Skip to main content

What SSG changes on your machine

When you run ssg init (CLI), open the desktop wizard, or click through the web setup flow, SSG modifies a small, predictable set of files. This page documents every single one so you know exactly what landed on your disk before, during, and after onboarding.

The same information is available three other ways:

  • Before install (CLI): ssg init --dry-run — colourised preview with per-file diff hunks, no writes.
  • Before install (Desktop): the wizard's "Transparency" step renders the same preview, line-for-line, by shelling out to the CLI.
  • After install (any platform): ssg whatchanged — re-reads the append-only .sigmashake/install-manifest.json and prints the full audit log of everything SSG has ever touched in this project. Pass --verbose for the full diff per entry, --json for machine output.

If anything on this page surprises you, open an issue.

The install manifest — your auditable receipt

The single most important file for transparency:

.sigmashake/install-manifest.json

Created the first time ssg init writes to this project. Append-only. Records:

  • ISO-8601 timestamp of every change
  • Which SSG version made the change
  • Which subsystem requested it (core, claude-code, cursor, …)
  • The full line-level diff (before / after / context) — so even after the file gets edited further, the manifest preserves what SSG itself did

This file is the truth source for ssg whatchanged and, eventually, the one-shot ssg init --rollback command. You can read it, search it, and commit it to your repo — it's deterministic JSON, never includes secrets.

Core files (always written by ssg init)

These five files are written regardless of which AI adapter you choose:

PathKindPurposeHow to undo
.sigmashake/config.tomlcreateTop-level config (dashboard port, eval timeout, per-agent toggles).Remove the file.
.sigmashake/rules/security.rulescreateStarter ruleset: blocks destructive shell ops, force-push, secret-file reads.Remove the file.
.sigmashake/presets/minimal.rulescreateBare-minimum guardrails preset (not active by default).Remove the file.
.sigmashake/presets/strict.rulescreateStrict preset with deploy-approval gate (not active by default).Remove the file.
.gitignoremodifyAppends .sigmashake/rules/autopilot.rules so auto-generated rules don't get committed.Open .gitignore and remove that one line.

Every file above is plain text. Nothing is encrypted, obfuscated, or generated from a remote source — what ssg init --dry-run shows you is what gets written.

Per-adapter changes

Adapters are the integration glue between SSG and the AI agent you actually use day-to-day. Each one writes a different small set of files:

claude-code

  • .claude/settings.json — adds hooks.PreToolUse + hooks.UserPromptSubmit entries pointing at the local ssg binary, plus a curated permissions.allow / permissions.deny list. Pre-existing keys are preserved.

Undo: open the file and remove the SSG hook entries, or run ssg init --client=claude-code --uninstall.

cursor

  • .cursor/mcp.json — registers the ssg-governance MCP server.
  • .cursor/rules/ssg-governance.mdc — Cursor MDC rule that wires the governance prompt into Cursor's rule pane.

Undo: remove those two files; restart Cursor.

copilot

  • .vscode/settings.json — appends mcp.servers["ssg-governance"].
  • .vscode/mcp.json — MCP config (newer VS Code releases).
  • .github/copilot-instructions.md — appends the SSG context block.

Undo: open each file and remove the SSG-tagged blocks.

codex

  • ~/.codex/config.toml — appends [mcp_servers.ssg-governance].
  • ~/.sigmashake/hooks/bin/bash — shell wrapper used by Codex when it shells out (mode 0755).

Undo: remove the MCP server block; remove the shell wrapper.

pi

  • ~/.pi/mcp.json — registers the MCP server.
  • ~/.sigmashake/hooks/bin/bash — shared shell wrapper.
  • ~/.sigmashake/hooks/hooks/ssg-node-hook.cjs — Node.js Pi hook.
  • ~/.sigmashake/hooks/hooks/python/sitecustomize.py — Python Pi hook.

Undo: remove the four files above.

gemini (Gemini CLI)

  • ~/.gemini/settings.json — registers the MCP server.
  • ~/.gemini/GEMINI.md — appends the SSG governance block.
  • ~/.gemini/policies/ssg-governance.toml — native Gemini CLI policy.
  • ~/.sigmashake/hooks/bin/bash — shared shell wrapper.

Undo: remove the SSG sections from each file; remove the wrapper.

antigravity

  • ~/.antigravity/mcp_config.json — registers the MCP server.
  • ~/.antigravity/user_rules.md — appends the SSG governance block.
  • ~/.sigmashake/hooks/bin/bash — shared shell wrapper.
  • ~/.sigmashake/hooks/hooks/ssg-node-hook.cjs — Antigravity Node hook.
  • ~/.sigmashake/hooks/hooks/python/sitecustomize.py — Antigravity Python hook.

Undo: remove the SSG-tagged sections + the four runtime hooks.

aider

  • ~/.aider.conf.yml — appends the SSG-wrapped shell entry.
  • ~/.sigmashake/hooks/bin/bash — shared shell wrapper.
  • ~/.sigmashake/hooks/hooks/ssg-node-hook.cjs — runtime Node hook.
  • ~/.sigmashake/hooks/hooks/python/sitecustomize.py — runtime Python hook.

Undo: remove the SSG-tagged section from the aider config; remove the hooks.

opencode

  • ~/.config/opencode/opencode.json — registers the MCP server.
  • ~/.config/opencode/rules/ssg.md — adds the SSG governance rule.

Undo: remove both files.

replit

Replit runs in the cloud — no local files are touched. The adapter writes:

  • replit.md — appended with the SSG-awareness block (so Replit Agent knows about the governance contract).
  • .sigmashake/replit-install-url.txt — the pre-encoded one-click MCP install URL.
  • .sigmashake/replit-badge.md — a markdown snippet you can paste into a README.

Undo: remove the SSG-tagged section from replit.md; remove the helper files.

generic

The fallback when no AI agent is detected and no --client is passed. Touches no files outside .sigmashake/ — it just creates the rules directory and prints wire-format instructions on stdout.

Optional, opt-out only

These run by default but are easy to skip:

Smart Hub ruleset pull

After scaffolding, ssg init runs a stack-detection pass and downloads Hub rulesets that match the languages/frameworks it finds (TypeScript, Python, Terraform, etc.). Each ruleset lands in .sigmashake/rules/.

Skip: pass --no-smart.

Daemon auto-start

ssg init registers the local SSG daemon to launch on login:

  • macOS — ~/Library/LaunchAgents/com.sigmashake.daemon.plist
  • Linux — ~/.config/systemd/user/sigmashake-daemon.service
  • Windows — Task Scheduler entry

The daemon binds only to 127.0.0.1 — it is never exposed externally.

Skip: pass --no-autostart, or remove later with ssg autostart disable.

"Wait, what about my home directory?"

The only files SSG writes outside the current project are:

  1. ~/.sigmashake/ — local SQLite audit DB, license JWT, agent toggles, shared shell wrapper, plus runtime hooks (see per-adapter table).
  2. ~/.<agent>/ — the agent's own config file (Codex, Pi, Gemini, Antigravity, Aider use home-dir configs; Claude Code, Cursor, Copilot are project-local).
  3. ~/Library/LaunchAgents/ (macOS) / ~/.config/systemd/user/ (Linux) / Task Scheduler (Windows) — daemon auto-start, opt-out via --no-autostart.

Nothing is ever written to system paths (/etc/, /usr/, C:\Windows\) or to other users' home directories.

Verify any of this

# Show the plan before running anything:
ssg init --dry-run

# Show the same plan as JSON (for tools, scripts, audits):
ssg init --json --dry-run

# After installing, re-read the audit log:
ssg whatchanged

# With full line-level diffs:
ssg whatchanged --verbose

# As JSON for ingestion into your own audit pipeline:
ssg whatchanged --json

The exact same JSON shape is consumed by the desktop wizard's Transparency step — the CLI and the GUI cannot show you different things about what's about to happen.