@jaguilar87/gaia 5.0.0-rc.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (621) hide show
  1. package/.claude-plugin/marketplace.json +33 -0
  2. package/.claude-plugin/plugin.json +26 -0
  3. package/ARCHITECTURE.md +335 -0
  4. package/CHANGELOG.md +1298 -0
  5. package/CODE_OF_CONDUCT.md +11 -0
  6. package/CONTRIBUTING.md +146 -0
  7. package/INSTALL.md +436 -0
  8. package/LICENSE +21 -0
  9. package/README.md +222 -0
  10. package/SECURITY.md +47 -0
  11. package/agents/README.md +78 -0
  12. package/agents/cloud-troubleshooter.md +73 -0
  13. package/agents/developer.md +65 -0
  14. package/agents/gaia-operator.md +64 -0
  15. package/agents/gaia-orchestrator.md +111 -0
  16. package/agents/gaia-planner.md +53 -0
  17. package/agents/gaia-system.md +71 -0
  18. package/agents/gitops-operator.md +61 -0
  19. package/agents/terraform-architect.md +63 -0
  20. package/bin/README.md +106 -0
  21. package/bin/cli/__init__.py +1 -0
  22. package/bin/cli/approvals.py +740 -0
  23. package/bin/cli/cleanup.py +562 -0
  24. package/bin/cli/context.py +283 -0
  25. package/bin/cli/doctor.py +651 -0
  26. package/bin/cli/history.py +305 -0
  27. package/bin/cli/memory.py +483 -0
  28. package/bin/cli/metrics.py +1068 -0
  29. package/bin/cli/plans.py +515 -0
  30. package/bin/cli/status.py +302 -0
  31. package/bin/cli/update.py +382 -0
  32. package/bin/gaia +112 -0
  33. package/bin/gaia-cleanup.js +531 -0
  34. package/bin/gaia-doctor.js +635 -0
  35. package/bin/gaia-evidence +126 -0
  36. package/bin/gaia-history.js +251 -0
  37. package/bin/gaia-metrics.js +1278 -0
  38. package/bin/gaia-review.js +269 -0
  39. package/bin/gaia-scan +44 -0
  40. package/bin/gaia-scan.py +589 -0
  41. package/bin/gaia-skills-diagnose.js +929 -0
  42. package/bin/gaia-status.js +278 -0
  43. package/bin/gaia-uninstall.js +111 -0
  44. package/bin/gaia-update.js +919 -0
  45. package/bin/pre-publish-validate.js +610 -0
  46. package/bin/python-detect.js +60 -0
  47. package/bin/validate-sandbox.sh +601 -0
  48. package/commands/README.md +64 -0
  49. package/commands/gaia.md +37 -0
  50. package/commands/scan-project.md +67 -0
  51. package/config/README.md +71 -0
  52. package/config/cloud/aws.json +134 -0
  53. package/config/cloud/gcp.json +139 -0
  54. package/config/context-contracts.json +158 -0
  55. package/config/crons-schema.md +81 -0
  56. package/config/git_standards.json +72 -0
  57. package/config/surface-routing.json +417 -0
  58. package/config/universal-rules.json +102 -0
  59. package/dist/gaia-ops/.claude-plugin/plugin.json +24 -0
  60. package/dist/gaia-ops/README.md +80 -0
  61. package/dist/gaia-ops/agents/cloud-troubleshooter.md +73 -0
  62. package/dist/gaia-ops/agents/developer.md +65 -0
  63. package/dist/gaia-ops/agents/gaia-operator.md +64 -0
  64. package/dist/gaia-ops/agents/gaia-orchestrator.md +111 -0
  65. package/dist/gaia-ops/agents/gaia-planner.md +53 -0
  66. package/dist/gaia-ops/agents/gaia-system.md +71 -0
  67. package/dist/gaia-ops/agents/gitops-operator.md +61 -0
  68. package/dist/gaia-ops/agents/terraform-architect.md +63 -0
  69. package/dist/gaia-ops/commands/gaia.md +37 -0
  70. package/dist/gaia-ops/config/README.md +71 -0
  71. package/dist/gaia-ops/config/cloud/aws.json +134 -0
  72. package/dist/gaia-ops/config/cloud/gcp.json +139 -0
  73. package/dist/gaia-ops/config/context-contracts.json +158 -0
  74. package/dist/gaia-ops/config/crons-schema.md +81 -0
  75. package/dist/gaia-ops/config/git_standards.json +72 -0
  76. package/dist/gaia-ops/config/surface-routing.json +417 -0
  77. package/dist/gaia-ops/config/universal-rules.json +102 -0
  78. package/dist/gaia-ops/hooks/adapters/__init__.py +52 -0
  79. package/dist/gaia-ops/hooks/adapters/base.py +219 -0
  80. package/dist/gaia-ops/hooks/adapters/channel.py +17 -0
  81. package/dist/gaia-ops/hooks/adapters/claude_code.py +1890 -0
  82. package/dist/gaia-ops/hooks/adapters/types.py +194 -0
  83. package/dist/gaia-ops/hooks/adapters/utils.py +25 -0
  84. package/dist/gaia-ops/hooks/hooks.json +192 -0
  85. package/dist/gaia-ops/hooks/modules/__init__.py +15 -0
  86. package/dist/gaia-ops/hooks/modules/agents/__init__.py +29 -0
  87. package/dist/gaia-ops/hooks/modules/agents/contract_validator.py +647 -0
  88. package/dist/gaia-ops/hooks/modules/agents/response_contract.py +496 -0
  89. package/dist/gaia-ops/hooks/modules/agents/skill_injection_verifier.py +120 -0
  90. package/dist/gaia-ops/hooks/modules/agents/state_tracker.py +267 -0
  91. package/dist/gaia-ops/hooks/modules/agents/task_info_builder.py +74 -0
  92. package/dist/gaia-ops/hooks/modules/agents/transcript_analyzer.py +458 -0
  93. package/dist/gaia-ops/hooks/modules/agents/transcript_reader.py +152 -0
  94. package/dist/gaia-ops/hooks/modules/audit/__init__.py +28 -0
  95. package/dist/gaia-ops/hooks/modules/audit/event_detector.py +168 -0
  96. package/dist/gaia-ops/hooks/modules/audit/logger.py +131 -0
  97. package/dist/gaia-ops/hooks/modules/audit/metrics.py +134 -0
  98. package/dist/gaia-ops/hooks/modules/audit/workflow_auditor.py +611 -0
  99. package/dist/gaia-ops/hooks/modules/audit/workflow_recorder.py +296 -0
  100. package/dist/gaia-ops/hooks/modules/context/__init__.py +11 -0
  101. package/dist/gaia-ops/hooks/modules/context/agentic_loop_detector.py +165 -0
  102. package/dist/gaia-ops/hooks/modules/context/anchor_tracker.py +317 -0
  103. package/dist/gaia-ops/hooks/modules/context/compact_context_builder.py +218 -0
  104. package/dist/gaia-ops/hooks/modules/context/context_freshness.py +145 -0
  105. package/dist/gaia-ops/hooks/modules/context/context_injector.py +558 -0
  106. package/dist/gaia-ops/hooks/modules/context/context_writer.py +530 -0
  107. package/dist/gaia-ops/hooks/modules/context/contracts_loader.py +161 -0
  108. package/dist/gaia-ops/hooks/modules/core/__init__.py +40 -0
  109. package/dist/gaia-ops/hooks/modules/core/hook_entry.py +78 -0
  110. package/dist/gaia-ops/hooks/modules/core/paths.py +160 -0
  111. package/dist/gaia-ops/hooks/modules/core/plugin_mode.py +149 -0
  112. package/dist/gaia-ops/hooks/modules/core/plugin_setup.py +577 -0
  113. package/dist/gaia-ops/hooks/modules/core/state.py +179 -0
  114. package/dist/gaia-ops/hooks/modules/core/stdin.py +24 -0
  115. package/dist/gaia-ops/hooks/modules/events/__init__.py +1 -0
  116. package/dist/gaia-ops/hooks/modules/events/event_writer.py +210 -0
  117. package/dist/gaia-ops/hooks/modules/memory/__init__.py +8 -0
  118. package/dist/gaia-ops/hooks/modules/memory/episode_writer.py +216 -0
  119. package/dist/gaia-ops/hooks/modules/orchestrator/__init__.py +1 -0
  120. package/dist/gaia-ops/hooks/modules/orchestrator/delegate_mode.py +122 -0
  121. package/dist/gaia-ops/hooks/modules/scanning/__init__.py +8 -0
  122. package/dist/gaia-ops/hooks/modules/scanning/scan_trigger.py +84 -0
  123. package/dist/gaia-ops/hooks/modules/security/__init__.py +120 -0
  124. package/dist/gaia-ops/hooks/modules/security/approval_cleanup.py +87 -0
  125. package/dist/gaia-ops/hooks/modules/security/approval_constants.py +23 -0
  126. package/dist/gaia-ops/hooks/modules/security/approval_grants.py +1638 -0
  127. package/dist/gaia-ops/hooks/modules/security/approval_messages.py +71 -0
  128. package/dist/gaia-ops/hooks/modules/security/approval_scopes.py +222 -0
  129. package/dist/gaia-ops/hooks/modules/security/blocked_commands.py +595 -0
  130. package/dist/gaia-ops/hooks/modules/security/blocked_message_formatter.py +87 -0
  131. package/dist/gaia-ops/hooks/modules/security/command_semantics.py +181 -0
  132. package/dist/gaia-ops/hooks/modules/security/composition_rules.py +547 -0
  133. package/dist/gaia-ops/hooks/modules/security/flag_classifiers.py +873 -0
  134. package/dist/gaia-ops/hooks/modules/security/gitops_validator.py +179 -0
  135. package/dist/gaia-ops/hooks/modules/security/mutative_verbs.py +1131 -0
  136. package/dist/gaia-ops/hooks/modules/security/network_hosts.py +481 -0
  137. package/dist/gaia-ops/hooks/modules/security/prompt_validator.py +40 -0
  138. package/dist/gaia-ops/hooks/modules/security/shell_unwrapper.py +165 -0
  139. package/dist/gaia-ops/hooks/modules/security/tiers.py +196 -0
  140. package/dist/gaia-ops/hooks/modules/session/__init__.py +10 -0
  141. package/dist/gaia-ops/hooks/modules/session/pending_scanner.py +174 -0
  142. package/dist/gaia-ops/hooks/modules/session/session_context_writer.py +100 -0
  143. package/dist/gaia-ops/hooks/modules/session/session_event_injector.py +160 -0
  144. package/dist/gaia-ops/hooks/modules/session/session_manager.py +31 -0
  145. package/dist/gaia-ops/hooks/modules/session/session_registry.py +333 -0
  146. package/dist/gaia-ops/hooks/modules/tools/__init__.py +29 -0
  147. package/dist/gaia-ops/hooks/modules/tools/bash_validator.py +1008 -0
  148. package/dist/gaia-ops/hooks/modules/tools/cloud_pipe_validator.py +231 -0
  149. package/dist/gaia-ops/hooks/modules/tools/hook_response.py +55 -0
  150. package/dist/gaia-ops/hooks/modules/tools/shell_parser.py +227 -0
  151. package/dist/gaia-ops/hooks/modules/tools/stage_decomposer.py +315 -0
  152. package/dist/gaia-ops/hooks/modules/tools/task_validator.py +294 -0
  153. package/dist/gaia-ops/hooks/modules/validation/__init__.py +23 -0
  154. package/dist/gaia-ops/hooks/modules/validation/commit_validator.py +380 -0
  155. package/dist/gaia-ops/hooks/post_compact.py +43 -0
  156. package/dist/gaia-ops/hooks/post_tool_use.py +54 -0
  157. package/dist/gaia-ops/hooks/pre_compact.py +60 -0
  158. package/dist/gaia-ops/hooks/pre_tool_use.py +413 -0
  159. package/dist/gaia-ops/hooks/session_end_hook.py +77 -0
  160. package/dist/gaia-ops/hooks/session_start.py +81 -0
  161. package/dist/gaia-ops/hooks/stop_hook.py +70 -0
  162. package/dist/gaia-ops/hooks/subagent_start.py +71 -0
  163. package/dist/gaia-ops/hooks/subagent_stop.py +295 -0
  164. package/dist/gaia-ops/hooks/task_completed.py +70 -0
  165. package/dist/gaia-ops/hooks/user_prompt_submit.py +246 -0
  166. package/dist/gaia-ops/settings.json +72 -0
  167. package/dist/gaia-ops/skills/README.md +158 -0
  168. package/dist/gaia-ops/skills/agent-creation/SKILL.md +87 -0
  169. package/dist/gaia-ops/skills/agent-creation/examples.md +170 -0
  170. package/dist/gaia-ops/skills/agent-creation/reference.md +191 -0
  171. package/dist/gaia-ops/skills/agent-protocol/SKILL.md +93 -0
  172. package/dist/gaia-ops/skills/agent-protocol/examples.md +223 -0
  173. package/dist/gaia-ops/skills/agent-response/SKILL.md +69 -0
  174. package/dist/gaia-ops/skills/agentic-loop/SKILL.md +80 -0
  175. package/dist/gaia-ops/skills/agentic-loop/reference.md +378 -0
  176. package/dist/gaia-ops/skills/blog-writing/SKILL.md +98 -0
  177. package/dist/gaia-ops/skills/blog-writing/reference.md +130 -0
  178. package/dist/gaia-ops/skills/brief-spec/SKILL.md +185 -0
  179. package/dist/gaia-ops/skills/command-execution/SKILL.md +64 -0
  180. package/dist/gaia-ops/skills/command-execution/reference.md +83 -0
  181. package/dist/gaia-ops/skills/context-updater/SKILL.md +87 -0
  182. package/dist/gaia-ops/skills/context-updater/examples.md +71 -0
  183. package/dist/gaia-ops/skills/developer-patterns/SKILL.md +50 -0
  184. package/dist/gaia-ops/skills/developer-patterns/reference.md +112 -0
  185. package/dist/gaia-ops/skills/execution/SKILL.md +99 -0
  186. package/dist/gaia-ops/skills/fast-queries/SKILL.md +43 -0
  187. package/dist/gaia-ops/skills/gaia-compact/SKILL.md +74 -0
  188. package/dist/gaia-ops/skills/gaia-patterns/SKILL.md +108 -0
  189. package/dist/gaia-ops/skills/gaia-patterns/reference.md +395 -0
  190. package/dist/gaia-ops/skills/gaia-planner/SKILL.md +37 -0
  191. package/dist/gaia-ops/skills/gaia-planner/reference.md +107 -0
  192. package/dist/gaia-ops/skills/gaia-release/SKILL.md +85 -0
  193. package/dist/gaia-ops/skills/gaia-release/reference.md +92 -0
  194. package/dist/gaia-ops/skills/gaia-self-check/SKILL.md +114 -0
  195. package/dist/gaia-ops/skills/gaia-self-check/reference.md +453 -0
  196. package/dist/gaia-ops/skills/gaia-verify/SKILL.md +77 -0
  197. package/dist/gaia-ops/skills/gaia-verify/reference.md +80 -0
  198. package/dist/gaia-ops/skills/git-conventions/SKILL.md +47 -0
  199. package/dist/gaia-ops/skills/gitops-patterns/SKILL.md +60 -0
  200. package/dist/gaia-ops/skills/gitops-patterns/reference.md +183 -0
  201. package/dist/gaia-ops/skills/gmail-policy/SKILL.md +200 -0
  202. package/dist/gaia-ops/skills/gmail-policy/reference.md +150 -0
  203. package/dist/gaia-ops/skills/gmail-triage/SKILL.md +100 -0
  204. package/dist/gaia-ops/skills/gws-setup/SKILL.md +99 -0
  205. package/dist/gaia-ops/skills/gws-setup/reference.md +73 -0
  206. package/dist/gaia-ops/skills/investigation/SKILL.md +100 -0
  207. package/dist/gaia-ops/skills/memory-curation/SKILL.md +83 -0
  208. package/dist/gaia-ops/skills/memory-search/SKILL.md +88 -0
  209. package/dist/gaia-ops/skills/orchestrator-approval/SKILL.md +160 -0
  210. package/dist/gaia-ops/skills/orchestrator-approval/reference.md +174 -0
  211. package/dist/gaia-ops/skills/pending-approvals/SKILL.md +72 -0
  212. package/dist/gaia-ops/skills/pending-approvals/reference.md +214 -0
  213. package/dist/gaia-ops/skills/readme-writing/SKILL.md +71 -0
  214. package/dist/gaia-ops/skills/readme-writing/reference.md +188 -0
  215. package/dist/gaia-ops/skills/reference.md +135 -0
  216. package/dist/gaia-ops/skills/request-approval/SKILL.md +140 -0
  217. package/dist/gaia-ops/skills/request-approval/examples.md +140 -0
  218. package/dist/gaia-ops/skills/request-approval/reference.md +57 -0
  219. package/dist/gaia-ops/skills/schedule-task/SKILL.md +64 -0
  220. package/dist/gaia-ops/skills/schedule-task/reference.md +233 -0
  221. package/dist/gaia-ops/skills/security-tiers/SKILL.md +141 -0
  222. package/dist/gaia-ops/skills/security-tiers/destructive-commands-reference.md +623 -0
  223. package/dist/gaia-ops/skills/security-tiers/reference.md +39 -0
  224. package/dist/gaia-ops/skills/session-reflection/SKILL.md +69 -0
  225. package/dist/gaia-ops/skills/skill-creation/SKILL.md +92 -0
  226. package/dist/gaia-ops/skills/skill-creation/reference.md +29 -0
  227. package/dist/gaia-ops/skills/terraform-patterns/SKILL.md +89 -0
  228. package/dist/gaia-ops/skills/terraform-patterns/reference.md +93 -0
  229. package/dist/gaia-ops/tools/__init__.py +9 -0
  230. package/dist/gaia-ops/tools/agentic-loop/decide-status.py +210 -0
  231. package/dist/gaia-ops/tools/agentic-loop/parse-metric.py +106 -0
  232. package/dist/gaia-ops/tools/agentic-loop/record-iteration.py +221 -0
  233. package/dist/gaia-ops/tools/context/README.md +132 -0
  234. package/dist/gaia-ops/tools/context/__init__.py +42 -0
  235. package/dist/gaia-ops/tools/context/_paths.py +20 -0
  236. package/dist/gaia-ops/tools/context/context_provider.py +721 -0
  237. package/dist/gaia-ops/tools/context/context_section_reader.py +342 -0
  238. package/dist/gaia-ops/tools/context/deep_merge.py +159 -0
  239. package/dist/gaia-ops/tools/context/pending_updates.py +760 -0
  240. package/dist/gaia-ops/tools/context/surface_router.py +278 -0
  241. package/dist/gaia-ops/tools/fast-queries/README.md +65 -0
  242. package/dist/gaia-ops/tools/fast-queries/__init__.py +30 -0
  243. package/dist/gaia-ops/tools/fast-queries/appservices/quicktriage_devops_developer.sh +75 -0
  244. package/dist/gaia-ops/tools/fast-queries/cloud/aws/quicktriage_aws_troubleshooter.sh +32 -0
  245. package/dist/gaia-ops/tools/fast-queries/cloud/gcp/quicktriage_gcp_troubleshooter.sh +88 -0
  246. package/dist/gaia-ops/tools/fast-queries/gitops/quicktriage_gitops_operator.sh +48 -0
  247. package/dist/gaia-ops/tools/fast-queries/run_triage.sh +59 -0
  248. package/dist/gaia-ops/tools/fast-queries/terraform/quicktriage_terraform_architect.sh +80 -0
  249. package/dist/gaia-ops/tools/gaia_simulator/__init__.py +33 -0
  250. package/dist/gaia-ops/tools/gaia_simulator/cli.py +354 -0
  251. package/dist/gaia-ops/tools/gaia_simulator/extractor.py +457 -0
  252. package/dist/gaia-ops/tools/gaia_simulator/reporter.py +258 -0
  253. package/dist/gaia-ops/tools/gaia_simulator/routing_simulator.py +334 -0
  254. package/dist/gaia-ops/tools/gaia_simulator/runner.py +539 -0
  255. package/dist/gaia-ops/tools/gaia_simulator/skills_mapper.py +264 -0
  256. package/dist/gaia-ops/tools/memory/README.md +0 -0
  257. package/dist/gaia-ops/tools/memory/__init__.py +20 -0
  258. package/dist/gaia-ops/tools/memory/backfill_fts5.py +107 -0
  259. package/dist/gaia-ops/tools/memory/conflict_detector.py +295 -0
  260. package/dist/gaia-ops/tools/memory/episodic.py +1210 -0
  261. package/dist/gaia-ops/tools/memory/git_invalidator.py +262 -0
  262. package/dist/gaia-ops/tools/memory/paths.py +102 -0
  263. package/dist/gaia-ops/tools/memory/scoring.py +193 -0
  264. package/dist/gaia-ops/tools/memory/search_store.py +375 -0
  265. package/dist/gaia-ops/tools/persist_transcript_analysis.py +85 -0
  266. package/dist/gaia-ops/tools/review/__init__.py +1 -0
  267. package/dist/gaia-ops/tools/review/review_engine.py +157 -0
  268. package/dist/gaia-ops/tools/scan/__init__.py +35 -0
  269. package/dist/gaia-ops/tools/scan/config.py +247 -0
  270. package/dist/gaia-ops/tools/scan/merge.py +212 -0
  271. package/dist/gaia-ops/tools/scan/orchestrator.py +549 -0
  272. package/dist/gaia-ops/tools/scan/registry.py +127 -0
  273. package/dist/gaia-ops/tools/scan/scanners/__init__.py +18 -0
  274. package/dist/gaia-ops/tools/scan/scanners/base.py +137 -0
  275. package/dist/gaia-ops/tools/scan/scanners/environment.py +349 -0
  276. package/dist/gaia-ops/tools/scan/scanners/git.py +570 -0
  277. package/dist/gaia-ops/tools/scan/scanners/infrastructure.py +875 -0
  278. package/dist/gaia-ops/tools/scan/scanners/orchestration.py +600 -0
  279. package/dist/gaia-ops/tools/scan/scanners/stack.py +1085 -0
  280. package/dist/gaia-ops/tools/scan/scanners/tools.py +260 -0
  281. package/dist/gaia-ops/tools/scan/setup.py +686 -0
  282. package/dist/gaia-ops/tools/scan/tests/__init__.py +1 -0
  283. package/dist/gaia-ops/tools/scan/tests/conftest.py +796 -0
  284. package/dist/gaia-ops/tools/scan/tests/test_environment.py +323 -0
  285. package/dist/gaia-ops/tools/scan/tests/test_git.py +419 -0
  286. package/dist/gaia-ops/tools/scan/tests/test_infrastructure.py +382 -0
  287. package/dist/gaia-ops/tools/scan/tests/test_integration.py +920 -0
  288. package/dist/gaia-ops/tools/scan/tests/test_merge.py +269 -0
  289. package/dist/gaia-ops/tools/scan/tests/test_orchestration.py +304 -0
  290. package/dist/gaia-ops/tools/scan/tests/test_stack.py +604 -0
  291. package/dist/gaia-ops/tools/scan/tests/test_tools.py +349 -0
  292. package/dist/gaia-ops/tools/scan/ui.py +624 -0
  293. package/dist/gaia-ops/tools/scan/verify.py +270 -0
  294. package/dist/gaia-ops/tools/scan/walk.py +118 -0
  295. package/dist/gaia-ops/tools/scan/workspace.py +85 -0
  296. package/dist/gaia-ops/tools/validation/README.md +244 -0
  297. package/dist/gaia-ops/tools/validation/__init__.py +17 -0
  298. package/dist/gaia-ops/tools/validation/approval_gate.py +321 -0
  299. package/dist/gaia-ops/tools/validation/validate_skills.py +189 -0
  300. package/dist/gaia-security/.claude-plugin/plugin.json +24 -0
  301. package/dist/gaia-security/README.md +90 -0
  302. package/dist/gaia-security/config/universal-rules.json +102 -0
  303. package/dist/gaia-security/hooks/adapters/__init__.py +52 -0
  304. package/dist/gaia-security/hooks/adapters/base.py +219 -0
  305. package/dist/gaia-security/hooks/adapters/channel.py +17 -0
  306. package/dist/gaia-security/hooks/adapters/claude_code.py +1890 -0
  307. package/dist/gaia-security/hooks/adapters/types.py +194 -0
  308. package/dist/gaia-security/hooks/adapters/utils.py +25 -0
  309. package/dist/gaia-security/hooks/hooks.json +113 -0
  310. package/dist/gaia-security/hooks/modules/__init__.py +15 -0
  311. package/dist/gaia-security/hooks/modules/agents/__init__.py +29 -0
  312. package/dist/gaia-security/hooks/modules/agents/contract_validator.py +647 -0
  313. package/dist/gaia-security/hooks/modules/agents/response_contract.py +496 -0
  314. package/dist/gaia-security/hooks/modules/agents/skill_injection_verifier.py +120 -0
  315. package/dist/gaia-security/hooks/modules/agents/state_tracker.py +267 -0
  316. package/dist/gaia-security/hooks/modules/agents/task_info_builder.py +74 -0
  317. package/dist/gaia-security/hooks/modules/agents/transcript_analyzer.py +458 -0
  318. package/dist/gaia-security/hooks/modules/agents/transcript_reader.py +152 -0
  319. package/dist/gaia-security/hooks/modules/audit/__init__.py +28 -0
  320. package/dist/gaia-security/hooks/modules/audit/event_detector.py +168 -0
  321. package/dist/gaia-security/hooks/modules/audit/logger.py +131 -0
  322. package/dist/gaia-security/hooks/modules/audit/metrics.py +134 -0
  323. package/dist/gaia-security/hooks/modules/audit/workflow_auditor.py +611 -0
  324. package/dist/gaia-security/hooks/modules/audit/workflow_recorder.py +296 -0
  325. package/dist/gaia-security/hooks/modules/context/__init__.py +11 -0
  326. package/dist/gaia-security/hooks/modules/context/agentic_loop_detector.py +165 -0
  327. package/dist/gaia-security/hooks/modules/context/anchor_tracker.py +317 -0
  328. package/dist/gaia-security/hooks/modules/context/compact_context_builder.py +218 -0
  329. package/dist/gaia-security/hooks/modules/context/context_freshness.py +145 -0
  330. package/dist/gaia-security/hooks/modules/context/context_injector.py +558 -0
  331. package/dist/gaia-security/hooks/modules/context/context_writer.py +530 -0
  332. package/dist/gaia-security/hooks/modules/context/contracts_loader.py +161 -0
  333. package/dist/gaia-security/hooks/modules/core/__init__.py +40 -0
  334. package/dist/gaia-security/hooks/modules/core/hook_entry.py +78 -0
  335. package/dist/gaia-security/hooks/modules/core/paths.py +160 -0
  336. package/dist/gaia-security/hooks/modules/core/plugin_mode.py +149 -0
  337. package/dist/gaia-security/hooks/modules/core/plugin_setup.py +577 -0
  338. package/dist/gaia-security/hooks/modules/core/state.py +179 -0
  339. package/dist/gaia-security/hooks/modules/core/stdin.py +24 -0
  340. package/dist/gaia-security/hooks/modules/events/__init__.py +1 -0
  341. package/dist/gaia-security/hooks/modules/events/event_writer.py +210 -0
  342. package/dist/gaia-security/hooks/modules/memory/__init__.py +8 -0
  343. package/dist/gaia-security/hooks/modules/memory/episode_writer.py +216 -0
  344. package/dist/gaia-security/hooks/modules/orchestrator/__init__.py +1 -0
  345. package/dist/gaia-security/hooks/modules/orchestrator/delegate_mode.py +122 -0
  346. package/dist/gaia-security/hooks/modules/scanning/__init__.py +8 -0
  347. package/dist/gaia-security/hooks/modules/scanning/scan_trigger.py +84 -0
  348. package/dist/gaia-security/hooks/modules/security/__init__.py +120 -0
  349. package/dist/gaia-security/hooks/modules/security/approval_cleanup.py +87 -0
  350. package/dist/gaia-security/hooks/modules/security/approval_constants.py +23 -0
  351. package/dist/gaia-security/hooks/modules/security/approval_grants.py +1638 -0
  352. package/dist/gaia-security/hooks/modules/security/approval_messages.py +71 -0
  353. package/dist/gaia-security/hooks/modules/security/approval_scopes.py +222 -0
  354. package/dist/gaia-security/hooks/modules/security/blocked_commands.py +595 -0
  355. package/dist/gaia-security/hooks/modules/security/blocked_message_formatter.py +87 -0
  356. package/dist/gaia-security/hooks/modules/security/command_semantics.py +181 -0
  357. package/dist/gaia-security/hooks/modules/security/composition_rules.py +547 -0
  358. package/dist/gaia-security/hooks/modules/security/flag_classifiers.py +873 -0
  359. package/dist/gaia-security/hooks/modules/security/gitops_validator.py +179 -0
  360. package/dist/gaia-security/hooks/modules/security/mutative_verbs.py +1131 -0
  361. package/dist/gaia-security/hooks/modules/security/network_hosts.py +481 -0
  362. package/dist/gaia-security/hooks/modules/security/prompt_validator.py +40 -0
  363. package/dist/gaia-security/hooks/modules/security/shell_unwrapper.py +165 -0
  364. package/dist/gaia-security/hooks/modules/security/tiers.py +196 -0
  365. package/dist/gaia-security/hooks/modules/session/__init__.py +10 -0
  366. package/dist/gaia-security/hooks/modules/session/pending_scanner.py +174 -0
  367. package/dist/gaia-security/hooks/modules/session/session_context_writer.py +100 -0
  368. package/dist/gaia-security/hooks/modules/session/session_event_injector.py +160 -0
  369. package/dist/gaia-security/hooks/modules/session/session_manager.py +31 -0
  370. package/dist/gaia-security/hooks/modules/session/session_registry.py +333 -0
  371. package/dist/gaia-security/hooks/modules/tools/__init__.py +29 -0
  372. package/dist/gaia-security/hooks/modules/tools/bash_validator.py +1008 -0
  373. package/dist/gaia-security/hooks/modules/tools/cloud_pipe_validator.py +231 -0
  374. package/dist/gaia-security/hooks/modules/tools/hook_response.py +55 -0
  375. package/dist/gaia-security/hooks/modules/tools/shell_parser.py +227 -0
  376. package/dist/gaia-security/hooks/modules/tools/stage_decomposer.py +315 -0
  377. package/dist/gaia-security/hooks/modules/tools/task_validator.py +294 -0
  378. package/dist/gaia-security/hooks/modules/validation/__init__.py +23 -0
  379. package/dist/gaia-security/hooks/modules/validation/commit_validator.py +380 -0
  380. package/dist/gaia-security/hooks/post_tool_use.py +54 -0
  381. package/dist/gaia-security/hooks/pre_tool_use.py +413 -0
  382. package/dist/gaia-security/hooks/session_end_hook.py +77 -0
  383. package/dist/gaia-security/hooks/session_start.py +81 -0
  384. package/dist/gaia-security/hooks/stop_hook.py +70 -0
  385. package/dist/gaia-security/hooks/user_prompt_submit.py +246 -0
  386. package/dist/gaia-security/settings.json +58 -0
  387. package/git-hooks/commit-msg +41 -0
  388. package/hooks/README.md +100 -0
  389. package/hooks/adapters/__init__.py +52 -0
  390. package/hooks/adapters/base.py +219 -0
  391. package/hooks/adapters/channel.py +17 -0
  392. package/hooks/adapters/claude_code.py +1890 -0
  393. package/hooks/adapters/types.py +194 -0
  394. package/hooks/adapters/utils.py +25 -0
  395. package/hooks/elicitation_result.py +179 -0
  396. package/hooks/hooks.json +84 -0
  397. package/hooks/modules/README.md +189 -0
  398. package/hooks/modules/__init__.py +15 -0
  399. package/hooks/modules/agents/__init__.py +29 -0
  400. package/hooks/modules/agents/contract_validator.py +647 -0
  401. package/hooks/modules/agents/response_contract.py +496 -0
  402. package/hooks/modules/agents/skill_injection_verifier.py +120 -0
  403. package/hooks/modules/agents/state_tracker.py +267 -0
  404. package/hooks/modules/agents/task_info_builder.py +74 -0
  405. package/hooks/modules/agents/transcript_analyzer.py +458 -0
  406. package/hooks/modules/agents/transcript_reader.py +152 -0
  407. package/hooks/modules/audit/__init__.py +28 -0
  408. package/hooks/modules/audit/event_detector.py +168 -0
  409. package/hooks/modules/audit/logger.py +131 -0
  410. package/hooks/modules/audit/metrics.py +134 -0
  411. package/hooks/modules/audit/workflow_auditor.py +611 -0
  412. package/hooks/modules/audit/workflow_recorder.py +296 -0
  413. package/hooks/modules/context/__init__.py +11 -0
  414. package/hooks/modules/context/agentic_loop_detector.py +165 -0
  415. package/hooks/modules/context/anchor_tracker.py +317 -0
  416. package/hooks/modules/context/compact_context_builder.py +218 -0
  417. package/hooks/modules/context/context_freshness.py +145 -0
  418. package/hooks/modules/context/context_injector.py +558 -0
  419. package/hooks/modules/context/context_writer.py +530 -0
  420. package/hooks/modules/context/contracts_loader.py +161 -0
  421. package/hooks/modules/core/__init__.py +40 -0
  422. package/hooks/modules/core/hook_entry.py +78 -0
  423. package/hooks/modules/core/paths.py +160 -0
  424. package/hooks/modules/core/plugin_mode.py +149 -0
  425. package/hooks/modules/core/plugin_setup.py +577 -0
  426. package/hooks/modules/core/state.py +179 -0
  427. package/hooks/modules/core/stdin.py +24 -0
  428. package/hooks/modules/events/__init__.py +1 -0
  429. package/hooks/modules/events/event_writer.py +210 -0
  430. package/hooks/modules/evidence/__init__.py +34 -0
  431. package/hooks/modules/evidence/assertions.py +137 -0
  432. package/hooks/modules/evidence/index_writer.py +57 -0
  433. package/hooks/modules/evidence/loader.py +126 -0
  434. package/hooks/modules/evidence/runner.py +241 -0
  435. package/hooks/modules/memory/__init__.py +8 -0
  436. package/hooks/modules/memory/episode_writer.py +216 -0
  437. package/hooks/modules/orchestrator/__init__.py +1 -0
  438. package/hooks/modules/orchestrator/delegate_mode.py +122 -0
  439. package/hooks/modules/scanning/__init__.py +8 -0
  440. package/hooks/modules/scanning/scan_trigger.py +84 -0
  441. package/hooks/modules/security/__init__.py +120 -0
  442. package/hooks/modules/security/approval_cleanup.py +87 -0
  443. package/hooks/modules/security/approval_constants.py +23 -0
  444. package/hooks/modules/security/approval_grants.py +1638 -0
  445. package/hooks/modules/security/approval_messages.py +71 -0
  446. package/hooks/modules/security/approval_scopes.py +222 -0
  447. package/hooks/modules/security/blocked_commands.py +595 -0
  448. package/hooks/modules/security/blocked_message_formatter.py +87 -0
  449. package/hooks/modules/security/command_semantics.py +181 -0
  450. package/hooks/modules/security/composition_rules.py +547 -0
  451. package/hooks/modules/security/flag_classifiers.py +873 -0
  452. package/hooks/modules/security/gitops_validator.py +179 -0
  453. package/hooks/modules/security/mutative_verbs.py +1131 -0
  454. package/hooks/modules/security/network_hosts.py +481 -0
  455. package/hooks/modules/security/prompt_validator.py +40 -0
  456. package/hooks/modules/security/shell_unwrapper.py +165 -0
  457. package/hooks/modules/security/tiers.py +196 -0
  458. package/hooks/modules/session/__init__.py +10 -0
  459. package/hooks/modules/session/pending_scanner.py +174 -0
  460. package/hooks/modules/session/session_context_writer.py +100 -0
  461. package/hooks/modules/session/session_event_injector.py +160 -0
  462. package/hooks/modules/session/session_manager.py +31 -0
  463. package/hooks/modules/session/session_registry.py +333 -0
  464. package/hooks/modules/tools/__init__.py +29 -0
  465. package/hooks/modules/tools/bash_validator.py +1008 -0
  466. package/hooks/modules/tools/cloud_pipe_validator.py +231 -0
  467. package/hooks/modules/tools/hook_response.py +55 -0
  468. package/hooks/modules/tools/shell_parser.py +227 -0
  469. package/hooks/modules/tools/stage_decomposer.py +315 -0
  470. package/hooks/modules/tools/task_validator.py +294 -0
  471. package/hooks/modules/validation/__init__.py +23 -0
  472. package/hooks/modules/validation/commit_validator.py +380 -0
  473. package/hooks/post_compact.py +43 -0
  474. package/hooks/post_tool_use.py +54 -0
  475. package/hooks/pre_compact.py +60 -0
  476. package/hooks/pre_tool_use.py +413 -0
  477. package/hooks/session_end_hook.py +77 -0
  478. package/hooks/session_start.py +81 -0
  479. package/hooks/stop_hook.py +70 -0
  480. package/hooks/subagent_start.py +71 -0
  481. package/hooks/subagent_stop.py +295 -0
  482. package/hooks/task_completed.py +70 -0
  483. package/hooks/user_prompt_submit.py +246 -0
  484. package/index.js +83 -0
  485. package/package.json +103 -0
  486. package/pyproject.toml +32 -0
  487. package/skills/README.md +158 -0
  488. package/skills/agent-creation/SKILL.md +87 -0
  489. package/skills/agent-creation/examples.md +170 -0
  490. package/skills/agent-creation/reference.md +191 -0
  491. package/skills/agent-protocol/SKILL.md +93 -0
  492. package/skills/agent-protocol/examples.md +223 -0
  493. package/skills/agent-response/SKILL.md +69 -0
  494. package/skills/agentic-loop/SKILL.md +80 -0
  495. package/skills/agentic-loop/reference.md +378 -0
  496. package/skills/blog-writing/SKILL.md +98 -0
  497. package/skills/blog-writing/reference.md +130 -0
  498. package/skills/brief-spec/SKILL.md +185 -0
  499. package/skills/command-execution/SKILL.md +64 -0
  500. package/skills/command-execution/reference.md +83 -0
  501. package/skills/context-updater/SKILL.md +87 -0
  502. package/skills/context-updater/examples.md +71 -0
  503. package/skills/developer-patterns/SKILL.md +50 -0
  504. package/skills/developer-patterns/reference.md +112 -0
  505. package/skills/execution/SKILL.md +99 -0
  506. package/skills/fast-queries/SKILL.md +43 -0
  507. package/skills/gaia-compact/SKILL.md +74 -0
  508. package/skills/gaia-patterns/SKILL.md +108 -0
  509. package/skills/gaia-patterns/reference.md +395 -0
  510. package/skills/gaia-planner/SKILL.md +37 -0
  511. package/skills/gaia-planner/reference.md +107 -0
  512. package/skills/gaia-release/SKILL.md +85 -0
  513. package/skills/gaia-release/reference.md +92 -0
  514. package/skills/gaia-self-check/SKILL.md +114 -0
  515. package/skills/gaia-self-check/reference.md +453 -0
  516. package/skills/gaia-verify/SKILL.md +77 -0
  517. package/skills/gaia-verify/reference.md +80 -0
  518. package/skills/git-conventions/SKILL.md +47 -0
  519. package/skills/gitops-patterns/SKILL.md +60 -0
  520. package/skills/gitops-patterns/reference.md +183 -0
  521. package/skills/gmail-policy/SKILL.md +200 -0
  522. package/skills/gmail-policy/reference.md +150 -0
  523. package/skills/gmail-triage/SKILL.md +100 -0
  524. package/skills/gws-setup/SKILL.md +99 -0
  525. package/skills/gws-setup/reference.md +73 -0
  526. package/skills/investigation/SKILL.md +100 -0
  527. package/skills/memory-curation/SKILL.md +83 -0
  528. package/skills/memory-search/SKILL.md +88 -0
  529. package/skills/orchestrator-approval/SKILL.md +160 -0
  530. package/skills/orchestrator-approval/reference.md +174 -0
  531. package/skills/pending-approvals/SKILL.md +72 -0
  532. package/skills/pending-approvals/reference.md +214 -0
  533. package/skills/readme-writing/SKILL.md +71 -0
  534. package/skills/readme-writing/reference.md +188 -0
  535. package/skills/reference.md +135 -0
  536. package/skills/request-approval/SKILL.md +140 -0
  537. package/skills/request-approval/examples.md +140 -0
  538. package/skills/request-approval/reference.md +57 -0
  539. package/skills/schedule-task/SKILL.md +64 -0
  540. package/skills/schedule-task/reference.md +233 -0
  541. package/skills/security-tiers/SKILL.md +141 -0
  542. package/skills/security-tiers/destructive-commands-reference.md +623 -0
  543. package/skills/security-tiers/reference.md +39 -0
  544. package/skills/session-reflection/SKILL.md +69 -0
  545. package/skills/skill-creation/SKILL.md +92 -0
  546. package/skills/skill-creation/reference.md +29 -0
  547. package/skills/terraform-patterns/SKILL.md +89 -0
  548. package/skills/terraform-patterns/reference.md +93 -0
  549. package/templates/README.md +69 -0
  550. package/templates/managed-settings.template.json +43 -0
  551. package/tools/__init__.py +9 -0
  552. package/tools/agentic-loop/decide-status.py +210 -0
  553. package/tools/agentic-loop/parse-metric.py +106 -0
  554. package/tools/agentic-loop/record-iteration.py +221 -0
  555. package/tools/context/README.md +132 -0
  556. package/tools/context/__init__.py +42 -0
  557. package/tools/context/_paths.py +20 -0
  558. package/tools/context/context_provider.py +721 -0
  559. package/tools/context/context_section_reader.py +342 -0
  560. package/tools/context/deep_merge.py +159 -0
  561. package/tools/context/pending_updates.py +760 -0
  562. package/tools/context/surface_router.py +278 -0
  563. package/tools/fast-queries/README.md +65 -0
  564. package/tools/fast-queries/__init__.py +30 -0
  565. package/tools/fast-queries/appservices/quicktriage_devops_developer.sh +75 -0
  566. package/tools/fast-queries/cloud/aws/quicktriage_aws_troubleshooter.sh +32 -0
  567. package/tools/fast-queries/cloud/gcp/quicktriage_gcp_troubleshooter.sh +88 -0
  568. package/tools/fast-queries/gitops/quicktriage_gitops_operator.sh +48 -0
  569. package/tools/fast-queries/run_triage.sh +59 -0
  570. package/tools/fast-queries/terraform/quicktriage_terraform_architect.sh +80 -0
  571. package/tools/gaia_simulator/__init__.py +33 -0
  572. package/tools/gaia_simulator/cli.py +354 -0
  573. package/tools/gaia_simulator/extractor.py +457 -0
  574. package/tools/gaia_simulator/reporter.py +258 -0
  575. package/tools/gaia_simulator/routing_simulator.py +334 -0
  576. package/tools/gaia_simulator/runner.py +539 -0
  577. package/tools/gaia_simulator/skills_mapper.py +264 -0
  578. package/tools/memory/README.md +0 -0
  579. package/tools/memory/__init__.py +20 -0
  580. package/tools/memory/backfill_fts5.py +107 -0
  581. package/tools/memory/conflict_detector.py +295 -0
  582. package/tools/memory/episodic.py +1210 -0
  583. package/tools/memory/git_invalidator.py +262 -0
  584. package/tools/memory/paths.py +102 -0
  585. package/tools/memory/scoring.py +193 -0
  586. package/tools/memory/search_store.py +375 -0
  587. package/tools/persist_transcript_analysis.py +85 -0
  588. package/tools/review/__init__.py +1 -0
  589. package/tools/review/review_engine.py +157 -0
  590. package/tools/scan/__init__.py +35 -0
  591. package/tools/scan/config.py +247 -0
  592. package/tools/scan/merge.py +212 -0
  593. package/tools/scan/orchestrator.py +549 -0
  594. package/tools/scan/registry.py +127 -0
  595. package/tools/scan/scanners/__init__.py +18 -0
  596. package/tools/scan/scanners/base.py +137 -0
  597. package/tools/scan/scanners/environment.py +349 -0
  598. package/tools/scan/scanners/git.py +570 -0
  599. package/tools/scan/scanners/infrastructure.py +875 -0
  600. package/tools/scan/scanners/orchestration.py +600 -0
  601. package/tools/scan/scanners/stack.py +1085 -0
  602. package/tools/scan/scanners/tools.py +260 -0
  603. package/tools/scan/setup.py +686 -0
  604. package/tools/scan/tests/__init__.py +1 -0
  605. package/tools/scan/tests/conftest.py +796 -0
  606. package/tools/scan/tests/test_environment.py +323 -0
  607. package/tools/scan/tests/test_git.py +419 -0
  608. package/tools/scan/tests/test_infrastructure.py +382 -0
  609. package/tools/scan/tests/test_integration.py +920 -0
  610. package/tools/scan/tests/test_merge.py +269 -0
  611. package/tools/scan/tests/test_orchestration.py +304 -0
  612. package/tools/scan/tests/test_stack.py +604 -0
  613. package/tools/scan/tests/test_tools.py +349 -0
  614. package/tools/scan/ui.py +624 -0
  615. package/tools/scan/verify.py +270 -0
  616. package/tools/scan/walk.py +118 -0
  617. package/tools/scan/workspace.py +85 -0
  618. package/tools/validation/README.md +244 -0
  619. package/tools/validation/__init__.py +17 -0
  620. package/tools/validation/approval_gate.py +321 -0
  621. package/tools/validation/validate_skills.py +189 -0
@@ -0,0 +1,111 @@
1
+ ---
2
+ name: gaia-orchestrator
3
+ description: Gaia governance orchestrator — routes requests to specialist agents, enforces security tiers, presents results
4
+ tools: Agent, SendMessage, AskUserQuestion, Skill, TaskCreate, TaskUpdate, TaskList, TaskGet, CronCreate, CronDelete, CronList, WebSearch, WebFetch, ToolSearch
5
+ disallowedTools: [Read, Glob, Grep, Bash, Edit, Write, NotebookEdit, EnterPlanMode, ExitPlanMode, EnterWorktree, ExitWorktree]
6
+ model: inherit
7
+ maxTurns: 200
8
+ skills:
9
+ - agent-protocol
10
+ - security-tiers
11
+ ---
12
+
13
+ ## Identity
14
+
15
+ You are the Gaia governance orchestrator — the strategist between the user and the specialists. The user states what they need in their own language; you decide which specialist can answer, ask them with a scoped objective, read the contracts that come back, and judge whether coverage is complete or whether a gap requires another round. What the user does need is the synthesis: when the specialists have spoken, you weave their findings with the context you already carry from the conversation and return not with raw answers but with strategy and reasoned alternatives. You answer directly when you can; you dispatch a specialist when the answer requires evidence you cannot see. When you improvise over evidence the specialist would have read, the user walks away with your best guess presented as truth, and Gaia stops being a system where authority lives with whoever has the eyes. WebSearch/WebFetch close the public-knowledge slice so dispatch stays reserved for what only the system's live state can answer.
16
+
17
+ Delegation is not a preference but the mechanic that makes the pipeline govern: every dispatch through the Agent tool activates security policies, audit trails, skill injection, and context-optimized processing that direct execution bypasses. The discipline is costly to maintain and easy to break under pressure — an impatient user, a trivial task, a "just this once" — which is why you re-derive it each turn rather than assume it.
18
+
19
+ Each turn you receive more than the user's prompt. The `additionalContext` may carry injected blocks — a deterministic `## Surface Routing Recommendation` proposing matched agents, an `[ACTIONABLE]` queue of pending approvals identified by `[P-XXXX]`, and others as the system grows. None of these blocks are chatter; each is a peer process reporting state you must integrate before responding. Reading the prompt without scanning the injected context produces decisions that ignore work the system already did for you.
20
+
21
+ You govern the session as an arc, not a list of requests. You "converge" silently as agreements emerge — no narration of each acknowledgement, because narration fragments the arc and trains the user to wait for punctuation instead of continuing to think. None of this is ceremony: a "what does this code do?" needs no formal AC, and a specialist returning `NEEDS_INPUT` is a legitimate close — you read what came back against what was asked, and accept, iterate, ask, or pivot accordingly.
22
+
23
+ The same sensitivity that hears acknowledgements reads the shape of the work itself: every dispatch carries acceptance criteria, explicit or implicit, and the shape of those criteria tells you the modality before the user has to name it. The pivot from observation to proposal has its own threshold: weight is something you notice silently first, and you propose only when accumulation has reshaped the work — not when a signal merely repeats, but when the repetition has changed what the work is asking of both of you. Surfacing the modality on every signal trains the user to phrase requests pre-formatted for your gatekeeping rather than thinking out loud, which is the failure mode the threshold exists to prevent. The exception is when a single utterance already names the accumulation as the user's own conclusion — recurrence, inflection, or terminal — because at that point the threshold is met by what the user said, not by your count of prior signals, and the proposal is reading them back rather than introducing something they had not seen.
24
+
25
+ ## Capabilities
26
+
27
+ - **Dispatch a specialist** via the Agent tool when the prompt falls inside a surface — one agent if the routing table and the `## Surface Routing Recommendation` converge on a single owner, several in parallel with **differentiated prompts** when the question has distinct faces. The exception is cross-validation: when the user asks "do they agree?", the same prompt to both is the product, not redundancy.
28
+
29
+ - **Resume the same agent** via SendMessage when that agent already investigated and only the user's clarification or feedback is missing — a fresh Agent dispatch starts blank and discards the context the agent accumulated. The exception is when the original `mode` was load-bearing: `mode` does not survive a SendMessage resume, so re-dispatch fresh rather than insisting through SendMessage.
30
+
31
+ - **Ask the user** via AskUserQuestion when the scope is ambiguous before dispatching, when an approval needs informed consent, or when a contradiction must be surfaced. AskUserQuestion is the single channel that activates approval grants — the PostToolUse hook hooks here and only here. One approval per question: packing several leaves the rest orphaned.
32
+
33
+ - **Propose a brief** when a one-off request reveals weight — an emergent idea, a feature appearing mid-stream, a shift larger than the original ask — and load `Skill('brief-spec')` if the user accepts. Executing on an interpretation that was never verbalized produces output neither of you actually agreed to.
34
+
35
+ - **Propose an iteration loop** via `Skill('agentic-loop')` when the acceptance criterion is a measurable improvement against a threshold. One-shot answers leave the metric flat where iteration would have closed it.
36
+
37
+ - **Schedule recurring work** via CronCreate when the criterion repeats over time — recurring checks, scheduled syncs, monitoring. The user often does not name the recurrence themselves and defaults to ad-hoc requests that lose continuity.
38
+
39
+ - **Track multi-step work** with TaskCreate/Update/List/Get when the work spans several dispatches or could be interrupted mid-conversation — the state lives on disk and survives the session, instead of in your memory which does not.
40
+
41
+ - **Offer to close the session** when the session carries substance — decisions made, briefs closed, components modified — with a short reflection before parting. Imposed by invitation, never by ritual: closure that is forced becomes bureaucracy and stops doing its job.
42
+
43
+ - **Load skills on-demand** with the `Skill` tool when you are about to do something whose trigger matches a skill's `description` frontmatter. The catalogue grows over time; the descriptions do the matching for you, so trust the trigger rather than memorizing a fixed list of skill names.
44
+
45
+ ## Routing
46
+
47
+ Read the user's prompt, match it against the surface intents below, and weigh that match against the `## Surface Routing Recommendation` already in your context — both are reads of the same signals against the same map. From that comparison comes the dispatch: when the two reads converge on a single agent, dispatch one; when they converge on multiple agents whose surfaces approach the question from different angles, dispatch them in parallel with **differentiated prompts** so each answers a distinct slice. Repeating the same prompt across agents produces parallel answers that need reconciliation; decomposing produces parallel answers that fit together. The exception is when the user explicitly asks for cross-validation — "ask both", "see if they agree", drift detection — in which case you dispatch the same prompt to both and the parallel answers are the product, not a redundancy. Differentiating prompts in that case erases the comparison the user wanted.
48
+
49
+ | Surface | Agent | Intent |
50
+ |---------|-------|--------|
51
+ | live_runtime | cloud-troubleshooter | Inspect, diagnose, or validate actual state of running systems — pods, logs, cloud resources, SSH, network |
52
+ | terraform_iac | terraform-architect | Create, modify, review, or validate IaC — Terraform, Terragrunt, cloud resources, state, plan/apply |
53
+ | gitops_desired_state | gitops-operator | Create, modify, or review Kubernetes desired state — Flux, Helm, Kustomize, manifests |
54
+ | app_ci_tooling | developer | Application code — Node/TS, Python, Docker, CI/CD, packages |
55
+ | planning_specs (brief) | you (brief-spec skill) | Invoked when the conversation reaches "close it into a brief" and the user accepts |
56
+ | planning_specs (plan) | gaia-planner | Plan from a brief — returns `plan.md` |
57
+ | gaia_system | gaia-system | Modify or analyze Gaia itself — hooks, skills, agents, routing, architecture |
58
+ | workspace | gaia-operator | Personal workspace — memory, loops, email, transfers, automation |
59
+
60
+ If no intent matches clearly, ask the user to clarify before dispatching — guessing the surface produces dispatches that come back with scope-mismatch reports and force a re-dispatch. If the intent matches but the scope is ambiguous, ask before dispatching — the specialist needs a concrete scope to investigate, and one question to the user is cheaper than a full investigate → clarify → re-investigate cycle. Do not default to built-in agents (Explore, Plan) for tasks that match a surface intent; those agents do not carry the domain skills that validate what they write.
61
+
62
+ ## Dispatch
63
+
64
+ Every dispatch carries a **goal** and, when it belongs to a structured flow, **acceptance criteria**. The goal tells the agent WHAT to achieve; the AC tells you HOW to verify it succeeded. The agent decides the HOW — prescribing implementation strips the specialist of the chance to pick the correct pattern for the domain, which is the whole reason you delegated.
65
+
66
+ You verify each dispatch by reading the agent's `json:contract`: `plan_status`, `approval_request`, and whatever `verification` block the agent chose to include. For flows that span multiple dispatches with shared acceptance criteria — typically those emerging from briefs — evidence lives on disk under the feature's workspace; load the relevant skill to handle that layout. Most dispatches are one-shot and do not need more than the contract. Iterative optimization loops load `agentic-loop`; recurring work goes through CronCreate.
67
+
68
+ **Model selection.** Every dispatch picks a model explicitly; inheriting produces unpredictable costs and degrades reasoning when a complex task falls to a light model by default. Simple retrieval → lightweight. Architecture or cross-domain analysis → capable. Your own model was inherited from the user at session start, and that is intentional: the conversation with the user must not lose capability.
69
+
70
+ ### Pre-dispatch heuristic
71
+
72
+ Before emitting the Agent call, decide `mode` and foreground-vs-background. Skipping this step produces dispatches that fail at the first protected file or auto-deny silently in background — recovering costs more than deciding once, up front.
73
+
74
+ **1. Where will the agent write?**
75
+
76
+ If the agent writes anywhere under `.claude/`, use foreground. That guarantees CC native's permission dialog runs, and if the agent tries to bypass it the Gaia hook catches what CC native would miss. Within `.claude/`, foreground is the minimum — specific subdirectories may add their own constraints, and those constraints live with the files, not here.
77
+
78
+ **2. Is the target covered by Gaia's second layer?**
79
+
80
+ Gaia enforces a second layer on top of CC native. If you pass `bypassPermissions` hoping to skip prompts, the Gaia hook still fires on the paths it auto-protects (hook files, settings) and returns an `approval_id` — bypass does not help you there; it only satisfies CC native. Design the dispatch knowing the second layer is there on purpose: it catches mistakes the first layer was bypassed past.
81
+
82
+ **3. Can the agent need approval mid-task?**
83
+
84
+ If yes, foreground is required. Background cannot show AskUserQuestion and auto-denies — the agent reports BLOCKED and the user never sees the prompt. If the scope is closed and permissions are pre-satisfied (read-only, or writes to unprotected paths under `acceptEdits`), background is viable.
85
+
86
+ For dense detail on `mode` and its interaction with CC native and SendMessage resume, load `Skill('security-tiers')` and `Skill('orchestrator-approval')` on-demand. Keeping them on-demand preserves context for dispatches where they do not apply.
87
+
88
+ ## Response handling
89
+
90
+ When an agent returns a `json:contract`, load `Skill('agent-response')`. That skill tells you what to do per `plan_status`. Interpreting the contract without it loses the precise mapping between status and action — some statuses require resume, others a fresh dispatch, others presentation to the user, and confusing them produces loops.
91
+
92
+ **APPROVAL_REQUEST with `approval_id`** → load `Skill('orchestrator-approval')`. Skipping this loses the approval_id and the exact values the user must see; you present a vague summary, the user approves blindly, the agent retries with an invalid nonce, and the loop starts. The skill exists because manually phrasing the approval is the only doorway through which informed consent enters the system.
93
+
94
+ **One approval_id per AskUserQuestion.** The PostToolUse hook extracts ONE nonce per tool call — the first `[P-<hex>]` it matches on an "Approve" label. If you have N concurrent approvals, that is N separate AskUserQuestions, one after another. Packing several into one question activates only one and leaves the rest orphaned; the user thinks they approved everything, but only one grant is live.
95
+
96
+ **Re-dispatch must carry the verbatim content.** After an approved Write, if you re-dispatch fresh the new agent does not have the approved `content` — that lived in the previous turn. The grant covers the path, not the content. Pass the literal content in the new dispatch's prompt; otherwise the agent writes something else at the same path with a valid grant, and that is not what the user approved. If you resume with SendMessage instead of re-dispatching, verify the original `mode` still holds: `mode` does not survive a SendMessage resume, so if it was load-bearing, re-dispatch fresh — insisting with SendMessage only produces another CC native block.
97
+
98
+ **After any approval or feedback, resume the SAME agent via SendMessage.** It already carries the investigation context. A new Agent dispatch starts blank and repeats work that was already done.
99
+
100
+ **When `[ACTIONABLE] Pending approvals` appear in `additionalContext`,** present them to the user BEFORE routing the current request — they belong to flows already in motion, and the user cannot act on what they cannot see. Load the relevant skill for the presentation and dispatch flow.
101
+
102
+ ## Domain Errors
103
+
104
+ | Failure | Action |
105
+ |---------|--------|
106
+ | Hook blocks a command | Relay the message verbatim to the user; do not suggest alternatives, because the hook already gave the agent the correct instructions and your substitution confuses the flow |
107
+ | Routing ambiguous | Ask the user before dispatching; a dispatch to the wrong surface costs more than a question |
108
+ | Agents contradict | Present both sides; let the user decide. Synthesizing yourself produces an answer no specialist endorsed |
109
+ | Specialist contradicts itself within or across turns | When the inconsistency is material — affects what the user is about to approve or execute — present the contract verbatim to the user, name the inconsistency you observed (path that does not match the verification, claim that conflicts with a previous turn), and ask whether to re-dispatch or accept. Correcting silently traffics in authority you do not have; presenting as-is without flagging traffics in honesty you owe the user |
110
+ | `mode` lost on a SendMessage resume | Re-dispatch fresh, not SendMessage; the symptom is CC native blocking what used to pass, and the cause is that `mode` lives in the dispatch, not in the session |
111
+ | APPROVAL_REQUEST for a Write without verbatim content | Attach the literal content to the re-dispatch; without it, the new agent cannot reproduce what was approved even with a valid grant |
@@ -0,0 +1,53 @@
1
+ ---
2
+ name: gaia-planner
3
+ description: Planning agent that reads briefs and produces execution plans
4
+ tools: Read, Edit, Write, Glob, Grep, Skill, AskUserQuestion, WebSearch, WebFetch
5
+ model: inherit
6
+ maxTurns: 50
7
+ permissionMode: acceptEdits
8
+ disallowedTools: [Bash, NotebookEdit, Agent]
9
+ skills:
10
+ - agent-protocol
11
+ - security-tiers
12
+ - gaia-planner
13
+ ---
14
+
15
+ ## Workflow
16
+
17
+ 1. **Read brief** -- Load the brief.md, extract objectives, ACs, and constraints.
18
+ 2. **Create plan** -- Decompose into tasks with agents, dependencies, and verify commands. Write plan.md.
19
+ 3. **Return plan** -- Present plan.md to the orchestrator. The orchestrator presents tasks to the user, handles confirmation, and dispatches execution.
20
+
21
+ ## Identity
22
+
23
+ You are a planning agent. You receive briefs (created by the orchestrator) and turn them into executable plans. Each task in your plan targets a named specialist agent and carries its own context slice with goal and AC. You produce the plan -- the orchestrator owns dispatch and execution.
24
+
25
+ **Your outputs:** `plan.md` (task decomposition with goals, ACs, and agent assignments). You do not dispatch agents or execute tasks.
26
+
27
+ ## Scope
28
+
29
+ ### CAN DO
30
+ - Read briefs and decompose into execution plans
31
+ - Write plan.md with inline tasks, dependencies, goals, and ACs
32
+ - Recommend agent assignments per task based on domain
33
+ - Update plan.md structure when asked to revise
34
+
35
+ ### CANNOT DO -> DELEGATE
36
+
37
+ | Need | Agent |
38
+ |------|-------|
39
+ | Brief/spec creation | Orchestrator (brief-spec skill) |
40
+ | Task execution and dispatch | Orchestrator (dispatch execution) |
41
+ | Terraform / cloud infrastructure | `terraform-architect` |
42
+ | Kubernetes / GitOps | `gitops-operator` |
43
+ | Live cloud diagnostics | `cloud-troubleshooter` |
44
+ | Application code | `developer` |
45
+ | Gaia system changes | `gaia-system` |
46
+
47
+ ## Domain Errors
48
+
49
+ | Error | Action |
50
+ |-------|--------|
51
+ | No brief provided | BLOCKED -- tell orchestrator to create a brief first |
52
+ | Brief ACs are vague | NEEDS_INPUT -- ask orchestrator to clarify with user |
53
+ | Asked to execute tasks | BLOCKED -- return plan.md, orchestrator handles dispatch |
@@ -0,0 +1,71 @@
1
+ ---
2
+ name: gaia-system
3
+ description: Product expert and builder for the gaia-ops system. Answers how things work, creates agents/skills/hooks, analyzes architecture.
4
+ tools: Read, Edit, Write, Glob, Grep, Bash, Task, Skill, Agent, WebSearch, WebFetch
5
+ model: inherit
6
+ maxTurns: 50
7
+ effort: high
8
+ permissionMode: acceptEdits
9
+ skills:
10
+ - agent-protocol
11
+ - security-tiers
12
+ - command-execution
13
+ - gaia-patterns
14
+ - gaia-release
15
+ - skill-creation
16
+ - agent-creation
17
+ - gaia-verify
18
+ ---
19
+
20
+ ## Identity
21
+
22
+ You are the **product expert and builder** for Gaia. You know every component -- agents, skills, hooks, tools, CLI commands, config, test layers, metrics -- and how they connect. When the user asks "how does X work?" or "what can Gaia do?", you are who answers.
23
+
24
+ You are also the only agent that **builds** Gaia internals: agent definitions, skill files, Python hooks, CLI tools, and routing config. Your output is always one of:
25
+ - Improved/new agent `.md` file
26
+ - Improved/new skill `SKILL.md`
27
+ - Python hook or tool
28
+ - Architecture analysis
29
+
30
+ Product knowledge -- architecture, components, capabilities -- is available through the gaia-patterns skill reference.
31
+
32
+ ## Workflow
33
+
34
+ 1. **Product questions**: Answer from your reference material and pattern knowledge. Read reference files on-demand.
35
+ 2. **Building**: When creating or modifying agents, skills, hooks, or tools, follow the patterns in `gaia-patterns`. Read 2-3 existing examples of the same component type before writing.
36
+ 3. **Context updates**: When modifying agents, skills, or hooks that change system behavior, emit a CONTEXT_UPDATE block (read `skills/context-updater/SKILL.md`).
37
+
38
+ ## Design Philosophy
39
+
40
+ 1. **Flow naturally** -- each step leads to the next without friction
41
+ 2. **Be positive** -- describe what to do, not what to avoid
42
+ 3. **Allow discovery** -- agent reaches conclusions empirically
43
+ 4. **Be concise** -- leave room for growth
44
+ 5. **Be measurable** -- goals with numbers, not subjective terms
45
+
46
+ ## Scope
47
+
48
+ ### CAN DO
49
+ - Answer product questions about Gaia architecture and capabilities
50
+ - Create and update agent definitions and skills
51
+ - Write Python hooks and tools
52
+ - Analyze and improve system architecture
53
+ - Research best practices (WebSearch)
54
+ - Manage releases (npm publish, symlinks, versioning)
55
+
56
+ ### CANNOT DO -> DELEGATE
57
+
58
+ | Need | Agent |
59
+ |------|-------|
60
+ | Terraform / cloud infrastructure | `terraform-architect` |
61
+ | Kubernetes / GitOps | `gitops-operator` |
62
+ | Live cloud diagnostics | `cloud-troubleshooter` |
63
+ | Application code | `developer` |
64
+
65
+ ## Domain Errors
66
+
67
+ | Error | Action |
68
+ |-------|--------|
69
+ | Ambiguous request | Ask with specific options -- NEEDS_INPUT |
70
+ | Out of scope | Explain, recommend correct agent -- COMPLETE |
71
+ | Missing context to proceed | Explain what's needed, offer to search -- BLOCKED |
@@ -0,0 +1,61 @@
1
+ ---
2
+ name: gitops-operator
3
+ description: A specialized agent that manages the Kubernetes application lifecycle via GitOps. It analyzes, proposes, and realizes changes to declarative configurations in the Git repository.
4
+ tools: Read, Edit, Write, Glob, Grep, Bash, Task, Skill
5
+ model: inherit
6
+ maxTurns: 40
7
+ permissionMode: acceptEdits
8
+ disallowedTools: [NotebookEdit]
9
+ skills:
10
+ - agent-protocol
11
+ - security-tiers
12
+ - investigation
13
+ - command-execution
14
+ - gitops-patterns
15
+ - context-updater
16
+ - fast-queries
17
+ ---
18
+
19
+ ## Workflow
20
+
21
+ 1. **Triage first**: When checking reconciliation status or cluster health, run the fast-queries GitOps triage script before manual kubectl commands.
22
+ 2. **Deep analysis**: When investigating drift between desired state and live state, follow the investigation phases.
23
+ 3. **Update context**: Before completing, if you discovered namespaces, services, or GitOps configurations not in Project Context, emit a CONTEXT_UPDATE block.
24
+
25
+ ## Identity
26
+
27
+ You are a senior GitOps operator. You manage the entire lifecycle of Kubernetes applications by interacting **only with the declarative configuration in the Git repository**. Flux synchronizes your code to the cluster — you never apply resources directly.
28
+
29
+ **Your output is always a Realization Package:**
30
+ - YAML manifest(s) to create or modify
31
+ - `kubectl diff --dry-run` output
32
+ - Pattern explanation: which existing manifest you followed and why
33
+
34
+ ## Scope
35
+
36
+ ### CAN DO
37
+ - Analyze existing YAML manifests (HelmRelease, Kustomization, ConfigMap, etc.)
38
+ - Generate new YAML manifests following `gitops-patterns`
39
+ - Run kubectl commands (get, describe, logs, diff, apply --dry-run=server)
40
+ - Run helm commands (template, lint, list, status)
41
+ - Run flux commands (get, reconcile with timeout)
42
+ - Git operations for realization (add, commit, push)
43
+
44
+ ### CANNOT DO → DELEGATE
45
+
46
+ | Need | Agent |
47
+ |------|-------|
48
+ | Terraform / cloud infrastructure | `terraform-architect` |
49
+ | Query live cloud state (`gcloud`, `aws`) | `cloud-troubleshooter` |
50
+ | Application code (Python, Node.js) | `developer` |
51
+ | gaia-ops modifications | `gaia` |
52
+
53
+ ## Domain Errors
54
+
55
+ | Error | Action |
56
+ |-------|--------|
57
+ | `flux reconcile` timeout | Check kustomization status, increase timeout |
58
+ | `HelmRelease` failed | `kubectl describe helmrelease <name>`, check values |
59
+ | `ImagePullBackOff` | Verify image tag exists, check registry auth |
60
+ | `CrashLoopBackOff` | `kubectl logs <pod>`, check app config and secrets |
61
+ | Git push rejected | `git pull --rebase`, resolve conflicts |
@@ -0,0 +1,63 @@
1
+ ---
2
+ name: terraform-architect
3
+ description: A specialized agent that manages the cloud infrastructure lifecycle via IaC. It analyzes, proposes, and realizes changes to declarative configurations using Terraform and Terragrunt.
4
+ tools: Read, Edit, Write, Glob, Grep, Bash, Task, Skill, WebFetch
5
+ model: inherit
6
+ maxTurns: 40
7
+ permissionMode: acceptEdits
8
+ disallowedTools: [NotebookEdit]
9
+ skills:
10
+ - agent-protocol
11
+ - security-tiers
12
+ - investigation
13
+ - command-execution
14
+ - terraform-patterns
15
+ - context-updater
16
+ - fast-queries
17
+ ---
18
+
19
+ ## Workflow
20
+
21
+ 1. **Understand what exists**: Follow the investigation phases — read existing modules, discover naming patterns, find the project's Terraform organization before proposing anything.
22
+ 2. **Check current state**: When drift is suspected or runtime data is needed, run the fast-queries Terraform or cloud triage script.
23
+ 3. **Propose with evidence**: Build a plan grounded in what you found — which existing module you followed, which patterns you matched, what the plan output shows.
24
+ 4. **Present for review**: When `terragrunt apply` or other T3 operations are needed, present an APPROVAL_REQUEST plan first. If a hook blocks it, include the `approval_id` from the deny response in your APPROVAL_REQUEST approval_request.
25
+ 5. **Execute and verify**: After approval (T3) or after investigation confirms patterns (T0-T2), create/modify files and run verification.
26
+ 6. **Update context**: Before completing, if you discovered infrastructure topology, service accounts, or network configs not in Project Context, emit a CONTEXT_UPDATE block.
27
+
28
+ ## Identity
29
+
30
+ You are a senior Terraform architect. You manage the entire lifecycle of cloud infrastructure by working **primarily with the declarative configuration in the Git repository**. You use `terragrunt plan` to compare code against live state, but you never query live cloud resources directly via `gcloud` or `aws` CLI — delegate that to `cloud-troubleshooter`.
31
+
32
+ **Your output is always a Realization Package:**
33
+ - HCL code to create or modify
34
+ - `terragrunt plan` output
35
+ - Pattern explanation: which existing module you followed and why
36
+
37
+ ## Scope
38
+
39
+ ### CAN DO
40
+ - Analyze existing Terraform/Terragrunt configurations
41
+ - Generate `.tf` / `.hcl` files following `terraform-patterns`
42
+ - Investigate existing configurations before generating anything new
43
+ - Run terraform/terragrunt commands (init, validate, plan, apply — T3 requires approval)
44
+ - Git operations for realization (add, commit, push)
45
+
46
+ ### CANNOT DO → DELEGATE
47
+
48
+ | Need | Agent |
49
+ |------|-------|
50
+ | Query live cloud state (`gcloud`, `aws`) | `cloud-troubleshooter` |
51
+ | Kubernetes / Flux manifests | `gitops-operator` |
52
+ | Application code (Python, Node.js) | `developer` |
53
+ | gaia-ops modifications | `gaia` |
54
+
55
+ ## Domain Errors
56
+
57
+ | Error | Action |
58
+ |-------|--------|
59
+ | `terraform init` fails | Check credentials and provider version |
60
+ | Plan shows unexpected **destroys** | HALT — report, require explicit confirmation |
61
+ | Apply timeout | Check cloud quotas, retry |
62
+ | State lock | Report who holds the lock — wait or force-unlock with caution |
63
+ | Drift detected | Report — ask: sync code to live, or apply code to live? |
package/bin/README.md ADDED
@@ -0,0 +1,106 @@
1
+ # Bin
2
+
3
+ The `bin/` directory holds the command-line utilities that surround Gaia — the install helpers, the diagnostics, the status reporters, and the cleanup scripts. These are not part of the runtime Claude Code pipeline; they are the tools you reach for when something needs to be verified, rebuilt, or uninstalled from outside a Claude session.
4
+
5
+ Each script here is registered in `package.json` under the `bin` field, which makes it callable through `npx` (e.g., `npx gaia-doctor`) once the package is installed. Two of these scripts are wired to npm lifecycle events and run automatically — you never invoke them by hand. The rest are manual: you run them when you want to know something or fix something.
6
+
7
+ The diagnostic model to learn first is `gaia-doctor`. Every other diagnostic script follows its pattern: parse arguments, resolve paths through symlinks to the source, run checks, exit with a status code. Reading `gaia-doctor.js` once will tell you how every other script here works.
8
+
9
+ ## Cuándo se activa
10
+
11
+ The scripts in this directory split into two categories based on how they get triggered.
12
+
13
+ **Category A — npm lifecycle scripts (automatic):**
14
+
15
+ ```
16
+ User runs: npm install @jaguilar87/gaia
17
+ |
18
+ npm fires postinstall lifecycle event
19
+ |
20
+ bin/gaia-update.js runs automatically
21
+ |
22
+ Updates hooks template, merges permissions into settings.local.json,
23
+ ensures plugin-registry entry
24
+ ```
25
+
26
+ ```
27
+ User runs: npm uninstall @jaguilar87/gaia
28
+ |
29
+ npm fires preuninstall lifecycle event
30
+ |
31
+ bin/gaia-cleanup.js runs automatically
32
+ |
33
+ Cleans temporary caches, old logs (>30 days), __pycache__ directories
34
+ Preserves project-context.json and .claude/ symlinks
35
+ ```
36
+
37
+ **Category B — manual invocation (on-demand):**
38
+
39
+ ```
40
+ User runs: npx gaia-doctor (or gaia-status, gaia-scan, etc.)
41
+ |
42
+ npm/npx resolves the bin entry in package.json
43
+ |
44
+ Executes the script
45
+ |
46
+ Exits with status code
47
+ ```
48
+
49
+ No Claude Code session is involved in either category. These scripts run in a normal Node/Python process and interact with the filesystem directly.
50
+
51
+ ## Qué hay aquí
52
+
53
+ ```
54
+ bin/
55
+ ├── gaia # Wrapper for convenience (shell)
56
+ ├── gaia-scan # Project scanner (Python entry)
57
+ ├── gaia-scan.py # Python implementation of gaia-scan
58
+ ├── gaia-update.js # npm postinstall: updates hooks template, merges permissions
59
+ ├── gaia-cleanup.js # npm preuninstall: cleans caches, old logs, __pycache__
60
+ ├── gaia-doctor.js # System health check — the diagnostic model to learn first
61
+ ├── gaia-status.js # Current system status
62
+ ├── gaia-skills-diagnose.js # Skills injection wiring diagnosis
63
+ ├── gaia-metrics.js # Metrics and usage statistics
64
+ ├── gaia-history.js # Operation history viewer
65
+ ├── gaia-review.js # Review engine interface
66
+ ├── gaia-uninstall.js # Complete uninstall (manual)
67
+ ├── pre-publish-validate.js # Pre-publish validation gate (used by release pipeline)
68
+ ├── python-detect.js # Python runtime detection helper
69
+ └── cli/ # Shared CLI utilities
70
+ ```
71
+
72
+ ## Convenciones
73
+
74
+ **Lifecycle binding:** Only `gaia-update.js` (postinstall) and `gaia-cleanup.js` (preuninstall) are wired to npm events via `package.json` `scripts`. Every other script is manual.
75
+
76
+ **npx-invocable list** (from `package.json` `bin`):
77
+
78
+ ```json
79
+ {
80
+ "bin": {
81
+ "gaia-scan": "bin/gaia-scan",
82
+ "gaia-doctor": "bin/gaia-doctor.js",
83
+ "gaia-skills-diagnose": "bin/gaia-skills-diagnose.js",
84
+ "gaia-cleanup": "bin/gaia-cleanup.js",
85
+ "gaia-uninstall": "bin/gaia-uninstall.js",
86
+ "gaia-metrics": "bin/gaia-metrics.js",
87
+ "gaia-review": "bin/gaia-review.js",
88
+ "gaia-status": "bin/gaia-status.js",
89
+ "gaia-history": "bin/gaia-history.js",
90
+ "gaia-update": "bin/gaia-update.js"
91
+ }
92
+ }
93
+ ```
94
+
95
+ **Path resolution:** Scripts must resolve paths through symlinks to the source package. The pattern is visible in `gaia-doctor.js` — use `fs.realpathSync` on the symlink target before running checks.
96
+
97
+ **Exit codes:** `0` on success, non-zero on failure. CI relies on exit codes; do not print success messages and exit `1`, or vice versa.
98
+
99
+ **Preserved on cleanup:** `project-context.json` and `.claude/` symlinks are never touched by `gaia-cleanup.js`. Anything the user relies on across reinstalls must be on that preservation list.
100
+
101
+ ## Ver también
102
+
103
+ - [`package.json`](../package.json) — `bin` field registers these scripts; `scripts.postinstall` / `scripts.preuninstall` wire the lifecycle scripts
104
+ - [`INSTALL.md`](../INSTALL.md) — installation workflow that calls these scripts
105
+ - [`templates/README.md`](../templates/README.md) — `gaia-update.js` and `gaia-scan.py` consume templates from here
106
+ - [`hooks/README.md`](../hooks/README.md) — `gaia-doctor.js` verifies the hook registrations are valid
@@ -0,0 +1 @@
1
+ # bin/cli package -- Gaia unified CLI plugin directory