Add AccessScore report generator and Fiverr fulfillment pipeline

ryuno2525 · claude · ryuno2525 · commit 2a522e9c5a13 · 2026-03-20T00:19:48.000-04:00
- generate-report.js: single-page HTML audit report
- fulfill-order.js: multi-page batch reports for Fiverr orders
- scan.js: standalone scanner module
- Fiverr tiers: Basic $25 (1 page), Standard $50 (5), Premium $100 (10)
- Claude hooks for env reminders and secret leak prevention

Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/.claude/hooks/env-reminder.sh b/.claude/hooks/env-reminder.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+# PreToolUse hook for Bash: Remind about tr -d '\r' when loading .env
+# Catches the common Windows line-ending corruption issue
+
+INPUT=$(cat)
+
+# Check if the command loads .env without tr -d '\r'
+if echo "$INPUT" | grep -q '\.env' && echo "$INPUT" | grep -q 'export' && ! echo "$INPUT" | grep -q "tr -d"; then
+  echo '{"ok": false, "reason": "BLOCKED: Loading .env without tr -d \"\\r\" will corrupt values on Windows. Use: export $(cat .env | tr -d \"\\r\" | xargs)"}'
+  exit 0
+fi
+
+exit 0
diff --git a/.claude/hooks/github-issue-reminder.sh b/.claude/hooks/github-issue-reminder.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+# Stop hook: Remind to log work to GitHub issues
+# Checks if any significant work was done without GitHub issue updates
+
+cd "$(git rev-parse --show-toplevel 2>/dev/null)" || exit 0
+
+# Count changed files (excluding CLAUDE.md files themselves)
+CHANGED_COUNT=$(
+  { git diff --name-only 2>/dev/null
+    git diff --name-only --cached 2>/dev/null
+    git ls-files --others --exclude-standard 2>/dev/null
+  } | grep -v 'CLAUDE.md' | grep -v '.claude/' | sort -u | wc -l
+)
+
+# If more than 3 non-config files changed, remind about GitHub issues
+if [ "$CHANGED_COUNT" -gt 3 ]; then
+  echo "{\"ok\": false, \"reason\": \"You modified $CHANGED_COUNT files this session. Make sure you've logged this work to a GitHub issue (create one if needed). Every meaningful action needs a GitHub issue per protocol.\"}"
+else
+  exit 0
+fi
diff --git a/.claude/hooks/prevent-secret-leak.sh b/.claude/hooks/prevent-secret-leak.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+# PreToolUse hook: Detect secrets in file content being written/edited
+# Runs before Write and Edit tools to prevent accidental secret exposure
+
+# Read the tool input from stdin
+INPUT=$(cat)
+
+# Check for common secret patterns in the content
+PATTERNS=(
+  "sk_live_"
+  "sk_test_"
+  "STRIPE_SECRET"
+  "ghp_"
+  "gho_"
+  "AKIA"
+  "xoxb-"
+  "xoxp-"
+  "-----BEGIN.*PRIVATE KEY"
+  "Bearer [A-Za-z0-9_-]{20,}"
+  "re_[A-Za-z0-9]{20,}"
+)
+
+for pattern in "${PATTERNS[@]}"; do
+  if echo "$INPUT" | grep -qiE "$pattern"; then
+    echo '{"ok": false, "reason": "BLOCKED: Detected potential secret/API key in content. Remove the secret and use environment variables instead."}'
+    exit 0
+  fi
+done
+
+exit 0
diff --git a/accessscore-report b/accessscore-report
@@ -0,0 +1 @@
+Subproject commit 7348859472c0867849d7c76f1f2ba710cbe08bd3

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Subproject commit 7348859472c0867849d7c76f1f2ba710cbe08bd3`