Project Context Sync

What to check before installing: - Review the scripts locally (install.sh, update-context.sh, post-commit-hook.sh). The installer will modify .git/hooks/post-commit and write .project-context.yml and PROJECT_STATE.md into the repo. - Understand AI mode: if ai_summary: true, the hook may read ~/.clawdbot/clawdbot.json or the CLAWDBOT_TOKEN env var and POST commit context (commit messages, changed filenames, diff stats) to http://localhost:<port>/v1/chat/completions with that bearer token. Confirm your Clawdbot gateway is configured to bind only to loopback and is not proxying requests to an external/untrusted service. - Secrets: the script reads a token from your home config — treat that as sensitive. If you don't want any tokens read or network calls, set ai_summary: false in .project-context.yml before installing. - Tooling: the scripts use git, curl, and optionally jq; ensure those are available. Note sed -i '' is BSD/macOS style and may not work unchanged on Linux (the install/uninstall scripts use it). - Test safely: install in a disposable/test repository first to observe behavior. Make a commit and inspect PROJECT_STATE.md and whether any network calls occur (e.g., run update-context.sh manually and watch curl). - Uninstall: uninstall.sh will attempt to remove the hook or the appended lines; it leaves PROJECT_STATE.md and .project-context.yml in place (remove manually if desired). Given the undeclared access to a local token file and the potential to transmit repository information, proceed only if you trust the code and your local Clawdbot gateway configuration. If you want to be conservative, disable ai_summary or inspect/modify update-context.sh to remove or alter the network call before installing.