chore: .claude hooks (pretooluse_bash, posttooluse_writeedit, sessionstart) + settings.local.json.example

[constk]

Problem

LLM coding agents (Claude Code, etc.) without hook scaffolding will still try --no-verify, paste secrets into commits, and skip formatting. The hook stack enforces the harness from the agent side.

Proposed solution

Port .claude/hooks/pretooluse_bash.py (forbidden-flag blocker for --no-verify/--no-hooks/--no-gpg-sign, secret scanner on git commit for AWS/sk-*/ghp_/PEM/Slack tokens, audit log to .claude/bash-log.txt). Port .claude/hooks/posttooluse_writeedit.py (formatter dispatch: ruff for .py, prettier for .ts/.tsx/.js/.json/.css/.html/.md). Port .claude/hooks/sessionstart.py (prints branch + git status --short as additionalContext). Port .claude/settings.local.json.example wiring all three.

Acceptance criteria

• All three hook scripts pass mypy --strict and ruff check.
• Smoke-test: git commit --no-verify is blocked by pretooluse_bash when invoked through the harness.
• Smoke-test: editing a .py file triggers ruff format silently.
• .claude/settings.local.json.example documents how to copy to settings.local.json to opt in.
• .claude/bash-log.txt is in .gitignore (chore: .gitignore, .editorconfig, .dockerignore #5).

Priority rationale

High: this IS the LLM-coder-side enforcement. Without it, the harness only catches violations in CI, not at the keyboard.

Depends on

#1

[constk]

Auto-close did not fire from the squash-merge body. Marking closed retrospectively — the work shipped weeks ago and the project board's Done column reflects the actual state once the project-item move that follows this comment lands.