole-file cap, the per-`###`',
+      '  section ≤8-line cap, and the defer-to-docs split every time. Route it',
+      '  through the codify-rule script, which uses the AI helper to write the',
+      '  terse CLAUDE.md bullet within budget AND author the detail doc:',
+      '',
+      '    1. Record the lesson as a memory file (frontmatter + the *why*).',
+      '    2. node scripts/fleet/codify-rule.mts --memory <path> --apply',
+      '',
+      '  It targets docs/agents.md/{fleet,repo}/<topic>.md + the right CLAUDE.md',
+      '  section automatically.',
+      '',
+      `  Genuine one-off manual edit? Type "${BYPASS_PHRASE}".`,
+    ].join('\n') + '\n',
+  )
+  process.exitCode = 2
+})

…et/oxlint-plugin-load-guard/package.json …et/claude-md-rule-add-guard/package.json.claude/hooks/fleet/oxlint-plugin-load-guard/package.json renamed to .claude/hooks/fleet/claude-md-rule-add-guard/package.json .claude/hooks/fleet/oxlint-plugin-load-guard/package.json renamed to .claude/hooks/fleet/claude-md-rule-add-guard/package.json

@@ -1,5 +1,5 @@
 {
-  "name": "hook-oxlint-plugin-load-guard",
+  "name": "hook-claude-md-rule-add-guard",
   "private": true,
   "type": "module",
   "main": "./index.mts",