@kody-ade/kody-engine 0.4.198 → 0.4.199

package/README.md

@@ -92,7 +92,7 @@ Executable directories contain **only** three kinds of files: `profile.json` (de
 npx -y -p @kody-ade/kody-engine@latest kody init
 ```
 
-`kody init` scaffolds [kody.config.json](kody.config.schema.json), [.github/workflows/kody.yml](templates/kody.yml), and per-scheduled-executable workflow files. Idempotent — pass `--force` to overwrite.
+`kody init` scaffolds [kody.config.json](kody.config.schema.json), `.github/workflows/kody.yml` (generated from `WORKFLOW_TEMPLATE` in [src/scripts/initFlow.ts](src/scripts/initFlow.ts)), and per-scheduled-executable workflow files. Idempotent — pass `--force` to overwrite.
 
 Required repo secrets: at least one model provider key (e.g. `MINIMAX_API_KEY`, `ANTHROPIC_API_KEY`). Recommended: `KODY_TOKEN` PAT so kody's commits trigger downstream CI and can modify `.github/workflows/*`.
 

package/dist/bin/kody.js

@@ -605,8 +605,11 @@ function listRepairCandidates(repoSlug) {
 function dispatchVerb(workflowFile, executable, prNumber) {
   return dispatchWorkflow(workflowFile, executable, prNumber);
 }
-function postRecommendation(prNumber, mention, message) {
-  const body = mention ? `${mention} ${message}` : message;
+function postRecommendation(prNumber, mention, message, dutySlug) {
+  const mentioned = mention ? `${mention} ${message}` : message;
+  const body = dutySlug ? `${mentioned}
+
+<!-- kody-duty: ${dutySlug} -->` : mentioned;
   try {
     gh(["pr", "comment", String(prNumber), "--body", body]);
     return { ok: true };
@@ -761,7 +764,7 @@ function buildDutyMcpServer(opts) {
       body: z3.string().min(1).describe("Comment body (markdown). Do not include the operator mention \u2014 the engine prepends it.")
     },
     async (args) => {
-      const result = postRecommendation(args.pr, opts.operatorMention, args.body);
+      const result = postRecommendation(args.pr, opts.operatorMention, args.body, opts.dutySlug);
       const text = result.ok ? `Recommendation posted on PR #${args.pr}.` : `Recommendation failed on PR #${args.pr}: ${result.error}`;
       return {
         content: [{ type: "text", text }]
@@ -1428,7 +1431,7 @@ var init_loadPriorArt = __esm({
 // package.json
 var package_default = {
   name: "@kody-ade/kody-engine",
-  version: "0.4.198",
+  version: "0.4.199",
   description: "kody \u2014 autonomous development engine. Single-session Claude Code agent behind a generic executor + declarative executable profiles.",
   license: "MIT",
   type: "module",
@@ -1456,7 +1459,8 @@ var package_default = {
     lint: "biome check",
     "lint:fix": "biome check --write",
     format: "biome format --write",
-    prepublishOnly: "pnpm build"
+    "brain:publish": "docker buildx build --platform linux/amd64 -f runner/Dockerfile.brain -t ghcr.io/${KODY_BRAIN_GHCR_OWNER:-aharonyaircohen}/kody-brain:latest --push runner",
+    prepublishOnly: "pnpm typecheck && pnpm test && pnpm build"
   },
   dependencies: {
     "@actions/cache": "^6.0.0",
@@ -1770,7 +1774,8 @@ function loadConfig(projectDir = process.cwd()) {
       repo: String(github.repo)
     },
     agent: {
-      model: String(agent.model)
+      model: String(agent.model),
+      ...parsePerExecutable(agent.perExecutable)
     },
     issueContext: parseIssueContext(raw.issueContext),
     testRequirements: parseTestRequirements(raw.testRequirements),
@@ -1851,6 +1856,14 @@ function mergeAliases(raw) {
   }
   return out;
 }
+function parsePerExecutable(raw) {
+  if (!raw || typeof raw !== "object") return {};
+  const out = {};
+  for (const [k, v] of Object.entries(raw)) {
+    if (typeof v === "string" && v.length > 0) out[k] = v;
+  }
+  return Object.keys(out).length > 0 ? { perExecutable: out } : {};
+}
 function parseClassifyConfig(raw) {
   if (!raw || typeof raw !== "object") return void 0;
   const r = raw;
@@ -2136,7 +2149,8 @@ async function runAgent(opts) {
         }
         const dutyHandle = buildDutyMcpServer2({
           repoSlug: opts.dutyRepoSlug,
-          operatorMention: opts.dutyOperatorMention ?? ""
+          operatorMention: opts.dutyOperatorMention ?? "",
+          ...opts.dutyDutySlug ? { dutySlug: opts.dutyDutySlug } : {}
         });
         mcpEntries.push(["kody-duty", dutyHandle.server]);
       }
@@ -3408,7 +3422,7 @@ function autoDispatch(opts) {
   const rawBody = String(event.comment?.body ?? "");
   const authorLogin = String(event.comment?.user?.login ?? "");
   const authorType = String(event.comment?.user?.type ?? "");
-  if (!rawBody.toLowerCase().includes("@kody")) return null;
+  if (!hasKodyMention(rawBody)) return null;
   const isBotAuthor = authorLogin === "kody-bot" || authorType === "Bot";
   if (!associationAllowed(event, opts?.config)) return null;
   const body = rawBody.toLowerCase();
@@ -3554,10 +3568,15 @@ function associationAllowed(event, config) {
   const assoc = String(event.comment?.author_association ?? "").toUpperCase();
   return allowed.includes(assoc);
 }
+var KODY_MENTION_RE = /(?:^|\s)@kody(?=\s|$|[^\w-])/i;
+function hasKodyMention(body) {
+  return KODY_MENTION_RE.test(body);
+}
 function extractAfterTag(body) {
-  const idx = body.indexOf("@kody");
-  if (idx === -1) return body;
-  return body.slice(idx + "@kody".length).trim();
+  const m = body.match(KODY_MENTION_RE);
+  if (!m || m.index === void 0) return body;
+  const at = body.indexOf("@kody", m.index);
+  return body.slice(at + "@kody".length).trim();
 }
 function extractSubcommand(afterTag) {
   const match = afterTag.match(/^([a-z][a-z0-9-]{1,40})\b/);
@@ -4406,10 +4425,22 @@ async function startLitellmIfNeeded(model, projectDir, url = LITELLM_DEFAULT_URL
     }
   };
   const killChild = () => {
+    const pid = child?.pid;
+    if (typeof pid !== "number") return;
     try {
-      child?.kill();
+      process.kill(-pid, "SIGTERM");
     } catch {
+      try {
+        child?.kill();
+      } catch {
+      }
     }
+    setTimeout(() => {
+      try {
+        process.kill(-pid, "SIGKILL");
+      } catch {
+      }
+    }, 2e3).unref?.();
   };
   const ensureHealthy = async () => {
     if (await checkLitellmHealth(url)) return true;
@@ -4658,7 +4689,7 @@ function pushWithRetry(opts = {}) {
         attempts: attempt
       };
     }
-    const rebase = runGit(["rebase", `origin/${branch}`], cwd);
+    const rebase = runGit(["rebase", "--rebase-merges", `origin/${branch}`], cwd);
     if (!rebase.ok) {
       runGit(["rebase", "--abort"], cwd);
       return {
@@ -4811,6 +4842,13 @@ function commitAndPush(branch, agentMessage, cwd) {
   if (allowedFiles.length === 0 && !mergeHeadExists) {
     return { committed: false, pushed: false, sha: "", message: "" };
   }
+  const forbiddenFiles = allChanged.filter((f) => isForbiddenPath(f));
+  for (const f of forbiddenFiles) {
+    try {
+      git(["reset", "-q", "--", f], cwd);
+    } catch {
+    }
+  }
   for (const f of allowedFiles) {
     try {
       git(["add", "--", f], cwd);
@@ -4911,29 +4949,43 @@ function findStateComment(target, number, cwd) {
   }
   return null;
 }
+var CorruptStateError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "CorruptStateError";
+  }
+};
 function parseStateComment(body) {
   const beginIdx = body.indexOf(STATE_BEGIN);
+  if (beginIdx < 0) return emptyState();
   const endIdx = body.lastIndexOf(STATE_END);
-  if (beginIdx < 0 || endIdx < 0 || endIdx <= beginIdx) return emptyState();
+  if (endIdx < 0 || endIdx <= beginIdx) {
+    throw new CorruptStateError("STATE_BEGIN present but STATE_END missing or misordered (truncated comment?)");
+  }
   const between = body.slice(beginIdx + STATE_BEGIN.length, endIdx).trim();
   const OPEN = "```json";
   const CLOSE = "```";
-  if (!between.startsWith(OPEN) || !between.endsWith(CLOSE)) return emptyState();
+  if (!between.startsWith(OPEN) || !between.endsWith(CLOSE)) {
+    throw new CorruptStateError("state fence malformed (expected ```json\u2026``` between markers)");
+  }
   const jsonStr = between.slice(OPEN.length, between.length - CLOSE.length).trim();
+  let parsed;
   try {
-    const parsed = JSON.parse(jsonStr);
-    if (parsed?.schemaVersion !== 1) return emptyState();
-    return {
-      schemaVersion: 1,
-      core: { ...emptyState().core, ...parsed.core },
-      executables: parsed.executables ?? {},
-      artifacts: parsed.artifacts && typeof parsed.artifacts === "object" ? parsed.artifacts : {},
-      history: Array.isArray(parsed.history) ? parsed.history : [],
-      flow: parsed.flow
-    };
-  } catch {
-    return emptyState();
+    parsed = JSON.parse(jsonStr);
+  } catch (err) {
+    throw new CorruptStateError(`state JSON unparseable (truncated comment?): ${err instanceof Error ? err.message : String(err)}`);
+  }
+  if (parsed?.schemaVersion !== 1) {
+    throw new CorruptStateError(`unexpected schemaVersion: ${JSON.stringify(parsed?.schemaVersion)}`);
   }
+  return {
+    schemaVersion: 1,
+    core: { ...emptyState().core, ...parsed.core },
+    executables: parsed.executables ?? {},
+    artifacts: parsed.artifacts && typeof parsed.artifacts === "object" ? parsed.artifacts : {},
+    history: Array.isArray(parsed.history) ? parsed.history : [],
+    flow: parsed.flow
+  };
 }
 function reduce(state, executable, action, phase) {
   if (!action) return state;
@@ -5312,6 +5364,12 @@ function getApiKey() {
   }
   return key;
 }
+function isSafeChatId(id) {
+  if (!id || id.length > 200) return false;
+  if (id.startsWith("/") || id.includes("\\")) return false;
+  if (/[^a-zA-Z0-9._/-]/.test(id)) return false;
+  return id.split("/").every((seg) => seg !== "" && seg !== "." && seg !== "..");
+}
 function authOk(req, expected) {
   const xApiKey = req.headers["x-api-key"]?.trim();
   if (xApiKey && xApiKey === expected) return true;
@@ -5525,8 +5583,8 @@ function buildServer(opts) {
     const m = url.pathname.match(/^\/chats\/([^/]+)\/messages\/?$/);
     if (req.method === "POST" && m) {
       const chatId = decodeURIComponent(m[1] ?? "");
-      if (!chatId) {
-        sendJson(res, 400, { error: "chatId required" });
+      if (!chatId || !isSafeChatId(chatId)) {
+        sendJson(res, 400, { error: "invalid chatId" });
         return;
       }
       await handleChatTurn(req, res, chatId, {
@@ -5542,8 +5600,8 @@ function buildServer(opts) {
     const sm = url.pathname.match(/^\/chats\/([^/]+)\/stream\/?$/);
     if (req.method === "GET" && sm) {
       const chatId = decodeURIComponent(sm[1] ?? "");
-      if (!chatId) {
-        sendJson(res, 400, { error: "chatId required" });
+      if (!chatId || !isSafeChatId(chatId)) {
+        sendJson(res, 400, { error: "invalid chatId" });
         return;
       }
       const sinceRaw = url.searchParams.get("since");
@@ -9823,7 +9881,25 @@ var loadTaskState = async (ctx) => {
     ctx.data.taskState = emptyState();
     return;
   }
-  ctx.data.taskState = readTaskState(target, number, ctx.cwd);
+  try {
+    ctx.data.taskState = readTaskState(target, number, ctx.cwd);
+  } catch (err) {
+    if (err instanceof CorruptStateError) {
+      process.stderr.write(
+        `[kody state] CORRUPT state on ${target} #${number}: ${err.message} \u2014 healing to empty and bailing so committed work isn't silently redone.
+`
+      );
+      try {
+        writeTaskState(target, number, emptyState(), ctx.cwd);
+      } catch {
+      }
+      ctx.skipAgent = true;
+      ctx.output.exitCode = 99;
+      ctx.output.reason = `corrupt task state on ${target} #${number}: ${err.message}`;
+      return;
+    }
+    throw err;
+  }
 };
 
 // src/scripts/loadWorkerAdhoc.ts
@@ -10281,72 +10357,32 @@ function makeAction2(type, payload) {
   return { type, payload, timestamp: (/* @__PURE__ */ new Date()).toISOString() };
 }
 
-// src/scripts/parseIssueStateFromAgentResult.ts
+// src/scripts/stateEnvelope.ts
 function isPartialEnvelope(x) {
   if (x === null || typeof x !== "object") return false;
   const o = x;
   return typeof o.cursor === "string" && o.cursor.length > 0 && typeof o.done === "boolean" && o.data !== null && typeof o.data === "object" && !Array.isArray(o.data);
 }
-var parseIssueStateFromAgentResult = async (ctx, _profile, agentResult, args) => {
-  const fenceLabel = String(args?.fenceLabel ?? "");
-  if (!fenceLabel) {
-    throw new Error("parseIssueStateFromAgentResult: `with.fenceLabel` is required");
-  }
-  if (!agentResult) {
-    ctx.data.nextStateParseError = "agent did not run";
-    return;
-  }
-  const fenceRegex = new RegExp("```" + escapeRegex(fenceLabel) + "\\s*\\n([\\s\\S]*?)\\n```", "m");
-  const match = fenceRegex.exec(agentResult.finalText);
-  if (!match) {
-    ctx.data.nextStateParseError = `agent did not emit a \`${fenceLabel}\` fenced block`;
-    return;
-  }
-  let parsed;
-  try {
-    parsed = JSON.parse(match[1].trim());
-  } catch (err) {
-    ctx.data.nextStateParseError = `state JSON parse error: ${err instanceof Error ? err.message : String(err)}`;
-    return;
-  }
-  if (!isPartialEnvelope(parsed)) {
-    ctx.data.nextStateParseError = "state must be an object with string `cursor`, object `data`, and boolean `done`";
-    return;
-  }
-  const loaded = ctx.data.issueStateComment;
-  const prevRev = loaded?.state.rev ?? 0;
-  const next = {
-    version: 1,
-    rev: prevRev + 1,
-    cursor: parsed.cursor,
-    data: parsed.data,
-    done: parsed.done
-  };
-  ctx.data.nextIssueState = next;
-};
 function escapeRegex(s) {
   return s.replace(/[-/\\^$*+?.()|[\]{}]/g, "\\$&");
 }
-
-// src/scripts/parseJobStateFromAgentResult.ts
-function isPartialEnvelope2(x) {
-  if (x === null || typeof x !== "object") return false;
-  const o = x;
-  return typeof o.cursor === "string" && o.cursor.length > 0 && typeof o.done === "boolean" && o.data !== null && typeof o.data === "object" && !Array.isArray(o.data);
+function extractFencedBlock(text, label) {
+  const re = new RegExp(`\`\`\`${escapeRegex(label)}\\s*\\n([\\s\\S]*?)\\n\`\`\``, "m");
+  const m = re.exec(text);
+  return m ? m[1].trim() : null;
 }
 function extractNextStateFromText(text, fenceLabel, prevRev) {
-  const fenceRegex = new RegExp(`\`\`\`${escapeRegex2(fenceLabel)}\\s*\\n([\\s\\S]*?)\\n\`\`\``, "m");
-  const match = fenceRegex.exec(text);
-  if (!match) {
+  const inner = extractFencedBlock(text, fenceLabel);
+  if (inner === null) {
     return { error: `missing \`${fenceLabel}\` fenced block` };
   }
   let parsed;
   try {
-    parsed = JSON.parse(match[1].trim());
+    parsed = JSON.parse(inner);
   } catch (err) {
     return { error: `state JSON parse error: ${err instanceof Error ? err.message : String(err)}` };
   }
-  if (!isPartialEnvelope2(parsed)) {
+  if (!isPartialEnvelope(parsed)) {
     return { error: "state must be an object with string `cursor`, object `data`, and boolean `done`" };
   }
   const envelope = {
@@ -10358,6 +10394,28 @@ function extractNextStateFromText(text, fenceLabel, prevRev) {
   };
   return { envelope };
 }
+
+// src/scripts/parseIssueStateFromAgentResult.ts
+var parseIssueStateFromAgentResult = async (ctx, _profile, agentResult, args) => {
+  const fenceLabel = String(args?.fenceLabel ?? "");
+  if (!fenceLabel) {
+    throw new Error("parseIssueStateFromAgentResult: `with.fenceLabel` is required");
+  }
+  if (!agentResult) {
+    ctx.data.nextStateParseError = "agent did not run";
+    return;
+  }
+  const loaded = ctx.data.issueStateComment;
+  const prevRev = loaded?.state.rev ?? 0;
+  const result = extractNextStateFromText(agentResult.finalText, fenceLabel, prevRev);
+  if (result.error) {
+    ctx.data.nextStateParseError = result.error.startsWith("missing `") ? `agent did not emit a \`${fenceLabel}\` fenced block` : result.error;
+    return;
+  }
+  ctx.data.nextIssueState = result.envelope;
+};
+
+// src/scripts/parseJobStateFromAgentResult.ts
 var parseJobStateFromAgentResult = async (ctx, _profile, agentResult, args) => {
   const fenceLabel = String(args?.fenceLabel ?? "");
   if (!fenceLabel) {
@@ -10398,9 +10456,6 @@ var parseJobStateFromAgentResult = async (ctx, _profile, agentResult, args) => {
   }
   ctx.data.nextJobState = result.envelope;
 };
-function escapeRegex2(s) {
-  return s.replace(/[-/\\^$*+?.()|[\]{}]/g, "\\$&");
-}
 
 // src/scripts/parseReproOutput.ts
 var parseReproOutput = async (ctx, _profile, agentResult) => {
@@ -11324,17 +11379,25 @@ var poolServe = async (ctx) => {
   });
 };
 
-// src/scripts/postAgentComment.ts
+// src/scripts/postAgentSummaryComment.ts
 init_issue();
-var postAgentComment = async (ctx) => {
+function postAgentSummaryComment(ctx, opts = {}) {
   if (!ctx.data.agentDone) return;
+  const targetType = ctx.data.commentTargetType;
   const targetNumber = Number(ctx.data.commentTargetNumber ?? 0);
-  const answer = ctx.data.prSummary?.trim();
-  if (!targetNumber || !answer) return;
+  const body = ctx.data.prSummary?.trim();
+  if (!targetNumber || !body) return;
+  if (opts.issueOnly && targetType !== "issue") return;
+  const rendered = opts.render ? opts.render(targetNumber, body) : body;
   try {
-    postIssueComment(targetNumber, answer, ctx.cwd);
+    postIssueComment(targetNumber, rendered, ctx.cwd);
   } catch {
   }
+}
+
+// src/scripts/postAgentComment.ts
+var postAgentComment = async (ctx) => {
+  postAgentSummaryComment(ctx);
 };
 
 // src/scripts/postIssueComment.ts
@@ -11475,19 +11538,12 @@ function postWith(type, n, body, cwd) {
 }
 
 // src/scripts/postPlanComment.ts
-init_issue();
 var postPlanComment = async (ctx) => {
-  if (!ctx.data.agentDone) return;
-  const targetType = ctx.data.commentTargetType;
-  const targetNumber = Number(ctx.data.commentTargetNumber ?? 0);
-  const plan = ctx.data.prSummary?.trim();
-  if (targetType !== "issue" || !targetNumber || !plan) return;
   const flowActive = Boolean(ctx.data.taskState?.flow);
-  const body = renderPlanComment(targetNumber, plan, { flowActive });
-  try {
-    postIssueComment(targetNumber, body, ctx.cwd);
-  } catch {
-  }
+  postAgentSummaryComment(ctx, {
+    issueOnly: true,
+    render: (n, plan) => renderPlanComment(n, plan, { flowActive })
+  });
 };
 function renderPlanComment(issueNumber, plan, opts) {
   const head = `## Plan for issue #${issueNumber}
@@ -11506,17 +11562,8 @@ Comment \`kody run\` (prefixed with \`@\`) to execute this plan.`;
 }
 
 // src/scripts/postResearchComment.ts
-init_issue();
 var postResearchComment = async (ctx) => {
-  if (!ctx.data.agentDone) return;
-  const targetType = ctx.data.commentTargetType;
-  const targetNumber = Number(ctx.data.commentTargetNumber ?? 0);
-  const body = ctx.data.prSummary?.trim();
-  if (targetType !== "issue" || !targetNumber || !body) return;
-  try {
-    postIssueComment(targetNumber, renderResearchComment(targetNumber, body), ctx.cwd);
-  } catch {
-  }
+  postAgentSummaryComment(ctx, { issueOnly: true, render: renderResearchComment });
 };
 function renderResearchComment(issueNumber, body) {
   return `## Research for issue #${issueNumber}
@@ -14479,6 +14526,9 @@ async function runExecutable(profileName, input) {
       // up the in-process `kody-duty` MCP server with the right context.
       enableDutyTool: Array.isArray(ctx.data.dutyTools) && ctx.data.dutyTools.length > 0,
       dutyOperatorMention: typeof ctx.data.dutyOperatorMention === "string" ? ctx.data.dutyOperatorMention : void 0,
+      // Stamp the running duty's slug onto recommendations so the dashboard
+      // keys trust per duty (not per persona). `jobSlug` is set by loadJobFromFile.
+      dutyDutySlug: typeof ctx.data.jobSlug === "string" ? ctx.data.jobSlug : void 0,
       // owner/repo from kody.config.json; envelope falls back to GITHUB_REPOSITORY
       // for tester repos that don't set config.github (the file isn't always
       // checked in). Either way, dutyMcp needs "owner/name" to hit the compare API.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kody-ade/kody-engine",
-  "version": "0.4.198",
+  "version": "0.4.199",
   "description": "kody — autonomous development engine. Single-session Claude Code agent behind a generic executor + declarative executable profiles.",
   "license": "MIT",
   "type": "module",
@@ -50,6 +50,7 @@
     "typecheck": "tsc --noEmit",
     "lint": "biome check",
     "lint:fix": "biome check --write",
-    "format": "biome format --write"
+    "format": "biome format --write",
+    "brain:publish": "docker buildx build --platform linux/amd64 -f runner/Dockerfile.brain -t ghcr.io/${KODY_BRAIN_GHCR_OWNER:-aharonyaircohen}/kody-brain:latest --push runner"
   }
 }

package/templates/kody.yml

@@ -1,102 +0,0 @@
-# Drop this file at .github/workflows/kody.yml in your repo.
-#
-# Triggers forward every relevant event to `kody`; the engine decides what
-# (if anything) to do. The job runs `npx kody` — no shell branching, no
-# routing logic in YAML. All orchestration lives in the kody npm package;
-# future capabilities ship via `npm publish`, not by editing this file.
-#
-# Required repo secrets: at least one model provider key (e.g. MINIMAX_API_KEY,
-# ANTHROPIC_API_KEY). kody reads any *_API_KEY secret automatically via
-# toJSON(secrets) — no need to list them here.
-#
-# Recommended: KODY_TOKEN secret — a fine-grained PAT or GitHub App token
-# with `repo` + `read:org` + `workflow` scopes. Without it, kody's
-# commits/PR-creation still work via github.token, but three things degrade:
-#   1. PR body updates fail with "token lacks read:org scope" (cosmetic).
-#   2. Pushes from kody won't trigger downstream workflows.
-#   3. Any commit that modifies `.github/workflows/*` is REJECTED by
-#      GitHub — the default GITHUB_TOKEN can't touch workflow files.
-# Set KODY_TOKEN in repo Settings → Secrets → Actions.
-
-name: kody
-
-on:
-  workflow_dispatch:
-    inputs:
-      issue_number:
-        description: "GitHub issue number (agent mode)"
-        type: string
-        default: ""
-      sessionId:
-        description: "Chat session ID (chat mode, from Kody-Dashboard)"
-        type: string
-        default: ""
-      message:
-        description: "Initial chat message (optional)"
-        type: string
-        default: ""
-      model:
-        description: "Model override (optional, e.g. anthropic/claude-haiku-4-5-20251001)"
-        type: string
-        default: ""
-      dashboardUrl:
-        description: "Dashboard event ingest URL with inline ?token=... (chat mode)"
-        type: string
-        default: ""
-      executable:
-        description: "Stage to run for issue_number (default: run). goal-tick sets classify."
-        type: string
-        default: ""
-      base:
-        description: "Stacked-PR base branch for issue_number (goal-tick stacked dispatch)."
-        type: string
-        default: ""
-  issue_comment:
-    types: [created]
-  pull_request:
-    types: [closed]
-  schedule:
-    # Wakes every 30 minutes; kody fans out to whichever scheduled executables
-    # (job-scheduler, memorize, watch-stale-prs, …) match this tick.
-    #
-    # `memorize` writes to `.kody/vault/` and opens a daily PR. If your
-    # `.gitignore` ignores `.kody/*`, add `!.kody/vault/` and `!.kody/vault/**`
-    # so memorize's pages are tracked.
-    - cron: "*/15 * * * *"
-
-jobs:
-  run:
-    if: ${{ github.event_name != 'pull_request' || github.event.pull_request.merged == true }}
-    runs-on: ubuntu-latest
-    timeout-minutes: 360
-    concurrency:
-      group: kody-${{ inputs.sessionId || inputs.issue_number || github.event.issue.number || github.sha }}
-      cancel-in-progress: false
-    permissions:
-      issues: write
-      pull-requests: write
-      contents: write
-      actions: read
-      id-token: write # OIDC: lets preview-build federate into Namespace remote builders
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          ref: ${{ github.event.pull_request.base.ref || github.ref }}
-          token: ${{ secrets.KODY_TOKEN || github.token }}
-
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 22
-
-      - uses: actions/setup-python@v5
-        with:
-          python-version: "3.12"
-
-      - env:
-          ALL_SECRETS:   ${{ toJSON(secrets) }}
-          SESSION_ID:    ${{ inputs.sessionId }}
-          INIT_MESSAGE:  ${{ inputs.message }}
-          MODEL:         ${{ inputs.model }}
-          DASHBOARD_URL: ${{ inputs.dashboardUrl }}
-        run: npx -y -p @kody-ade/kody-engine@0.4.120 kody-engine