Add time-bomb + MCP file read audit, tracked pre-commit hooks

Security audit (Layer 1) new checks:
- Time-bomb scan: flags time()/sleep()/clock() near dangerous calls
- MCP file read audit: tracks fopen/fread count in mcp.c against
  expected max (detects data exfiltration through tool responses)

Pre-commit hooks now tracked in scripts/hooks/:
- Contributors activate with: git config core.hooksPath scripts/hooks
- Runs: lint → security audit → build + test
- setup.sh already configures this automatically

Author: DeusData

CONTRIBUTING.md

@@ -11,6 +11,7 @@ Contributions are welcome. This guide covers setup, testing, and PR guidelines.
 ```bash
 git clone https://github.com/DeusData/codebase-memory-mcp.git
 cd codebase-memory-mcp
+git config core.hooksPath scripts/hooks  # activates pre-commit security checks
 scripts/build.sh
 ```
 

SECURITY.md

@@ -26,6 +26,8 @@ This project implements multiple layers of security verification. Every release
   - Layer 7: MCP robustness (23 adversarial JSON-RPC payloads)
   - Layer 8: Vendored dependency integrity (SHA-256 checksums, dangerous call scan)
 - **All dangerous function calls** require a reviewed entry in `scripts/security-allowlist.txt`
+- **Time-bomb pattern detection** — scans for `time()`/`sleep()` near dangerous calls (could indicate delayed activation)
+- **MCP tool handler file read audit** — tracks file read count in `mcp.c` against an expected maximum (detects added file reads that could exfiltrate data through tool responses)
 - **Native antivirus scanning** on every platform (any detection fails the build):
   - **Windows**: Windows Defender with ML heuristics — the same engine end users run
   - **Linux**: ClamAV with daily signature updates

scripts/hooks/pre-commit

@@ -1,42 +1,16 @@
 #!/usr/bin/env bash
 set -euo pipefail
 
-# Pre-commit hook: C linting + tests.
-# Mirrors the lint targets in Makefile.cbm.
+# Pre-commit hook: linters + security audit + build + tests.
 #
-# Setup (once after clone):
+# Activated automatically via scripts/setup.sh or manually:
 #   git config core.hooksPath scripts/hooks
 
-LLVM_BIN="$(brew --prefix llvm 2>/dev/null)/bin"
+echo "pre-commit: running all linters in parallel..."
+make -j3 -f Makefile.cbm lint
 
-# Resolve tool paths (Homebrew LLVM is keg-only on macOS)
-CLANG_TIDY="${LLVM_BIN}/clang-tidy"
-CLANG_FORMAT="${LLVM_BIN}/clang-format"
-[ -x "$CLANG_TIDY" ] || CLANG_TIDY="clang-tidy"
-[ -x "$CLANG_FORMAT" ] || CLANG_FORMAT="clang-format"
+echo "pre-commit: security audit (source-level)..."
+scripts/security-audit.sh
 
-# --- clang-format (blocking — fastest, check first) ---
-echo "pre-commit: checking formatting..."
-make -f Makefile.cbm lint-format CLANG_FORMAT="$CLANG_FORMAT"
-
-# --- cppcheck (blocking) ---
-if command -v cppcheck &>/dev/null; then
-    echo "pre-commit: running cppcheck..."
-    make -f Makefile.cbm lint-cppcheck
-else
-    echo "pre-commit: cppcheck not found, skipping"
-    echo "  install: brew install cppcheck"
-fi
-
-# --- clang-tidy (blocking) ---
-if command -v "$CLANG_TIDY" &>/dev/null; then
-    echo "pre-commit: running clang-tidy..."
-    make -f Makefile.cbm lint-tidy CLANG_TIDY="$CLANG_TIDY"
-else
-    echo "pre-commit: clang-tidy not found, skipping"
-    echo "  install: brew install llvm"
-fi
-
-# --- Build + Tests (blocking) ---
 echo "pre-commit: building and running tests..."
-make -f Makefile.cbm test
+make -j$(sysctl -n hw.ncpu 2>/dev/null || nproc) -f Makefile.cbm test

scripts/security-audit.sh

@@ -184,6 +184,75 @@ if ! $FOPEN_FOUND; then
     echo "OK: All file writes are in expected locations."
 fi
 
+# ── 4. Time-bomb pattern detection ────────────────────────────────
+# Scan for time/clock/sleep near dangerous calls — could indicate
+# code that activates malicious behavior after a delay or date.
+
+echo ""
+echo "--- Scanning for time-bomb patterns ---"
+
+TIMEBOMB_FOUND=false
+while IFS= read -r file; do
+    relfile="${file#"$ROOT/"}"
+
+    # Extract line numbers of dangerous calls
+    DANGER_LINES=$(grep -n 'system(\|popen(\|cbm_popen(\|connect(\|execl(' "$file" 2>/dev/null \
+        | grep -v '^\s*//' | grep -v '^\s*\*' | grep -v '#define' \
+        | cut -d: -f1 || true)
+
+    [ -z "$DANGER_LINES" ] && continue
+
+    # For each dangerous call, check if time/clock/sleep appears within 10 lines
+    for dline in $DANGER_LINES; do
+        start=$((dline > 10 ? dline - 10 : 1))
+        end=$((dline + 10))
+        NEARBY=$(sed -n "${start},${end}p" "$file" 2>/dev/null \
+            | grep -E 'time\(|clock\(|sleep\(|nanosleep\(|usleep\(' \
+            | grep -v '^\s*//' | grep -v '^\s*\*' | grep -v 'timeout' | grep -v 'elapsed' || true)
+        if [ -n "$NEARBY" ]; then
+            echo "REVIEW: ${relfile}:${dline}: time-related call near dangerous function"
+            echo "  $NEARBY"
+            TIMEBOMB_FOUND=true
+        fi
+    done
+done < <(find "$ROOT/src" -name '*.c' -type f | sort)
+
+if ! $TIMEBOMB_FOUND; then
+    echo "OK: No suspicious time-bomb patterns found."
+fi
+
+# ── 5. MCP tool handler file read audit ──────────────────────────
+# The MCP server (mcp.c) handles tool calls that return data to the
+# client. A malicious PR could add file reads that exfiltrate sensitive
+# data (e.g., ~/.ssh/id_rsa) through the normal tool response channel.
+# Track all file-reading functions in mcp.c against an allow-list.
+
+echo ""
+echo "--- Scanning MCP tool handlers for file reads ---"
+
+MCP_FILE="$ROOT/src/mcp/mcp.c"
+MCP_READS_OK=true
+if [ -f "$MCP_FILE" ]; then
+    # Known safe file reads in mcp.c (with line-range context)
+    # - search_code: writes pattern to tmpfile, reads grep output
+    # - get_code_snippet: reads source via read_file_lines (path-contained)
+    # - manage_adr: reads/writes ADR files
+    # - detect_changes: reads git diff output
+    # Count fopen/fread calls and compare against expected
+    FOPEN_COUNT=$(grep -c 'fopen\|fread\|read_file' "$MCP_FILE" 2>/dev/null || echo "0")
+    # Known count as of v0.5.5: update this when legitimate reads are added
+    EXPECTED_MAX=12
+    if [ "$FOPEN_COUNT" -gt "$EXPECTED_MAX" ]; then
+        echo "REVIEW: src/mcp/mcp.c has $FOPEN_COUNT file read operations (expected max $EXPECTED_MAX)"
+        echo "  New file reads in MCP tool handlers must be reviewed for data exfiltration risk."
+        MCP_READS_OK=false
+    fi
+fi
+
+if $MCP_READS_OK; then
+    echo "OK: MCP tool handler file reads within expected count."
+fi
+
 # ── Summary ──────────────────────────────────────────────────────
 
 echo ""