0dca8797be
Critical fixes: - Fail-closed: shim returns deny if daemon unreachable - Validators compiled into binary, not loaded dynamically - Socket directory created with 0700 permissions Important fixes: - Document match target fields per hook type - Note PreToolUse vs PostToolUse response format difference - Defer only_when/except_when conditions to future version - Add concrete match_base_command_not_in example - Specify PID file locations - Add versioning scheme for rules and config - Defer post.rules linting to future version Other: - Clarify exfiltration rules (not blocking bare curl/wget) - Add missing yarn to allowed executables - Fix macOS socket path (avoid space in Application Support) - Note Burrito first-run unpack latency - Document existing hooks coexistence Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>