---
name: ck-system
description: Meta-loader and universal entry point for the ClaudeKit guard system. References all four guards, provides system-wide activation rules, and serves as the single source of truth for guard configuration. Load this skill to understand the full guard landscape.
---

# ck-system

Meta-skill that describes and coordinates the four automatic guard skills. This skill is documentation — the guards themselves activate automatically based on hook events, not manual invocation.

## Guard Registry

The ClaudeKit guard system consists of four skills that fire automatically:

| Guard | Triggers | Purpose |
|-------|----------|---------|
| `ck-session-guard` | Session start/end, subagent start, prompt | Environment setup, context injection, usage tracking |
| `ck-privacy-guard` | Every file read, every bash command | Block sensitive files, enforce directory exclusions |
| `ck-code-quality-guard` | After file edits, every prompt, before file creation | Simplify reminder, dev rules injection, naming enforcement |
| `ck-context-guard` | After plan agent completes, before file creation | Cook-after-plan reminder, naming guidance |

## Universal Activation Rules

All guards share these properties:

1. **Fail-open**: Any guard error allows the operation to continue — guards never break the workflow
2. **Individually disableable**: Each guard can be disabled in `$HOME/.claude/.ck.json`
3. **Idempotent**: Guards are designed to be safe to fire multiple times
4. **Non-blocking** (except privacy): All guards use exit code 0 (allow) except `ck-privacy-guard` which uses exit code 2 (block) for sensitive files

## Hook Event Map

```
SessionStart     → ck-session-guard (environment init)
SubagentStart    → ck-session-guard (context injection)
SessionEnd       → ck-session-guard (cleanup)
UserPromptSubmit → ck-session-guard (usage tracking)
                   ck-code-quality-guard (dev rules reminder)
PostToolUse      → ck-session-guard (usage tracking)
                   ck-code-quality-guard (simplify reminder, after edit)
PreToolUse       → ck-privacy-guard (file read block)
                   ck-privacy-guard (bash command block)
                   ck-code-quality-guard (naming guidance, before write)
                   ck-context-guard (naming guidance, before write)
SubagentStop     → ck-context-guard (cook-after-plan reminder)
PreCompact       → ck-code-quality-guard (compact marker write)
```

## Master Configuration

```json
// $HOME/.claude/.ck.json
{
  "hooks": {
    // ck-session-guard
    "session-init": true,
    "subagent-init": true,
    "session-end": true,
    "usage-context-awareness": true,

    // ck-privacy-guard
    "privacy-block": true,
    "scout-block": true,

    // ck-code-quality-guard
    "post-edit-simplify-reminder": true,
    "dev-rules-reminder": true,
    "write-compact-marker": true,
    "skill-dedup": false,

    // ck-context-guard
    "cook-after-plan-reminder": true,
    "descriptive-name": true
  },
  "codingLevel": 5,
  "plan": {
    "namingFormat": "{date}-{slug}",
    "dateFormat": "YYMMDD-HHmm",
    "reportsDir": "plans/reports"
  },
  "paths": {
    "plans": "plans",
    "docs": "docs"
  }
}
```

## Guard Interaction Diagram

```
User sends prompt
      │
      ├─► ck-session-guard (usage tracking)
      ├─► ck-code-quality-guard (dev rules injected)
      │
      ▼
AI processes prompt
      │
      ├─► [reads file] ──► ck-privacy-guard (block or allow)
      ├─► [writes file] ──► ck-code-quality-guard (naming guidance)
      │                 └──► ck-context-guard (naming guidance)
      ├─► [edits file] ──► ck-code-quality-guard (simplify reminder)
      │
      ├─► [dispatches agent] ──► ck-session-guard (context injection)
      │
      └─► [plan agent completes] ──► ck-context-guard (cook reminder)
```

## Skill Discovery

All ck-* skills are located at:
- Global: `$HOME/.claude/skills/ck-*/SKILL.md`
- Project-local: `.claude/skills/ck-*/SKILL.md`

Project-local skills take priority over global skills (unless skill-dedup is enabled, which reverses priority).

## Quick Reference

| Want to... | Use |
|------------|-----|
| Implement a feature end-to-end | `ck-cook` |
| Plan only (no implementation) | `ck-planning` |
| Fix a bug | `ck-fix` or `ck-fixing` |
| Brainstorm approaches | `ck-brainstorm` |
| Review code | `ck-code-review` |
| Debug an issue | `ck-debug` |
| Find files in codebase | `ck-scout` |
| Research a technology | `ck-research` |
| Look up library docs | `ck-docs-seeker` |
| Commit and push | `ck-git` |
| Understand a complex problem | `ck-sequential-thinking` |
| Build frontend UI | `ck-frontend-design` or `ck-frontend-development` |
| Build backend API | `ck-backend-development` |
| Run tests | `ck-web-testing` |
| Deploy infrastructure | `ck-devops` |
| Work with databases | `ck-databases` |
| Use MCP tools | `ck-mcp-management` |
| Build with Next.js/Turborepo | `ck-web-frameworks` |