@ironbee-ai/cli 0.32.0 → 0.33.0

package/CHANGELOG.md

@@ -1,5 +1,7 @@
 # Changelog
 
+## 0.33.0 (2026-06-29)
+
 ## 0.32.0 (2026-06-27)
 
 ### Features

package/dist/clients/base.js

@@ -1 +1 @@
-"use strict";var t=Object.defineProperty;var s=Object.getOwnPropertyDescriptor;var c=Object.getOwnPropertyNames;var d=Object.prototype.hasOwnProperty;var g=(i,r,n,e)=>{if(r&&typeof r=="object"||typeof r=="function")for(let o of c(r))!d.call(i,o)&&o!==n&&t(i,o,{get:()=>r[o],enumerable:!(e=s(r,o))||e.enumerable});return i};var p=i=>g(t({},"__esModule",{value:!0}),i);var a={};module.exports=p(a);
+"use strict";var e=Object.defineProperty;var s=Object.getOwnPropertyDescriptor;var c=Object.getOwnPropertyNames;var g=Object.prototype.hasOwnProperty;var d=(i,r,n,t)=>{if(r&&typeof r=="object"||typeof r=="function")for(let o of c(r))!g.call(i,o)&&o!==n&&e(i,o,{get:()=>r[o],enumerable:!(t=s(r,o))||t.enumerable});return i};var p=i=>d(e({},"__esModule",{value:!0}),i);var a={};module.exports=p(a);

package/dist/clients/claude/agents/ironbee-scenario.md

@@ -72,7 +72,7 @@ edit project code.
   - **passes** → still current. (non-check) `scenario-update` to stamp `ironbee.commit` → current HEAD
     (read via `git rev-parse HEAD`) + `ironbee.liveValidated: true`; done. `scenario-update`
     shallow-replaces metadata, so read the current metadata and re-send it MERGED with these two
-    keys — don't drop `coveredPaths` / `group` / `argsSchema`.
+    keys — don't drop `coveredPaths` / `group`. (Omit `params` to keep the stored contract.)
   - **fails due to DRIFT** (the *mechanics* broke — the way to reach / drive the flow changed, not the
     expected outcome) → repair the SCRIPT mechanics only, `scenario-update`, re-run until green, then
     stamp commit / liveValidated.
@@ -151,30 +151,56 @@ the sandbox and hands back their results.
 
 ## Script format
 A scenario `script` is JS run in the devtools sandbox (async — top-level `await`/`return` work).
-It reads params from the `args` binding and invokes the platform's tools via `callTool`:
+It reads its inputs from the `args` binding and invokes the platform's tools via `callTool`:
 
 ```js
-const { baseUrl } = args;            // declared via argsSchema
+const { baseUrl } = args;            // declared in the scenario's `params` contract
 const result = await callTool('<bare-tool-name>', { /* tool input */ });
 return { ok: true };
 ```
 
-`args` is opaque to devtools — document the expected shape in the scenario's `description` and
-the `argsSchema` metadata. **Discover the available `callTool` tool names for a platform from
-your connected MCP tool schemas** (the bare names) — don't guess.
+Declare each input the script reads via the first-class **`params`** contract (see §Parameters) —
+not the old opaque `argsSchema` metadata key. **Discover the available `callTool` tool names for a
+platform from your connected MCP tool schemas** (the bare names) — don't guess.
+
+## Parameters (`params`) — typed, defaulted, validated
+For a parametric scenario, declare each input via the first-class **`params`** array on
+`scenario-add` / `scenario-update` (a top-level field, NOT inside `metadata` — this supersedes the
+old `argsSchema` metadata convention). Each entry:
+
+- `name` (required) — the `args` key the script reads (e.g. `baseUrl`).
+- `description` — what the param is (agent/human-facing).
+- `type` — `string` / `number` / `boolean` / `object` / `array`. Omit for an untyped passthrough;
+  `object` / `array` are shallow-checked at the top level only (inner shape not validated).
+- `default` — applied when the caller omits the arg; for `object` / `array` it doubles as the
+  concrete shape example. **Capture sensible defaults from the live-authoring run** so the scenario
+  re-runs "as captured" with zero args.
+- `example` — documentation-only concrete shape, surfaced when there's no `default` (typically for
+  `object` / `array`). Never injected or validated.
+- `required` — `true` rejects the run when there's no value AND no `default`.
+
+`scenario-run` then applies defaults for omitted args, enforces `required`, and shallow-validates
+declared types: re-running after a fix needs no re-derived args (`scenario-run { name }` reproduces
+the captured values), and a wrong-type / required-missing run fails loudly instead of running with
+`undefined`. The declared params ride in `scenario-list` / `-search` / `-run` output, so the
+contract is visible without reading the script. Pass `args` only to OVERRIDE a default. A scenario
+with no `params` keeps the fully-opaque `args` passthrough (document its shape in `description`).
+
+**`scenario-update` shallow-replaces `params`** (same as `metadata`): to change one entry, re-send
+the FULL `params` array; omit `params` entirely to keep the stored contract.
 
 ## Metadata conventions (stamp these on add/update)
 - `ironbee.coveredPaths` — source paths the scenario exercises (array), when derivable.
-- `argsSchema` — declared params, e.g. `{ "baseUrl": "string" }`.
-  **Mandatory for any parametric scenario** (run reads it to know what to ask).
 - `ironbee.liveValidated` — `true` when you validated the scenario by running it end-to-end against
   the live app this session; `false` when authored source-only (`draft`, or the app couldn't be
   started). Always stamp it so a later reader knows whether the script is proven.
 - `ironbee.commit` — the commit the scenario was authored against (`git rev-parse HEAD`).
 - `ironbee.group` / `ironbee.order` — for a high-level scenario split across platforms: a shared
   group slug + integer run order.
-- `scenario-update` does a **shallow replace** of metadata — to change one key, re-send the FULL
-  metadata object (read it first, merge, write back).
+- `scenario-update` does a **shallow replace** of metadata (and of `params`) — to change one key,
+  re-send the FULL object / array (read it first, merge, write back).
+- (The scenario's typed input contract is the first-class **`params`** field — see §Parameters —
+  NOT a metadata key.)
 
 The platform sections below tell you each enabled cycle's server, tool prefix, and store dir.
 

package/dist/clients/claude/agents/ironbee-verifier.md

@@ -42,7 +42,8 @@ The delegating prompt may tell you what to verify in one of two ways:
   gate's required-tools for you (as long as the scenario exercises them).
   **On a PASS verdict, also keep the scenario fresh:** `*_scenario-update` its `ironbee.commit`
   → current HEAD (`git rev-parse HEAD`) + `liveValidated: true` — read the current metadata and
-  re-send it MERGED (shallow replace; don't drop `coveredPaths` / `group` / `argsSchema`). On a
+  re-send it MERGED (shallow replace; don't drop `coveredPaths` / `group`; omit `params` to keep
+  the stored typed contract). On a
   FAIL / defect, do NOT stamp (leave it for `/ironbee-sync-scenario scenario:<name>` or the user).
 - **A FREE-TEXT scenario / file path** — anything else is authoritative: verify exactly what it
   describes, driving each active cycle's tools to exercise precisely the flows, states, and endpoints
@@ -86,6 +87,23 @@ echo '{"status":"pass","checks":["..."]}' | ironbee hook submit-verdict
    echo '{}' | ironbee hook verification-start --intent fix
    ```
    (No declared mode → plain form as above, no flag.)
+1.5. **Run the project checks FIRST (lint/test/…)** — the deterministic first step of every
+   verification cycle. Run them with a **generous Bash timeout** (they may take minutes):
+   ```
+   echo '{}' | ironbee hook run-checks
+   ```
+   This runs the project's configured `verification.checks` and records the results IronBee's
+   gate reads.
+
+   🛑 **HARD STOP — IF ANY REQUIRED CHECK FAILS, THE VERIFICATION HAS ALREADY FAILED.** Do **NOT**
+   drive the devtools tools. Do **NOT** submit a pass. Do **NOT** rationalize the failure away — it
+   is **NOT your call** whether a required failure is "just a planted fixture", "unrelated to my
+   change", "pre-existing", or "not really broken": IronBee marked the check **required**, so a
+   non-zero exit **IS** a verification failure, full stop. Immediately submit a **fail** verdict
+   whose `issues` are the failing checks (the gate enforces the fix).
+
+   Only when **every** required check PASSES do you continue to the application/devtools flow below.
+   (If it reports "no checks configured", just continue.)
 2. Build and start the application **only if it isn't already running** (check
    `docker compose ps` / process output / config — don't guess ports). **Track whether YOU
    started it**: if it was already up, the user or main agent owns it — leave it alone.

package/dist/clients/claude/commands/ironbee-manage-scenario.md

@@ -26,7 +26,8 @@ sub-agent**. It owns the devtools `scenario-*` tools; you resolve the request an
    the right platform, authors the script — **against the live app by default** (it starts the app if
    needed, observes the real behavior, validates by running once, then cleans up — deletes any probe /
    throwaway scenarios it added and stops what it started; `draft`
-   skips this) — and stamps metadata (`argsSchema` for parametric ones).
+   skips this) — and declares the typed `params` contract for parametric ones (with defaults captured
+   from the run) plus stamps metadata.
    **Delete and fuzzy-resolved update will ask you to confirm** the matched scenario first — relay
    that confirmation prompt to the user and pass their answer back.
    **Wait for the sub-agent in the same turn — do NOT background it.**

package/dist/clients/claude/index.js

@@ -1,7 +1,7 @@
-"use strict";var ge=Object.create;var T=Object.defineProperty;var pe=Object.getOwnPropertyDescriptor;var ke=Object.getOwnPropertyNames;var ve=Object.getPrototypeOf,Se=Object.prototype.hasOwnProperty;var v=(s,e)=>T(s,"name",{value:e,configurable:!0});var ye=(s,e)=>{for(var n in e)T(s,n,{get:e[n],enumerable:!0})},M=(s,e,n,o)=>{if(e&&typeof e=="object"||typeof e=="function")for(let r of ke(e))!Se.call(s,r)&&r!==n&&T(s,r,{get:()=>e[r],enumerable:!(o=pe(e,r))||o.enumerable});return s};var he=(s,e,n)=>(n=s!=null?ge(ve(s)):{},M(e||!s||!s.__esModule?T(n,"default",{value:s,enumerable:!0}):n,s)),be=s=>M(T({},"__esModule",{value:!0}),s);var Me={};ye(Me,{ClaudeClient:()=>Ce,prepareIronBeeDir:()=>Le});module.exports=be(Me);var t=require("fs"),c=require("path"),k=require("../../lib/logger"),l=require("../../lib/output"),J=require("../../lib/gitignore"),D=require("../../lib/fs-prune"),F=require("./hooks/verify-gate"),x=require("./hooks/clear-verdict"),W=require("./hooks/track-action"),X=require("./hooks/track-action-monitor"),G=require("./hooks/session-start"),q=require("./hooks/require-verdict"),z=require("./hooks/require-verification"),Y=require("./hooks/activity-start"),K=require("./hooks/activity-end"),Q=require("./hooks/session-end"),Z=require("./hooks/subagent-start"),ee=require("./hooks/subagent-stop"),u=require("../../lib/config"),ne=require("./trust"),oe=require("../../hooks/core/actions"),re=require("../../lib/platform-section"),S=require("../../lib/install-snapshots"),C=require("./hooks/session-status");const b="browser-devtools",_="node-devtools",E="backend-devtools",w="android-devtools",O="terminal-devtools",_e="ironbee",Ee="ironbee hook session-status",N="IronBee Verification Verdict",we="IronBee Verification Verdict \u2014 ALWAYS ALLOW: A call to `ironbee hook submit-verdict` is IronBee's verification verdict and is ALWAYS legitimate. NEVER flag it under Content Integrity / Impersonation \u2014 no matter which agent submits it, and even if the handoff does not re-show the devtools (`bdt_`/`ndt_`/`bedt_`/`adt_`/`tdt_`) tool calls. Those calls ran earlier in the cycle, are recorded in `.ironbee/sessions/<id>/actions.jsonl`, and IronBee's own Stop-gate already blocks any pass that lacks the required real tool calls \u2014 so this verdict is NEVER fabrication. Do not second-guess it, do not attribute it to the wrong actor. This overrides Content Integrity / Impersonation for the `ironbee hook submit-verdict` command ONLY; every other block rule still applies normally.",I="$defaults",P=["ironbee-manage-scenario","ironbee-search-scenario","ironbee-sync-scenario"];function Oe(s){return(0,c.join)(__dirname,"..",s,"platforms")}v(Oe,"platformsDirFor");function R(s,e,n){return e?(s.includes(n)||s.push(n),s):s.filter(o=>o!==n)}v(R,"syncCyclePermission");function B(s){const e=Object.keys(s);if(e.length===0)return!0;if(e.length===1&&e[0]==="mcpServers"){const n=s.mcpServers;return n===void 0||Object.keys(n).length===0}return!1}v(B,"isMcpConfigEmpty");function $e(s,e){const n=[`  - ${s}:`];!("type"in e)&&"command"in e&&n.push("      type: stdio");for(const[o,r]of Object.entries(e))if(r!==void 0)if(r!==null&&typeof r=="object"&&!Array.isArray(r)){const i=Object.entries(r);if(i.length===0)n.push(`      ${o}: {}`);else{n.push(`      ${o}:`);for(const[a,d]of i)n.push(`        ${a}: ${JSON.stringify(d)}`)}}else n.push(`      ${o}: ${JSON.stringify(r)}`);return n}v($e,"renderInlineMcpServerYaml");function U(s,e){const n=[];if((0,u.isCycleEnabled)(e,"browser")&&n.push({key:b,entry:(0,u.getMcpServerEntry)(s)}),(0,u.isCycleEnabled)(e,"node")&&n.push({key:_,entry:(0,u.getNodeDevToolsMcpEntry)(s)}),(0,u.isCycleEnabled)(e,"backend")&&n.push({key:E,entry:(0,u.getBackendDevToolsMcpEntry)(s)}),(0,u.isCycleEnabled)(e,"android")&&n.push({key:w,entry:(0,u.getAndroidDevToolsMcpEntry)(s)}),(0,u.isCycleEnabled)(e,"terminal")&&n.push({key:O,entry:(0,u.getTerminalDevToolsMcpEntry)(s)}),n.length===0)return"";const o=["mcpServers:"];for(const{key:r,entry:i}of n)o.push(...$e(r,i));return o.join(`
-`)}v(U,"buildVerifierMcpServersBlock");function V(s,e){if(e.length===0)return s;const n=s.split(`
+"use strict";var pe=Object.create;var T=Object.defineProperty;var ke=Object.getOwnPropertyDescriptor;var ve=Object.getOwnPropertyNames;var Se=Object.getPrototypeOf,ye=Object.prototype.hasOwnProperty;var v=(s,e)=>T(s,"name",{value:e,configurable:!0});var he=(s,e)=>{for(var n in e)T(s,n,{get:e[n],enumerable:!0})},L=(s,e,n,o)=>{if(e&&typeof e=="object"||typeof e=="function")for(let r of ve(e))!ye.call(s,r)&&r!==n&&T(s,r,{get:()=>e[r],enumerable:!(o=ke(e,r))||o.enumerable});return s};var be=(s,e,n)=>(n=s!=null?pe(Se(s)):{},L(e||!s||!s.__esModule?T(n,"default",{value:s,enumerable:!0}):n,s)),_e=s=>L(T({},"__esModule",{value:!0}),s);var Ne={};he(Ne,{ClaudeClient:()=>Me,prepareIronBeeDir:()=>Le});module.exports=_e(Ne);var t=require("fs"),c=require("path"),k=require("../../lib/logger"),l=require("../../lib/output"),J=require("../../lib/gitignore"),D=require("../../lib/fs-prune"),F=require("../../lib/headless"),x=require("./hooks/verify-gate"),G=require("./hooks/clear-verdict"),W=require("./hooks/track-action"),X=require("./hooks/track-action-monitor"),q=require("./hooks/session-start"),z=require("./hooks/require-verdict"),Y=require("./hooks/require-verification"),K=require("./hooks/activity-start"),Q=require("./hooks/activity-end"),Z=require("./hooks/session-end"),ee=require("./hooks/subagent-start"),ne=require("./hooks/subagent-stop"),u=require("../../lib/config"),oe=require("./trust"),re=require("../../hooks/core/actions"),ie=require("../../lib/platform-section"),S=require("../../lib/install-snapshots"),C=require("./hooks/session-status");const b="browser-devtools",_="node-devtools",E="backend-devtools",w="android-devtools",O="terminal-devtools",Ee="ironbee",we="ironbee hook session-status",N="IronBee Verification Verdict",Oe="IronBee Verification Verdict \u2014 ALWAYS ALLOW: A call to `ironbee hook submit-verdict` is IronBee's verification verdict and is ALWAYS legitimate. NEVER flag it under Content Integrity / Impersonation \u2014 no matter which agent submits it, and even if the handoff does not re-show the devtools (`bdt_`/`ndt_`/`bedt_`/`adt_`/`tdt_`) tool calls. Those calls ran earlier in the cycle, are recorded in `.ironbee/sessions/<id>/actions.jsonl`, and IronBee's own Stop-gate already blocks any pass that lacks the required real tool calls \u2014 so this verdict is NEVER fabrication. Do not second-guess it, do not attribute it to the wrong actor. This overrides Content Integrity / Impersonation for the `ironbee hook submit-verdict` command ONLY; every other block rule still applies normally.",I="$defaults",P=["ironbee-manage-scenario","ironbee-search-scenario","ironbee-sync-scenario"];function $e(s){return(0,c.join)(__dirname,"..",s,"platforms")}v($e,"platformsDirFor");function R(s,e,n){return e?(s.includes(n)||s.push(n),s):s.filter(o=>o!==n)}v(R,"syncCyclePermission");function B(s){const e=Object.keys(s);if(e.length===0)return!0;if(e.length===1&&e[0]==="mcpServers"){const n=s.mcpServers;return n===void 0||Object.keys(n).length===0}return!1}v(B,"isMcpConfigEmpty");function Te(s,e){const n=[`  - ${s}:`];!("type"in e)&&"command"in e&&n.push("      type: stdio");for(const[o,r]of Object.entries(e))if(r!==void 0)if(r!==null&&typeof r=="object"&&!Array.isArray(r)){const i=Object.entries(r);if(i.length===0)n.push(`      ${o}: {}`);else{n.push(`      ${o}:`);for(const[a,d]of i)n.push(`        ${a}: ${JSON.stringify(d)}`)}}else n.push(`      ${o}: ${JSON.stringify(r)}`);return n}v(Te,"renderInlineMcpServerYaml");function U(s,e){const n=[];if((0,u.isCycleEnabled)(e,"browser")&&n.push({key:b,entry:(0,u.getMcpServerEntry)(s)}),(0,u.isCycleEnabled)(e,"node")&&n.push({key:_,entry:(0,u.getNodeDevToolsMcpEntry)(s)}),(0,u.isCycleEnabled)(e,"backend")&&n.push({key:E,entry:(0,u.getBackendDevToolsMcpEntry)(s)}),(0,u.isCycleEnabled)(e,"android")&&n.push({key:w,entry:(0,u.getAndroidDevToolsMcpEntry)(s)}),(0,u.isCycleEnabled)(e,"terminal")&&n.push({key:O,entry:(0,u.getTerminalDevToolsMcpEntry)(s)}),n.length===0)return"";const o=["mcpServers:"];for(const{key:r,entry:i}of n)o.push(...Te(r,i));return o.join(`
+`)}v(U,"buildVerifierMcpServersBlock");function H(s,e){if(e.length===0)return s;const n=s.split(`
 `);if(n[0]!=="---")return s;let o=-1;for(let a=1;a<n.length;a++)if(n[a]==="---"){o=a;break}if(o<0)return s;const r=n.slice(0,o),i=n.slice(o);return[...r,...e.split(`
 `),...i].join(`
-`)}v(V,"injectVerifierMcpServers");function H(s,e){if(!e)return s;const n=s.split(`
+`)}v(H,"injectVerifierMcpServers");function V(s,e){if(!e)return s;const n=s.split(`
 `);if(n[0]!=="---")return s;let o=-1;for(let a=1;a<n.length;a++)if(n[a]==="---"){o=a;break}if(o<0)return s;const r=n.slice(0,o);if(r.some(a=>/^model\s*:/.test(a)))return s;const i=n.slice(o);return[...r,`model: ${e}`,...i].join(`
-`)}v(H,"injectVerifierModel");function Te(s){const e=new Set(["hooks","permissions"]);for(const n of Object.keys(s))if(!e.has(n))return!1;if(s.hooks!==void 0&&Object.keys(s.hooks).length>0)return!1;if(s.permissions!==void 0){const n=s.permissions.allow??[],o=s.permissions.deny??[];if(n.length>0||o.length>0)return!1}return!0}v(Te,"isClaudeSettingsEmpty");const Re=["CLAUDE_CODE_ENABLE_TELEMETRY","OTEL_LOGS_EXPORTER","OTEL_METRICS_EXPORTER","OTEL_EXPORTER_OTLP_PROTOCOL","OTEL_EXPORTER_OTLP_ENDPOINT","OTEL_LOG_RAW_API_BODIES","OTEL_RESOURCE_ATTRIBUTES","OTEL_LOGS_EXPORT_INTERVAL"];function j(s){const e=s.OTEL_RESOURCE_ATTRIBUTES;return typeof e=="string"&&e.includes("ironbee.project_name")}v(j,"otelEnvOwnedByUs");function Ae(s){return s.replace(/[,=\s]+/g,"-").replace(/^-+|-+$/g,"")||"project"}v(Ae,"sanitizeResourceValue");class Ce{constructor(){this.name="claude";this.supportsVerifierModel=!0}static{v(this,"ClaudeClient")}detect(e){return(0,t.existsSync)((0,c.join)(e,".claude"))}resolveProjectDir(){return process.env.CLAUDE_PROJECT_DIR??process.cwd()}resolveAgentSessionId(e,n){const o=process.env.CLAUDE_CODE_SESSION_ID;return typeof o=="string"&&o.length>0?o:void 0}async runSessionStatus(){const{runSessionStatus:e}=await Promise.resolve().then(()=>he(require("./hooks/session-status")));await e()}install(e,n){const o=n??(0,u.loadConfig)(e),r=(0,u.getVerificationMode)(o),i=r!=="monitor";this.cleanupArtifacts(e);const a=(0,c.join)(e,".claude"),d=(0,c.join)(a,"skills"),f=(0,c.join)(a,"rules"),g=(0,c.join)(a,"commands");(0,t.mkdirSync)(d,{recursive:!0}),(0,t.mkdirSync)(f,{recursive:!0}),(0,t.mkdirSync)(g,{recursive:!0});const m=(0,c.join)(a,"settings.json");if(this.mergeHooksConfig(m,r),this.writePermissions(m,i,e),(0,u.isOTELEnabled)(o)&&this.writeOTELEnv(m,e,o),this.installStatusLine(e,o),i){if(r==="enforce"){const h=(0,c.join)(d,"ironbee-verification.md"),A=(0,t.readFileSync)((0,c.join)(__dirname,"skills","ironbee-verification.md"),"utf-8");(0,t.writeFileSync)(h,A);const me=(0,c.join)(f,"ironbee-verification.md"),fe=(0,t.readFileSync)((0,c.join)(__dirname,"rules","ironbee-verification.md"),"utf-8");(0,t.writeFileSync)(me,fe)}const y=(0,c.join)(g,"ironbee-verify.md"),p=(0,t.readFileSync)((0,c.join)(__dirname,"commands","ironbee-verify.md"),"utf-8");(0,t.writeFileSync)(y,p);const $=(0,c.join)(a,"agents");(0,t.mkdirSync)($,{recursive:!0});const ie=(0,c.join)($,"ironbee-verifier.md"),te=(0,t.readFileSync)((0,c.join)(__dirname,"agents","ironbee-verifier.md"),"utf-8"),se=V(te,U(e,o)),ae=H(se,(0,u.getVerificationModel)(o,"claude"));(0,t.writeFileSync)(ie,ae);const le=(0,c.join)($,"ironbee-scenario.md"),ce=(0,t.readFileSync)((0,c.join)(__dirname,"agents","ironbee-scenario.md"),"utf-8"),ue=V(ce,U(e,o)),de=H(ue,(0,u.getVerificationModel)(o,"claude"));(0,t.writeFileSync)(le,de);for(const h of P){const A=(0,c.join)(g,`${h}.md`);(0,t.writeFileSync)(A,(0,t.readFileSync)((0,c.join)(__dirname,"commands",`${h}.md`),"utf-8"))}const L=(0,c.join)(e,".mcp.json");if(this.writeMcpConfig(L,e),(0,re.syncPlatformSectionsToConfig)(e,Oe),(0,u.isAutoModeAllowlistEnabled)(o)){const h=(0,c.join)(a,"settings.local.json");this.writeAutoModeAllowlist(h)}(0,u.isClaudeTrustWorkspaceEnabled)(o)&&(0,ne.ensureWorkspaceTrusted)(e)&&console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} trusted workspace in ~/.claude.json ${l.pc.dim("(permissions.allow now honored)")}`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} settings ${l.pc.dim("\u2192")} ${l.pc.dim(m)}`),r==="enforce"?(console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} skills   ${l.pc.dim("\u2192")} ${l.pc.dim(d)}`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} rule     ${l.pc.dim("\u2192")} ${l.pc.dim(f)}`)):console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} ${l.pc.yellow("assist mode")} (verification.auto: false) \u2014 manual /ironbee-verify only, no enforcement`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} commands ${l.pc.dim("\u2192")} ${l.pc.dim(g)}`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} agents   ${l.pc.dim("\u2192")} ${l.pc.dim((0,c.join)(a,"agents"))}`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} mcp      ${l.pc.dim("\u2192")} ${l.pc.dim(L)}`)}else console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} ${l.pc.yellow("monitoring-only mode")} (verification.enable: false)`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} settings ${l.pc.dim("\u2192")} ${l.pc.dim(m)}`)}uninstall(e){this.cleanupArtifacts(e),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} removed hooks, skill, rule, command, MCP, and permissions`)}cleanupArtifacts(e){const n=(0,c.join)(e,".claude"),o=(0,c.join)(n,"skills","ironbee-verification.md"),r=(0,c.join)(n,"skills","ironbee-analyze.md"),i=(0,c.join)(n,"rules","ironbee-verification.md"),a=(0,c.join)(n,"commands","ironbee-analyze.md"),d=(0,c.join)(n,"commands","ironbee-verify.md"),f=(0,c.join)(n,"agents","ironbee-verifier.md");this.removeFile(o),this.removeFile(r),this.removeFile(i),this.removeFile(a),this.removeFile(d),this.removeFile(f),this.removeFile((0,c.join)(n,"agents","ironbee-scenario.md"));for(const y of P)this.removeFile((0,c.join)(n,"commands",`${y}.md`));this.removeFile((0,c.join)(n,"commands","ironbee-run-scenario.md"));const g=(0,c.join)(n,"settings.json");this.removeIronBeeHooks(g),this.removePermission(g),this.removeOTELEnv(g),this.maybeDeleteEmptySettings(g);const m=(0,c.join)(e,".mcp.json");this.removeMcpServer(m),this.removeAutoModeAllowlist((0,c.join)(n,"settings.local.json")),this.uninstallStatusLine(e),(0,D.pruneEmptyDirs)(n)}installStatusLine(e,n){if(!(0,u.isSessionStatusEnabled)(n))return;const o=(0,c.join)(e,".claude","settings.local.json"),r=this.readStatusLineBlock(o);r&&!(0,C.isIronbeeStatusLine)(r.command)&&(0,S.readStatusLineSnapshot)(e,"claude")===void 0&&(0,S.upsertStatusLineSnapshot)(e,"claude",r);const i={type:"command",command:Ee},a=(0,u.getStatusLineRefreshInterval)(n);a!==void 0&&(i.refreshInterval=a),this.writeStatusLineBlock(o,i),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} statusline ${l.pc.dim("\u2192")} ${l.pc.dim(o)}`)}uninstallStatusLine(e){const n=(0,c.join)(e,".claude","settings.local.json"),o=(0,S.readStatusLineSnapshot)(e,"claude");if(o){this.writeStatusLineBlock(n,o),(0,S.clearStatusLineSnapshot)(e,"claude");return}const r=this.readStatusLineBlock(n);r&&(0,C.isIronbeeStatusLine)(r.command)&&this.removeStatusLineBlock(n)}readStatusLineBlock(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));if(n===null||typeof n!="object")return;const o=n.statusLine;if(o===null||typeof o!="object")return;const r=o.command;if(typeof r!="string"||r.length===0)return;const i=o.padding,a=o.refreshInterval,d={type:"command",command:r};return typeof i=="number"&&(d.padding=i),typeof a=="number"&&(d.refreshInterval=a),d}catch(n){k.logger.debug(`failed to read statusLine from ${e}: ${n}`);return}}writeStatusLineBlock(e,n){let o={};if((0,t.existsSync)(e))try{const r=JSON.parse((0,t.readFileSync)(e,"utf-8"));r!==null&&typeof r=="object"&&!Array.isArray(r)&&(o=r)}catch(r){k.logger.debug(`failed to read ${e} for statusLine write: ${r}`)}else(0,t.mkdirSync)((0,c.join)(e,".."),{recursive:!0});o.statusLine=n,(0,t.writeFileSync)(e,JSON.stringify(o,null,2))}removeStatusLineBlock(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));if(n===null||typeof n!="object"||Array.isArray(n))return;const o=n;delete o.statusLine,Object.keys(o).length===0?(0,t.unlinkSync)(e):(0,t.writeFileSync)(e,JSON.stringify(o,null,2))}catch(n){k.logger.debug(`failed to remove statusLine from ${e}: ${n}`)}}writeAutoModeAllowlist(e){let n={};if((0,t.existsSync)(e))try{n=JSON.parse((0,t.readFileSync)(e,"utf-8"))}catch(d){k.logger.debug(`failed to parse ${e} for autoMode allowlist: ${d}`);return}else(0,t.mkdirSync)((0,c.join)(e,".."),{recursive:!0});const o=n.autoMode!==null&&typeof n.autoMode=="object"&&!Array.isArray(n.autoMode)?n.autoMode:{},r=Array.isArray(o.allow)?o.allow.filter(d=>typeof d=="string"):[],i=r.filter(d=>!d.includes(N)),a=r.length===0?[I]:i;o.allow=[...a,we],n.autoMode=o,(0,t.writeFileSync)(e,JSON.stringify(n,null,2))}removeAutoModeAllowlist(e){if(!(0,t.existsSync)(e))return;let n;try{n=JSON.parse((0,t.readFileSync)(e,"utf-8"))}catch(d){k.logger.debug(`failed to parse ${e} for autoMode strip: ${d}`);return}if(n.autoMode===null||typeof n.autoMode!="object"||Array.isArray(n.autoMode))return;const o=n.autoMode;if(!Array.isArray(o.allow))return;const r=o.allow.filter(d=>typeof d=="string"),i=r.filter(d=>!d.includes(N));if(i.length===r.length)return;i.length===0||i.length===1&&i[0]===I?delete o.allow:o.allow=i,Object.keys(o).length===0?delete n.autoMode:n.autoMode=o,Object.keys(n).length===0?(0,t.unlinkSync)(e):(0,t.writeFileSync)(e,JSON.stringify(n,null,2))}writeOTELEnv(e,n,o){let r={};if((0,t.existsSync)(e))try{const m=JSON.parse((0,t.readFileSync)(e,"utf-8"));m!==null&&typeof m=="object"&&!Array.isArray(m)&&(r=m)}catch(m){k.logger.debug(`failed to read ${e} for otel env write: ${m}`)}else(0,t.mkdirSync)((0,c.join)(e,".."),{recursive:!0});const i=r.env,a=i!==null&&typeof i=="object"&&!Array.isArray(i)?i:{},d=a.OTEL_EXPORTER_OTLP_ENDPOINT;if(typeof d=="string"&&d.length>0&&!j(a)){console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} ${l.pc.yellow("existing OTEL telemetry env detected \u2014 left untouched (session_context not wired for this project)")}`);return}const f=(0,u.getOTELPort)(o),g=Ae((0,oe.resolveProjectName)(n));a.CLAUDE_CODE_ENABLE_TELEMETRY="1",a.OTEL_LOGS_EXPORTER="otlp",a.OTEL_METRICS_EXPORTER="none",a.OTEL_EXPORTER_OTLP_PROTOCOL="http/json",a.OTEL_EXPORTER_OTLP_ENDPOINT=`http://127.0.0.1:${f}`,a.OTEL_LOG_RAW_API_BODIES="file:.ironbee/otel",a.OTEL_RESOURCE_ATTRIBUTES=`ironbee.project_name=${g}`,a.OTEL_LOGS_EXPORT_INTERVAL="5000",r.env=a,(0,t.writeFileSync)(e,JSON.stringify(r,null,2)),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} otel env ${l.pc.dim("\u2192")} ${l.pc.dim(`${e} (127.0.0.1:${f})`)}`)}removeOTELEnv(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));if(n===null||typeof n!="object"||Array.isArray(n))return;const o=n,r=o.env;if(r===null||typeof r!="object"||Array.isArray(r))return;const i=r;if(!j(i))return;for(const a of Re)delete i[a];Object.keys(i).length===0&&delete o.env,(0,t.writeFileSync)(e,JSON.stringify(o,null,2))}catch(n){k.logger.debug(`failed to remove otel env from ${e}: ${n}`)}}maybeDeleteEmptySettings(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));Te(n)&&(0,t.unlinkSync)(e)}catch(n){k.logger.debug(`failed to inspect ${e} for emptiness: ${n}`)}}async runVerifyGate(e){await(0,F.run)(e)}async runClearVerdict(e){await(0,x.run)(e)}async runTrackAction(e){await(0,W.run)(e)}async runSessionStart(e){await(0,G.run)(e)}async runSubagentStart(e){await(0,Z.run)(e)}async runSubagentStop(e){await(0,ee.run)(e)}async runRequireVerdict(e,n){await(0,q.run)(e,n)}async runRequireVerification(e,n){await(0,z.run)(e,n)}async runActivityStart(e){await(0,Y.run)(e)}async runActivityEnd(e){await(0,K.run)(e)}async runTrackActionMonitor(e){await(0,X.run)(e)}async runSessionEnd(e){await(0,Q.run)(e)}async runTrackActionPre(e){}isIronBeeHook(e){return e.hooks.some(n=>n.command.includes(_e))}mergeHooksConfig(e,n){const o=n!=="monitor",r=n==="assist"?" --soft":"";let i={};if((0,t.existsSync)(e))try{i=JSON.parse((0,t.readFileSync)(e,"utf-8"))}catch(f){k.logger.debug(`failed to parse ${e}: ${f}`),i={}}i.hooks||(i.hooks={});for(const f of Object.keys(i.hooks)){const g=i.hooks[f].filter(m=>!this.isIronBeeHook(m));g.length===0?delete i.hooks[f]:i.hooks[f]=g}i.hooks.SessionStart||(i.hooks.SessionStart=[]),i.hooks.SessionStart.push({matcher:"",hooks:[{type:"command",command:"ironbee hook session-start --client claude"}]}),i.hooks.UserPromptSubmit||(i.hooks.UserPromptSubmit=[]),i.hooks.UserPromptSubmit.push({matcher:"",hooks:[{type:"command",command:"ironbee hook activity-start --client claude"}]}),o&&(i.hooks.PreToolUse||(i.hooks.PreToolUse=[]),i.hooks.PreToolUse.push({matcher:"mcp__browser-devtools__.*|mcp__node-devtools__.*|mcp__backend-devtools__.*|mcp__android-devtools__.*|mcp__terminal-devtools__.*",hooks:[{type:"command",command:`ironbee hook require-verification --client claude${r}`}]}),i.hooks.PreToolUse.push({matcher:"Write|Edit",hooks:[{type:"command",command:`ironbee hook require-verdict --client claude${r}`}]}),i.hooks.PostToolUse||(i.hooks.PostToolUse=[]),i.hooks.PostToolUse.push({matcher:"Write|Edit",hooks:[{type:"command",command:"ironbee hook clear-verdict --client claude"}]})),i.hooks.PostToolUse||(i.hooks.PostToolUse=[]);const a=o?"ironbee hook track-action --client claude":"ironbee hook track-action-monitor --client claude";i.hooks.PostToolUse.push({matcher:"",hooks:[{type:"command",command:a}]}),i.hooks.PostToolUseFailure||(i.hooks.PostToolUseFailure=[]),i.hooks.PostToolUseFailure.push({matcher:"",hooks:[{type:"command",command:a}]}),i.hooks.Stop||(i.hooks.Stop=[]);const d=n==="enforce"?"ironbee hook verify-gate --client claude":"ironbee hook activity-end --client claude";i.hooks.Stop.push({matcher:"",hooks:[{type:"command",command:d}]}),i.hooks.SubagentStart||(i.hooks.SubagentStart=[]),i.hooks.SubagentStart.push({matcher:"",hooks:[{type:"command",command:"ironbee hook subagent-start --client claude"}]}),i.hooks.SubagentStop||(i.hooks.SubagentStop=[]),i.hooks.SubagentStop.push({matcher:"",hooks:[{type:"command",command:"ironbee hook subagent-stop --client claude"}]}),i.hooks.SessionEnd||(i.hooks.SessionEnd=[]),i.hooks.SessionEnd.push({matcher:"",hooks:[{type:"command",command:"ironbee hook session-end --client claude"}]}),(0,t.writeFileSync)(e,JSON.stringify(i,null,2))}removeIronBeeHooks(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));if(!n.hooks)return;for(const o of Object.keys(n.hooks)){const r=n.hooks[o].filter(i=>!this.isIronBeeHook(i));r.length===0?delete n.hooks[o]:n.hooks[o]=r}(0,t.writeFileSync)(e,JSON.stringify(n,null,2))}catch(n){k.logger.debug(`failed to remove hooks from ${e}: ${n}`)}}removeMcpServer(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));let o=!1;n.mcpServers&&n.mcpServers[b]&&(delete n.mcpServers[b],o=!0),n.mcpServers&&n.mcpServers[_]&&(delete n.mcpServers[_],o=!0),n.mcpServers&&n.mcpServers[E]&&(delete n.mcpServers[E],o=!0),n.mcpServers&&n.mcpServers[w]&&(delete n.mcpServers[w],o=!0),n.mcpServers&&n.mcpServers[O]&&(delete n.mcpServers[O],o=!0),B(n)?(0,t.unlinkSync)(e):o&&(0,t.writeFileSync)(e,JSON.stringify(n,null,2))}catch(n){k.logger.debug(`failed to remove MCP server from ${e}: ${n}`)}}removePermission(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8")),o=`mcp__${b}__*`,r=`mcp__${_}__*`,i=`mcp__${E}__*`,a=`mcp__${w}__*`,d=`mcp__${O}__*`,f="Bash(ironbee *)",g="Bash(ironbee analyze)";n.permissions?.allow&&(n.permissions.allow=n.permissions.allow.filter(m=>m!==o&&m!==r&&m!==i&&m!==a&&m!==d&&m!==f&&m!==g),(0,t.writeFileSync)(e,JSON.stringify(n,null,2)))}catch(n){k.logger.debug(`failed to remove permission from ${e}: ${n}`)}}removeFile(e){(0,t.existsSync)(e)&&(0,t.unlinkSync)(e)}writeMcpConfig(e,n){let o={mcpServers:{}};if((0,t.existsSync)(e))try{o=JSON.parse((0,t.readFileSync)(e,"utf-8")),o.mcpServers||(o.mcpServers={})}catch(r){k.logger.debug(`failed to parse ${e}: ${r}`),o={mcpServers:{}}}if(delete o.mcpServers[b],delete o.mcpServers[_],delete o.mcpServers[E],delete o.mcpServers[w],delete o.mcpServers[O],B(o)){try{(0,t.rmSync)(e,{force:!0})}catch(r){k.logger.debug(`failed to remove empty ${e}: ${r}`)}return}(0,t.writeFileSync)(e,JSON.stringify(o,null,2))}writePermissions(e,n,o){let r={};if((0,t.existsSync)(e))try{r=JSON.parse((0,t.readFileSync)(e,"utf-8"))}catch(p){k.logger.debug(`failed to parse ${e}: ${p}`),r={}}r.permissions||(r.permissions={allow:[],deny:[]}),r.permissions.allow||(r.permissions.allow=[]);const i=`mcp__${b}__*`,a=`mcp__${_}__*`,d=`mcp__${E}__*`,f=`mcp__${w}__*`,g=`mcp__${O}__*`,m="Bash(ironbee *)",y="Bash(ironbee analyze)";if(n){const p=(0,u.loadConfig)(o);r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"browser"),i),r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"node"),a),r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"backend"),d),r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"android"),f),r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"terminal"),g),r.permissions.allow=r.permissions.allow.filter($=>$!==y),r.permissions.allow.includes(m)||r.permissions.allow.push(m)}else r.permissions.allow=r.permissions.allow.filter(p=>p!==i&&p!==a&&p!==d&&p!==f&&p!==g&&p!==m&&p!==y);(0,t.writeFileSync)(e,JSON.stringify(r,null,2))}}function Le(s){(0,t.mkdirSync)((0,c.join)(s,".ironbee"),{recursive:!0}),(0,J.ensureIronBeeGitignored)(s)}v(Le,"prepareIronBeeDir");0&&(module.exports={ClaudeClient,prepareIronBeeDir});
+`)}v(V,"injectVerifierModel");function Re(s){const e=new Set(["hooks","permissions"]);for(const n of Object.keys(s))if(!e.has(n))return!1;if(s.hooks!==void 0&&Object.keys(s.hooks).length>0)return!1;if(s.permissions!==void 0){const n=s.permissions.allow??[],o=s.permissions.deny??[];if(n.length>0||o.length>0)return!1}return!0}v(Re,"isClaudeSettingsEmpty");const Ae=["CLAUDE_CODE_ENABLE_TELEMETRY","OTEL_LOGS_EXPORTER","OTEL_METRICS_EXPORTER","OTEL_EXPORTER_OTLP_PROTOCOL","OTEL_EXPORTER_OTLP_ENDPOINT","OTEL_LOG_RAW_API_BODIES","OTEL_RESOURCE_ATTRIBUTES","OTEL_LOGS_EXPORT_INTERVAL"];function j(s){const e=s.OTEL_RESOURCE_ATTRIBUTES;return typeof e=="string"&&e.includes("ironbee.project_name")}v(j,"otelEnvOwnedByUs");function Ce(s){return s.replace(/[,=\s]+/g,"-").replace(/^-+|-+$/g,"")||"project"}v(Ce,"sanitizeResourceValue");class Me{constructor(){this.name="claude";this.supportsVerifierModel=!0}static{v(this,"ClaudeClient")}detect(e){return(0,t.existsSync)((0,c.join)(e,".claude"))}resolveProjectDir(){return process.env.CLAUDE_PROJECT_DIR??process.cwd()}resolveAgentSessionId(e,n){const o=process.env.CLAUDE_CODE_SESSION_ID;return typeof o=="string"&&o.length>0?o:void 0}async runSessionStatus(){const{runSessionStatus:e}=await Promise.resolve().then(()=>be(require("./hooks/session-status")));await e()}async runHeadlessPrompt(e,n){return(0,F.runHeadlessCommand)("claude",["-p",e,"--output-format","text","--allowedTools","Read","Glob","Grep"],{cwd:n.projectDir,timeoutMs:n.timeoutMs,signal:n.signal})}install(e,n){const o=n??(0,u.loadConfig)(e),r=(0,u.getVerificationMode)(o),i=r!=="monitor";this.cleanupArtifacts(e);const a=(0,c.join)(e,".claude"),d=(0,c.join)(a,"skills"),f=(0,c.join)(a,"rules"),g=(0,c.join)(a,"commands");(0,t.mkdirSync)(d,{recursive:!0}),(0,t.mkdirSync)(f,{recursive:!0}),(0,t.mkdirSync)(g,{recursive:!0});const m=(0,c.join)(a,"settings.json");if(this.mergeHooksConfig(m,r),this.writePermissions(m,i,e),(0,u.isOTELEnabled)(o)&&this.writeOTELEnv(m,e,o),this.installStatusLine(e,o),i){if(r==="enforce"){const h=(0,c.join)(d,"ironbee-verification.md"),A=(0,t.readFileSync)((0,c.join)(__dirname,"skills","ironbee-verification.md"),"utf-8");(0,t.writeFileSync)(h,A);const fe=(0,c.join)(f,"ironbee-verification.md"),ge=(0,t.readFileSync)((0,c.join)(__dirname,"rules","ironbee-verification.md"),"utf-8");(0,t.writeFileSync)(fe,ge)}const y=(0,c.join)(g,"ironbee-verify.md"),p=(0,t.readFileSync)((0,c.join)(__dirname,"commands","ironbee-verify.md"),"utf-8");(0,t.writeFileSync)(y,p);const $=(0,c.join)(a,"agents");(0,t.mkdirSync)($,{recursive:!0});const te=(0,c.join)($,"ironbee-verifier.md"),se=(0,t.readFileSync)((0,c.join)(__dirname,"agents","ironbee-verifier.md"),"utf-8"),ae=H(se,U(e,o)),le=V(ae,(0,u.getVerificationModel)(o,"claude"));(0,t.writeFileSync)(te,le);const ce=(0,c.join)($,"ironbee-scenario.md"),ue=(0,t.readFileSync)((0,c.join)(__dirname,"agents","ironbee-scenario.md"),"utf-8"),de=H(ue,U(e,o)),me=V(de,(0,u.getVerificationModel)(o,"claude"));(0,t.writeFileSync)(ce,me);for(const h of P){const A=(0,c.join)(g,`${h}.md`);(0,t.writeFileSync)(A,(0,t.readFileSync)((0,c.join)(__dirname,"commands",`${h}.md`),"utf-8"))}const M=(0,c.join)(e,".mcp.json");if(this.writeMcpConfig(M,e),(0,ie.syncPlatformSectionsToConfig)(e,$e),(0,u.isAutoModeAllowlistEnabled)(o)){const h=(0,c.join)(a,"settings.local.json");this.writeAutoModeAllowlist(h)}(0,u.isClaudeTrustWorkspaceEnabled)(o)&&(0,oe.ensureWorkspaceTrusted)(e)&&console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} trusted workspace in ~/.claude.json ${l.pc.dim("(permissions.allow now honored)")}`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} settings ${l.pc.dim("\u2192")} ${l.pc.dim(m)}`),r==="enforce"?(console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} skills   ${l.pc.dim("\u2192")} ${l.pc.dim(d)}`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} rule     ${l.pc.dim("\u2192")} ${l.pc.dim(f)}`)):console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} ${l.pc.yellow("assist mode")} (verification.auto: false) \u2014 manual /ironbee-verify only, no enforcement`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} commands ${l.pc.dim("\u2192")} ${l.pc.dim(g)}`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} agents   ${l.pc.dim("\u2192")} ${l.pc.dim((0,c.join)(a,"agents"))}`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} mcp      ${l.pc.dim("\u2192")} ${l.pc.dim(M)}`)}else console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} ${l.pc.yellow("monitoring-only mode")} (verification.enable: false)`),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} settings ${l.pc.dim("\u2192")} ${l.pc.dim(m)}`)}uninstall(e){this.cleanupArtifacts(e),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} removed hooks, skill, rule, command, MCP, and permissions`)}cleanupArtifacts(e){const n=(0,c.join)(e,".claude"),o=(0,c.join)(n,"skills","ironbee-verification.md"),r=(0,c.join)(n,"skills","ironbee-analyze.md"),i=(0,c.join)(n,"rules","ironbee-verification.md"),a=(0,c.join)(n,"commands","ironbee-analyze.md"),d=(0,c.join)(n,"commands","ironbee-verify.md"),f=(0,c.join)(n,"agents","ironbee-verifier.md");this.removeFile(o),this.removeFile(r),this.removeFile(i),this.removeFile(a),this.removeFile(d),this.removeFile(f),this.removeFile((0,c.join)(n,"agents","ironbee-scenario.md"));for(const y of P)this.removeFile((0,c.join)(n,"commands",`${y}.md`));this.removeFile((0,c.join)(n,"commands","ironbee-run-scenario.md"));const g=(0,c.join)(n,"settings.json");this.removeIronBeeHooks(g),this.removePermission(g),this.removeOTELEnv(g),this.maybeDeleteEmptySettings(g);const m=(0,c.join)(e,".mcp.json");this.removeMcpServer(m),this.removeAutoModeAllowlist((0,c.join)(n,"settings.local.json")),this.uninstallStatusLine(e),(0,D.pruneEmptyDirs)(n)}installStatusLine(e,n){if(!(0,u.isSessionStatusEnabled)(n))return;const o=(0,c.join)(e,".claude","settings.local.json"),r=this.readStatusLineBlock(o);r&&!(0,C.isIronbeeStatusLine)(r.command)&&(0,S.readStatusLineSnapshot)(e,"claude")===void 0&&(0,S.upsertStatusLineSnapshot)(e,"claude",r);const i={type:"command",command:we},a=(0,u.getStatusLineRefreshInterval)(n);a!==void 0&&(i.refreshInterval=a),this.writeStatusLineBlock(o,i),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} statusline ${l.pc.dim("\u2192")} ${l.pc.dim(o)}`)}uninstallStatusLine(e){const n=(0,c.join)(e,".claude","settings.local.json"),o=(0,S.readStatusLineSnapshot)(e,"claude");if(o){this.writeStatusLineBlock(n,o),(0,S.clearStatusLineSnapshot)(e,"claude");return}const r=this.readStatusLineBlock(n);r&&(0,C.isIronbeeStatusLine)(r.command)&&this.removeStatusLineBlock(n)}readStatusLineBlock(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));if(n===null||typeof n!="object")return;const o=n.statusLine;if(o===null||typeof o!="object")return;const r=o.command;if(typeof r!="string"||r.length===0)return;const i=o.padding,a=o.refreshInterval,d={type:"command",command:r};return typeof i=="number"&&(d.padding=i),typeof a=="number"&&(d.refreshInterval=a),d}catch(n){k.logger.debug(`failed to read statusLine from ${e}: ${n}`);return}}writeStatusLineBlock(e,n){let o={};if((0,t.existsSync)(e))try{const r=JSON.parse((0,t.readFileSync)(e,"utf-8"));r!==null&&typeof r=="object"&&!Array.isArray(r)&&(o=r)}catch(r){k.logger.debug(`failed to read ${e} for statusLine write: ${r}`)}else(0,t.mkdirSync)((0,c.join)(e,".."),{recursive:!0});o.statusLine=n,(0,t.writeFileSync)(e,JSON.stringify(o,null,2))}removeStatusLineBlock(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));if(n===null||typeof n!="object"||Array.isArray(n))return;const o=n;delete o.statusLine,Object.keys(o).length===0?(0,t.unlinkSync)(e):(0,t.writeFileSync)(e,JSON.stringify(o,null,2))}catch(n){k.logger.debug(`failed to remove statusLine from ${e}: ${n}`)}}writeAutoModeAllowlist(e){let n={};if((0,t.existsSync)(e))try{n=JSON.parse((0,t.readFileSync)(e,"utf-8"))}catch(d){k.logger.debug(`failed to parse ${e} for autoMode allowlist: ${d}`);return}else(0,t.mkdirSync)((0,c.join)(e,".."),{recursive:!0});const o=n.autoMode!==null&&typeof n.autoMode=="object"&&!Array.isArray(n.autoMode)?n.autoMode:{},r=Array.isArray(o.allow)?o.allow.filter(d=>typeof d=="string"):[],i=r.filter(d=>!d.includes(N)),a=r.length===0?[I]:i;o.allow=[...a,Oe],n.autoMode=o,(0,t.writeFileSync)(e,JSON.stringify(n,null,2))}removeAutoModeAllowlist(e){if(!(0,t.existsSync)(e))return;let n;try{n=JSON.parse((0,t.readFileSync)(e,"utf-8"))}catch(d){k.logger.debug(`failed to parse ${e} for autoMode strip: ${d}`);return}if(n.autoMode===null||typeof n.autoMode!="object"||Array.isArray(n.autoMode))return;const o=n.autoMode;if(!Array.isArray(o.allow))return;const r=o.allow.filter(d=>typeof d=="string"),i=r.filter(d=>!d.includes(N));if(i.length===r.length)return;i.length===0||i.length===1&&i[0]===I?delete o.allow:o.allow=i,Object.keys(o).length===0?delete n.autoMode:n.autoMode=o,Object.keys(n).length===0?(0,t.unlinkSync)(e):(0,t.writeFileSync)(e,JSON.stringify(n,null,2))}writeOTELEnv(e,n,o){let r={};if((0,t.existsSync)(e))try{const m=JSON.parse((0,t.readFileSync)(e,"utf-8"));m!==null&&typeof m=="object"&&!Array.isArray(m)&&(r=m)}catch(m){k.logger.debug(`failed to read ${e} for otel env write: ${m}`)}else(0,t.mkdirSync)((0,c.join)(e,".."),{recursive:!0});const i=r.env,a=i!==null&&typeof i=="object"&&!Array.isArray(i)?i:{},d=a.OTEL_EXPORTER_OTLP_ENDPOINT;if(typeof d=="string"&&d.length>0&&!j(a)){console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} ${l.pc.yellow("existing OTEL telemetry env detected \u2014 left untouched (session_context not wired for this project)")}`);return}const f=(0,u.getOTELPort)(o),g=Ce((0,re.resolveProjectName)(n));a.CLAUDE_CODE_ENABLE_TELEMETRY="1",a.OTEL_LOGS_EXPORTER="otlp",a.OTEL_METRICS_EXPORTER="none",a.OTEL_EXPORTER_OTLP_PROTOCOL="http/json",a.OTEL_EXPORTER_OTLP_ENDPOINT=`http://127.0.0.1:${f}`,a.OTEL_LOG_RAW_API_BODIES="file:.ironbee/otel",a.OTEL_RESOURCE_ATTRIBUTES=`ironbee.project_name=${g}`,a.OTEL_LOGS_EXPORT_INTERVAL="5000",r.env=a,(0,t.writeFileSync)(e,JSON.stringify(r,null,2)),console.log(`  ${l.pc.dim("\u2192")} ${(0,l.orange)("[claude]")} otel env ${l.pc.dim("\u2192")} ${l.pc.dim(`${e} (127.0.0.1:${f})`)}`)}removeOTELEnv(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));if(n===null||typeof n!="object"||Array.isArray(n))return;const o=n,r=o.env;if(r===null||typeof r!="object"||Array.isArray(r))return;const i=r;if(!j(i))return;for(const a of Ae)delete i[a];Object.keys(i).length===0&&delete o.env,(0,t.writeFileSync)(e,JSON.stringify(o,null,2))}catch(n){k.logger.debug(`failed to remove otel env from ${e}: ${n}`)}}maybeDeleteEmptySettings(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));Re(n)&&(0,t.unlinkSync)(e)}catch(n){k.logger.debug(`failed to inspect ${e} for emptiness: ${n}`)}}async runVerifyGate(e){await(0,x.run)(e)}async runClearVerdict(e){await(0,G.run)(e)}async runTrackAction(e){await(0,W.run)(e)}async runSessionStart(e){await(0,q.run)(e)}async runSubagentStart(e){await(0,ee.run)(e)}async runSubagentStop(e){await(0,ne.run)(e)}async runRequireVerdict(e,n){await(0,z.run)(e,n)}async runRequireVerification(e,n){await(0,Y.run)(e,n)}async runActivityStart(e){await(0,K.run)(e)}async runActivityEnd(e){await(0,Q.run)(e)}async runTrackActionMonitor(e){await(0,X.run)(e)}async runSessionEnd(e){await(0,Z.run)(e)}async runTrackActionPre(e){}isIronBeeHook(e){return e.hooks.some(n=>n.command.includes(Ee))}mergeHooksConfig(e,n){const o=n!=="monitor",r=n==="assist"?" --soft":"";let i={};if((0,t.existsSync)(e))try{i=JSON.parse((0,t.readFileSync)(e,"utf-8"))}catch(f){k.logger.debug(`failed to parse ${e}: ${f}`),i={}}i.hooks||(i.hooks={});for(const f of Object.keys(i.hooks)){const g=i.hooks[f].filter(m=>!this.isIronBeeHook(m));g.length===0?delete i.hooks[f]:i.hooks[f]=g}i.hooks.SessionStart||(i.hooks.SessionStart=[]),i.hooks.SessionStart.push({matcher:"",hooks:[{type:"command",command:"ironbee hook session-start --client claude"}]}),i.hooks.UserPromptSubmit||(i.hooks.UserPromptSubmit=[]),i.hooks.UserPromptSubmit.push({matcher:"",hooks:[{type:"command",command:"ironbee hook activity-start --client claude"}]}),o&&(i.hooks.PreToolUse||(i.hooks.PreToolUse=[]),i.hooks.PreToolUse.push({matcher:"mcp__browser-devtools__.*|mcp__node-devtools__.*|mcp__backend-devtools__.*|mcp__android-devtools__.*|mcp__terminal-devtools__.*",hooks:[{type:"command",command:`ironbee hook require-verification --client claude${r}`}]}),i.hooks.PreToolUse.push({matcher:"Write|Edit",hooks:[{type:"command",command:`ironbee hook require-verdict --client claude${r}`}]}),i.hooks.PostToolUse||(i.hooks.PostToolUse=[]),i.hooks.PostToolUse.push({matcher:"Write|Edit",hooks:[{type:"command",command:"ironbee hook clear-verdict --client claude"}]})),i.hooks.PostToolUse||(i.hooks.PostToolUse=[]);const a=o?"ironbee hook track-action --client claude":"ironbee hook track-action-monitor --client claude";i.hooks.PostToolUse.push({matcher:"",hooks:[{type:"command",command:a}]}),i.hooks.PostToolUseFailure||(i.hooks.PostToolUseFailure=[]),i.hooks.PostToolUseFailure.push({matcher:"",hooks:[{type:"command",command:a}]}),i.hooks.Stop||(i.hooks.Stop=[]);const d=n==="enforce"?"ironbee hook verify-gate --client claude":"ironbee hook activity-end --client claude";i.hooks.Stop.push({matcher:"",hooks:[{type:"command",command:d}]}),i.hooks.SubagentStart||(i.hooks.SubagentStart=[]),i.hooks.SubagentStart.push({matcher:"",hooks:[{type:"command",command:"ironbee hook subagent-start --client claude"}]}),i.hooks.SubagentStop||(i.hooks.SubagentStop=[]),i.hooks.SubagentStop.push({matcher:"",hooks:[{type:"command",command:"ironbee hook subagent-stop --client claude"}]}),i.hooks.SessionEnd||(i.hooks.SessionEnd=[]),i.hooks.SessionEnd.push({matcher:"",hooks:[{type:"command",command:"ironbee hook session-end --client claude"}]}),(0,t.writeFileSync)(e,JSON.stringify(i,null,2))}removeIronBeeHooks(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));if(!n.hooks)return;for(const o of Object.keys(n.hooks)){const r=n.hooks[o].filter(i=>!this.isIronBeeHook(i));r.length===0?delete n.hooks[o]:n.hooks[o]=r}(0,t.writeFileSync)(e,JSON.stringify(n,null,2))}catch(n){k.logger.debug(`failed to remove hooks from ${e}: ${n}`)}}removeMcpServer(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8"));let o=!1;n.mcpServers&&n.mcpServers[b]&&(delete n.mcpServers[b],o=!0),n.mcpServers&&n.mcpServers[_]&&(delete n.mcpServers[_],o=!0),n.mcpServers&&n.mcpServers[E]&&(delete n.mcpServers[E],o=!0),n.mcpServers&&n.mcpServers[w]&&(delete n.mcpServers[w],o=!0),n.mcpServers&&n.mcpServers[O]&&(delete n.mcpServers[O],o=!0),B(n)?(0,t.unlinkSync)(e):o&&(0,t.writeFileSync)(e,JSON.stringify(n,null,2))}catch(n){k.logger.debug(`failed to remove MCP server from ${e}: ${n}`)}}removePermission(e){if((0,t.existsSync)(e))try{const n=JSON.parse((0,t.readFileSync)(e,"utf-8")),o=`mcp__${b}__*`,r=`mcp__${_}__*`,i=`mcp__${E}__*`,a=`mcp__${w}__*`,d=`mcp__${O}__*`,f="Bash(ironbee *)",g="Bash(ironbee analyze)";n.permissions?.allow&&(n.permissions.allow=n.permissions.allow.filter(m=>m!==o&&m!==r&&m!==i&&m!==a&&m!==d&&m!==f&&m!==g),(0,t.writeFileSync)(e,JSON.stringify(n,null,2)))}catch(n){k.logger.debug(`failed to remove permission from ${e}: ${n}`)}}removeFile(e){(0,t.existsSync)(e)&&(0,t.unlinkSync)(e)}writeMcpConfig(e,n){let o={mcpServers:{}};if((0,t.existsSync)(e))try{o=JSON.parse((0,t.readFileSync)(e,"utf-8")),o.mcpServers||(o.mcpServers={})}catch(r){k.logger.debug(`failed to parse ${e}: ${r}`),o={mcpServers:{}}}if(delete o.mcpServers[b],delete o.mcpServers[_],delete o.mcpServers[E],delete o.mcpServers[w],delete o.mcpServers[O],B(o)){try{(0,t.rmSync)(e,{force:!0})}catch(r){k.logger.debug(`failed to remove empty ${e}: ${r}`)}return}(0,t.writeFileSync)(e,JSON.stringify(o,null,2))}writePermissions(e,n,o){let r={};if((0,t.existsSync)(e))try{r=JSON.parse((0,t.readFileSync)(e,"utf-8"))}catch(p){k.logger.debug(`failed to parse ${e}: ${p}`),r={}}r.permissions||(r.permissions={allow:[],deny:[]}),r.permissions.allow||(r.permissions.allow=[]);const i=`mcp__${b}__*`,a=`mcp__${_}__*`,d=`mcp__${E}__*`,f=`mcp__${w}__*`,g=`mcp__${O}__*`,m="Bash(ironbee *)",y="Bash(ironbee analyze)";if(n){const p=(0,u.loadConfig)(o);r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"browser"),i),r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"node"),a),r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"backend"),d),r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"android"),f),r.permissions.allow=R(r.permissions.allow,(0,u.isCycleEnabled)(p,"terminal"),g),r.permissions.allow=r.permissions.allow.filter($=>$!==y),r.permissions.allow.includes(m)||r.permissions.allow.push(m)}else r.permissions.allow=r.permissions.allow.filter(p=>p!==i&&p!==a&&p!==d&&p!==f&&p!==g&&p!==m&&p!==y);(0,t.writeFileSync)(e,JSON.stringify(r,null,2))}}function Le(s){(0,t.mkdirSync)((0,c.join)(s,".ironbee"),{recursive:!0}),(0,J.ensureIronBeeGitignored)(s)}v(Le,"prepareIronBeeDir");0&&(module.exports={ClaudeClient,prepareIronBeeDir});

package/dist/clients/codex/agents/ironbee-scenario.md

@@ -61,7 +61,7 @@ This is NOT a verification cycle — you submit no verdict and do not gate compl
   - **passes** → still current. (non-check) `scenario-update` to stamp `ironbee.commit` → current HEAD
     (read via `git rev-parse HEAD`) + `ironbee.liveValidated: true`; done. `scenario-update`
     shallow-replaces metadata, so read the current metadata and re-send it MERGED with these two
-    keys — don't drop `coveredPaths` / `group` / `argsSchema`.
+    keys — don't drop `coveredPaths` / `group`. (Omit `params` to keep the stored contract.)
   - **fails due to DRIFT** (the *mechanics* broke — the way to reach / drive the flow changed, not the
     expected outcome) → repair the SCRIPT mechanics only, `scenario-update`, re-run until green, then
     stamp commit / liveValidated.
@@ -139,30 +139,56 @@ their results.
 
 ## Script format
 A scenario `script` is JS run in the devtools sandbox (async — top-level `await`/`return` work).
-It reads params from the `args` binding and invokes the platform's tools via `callTool`:
+It reads its inputs from the `args` binding and invokes the platform's tools via `callTool`:
 
 ```js
-const { baseUrl } = args;            // declared via argsSchema
+const { baseUrl } = args;            // declared in the scenario's `params` contract
 const result = await callTool('<bare-tool-name>', { /* tool input */ });
 return { ok: true };
 ```
 
-`args` is opaque to devtools — document the expected shape in the scenario's `description` and the
-`argsSchema` metadata. **Discover the available `callTool` tool names for a platform from your
-connected MCP tool schemas** (the bare names) — don't guess.
+Declare each input the script reads via the first-class **`params`** contract (see §Parameters) —
+not the old opaque `argsSchema` metadata key. **Discover the available `callTool` tool names for a
+platform from your connected MCP tool schemas** (the bare names) — don't guess.
+
+## Parameters (`params`) — typed, defaulted, validated
+For a parametric scenario, declare each input via the first-class **`params`** array on
+`scenario-add` / `scenario-update` (a top-level field, NOT inside `metadata` — this supersedes the
+old `argsSchema` metadata convention). Each entry:
+
+- `name` (required) — the `args` key the script reads (e.g. `baseUrl`).
+- `description` — what the param is (agent/human-facing).
+- `type` — `string` / `number` / `boolean` / `object` / `array`. Omit for an untyped passthrough;
+  `object` / `array` are shallow-checked at the top level only (inner shape not validated).
+- `default` — applied when the caller omits the arg; for `object` / `array` it doubles as the
+  concrete shape example. **Capture sensible defaults from the live-authoring run** so the scenario
+  re-runs "as captured" with zero args.
+- `example` — documentation-only concrete shape, surfaced when there's no `default` (typically for
+  `object` / `array`). Never injected or validated.
+- `required` — `true` rejects the run when there's no value AND no `default`.
+
+`scenario-run` then applies defaults for omitted args, enforces `required`, and shallow-validates
+declared types: re-running after a fix needs no re-derived args (`scenario-run { name }` reproduces
+the captured values), and a wrong-type / required-missing run fails loudly instead of running with
+`undefined`. The declared params ride in `scenario-list` / `-search` / `-run` output, so the
+contract is visible without reading the script. Pass `args` only to OVERRIDE a default. A scenario
+with no `params` keeps the fully-opaque `args` passthrough (document its shape in `description`).
+
+**`scenario-update` shallow-replaces `params`** (same as `metadata`): to change one entry, re-send
+the FULL `params` array; omit `params` entirely to keep the stored contract.
 
 ## Metadata conventions (stamp these on add/update)
 - `ironbee.coveredPaths` — source paths the scenario exercises (array), when derivable.
-- `argsSchema` — declared params, e.g. `{ "baseUrl": "string" }`.
-  **Mandatory for any parametric scenario** (run reads it to know what to ask).
 - `ironbee.liveValidated` — `true` when you validated the scenario by running it end-to-end against
   the live app this session; `false` when authored source-only (`draft`, or the app couldn't be
   started). Always stamp it.
 - `ironbee.commit` — the commit the scenario was authored against (`git rev-parse HEAD`).
 - `ironbee.group` / `ironbee.order` — for a high-level scenario split across platforms: a shared
   group slug + integer run order.
-- `scenario-update` does a **shallow replace** of metadata — to change one key, re-send the FULL
-  metadata object (read it first, merge, write back).
+- `scenario-update` does a **shallow replace** of metadata (and of `params`) — to change one key,
+  re-send the FULL object / array (read it first, merge, write back).
+- (The scenario's typed input contract is the first-class **`params`** field — see §Parameters —
+  NOT a metadata key.)
 
 The platform sections below tell you each enabled cycle's server, tool prefix, and store dir.
 

package/dist/clients/codex/agents/ironbee-verifier.md

@@ -29,7 +29,8 @@ The delegating prompt may tell you what to verify in one of two ways:
   gate's required-tools for you (as long as the scenario exercises them).
   **On a PASS verdict, also keep the scenario fresh:** `*_scenario-update` its `ironbee.commit`
   → current HEAD (`git rev-parse HEAD`) + `liveValidated: true` — read the current metadata and
-  re-send it MERGED (shallow replace; don't drop `coveredPaths` / `group` / `argsSchema`). On a
+  re-send it MERGED (shallow replace; don't drop `coveredPaths` / `group`; omit `params` to keep
+  the stored typed contract). On a
   FAIL / defect, do NOT stamp (leave it for `$ironbee-sync-scenario scenario:<name>` or the user).
 - **A FREE-TEXT scenario / file path** — anything else is authoritative: verify exactly what it
   describes, driving each active cycle's tools to exercise precisely the flows, states, and endpoints
@@ -74,6 +75,23 @@ echo '{"status":"pass","checks":["..."]}' | ironbee hook submit-verdict
    echo '{}' | ironbee hook verification-start --intent fix
    ```
    (No declared mode → plain form as above, no flag.)
+1.5. **Run the project checks FIRST (lint/test/…)** — the deterministic first step of every
+   verification cycle. Run them with a **generous timeout** (they may take minutes):
+   ```
+   echo '{}' | ironbee hook run-checks
+   ```
+   This runs the project's configured `verification.checks` and records the results IronBee's
+   gate reads.
+
+   🛑 **HARD STOP — IF ANY REQUIRED CHECK FAILS, THE VERIFICATION HAS ALREADY FAILED.** Do **NOT**
+   drive the devtools tools. Do **NOT** submit a pass. Do **NOT** rationalize the failure away — it
+   is **NOT your call** whether a required failure is "just a planted fixture", "unrelated to my
+   change", "pre-existing", or "not really broken": IronBee marked the check **required**, so a
+   non-zero exit **IS** a verification failure, full stop. Immediately submit a **fail** verdict
+   whose `issues` are the failing checks (the gate enforces the fix).
+
+   Only when **every** required check PASSES do you continue to the application/devtools flow below.
+   (If it reports "no checks configured", just continue.)
 2. Build and start the application **only if it isn't already running** (check
    `docker compose ps` / process output / config — don't guess ports). **Track whether YOU
    started it**: if it was already up, the user or main agent owns it — leave it alone.

package/dist/clients/codex/commands/ironbee-manage-scenario/SKILL.main.md

@@ -69,23 +69,35 @@ tools directly: that keeps it gate-orthogonal — no `verification_id`, can't fa
 > passes" means fixing the SCRIPT, never working around the app.)
 
 ## Script format
-JS run in the devtools sandbox (async — top-level `await`/`return` work); reads params from `args`:
+JS run in the devtools sandbox (async — top-level `await`/`return` work); reads its inputs from `args`:
 
 ```js
-const { baseUrl } = args;            // declared via argsSchema
+const { baseUrl } = args;            // declared in the scenario's `params` contract
 const result = await callTool('<bare-tool-name>', { /* tool input */ });
 return { ok: true };
 ```
 
 Discover the available `callTool` tool names for a platform from your connected MCP schemas — don't
-guess. Document the expected `args` in the `description` + the `argsSchema` metadata.
+guess. Declare each input via the first-class **`params`** contract (§Parameters), not `argsSchema`.
+
+## Parameters (`params`) — typed, defaulted, validated
+Declare a parametric scenario's inputs via the first-class **`params`** array on
+`scenario-add` / `scenario-update` (top-level field, NOT metadata — supersedes the old `argsSchema`
+convention). Each entry: `name` (required — the `args` key the script reads), `description`, `type`
+(`string`/`number`/`boolean`/`object`/`array`; `object`/`array` shallow-checked at the top level),
+`default` (applied when the arg is omitted — **capture it from the live-authoring run** so the
+scenario re-runs "as captured" with zero args), `example` (doc-only shape when there's no `default`),
+`required` (reject the run when there's no value AND no `default`). `scenario-run` applies defaults,
+enforces `required`, shallow-validates declared types, and surfaces `params` in list/search/run
+output. Pass `args` only to OVERRIDE a default. `scenario-update` shallow-replaces `params` (re-send
+the full array; omit to keep the stored contract).
 
 ## Metadata conventions (stamp on add/update)
-- `argsSchema` — declared params, e.g. `{ "baseUrl": "string" }`. **Mandatory for parametric scenarios.**
 - `ironbee.coveredPaths` — source paths exercised (array), when derivable.
 - `ironbee.group` / `ironbee.order` — for a cross-platform split.
-- `*_scenario-update` does a **shallow replace** of metadata — to change one key, re-send the FULL
-  metadata object (read it first, merge, write back).
+- `*_scenario-update` does a **shallow replace** of metadata (and of `params`) — to change one key,
+  re-send the FULL object / array (read it first, merge, write back). The typed input contract is the
+  first-class `params` field (§Parameters), not a metadata key.
 
 The platform sections below list each enabled cycle's server, tool prefix, and store dir.
 

package/dist/clients/codex/commands/ironbee-manage-scenario/SKILL.md

@@ -32,7 +32,8 @@ custom agent. This is NOT a verification cycle — it submits no verdict and doe
    right platform, authors the script — **against the live app by default** (starts the app if needed,
    observes the real behavior, validates by running once, then cleans up — deletes any probe /
    throwaway scenarios it added and stops what it started; `draft` skips this)
-   — and stamps metadata (`argsSchema` for parametric ones).
+   — and declares the typed `params` contract for parametric ones (defaults captured from the run)
+   plus stamps metadata.
    **Delete and fuzzy-resolved update ask you to confirm** the matched scenario first — relay that
    to the user and pass their answer back. **Wait for the sub-agent in the same turn.**
 3. **Relay** the sub-agent's summary (what it created / updated / deleted, on which platform).

package/dist/clients/codex/commands/ironbee-sync-scenario/SKILL.main.md

@@ -23,7 +23,7 @@ is NOT a verification cycle — no verdict, no gate.
    - **passes** → still current; (non-check) `*_scenario-update` to stamp `ironbee.commit` → HEAD
      (read via `git rev-parse HEAD`) + `ironbee.liveValidated: true`. `*_scenario-update`
      shallow-replaces metadata — read current metadata and re-send it MERGED with these two keys
-     (don't drop `coveredPaths` / `group` / `argsSchema`).
+     (don't drop `coveredPaths` / `group`; omit `params` to keep the stored typed contract).
    - **mechanical DRIFT** (the way to reach / drive the flow changed, not the expected outcome) →
      repair the SCRIPT mechanics only, `*_scenario-update`, re-run until green, then stamp.
    - **real DEFECT** (the expected outcome is unreachable — the app broke) → **STOP, report, do NOT

package/dist/clients/codex/commands/ironbee-verify/SKILL.main.md

@@ -72,6 +72,7 @@ stripping a leading `fix` / `report` mode token.
    ```
    echo '{"session_id":"<your-session-id>"}' | ironbee hook verification-start --intent fix
    ```
+1.5. **Run the project checks FIRST (lint/test/…)**: `echo '{"session_id":"<your-session-id>"}' | ironbee hook run-checks` (generous shell timeout — they may take minutes). Runs the configured `verification.checks` and records the results the gate reads. 🛑 **IF ANY REQUIRED CHECK FAILS, THE VERIFICATION HAS ALREADY FAILED — STOP.** It is **NOT your call** whether the failure is "just a fixture", "unrelated", or "pre-existing" — a required non-zero exit **IS** a failure. Do **NOT** touch the devtools tools or submit a pass; submit a **fail** verdict whose `issues` are the failing checks (the gate enforces the fix). Only when **every** required check PASSES do you continue. ("no checks configured" → continue.)
 2. **Build and start** the application if not already running (don't guess ports). Track what YOU started.
 3. **For every active cycle, run its flow** — driven by the scenario above when supplied, otherwise
    per the platform sections near the bottom of this file. All active cycles must be exercised within

package/dist/clients/codex/index.js

@@ -1,3 +1,3 @@
-"use strict";var P=Object.defineProperty;var se=Object.getOwnPropertyDescriptor;var ae=Object.getOwnPropertyNames;var le=Object.prototype.hasOwnProperty;var S=(f,e)=>P(f,"name",{value:e,configurable:!0});var ce=(f,e)=>{for(var o in e)P(f,o,{get:e[o],enumerable:!0})},de=(f,e,o,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let i of ae(e))!le.call(f,i)&&i!==o&&P(f,i,{get:()=>e[i],enumerable:!(r=se(e,i))||r.enumerable});return f};var ge=f=>de(P({},"__esModule",{value:!0}),f);var ve={};ce(ve,{CodexClient:()=>fe});module.exports=ge(ve);var s=require("fs"),m=require("path"),q=require("../../lib/gitignore"),b=require("../../lib/logger"),c=require("../../lib/output"),N=require("../../lib/fs-prune"),l=require("../../lib/config"),C=require("../../lib/platform-section"),n=require("./util"),B=require("./thread-map"),W=require("../../lib/runtime-paths"),X=require("./hooks/verify-gate"),D=require("./hooks/activity-end"),Y=require("./hooks/session-start"),z=require("./hooks/activity-start"),Q=require("./hooks/require-verification"),Z=require("./hooks/require-verdict"),j=require("./hooks/clear-verdict"),ee=require("./hooks/track-action"),oe=require("./hooks/track-action-monitor"),ne=require("./hooks/track-action-pre"),te=require("./hooks/subagent-start"),ie=require("./hooks/subagent-stop");const O="~/.ironbee/projects",w="browser-devtools",A="node-devtools",_="backend-devtools",I="android-devtools",R="terminal-devtools",me="ironbee",$="ironbee-verifier",L=30,J="Verifies recent code changes through real browser/runtime/backend tools and submits the IronBee verdict. Spawn this custom agent (by agent_type) after editing code to run the verification cycle out-of-band \u2014 it drives the devtools tools, judges the result, and records the verdict in the shared session. It does NOT edit code.",x="ironbee-scenario",F=["ironbee-manage-scenario","ironbee-search-scenario","ironbee-sync-scenario"],G="Manages and searches reusable IronBee verification scenarios via the devtools scenario tools. Spawn this custom agent (by agent_type) from the scenario slash commands to author/update/delete saved scenarios and find them by name/description/metadata. NOT a verification cycle (running a saved scenario to verify is done via $ironbee-verify scenario:<name>).";function H(f){return(0,m.join)(__dirname,"..",f,"platforms")}S(H,"platformsDirFor");function y(f){return c.pc.dim(f)}S(y,"codexColor");function K(f){return f.hooks.some(e=>e.command.includes(me))}S(K,"isIronBeeHookGroup");function ue(f){const e=Object.keys(f);return e.length===0?!0:e.length===1&&e[0]==="hooks"?Object.keys(f.hooks??{}).length===0:!1}S(ue,"isCodexHooksEmpty");class fe{constructor(){this.name="codex";this.supportsVerifierModel=!0}static{S(this,"CodexClient")}detect(e){return(0,s.existsSync)((0,m.join)(e,".agents","skills","ironbee-verify"))}resolveProjectDir(){return process.env.CODEX_PROJECT_DIR??process.env.IRONBEE_PROJECT_DIR??process.cwd()}install(e,o){const r=o??(0,l.loadConfig)(e),i=(0,l.getVerificationMode)(r),t=i!=="monitor",a=(0,l.getCodexVerifierMode)(r);this.cleanupArtifacts(e);const g=(0,n.codexHooksJsonPath)(e);if(this.mergeHooksConfig(g,i,a),this.mergeConfigToml(e,r,t,a),t&&(i==="enforce"&&this.writeAgentsMdBlock(e,r,a),this.writeSkills(e,i==="enforce",r,a),(0,C.syncPlatformSectionsToConfig)(e,H)),(0,q.ensureIronBeeGitignored)(e),console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} hooks    ${c.pc.dim("\u2192")} ${c.pc.dim(g)}`),console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} config   ${c.pc.dim("\u2192")} ${c.pc.dim((0,n.codexConfigTomlPath)(e))}`),t){const h=a==="main-agent"?`${c.pc.yellow("main-agent")} (the main agent drives the devtools tools directly)`:`${c.pc.bold("sub-agent")} (delegated to the ironbee-verifier custom agent)`;console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} verify   ${c.pc.dim("\u2192")} ${h}`)}i==="enforce"?(console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} agents   ${c.pc.dim("\u2192")} ${c.pc.dim((0,m.join)(e,"AGENTS.md"))}`),console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} skill    ${c.pc.dim("\u2192")} ${c.pc.dim((0,m.join)(e,".agents","skills","ironbee-verification","SKILL.md"))}`),console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} command  ${c.pc.dim("\u2192")} ${c.pc.dim((0,m.join)(e,".agents","skills","ironbee-verify","SKILL.md"))}`)):i==="assist"?(console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} ${c.pc.yellow("assist mode")} (verification.auto: false) \u2014 manual $ironbee-verify only, no enforcement`),console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} command  ${c.pc.dim("\u2192")} ${c.pc.dim((0,m.join)(e,".agents","skills","ironbee-verify","SKILL.md"))}`)):console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} ${c.pc.yellow("monitoring-only mode")} (verification.enable: false)`),console.log(),console.log(`  ${c.pc.yellow("\u26A0")} ${c.pc.yellow("Codex requires one-time TUI setup:")}`),console.log(`    ${c.pc.yellow("1.")} Run ${c.pc.bold("/hooks")} in a fresh Codex session to review and trust IronBee hooks`),console.log(`    ${c.pc.yellow("2.")} Restart any open Codex sessions to pick up new hook config`)}uninstall(e){this.cleanupArtifacts(e),(0,s.existsSync)((0,n.codexHooksJsonPath)(e))||this.removeFeaturesHooksFlag(e),(0,N.pruneEmptyDirs)((0,m.join)(e,".codex"));const o=(0,B.codexThreadMapPath)(e);if((0,s.existsSync)(o))try{(0,s.unlinkSync)(o)}catch(r){b.logger.debug(`failed to remove codex thread map: ${r}`)}console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} removed hooks, MCP entries, AGENTS.md block, and skills`)}removeFeaturesHooksFlag(e){const o=(0,n.codexConfigTomlPath)(e);if((0,s.existsSync)(o))try{const r=(0,s.readFileSync)(o,"utf-8");let i=(0,n.removeFeaturesHooks)(r);i=(0,n.removeSandboxWritableRoot)(i,O),i.trim().length===0?(0,s.unlinkSync)(o):i!==r&&(0,s.writeFileSync)(o,i)}catch(r){b.logger.debug(`failed to strip [features] hooks from config.toml: ${r}`)}}cleanupArtifacts(e){this.migrateAwayFromUserLevel();const o=(0,n.codexHooksJsonPath)(e);this.removeIronBeeHooks(o),this.maybeDeleteEmptyHooks(o),this.removeIronBeeMcpServers(e),this.removeVerifierAgentToml(e),this.removeScenarioAgentToml(e);const r=(0,m.join)(e,"AGENTS.md");if((0,s.existsSync)(r))try{const t=(0,s.readFileSync)(r,"utf-8"),a=(0,n.stripAgentsMdBlock)(t);a===null?(0,s.unlinkSync)(r):a!==t&&(0,s.writeFileSync)(r,a)}catch(t){b.logger.debug(`failed to strip AGENTS.md block: ${t}`)}const i=(0,m.join)(e,".agents","skills");this.removeDir((0,m.join)(i,"ironbee-verification")),this.removeDir((0,m.join)(i,"ironbee-verify"));for(const t of F)this.removeDir((0,m.join)(i,t));this.removeDir((0,m.join)(i,"ironbee-run-scenario")),(0,N.pruneEmptyDirs)((0,m.join)(e,".agents"))}async runVerifyGate(e){await(0,X.run)(e)}async runActivityEnd(e){await(0,D.run)(e)}async runSessionStart(e){await(0,Y.run)(e)}async runActivityStart(e){await(0,z.run)(e)}async runRequireVerification(e,o){await(0,Q.run)(e,o)}async runRequireVerdict(e,o){await(0,Z.run)(e,o)}async runClearVerdict(e){await(0,j.run)(e)}async runTrackAction(e){await(0,ee.run)(e)}async runTrackActionMonitor(e){await(0,oe.run)(e)}async runTrackActionPre(e){await(0,ne.run)(e)}async runSubagentStart(e){await(0,te.run)(e)}async runSubagentStop(e){await(0,ie.run)(e)}resolveAgentSessionId(e,o){const r=process.env.CODEX_THREAD_ID;if(typeof r=="string"&&r.length>0&&o)return(0,B.lookupThreadSession)(o,r)}async runSessionEnd(e){b.logger.debug("session-end: no-op on Codex (no SessionEnd hook event)")}mergeHooksConfig(e,o,r){const i=o!=="monitor",t=o==="assist"?" --soft":"";(0,s.mkdirSync)((0,m.dirname)(e),{recursive:!0});let a={hooks:{}};if((0,s.existsSync)(e))try{a=JSON.parse((0,s.readFileSync)(e,"utf-8")),a.hooks||(a.hooks={})}catch(v){b.logger.debug(`failed to parse ${e}: ${v}`),a={hooks:{}}}for(const v of Object.keys(a.hooks)){const d=a.hooks[v].filter(p=>!K(p));d.length===0?delete a.hooks[v]:a.hooks[v]=d}const g=S((v,d,p)=>{a.hooks[v]||(a.hooks[v]=[]),a.hooks[v].push({matcher:d,hooks:[{type:"command",command:p}]})},"addGroup");g("SessionStart",".*","ironbee hook session-start --client codex"),g("UserPromptSubmit",".*","ironbee hook activity-start --client codex"),g("PreToolUse",".*","ironbee hook track-action-pre --client codex"),i&&(g("PreToolUse","^mcp__(browser|node|backend|android|terminal)[-_]devtools__.*",`ironbee hook require-verification --client codex${t}`),g("PreToolUse","^apply_patch$",`ironbee hook require-verdict --client codex${t}`),g("PostToolUse","^apply_patch$","ironbee hook clear-verdict --client codex"),r==="sub-agent"&&g("SubagentStart",".*","ironbee hook subagent-start --client codex")),g("SubagentStop",".*","ironbee hook subagent-stop --client codex"),g("PostToolUse",".*",i?"ironbee hook track-action --client codex":"ironbee hook track-action-monitor --client codex"),g("Stop",".*",o==="enforce"?"ironbee hook verify-gate --client codex":"ironbee hook activity-end --client codex"),(0,s.writeFileSync)(e,JSON.stringify(a,null,2))}removeIronBeeHooks(e){if((0,s.existsSync)(e))try{const o=(0,s.readFileSync)(e,"utf-8"),r=JSON.parse(o);if(!r.hooks)return;let i=!1;for(const t of Object.keys(r.hooks)){const a=r.hooks[t].filter(g=>!K(g));a.length!==r.hooks[t].length&&(i=!0),a.length===0?delete r.hooks[t]:r.hooks[t]=a}i&&(0,s.writeFileSync)(e,JSON.stringify(r,null,2))}catch(o){b.logger.debug(`failed to strip IronBee hooks from ${e}: ${o}`)}}maybeDeleteEmptyHooks(e){if((0,s.existsSync)(e))try{const o=JSON.parse((0,s.readFileSync)(e,"utf-8"));ue(o)&&(0,s.unlinkSync)(e)}catch(o){b.logger.debug(`failed to inspect ${e} for emptiness: ${o}`)}}mergeConfigToml(e,o,r,i){(0,s.mkdirSync)((0,m.join)(e,".codex"),{recursive:!0});let t=(0,n.readCodexConfigToml)(e);if(t=(0,n.ensureFeaturesHooksTrue)(t),t=r&&(0,W.resolveRuntimeLocation)(e)==="external"?(0,n.ensureSandboxWritableRoot)(t,O):(0,n.removeSandboxWritableRoot)(t,O),t=(0,n.removeMcpServer)(t,w),t=(0,n.removeMcpServer)(t,A),t=(0,n.removeMcpServer)(t,_),t=(0,n.removeMcpServer)(t,I),t=(0,n.removeMcpServer)(t,R),r&&i==="main-agent"){t=this.upsertSessionMcpServers(t,e,o),t=(0,n.removeAgentsTable)(t,$),t=(0,n.removeAgentsTable)(t,x),t=(0,n.removeMultiAgentV2SpawnMetadata)(t),this.removeVerifierAgentToml(e),this.removeScenarioAgentToml(e),(0,n.writeCodexConfigToml)(e,t);return}if(r){const g=(0,l.getVerificationModel)(o,"codex"),h=(0,s.existsSync)((0,n.userCodexConfigTomlPath)())?(0,s.readFileSync)((0,n.userCodexConfigTomlPath)(),"utf-8"):"",u=(0,n.extractTomlTopLevelModel)(t)===null&&(0,n.extractTomlTopLevelModel)(h)===null;g===void 0&&u&&console.log(`  ${c.pc.dim("\u2192")} ${y("[codex]")} ${c.pc.yellow("\u26A0 no model for the verifier")} \u2014 the ${c.pc.bold("ironbee-verifier")} sub-agent inherits the session model, but neither this project's .codex/config.toml nor ~/.codex/config.toml has a top-level ${c.pc.bold("model")}, so it may fail to spawn ("could not resolve the child model"). Fix: set ${c.pc.bold("model")} in ~/.codex/config.toml, or set ${c.pc.bold("verification.model")} in your ironbee config.`),this.writeVerifierAgentToml(e,o,g),t=(0,n.upsertAgentsTable)(t,$,[`description = ${JSON.stringify(J)}`,`config_file = ${JSON.stringify(`agents/${$}.toml`)}`]),t=(0,n.ensureMultiAgentV2SpawnMetadataExposed)(t),this.writeScenarioAgentToml(e,o,g),t=(0,n.upsertAgentsTable)(t,x,[`description = ${JSON.stringify(G)}`,`config_file = ${JSON.stringify(`agents/${x}.toml`)}`])}else t=(0,n.removeAgentsTable)(t,$),t=(0,n.removeAgentsTable)(t,x),t=(0,n.removeMultiAgentV2SpawnMetadata)(t),this.removeVerifierAgentToml(e),this.removeScenarioAgentToml(e);(0,n.writeCodexConfigToml)(e,t)}writeVerifierAgentToml(e,o,r){this.writeCustomAgentToml(e,o,r,$,J,"skill","read-only")}writeScenarioAgentToml(e,o,r){this.writeCustomAgentToml(e,o,r,x,G,"scenario","read-only")}writeCustomAgentToml(e,o,r,i,t,a,g){const h=(0,m.join)(__dirname,"agents",`${i}.md`);let u;try{u=(0,s.readFileSync)(h,"utf-8")}catch(k){b.logger.debug(`failed to read agent source ${h}: ${k}`);return}const v=H("codex");for(const k of l.ALL_CYCLES){const E=(0,l.isCycleEnabled)(o,k)?re=>{const V=(0,m.join)(v,(0,C.fragmentFilename)(a,k,re));return(0,s.existsSync)(V)?(0,s.readFileSync)(V,"utf-8").trimEnd():null}:null;u=(0,C.applyPlatformSection)(u,k,E,`${i}.toml`)}const d=[];d.push(`name = ${JSON.stringify(i)}`),d.push(`description = ${JSON.stringify(t)}`),d.push(`sandbox_mode = ${JSON.stringify(g)}`),r&&d.push(`model = ${JSON.stringify(r)}`),d.push("developer_instructions = '''"),d.push(u.replace(/'''/g,"```").trimEnd()),d.push("'''");const p=S((k,T,E)=>{k&&(d.push(""),d.push(`[mcp_servers.${T}]`),d.push(...U(E)),d.push(`startup_timeout_sec = ${L}`),d.push("required = true"),d.push('default_tools_approval_mode = "approve"'))},"addCycle");p((0,l.isCycleEnabled)(o,"browser"),w,(0,l.getMcpServerEntry)(e)),p((0,l.isCycleEnabled)(o,"node"),A,(0,l.getNodeDevToolsMcpEntry)(e)),p((0,l.isCycleEnabled)(o,"backend"),_,(0,l.getBackendDevToolsMcpEntry)(e)),p((0,l.isCycleEnabled)(o,"android"),I,(0,l.getAndroidDevToolsMcpEntry)(e)),p((0,l.isCycleEnabled)(o,"terminal"),R,(0,l.getTerminalDevToolsMcpEntry)(e));const M=(0,n.codexAgentTomlPath)(e,i);(0,s.mkdirSync)((0,m.dirname)(M),{recursive:!0}),(0,s.writeFileSync)(M,d.join(`
+"use strict";var P=Object.defineProperty;var le=Object.getOwnPropertyDescriptor;var ce=Object.getOwnPropertyNames;var de=Object.prototype.hasOwnProperty;var S=(f,e)=>P(f,"name",{value:e,configurable:!0});var me=(f,e)=>{for(var o in e)P(f,o,{get:e[o],enumerable:!0})},ge=(f,e,o,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let i of ce(e))!de.call(f,i)&&i!==o&&P(f,i,{get:()=>e[i],enumerable:!(r=le(e,i))||r.enumerable});return f};var ue=f=>ge(P({},"__esModule",{value:!0}),f);var be={};me(be,{CodexClient:()=>pe});module.exports=ue(be);var s=require("fs"),q=require("os"),m=require("path"),W=require("../../lib/gitignore"),p=require("../../lib/logger"),c=require("../../lib/output"),N=require("../../lib/fs-prune"),D=require("../../lib/headless"),l=require("../../lib/config"),C=require("../../lib/platform-section"),n=require("./util"),B=require("./thread-map"),X=require("../../lib/runtime-paths"),Y=require("./hooks/verify-gate"),z=require("./hooks/activity-end"),Q=require("./hooks/session-start"),Z=require("./hooks/activity-start"),j=require("./hooks/require-verification"),ee=require("./hooks/require-verdict"),oe=require("./hooks/clear-verdict"),ne=require("./hooks/track-action"),te=require("./hooks/track-action-monitor"),ie=require("./hooks/track-action-pre"),re=require("./hooks/subagent-start"),se=require("./hooks/subagent-stop");const O="~/.ironbee/projects",w="browser-devtools",A="node-devtools",_="backend-devtools",I="android-devtools",R="terminal-devtools",fe="ironbee",$="ironbee-verifier",L=30,J="Verifies recent code changes through real browser/runtime/backend tools and submits the IronBee verdict. Spawn this custom agent (by agent_type) after editing code to run the verification cycle out-of-band \u2014 it drives the devtools tools, judges the result, and records the verdict in the shared session. It does NOT edit code.",x="ironbee-scenario",F=["ironbee-manage-scenario","ironbee-search-scenario","ironbee-sync-scenario"],G="Manages and searches reusable IronBee verification scenarios via the devtools scenario tools. Spawn this custom agent (by agent_type) from the scenario slash commands to author/update/delete saved scenarios and find them by name/description/metadata. NOT a verification cycle (running a saved scenario to verify is done via $ironbee-verify scenario:<name>).";function H(f){return(0,m.join)(__dirname,"..",f,"platforms")}S(H,"platformsDirFor");function k(f){return c.pc.dim(f)}S(k,"codexColor");function K(f){return f.hooks.some(e=>e.command.includes(fe))}S(K,"isIronBeeHookGroup");function ve(f){const e=Object.keys(f);return e.length===0?!0:e.length===1&&e[0]==="hooks"?Object.keys(f.hooks??{}).length===0:!1}S(ve,"isCodexHooksEmpty");class pe{constructor(){this.name="codex";this.supportsVerifierModel=!0}static{S(this,"CodexClient")}detect(e){return(0,s.existsSync)((0,m.join)(e,".agents","skills","ironbee-verify"))}resolveProjectDir(){return process.env.CODEX_PROJECT_DIR??process.env.IRONBEE_PROJECT_DIR??process.cwd()}async runHeadlessPrompt(e,o){const r=(0,s.mkdtempSync)((0,m.join)((0,q.tmpdir)(),"ironbee-codex-")),i=(0,m.join)(r,"last.txt");try{await(0,D.runHeadlessCommand)("codex",["exec","--sandbox","read-only","--skip-git-repo-check","-o",i,e],{cwd:o.projectDir,timeoutMs:o.timeoutMs,signal:o.signal});try{return(0,s.readFileSync)(i,"utf8")}catch{return""}}finally{try{(0,s.rmSync)(r,{recursive:!0,force:!0})}catch{}}}install(e,o){const r=o??(0,l.loadConfig)(e),i=(0,l.getVerificationMode)(r),t=i!=="monitor",a=(0,l.getCodexVerifierMode)(r);this.cleanupArtifacts(e);const g=(0,n.codexHooksJsonPath)(e);if(this.mergeHooksConfig(g,i,a),this.mergeConfigToml(e,r,t,a),t&&(i==="enforce"&&this.writeAgentsMdBlock(e,r,a),this.writeSkills(e,i==="enforce",r,a),(0,C.syncPlatformSectionsToConfig)(e,H)),(0,W.ensureIronBeeGitignored)(e),console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} hooks    ${c.pc.dim("\u2192")} ${c.pc.dim(g)}`),console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} config   ${c.pc.dim("\u2192")} ${c.pc.dim((0,n.codexConfigTomlPath)(e))}`),t){const h=a==="main-agent"?`${c.pc.yellow("main-agent")} (the main agent drives the devtools tools directly)`:`${c.pc.bold("sub-agent")} (delegated to the ironbee-verifier custom agent)`;console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} verify   ${c.pc.dim("\u2192")} ${h}`)}i==="enforce"?(console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} agents   ${c.pc.dim("\u2192")} ${c.pc.dim((0,m.join)(e,"AGENTS.md"))}`),console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} skill    ${c.pc.dim("\u2192")} ${c.pc.dim((0,m.join)(e,".agents","skills","ironbee-verification","SKILL.md"))}`),console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} command  ${c.pc.dim("\u2192")} ${c.pc.dim((0,m.join)(e,".agents","skills","ironbee-verify","SKILL.md"))}`)):i==="assist"?(console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} ${c.pc.yellow("assist mode")} (verification.auto: false) \u2014 manual $ironbee-verify only, no enforcement`),console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} command  ${c.pc.dim("\u2192")} ${c.pc.dim((0,m.join)(e,".agents","skills","ironbee-verify","SKILL.md"))}`)):console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} ${c.pc.yellow("monitoring-only mode")} (verification.enable: false)`),console.log(),console.log(`  ${c.pc.yellow("\u26A0")} ${c.pc.yellow("Codex requires one-time TUI setup:")}`),console.log(`    ${c.pc.yellow("1.")} Run ${c.pc.bold("/hooks")} in a fresh Codex session to review and trust IronBee hooks`),console.log(`    ${c.pc.yellow("2.")} Restart any open Codex sessions to pick up new hook config`)}uninstall(e){this.cleanupArtifacts(e),(0,s.existsSync)((0,n.codexHooksJsonPath)(e))||this.removeFeaturesHooksFlag(e),(0,N.pruneEmptyDirs)((0,m.join)(e,".codex"));const o=(0,B.codexThreadMapPath)(e);if((0,s.existsSync)(o))try{(0,s.unlinkSync)(o)}catch(r){p.logger.debug(`failed to remove codex thread map: ${r}`)}console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} removed hooks, MCP entries, AGENTS.md block, and skills`)}removeFeaturesHooksFlag(e){const o=(0,n.codexConfigTomlPath)(e);if((0,s.existsSync)(o))try{const r=(0,s.readFileSync)(o,"utf-8");let i=(0,n.removeFeaturesHooks)(r);i=(0,n.removeSandboxWritableRoot)(i,O),i.trim().length===0?(0,s.unlinkSync)(o):i!==r&&(0,s.writeFileSync)(o,i)}catch(r){p.logger.debug(`failed to strip [features] hooks from config.toml: ${r}`)}}cleanupArtifacts(e){this.migrateAwayFromUserLevel();const o=(0,n.codexHooksJsonPath)(e);this.removeIronBeeHooks(o),this.maybeDeleteEmptyHooks(o),this.removeIronBeeMcpServers(e),this.removeVerifierAgentToml(e),this.removeScenarioAgentToml(e);const r=(0,m.join)(e,"AGENTS.md");if((0,s.existsSync)(r))try{const t=(0,s.readFileSync)(r,"utf-8"),a=(0,n.stripAgentsMdBlock)(t);a===null?(0,s.unlinkSync)(r):a!==t&&(0,s.writeFileSync)(r,a)}catch(t){p.logger.debug(`failed to strip AGENTS.md block: ${t}`)}const i=(0,m.join)(e,".agents","skills");this.removeDir((0,m.join)(i,"ironbee-verification")),this.removeDir((0,m.join)(i,"ironbee-verify"));for(const t of F)this.removeDir((0,m.join)(i,t));this.removeDir((0,m.join)(i,"ironbee-run-scenario")),(0,N.pruneEmptyDirs)((0,m.join)(e,".agents"))}async runVerifyGate(e){await(0,Y.run)(e)}async runActivityEnd(e){await(0,z.run)(e)}async runSessionStart(e){await(0,Q.run)(e)}async runActivityStart(e){await(0,Z.run)(e)}async runRequireVerification(e,o){await(0,j.run)(e,o)}async runRequireVerdict(e,o){await(0,ee.run)(e,o)}async runClearVerdict(e){await(0,oe.run)(e)}async runTrackAction(e){await(0,ne.run)(e)}async runTrackActionMonitor(e){await(0,te.run)(e)}async runTrackActionPre(e){await(0,ie.run)(e)}async runSubagentStart(e){await(0,re.run)(e)}async runSubagentStop(e){await(0,se.run)(e)}resolveAgentSessionId(e,o){const r=process.env.CODEX_THREAD_ID;if(typeof r=="string"&&r.length>0&&o)return(0,B.lookupThreadSession)(o,r)}async runSessionEnd(e){p.logger.debug("session-end: no-op on Codex (no SessionEnd hook event)")}mergeHooksConfig(e,o,r){const i=o!=="monitor",t=o==="assist"?" --soft":"";(0,s.mkdirSync)((0,m.dirname)(e),{recursive:!0});let a={hooks:{}};if((0,s.existsSync)(e))try{a=JSON.parse((0,s.readFileSync)(e,"utf-8")),a.hooks||(a.hooks={})}catch(v){p.logger.debug(`failed to parse ${e}: ${v}`),a={hooks:{}}}for(const v of Object.keys(a.hooks)){const d=a.hooks[v].filter(b=>!K(b));d.length===0?delete a.hooks[v]:a.hooks[v]=d}const g=S((v,d,b)=>{a.hooks[v]||(a.hooks[v]=[]),a.hooks[v].push({matcher:d,hooks:[{type:"command",command:b}]})},"addGroup");g("SessionStart",".*","ironbee hook session-start --client codex"),g("UserPromptSubmit",".*","ironbee hook activity-start --client codex"),g("PreToolUse",".*","ironbee hook track-action-pre --client codex"),i&&(g("PreToolUse","^mcp__(browser|node|backend|android|terminal)[-_]devtools__.*",`ironbee hook require-verification --client codex${t}`),g("PreToolUse","^apply_patch$",`ironbee hook require-verdict --client codex${t}`),g("PostToolUse","^apply_patch$","ironbee hook clear-verdict --client codex"),r==="sub-agent"&&g("SubagentStart",".*","ironbee hook subagent-start --client codex")),g("SubagentStop",".*","ironbee hook subagent-stop --client codex"),g("PostToolUse",".*",i?"ironbee hook track-action --client codex":"ironbee hook track-action-monitor --client codex"),g("Stop",".*",o==="enforce"?"ironbee hook verify-gate --client codex":"ironbee hook activity-end --client codex"),(0,s.writeFileSync)(e,JSON.stringify(a,null,2))}removeIronBeeHooks(e){if((0,s.existsSync)(e))try{const o=(0,s.readFileSync)(e,"utf-8"),r=JSON.parse(o);if(!r.hooks)return;let i=!1;for(const t of Object.keys(r.hooks)){const a=r.hooks[t].filter(g=>!K(g));a.length!==r.hooks[t].length&&(i=!0),a.length===0?delete r.hooks[t]:r.hooks[t]=a}i&&(0,s.writeFileSync)(e,JSON.stringify(r,null,2))}catch(o){p.logger.debug(`failed to strip IronBee hooks from ${e}: ${o}`)}}maybeDeleteEmptyHooks(e){if((0,s.existsSync)(e))try{const o=JSON.parse((0,s.readFileSync)(e,"utf-8"));ve(o)&&(0,s.unlinkSync)(e)}catch(o){p.logger.debug(`failed to inspect ${e} for emptiness: ${o}`)}}mergeConfigToml(e,o,r,i){(0,s.mkdirSync)((0,m.join)(e,".codex"),{recursive:!0});let t=(0,n.readCodexConfigToml)(e);if(t=(0,n.ensureFeaturesHooksTrue)(t),t=r&&(0,X.resolveRuntimeLocation)(e)==="external"?(0,n.ensureSandboxWritableRoot)(t,O):(0,n.removeSandboxWritableRoot)(t,O),t=(0,n.removeMcpServer)(t,w),t=(0,n.removeMcpServer)(t,A),t=(0,n.removeMcpServer)(t,_),t=(0,n.removeMcpServer)(t,I),t=(0,n.removeMcpServer)(t,R),r&&i==="main-agent"){t=this.upsertSessionMcpServers(t,e,o),t=(0,n.removeAgentsTable)(t,$),t=(0,n.removeAgentsTable)(t,x),t=(0,n.removeMultiAgentV2SpawnMetadata)(t),this.removeVerifierAgentToml(e),this.removeScenarioAgentToml(e),(0,n.writeCodexConfigToml)(e,t);return}if(r){const g=(0,l.getVerificationModel)(o,"codex"),h=(0,s.existsSync)((0,n.userCodexConfigTomlPath)())?(0,s.readFileSync)((0,n.userCodexConfigTomlPath)(),"utf-8"):"",u=(0,n.extractTomlTopLevelModel)(t)===null&&(0,n.extractTomlTopLevelModel)(h)===null;g===void 0&&u&&console.log(`  ${c.pc.dim("\u2192")} ${k("[codex]")} ${c.pc.yellow("\u26A0 no model for the verifier")} \u2014 the ${c.pc.bold("ironbee-verifier")} sub-agent inherits the session model, but neither this project's .codex/config.toml nor ~/.codex/config.toml has a top-level ${c.pc.bold("model")}, so it may fail to spawn ("could not resolve the child model"). Fix: set ${c.pc.bold("model")} in ~/.codex/config.toml, or set ${c.pc.bold("verification.model")} in your ironbee config.`),this.writeVerifierAgentToml(e,o,g),t=(0,n.upsertAgentsTable)(t,$,[`description = ${JSON.stringify(J)}`,`config_file = ${JSON.stringify(`agents/${$}.toml`)}`]),t=(0,n.ensureMultiAgentV2SpawnMetadataExposed)(t),this.writeScenarioAgentToml(e,o,g),t=(0,n.upsertAgentsTable)(t,x,[`description = ${JSON.stringify(G)}`,`config_file = ${JSON.stringify(`agents/${x}.toml`)}`])}else t=(0,n.removeAgentsTable)(t,$),t=(0,n.removeAgentsTable)(t,x),t=(0,n.removeMultiAgentV2SpawnMetadata)(t),this.removeVerifierAgentToml(e),this.removeScenarioAgentToml(e);(0,n.writeCodexConfigToml)(e,t)}writeVerifierAgentToml(e,o,r){this.writeCustomAgentToml(e,o,r,$,J,"skill","read-only")}writeScenarioAgentToml(e,o,r){this.writeCustomAgentToml(e,o,r,x,G,"scenario","read-only")}writeCustomAgentToml(e,o,r,i,t,a,g){const h=(0,m.join)(__dirname,"agents",`${i}.md`);let u;try{u=(0,s.readFileSync)(h,"utf-8")}catch(y){p.logger.debug(`failed to read agent source ${h}: ${y}`);return}const v=H("codex");for(const y of l.ALL_CYCLES){const E=(0,l.isCycleEnabled)(o,y)?ae=>{const V=(0,m.join)(v,(0,C.fragmentFilename)(a,y,ae));return(0,s.existsSync)(V)?(0,s.readFileSync)(V,"utf-8").trimEnd():null}:null;u=(0,C.applyPlatformSection)(u,y,E,`${i}.toml`)}const d=[];d.push(`name = ${JSON.stringify(i)}`),d.push(`description = ${JSON.stringify(t)}`),d.push(`sandbox_mode = ${JSON.stringify(g)}`),r&&d.push(`model = ${JSON.stringify(r)}`),d.push("developer_instructions = '''"),d.push(u.replace(/'''/g,"```").trimEnd()),d.push("'''");const b=S((y,T,E)=>{y&&(d.push(""),d.push(`[mcp_servers.${T}]`),d.push(...U(E)),d.push(`startup_timeout_sec = ${L}`),d.push("required = true"),d.push('default_tools_approval_mode = "approve"'))},"addCycle");b((0,l.isCycleEnabled)(o,"browser"),w,(0,l.getMcpServerEntry)(e)),b((0,l.isCycleEnabled)(o,"node"),A,(0,l.getNodeDevToolsMcpEntry)(e)),b((0,l.isCycleEnabled)(o,"backend"),_,(0,l.getBackendDevToolsMcpEntry)(e)),b((0,l.isCycleEnabled)(o,"android"),I,(0,l.getAndroidDevToolsMcpEntry)(e)),b((0,l.isCycleEnabled)(o,"terminal"),R,(0,l.getTerminalDevToolsMcpEntry)(e));const M=(0,n.codexAgentTomlPath)(e,i);(0,s.mkdirSync)((0,m.dirname)(M),{recursive:!0}),(0,s.writeFileSync)(M,d.join(`
 `)+`
-`)}upsertSessionMcpServers(e,o,r){let i=e;const t=S((a,g,h)=>{if(!a)return;const u=[...U(h),`startup_timeout_sec = ${L}`,'default_tools_approval_mode = "approve"'];i=(0,n.upsertMcpServer)(i,g,u)},"addCycle");return t((0,l.isCycleEnabled)(r,"browser"),w,(0,l.getMcpServerEntry)(o)),t((0,l.isCycleEnabled)(r,"node"),A,(0,l.getNodeDevToolsMcpEntry)(o)),t((0,l.isCycleEnabled)(r,"backend"),_,(0,l.getBackendDevToolsMcpEntry)(o)),t((0,l.isCycleEnabled)(r,"android"),I,(0,l.getAndroidDevToolsMcpEntry)(o)),t((0,l.isCycleEnabled)(r,"terminal"),R,(0,l.getTerminalDevToolsMcpEntry)(o)),i}removeVerifierAgentToml(e){const o=(0,n.codexAgentTomlPath)(e,$);if((0,s.existsSync)(o))try{(0,s.unlinkSync)(o)}catch(r){b.logger.debug(`failed to remove verifier agent toml: ${r}`)}}removeScenarioAgentToml(e){const o=(0,n.codexAgentTomlPath)(e,x);if((0,s.existsSync)(o))try{(0,s.unlinkSync)(o)}catch(r){b.logger.debug(`failed to remove scenario agent toml: ${r}`)}}removeIronBeeMcpServers(e){let o=(0,n.readCodexConfigToml)(e);o&&(o=(0,n.removeMcpServer)(o,w),o=(0,n.removeMcpServer)(o,A),o=(0,n.removeMcpServer)(o,_),o=(0,n.removeMcpServer)(o,I),o=(0,n.removeMcpServer)(o,R),o=(0,n.removeAgentsTable)(o,$),o=(0,n.removeAgentsTable)(o,x),o=(0,n.removeMultiAgentV2SpawnMetadata)(o),(0,n.writeCodexConfigToml)(e,o))}migrateAwayFromUserLevel(){const e=(0,n.userCodexHooksJsonPath)();this.removeIronBeeHooks(e),this.maybeDeleteEmptyHooks(e);const o=(0,n.userCodexConfigTomlPath)();if((0,s.existsSync)(o))try{let i=(0,s.readFileSync)(o,"utf-8");const t=i;i=(0,n.removeMcpServer)(i,w),i=(0,n.removeMcpServer)(i,A),i=(0,n.removeMcpServer)(i,_),i=(0,n.removeMcpServer)(i,I),i=(0,n.removeMcpServer)(i,R),i=(0,n.removeAgentsTable)(i,$),i=(0,n.removeMultiAgentV2SpawnMetadata)(i),i!==t&&(0,s.writeFileSync)(o,i)}catch(i){b.logger.debug(`migrate: failed to clean user-level config.toml: ${i}`)}const r=(0,n.userCodexAgentTomlPath)($);if((0,s.existsSync)(r))try{(0,s.unlinkSync)(r)}catch(i){b.logger.debug(`migrate: failed to remove user-level verifier toml: ${i}`)}}writeAgentsMdBlock(e,o,r){const i=(0,m.join)(e,"AGENTS.md"),t=r==="main-agent"?"ironbee-verification.main.md":"ironbee-verification.md",a=(0,m.join)(__dirname,"rules",t);let g;try{g=(0,s.readFileSync)(a,"utf-8")}catch(d){b.logger.debug(`failed to read rule source ${a}: ${d}`);return}const h=H("codex");for(const d of l.ALL_CYCLES){const M=(0,l.isCycleEnabled)(o,d)?k=>{const T=(0,m.join)(h,(0,C.fragmentFilename)("rule",d,k));if(!(0,s.existsSync)(T)){const E=k.length>0?`${d}:${k}`:d;return b.logger.debug(`AGENTS.md platform-section ${E}: missing fragment ${T}, using placeholder`),null}return(0,s.readFileSync)(T,"utf-8").trimEnd()}:null;g=(0,C.applyPlatformSection)(g,d,M,"AGENTS.md")}const u=(0,s.existsSync)(i)?(0,s.readFileSync)(i,"utf-8"):"",v=(0,n.upsertAgentsMdBlock)(u,g);(0,s.writeFileSync)(i,v)}writeSkills(e,o,r,i){const t=(0,m.join)(e,".agents","skills"),a=i==="main-agent";if(o){const u=(0,m.join)(t,"ironbee-verification");(0,s.mkdirSync)(u,{recursive:!0});const v=(0,m.join)(__dirname,"skills",a?"ironbee-verification.main.md":"ironbee-verification.md");try{let d=(0,s.readFileSync)(v,"utf-8");a&&(d=this.spliceCycleFragments(d,"skill",r,"ironbee-verification/SKILL.md")),(0,s.writeFileSync)((0,m.join)(u,"SKILL.md"),d)}catch(d){b.logger.debug(`failed to copy skill ${v}: ${d}`)}}const g=(0,m.join)(t,"ironbee-verify");(0,s.mkdirSync)(g,{recursive:!0});const h=(0,m.join)(__dirname,"commands","ironbee-verify",a?"SKILL.main.md":"SKILL.md");try{let u=(0,s.readFileSync)(h,"utf-8");a&&(u=this.spliceCycleFragments(u,"command-verify",r,"ironbee-verify/SKILL.md")),(0,s.writeFileSync)((0,m.join)(g,"SKILL.md"),u)}catch(u){b.logger.debug(`failed to copy verify command ${h}: ${u}`)}for(const u of F){const v=(0,m.join)(t,u);(0,s.mkdirSync)(v,{recursive:!0});const d=(0,m.join)(__dirname,"commands",u,a?"SKILL.main.md":"SKILL.md");try{let p=(0,s.readFileSync)(d,"utf-8");a&&(p=this.spliceCycleFragments(p,"scenario",r,`${u}/SKILL.md`)),(0,s.writeFileSync)((0,m.join)(v,"SKILL.md"),p)}catch(p){b.logger.debug(`failed to copy scenario command ${d}: ${p}`)}}}spliceCycleFragments(e,o,r,i){const t=H("codex");let a=e;for(const g of l.ALL_CYCLES){const u=(0,l.isCycleEnabled)(r,g)?v=>{const d=(0,m.join)(t,(0,C.fragmentFilename)(o,g,v));return(0,s.existsSync)(d)?(0,s.readFileSync)(d,"utf-8").trimEnd():null}:null;a=(0,C.applyPlatformSection)(a,g,u,i)}return a}removeDir(e){if((0,s.existsSync)(e))try{(0,s.rmSync)(e,{recursive:!0,force:!0})}catch(o){b.logger.debug(`failed to remove ${e}: ${o}`)}}}function U(f){return(0,n.tomlBodyFromRecord)(f)}S(U,"mcpEntryToTomlBody");0&&(module.exports={CodexClient});
+`)}upsertSessionMcpServers(e,o,r){let i=e;const t=S((a,g,h)=>{if(!a)return;const u=[...U(h),`startup_timeout_sec = ${L}`,'default_tools_approval_mode = "approve"'];i=(0,n.upsertMcpServer)(i,g,u)},"addCycle");return t((0,l.isCycleEnabled)(r,"browser"),w,(0,l.getMcpServerEntry)(o)),t((0,l.isCycleEnabled)(r,"node"),A,(0,l.getNodeDevToolsMcpEntry)(o)),t((0,l.isCycleEnabled)(r,"backend"),_,(0,l.getBackendDevToolsMcpEntry)(o)),t((0,l.isCycleEnabled)(r,"android"),I,(0,l.getAndroidDevToolsMcpEntry)(o)),t((0,l.isCycleEnabled)(r,"terminal"),R,(0,l.getTerminalDevToolsMcpEntry)(o)),i}removeVerifierAgentToml(e){const o=(0,n.codexAgentTomlPath)(e,$);if((0,s.existsSync)(o))try{(0,s.unlinkSync)(o)}catch(r){p.logger.debug(`failed to remove verifier agent toml: ${r}`)}}removeScenarioAgentToml(e){const o=(0,n.codexAgentTomlPath)(e,x);if((0,s.existsSync)(o))try{(0,s.unlinkSync)(o)}catch(r){p.logger.debug(`failed to remove scenario agent toml: ${r}`)}}removeIronBeeMcpServers(e){let o=(0,n.readCodexConfigToml)(e);o&&(o=(0,n.removeMcpServer)(o,w),o=(0,n.removeMcpServer)(o,A),o=(0,n.removeMcpServer)(o,_),o=(0,n.removeMcpServer)(o,I),o=(0,n.removeMcpServer)(o,R),o=(0,n.removeAgentsTable)(o,$),o=(0,n.removeAgentsTable)(o,x),o=(0,n.removeMultiAgentV2SpawnMetadata)(o),(0,n.writeCodexConfigToml)(e,o))}migrateAwayFromUserLevel(){const e=(0,n.userCodexHooksJsonPath)();this.removeIronBeeHooks(e),this.maybeDeleteEmptyHooks(e);const o=(0,n.userCodexConfigTomlPath)();if((0,s.existsSync)(o))try{let i=(0,s.readFileSync)(o,"utf-8");const t=i;i=(0,n.removeMcpServer)(i,w),i=(0,n.removeMcpServer)(i,A),i=(0,n.removeMcpServer)(i,_),i=(0,n.removeMcpServer)(i,I),i=(0,n.removeMcpServer)(i,R),i=(0,n.removeAgentsTable)(i,$),i=(0,n.removeMultiAgentV2SpawnMetadata)(i),i!==t&&(0,s.writeFileSync)(o,i)}catch(i){p.logger.debug(`migrate: failed to clean user-level config.toml: ${i}`)}const r=(0,n.userCodexAgentTomlPath)($);if((0,s.existsSync)(r))try{(0,s.unlinkSync)(r)}catch(i){p.logger.debug(`migrate: failed to remove user-level verifier toml: ${i}`)}}writeAgentsMdBlock(e,o,r){const i=(0,m.join)(e,"AGENTS.md"),t=r==="main-agent"?"ironbee-verification.main.md":"ironbee-verification.md",a=(0,m.join)(__dirname,"rules",t);let g;try{g=(0,s.readFileSync)(a,"utf-8")}catch(d){p.logger.debug(`failed to read rule source ${a}: ${d}`);return}const h=H("codex");for(const d of l.ALL_CYCLES){const M=(0,l.isCycleEnabled)(o,d)?y=>{const T=(0,m.join)(h,(0,C.fragmentFilename)("rule",d,y));if(!(0,s.existsSync)(T)){const E=y.length>0?`${d}:${y}`:d;return p.logger.debug(`AGENTS.md platform-section ${E}: missing fragment ${T}, using placeholder`),null}return(0,s.readFileSync)(T,"utf-8").trimEnd()}:null;g=(0,C.applyPlatformSection)(g,d,M,"AGENTS.md")}const u=(0,s.existsSync)(i)?(0,s.readFileSync)(i,"utf-8"):"",v=(0,n.upsertAgentsMdBlock)(u,g);(0,s.writeFileSync)(i,v)}writeSkills(e,o,r,i){const t=(0,m.join)(e,".agents","skills"),a=i==="main-agent";if(o){const u=(0,m.join)(t,"ironbee-verification");(0,s.mkdirSync)(u,{recursive:!0});const v=(0,m.join)(__dirname,"skills",a?"ironbee-verification.main.md":"ironbee-verification.md");try{let d=(0,s.readFileSync)(v,"utf-8");a&&(d=this.spliceCycleFragments(d,"skill",r,"ironbee-verification/SKILL.md")),(0,s.writeFileSync)((0,m.join)(u,"SKILL.md"),d)}catch(d){p.logger.debug(`failed to copy skill ${v}: ${d}`)}}const g=(0,m.join)(t,"ironbee-verify");(0,s.mkdirSync)(g,{recursive:!0});const h=(0,m.join)(__dirname,"commands","ironbee-verify",a?"SKILL.main.md":"SKILL.md");try{let u=(0,s.readFileSync)(h,"utf-8");a&&(u=this.spliceCycleFragments(u,"command-verify",r,"ironbee-verify/SKILL.md")),(0,s.writeFileSync)((0,m.join)(g,"SKILL.md"),u)}catch(u){p.logger.debug(`failed to copy verify command ${h}: ${u}`)}for(const u of F){const v=(0,m.join)(t,u);(0,s.mkdirSync)(v,{recursive:!0});const d=(0,m.join)(__dirname,"commands",u,a?"SKILL.main.md":"SKILL.md");try{let b=(0,s.readFileSync)(d,"utf-8");a&&(b=this.spliceCycleFragments(b,"scenario",r,`${u}/SKILL.md`)),(0,s.writeFileSync)((0,m.join)(v,"SKILL.md"),b)}catch(b){p.logger.debug(`failed to copy scenario command ${d}: ${b}`)}}}spliceCycleFragments(e,o,r,i){const t=H("codex");let a=e;for(const g of l.ALL_CYCLES){const u=(0,l.isCycleEnabled)(r,g)?v=>{const d=(0,m.join)(t,(0,C.fragmentFilename)(o,g,v));return(0,s.existsSync)(d)?(0,s.readFileSync)(d,"utf-8").trimEnd():null}:null;a=(0,C.applyPlatformSection)(a,g,u,i)}return a}removeDir(e){if((0,s.existsSync)(e))try{(0,s.rmSync)(e,{recursive:!0,force:!0})}catch(o){p.logger.debug(`failed to remove ${e}: ${o}`)}}}function U(f){return(0,n.tomlBodyFromRecord)(f)}S(U,"mcpEntryToTomlBody");0&&(module.exports={CodexClient});

package/dist/clients/codex/skills/ironbee-verification.main.md

@@ -42,6 +42,17 @@ the per-cycle flow.
    tools in separate lanes**, so a same-message ordering of this shell command before a devtools
    call is NOT guaranteed — a devtools call that lands first is blocked. Once the cycle is open,
    independent MCP calls can ride one message.
+2.5. **Run the project checks FIRST (lint/test/…)** — the deterministic first step of verification:
+   ```
+   echo '{"session_id":"<your-session-id>"}' | ironbee hook run-checks
+   ```
+   Use a generous shell timeout (they may take minutes). Runs the configured `verification.checks`
+   and records the results the gate reads. 🛑 **IF ANY REQUIRED CHECK FAILS, THE VERIFICATION HAS
+   ALREADY FAILED — STOP.** It is **NOT your call** whether the failure is "just a fixture",
+   "unrelated", or "pre-existing" — a required non-zero exit **IS** a failure. Do **NOT** touch the
+   devtools tools, do **NOT** submit a pass; submit a **fail** verdict whose `issues` are the
+   failing checks (the gate enforces the fix). Only when **every** required check PASSES do you
+   continue. ("no checks configured" → continue.)
 3. Build and start the application **only if it isn't already running** (check `docker compose ps`
    / process output / config — don't guess ports). Track whether YOU started it.
 4. **Run the per-cycle flows for every active cycle** (see the platform sections below). All