@heart-of-gold/toolkit 0.1.16 → 0.1.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@heart-of-gold/toolkit",
3
- "version": "0.1.16",
3
+ "version": "0.1.18",
4
4
  "type": "module",
5
5
  "description": "Cross-platform installer for Heart of Gold skills — works with Codex, OpenCode, Pi, Claude Code, and more",
6
6
  "bin": {
@@ -7,9 +7,16 @@ description: Use when the user asks to run Claude Code CLI (`claude`, `claude re
7
7
 
8
8
  Use this skill to hand a bounded task to Claude Code from the current harness, capture the result, and summarize it back to the user.
9
9
 
10
- This skill is task-based, not review-only. Use `plan` for safe read-only analysis, but use other permission modes when the task requires command execution or edits.
10
+ This skill is task-based, not review-only. Anthropic's `plan` mode is a read-only analysis mode, but because Claude Code frames it as "Plan Mode," do not treat it as the default for reviews. Prefer `default` for normal reviews and `acceptEdits` for implementation work unless you specifically want strict read-only behavior.
11
11
 
12
- The canonical execution path is direct `claude` CLI usage, mirroring the `codex` skill's direct `codex exec` pattern. The bundled wrapper is optional and must not replace the direct path unless the user explicitly asks for it or you are debugging Claude Code invocation behavior itself.
12
+ The canonical execution path is direct `claude` CLI usage, mirroring the `codex` skill's direct `codex exec` pattern. Keep the workflow simple:
13
+
14
+ - Ask which model to use.
15
+ - Run one direct `claude` command.
16
+ - If it works, summarize Claude's output.
17
+ - If it fails or hangs, report that clearly and stop.
18
+
19
+ Do not turn a failed Claude run into an improvised shell pipeline, background polling loop, or manual artifact-concatenation workaround unless the user explicitly asks for that style of invocation.
13
20
 
14
21
  ## Available Models
15
22
 
@@ -31,19 +38,19 @@ Choose the permission mode based on what Claude Code needs to do:
31
38
 
32
39
  | Mode | Use when | Notes |
33
40
  | --- | --- | --- |
34
- | `plan` | The task is read-only and Claude does not need to execute commands or edit files | Safest option for reviewing provided diffs, logs, file contents, or design docs |
41
+ | `plan` | You explicitly want strict read-only analysis with no command execution or edits | Best for exploration, planning, or artifact-only analysis; not the default recommendation for review |
35
42
  | `default` | Claude may need to inspect the repo more freely and you can tolerate permission prompts | Good interactive default; less reliable in headless automation unless permissions are pre-arranged |
36
43
  | `acceptEdits` | Claude should be able to make local code changes | Strong default for implementation, refactors, and fixes |
37
44
  | `bypassPermissions` | Full automation is required in a trusted sandbox and the user explicitly approves it | High risk; do not default to this |
38
45
 
39
- `plan` is not the general default for this skill. It is only the safe default for bounded read-only tasks.
46
+ `plan` is not the general default for this skill. Use it only when you specifically want Claude in strict read-only analysis mode.
40
47
 
41
48
  ## Running a Task
42
49
  1. Always ask the user which model alias to use (default: `sonnet`) before running Claude Code, unless the user already specified the model.
43
50
  2. Ask for permission mode in the same prompt when the user did not specify it. Default to:
44
- - `plan` for bounded read-only analysis
51
+ - `default` for reviews and analysis
45
52
  - `acceptEdits` for implementation or refactoring work
46
- - `default` when Claude needs broader repo exploration without auto-edit authority
53
+ - `plan` only when the user explicitly wants strict read-only analysis
47
54
  3. Decide whether Claude should receive the artifact directly or discover it itself:
48
55
  - Pass diffs, logs, or file contents via stdin for safe read-only review
49
56
  - Let Claude inspect the working tree when the task requires tool use
@@ -60,11 +67,12 @@ Choose the permission mode based on what Claude Code needs to do:
60
67
  - `"your prompt here"` as the final positional argument
61
68
  5. Prefer `--output-format text` for human-readable summaries and `--output-format json` for automation or machine parsing.
62
69
  6. In headless automation, prefer explicit permissions:
63
- - `plan` for provided artifacts
70
+ - `default` for most review and analysis runs
64
71
  - `acceptEdits` for edit-capable runs
65
- - `default` only when prompts are acceptable or when permissions are constrained with `--allowedTools`
72
+ - `plan` only when you specifically want read-only analysis with no command execution
66
73
  7. Run the command, capture stdout/stderr, and summarize the outcome for the user.
67
74
  8. If Claude Code does not actually return output, stop and report that failure. Do not substitute your own review or analysis and present it as if it came from Claude Code.
75
+ 9. Do not add fallback layers automatically. One direct Claude attempt is the normal path. A retry is acceptable only when the user asks for it or when you have a concrete reason to change one thing, such as model, permission mode, or execution environment.
68
76
 
69
77
  ## Codex Execution
70
78
 
@@ -84,29 +92,44 @@ When this skill is used from Codex, the skill cannot bypass Codex sandbox policy
84
92
  - Use `--max-turns` for automation. It keeps review and implementation runs bounded.
85
93
  - Use `--output-format json` when another agent or script needs structured output.
86
94
  - Use `--allowedTools` to make headless runs more reliable and safer.
87
- - Pipe diffs or logs into Claude for read-only analysis instead of asking Claude to execute shell commands just to fetch them.
95
+ - Prefer letting Claude inspect the repo directly for normal review and implementation tasks.
96
+ - Pass diffs or logs via stdin only when the user explicitly wants artifact-only review or when direct repo access is intentionally unavailable.
88
97
  - Use `acceptEdits` for real implementation work; do not force read-only `plan` mode onto edit tasks.
89
98
  - Use `bypassPermissions` only in a trusted sandbox and only with explicit user approval.
90
99
  - Use `-r latest -p` for follow-up instead of re-explaining the entire task.
100
+ - Avoid giant `cat file1 file2 ... | claude ...` constructions as a default strategy. They are brittle, hard to inspect, and a poor substitute for direct Claude access to the repo.
91
101
 
92
102
  ## Recommended Patterns
93
103
 
94
- ### 1. Review a provided diff safely
104
+ ### 1. Review the repo directly
95
105
 
96
- Pass the diff via stdin and keep Claude in `plan` mode:
106
+ Use this as the normal review path:
107
+
108
+ ```bash
109
+ claude -p \
110
+ --output-format text \
111
+ --model sonnet \
112
+ --permission-mode default \
113
+ --max-turns 4 \
114
+ "Review how the workshop skill is designed in this repo and whether it should be improved. Return findings ordered by severity."
115
+ ```
116
+
117
+ ### 2. Review a provided diff only
118
+
119
+ Use stdin only when you intentionally want a bounded artifact review:
97
120
 
98
121
  ```bash
99
122
  git diff --staged | claude -p \
100
123
  --output-format text \
101
124
  --model sonnet \
102
- --permission-mode plan \
125
+ --permission-mode default \
103
126
  --max-turns 1 \
104
127
  "Review this diff. Return findings ordered by severity with file paths and concise explanations."
105
128
  ```
106
129
 
107
- ### 2. Ask Claude to inspect the repo and analyze
130
+ ### 3. Ask Claude to inspect the repo and analyze with tighter tool bounds
108
131
 
109
- Use `default` or a constrained tool set when Claude needs to discover context itself:
132
+ Use this when Claude should inspect the repo but you want tighter limits:
110
133
 
111
134
  ```bash
112
135
  claude -p \
@@ -118,7 +141,7 @@ claude -p \
118
141
  "Analyze the current changes and explain the main design risks."
119
142
  ```
120
143
 
121
- ### 3. Ask Claude to implement or refactor
144
+ ### 4. Ask Claude to implement or refactor
122
145
 
123
146
  Use `acceptEdits` when Claude should change files:
124
147
 
@@ -132,7 +155,7 @@ claude -p \
132
155
  "Implement the requested change in the current repo, keep the diff minimal, and summarize what changed."
133
156
  ```
134
157
 
135
- ### 4. Resume the latest Claude Code session
158
+ ### 5. Resume the latest Claude Code session
136
159
 
137
160
  ```bash
138
161
  claude -r latest -p \
@@ -140,17 +163,30 @@ claude -r latest -p \
140
163
  "Focus only on the migration risk you mentioned earlier. What is the safest rollout plan?"
141
164
  ```
142
165
 
143
- ### 5. Request structured output for automation
166
+ ### 6. Request structured output for automation
144
167
 
145
168
  ```bash
146
169
  claude -p \
147
170
  --output-format json \
148
171
  --model sonnet \
149
- --permission-mode plan \
172
+ --permission-mode default \
150
173
  --max-turns 1 \
151
174
  "Summarize the provided diff as JSON with keys: verdict, findings, risks."
152
175
  ```
153
176
 
177
+ ### 7. Use strict read-only analysis mode explicitly
178
+
179
+ Use `plan` only when you want Claude prevented from executing commands or editing files:
180
+
181
+ ```bash
182
+ git diff --staged | claude -p \
183
+ --output-format text \
184
+ --model sonnet \
185
+ --permission-mode plan \
186
+ --max-turns 1 \
187
+ "Analyze this diff and explain the key risks. Keep the response concise."
188
+ ```
189
+
154
190
  ## Optional Wrapper
155
191
 
156
192
  This skill also ships a convenience wrapper at `scripts/run-claude-code.sh`.
@@ -220,3 +256,4 @@ claude -r latest -p \
220
256
  - In Codex, if the likely cause is sandboxing or network denial, rerun with reviewer-approved `require_escalated` execution instead of repeatedly retrying the same sandboxed command.
221
257
  - Do not use `bypassPermissions` unless the user explicitly approves it.
222
258
  - If the direct `claude` path fails, report that failure directly. Do not route around it by pretending a wrapper run or a self-authored review is equivalent to Claude output.
259
+ - Do not automatically fall back to concatenating many files into stdin just because a direct Claude run failed once.
package/src/index.ts CHANGED
@@ -7,7 +7,7 @@ import { targetsCommand } from "./commands/targets";
7
7
  const main = defineCommand({
8
8
  meta: {
9
9
  name: "heart-of-gold",
10
- version: "0.1.16",
10
+ version: "0.1.18",
11
11
  description:
12
12
  "Cross-platform installer for Heart of Gold skills — Codex, OpenCode, Pi, Claude Code, and more",
13
13
  },