@jaguilar87/gaia-ops 5.0.0-beta.3 → 5.0.0-beta.4

package/.claude-plugin/marketplace.json

@@ -8,7 +8,7 @@
     {
       "name": "gaia-security",
       "description": "Keeps you in the loop only when it matters. Gaia Security analyzes every command and classifies it into risk tiers: read-only queries run freely, simulations and validations pass through, and state-changing operations (create, delete, apply, push) pause for your explicit approval before executing. Irreversible commands like dropping databases or deleting cloud infrastructure are permanently blocked.",
-      "version": "5.0.0-beta.3",
+      "version": "5.0.0-beta.4",
       "source": "./dist/gaia-security"
     }
   ]

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "gaia-ops",
-  "version": "5.0.0-beta.3",
+  "version": "5.0.0-beta.4",
   "description": "Security-first orchestrator with specialized agents, hooks, and governance for AI coding",
   "author": {
     "name": "jaguilar87"

package/bin/gaia-doctor.js

@@ -18,6 +18,7 @@ import fs from 'fs/promises';
 import { existsSync } from 'fs';
 import { exec } from 'child_process';
 import { promisify } from 'util';
+import { findPython } from './python-detect.js';
 import chalk from 'chalk';
 import yargs from 'yargs';
 import { hideBin } from 'yargs/helpers';
@@ -200,8 +201,13 @@ async function checkProjectContext() {
 }
 
 async function checkPython() {
+  const pyCmd = findPython();
+  if (!pyCmd) {
+    return { name: 'Python', ok: false, detail: 'Not found', fix: 'Install Python 3.9+' };
+  }
+
   try {
-    const { stdout } = await execAsync('python3 --version');
+    const { stdout } = await execAsync(`${pyCmd} --version`);
     const version = stdout.trim();
     const match = version.match(/(\d+)\.(\d+)/);
 

package/bin/gaia-review.js

@@ -18,6 +18,7 @@
 import { execSync } from 'child_process';
 import { existsSync } from 'fs';
 import { join } from 'path';
+import { findPython } from './python-detect.js';
 import chalk from 'chalk';
 import yargs from 'yargs';
 import { hideBin } from 'yargs/helpers';
@@ -49,7 +50,8 @@ function callReviewEngine(action, opts = {}) {
     process.exit(1);
   }
 
-  let cmd = `python3 "${enginePath}" ${action}`;
+  const pyCmd = findPython() || 'python3';
+  let cmd = `${pyCmd} "${enginePath}" ${action}`;
   if (opts.updateId) cmd += ` --update-id "${opts.updateId}"`;
   if (opts.contextPath) cmd += ` --context-path "${opts.contextPath}"`;
   cmd += ' --json';

package/bin/gaia-scan

@@ -12,6 +12,7 @@
 import { execFileSync } from 'child_process';
 import { fileURLToPath } from 'url';
 import { dirname, join } from 'path';
+import { requirePython } from './python-detect.js';
 
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = dirname(__filename);
@@ -28,11 +29,16 @@ const pythonPath = process.env.PYTHONPATH
   : pluginRoot;
 
 try {
-  execFileSync('python3', [scanScript, ...args], {
+  const pyCmd = requirePython();
+  execFileSync(pyCmd, [scanScript, ...args], {
     stdio: 'inherit',
     env: { ...process.env, PYTHONPATH: pythonPath },
   });
 } catch (error) {
+  if (error.message && error.message.includes('Python 3 not found')) {
+    console.error(error.message);
+    process.exit(1);
+  }
   // execFileSync throws on non-zero exit; propagate the exit code
   process.exit(error.status || 1);
 }

package/bin/gaia-skills-diagnose.js

@@ -18,6 +18,7 @@
 
 import fs from "fs";
 import path from "path";
+import { findPython } from "./python-detect.js";
 import { spawnSync } from "child_process";
 import { fileURLToPath } from "url";
 import chalk from "chalk";
@@ -728,7 +729,8 @@ function runTestProbe(ctx, findings, checks) {
     "Phase1SkillsInjection or load_skills",
   ];
 
-  const res = spawnSync("python3", args, {
+  const pyCmd = findPython() || "python3";
+  const res = spawnSync(pyCmd, args, {
     cwd: ctx.packageRoot,
     encoding: "utf-8",
   });
@@ -741,7 +743,7 @@ function runTestProbe(ctx, findings, checks) {
       code: "PYTEST_PROBE_EXEC_FAILED",
       title: "Unable to execute pytest probe",
       detail: res.error.message,
-      evidence: `python3 ${args.join(" ")}`,
+      evidence: `${pyCmd} ${args.join(" ")}`,
       remediation: "Install pytest and Python dependencies to run the probe.",
     });
     checks.push({ name: "test-probe", ok: false, detail: "execution failed" });

package/bin/gaia-update.js

@@ -37,6 +37,7 @@ import { exec } from 'child_process';
 import { promisify } from 'util';
 import chalk from 'chalk';
 import ora from 'ora';
+import { findPython } from './python-detect.js';
 
 const execAsync = promisify(exec);
 const __filename = fileURLToPath(import.meta.url);
@@ -126,8 +127,9 @@ async function updateLocalPermissions() {
     let gaiaPerms;
     try {
       const setupPath = join(__dirname, '..', 'hooks', 'modules', 'core', 'plugin_setup.py');
+      const pythonCmd = findPython() || 'python3';
       const { stdout } = await execAsync(
-        `python3 -c "
+        `${pythonCmd} -c "
 import ast, json, re
 
 source = open('${setupPath.replace(/'/g, "\\'")}').read()
@@ -453,13 +455,16 @@ async function runVerification() {
     }
   }
 
-  // 2. Python available
-  try {
-    const { stdout } = await execAsync('python3 --version', { timeout: 5000 });
-    checks.push({ name: 'python3', ok: true, detail: stdout.trim() });
-  } catch {
-    checks.push({ name: 'python3', ok: false });
-    issues.push('Python 3 not found (required for hooks)');
+  // 2. Python available (try python3 first, fall back to python on Windows)
+  {
+    const pyCmd = findPython();
+    if (pyCmd) {
+      const { stdout } = await execAsync(`${pyCmd} --version`, { timeout: 5000 });
+      checks.push({ name: 'python3', ok: true, detail: stdout.trim() });
+    } else {
+      checks.push({ name: 'python3', ok: false });
+      issues.push('Python 3 not found (required for hooks)');
+    }
   }
 
   // 3. project-context.json exists and is valid
@@ -540,12 +545,12 @@ async function runFreshInstall() {
 
   console.log(chalk.cyan(`\n  gaia-ops ${chalk.green(current)} — fresh install\n`));
 
-  // 1. Check Python 3 is available
+  // 1. Check Python 3 is available (try python3, then python)
   const spinner = ora('Checking Python 3...').start();
-  try {
-    await execAsync('python3 --version', { timeout: 5000 });
-    spinner.succeed('Python 3 found');
-  } catch {
+  const pyCmd = findPython();
+  if (pyCmd) {
+    spinner.succeed(`Python 3 found (${pyCmd})`);
+  } else {
     spinner.warn('Python 3 not found — skipping project setup');
     console.log(chalk.gray('  Install Python 3.9+ and run: npx gaia-scan\n'));
     return;
@@ -555,7 +560,7 @@ async function runFreshInstall() {
   const scanSpinner = ora('Running gaia-scan...').start();
   try {
     const { stdout, stderr } = await execAsync(
-      `python3 "${scanScript}" --npm-postinstall --root "${CWD}"`,
+      `${pyCmd} "${scanScript}" --npm-postinstall --root "${CWD}"`,
       { timeout: 60000 }
     );
     scanSpinner.succeed('Project scanned and configured');

package/bin/pre-publish-validate.js

@@ -21,6 +21,7 @@ import path from 'path';
 import { execSync } from 'child_process';
 import chalk from 'chalk';
 import { fileURLToPath } from 'url';
+import { findPython } from './python-detect.js';
 
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
@@ -371,15 +372,17 @@ class PrePublishValidator {
           'tools/context/context_provider.py'
         ];
 
+        const pyCmd = findPython();
+        if (!pyCmd) throw new Error('Python not available');
         pythonFiles.forEach(file => {
           const filePath = path.join(baseDir, file);
           if (fs.existsSync(filePath)) {
-            this.execute(`python3 -m py_compile "${filePath}"`, GAIA_OPS_ROOT, true);
+            this.execute(`${pyCmd} -m py_compile "${filePath}"`, GAIA_OPS_ROOT, true);
             this.log(`  ✓ ${file}`, 'success');
           }
         });
       } catch (error) {
-        this.log(`  ⚠️  Python validation skipped (python3 not available or syntax error)`, 'warning');
+        this.log(`  ⚠️  Python validation skipped (python3/python not available or syntax error)`, 'warning');
       }
 
       // Test 3: Check if bin scripts are executable

package/bin/python-detect.js

@@ -0,0 +1,60 @@
+/**
+ * Cross-platform Python 3 detection.
+ *
+ * On Linux/macOS the binary is typically `python3`.
+ * On Windows it is often just `python` (the Microsoft Store alias
+ * or the official installer both register `python`).
+ *
+ * This module tries each candidate in order and returns the first
+ * one that reports Python 3.x.  The result is cached for the
+ * lifetime of the process so repeated calls are free.
+ */
+
+import { execSync, execFileSync } from 'child_process';
+
+/** @type {string | null | undefined} */
+let _cached;
+
+/**
+ * Detect a working Python 3 command.
+ *
+ * @returns {string | null} The command name ('python3' or 'python'),
+ *   or null if no Python 3 was found.
+ */
+export function findPython() {
+  if (_cached !== undefined) return _cached;
+
+  for (const cmd of ['python3', 'python']) {
+    try {
+      const version = execFileSync(cmd, ['--version'], {
+        encoding: 'utf8',
+        stdio: ['pipe', 'pipe', 'pipe'],
+        timeout: 5000,
+      }).trim();
+      if (version.startsWith('Python 3.')) {
+        _cached = cmd;
+        return _cached;
+      }
+    } catch {
+      // Not found or not Python 3 -- try next candidate
+    }
+  }
+
+  _cached = null;
+  return null;
+}
+
+/**
+ * Return the Python command or throw with a helpful message.
+ *
+ * @returns {string}
+ */
+export function requirePython() {
+  const cmd = findPython();
+  if (!cmd) {
+    throw new Error(
+      'Python 3 not found. Install Python 3.9+ and ensure "python3" or "python" is on PATH.'
+    );
+  }
+  return cmd;
+}

package/dist/gaia-ops/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "gaia-ops",
-  "version": "5.0.0-beta.3",
+  "version": "5.0.0-beta.4",
   "description": "Full DevOps orchestration for Claude Code. Six specialized agents handle the complete development lifecycle \u2014 analysis, planning, execution, and deployment. Gaia-Ops scans your codebase to understand it and injects the right context into each sub-agent. Every command is classified by risk: read-only runs freely, state changes pause for your approval, and irreversible operations are permanently blocked.",
   "author": {
     "name": "jaguilar87"

package/dist/gaia-ops/hooks/modules/context/context_injector.py

@@ -10,7 +10,9 @@ Handles:
 import json
 import logging
 import os
+import shutil
 import subprocess
+import sys
 from datetime import datetime
 from pathlib import Path
 
@@ -22,6 +24,20 @@ from .contracts_loader import build_context_update_reminder
 logger = logging.getLogger(__name__)
 
 
+def _find_python() -> str:
+    """Return the Python 3 command name for this platform.
+
+    Tries ``python3`` first (Linux/macOS), then ``python`` (Windows).
+    Falls back to ``sys.executable`` (the current interpreter) as a
+    last resort -- this always works since hooks are already running
+    under Python.
+    """
+    for cmd in ("python3", "python"):
+        if shutil.which(cmd):
+            return cmd
+    return sys.executable
+
+
 def _prune_empty_values(data: dict) -> dict:
     """Drop keys with empty telemetry values while preserving False/0."""
     pruned = {}
@@ -288,7 +304,7 @@ def build_project_context(
         # Execute context_provider.py to get filtered context
         logger.info(f"Building context for {subagent_type}...")
         result = subprocess.run(
-            ["python3", str(context_provider), subagent_type, prompt],
+            [_find_python(), str(context_provider), subagent_type, prompt],
             capture_output=True,
             text=True,
             timeout=15,

package/dist/gaia-ops/skills/skill-creation/SKILL.md

@@ -60,6 +60,8 @@ The test: for each rule or step you write, ask — if the agent saw enough real
 
 This is why the investigation skill doesn't say "INVESTIGATE FIRST. ALWAYS. NO EXCEPTIONS." It says: *"Every codebase is a record of accumulated decisions... The first 2-3 files you read define whether your solution fits or fights the project."* The agent understands the stakes. The behavior follows.
 
+Every line in a skill competes for weight in the LLM's reasoning. A rule without context carries almost no weight — the model has no reason to prioritize it over competing signals. An explanation with consequences carries enough weight to influence decisions even under pressure. This is why conciseness matters: a verbose skill dilutes its own weight. Every line should earn its place by adding reasoning the model can use.
+
 ### Tone by type
 
 **Discipline** works best when the Iron Law is blunt and a reasoned paragraph follows explaining what breaks when you violate it. Command-execution's mental model ("When you reach for a pipe, you have not looked for the flag yet") does more work than a dozen capitalized warnings because it reframes the decision point itself.

package/dist/gaia-ops/tools/scan/scanners/environment.py

@@ -35,6 +35,12 @@ _RUNTIME_DEFINITIONS: List[Tuple[str, str]] = [
     ("java", "--version"),
 ]
 
+# On Windows, python3 may not exist -- fall back to "python" if it reports 3.x.
+# Maps (fallback_binary, version_flag) -> canonical_name
+_RUNTIME_FALLBACKS: Dict[str, List[Tuple[str, str]]] = {
+    "python3": [("python", "--version")],
+}
+
 # Env file names to check for (presence ONLY -- never read contents)
 _ENV_FILE_NAMES: List[str] = [
     ".env",
@@ -182,14 +188,32 @@ class EnvironmentScanner(BaseScanner):
         """Detect installed language runtimes via --version commands.
 
         Uses shutil.which() to find binaries, then subprocess with 2s timeout
-        to get version strings.
+        to get version strings.  For runtimes with fallbacks (e.g. python3 ->
+        python on Windows), the fallback is tried when the primary is missing
+        and the result is reported under the canonical name.
         """
         runtimes: List[Dict[str, str]] = []
+        detected_canonical: set = set()
 
         for binary_name, version_flag in _RUNTIME_DEFINITIONS:
             try:
                 binary_path = shutil.which(binary_name)
                 if binary_path is None:
+                    # Try fallbacks (e.g. python -> python3 on Windows)
+                    fallbacks = _RUNTIME_FALLBACKS.get(binary_name, [])
+                    for fb_binary, fb_flag in fallbacks:
+                        fb_path = shutil.which(fb_binary)
+                        if fb_path is None:
+                            continue
+                        version = self._get_version(fb_binary, fb_flag, warnings)
+                        if version is not None and version.startswith("3."):
+                            runtimes.append({
+                                "name": binary_name,  # canonical name
+                                "version": version,
+                                "path": fb_path,
+                            })
+                            detected_canonical.add(binary_name)
+                            break
                     continue
 
                 version = self._get_version(binary_name, version_flag, warnings)
@@ -199,6 +223,7 @@ class EnvironmentScanner(BaseScanner):
                         "version": version,
                         "path": binary_path,
                     })
+                    detected_canonical.add(binary_name)
 
             except Exception as exc:
                 warnings.append(f"Runtime detection failed for {binary_name}: {exc}")

package/dist/gaia-ops/tools/scan/verify.py

@@ -159,23 +159,27 @@ def check_project_context(project_root: Path) -> CheckResult:
 
 
 def check_python() -> CheckResult:
-    """Verify that python3 is available.
+    """Verify that python3 (or python on Windows) is available.
+
+    Tries ``python3`` first, then ``python`` for Windows compatibility.
 
     Returns:
         CheckResult with Python version.
     """
-    try:
-        result = subprocess.run(
-            ["python3", "--version"],
-            capture_output=True,
-            text=True,
-            timeout=5,
-        )
-        if result.returncode == 0:
-            version = result.stdout.strip()
-            return CheckResult(name="Python", ok=True, detail=version)
-    except (subprocess.TimeoutExpired, FileNotFoundError, OSError):
-        pass
+    for cmd in ("python3", "python"):
+        try:
+            result = subprocess.run(
+                [cmd, "--version"],
+                capture_output=True,
+                text=True,
+                timeout=5,
+            )
+            if result.returncode == 0:
+                version = result.stdout.strip()
+                if version.startswith("Python 3."):
+                    return CheckResult(name="Python", ok=True, detail=version)
+        except (subprocess.TimeoutExpired, FileNotFoundError, OSError):
+            pass
 
     return CheckResult(
         name="Python",

package/dist/gaia-security/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "gaia-security",
-  "version": "5.0.0-beta.3",
+  "version": "5.0.0-beta.4",
   "description": "Keeps you in the loop only when it matters. Gaia Security analyzes every command and classifies it into risk tiers: read-only queries run freely, simulations and validations pass through, and state-changing operations (create, delete, apply, push) pause for your explicit approval before executing. Irreversible commands like dropping databases or deleting cloud infrastructure are permanently blocked.",
   "author": {
     "name": "jaguilar87"

package/dist/gaia-security/hooks/modules/context/context_injector.py

@@ -10,7 +10,9 @@ Handles:
 import json
 import logging
 import os
+import shutil
 import subprocess
+import sys
 from datetime import datetime
 from pathlib import Path
 
@@ -22,6 +24,20 @@ from .contracts_loader import build_context_update_reminder
 logger = logging.getLogger(__name__)
 
 
+def _find_python() -> str:
+    """Return the Python 3 command name for this platform.
+
+    Tries ``python3`` first (Linux/macOS), then ``python`` (Windows).
+    Falls back to ``sys.executable`` (the current interpreter) as a
+    last resort -- this always works since hooks are already running
+    under Python.
+    """
+    for cmd in ("python3", "python"):
+        if shutil.which(cmd):
+            return cmd
+    return sys.executable
+
+
 def _prune_empty_values(data: dict) -> dict:
     """Drop keys with empty telemetry values while preserving False/0."""
     pruned = {}
@@ -288,7 +304,7 @@ def build_project_context(
         # Execute context_provider.py to get filtered context
         logger.info(f"Building context for {subagent_type}...")
         result = subprocess.run(
-            ["python3", str(context_provider), subagent_type, prompt],
+            [_find_python(), str(context_provider), subagent_type, prompt],
             capture_output=True,
             text=True,
             timeout=15,

package/hooks/modules/context/context_injector.py

@@ -10,7 +10,9 @@ Handles:
 import json
 import logging
 import os
+import shutil
 import subprocess
+import sys
 from datetime import datetime
 from pathlib import Path
 
@@ -22,6 +24,20 @@ from .contracts_loader import build_context_update_reminder
 logger = logging.getLogger(__name__)
 
 
+def _find_python() -> str:
+    """Return the Python 3 command name for this platform.
+
+    Tries ``python3`` first (Linux/macOS), then ``python`` (Windows).
+    Falls back to ``sys.executable`` (the current interpreter) as a
+    last resort -- this always works since hooks are already running
+    under Python.
+    """
+    for cmd in ("python3", "python"):
+        if shutil.which(cmd):
+            return cmd
+    return sys.executable
+
+
 def _prune_empty_values(data: dict) -> dict:
     """Drop keys with empty telemetry values while preserving False/0."""
     pruned = {}
@@ -288,7 +304,7 @@ def build_project_context(
         # Execute context_provider.py to get filtered context
         logger.info(f"Building context for {subagent_type}...")
         result = subprocess.run(
-            ["python3", str(context_provider), subagent_type, prompt],
+            [_find_python(), str(context_provider), subagent_type, prompt],
             capture_output=True,
             text=True,
             timeout=15,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jaguilar87/gaia-ops",
-  "version": "5.0.0-beta.3",
+  "version": "5.0.0-beta.4",
   "description": "Multi-agent orchestration system for Claude Code - DevOps automation toolkit",
   "main": "index.js",
   "type": "module",

package/skills/skill-creation/SKILL.md

@@ -60,6 +60,8 @@ The test: for each rule or step you write, ask — if the agent saw enough real
 
 This is why the investigation skill doesn't say "INVESTIGATE FIRST. ALWAYS. NO EXCEPTIONS." It says: *"Every codebase is a record of accumulated decisions... The first 2-3 files you read define whether your solution fits or fights the project."* The agent understands the stakes. The behavior follows.
 
+Every line in a skill competes for weight in the LLM's reasoning. A rule without context carries almost no weight — the model has no reason to prioritize it over competing signals. An explanation with consequences carries enough weight to influence decisions even under pressure. This is why conciseness matters: a verbose skill dilutes its own weight. Every line should earn its place by adding reasoning the model can use.
+
 ### Tone by type
 
 **Discipline** works best when the Iron Law is blunt and a reasoned paragraph follows explaining what breaks when you violate it. Command-execution's mental model ("When you reach for a pipe, you have not looked for the flag yet") does more work than a dozen capitalized warnings because it reframes the decision point itself.

package/tools/scan/scanners/environment.py

@@ -35,6 +35,12 @@ _RUNTIME_DEFINITIONS: List[Tuple[str, str]] = [
     ("java", "--version"),
 ]
 
+# On Windows, python3 may not exist -- fall back to "python" if it reports 3.x.
+# Maps (fallback_binary, version_flag) -> canonical_name
+_RUNTIME_FALLBACKS: Dict[str, List[Tuple[str, str]]] = {
+    "python3": [("python", "--version")],
+}
+
 # Env file names to check for (presence ONLY -- never read contents)
 _ENV_FILE_NAMES: List[str] = [
     ".env",
@@ -182,14 +188,32 @@ class EnvironmentScanner(BaseScanner):
         """Detect installed language runtimes via --version commands.
 
         Uses shutil.which() to find binaries, then subprocess with 2s timeout
-        to get version strings.
+        to get version strings.  For runtimes with fallbacks (e.g. python3 ->
+        python on Windows), the fallback is tried when the primary is missing
+        and the result is reported under the canonical name.
         """
         runtimes: List[Dict[str, str]] = []
+        detected_canonical: set = set()
 
         for binary_name, version_flag in _RUNTIME_DEFINITIONS:
             try:
                 binary_path = shutil.which(binary_name)
                 if binary_path is None:
+                    # Try fallbacks (e.g. python -> python3 on Windows)
+                    fallbacks = _RUNTIME_FALLBACKS.get(binary_name, [])
+                    for fb_binary, fb_flag in fallbacks:
+                        fb_path = shutil.which(fb_binary)
+                        if fb_path is None:
+                            continue
+                        version = self._get_version(fb_binary, fb_flag, warnings)
+                        if version is not None and version.startswith("3."):
+                            runtimes.append({
+                                "name": binary_name,  # canonical name
+                                "version": version,
+                                "path": fb_path,
+                            })
+                            detected_canonical.add(binary_name)
+                            break
                     continue
 
                 version = self._get_version(binary_name, version_flag, warnings)
@@ -199,6 +223,7 @@ class EnvironmentScanner(BaseScanner):
                         "version": version,
                         "path": binary_path,
                     })
+                    detected_canonical.add(binary_name)
 
             except Exception as exc:
                 warnings.append(f"Runtime detection failed for {binary_name}: {exc}")

package/tools/scan/verify.py

@@ -159,23 +159,27 @@ def check_project_context(project_root: Path) -> CheckResult:
 
 
 def check_python() -> CheckResult:
-    """Verify that python3 is available.
+    """Verify that python3 (or python on Windows) is available.
+
+    Tries ``python3`` first, then ``python`` for Windows compatibility.
 
     Returns:
         CheckResult with Python version.
     """
-    try:
-        result = subprocess.run(
-            ["python3", "--version"],
-            capture_output=True,
-            text=True,
-            timeout=5,
-        )
-        if result.returncode == 0:
-            version = result.stdout.strip()
-            return CheckResult(name="Python", ok=True, detail=version)
-    except (subprocess.TimeoutExpired, FileNotFoundError, OSError):
-        pass
+    for cmd in ("python3", "python"):
+        try:
+            result = subprocess.run(
+                [cmd, "--version"],
+                capture_output=True,
+                text=True,
+                timeout=5,
+            )
+            if result.returncode == 0:
+                version = result.stdout.strip()
+                if version.startswith("Python 3."):
+                    return CheckResult(name="Python", ok=True, detail=version)
+        except (subprocess.TimeoutExpired, FileNotFoundError, OSError):
+            pass
 
     return CheckResult(
         name="Python",