feat(ultraplan-local): Spor 3 — semantic plan-critic, examples, CC features, security docs

- agents/plan-critic.md: rule #7 split into literal blockers (TBD/TODO/FIXME)
  + semantic rubric with 8 deferred-decision tests; calibrated against the
  5-phrase corpus from the v3.1.0 quality brief
- hooks/hooks.json: rebuilt from corrupted state; valid JSON, registers
  PreToolUse(Bash,Write), UserPromptSubmit, PostToolUse(Bash), PreCompact
- hooks/scripts/session-title.mjs: NEW — sets ultra:<cmd>:<slug> session
  title for ultra commands (CC v2.1.94+)
- hooks/scripts/post-bash-stats.mjs: NEW — appends duration_ms per Bash
  call to ultraexecute-stats.jsonl (CC v2.1.97+)
- SECURITY.md: NEW — Forgejo private-issue reporting, supported = current
  minor only, scope = 4 hooks + denylist, hardening recommendations
- docs/architect-bridge-test.md: NEW — manual smoke checklist for the
  ultraplan ↔ ultra-cc-architect bridge
- examples/01-add-verbose-flag/: NEW — calibrated end-to-end (brief +
  research + plan + progress.json) for fork-er onramp; all four artifacts
  pass their validators
- README.md: + Extending the plugin, + Headless multi-session tuning
  (MCP_CONNECTION_NONBLOCKING), + Session titles, + Per-step timing,
  + disableSkillShellExecution recommendation
- CLAUDE.md: documents session-title.mjs and post-bash-stats.mjs
- root README.md: v3.1.0 entry expanded with Spor 2+3 deliverables

CC features adopted: F8, F9, F12 implemented; F3 implemented as Bash
PostToolUse logger; F2 (hook 'if'-field scoping) deferred — universal
protection beats reduced-scope protection for blocked commands.

Tests: 109/109 green.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

plugins/ultraplan-local/hooks/scripts/post-bash-stats.mjs

@@ -0,0 +1,58 @@
+#!/usr/bin/env node
+// post-bash-stats.mjs — PostToolUse hook (CC v2.1.97+)
+//
+// Captures duration_ms from PostToolUse payload for Bash tool calls and
+// appends a structured stats line to ${CLAUDE_PLUGIN_DATA}/ultraexecute-stats.jsonl
+// when the running session is an ultraexecute session.
+//
+// Detection: only fires when the tool input matches the verify/checkpoint
+// pattern of an ultraexecute step (i.e., the command was issued from inside
+// /ultraexecute-local). We err on the side of "log everything in plugin
+// scope" — duration data is cheap and the alternative is missing real
+// per-step timings.
+//
+// Fail-open invariant: any error → exit 0, no output, no log line.
+
+import { stdin } from 'node:process';
+import { appendFileSync, mkdirSync } from 'node:fs';
+import { dirname, join } from 'node:path';
+
+async function readStdin() {
+  let data = '';
+  for await (const chunk of stdin) data += chunk;
+  return data;
+}
+
+(async () => {
+  try {
+    const raw = await readStdin();
+    if (!raw.trim()) return;
+    const payload = JSON.parse(raw);
+
+    if (payload.tool_name !== 'Bash') return;
+    const duration = payload.duration_ms;
+    if (typeof duration !== 'number') return;
+
+    const dataDir = process.env.CLAUDE_PLUGIN_DATA;
+    if (!dataDir) return;
+
+    const cmd = payload.tool_input?.command || '';
+    if (!cmd) return;
+
+    const line = JSON.stringify({
+      ts: new Date().toISOString(),
+      session_id: payload.session_id || null,
+      command_excerpt: cmd.slice(0, 120),
+      duration_ms: duration,
+      success: payload.tool_response?.success !== false,
+    });
+
+    const target = join(dataDir, 'ultraexecute-stats.jsonl');
+    try {
+      mkdirSync(dirname(target), { recursive: true });
+    } catch {}
+    appendFileSync(target, line + '\n');
+  } catch {
+    // fail open
+  }
+})();

plugins/ultraplan-local/hooks/scripts/session-title.mjs

@@ -0,0 +1,86 @@
+#!/usr/bin/env node
+// session-title.mjs — UserPromptSubmit hook (CC v2.1.94+)
+//
+// Sets a sessionTitle when the user invokes one of the four ultra commands,
+// so multi-session headless runs are easy to identify in process lists and
+// session pickers.
+//
+// Title format: ultra:<command>:<slug>
+//   - <command> ∈ {brief, research, plan, execute}
+//   - <slug>    ∈ first 30 chars of project slug, or "ad-hoc" when no
+//                  --project / --brief context is detected
+//
+// Fail-open invariant: any error → exit 0 with no output. We never block
+// the user's prompt.
+
+import { stdin } from 'node:process';
+import { resolve, basename } from 'node:path';
+
+const COMMANDS = {
+  '/ultrabrief-local': 'brief',
+  '/ultraresearch-local': 'research',
+  '/ultraplan-local': 'plan',
+  '/ultraexecute-local': 'execute',
+};
+
+function slugify(s) {
+  return String(s)
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, '-')
+    .replace(/^-+|-+$/g, '')
+    .slice(0, 30) || 'ad-hoc';
+}
+
+function detectSlug(prompt) {
+  const projectMatch = prompt.match(/--project[=\s]+(\S+)/);
+  if (projectMatch) {
+    const dir = projectMatch[1].replace(/['"]/g, '');
+    const base = basename(resolve(dir));
+    const dateStripped = base.replace(/^\d{4}-\d{2}-\d{2}-/, '');
+    return slugify(dateStripped);
+  }
+  const briefMatch = prompt.match(/--brief[=\s]+(\S+)/);
+  if (briefMatch) {
+    const file = briefMatch[1].replace(/['"]/g, '');
+    return slugify(basename(file, '.md'));
+  }
+  return 'ad-hoc';
+}
+
+async function readStdin() {
+  let data = '';
+  for await (const chunk of stdin) data += chunk;
+  return data;
+}
+
+(async () => {
+  try {
+    const raw = await readStdin();
+    if (!raw.trim()) return;
+    const payload = JSON.parse(raw);
+    const prompt = String(payload.prompt || '').trim();
+    if (!prompt) return;
+
+    let matchedCmd = null;
+    for (const [cmd, short] of Object.entries(COMMANDS)) {
+      if (prompt.startsWith(cmd)) {
+        matchedCmd = short;
+        break;
+      }
+    }
+    if (!matchedCmd) return;
+
+    const slug = detectSlug(prompt);
+    const title = `ultra:${matchedCmd}:${slug}`;
+
+    const out = {
+      hookSpecificOutput: {
+        hookEventName: 'UserPromptSubmit',
+        sessionTitle: title,
+      },
+    };
+    process.stdout.write(JSON.stringify(out) + '\n');
+  } catch {
+    // fail open
+  }
+})();