@chankov/agent-skills 0.1.0 → 0.3.0

package/.versions/0.2.0/.pi/harnesses/coms-net/package.json

@@ -0,0 +1,6 @@
+{
+  "name": "agent-skills-pi-coms-net",
+  "private": true,
+  "type": "module",
+  "main": "index.ts"
+}

package/.versions/0.2.0/.pi/harnesses/damage-control/README.md

@@ -0,0 +1,38 @@
+# damage-control
+
+Safety auditing — blocks destructive tool calls.
+
+> Ported from [`pi-vs-claude-code`](https://github.com/disler/pi-vs-claude-code) by [disler](https://github.com/disler) (MIT). See the [extension catalog](../../../docs/pi-extensions.md).
+
+## What it does
+
+Intercepts every tool call and checks it against rules in `.pi/damage-control-rules.yaml`:
+
+- `bashToolPatterns` — destructive shell commands (`rm -rf`, `git reset --hard`,
+  `DROP TABLE`, cloud-resource deletes, …); some are hard-blocked, some marked `ask`
+- `zeroAccessPaths` — secrets and credentials that must never be read (`.env`, `*.pem`, …)
+- `readOnlyPaths` — paths that may be read but not written (lockfiles, build output, …)
+- `noDeletePaths` — paths that may be edited but not deleted (`README`, `.git/`, …)
+
+On a match the tool result is replaced with a block message and the agent's turn is
+aborted (`ctx.abort()`). For a variant that lets the agent keep working with corrective
+feedback instead of aborting, use [`damage-control-continue`](../damage-control-continue/README.md).
+
+## Commands & tools
+
+None — it runs passively on the `tool_call` event.
+
+## Requires
+
+- `.pi/damage-control-rules.yaml` — the rule set (shipped in this repo)
+
+## Usage
+
+```bash
+pi -e .pi/harnesses/damage-control/index.ts
+```
+
+## Upstream changes
+
+- Theme integration removed — the `themeMap.ts` import and the `applyExtensionDefaults()`
+  call were stripped (this repo does not ship pi themes).

package/.versions/0.2.0/.pi/harnesses/damage-control/index.ts

@@ -0,0 +1,207 @@
+import type { ExtensionAPI, ToolCallEvent } from "@mariozechner/pi-coding-agent";
+import { isToolCallEventType } from "@mariozechner/pi-coding-agent";
+import { parse as yamlParse } from "yaml";
+import * as fs from "fs";
+import * as path from "path";
+import * as os from "os";
+
+interface Rule {
+	pattern: string;
+	reason: string;
+	ask?: boolean;
+}
+
+interface Rules {
+	bashToolPatterns: Rule[];
+	zeroAccessPaths: string[];
+	readOnlyPaths: string[];
+	noDeletePaths: string[];
+}
+
+export default function (pi: ExtensionAPI) {
+	let rules: Rules = {
+		bashToolPatterns: [],
+		zeroAccessPaths: [],
+		readOnlyPaths: [],
+		noDeletePaths: [],
+	};
+
+	function resolvePath(p: string, cwd: string): string {
+		if (p.startsWith("~")) {
+			p = path.join(os.homedir(), p.slice(1));
+		}
+		return path.resolve(cwd, p);
+	}
+
+	function isPathMatch(targetPath: string, pattern: string, cwd: string): boolean {
+		// Simple glob-to-regex or substring match
+		// Expand tilde in pattern if present
+		const resolvedPattern = pattern.startsWith("~") ? path.join(os.homedir(), pattern.slice(1)) : pattern;
+
+		// If pattern ends with /, it's a directory match
+		if (resolvedPattern.endsWith("/")) {
+			const absolutePattern = path.isAbsolute(resolvedPattern) ? resolvedPattern : path.resolve(cwd, resolvedPattern);
+			return targetPath.startsWith(absolutePattern);
+		}
+
+		// Handle basic wildcards *
+		const regexPattern = resolvedPattern
+			.replace(/[.+^${}()|[\]\\]/g, "\\$&") // escape regex chars
+			.replace(/\*/g, ".*"); // convert * to .*
+
+		const regex = new RegExp(`^${regexPattern}$|^${regexPattern}/|/${regexPattern}$|/${regexPattern}/`);
+
+		// Match against absolute path and relative-to-cwd path
+		const relativePath = path.relative(cwd, targetPath);
+
+		return regex.test(targetPath) || regex.test(relativePath) || targetPath.includes(resolvedPattern) || relativePath.includes(resolvedPattern);
+	}
+
+	pi.on("session_start", async (_event, ctx) => {
+		const projectRulesPath = path.join(ctx.cwd, ".pi", "damage-control-rules.yaml");
+		const globalRulesPath = path.join(os.homedir(), ".pi", "damage-control-rules.yaml");
+		const rulesPath = fs.existsSync(projectRulesPath) ? projectRulesPath : fs.existsSync(globalRulesPath) ? globalRulesPath : null;
+		try {
+			if (rulesPath) {
+				const content = fs.readFileSync(rulesPath, "utf8");
+				const loaded = yamlParse(content) as Partial<Rules>;
+				rules = {
+					bashToolPatterns: loaded.bashToolPatterns || [],
+					zeroAccessPaths: loaded.zeroAccessPaths || [],
+					readOnlyPaths: loaded.readOnlyPaths || [],
+					noDeletePaths: loaded.noDeletePaths || [],
+				};
+				const source = rulesPath === projectRulesPath ? "project" : "global";
+				ctx.ui.notify(`🛡️ Damage-Control: Loaded ${rules.bashToolPatterns.length + rules.zeroAccessPaths.length + rules.readOnlyPaths.length + rules.noDeletePaths.length} rules (${source}).`);
+			} else {
+				ctx.ui.notify("🛡️ Damage-Control: No rules found at .pi/damage-control-rules.yaml (project or global)");
+			}
+		} catch (err) {
+			ctx.ui.notify(`🛡️ Damage-Control: Failed to load rules: ${err instanceof Error ? err.message : String(err)}`);
+		}
+
+		ctx.ui.setStatus(`🛡️ Damage-Control Active: ${rules.bashToolPatterns.length + rules.zeroAccessPaths.length + rules.readOnlyPaths.length + rules.noDeletePaths.length} Rules`);
+	});
+
+	pi.on("tool_call", async (event, ctx) => {
+		let violationReason: string | null = null;
+		let shouldAsk = false;
+
+		// 1. Check Zero Access Paths for all tools that use path or glob
+		const checkPaths = (pathsToCheck: string[]) => {
+			for (const p of pathsToCheck) {
+				const resolved = resolvePath(p, ctx.cwd);
+				for (const zap of rules.zeroAccessPaths) {
+					if (isPathMatch(resolved, zap, ctx.cwd)) {
+						return `Access to zero-access path restricted: ${zap}`;
+					}
+				}
+			}
+			return null;
+		};
+
+		// Extract paths from tool input
+		const inputPaths: string[] = [];
+		if (isToolCallEventType("read", event) || isToolCallEventType("write", event) || isToolCallEventType("edit", event)) {
+			inputPaths.push(event.input.path);
+		} else if (isToolCallEventType("grep", event) || isToolCallEventType("find", event) || isToolCallEventType("ls", event)) {
+			inputPaths.push(event.input.path || ".");
+		}
+
+		if (isToolCallEventType("grep", event) && event.input.glob) {
+			// Check glob field as well
+			for (const zap of rules.zeroAccessPaths) {
+				if (event.input.glob.includes(zap) || isPathMatch(event.input.glob, zap, ctx.cwd)) {
+					violationReason = `Glob matches zero-access path: ${zap}`;
+					break;
+				}
+			}
+		}
+
+		if (!violationReason) {
+			violationReason = checkPaths(inputPaths);
+		}
+
+		// 2. Tool-specific logic
+		if (!violationReason) {
+			if (isToolCallEventType("bash", event)) {
+				const command = event.input.command;
+
+				// Check bashToolPatterns
+				for (const rule of rules.bashToolPatterns) {
+					const regex = new RegExp(rule.pattern);
+					if (regex.test(command)) {
+						violationReason = rule.reason;
+						shouldAsk = !!rule.ask;
+						break;
+					}
+				}
+
+				// Check if bash command interacts with restricted paths
+				if (!violationReason) {
+					for (const zap of rules.zeroAccessPaths) {
+						if (command.includes(zap)) {
+							violationReason = `Bash command references zero-access path: ${zap}`;
+							break;
+						}
+					}
+				}
+
+				if (!violationReason) {
+					for (const rop of rules.readOnlyPaths) {
+						// Heuristic: check if command might modify a read-only path
+						// Redirects, sed -i, rm, mv to, etc.
+						if (command.includes(rop) && (/[\s>|]/.test(command) || command.includes("rm") || command.includes("mv") || command.includes("sed"))) {
+							violationReason = `Bash command may modify read-only path: ${rop}`;
+							break;
+						}
+					}
+				}
+
+				if (!violationReason) {
+					for (const ndp of rules.noDeletePaths) {
+						if (command.includes(ndp) && (command.includes("rm") || command.includes("mv"))) {
+							violationReason = `Bash command attempts to delete/move protected path: ${ndp}`;
+							break;
+						}
+					}
+				}
+			} else if (isToolCallEventType("write", event) || isToolCallEventType("edit", event)) {
+				// Check Read-Only paths
+				for (const p of inputPaths) {
+					const resolved = resolvePath(p, ctx.cwd);
+					for (const rop of rules.readOnlyPaths) {
+						if (isPathMatch(resolved, rop, ctx.cwd)) {
+							violationReason = `Modification of read-only path restricted: ${rop}`;
+							break;
+						}
+					}
+				}
+			}
+		}
+
+		if (violationReason) {
+			if (shouldAsk) {
+				const confirmed = await ctx.ui.confirm("🛡️ Damage-Control Confirmation", `Dangerous command detected: ${violationReason}\n\nCommand: ${isToolCallEventType("bash", event) ? event.input.command : JSON.stringify(event.input)}\n\nDo you want to proceed?`, { timeout: 30000 });
+
+				if (!confirmed) {
+					ctx.ui.setStatus(`⚠️ Last Violation Blocked: ${violationReason.slice(0, 30)}...`);
+					pi.appendEntry("damage-control-log", { tool: event.toolName, input: event.input, rule: violationReason, action: "blocked_by_user" });
+					ctx.abort();
+					return { block: true, reason: `🛑 BLOCKED by Damage-Control: ${violationReason} (User denied)\n\nDO NOT attempt to work around this restriction. DO NOT retry with alternative commands, paths, or approaches that achieve the same result. Report this block to the user exactly as stated and ask how they would like to proceed.` };
+				} else {
+					pi.appendEntry("damage-control-log", { tool: event.toolName, input: event.input, rule: violationReason, action: "confirmed_by_user" });
+					return { block: false };
+				}
+			} else {
+				ctx.ui.notify(`🛑 Damage-Control: Blocked ${event.toolName} due to ${violationReason}`);
+				ctx.ui.setStatus(`⚠️ Last Violation: ${violationReason.slice(0, 30)}...`);
+				pi.appendEntry("damage-control-log", { tool: event.toolName, input: event.input, rule: violationReason, action: "blocked" });
+				ctx.abort();
+				return { block: true, reason: `🛑 BLOCKED by Damage-Control: ${violationReason}\n\nDO NOT attempt to work around this restriction. DO NOT retry with alternative commands, paths, or approaches that achieve the same result. Report this block to the user exactly as stated and ask how they would like to proceed.` };
+			}
+		}
+
+		return { block: false };
+	});
+}

package/.versions/0.2.0/.pi/harnesses/damage-control/package.json

@@ -0,0 +1,6 @@
+{
+  "name": "agent-skills-pi-damage-control",
+  "private": true,
+  "type": "module",
+  "main": "index.ts"
+}

package/.versions/0.2.0/.pi/harnesses/damage-control-continue/README.md

@@ -0,0 +1,37 @@
+# damage-control-continue
+
+Safety auditing that lets the agent recover instead of aborting.
+
+> Ported from [`pi-vs-claude-code`](https://github.com/disler/pi-vs-claude-code) by [disler](https://github.com/disler) (MIT). See the [extension catalog](../../../docs/pi-extensions.md).
+
+## What it does
+
+Same rule engine as [`damage-control`](../damage-control/README.md) — it reads the same
+`.pi/damage-control-rules.yaml` — but it differs in how a blocked call is handled:
+
+- the blocked tool result is replaced with **actionable feedback** that distinguishes
+  destructive intent from merely non-destructive intent and tells the agent how to adapt;
+- it does **not** call `ctx.abort()`, so the agent's turn continues and it can try an
+  alternate path (e.g. assume a `.env` key exists rather than reading the file to verify).
+
+Use this when you want guard rails without killing the turn; use plain `damage-control`
+when a hard stop is preferred.
+
+## Commands & tools
+
+None — it runs passively on the `tool_call` event.
+
+## Requires
+
+- `.pi/damage-control-rules.yaml` — the rule set (shipped in this repo)
+
+## Usage
+
+```bash
+pi -e .pi/harnesses/damage-control-continue/index.ts
+```
+
+## Upstream changes
+
+- Theme integration removed — the `themeMap.ts` import and the `applyExtensionDefaults()`
+  call were stripped (this repo does not ship pi themes).

package/.versions/0.2.0/.pi/harnesses/damage-control-continue/index.ts

@@ -0,0 +1,234 @@
+/**
+ * Damage-Control (continue) — same rules, but the agent keeps working
+ *
+ * Difference from damage-control.ts:
+ *   - The blocked tool result is replaced with actionable feedback that
+ *     distinguishes destructive vs non-destructive intent and tells the
+ *     agent how to adapt.
+ *   - We do NOT call ctx.abort(), so the agent's turn continues and can
+ *     try an alternate path (e.g. assume a .env key exists instead of
+ *     reading it to verify).
+ *
+ * Usage: pi -e extensions/damage-control-continue.ts
+ */
+
+import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
+import { isToolCallEventType } from "@mariozechner/pi-coding-agent";
+import { parse as yamlParse } from "yaml";
+import * as fs from "fs";
+import * as path from "path";
+import * as os from "os";
+
+interface Rule {
+	pattern: string;
+	reason: string;
+	ask?: boolean;
+}
+
+interface Rules {
+	bashToolPatterns: Rule[];
+	zeroAccessPaths: string[];
+	readOnlyPaths: string[];
+	noDeletePaths: string[];
+}
+
+function continueFeedback(toolName: string, violationReason: string, invocation: string): string {
+	return [
+		`🛡️ Damage-Control: ${toolName} blocked — ${violationReason}`,
+		``,
+		`Attempted: ${invocation}`,
+		``,
+		`Don't call ${toolName} directly like this. Decide which case you're in and continue:`,
+		``,
+		`→ NON-DESTRUCTIVE (e.g. reading .env to verify a key, listing a protected dir, peeking at config):`,
+		`   Assume the data is present and correct. Skip the verification step and move on with the task.`,
+		`   Example: if you were reading .env to confirm a key exists, just assume it does — the user has`,
+		`   configured their environment. If you actually need a value, ask the user for it explicitly.`,
+		``,
+		`→ DESTRUCTIVE (delete, overwrite, force-push, drop, rm, truncate, sudo, kill, etc.):`,
+		`   STOP. Tell the user exactly what you need to ship this task and ask how they want to proceed.`,
+		`   Do not invent a workaround that achieves the same destructive effect.`,
+		``,
+		`Pick the right path above and continue working. Do not retry this exact call.`,
+	].join("\n");
+}
+
+export default function (pi: ExtensionAPI) {
+	let rules: Rules = {
+		bashToolPatterns: [],
+		zeroAccessPaths: [],
+		readOnlyPaths: [],
+		noDeletePaths: [],
+	};
+
+	function resolvePath(p: string, cwd: string): string {
+		if (p.startsWith("~")) {
+			p = path.join(os.homedir(), p.slice(1));
+		}
+		return path.resolve(cwd, p);
+	}
+
+	function isPathMatch(targetPath: string, pattern: string, cwd: string): boolean {
+		const resolvedPattern = pattern.startsWith("~") ? path.join(os.homedir(), pattern.slice(1)) : pattern;
+
+		if (resolvedPattern.endsWith("/")) {
+			const absolutePattern = path.isAbsolute(resolvedPattern) ? resolvedPattern : path.resolve(cwd, resolvedPattern);
+			return targetPath.startsWith(absolutePattern);
+		}
+
+		const regexPattern = resolvedPattern
+			.replace(/[.+^${}()|[\]\\]/g, "\\$&")
+			.replace(/\*/g, ".*");
+
+		const regex = new RegExp(`^${regexPattern}$|^${regexPattern}/|/${regexPattern}$|/${regexPattern}/`);
+
+		const relativePath = path.relative(cwd, targetPath);
+
+		return regex.test(targetPath) || regex.test(relativePath) || targetPath.includes(resolvedPattern) || relativePath.includes(resolvedPattern);
+	}
+
+	pi.on("session_start", async (_event, ctx) => {
+		const projectRulesPath = path.join(ctx.cwd, ".pi", "damage-control-rules.yaml");
+		const globalRulesPath = path.join(os.homedir(), ".pi", "damage-control-rules.yaml");
+		const rulesPath = fs.existsSync(projectRulesPath) ? projectRulesPath : fs.existsSync(globalRulesPath) ? globalRulesPath : null;
+		try {
+			if (rulesPath) {
+				const content = fs.readFileSync(rulesPath, "utf8");
+				const loaded = yamlParse(content) as Partial<Rules>;
+				rules = {
+					bashToolPatterns: loaded.bashToolPatterns || [],
+					zeroAccessPaths: loaded.zeroAccessPaths || [],
+					readOnlyPaths: loaded.readOnlyPaths || [],
+					noDeletePaths: loaded.noDeletePaths || [],
+				};
+				const source = rulesPath === projectRulesPath ? "project" : "global";
+				const total = rules.bashToolPatterns.length + rules.zeroAccessPaths.length + rules.readOnlyPaths.length + rules.noDeletePaths.length;
+				ctx.ui.notify(`🛡️ Damage-Control (continue): Loaded ${total} rules (${source}). Blocks deliver feedback so the agent can adapt and keep working.`);
+			} else {
+				ctx.ui.notify("🛡️ Damage-Control (continue): No rules found at .pi/damage-control-rules.yaml (project or global)");
+			}
+		} catch (err) {
+			ctx.ui.notify(`🛡️ Damage-Control (continue): Failed to load rules: ${err instanceof Error ? err.message : String(err)}`);
+		}
+
+		const total = rules.bashToolPatterns.length + rules.zeroAccessPaths.length + rules.readOnlyPaths.length + rules.noDeletePaths.length;
+		ctx.ui.setStatus(`🛡️ Damage-Control (continue): ${total} Rules`);
+	});
+
+	pi.on("tool_call", async (event, ctx) => {
+		let violationReason: string | null = null;
+		let shouldAsk = false;
+
+		const checkPaths = (pathsToCheck: string[]) => {
+			for (const p of pathsToCheck) {
+				const resolved = resolvePath(p, ctx.cwd);
+				for (const zap of rules.zeroAccessPaths) {
+					if (isPathMatch(resolved, zap, ctx.cwd)) {
+						return `Access to zero-access path restricted: ${zap}`;
+					}
+				}
+			}
+			return null;
+		};
+
+		const inputPaths: string[] = [];
+		if (isToolCallEventType("read", event) || isToolCallEventType("write", event) || isToolCallEventType("edit", event)) {
+			inputPaths.push(event.input.path);
+		} else if (isToolCallEventType("grep", event) || isToolCallEventType("find", event) || isToolCallEventType("ls", event)) {
+			inputPaths.push(event.input.path || ".");
+		}
+
+		if (isToolCallEventType("grep", event) && event.input.glob) {
+			for (const zap of rules.zeroAccessPaths) {
+				if (event.input.glob.includes(zap) || isPathMatch(event.input.glob, zap, ctx.cwd)) {
+					violationReason = `Glob matches zero-access path: ${zap}`;
+					break;
+				}
+			}
+		}
+
+		if (!violationReason) {
+			violationReason = checkPaths(inputPaths);
+		}
+
+		if (!violationReason) {
+			if (isToolCallEventType("bash", event)) {
+				const command = event.input.command;
+
+				for (const rule of rules.bashToolPatterns) {
+					const regex = new RegExp(rule.pattern);
+					if (regex.test(command)) {
+						violationReason = rule.reason;
+						shouldAsk = !!rule.ask;
+						break;
+					}
+				}
+
+				if (!violationReason) {
+					for (const zap of rules.zeroAccessPaths) {
+						if (command.includes(zap)) {
+							violationReason = `Bash command references zero-access path: ${zap}`;
+							break;
+						}
+					}
+				}
+
+				if (!violationReason) {
+					for (const rop of rules.readOnlyPaths) {
+						if (command.includes(rop) && (/[\s>|]/.test(command) || command.includes("rm") || command.includes("mv") || command.includes("sed"))) {
+							violationReason = `Bash command may modify read-only path: ${rop}`;
+							break;
+						}
+					}
+				}
+
+				if (!violationReason) {
+					for (const ndp of rules.noDeletePaths) {
+						if (command.includes(ndp) && (command.includes("rm") || command.includes("mv"))) {
+							violationReason = `Bash command attempts to delete/move protected path: ${ndp}`;
+							break;
+						}
+					}
+				}
+			} else if (isToolCallEventType("write", event) || isToolCallEventType("edit", event)) {
+				for (const p of inputPaths) {
+					const resolved = resolvePath(p, ctx.cwd);
+					for (const rop of rules.readOnlyPaths) {
+						if (isPathMatch(resolved, rop, ctx.cwd)) {
+							violationReason = `Modification of read-only path restricted: ${rop}`;
+							break;
+						}
+					}
+				}
+			}
+		}
+
+		if (violationReason) {
+			const invocation = isToolCallEventType("bash", event) ? event.input.command : JSON.stringify(event.input);
+
+			if (shouldAsk) {
+				const confirmed = await ctx.ui.confirm(
+					"🛡️ Damage-Control Confirmation",
+					`Dangerous command detected: ${violationReason}\n\nCommand: ${invocation}\n\nDo you want to proceed?`,
+					{ timeout: 30000 },
+				);
+
+				if (!confirmed) {
+					ctx.ui.setStatus(`⚠️ Last Violation Blocked: ${violationReason.slice(0, 30)}...`);
+					pi.appendEntry("damage-control-log", { tool: event.toolName, input: event.input, rule: violationReason, action: "blocked_by_user" });
+					return { block: true, reason: continueFeedback(event.toolName, `${violationReason} (user denied)`, invocation) };
+				} else {
+					pi.appendEntry("damage-control-log", { tool: event.toolName, input: event.input, rule: violationReason, action: "confirmed_by_user" });
+					return { block: false };
+				}
+			} else {
+				ctx.ui.notify(`🛑 Damage-Control: Blocked ${event.toolName} (${violationReason}) — agent will adapt and continue.`);
+				ctx.ui.setStatus(`⚠️ Last Violation: ${violationReason.slice(0, 30)}...`);
+				pi.appendEntry("damage-control-log", { tool: event.toolName, input: event.input, rule: violationReason, action: "blocked" });
+				return { block: true, reason: continueFeedback(event.toolName, violationReason, invocation) };
+			}
+		}
+
+		return { block: false };
+	});
+}

package/.versions/0.2.0/.pi/harnesses/damage-control-continue/package.json

@@ -0,0 +1,6 @@
+{
+  "name": "agent-skills-pi-damage-control-continue",
+  "private": true,
+  "type": "module",
+  "main": "index.ts"
+}

package/.versions/0.2.0/.pi/harnesses/minimal/README.md

@@ -0,0 +1,27 @@
+# minimal
+
+Model name + context meter in a compact footer.
+
+> Ported from [`pi-vs-claude-code`](https://github.com/disler/pi-vs-claude-code) by [disler](https://github.com/disler) (MIT). See the [extension catalog](../../../docs/pi-extensions.md).
+
+## What it does
+
+Replaces the pi footer with a single compact line showing the active model ID and a
+10-block context usage meter — e.g. `claude-opus-4-7 [###-------] 30%`. Useful on its
+own or stacked behind another extension as a lightweight status surface.
+
+## Commands & tools
+
+None — footer only.
+
+## Usage
+
+```bash
+pi -e .pi/harnesses/minimal/index.ts
+```
+
+## Upstream changes
+
+- Theme integration removed — the `themeMap.ts` import and the `applyExtensionDefaults()`
+  call in `session_start` were stripped (this repo does not ship pi themes). The footer
+  now renders against pi's active theme.

package/.versions/0.2.0/.pi/harnesses/minimal/index.ts

@@ -0,0 +1,32 @@
+/**
+ * Minimal — Model name + context meter in a compact footer
+ *
+ * Shows model ID and a 10-block context usage bar: [###-------] 30%
+ *
+ * Usage: pi -e extensions/minimal.ts
+ */
+
+import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
+import { truncateToWidth, visibleWidth } from "@mariozechner/pi-tui";
+
+export default function (pi: ExtensionAPI) {
+	pi.on("session_start", async (_event, ctx) => {
+		ctx.ui.setFooter((_tui, theme, _footerData) => ({
+			dispose: () => {},
+			invalidate() {},
+			render(width: number): string[] {
+				const model = ctx.model?.id || "no-model";
+				const usage = ctx.getContextUsage();
+				const pct = (usage && usage.percent !== null) ? usage.percent : 0;
+				const filled = Math.round(pct / 10);
+				const bar = "#".repeat(filled) + "-".repeat(10 - filled);
+
+				const left = theme.fg("dim", ` ${model}`);
+				const right = theme.fg("dim", `[${bar}] ${Math.round(pct)}% `);
+				const pad = " ".repeat(Math.max(1, width - visibleWidth(left) - visibleWidth(right)));
+
+				return [truncateToWidth(left + pad + right, width)];
+			},
+		}));
+	});
+}

package/.versions/0.2.0/.pi/harnesses/minimal/package.json

@@ -0,0 +1,6 @@
+{
+  "name": "agent-skills-pi-minimal",
+  "private": true,
+  "type": "module",
+  "main": "index.ts"
+}

package/.versions/0.2.0/.pi/harnesses/package-lock.json

@@ -0,0 +1,35 @@
+{
+  "name": "agent-skills-pi-harnesses-runtime-deps",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "agent-skills-pi-harnesses-runtime-deps",
+      "dependencies": {
+        "@sinclair/typebox": "^0.34.0",
+        "yaml": "^2.8.0"
+      }
+    },
+    "node_modules/@sinclair/typebox": {
+      "version": "0.34.49",
+      "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.49.tgz",
+      "integrity": "sha512-brySQQs7Jtn0joV8Xh9ZV/hZb9Ozb0pmazDIASBkYKCjXrXU3mpcFahmK/z4YDhGkQvP9mWJbVyahdtU5wQA+A==",
+      "license": "MIT"
+    },
+    "node_modules/yaml": {
+      "version": "2.9.0",
+      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.9.0.tgz",
+      "integrity": "sha512-2AvhNX3mb8zd6Zy7INTtSpl1F15HW6Wnqj0srWlkKLcpYl/gMIMJiyuGq2KeI2YFxUPjdlB+3Lc10seMLtL4cA==",
+      "license": "ISC",
+      "bin": {
+        "yaml": "bin.mjs"
+      },
+      "engines": {
+        "node": ">= 14.6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/eemeli"
+      }
+    }
+  }
+}

package/.versions/0.2.0/.pi/harnesses/package.json

@@ -0,0 +1,9 @@
+{
+  "name": "agent-skills-pi-harnesses-runtime-deps",
+  "private": true,
+  "type": "module",
+  "dependencies": {
+    "@sinclair/typebox": "^0.34.0",
+    "yaml": "^2.8.0"
+  }
+}