11# Contributing
22
3- Secure Claude Code is meant to feel like antivirus for Claude Code: small install, obvious value, low noise .
3+ Secure Claude Code is designed around small, reviewable protection packs instead of a single growing script .
44
5- ## Product Rules
5+ ## Contribution Principles
66
7- - local-first beats cloud-first
8- - high-confidence blocks beat noisy heuristics
9- - safe install beats clever install
10- - plain-text config beats hidden magic
11- - one focused protection pack beats one giant script
7+ - prefer high-confidence protections over noisy heuristics
8+ - keep install, update, and uninstall boring and reliable
9+ - keep configuration editable in plain text when possible
10+ - design packs so they can be enabled or disabled cleanly by profile
11+ - favor narrow, explainable behavior over broad magic
1212
13- ## Add A New Protection Pack
13+ ## Adding A Protection Pack
1414
15- 1 . Create ` modules/<pack-id>/module.json `
16- 2 . Add the hook script in ` hooks/<pack-id>.sh `
17- 3 . Add any plain-text defaults in ` config/ ` if needed
18- 4 . Add the pack to one or more profiles in ` profiles/*.txt `
19- 5 . Update ` README.md ` and ` ROADMAP.md ` if the pack changes product positioning
20- 6 . If the change affects onboarding, update the PowerShell wrappers or platform docs too
15+ 1 . Create ` modules/<pack-id>/module.json ` .
16+ 2 . Add the hook implementation in ` hooks/ ` .
17+ 3 . Add any default config in ` config/ ` when tuning should stay user-editable.
18+ 4 . Add the pack to one or more profiles in ` profiles/*.txt ` .
19+ 5 . Update ` README.md ` if the pack changes default coverage or install guidance.
20+ 6 . Update ` ROADMAP.md ` if the pack closes or changes a planned area.
2121
22- ## Pack Checklist
22+ ## Pack Quality Bar
2323
24- - the pack solves one clear risk
25- - the block or warning is understandable in one glance
26- - the message explains ` reason ` and ` next `
27- - the config can be tuned without editing the hook when possible
28- - the behavior is safe to reinstall and easy to remove
29- - the pack keeps macOS, Linux, and Windows users in mind
24+ - the pack addresses one clear risk
25+ - the message is understandable at a glance
26+ - the output explains ` reason ` and ` next `
27+ - the behavior is safe to reinstall
28+ - the behavior is easy to remove
29+ - the design works for macOS, Linux, and shell-based Windows paths
3030
31- ## Pack Template
31+ ## Example Manifest
3232
3333``` json
3434{
3535 "id" : " protect-tests" ,
3636 "name" : " Test Integrity Pack" ,
37- "description" : " Warns or blocks when tests are removed or disabled ." ,
37+ "description" : " Warns or blocks when tests are removed or weakened ." ,
3838 "category" : " quality" ,
3939 "kind" : " warn" ,
4040 "default_profiles" : [" strict" ],
@@ -53,12 +53,11 @@ Secure Claude Code is meant to feel like antivirus for Claude Code: small instal
5353
5454## Validation
5555
56- Before opening a PR, run :
56+ Run before opening a PR:
5757
5858``` bash
5959bash -n bin/shield bin/secure-claude-code install.sh uninstall.sh update.sh scripts/* .sh hooks/* .sh
6060./bin/secure-claude-code list protections
6161./bin/secure-claude-code generate-config balanced
62+ bash tests/smoke.sh
6263```
63-
64- If you add install behavior, also do a temp-home smoke test.
0 commit comments