fix: harden CI validators, shell scripts, and expand test suite

- Add try-catch around readFileSync in validate-agents, validate-commands,
  validate-skills to handle TOCTOU races and file read errors
- Add validate-hooks.js and all test suites to package.json test script
  (was only running 4/5 validators and 0/4 test files)
- Fix shell variable injection in observe.sh: use os.environ instead of
  interpolating $timestamp/$OBSERVATIONS_FILE into Python string literals
- Fix $? always being 0 in start-observer.sh: capture exit code before
  conditional since `if !` inverts the status
- Add OLD_VERSION validation in release.sh and use pipe delimiter in sed
  to avoid issues with slash-containing values
- Add jq dependency check in evaluate-session.sh before parsing config
- Sync .cursor/ copies of all modified shell scripts

.cursor/skills/continuous-learning-v2/agents/start-observer.sh

@@ -88,10 +88,12 @@ case "${1:-start}" in
         # Use Claude Code with Haiku to analyze observations
         # This spawns a quick analysis session
         if command -v claude &> /dev/null; then
-          if ! claude --model haiku --max-turns 3 --print \
+          exit_code=0
+          claude --model haiku --max-turns 3 --print \
             "Read $OBSERVATIONS_FILE and identify patterns. If you find 3+ occurrences of the same pattern, create an instinct file in $CONFIG_DIR/instincts/personal/ following the format in the observer agent spec. Be conservative - only create instincts for clear patterns." \
-            >> "$LOG_FILE" 2>&1; then
-            echo "[$(date)] Claude analysis failed (exit $?)" >> "$LOG_FILE"
+            >> "$LOG_FILE" 2>&1 || exit_code=$?
+          if [ "$exit_code" -ne 0 ]; then
+            echo "[$(date)] Claude analysis failed (exit $exit_code)" >> "$LOG_FILE"
           fi
         else
           echo "[$(date)] claude CLI not found, skipping analysis" >> "$LOG_FILE"

.cursor/skills/continuous-learning-v2/hooks/observe.sh

@@ -103,10 +103,10 @@ PARSED_OK=$(echo "$PARSED" | python3 -c "import json,sys; print(json.load(sys.st
 if [ "$PARSED_OK" != "True" ]; then
   # Fallback: log raw input for debugging
   timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
-  echo "$INPUT_JSON" | python3 -c "
-import json, sys
+  TIMESTAMP="$timestamp" echo "$INPUT_JSON" | python3 -c "
+import json, sys, os
 raw = sys.stdin.read()[:2000]
-print(json.dumps({'timestamp': '$timestamp', 'event': 'parse_error', 'raw': raw}))
+print(json.dumps({'timestamp': os.environ['TIMESTAMP'], 'event': 'parse_error', 'raw': raw}))
 " >> "$OBSERVATIONS_FILE"
   exit 0
 fi
@@ -124,12 +124,12 @@ fi
 # Build and write observation
 timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
 
-echo "$PARSED" | python3 -c "
-import json, sys
+TIMESTAMP="$timestamp" echo "$PARSED" | python3 -c "
+import json, sys, os
 
 parsed = json.load(sys.stdin)
 observation = {
-    'timestamp': '$timestamp',
+    'timestamp': os.environ['TIMESTAMP'],
     'event': parsed['event'],
     'tool': parsed['tool'],
     'session': parsed['session']
@@ -140,9 +140,8 @@ if parsed['input']:
 if parsed['output']:
     observation['output'] = parsed['output']
 
-with open('$OBSERVATIONS_FILE', 'a') as f:
-    f.write(json.dumps(observation) + '\n')
-"
+print(json.dumps(observation))
+" >> "$OBSERVATIONS_FILE"
 
 # Signal observer if running
 OBSERVER_PID_FILE="${CONFIG_DIR}/.observer.pid"

.cursor/skills/continuous-learning/evaluate-session.sh

@@ -32,8 +32,12 @@ MIN_SESSION_LENGTH=10
 
 # Load config if exists
 if [ -f "$CONFIG_FILE" ]; then
-  MIN_SESSION_LENGTH=$(jq -r '.min_session_length // 10' "$CONFIG_FILE")
-  LEARNED_SKILLS_PATH=$(jq -r '.learned_skills_path // "~/.claude/skills/learned/"' "$CONFIG_FILE" | sed "s|~|$HOME|")
+  if ! command -v jq &>/dev/null; then
+    echo "[ContinuousLearning] jq is required to parse config.json but not installed, using defaults" >&2
+  else
+    MIN_SESSION_LENGTH=$(jq -r '.min_session_length // 10' "$CONFIG_FILE")
+    LEARNED_SKILLS_PATH=$(jq -r '.learned_skills_path // "~/.claude/skills/learned/"' "$CONFIG_FILE" | sed "s|~|$HOME|")
+  fi
 fi
 
 # Ensure learned skills directory exists