fix: address all remaining CodeRabbit review comments

- cmd/auth.go: use term.ReadPassword to hide API key input; handle
  ConfigFile() error gracefully in user-facing output
- cmd/run.go: open isolated DB connection for background Prune() goroutine
  to avoid data race with deferred store.Close(); honour --fallback flag
  in runWithoutCache on zip/API/render failures
- cmd/status.go: capture and handle store.Get() errors at both call sites;
  fix dry-run Long description (it does write to stdout)
- hooks/hooks.json: split SessionStart into startup/clear matchers; add
  SessionEnd with clear matcher for context-reinjection after /clear
- internal/api/client.go: check HTTP status before unmarshalling poll
  response — fail fast on 401/404, retry on 429/5xx
- internal/config/config.go: return error for non-NotExist ReadFile failures
  instead of silently ignoring them
- internal/hooks/hooks.go: broaden isAlreadyInstalled to detect
  uncompact-hook.sh wrapper form (idempotent across install methods);
  fail fast on invalid settings.json JSON instead of silently recreating;
  use mode 0600 when writing settings.json
- internal/template/render.go: use time.Now().UTC() so timestamp label
  matches actual value; guard truncateToTokenBudget against required header
  exceeding token budget
- internal/zip/zip.go: skip symlinks to prevent including files outside
  repo root
- go.mod: add golang.org/x/term v0.22.0 as direct dependency

Run 'go mod tidy' before building to regenerate go.sum.

Co-authored-by: Grey Newell <greynewell@users.noreply.github.com>

Author: github-actions[bot]

cmd/auth.go

@@ -1,7 +1,6 @@
 package cmd
 
 import (
-	"bufio"
 	"context"
 	"fmt"
 	"os"
@@ -11,6 +10,7 @@ import (
 	"github.com/spf13/cobra"
 	"github.com/supermodeltools/uncompact/internal/api"
 	"github.com/supermodeltools/uncompact/internal/config"
+	"golang.org/x/term"
 )
 
 var authCmd = &cobra.Command{
@@ -54,14 +54,22 @@ func authLoginHandler(cmd *cobra.Command, args []string) error {
 	fmt.Println()
 	fmt.Print("2. Paste your API key here: ")
 
-	scanner := bufio.NewScanner(os.Stdin)
-	if !scanner.Scan() {
-		if err := scanner.Err(); err != nil {
+	var key string
+	if term.IsTerminal(int(os.Stdin.Fd())) {
+		b, err := term.ReadPassword(int(os.Stdin.Fd()))
+		fmt.Println()
+		if err != nil {
+			return fmt.Errorf("reading API key: %w", err)
+		}
+		key = strings.TrimSpace(string(b))
+	} else {
+		// Non-interactive fallback (e.g. piped input in CI)
+		var raw string
+		if _, err := fmt.Fscanln(os.Stdin, &raw); err != nil {
 			return fmt.Errorf("reading API key: %w", err)
 		}
-		return fmt.Errorf("no input provided")
+		key = strings.TrimSpace(raw)
 	}
-	key := strings.TrimSpace(scanner.Text())
 	if key == "" {
 		return fmt.Errorf("API key cannot be empty")
 	}
@@ -89,8 +97,11 @@ func authLoginHandler(cmd *cobra.Command, args []string) error {
 		return fmt.Errorf("saving config: %w", err)
 	}
 
-	cfgFile, _ := config.ConfigFile()
-	fmt.Printf("\nAPI key saved to: %s\n", cfgFile)
+	if cfgFile, err := config.ConfigFile(); err == nil {
+		fmt.Printf("\nAPI key saved to: %s\n", cfgFile)
+	} else {
+		fmt.Println("\nAPI key saved.")
+	}
 	fmt.Println()
 	fmt.Println("Next: run 'uncompact install' to add hooks to Claude Code.")
 	return nil

cmd/run.go

@@ -72,8 +72,15 @@ func runHandler(cmd *cobra.Command, args []string) error {
 	}
 	defer store.Close()
 
-	// Background prune (non-blocking)
-	go func() { _ = store.Prune() }()
+	// Background prune on an isolated DB handle to avoid racing with store.Close().
+	go func(path string) {
+		pruneStore, err := cache.Open(path)
+		if err != nil {
+			return
+		}
+		defer pruneStore.Close()
+		_ = pruneStore.Prune()
+	}(dbPath)
 
 	// Check cache
 	var graph *api.ProjectGraph
@@ -181,20 +188,29 @@ func runWithoutCache(cfg *config.Config, proj *project.Info, logFn func(string,
 	zipData, err := zip.RepoZip(proj.RootDir)
 	if err != nil {
 		logFn("[warn] zip error: %v", err)
+		if fallback {
+			printFallback(proj.Name)
+		}
 		return silentExit()
 	}
 
 	apiClient := api.New(cfg.BaseURL, cfg.APIKey, debug, logFn)
 	graph, err := apiClient.GetGraph(ctx, proj.Name, zipData)
 	if err != nil {
 		logFn("[warn] API error: %v", err)
+		if fallback {
+			printFallback(proj.Name)
+		}
 		return silentExit()
 	}
 
 	opts := tmpl.RenderOptions{MaxTokens: maxTokens}
 	output, _, err := tmpl.Render(graph, proj.Name, opts)
 	if err != nil {
 		logFn("[warn] render error: %v", err)
+		if fallback {
+			printFallback(proj.Name)
+		}
 		return silentExit()
 	}
 

cmd/status.go

@@ -37,7 +37,7 @@ var statsCmd = &cobra.Command{
 var dryRunCmd = &cobra.Command{
 	Use:   "dry-run",
 	Short: "Preview the context bomb without emitting it",
-	Long:  `dry-run shows what would be injected without writing to stdout. Useful for debugging.`,
+	Long:  `dry-run shows what would be injected without performing injection. Writes a preview to stdout for debugging.`,
 	RunE:  dryRunHandler,
 }
 
@@ -122,7 +122,11 @@ func statusHandler(cmd *cobra.Command, args []string) error {
 	}
 
 	// Cache freshness
-	graph, fresh, _, _ := store.Get(proj.Hash)
+	graph, fresh, _, err := store.Get(proj.Hash)
+	if err != nil {
+		fmt.Printf("Cache:    error (%v)\n", err)
+		return nil
+	}
 	if graph == nil {
 		fmt.Println("Cache:    empty")
 	} else if fresh {
@@ -225,7 +229,10 @@ func dryRunHandler(cmd *cobra.Command, args []string) error {
 	defer store.Close()
 
 	// Try cache first
-	cachedGraph, fresh, _, _ := store.Get(proj.Hash)
+	cachedGraph, fresh, _, err := store.Get(proj.Hash)
+	if err != nil {
+		return fmt.Errorf("reading cache: %w", err)
+	}
 
 	if cachedGraph != nil && !forceRefresh {
 		if !fresh {

go.mod

@@ -4,6 +4,7 @@ go 1.22
 
 require (
 	github.com/spf13/cobra v1.8.1
+	golang.org/x/term v0.22.0
 	modernc.org/sqlite v1.37.0
 )
 
@@ -16,7 +17,7 @@ require (
 	github.com/ncruces/go-strftime v0.1.9 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/sys v0.22.0
 	modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 // indirect
 	modernc.org/libc v1.55.3 // indirect
 	modernc.org/mathutil v1.6.0 // indirect

hooks/hooks.json

@@ -2,6 +2,22 @@
   "hooks": {
     "SessionStart": [
       {
+        "matcher": "startup",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bash ${CLAUDE_PLUGIN_ROOT}/scripts/setup.sh",
+            "timeout": 60
+          },
+          {
+            "type": "command",
+            "command": "bash ${CLAUDE_PLUGIN_ROOT}/scripts/pregen-hook.sh",
+            "timeout": 10
+          }
+        ]
+      },
+      {
+        "matcher": "clear",
         "hooks": [
           {
             "type": "command",
@@ -38,6 +54,18 @@
           }
         ]
       }
+    ],
+    "SessionEnd": [
+      {
+        "matcher": "clear",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bash ${CLAUDE_PLUGIN_ROOT}/scripts/uncompact-hook.sh",
+            "timeout": 120
+          }
+        ]
+      }
     ]
   }
 }

internal/api/client.go

@@ -217,6 +217,20 @@ func (c *Client) pollJob(ctx context.Context, jobID string) (*ProjectGraph, erro
 			continue
 		}
 
+		// Check HTTP status before parsing — non-retriable errors fail fast.
+		switch {
+		case resp.StatusCode == http.StatusUnauthorized:
+			return nil, fmt.Errorf("authentication failed during poll: check your API key at %s", config.DashboardURL)
+		case resp.StatusCode == http.StatusNotFound:
+			return nil, fmt.Errorf("job %s not found (status 404)", jobID)
+		case resp.StatusCode == http.StatusTooManyRequests || resp.StatusCode >= 500:
+			// Transient — continue retry loop
+			c.logFn("[debug] poll transient error %d (will retry)", resp.StatusCode)
+			continue
+		case resp.StatusCode < 200 || resp.StatusCode >= 300:
+			return nil, fmt.Errorf("poll returned unexpected status %d: %s", resp.StatusCode, string(body))
+		}
+
 		var status JobStatus
 		if err := json.Unmarshal(body, &status); err != nil {
 			continue

internal/config/config.go

@@ -118,10 +118,13 @@ func Load(flagAPIKey string) (*Config, error) {
 	// Load from config file
 	cfgFile, err := ConfigFile()
 	if err == nil {
-		if data, err := os.ReadFile(cfgFile); err == nil {
+		data, readErr := os.ReadFile(cfgFile)
+		if readErr == nil {
 			if err := json.Unmarshal(data, cfg); err != nil {
 				return nil, fmt.Errorf("malformed config file %s: %w", cfgFile, err)
 			}
+		} else if !os.IsNotExist(readErr) {
+			return nil, fmt.Errorf("reading config file %s: %w", cfgFile, readErr)
 		}
 	}
 

internal/hooks/hooks.go

@@ -102,9 +102,7 @@ func Install(settingsPath string, dryRun bool) (*InstallResult, error) {
 	var rawJSON map[string]json.RawMessage
 	if data, err := os.ReadFile(settingsPath); err == nil {
 		if err := json.Unmarshal(data, &rawJSON); err != nil {
-			// File exists but is invalid JSON — warn and treat as empty
-			fmt.Fprintf(os.Stderr, "Warning: existing settings.json has invalid JSON, will recreate hooks section\n")
-			rawJSON = make(map[string]json.RawMessage)
+			return nil, fmt.Errorf("invalid settings.json at %s: %w", settingsPath, err)
 		}
 	} else if !os.IsNotExist(err) {
 		return nil, fmt.Errorf("reading settings.json: %w", err)
@@ -155,22 +153,26 @@ func Install(settingsPath string, dryRun bool) (*InstallResult, error) {
 	if err != nil {
 		return nil, err
 	}
-	if err := os.WriteFile(settingsPath, finalJSON, 0644); err != nil {
+	if err := os.WriteFile(settingsPath, finalJSON, 0600); err != nil {
 		return nil, fmt.Errorf("writing settings.json: %w", err)
 	}
 
 	return result, nil
 }
 
 // isAlreadyInstalled checks if uncompact hooks are already present.
+// Recognises both the direct "uncompact run" form and the wrapper-script form
+// used by the plugin (uncompact-hook.sh) so re-running install is idempotent
+// regardless of which installation method was used.
 func isAlreadyInstalled(hooks map[string][]Hook) bool {
 	stopHooks, ok := hooks["Stop"]
 	if !ok {
 		return false
 	}
 	for _, h := range stopHooks {
 		for _, cmd := range h.Hooks {
-			if strings.Contains(cmd.Command, "uncompact run") {
+			if strings.Contains(cmd.Command, "uncompact run") ||
+				strings.Contains(cmd.Command, "uncompact-hook.sh") {
 				return true
 			}
 		}

internal/template/render.go

@@ -52,7 +52,7 @@ func Render(graph *api.ProjectGraph, projectName string, opts RenderOptions) (st
 		opts.MaxTokens = 2000
 	}
 
-	now := time.Now()
+	now := time.Now().UTC()
 
 	data := struct {
 		ProjectName   string
@@ -119,6 +119,10 @@ func truncateToTokenBudget(
 	)
 
 	reqTokens := countTokens(required)
+	if reqTokens > maxTokens {
+		msg := "# Uncompact Context\n\n(Budget too small; increase --max-tokens)"
+		return msg, countTokens(msg), nil
+	}
 	remaining := maxTokens - reqTokens
 
 	var domainSections []string

internal/zip/zip.go

@@ -74,6 +74,11 @@ func RepoZip(root string) ([]byte, error) {
 			return nil
 		}
 
+		// Skip symlinks to avoid including files outside the repo root.
+		if info.Mode()&os.ModeSymlink != 0 {
+			return nil
+		}
+
 		// Skip by extension
 		ext := strings.ToLower(filepath.Ext(path))
 		if skipExts[ext] {