feat: add worktree workflow hooks for parallel session safety

Add guard-git.sh (PreToolUse) to block dangerous git commands that
interfere with parallel sessions, and track-edits.sh (PostToolUse) to
log edited files so commits can be validated against the session log.
Update CLAUDE.md with worktree-first workflow and fix the Claude Code
hooks example in recommended-practices.md to use the correct schema.

Author: github-actions[bot]

.claude/.gitignore

@@ -0,0 +1 @@
+session-edits.log

.claude/hooks/guard-git.sh

@@ -0,0 +1,111 @@
+#!/usr/bin/env bash
+# guard-git.sh — PreToolUse hook for Bash tool calls
+# Blocks dangerous git commands that interfere with parallel sessions
+# and validates commits against the session edit log.
+
+set -euo pipefail
+
+INPUT=$(cat)
+
+# Extract the command from tool_input JSON
+COMMAND=$(echo "$INPUT" | node -e "
+  let d='';
+  process.stdin.on('data',c=>d+=c);
+  process.stdin.on('end',()=>{
+    const p=JSON.parse(d).tool_input?.command||'';
+    if(p)process.stdout.write(p);
+  });
+" 2>/dev/null) || true
+
+if [ -z "$COMMAND" ]; then
+  exit 0
+fi
+
+# Only act on git commands
+if ! echo "$COMMAND" | grep -qE '^\s*git\s+'; then
+  exit 0
+fi
+
+deny() {
+  local reason="$1"
+  node -e "
+    console.log(JSON.stringify({
+      hookSpecificOutput: {
+        hookEventName: 'PreToolUse',
+        permissionDecision: 'deny',
+        permissionDecisionReason: process.argv[1]
+      }
+    }));
+  " "$reason"
+  exit 0
+}
+
+# --- Block dangerous commands ---
+
+# git add . / git add -A / git add --all (broad staging)
+if echo "$COMMAND" | grep -qE '^\s*git\s+add\s+(\.\s*$|-A|--all)'; then
+  deny "BLOCKED: 'git add .' / 'git add -A' stages ALL changes including other sessions' work. Stage specific files instead: git add <file1> <file2>"
+fi
+
+# git reset (unstaging / hard reset)
+if echo "$COMMAND" | grep -qE '^\s*git\s+reset'; then
+  deny "BLOCKED: 'git reset' can unstage or destroy other sessions' work. To unstage your own files, use: git restore --staged <file>"
+fi
+
+# git checkout -- <file> (reverting files)
+if echo "$COMMAND" | grep -qE '^\s*git\s+checkout\s+--'; then
+  deny "BLOCKED: 'git checkout -- <file>' reverts working tree changes and may destroy other sessions' edits. If you need to discard your own changes, be explicit about which files."
+fi
+
+# git restore (reverting) — EXCEPT git restore --staged (safe unstaging)
+if echo "$COMMAND" | grep -qE '^\s*git\s+restore'; then
+  if ! echo "$COMMAND" | grep -qE '^\s*git\s+restore\s+--staged'; then
+    deny "BLOCKED: 'git restore <file>' reverts working tree changes and may destroy other sessions' edits. To unstage files safely, use: git restore --staged <file>"
+  fi
+fi
+
+# git clean (delete untracked files)
+if echo "$COMMAND" | grep -qE '^\s*git\s+clean'; then
+  deny "BLOCKED: 'git clean' deletes untracked files that may belong to other sessions."
+fi
+
+# git stash (hides all changes)
+if echo "$COMMAND" | grep -qE '^\s*git\s+stash'; then
+  deny "BLOCKED: 'git stash' hides all working tree changes including other sessions' work. In worktree mode, commit your changes directly instead."
+fi
+
+# --- Commit validation against edit log ---
+
+if echo "$COMMAND" | grep -qE '^\s*git\s+commit'; then
+  PROJECT_DIR="${CLAUDE_PROJECT_DIR:-.}"
+  LOG_FILE="$PROJECT_DIR/.claude/session-edits.log"
+
+  # If no edit log exists, allow (backward compat for sessions without tracking)
+  if [ ! -f "$LOG_FILE" ] || [ ! -s "$LOG_FILE" ]; then
+    exit 0
+  fi
+
+  # Get unique edited files from log
+  EDITED_FILES=$(awk '{print $2}' "$LOG_FILE" | sort -u)
+
+  # Get staged files
+  STAGED_FILES=$(git diff --cached --name-only 2>/dev/null) || true
+
+  if [ -z "$STAGED_FILES" ]; then
+    exit 0
+  fi
+
+  # Find staged files that weren't edited in this session
+  UNEXPECTED=""
+  while IFS= read -r staged_file; do
+    if ! echo "$EDITED_FILES" | grep -qxF "$staged_file"; then
+      UNEXPECTED="${UNEXPECTED:+$UNEXPECTED, }$staged_file"
+    fi
+  done <<< "$STAGED_FILES"
+
+  if [ -n "$UNEXPECTED" ]; then
+    deny "BLOCKED: These staged files were NOT edited in this session: $UNEXPECTED. They may belong to another session. Commit only your files: git commit <your-files> -m \"msg\""
+  fi
+fi
+
+exit 0

.claude/hooks/track-edits.sh

@@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+# track-edits.sh — PostToolUse hook for Edit and Write tools
+# Logs each edited file path to .claude/session-edits.log so that
+# guard-git.sh can validate commits against actually-edited files.
+# In worktrees each session gets its own log automatically.
+# Always exits 0 (informational only, never blocks).
+
+set -euo pipefail
+
+INPUT=$(cat)
+
+# Extract file_path from tool_input JSON
+FILE_PATH=$(echo "$INPUT" | node -e "
+  let d='';
+  process.stdin.on('data',c=>d+=c);
+  process.stdin.on('end',()=>{
+    const p=JSON.parse(d).tool_input?.file_path||'';
+    if(p)process.stdout.write(p);
+  });
+" 2>/dev/null) || true
+
+if [ -z "$FILE_PATH" ]; then
+  exit 0
+fi
+
+PROJECT_DIR="${CLAUDE_PROJECT_DIR:-.}"
+LOG_FILE="$PROJECT_DIR/.claude/session-edits.log"
+
+# Normalize to relative path with forward slashes
+REL_PATH=$(node -e "
+  const path = require('path');
+  const abs = path.resolve(process.argv[1]);
+  const base = path.resolve(process.argv[2]);
+  const rel = path.relative(base, abs).split(path.sep).join('/');
+  process.stdout.write(rel);
+" "$FILE_PATH" "$PROJECT_DIR" 2>/dev/null) || true
+
+if [ -z "$REL_PATH" ]; then
+  exit 0
+fi
+
+# Append timestamped entry
+mkdir -p "$(dirname "$LOG_FILE")"
+echo "$(date -u +%Y-%m-%dT%H:%M:%SZ) $REL_PATH" >> "$LOG_FILE"
+
+exit 0

.claude/settings.json

@@ -8,6 +8,11 @@
             "type": "command",
             "command": "bash \"$CLAUDE_PROJECT_DIR/.claude/hooks/check-readme.sh\"",
             "timeout": 10
+          },
+          {
+            "type": "command",
+            "command": "bash \"$CLAUDE_PROJECT_DIR/.claude/hooks/guard-git.sh\"",
+            "timeout": 10
           }
         ]
       },
@@ -31,6 +36,23 @@
           }
         ]
       }
+    ],
+    "PostToolUse": [
+      {
+        "matcher": "Edit|Write",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bash \"$CLAUDE_PROJECT_DIR/.claude/hooks/rebuild-graph.sh\"",
+            "timeout": 30
+          },
+          {
+            "type": "command",
+            "command": "bash \"$CLAUDE_PROJECT_DIR/.claude/hooks/track-edits.sh\"",
+            "timeout": 5
+          }
+        ]
+      }
     ]
   }
 }

CLAUDE.md

@@ -112,14 +112,20 @@ If codegraph reports an error, crashes, or produces wrong results when analyzing
 
 ## Parallel Sessions
 
-Multiple Claude Code instances run concurrently in this repo. To avoid breaking each other's work:
-
-- **Never unstage files** (`git reset`, `git restore --staged`) — another session may have staged them intentionally.
-- **Never delete or revert files** you didn't create or modify in this session.
-- **Never run `git checkout -- <file>`** or `git restore <file>` on files outside your task scope.
-- **Never run `git add .` or `git add -A`** — only stage files you explicitly changed.
-- **Ignore "unexpected" dirty files** — if `git status` shows changes you didn't make, leave them alone. They belong to another session.
-- **Do not "clean up" lint/format issues** in files you aren't working on. Another session may be mid-edit.
+Multiple Claude Code instances run concurrently in this repo. **Every session must start with `/worktree`** to get an isolated copy of the repo before making any changes. This prevents cross-session interference entirely.
+
+**Safety hooks** (`.claude/hooks/guard-git.sh` and `track-edits.sh`) enforce these rules automatically:
+
+- `guard-git.sh` (PreToolUse on Bash) **blocks**: `git add .`, `git add -A`, `git reset`, `git checkout -- <file>`, `git restore <file>`, `git clean`, `git stash`. It allows `git restore --staged <file>` for safe unstaging.
+- `guard-git.sh` also **validates commits**: compares staged files against the session edit log and blocks commits that include files you didn't edit.
+- `track-edits.sh` (PostToolUse on Edit/Write) logs every file you touch to `.claude/session-edits.log` (gitignored, per-worktree).
+
+**Rules:**
+- Run `/worktree` before starting work
+- Stage only files you explicitly changed
+- Commit with specific file paths: `git commit <files> -m "msg"`
+- Ignore unexpected dirty files — they belong to another session
+- Do not clean up lint/format issues in files you aren't working on
 
 ## Git Conventions
 

docs/recommended-practices.md

@@ -197,14 +197,29 @@ You can configure [Claude Code hooks](https://docs.anthropic.com/en/docs/claude-
     "PostToolUse": [
       {
         "matcher": "Edit|Write",
-        "command": "codegraph build --incremental"
+        "hooks": [
+          {
+            "type": "command",
+            "command": "codegraph build",
+            "timeout": 30
+          }
+        ]
       }
     ]
   }
 }
 ```
 
-This ensures the graph stays fresh as the AI agent modifies files.
+This ensures the graph stays fresh as the AI agent modifies files. Incremental builds are automatic — only changed files are re-parsed.
+
+#### Parallel session safety hooks
+
+When multiple AI agents work on the same repo concurrently, add hooks to prevent cross-session interference:
+
+- **Edit tracker** (PostToolUse on Edit|Write): log every file path touched to `.claude/session-edits.log`
+- **Git guard** (PreToolUse on Bash): block `git add .`, `git reset`, `git restore`, `git clean`, `git stash`, and validate that `git commit` only includes files from the session edit log
+
+See this repo's `.claude/hooks/track-edits.sh` and `guard-git.sh` for a working implementation. Pair with the `/worktree` command so each session gets an isolated copy of the repo.
 
 ---