scripts/ENTERPRISE.md

@@ -388,6 +388,22 @@ Scripts should validate their own requirements:
 [ -n "${VERSION}" ] || die "VERSION must be set"
 ```
 
+### Script Health Checking
+
+Use the script health checker to validate all scripts follow standards:
+
+```bash
+./scripts/run/script_health.sh        # Check all scripts
+./scripts/run/script_health.sh -v     # Verbose mode with details
+```
+
+The health checker validates:
+- Copyright headers present
+- SPDX license identifiers
+- FILE INFORMATION sections
+- Error handling (set -euo pipefail)
+- Executable permissions
+
 ### Integration Testing
 
 Run validation suite before commits:
@@ -503,14 +519,22 @@ Before committing new or modified scripts:
 - [ ] Uses `set -euo pipefail`
 - [ ] Has usage/help function (if user-facing)
 - [ ] Validates all inputs
-- [ ] Checks dependencies
-- [ ] Uses structured logging
-- [ ] Returns appropriate exit codes
+- [ ] Checks dependencies with `check_dependencies`
+- [ ] Uses structured logging (`log_info`, `log_error`, etc.)
+- [ ] Includes timestamps for audit trails
+- [ ] Returns appropriate exit codes (0=success, 1=error, 2=invalid args)
 - [ ] Includes inline comments for complex logic
 - [ ] Documented in scripts/README.md
 - [ ] Tested locally
+- [ ] Passes `./scripts/run/script_health.sh`
+- [ ] Passes all validation checks (`./scripts/run/validate_all.sh`)
 - [ ] Passes `shellcheck` (if available)
-- [ ] Passes all validation checks
+
+Quick validation command:
+```bash
+# Run all checks
+./scripts/run/script_health.sh && ./scripts/run/validate_all.sh
+```
 
 ## Version History
 

scripts/README.md

@@ -253,6 +253,32 @@ WARN: ✗ tabs (warnings/issues found - run with -v for details)
 [SUCCESS] SUCCESS: All required checks passed
 ```
 
+### `script_health.sh`
+Validates that all scripts follow enterprise standards:
+- Checks for copyright headers
+- Validates SPDX license identifiers
+- Ensures FILE INFORMATION sections are present
+- Verifies error handling (set -euo pipefail)
+- Checks executable permissions
+
+Usage:
+```bash
+./scripts/run/script_health.sh       # Standard mode
+./scripts/run/script_health.sh -v    # Verbose mode (shows details)
+```
+
+Example output:
+```
+=== Script Health Summary ===
+  Total scripts checked: 21
+  Missing copyright: 0
+  Missing SPDX identifier: 0
+  Missing FILE INFORMATION: 0
+  Missing error handling: 0
+  Not executable: 0
+[SUCCESS] SUCCESS: All scripts follow enterprise standards
+```
+
 ## Best Practices
 
 ### Enterprise Standards

scripts/lib/common.sh

@@ -170,3 +170,17 @@ log_timestamp() {
 		printf '%s\n' "$(date -u '+%Y-%m-%d %H:%M:%S UTC')"
 	fi
 }
+
+# Calculate and log execution duration
+log_duration() {
+	local start="$1"
+	local end="$2"
+	local duration=$((end - start))
+	if [ "$duration" -ge 60 ]; then
+		local minutes=$((duration / 60))
+		local seconds=$((duration % 60))
+		printf '%dm %ds\n' "$minutes" "$seconds"
+	else
+		printf '%ds\n' "$duration"
+	fi
+}

scripts/run/script_health.sh

@@ -0,0 +1,198 @@
+#!/usr/bin/env bash
+
+# ============================================================================
+# Copyright (C) 2025 Moko Consulting <hello@mokoconsulting.tech>
+#
+# This file is part of a Moko Consulting project.
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program (./LICENSE.md).
+# ============================================================================
+
+# ============================================================================
+# FILE INFORMATION
+# ============================================================================
+# DEFGROUP: Script.Validate
+# INGROUP: Script.Health
+# REPO: https://github.com/mokoconsulting-tech/moko-cassiopeia
+# PATH: /scripts/run/script_health.sh
+# VERSION: 01.00.00
+# BRIEF: Validate scripts follow enterprise standards
+# NOTE: Checks for copyright headers, error handling, and documentation
+# ============================================================================
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
+. "${SCRIPT_DIR}/lib/common.sh"
+. "${SCRIPT_DIR}/lib/logging.sh"
+
+# ----------------------------------------------------------------------------
+# Usage
+# ----------------------------------------------------------------------------
+
+usage() {
+cat <<-USAGE
+Usage: $0 [OPTIONS]
+
+Validate that all scripts follow enterprise standards.
+
+Options:
+  -v, --verbose    Show detailed output
+  -h, --help       Show this help message
+
+Checks performed:
+  - Copyright headers present
+  - SPDX license identifier present
+  - FILE INFORMATION section present
+  - set -euo pipefail present
+  - Executable permissions set
+  
+Examples:
+  $0              # Run all health checks
+  $0 -v           # Verbose output
+  $0 --help       # Show usage
+
+Exit codes:
+  0 - All checks passed
+  1 - One or more checks failed
+  2 - Invalid arguments
+
+USAGE
+exit 0
+}
+
+# ----------------------------------------------------------------------------
+# Configuration
+# ----------------------------------------------------------------------------
+
+VERBOSE="${1:-}"
+
+case "${VERBOSE}" in
+	-h|--help)
+		usage
+		;;
+	-v|--verbose)
+		VERBOSE="true"
+		;;
+	"")
+		VERBOSE="false"
+		;;
+	*)
+		log_error "Invalid argument: ${VERBOSE}"
+		echo ""
+		usage
+		exit 2
+		;;
+esac
+
+log_info "Running script health checks"
+log_info "Start time: $(log_timestamp)"
+
+START_TIME=$(date +%s)
+
+# ----------------------------------------------------------------------------
+# Health checks
+# ----------------------------------------------------------------------------
+
+total_scripts=0
+missing_copyright=0
+missing_spdx=0
+missing_fileinfo=0
+missing_error_handling=0
+not_executable=0
+
+check_script() {
+	local script="$1"
+	local errors=0
+	
+	total_scripts=$((total_scripts + 1))
+	
+	# Check for copyright
+	if ! grep -q "Copyright (C)" "$script"; then
+		missing_copyright=$((missing_copyright + 1))
+		errors=$((errors + 1))
+		[ "${VERBOSE}" = "true" ] && log_warn "Missing copyright: $script"
+	fi
+	
+	# Check for SPDX
+	if ! grep -q "SPDX-License-Identifier" "$script"; then
+		missing_spdx=$((missing_spdx + 1))
+		errors=$((errors + 1))
+		[ "${VERBOSE}" = "true" ] && log_warn "Missing SPDX: $script"
+	fi
+	
+	# Check for FILE INFORMATION
+	if ! grep -q "FILE INFORMATION" "$script"; then
+		missing_fileinfo=$((missing_fileinfo + 1))
+		errors=$((errors + 1))
+		[ "${VERBOSE}" = "true" ] && log_warn "Missing FILE INFORMATION: $script"
+	fi
+	
+	# Check for error handling (bash scripts only)
+	if [[ "$script" == *.sh ]]; then
+		if ! grep -q "set -e" "$script"; then
+			missing_error_handling=$((missing_error_handling + 1))
+			errors=$((errors + 1))
+			[ "${VERBOSE}" = "true" ] && log_warn "Missing error handling: $script"
+		fi
+	fi
+	
+	# Check executable permission
+	if [ ! -x "$script" ]; then
+		not_executable=$((not_executable + 1))
+		errors=$((errors + 1))
+		[ "${VERBOSE}" = "true" ] && log_warn "Not executable: $script"
+	fi
+	
+	return $errors
+}
+
+# Find all shell scripts
+log_info "Scanning scripts directory..."
+
+while IFS= read -r -d '' script; do
+	check_script "$script" || true
+done < <(find "${SCRIPT_DIR}" -type f -name "*.sh" -print0)
+
+# ----------------------------------------------------------------------------
+# Summary
+# ----------------------------------------------------------------------------
+
+END_TIME=$(date +%s)
+
+log_separator
+log_info "Script Health Summary"
+log_separator
+log_kv "Total scripts checked" "${total_scripts}"
+log_kv "Missing copyright" "${missing_copyright}"
+log_kv "Missing SPDX identifier" "${missing_spdx}"
+log_kv "Missing FILE INFORMATION" "${missing_fileinfo}"
+log_kv "Missing error handling" "${missing_error_handling}"
+log_kv "Not executable" "${not_executable}"
+log_separator
+log_info "End time: $(log_timestamp)"
+log_info "Duration: $(log_duration "$START_TIME" "$END_TIME")"
+
+total_issues=$((missing_copyright + missing_spdx + missing_fileinfo + missing_error_handling + not_executable))
+
+if [ "$total_issues" -eq 0 ]; then
+	log_success "SUCCESS: All scripts follow enterprise standards"
+	exit 0
+else
+	log_error "FAILED: Found ${total_issues} standard violation(s)"
+	log_info "Run with -v flag for details on which scripts need updates"
+	exit 1
+fi

scripts/run/smoke_test.sh

@@ -68,6 +68,8 @@ SCRIPT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
 # Check dependencies
 check_dependencies python3
 
+START_TIME=$(date +%s)
+
 log_info "Running smoke tests for Moko-Cassiopeia repository"
 log_info "Start time: $(log_timestamp)"
 
@@ -174,4 +176,6 @@ log_info "Extension: ${NAME}"
 log_info "Version: ${VERSION}"
 log_info "Type: ${TYPE}"
 log_info "End time: $(log_timestamp)"
+END_TIME=$(date +%s)
+log_info "Duration: $(log_duration "$START_TIME" "$END_TIME")"
 log_info "========================================="

scripts/run/validate_all.sh

@@ -95,6 +95,8 @@ esac
 # Check dependencies
 check_dependencies python3
 
+START_TIME=$(date +%s)
+
 log_info "Start time: $(log_timestamp)"
 
 REQUIRED_CHECKS=(
@@ -204,6 +206,8 @@ log_kv "Optional checks with issues" "${optional_failed}"
 log_separator
 
 log_info "End time: $(log_timestamp)"
+END_TIME=$(date +%s)
+log_info "Duration: $(log_duration "$START_TIME" "$END_TIME")"
 
 if [ "${required_failed}" -gt 0 ]; then
 	log_error "FAILED: ${required_failed} required check(s) failed"

scripts/validate/manifest.sh

@@ -35,6 +35,9 @@
 
 set -euo pipefail
 
+# Input validation
+SRC_DIR="${SRC_DIR:-src}"
+
 log() { printf '%s\n' "$*"; }
 
 fail() {
@@ -42,10 +45,14 @@ fail() {
   exit 1
 }
 
-SRC_DIR="${SRC_DIR:-src}"
-
+# Validate SRC_DIR
 if [ ! -d "${SRC_DIR}" ]; then
-  fail "${SRC_DIR} directory missing"
+  fail "${SRC_DIR} directory missing. Set SRC_DIR environment variable or ensure 'src' directory exists."
+fi
+
+# Validate required dependencies
+if ! command -v python3 >/dev/null 2>&1; then
+  fail "python3 is required but not found. Please install Python 3."
 fi
 
 # Candidate discovery policy: prefer explicit known names, otherwise fall back to extension-root manifests.

scripts/validate/php_syntax.sh

@@ -35,6 +35,8 @@
 
 set -euo pipefail
 
+# Validation timeout (seconds) - prevents hanging on problematic files
+TIMEOUT="${VALIDATION_TIMEOUT:-30}"
 SRC_DIR="${SRC_DIR:-src}"
 
 json_escape() {
@@ -56,17 +58,34 @@ fi
 
 failed=0
 checked=0
+failed_files=()
 
 while IFS= read -r -d '' f; do
 	checked=$((checked+1))
-	if ! php -l "$f" >/dev/null; then
+	
+	# Use timeout if available to prevent hangs
+	if command -v timeout >/dev/null 2>&1; then
+		if ! timeout "${TIMEOUT}" php -l "$f" >/dev/null 2>&1; then
 			failed=1
+			failed_files+=("$f")
+		fi
+	else
+		if ! php -l "$f" >/dev/null 2>&1; then
+			failed=1
+			failed_files+=("$f")
+		fi
 	fi
 done < <(find "${SRC_DIR}" -type f -name '*.php' -print0)
 
 if [ "${failed}" -ne 0 ]; then
-	printf '{"status":"fail","error":"php_lint_failed","files_checked":%s}
-' "${checked}"
+	{
+		printf '{"status":"fail","error":"php_lint_failed","files_checked":%s,"failed_count":%s,"failed_files":[' "${checked}" "${#failed_files[@]}"
+		for i in "${!failed_files[@]}"; do
+			printf '%s' "$(json_escape "${failed_files[$i]}")"
+			[ "$i" -lt $((${#failed_files[@]} - 1)) ] && printf ','
+		done
+		printf ']}\n'
+	}
 	exit 1
 fi