@kokorolx/ai-sandbox-wrapper 3.4.2 → 3.4.3-beta.2

package/setup.sh

@@ -281,8 +281,8 @@ echo "📁 Legacy workspaces file: $WORKSPACES_FILE"
 WORKSPACE="${WORKSPACES[0]}"
 
 # Tool definitions
-TOOL_OPTIONS="amp,opencode,openclaw,droid,claude,gemini,kilo,qwen,codex,qoder,auggie,codebuddy,jules,shai"
-TOOL_DESCS="AI coding assistant from @sourcegraph/amp,Open-source coding tool from opencode-ai,OpenClaw AI gateway (Docker Compose),Factory CLI from factory.ai,Claude Code CLI from Anthropic,Google Gemini CLI (free tier),AI pair programmer (Git-native),Kilo Code (500+ models),Alibaba Qwen CLI (1M context),OpenAI Codex terminal agent,Qoder AI CLI assistant,Augment Auggie CLI,Tencent CodeBuddy CLI,Google Jules CLI,OVHcloud SHAI agent"
+TOOL_OPTIONS="amp,opencode,openclaw,open-design,droid,claude,gemini,kilo,qwen,codex,qoder,auggie,codebuddy,jules,shai"
+TOOL_DESCS="AI coding assistant from @sourcegraph/amp,Open-source coding tool from opencode-ai,OpenClaw AI gateway (Docker Compose),Open Design daemon (HTTP service — agent-driven design generation),Factory CLI from factory.ai,Claude Code CLI from Anthropic,Google Gemini CLI (free tier),AI pair programmer (Git-native),Kilo Code (500+ models),Alibaba Qwen CLI (1M context),OpenAI Codex terminal agent,Qoder AI CLI assistant,Augment Auggie CLI,Tencent CodeBuddy CLI,Google Jules CLI,OVHcloud SHAI agent"
 
 # Pre-select previously installed tools
 PRESELECTED_TOOLS=""
@@ -303,7 +303,7 @@ echo "Installing tools: ${TOOLS[*]}"
 
 CONTAINERIZED_TOOLS=()
 for tool in "${TOOLS[@]}"; do
-  if [[ "$tool" =~ ^(amp|opencode|openclaw|claude|aider|droid|gemini|kilo|qwen|codex|qoder|auggie|codebuddy|jules|shai)$ ]]; then
+  if [[ "$tool" =~ ^(amp|opencode|openclaw|open-design|claude|aider|droid|gemini|kilo|qwen|codex|qoder|auggie|codebuddy|jules|shai)$ ]]; then
     CONTAINERIZED_TOOLS+=("$tool")
   fi
 done
@@ -311,8 +311,8 @@ done
 echo ""
 if [[ ${#CONTAINERIZED_TOOLS[@]} -gt 0 ]]; then
   # Category 1: AI Enhancement Tools (spec-driven development, UI/UX, browser automation)
-  AI_TOOL_OPTIONS="spec-kit,ux-ui-promax,openspec,playwright,rtk"
-  AI_TOOL_DESCS="Spec-driven development toolkit,UI/UX design intelligence tool,OpenSpec - spec-driven development,Browser automation + Chromium/Firefox/WebKit (~500MB),RTK token optimizer - reduces LLM token usage by 60-90% (~5MB)"
+  AI_TOOL_OPTIONS="spec-kit,ux-ui-promax,openspec,playwright,rtk,pup,open-design"
+  AI_TOOL_DESCS="Spec-driven development toolkit,UI/UX design intelligence tool,OpenSpec - spec-driven development,Browser automation + Chromium/Firefox/WebKit (~500MB),RTK token optimizer - reduces LLM token usage by 60-90% (~5MB),Datadog Pup CLI - AI-agent-ready observability CLI (~10MB),Open Design daemon - AI design generation service (port 7456)"
 
   multi_select "Select AI Enhancement Tools (installed in containers)" "$AI_TOOL_OPTIONS" "$AI_TOOL_DESCS"
   AI_ENHANCEMENT_TOOLS=("${SELECTED_ITEMS[@]}")
@@ -390,6 +390,8 @@ if [[ $NEEDS_BASE_IMAGE -eq 1 ]]; then
   INSTALL_CHROME_DEVTOOLS_MCP="${INSTALL_CHROME_DEVTOOLS_MCP:-0}"
   INSTALL_PLAYWRIGHT_MCP="${INSTALL_PLAYWRIGHT_MCP:-0}"
   INSTALL_RTK="${INSTALL_RTK:-0}"
+  INSTALL_PUP="${INSTALL_PUP:-0}"
+  INSTALL_OPEN_DESIGN="${INSTALL_OPEN_DESIGN:-0}"
 
   for addon in "${ADDITIONAL_TOOLS[@]}"; do
     case "$addon" in
@@ -417,10 +419,16 @@ if [[ $NEEDS_BASE_IMAGE -eq 1 ]]; then
       rtk)
         INSTALL_RTK=1
         ;;
+      pup)
+        INSTALL_PUP=1
+        ;;
+      open-design)
+        INSTALL_OPEN_DESIGN=1
+        ;;
     esac
   done
 
-  export INSTALL_SPEC_KIT INSTALL_UX_UI_PROMAX INSTALL_OPENSPEC INSTALL_PLAYWRIGHT INSTALL_RUBY INSTALL_CHROME_DEVTOOLS_MCP INSTALL_PLAYWRIGHT_MCP INSTALL_RTK
+  export INSTALL_SPEC_KIT INSTALL_UX_UI_PROMAX INSTALL_OPENSPEC INSTALL_PLAYWRIGHT INSTALL_RUBY INSTALL_CHROME_DEVTOOLS_MCP INSTALL_PLAYWRIGHT_MCP INSTALL_RTK INSTALL_PUP INSTALL_OPEN_DESIGN
   
   # Save MCP selections to ~/.ai-sandbox/config.json for ai-run auto-configuration
   SANDBOX_CONFIG="$HOME/.ai-sandbox/config.json"
@@ -435,6 +443,54 @@ if [[ $NEEDS_BASE_IMAGE -eq 1 ]]; then
     jq --argjson mcp "$MCP_INSTALLED" '.mcp.installed = $mcp' "$SANDBOX_CONFIG" > "$SANDBOX_CONFIG.tmp" && mv "$SANDBOX_CONFIG.tmp" "$SANDBOX_CONFIG"
     chmod 600 "$SANDBOX_CONFIG"
     echo "✅ MCP tool selections saved to config"
+
+    # Auto-detect host browser for ai-run's "Host Chrome CDP mode". That mode
+    # is gated on .mcp.chromePath being set in config.json, but setup never
+    # wrote it -- users had to manually edit the file. Detect a sensible
+    # default the first time an MCP browser tool is selected; preserve any
+    # existing value the user set themselves.
+    if [[ "$INSTALL_CHROME_DEVTOOLS_MCP" -eq 1 || "$INSTALL_PLAYWRIGHT_MCP" -eq 1 ]]; then
+      EXISTING_CHROME_PATH=$(jq -r '.mcp.chromePath // empty' "$SANDBOX_CONFIG" 2>/dev/null)
+      if [[ -z "$EXISTING_CHROME_PATH" ]]; then
+        DETECTED_CHROME_PATH=""
+        case "$(uname -s)" in
+          Darwin)
+            # Stable Chrome first, then Chromium, then popular forks.
+            for candidate in \
+              "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome" \
+              "/Applications/Chromium.app/Contents/MacOS/Chromium" \
+              "/Applications/Brave Browser.app/Contents/MacOS/Brave Browser" \
+              "/Applications/Microsoft Edge.app/Contents/MacOS/Microsoft Edge" \
+              "/Applications/Arc.app/Contents/MacOS/Arc"; do
+              if [[ -f "$candidate" ]]; then
+                DETECTED_CHROME_PATH="$candidate"
+                break
+              fi
+            done
+            ;;
+          Linux)
+            for cmd in google-chrome-stable google-chrome chromium chromium-browser brave-browser microsoft-edge; do
+              if command -v "$cmd" &>/dev/null; then
+                DETECTED_CHROME_PATH=$(command -v "$cmd")
+                break
+              fi
+            done
+            ;;
+        esac
+
+        if [[ -n "$DETECTED_CHROME_PATH" ]]; then
+          jq --arg path "$DETECTED_CHROME_PATH" '.mcp.chromePath = $path' "$SANDBOX_CONFIG" > "$SANDBOX_CONFIG.tmp" \
+            && mv "$SANDBOX_CONFIG.tmp" "$SANDBOX_CONFIG"
+          chmod 600 "$SANDBOX_CONFIG"
+          echo "🌐 Host browser detected for CDP: $DETECTED_CHROME_PATH"
+          echo "   (ai-run will launch this with --remote-debugging-port for MCP browser tools.)"
+          echo "   To change or disable, edit .mcp.chromePath in $SANDBOX_CONFIG"
+        else
+          echo "ℹ️  No host browser auto-detected for CDP mode."
+          echo "   To enable, set .mcp.chromePath in $SANDBOX_CONFIG to a Chrome/Chromium binary."
+        fi
+      fi
+    fi
   fi
 fi
 
@@ -448,8 +504,14 @@ TOOLS="$TOOLS_CSV" \
   INSTALL_CHROME_DEVTOOLS_MCP="$INSTALL_CHROME_DEVTOOLS_MCP" \
   INSTALL_PLAYWRIGHT_MCP="$INSTALL_PLAYWRIGHT_MCP" \
   INSTALL_RTK="$INSTALL_RTK" \
+  INSTALL_PUP="$INSTALL_PUP" \
   bash "$SCRIPT_DIR/lib/build-sandbox.sh"
 
+# Install open-design as a separate daemon container (not part of sandbox image)
+if [[ "${INSTALL_OPEN_DESIGN:-0}" -eq 1 ]]; then
+  bash "$SCRIPT_DIR/lib/install-open-design.sh"
+fi
+
 OLD_IMAGES=()
 for tool in "${TOOLS[@]}"; do
   if docker image inspect "ai-${tool}:latest" &>/dev/null; then
@@ -538,6 +600,9 @@ if [[ ${#ADDITIONAL_TOOLS[@]} -gt 0 ]]; then
       rtk)
         echo "  rtk - Token optimizer for AI coding agents (60-90% savings)"
         ;;
+      open-design)
+        echo "  open-design - AI design generation daemon (port 7456)"
+        ;;
     esac
   done
 fi

package/skills/dd-pup/SKILL.md

@@ -0,0 +1,186 @@
+---
+name: dd-pup
+description: "Datadog CLI (pup) for AI agents. OAuth2 auth with token refresh. Query logs, metrics, monitors, traces, and more."
+compatibility: "OpenCode with pup binary installed"
+metadata:
+  author: datadog-labs
+  version: "1.0.0"
+  repository: https://github.com/DataDog/pup
+---
+
+# pup (Datadog CLI)
+
+Pup CLI for Datadog API operations. Supports OAuth2 and API key auth.
+
+## Quick Reference
+
+| Task | Command |
+|------|---------|
+| Search error logs | `pup logs search --query "status:error" --from 1h` |
+| List monitors | `pup monitors list` |
+| Create downtime | `pup downtime create --file downtime.json` |
+| Find slow traces | `pup traces search --query="@duration:>500000000" --from="1h"` |
+| List incidents | `pup incidents list` |
+| Query metrics | `pup metrics query --query "avg:system.cpu.user{*}"` |
+| List hosts | `pup infrastructure hosts list` |
+| Check SLOs | `pup slos list` |
+| On-call teams | `pup on-call teams list` |
+| Security signals | `pup security signals list --query "*" --from 24h` |
+| Check auth | `pup auth status` |
+| Refresh token | `pup auth refresh` |
+
+## Prerequisites
+
+```bash
+# Install pup via Homebrew (recommended)
+brew tap datadog-labs/pack
+brew install pup
+
+# Or build from source
+cargo install --git https://github.com/DataDog/pup
+```
+
+## Auth
+
+```bash
+pup auth login    # OAuth2 browser flow (recommended)
+pup auth status   # Check token validity
+pup auth refresh  # Refresh expired token (no browser)
+pup auth logout   # Clear credentials
+```
+
+**⚠️ Tokens expire (~1 hour)**. If a command fails with 401/403:
+```bash
+pup auth refresh  # Try refresh first
+pup auth login    # If refresh fails, full re-auth
+```
+
+### Headless/CI (no browser)
+
+```bash
+export DD_API_KEY=your-api-key
+export DD_APP_KEY=your-app-key
+export DD_SITE=datadoghq.com  # or datadoghq.eu, etc.
+```
+
+## Command Reference
+
+### Monitors
+
+```bash
+pup monitors list --limit 10
+pup monitors list --tags "env:prod"
+pup monitors get 12345
+pup monitors search --query "High CPU"
+pup monitors create --file monitor.json
+pup monitors delete 12345
+```
+
+### Logs
+
+```bash
+pup logs search --query "status:error" --from 1h
+pup logs search --query "service:payment-api" --from 1h --limit 100
+pup logs aggregate --query "service:api" --compute count --from 1h
+```
+
+### Metrics
+
+```bash
+pup metrics query --query "avg:system.cpu.user{*}" --from 1h
+pup metrics list --filter "system.*"
+```
+
+### APM / Services
+
+```bash
+pup apm services list --env production
+pup apm services stats --env production
+pup apm dependencies list --env production
+```
+
+### Traces
+
+```bash
+pup traces search --query="service:api-gateway" --from="1h"
+pup traces search --query="service:api @duration:>1000000000" --from="1h"
+pup traces aggregate --query="service:api" --compute="avg(@duration)" --group-by="resource_name" --from="1h"
+```
+
+### Infrastructure / Hosts
+
+```bash
+pup infrastructure hosts list
+pup infrastructure hosts list --filter "env:prod"
+```
+
+### Dashboards
+
+```bash
+pup dashboards list
+pup dashboards get abc-123
+pup dashboards create --file dashboard.json
+```
+
+### SLOs
+
+```bash
+pup slos list
+pup slos get slo-123
+pup slos status slo-123 --from 30d --to now
+```
+
+### Security
+
+```bash
+pup security signals list --query "*" --from 24h
+pup security rules list
+```
+
+### Live Debugger
+
+```bash
+pup debugger context my-svc --env prod
+pup symdb search --service my-svc --query MyController --view probe-locations
+pup debugger probes create --service my-svc --env prod \
+  --probe-location "com.example.MyController:handleRequest" \
+  --capture "request.id" --ttl 1h
+pup debugger probes watch --fields "message,captures,timestamp" --timeout 60
+```
+
+## Subcommand Discovery
+
+```bash
+pup --help            # List all commands
+pup <cmd> --help      # Command-specific help
+pup agent schema      # Machine-readable output
+```
+
+## Error Handling
+
+| Error | Cause | Fix |
+|-------|-------|-----|
+| 401 Unauthorized | Token expired | `pup auth refresh` |
+| 403 Forbidden | Missing scope | Check app key permissions |
+| 404 Not Found | Wrong ID/resource | Verify resource exists |
+| Rate limited | Too many requests | Add delays between calls |
+
+## Sites
+
+| Site | `DD_SITE` value |
+|------|-----------------|
+| US1 (default) | `datadoghq.com` |
+| US3 | `us3.datadoghq.com` |
+| US5 | `us5.datadoghq.com` |
+| EU1 | `datadoghq.eu` |
+| AP1 | `ap1.datadoghq.com` |
+| US1-FED | `ddog-gov.com` |
+
+## Detection
+
+Before using pup commands, verify it's installed:
+```bash
+pup --version
+```
+
+If `pup` is not found, skip this skill.

package/dockerfiles/base/Dockerfile

@@ -1,74 +0,0 @@
-
-FROM node:22-bookworm-slim
-
-ARG AGENT_UID=1001
-
-RUN apt-get update && apt-get install -y --no-install-recommends     git     curl     ssh     ca-certificates     jq     python3     python3-pip     python3-venv     python3-dev     python3-setuptools     build-essential     libopenblas-dev     pipx     unzip     xclip     wl-clipboard     ripgrep     tmux     vim-nox     fd-find     sqlite3     poppler-utils     qpdf     tesseract-ocr     && curl -LsSf https://astral.sh/uv/install.sh | UV_INSTALL_DIR=/usr/local/bin sh     && rm -rf /var/lib/apt/lists/*     && pipx ensurepath
-
-# Install Python PDF processing tools for PDF skill
-RUN pip3 install --no-cache-dir --break-system-packages pypdf pdfplumber reportlab pytesseract pdf2image
-
-RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg     && chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg     && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null     && apt-get update     && apt-get install -y gh     && rm -rf /var/lib/apt/lists/*
-
-# Install bun (used by most AI tool install scripts)
-RUN npm install -g bun
-
-# Install pnpm globally using npm (not bun, for stability)
-RUN npm install -g pnpm
-
-# Install TypeScript and LSP tools using npm
-RUN npm install -g typescript typescript-language-server pyright vscode-langservers-extracted
-
-# Verify installations
-RUN node --version && npm --version && pnpm --version && tsc --version
-
-# Install additional tools (if selected)
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    libglib2.0-0 \
-    libnspr4 \
-    libnss3 \
-    libdbus-1-3 \
-    libatk1.0-0 \
-    libatk-bridge2.0-0 \
-    libcups2 \
-    libxcb1 \
-    libxkbcommon0 \
-    libatspi2.0-0 \
-    libx11-6 \
-    libxcomposite1 \
-    libxdamage1 \
-    libxext6 \
-    libxfixes3 \
-    libxrandr2 \
-    libgbm1 \
-    libdrm2 \
-    libcairo2 \
-    libpango-1.0-0 \
-    libasound2 \
-    fonts-liberation \
-    libappindicator3-1 \
-    libu2f-udev \
-    libvulkan1 \
-    libxshmfence1 \
-    xdg-utils \
-    wget \
-    && rm -rf /var/lib/apt/lists/*
-ENV PLAYWRIGHT_BROWSERS_PATH=/opt/playwright-browsers
-RUN mkdir -p /opt/playwright-browsers && \
-    npm install -g @playwright/mcp@latest && \
-    touch /opt/.mcp-playwright-installed
-ENV CHROME_DEVTOOLS_MCP_NO_USAGE_STATISTICS=1
-RUN npm install -g chrome-devtools-mcp@latest && \
-    touch /opt/.mcp-chrome-devtools-installed
-RUN touch /opt/.mcp-playwright-installed
-
-# Create workspace
-WORKDIR /workspace
-
-# Non-root user for security (match host UID)
-RUN useradd -m -u ${AGENT_UID} -d /home/agent agent && \
-    mkdir -p /home/agent/.cache /home/agent/.npm /home/agent/.opencode /home/agent/.config && \
-    chown -R agent:agent /home/agent/.cache /home/agent/.npm /home/agent/.opencode /home/agent/.config /workspace && \
-    ([ -d /opt/playwright-browsers ] && chown -R agent:agent /opt/playwright-browsers || true)
-USER agent
-ENV HOME=/home/agent

package/dockerfiles/base/skills/rtk/SKILL.md

@@ -1,103 +0,0 @@
----
-name: rtk
-description: "Token optimizer for AI coding agents. Wraps common CLI commands with rtk to reduce LLM token consumption by 60-90%."
-compatibility: "OpenCode with RTK binary installed"
-metadata:
-  author: Sisyphus
-  version: "1.0.0"
----
-
-# RTK — Rust Token Killer
-
-**Purpose**: Reduce token consumption by 60-90% on shell commands. RTK filters and compresses command output before it reaches your context.
-
-## When This Skill Activates
-
-This skill is loaded automatically. Once active, **always** prefix supported commands with `rtk`.
-
-## Command Mappings (MANDATORY)
-
-When running shell commands via Bash tool, use `rtk` prefix for these commands:
-
-| Instead of | Use | Savings |
-|-----------|-----|---------|
-| `git status` | `rtk git status` | ~80% |
-| `git diff` | `rtk git diff` | ~75% |
-| `git log` | `rtk git log` | ~80% |
-| `git add/commit/push/pull` | `rtk git add/commit/push/pull` | ~90% |
-| `ls` / `ls -la` | `rtk ls` | ~80% |
-| `cat file` | `rtk read file` | ~70% |
-| `grep pattern .` | `rtk grep pattern .` | ~80% |
-| `rg pattern` | `rtk grep pattern .` | ~80% |
-| `npm test` / `cargo test` / `pytest` | `rtk test <cmd>` | ~90% |
-| `npm run build` / `cargo build` | `rtk err <cmd>` | ~80% |
-| `gh pr list/view` | `rtk gh pr list/view` | ~70% |
-| `docker ps` | `rtk docker ps` | ~80% |
-| `eslint` / `tsc` | `rtk lint` / `rtk tsc` | ~80% |
-
-## Searching Inside `node_modules` / Ignored Directories
-
-By default, `rtk grep` respects `.gitignore` rules — meaning `node_modules`, `.nuxt`, `dist`, etc. are **excluded**. This is the right behavior 99% of the time.
-
-When you **need** to search inside ignored directories (debugging a library, checking an API signature, tracing a dependency bug):
-
-```bash
-# Search all files including node_modules (--no-ignore bypasses .gitignore)
-rtk grep "defineStore" . --no-ignore
-
-# Search a specific package only (combine --no-ignore with --glob)
-rtk grep "defineStore" . --no-ignore --glob 'node_modules/pinia/**'
-```
-
-**What does NOT work:**
-- `rtk grep "pattern" node_modules/pinia/` — still excluded even with direct path
-- `rtk grep "pattern" . --glob 'node_modules/**'` — glob alone doesn't override .gitignore
-
-**Key flag: `--no-ignore`** — this is the ONLY way to search ignored directories with rtk grep.
-
-### Other useful `rtk grep` flags
-
-```bash
-rtk grep "pattern" . -t ts          # Filter by file type (ts, py, rust, etc.)
-rtk grep "pattern" . -m 100         # Increase max results (default: 50)
-rtk grep "pattern" . -u             # Ultra-compact mode (even fewer tokens)
-rtk grep "pattern" . -l 120         # Max line length before truncation (default: 80)
-```
-
-## Commands to NOT Wrap
-
-Do NOT prefix these with `rtk` (unsupported or counterproductive):
-
-- `npx`, `npm install`, `pip install` (package managers)
-- `node`, `python3`, `ruby` (interpreters)
-- `nano-brain`, `openspec`, `opencode` (custom tools)
-- Heredocs (`<<EOF`)
-- Piped commands (`cmd1 | cmd2`) — wrap only the first command if applicable
-- Commands already prefixed with `rtk`
-
-## How RTK Works
-
-```
-Without RTK:  git status → 50 lines raw output → 2,000 tokens
-With RTK:     rtk git status → "3 modified, 1 untracked ✓" → 200 tokens
-```
-
-RTK runs the real command, then filters/compresses the output. The agent sees a compact summary instead of verbose raw output.
-
-## Detection
-
-Before using RTK commands, verify it's installed:
-```bash
-rtk --version
-```
-
-If `rtk` is not found, skip this skill — run commands normally without the `rtk` prefix.
-
-## Token Savings Reference
-
-Typical 30-min coding session:
-- Without RTK: ~150,000 tokens
-- With RTK: ~45,000 tokens
-- **Savings: ~70%**
-
-Biggest wins: test output (`rtk test` — 90%), git operations (`rtk git` — 80%), file reading (`rtk read` — 70%).

package/dockerfiles/base/skills/rtk-setup/SKILL.md

@@ -1,118 +0,0 @@
----
-name: rtk-setup
-description: "One-time setup + ongoing enforcement of RTK (Rust Token Killer) across sessions and subagents. Persists RTK instructions to AGENTS.md and propagates to delegated tasks."
-compatibility: "OpenCode with RTK binary installed"
-metadata:
-  author: Sisyphus
-  version: "1.0.0"
----
-
-# RTK Setup — Persistent RTK Enforcement
-
-This skill performs **setup** (persist RTK instructions) and **ongoing enforcement** (use rtk, propagate to subagents).
-
-## Phase 1: Detection (ALWAYS run first)
-
-Run these checks before anything else:
-
-```bash
-rtk --version
-```
-
-- If `rtk` is NOT found → **STOP**. Tell the user: "RTK is not installed. Install it first: `cargo install --git https://github.com/rtk-ai/rtk --locked`". Do NOT proceed with setup.
-- If `rtk` IS found → continue.
-
-### Check oh-my-opencode
-
-```bash
-ls ~/.config/opencode/oh-my-opencode.json 2>/dev/null
-```
-
-- If found → omo is installed. Note this for Phase 2.
-- If not found → skip omo-specific steps.
-
-## Phase 2: Setup (persist to AGENTS.md)
-
-Check BOTH of these files for the RTK managed block:
-
-1. **User-level**: `~/.config/opencode/AGENTS.md`
-2. **Project-level**: `./AGENTS.md` (current workspace)
-
-For EACH file, check if `<!-- RTK:START -->` exists. If it does NOT exist, **append** the following managed block to the file (create the file if it doesn't exist). NEVER replace existing content — only append.
-
-```markdown
-<!-- RTK:START -->
-<!-- Managed block - do not edit manually. Updated by: rtk-setup skill -->
-
-## RTK Token Optimizer
-
-This project uses **RTK** (Rust Token Killer) to reduce LLM token consumption by 60-90%.
-
-### Rules for ALL agents (including subagents)
-
-**ALWAYS** prefix these commands with `rtk`:
-
-| Command | Use instead |
-|---------|-------------|
-| `git status/diff/log/add/commit/push/pull` | `rtk git ...` |
-| `ls`, `ls -la` | `rtk ls` |
-| `cat file` | `rtk read file` |
-| `grep pattern .` / `rg pattern` | `rtk grep pattern .` |
-| `npm test` / `cargo test` / `pytest` | `rtk test <cmd>` |
-| `npm run build` / `cargo build` | `rtk err <cmd>` |
-| `gh pr list/view` | `rtk gh pr list/view` |
-| `docker ps` | `rtk docker ps` |
-| `eslint` / `tsc` | `rtk lint` / `rtk tsc` |
-
-**Do NOT** prefix: `npx`, `npm install`, `pip install`, `node`, `python3`, heredocs, piped commands.
-
-<!-- RTK:END -->
-```
-
-### If oh-my-opencode is installed
-
-After updating AGENTS.md files, check if the omo config at `~/.config/opencode/oh-my-opencode.json` has `prompt_append` fields on agents. If it does, inform the user:
-
-> "omo is installed. For maximum coverage, you can add RTK instructions to agent `prompt_append` fields in `oh-my-opencode.json`. This ensures subagents always use rtk even when AGENTS.md is not loaded. Want me to do this?"
-
-**Only modify `oh-my-opencode.json` if the user explicitly confirms.** If they confirm, append this line to the `prompt_append` of `sisyphus-junior` agent (the primary coder):
-
-```
-\n\nRTK: ALWAYS prefix shell commands with `rtk` when available (git, ls, grep, test, build). Example: `rtk git status` not `git status`.
-```
-
-Do NOT modify other agents' prompt_append unless asked.
-
-## Phase 3: Ongoing Enforcement (EVERY time this skill is loaded)
-
-### For the current agent
-
-From this point forward in this session, **you MUST**:
-
-1. **Use `rtk` prefix** for all supported shell commands (see table above)
-2. **Verify rtk is available** before first use: `rtk --version`
-3. If rtk is not available in the current environment, fall back to normal commands silently
-
-### For subagent delegation
-
-When delegating ANY task that involves shell commands (via `task()`, `delegate_task()`, or any delegation mechanism), **ALWAYS** add this to the `MUST DO` section of the delegation prompt:
-
-```
-- Use `rtk` prefix for shell commands when available (git, ls, grep, test, build). Run `rtk --version` first to check. If not installed, use normal commands. Examples: `rtk git status`, `rtk ls`, `rtk grep pattern .`, `rtk test npm test`.
-```
-
-This is NON-NEGOTIABLE. Subagents do not read AGENTS.md, so RTK instructions MUST be passed explicitly in every delegation prompt.
-
-### Quick reference for subagent prompts
-
-Copy-paste this one-liner into MUST DO sections:
-
-> Use `rtk` prefix for all shell commands (git, ls, grep, test, build, docker). Example: `rtk git status` not `git status`. If `rtk` is not found, use normal commands.
-
-## Summary
-
-| Phase | When | What |
-|-------|------|------|
-| Detection | Always first | Check rtk installed, check omo |
-| Setup | Once (idempotent) | Append RTK block to AGENTS.md (user + project) |
-| Enforcement | Every session | Use rtk yourself, propagate to all subagents |

package/dockerfiles/opencode/Dockerfile

@@ -1,9 +0,0 @@
-FROM ai-base:latest
-
-USER root
-RUN curl -fsSL https://opencode.ai/install | bash && \
-    mv /home/agent/.opencode/bin/opencode /usr/local/bin/opencode && \
-    rm -rf /home/agent/.opencode
-
-USER agent
-ENTRYPOINT ["opencode"]