@kontourai/flow-agents 1.4.0 → 2.0.1

package/evals/fixtures/flow-kit-repository/invalid-missing-extension-asset/kit.json

@@ -0,0 +1,20 @@
+{
+  "schema_version": "1.0",
+  "id": "missing-extension-asset-kit",
+  "name": "Missing Extension Asset Kit",
+  "product_name": "Missing Extension Asset Kit",
+  "description": "A valid Flow Kit container with a Flow Agents extension asset pointing at a missing file.",
+  "flows": [
+    {
+      "id": "missing.extension.asset.review",
+      "path": "flows/review.flow.json",
+      "description": "Review a small change."
+    }
+  ],
+  "docs": [
+    {
+      "id": "missing.docs",
+      "path": "docs/MISSING.md"
+    }
+  ]
+}

package/evals/fixtures/flow-kit-repository/valid-unknown-extension/flows/review.flow.json

@@ -0,0 +1,26 @@
+{
+  "id": "unknown.extension.review",
+  "version": "1.0",
+  "steps": [
+    { "id": "review", "next": "done" },
+    { "id": "done", "next": null }
+  ],
+  "gates": {
+    "review-gate": {
+      "step": "review",
+      "expects": [
+        {
+          "id": "review-evidence",
+          "kind": "trust.bundle",
+          "required": true,
+          "description": "Review evidence has been recorded.",
+          "bundle_claim": {
+            "claimType": "example.review.evidence",
+            "subjectType": "artifact",
+            "accepted_statuses": ["trusted", "accepted"]
+          }
+        }
+      ]
+    }
+  }
+}

package/evals/fixtures/flow-kit-repository/valid-unknown-extension/kit.json

@@ -0,0 +1,18 @@
+{
+  "schema_version": "1.0",
+  "id": "unknown-extension-kit",
+  "name": "Unknown Extension Kit",
+  "product_name": "Unknown Extension Kit",
+  "description": "A valid Flow Kit container with an arbitrary top-level extension field.",
+  "flows": [
+    {
+      "id": "unknown.extension.review",
+      "path": "flows/review.flow.json",
+      "description": "Review a small change."
+    }
+  ],
+  "third_party_extension": {
+    "provider": "example.vendor",
+    "path": "vendor/meta.json"
+  }
+}

package/evals/integration/test_builder_step_producers.sh

@@ -0,0 +1,379 @@
+#!/usr/bin/env bash
+# test_builder_step_producers.sh — Integration eval for ADR 0016 Abstraction A P-d Increment 2.
+#
+# Proves for each of the 6 producer-wired gate claims:
+#   - record-gate-claim at the correct active step produces the declared claim
+#     (correct claimType + subjectType, status=verified in the bundle).
+#   - A TAMPERED bundle (stored verified, evidence fail) at that step BLOCKS (exit 2)
+#     with the tamper warning naming the declared claimType.
+#
+# Claims covered:
+#   1. builder.pull-work.selected           (step: pull-work,    expectation: selected-work)
+#   2. builder.design-probe.pickup-readiness (step: design-probe, expectation: pickup-probe-readiness)
+#   3. builder.design-probe.decisions        (step: design-probe, expectation: probe-decisions-or-accepted-gaps)
+#   4. builder.pr-open.pull-request          (step: pr-open,      expectation: pull-request-opened)
+#   5. builder.learn.decisions               (step: learn,        expectation: decision-evidence)
+#   6. builder.learn.evidence                (step: learn,        expectation: learning-evidence)
+#
+# build.flow.json confirmation:
+#   - All 6 claims above are required:true.
+#   - policy-compliance remains required:false (advisory — no skill producer).
+#
+# Deterministic, no model spend, self-cleaning.
+# Usage: bash evals/integration/test_builder_step_producers.sh
+
+set -uo pipefail
+
+ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+source "$ROOT/evals/lib/node.sh"
+GATE="$ROOT/scripts/hooks/stop-goal-fit.js"
+
+export FLOW_AGENTS_GOAL_FIT_MAX_BLOCKS=100000
+
+TMP="$(mktemp -d)"
+errors=0
+
+_pass() { echo "  ✓ $1"; }
+_fail() { echo "  ✗ $1"; errors=$((errors + 1)); }
+
+cleanup() { rm -rf "$TMP"; }
+trap cleanup EXIT
+
+# ─── Helper: set active_step_id for a step.
+# For steps in the phase_map, use advance-state.
+# For design-probe (no phase mapping), use ensure-session --step-id.
+# ──────────────────────────────────────────────────────────────────
+set_active_step() {
+  local aroot="$1" slug="$2" step="$3"
+  case "$step" in
+    design-probe)
+      # design-probe has no lifecycle phase in the phase_map — set via ensure-session --step-id
+      flow_agents_node "workflow-sidecar" ensure-session \
+        --artifact-root "$aroot" \
+        --task-slug "$slug" \
+        --title "Producer test: $step" \
+        --summary "Test gate-claim producer at $step." \
+        --flow-id builder.build \
+        --step-id design-probe \
+        --timestamp "2026-06-26T00:00:30Z" >/dev/null 2>&1
+      ;;
+    pull-work)
+      flow_agents_node "workflow-sidecar" advance-state "$aroot/$slug" \
+        --status in_progress --phase pickup \
+        --summary "Testing at $step." --next-action "Record claim." \
+        --flow-definition builder.build \
+        --timestamp "2026-06-26T00:01:00Z" >/dev/null 2>&1
+      ;;
+    pr-open)
+      flow_agents_node "workflow-sidecar" advance-state "$aroot/$slug" \
+        --status in_progress --phase release \
+        --summary "Testing at $step." --next-action "Record claim." \
+        --flow-definition builder.build \
+        --timestamp "2026-06-26T00:01:00Z" >/dev/null 2>&1
+      ;;
+    learn)
+      flow_agents_node "workflow-sidecar" advance-state "$aroot/$slug" \
+        --status in_progress --phase learning \
+        --summary "Testing at $step." --next-action "Record claim." \
+        --flow-definition builder.build \
+        --timestamp "2026-06-26T00:01:00Z" >/dev/null 2>&1
+      ;;
+  esac
+}
+
+# ─── Helper: bootstrap a session for produce tests ───────────────────────────
+setup_session_for_produce() {
+  local aroot="$1" slug="$2" step="$3"
+  mkdir -p "$aroot"
+
+  flow_agents_node "workflow-sidecar" ensure-session \
+    --artifact-root "$aroot" \
+    --task-slug "$slug" \
+    --title "Producer test: $step" \
+    --summary "Test gate-claim producer at $step." \
+    --flow-id builder.build \
+    --timestamp "2026-06-26T00:00:00Z" >/dev/null 2>&1
+
+  flow_agents_node "workflow-sidecar" init-plan "$aroot/$slug/$slug--deliver.md" \
+    --source-request "Test" --summary "Testing" \
+    --timestamp "2026-06-26T00:00:00Z" >/dev/null 2>&1
+
+  set_active_step "$aroot" "$slug" "$step"
+}
+
+# ─── Helper: bootstrap a session + AGENTS.md for tamper tests ────────────────
+setup_tamper_session() {
+  local t_dir="$1" slug="$2" step="$3"
+  mkdir -p "$t_dir"
+  printf '# Repo\n' > "$t_dir/AGENTS.md"
+  mkdir -p "$t_dir/.flow-agents/$slug"
+
+  flow_agents_node "workflow-sidecar" ensure-session \
+    --artifact-root "$t_dir/.flow-agents" \
+    --task-slug "$slug" \
+    --title "Tamper test: $step" \
+    --summary "Testing tamper detection." \
+    --flow-id builder.build \
+    --timestamp "2026-06-26T00:00:00Z" >/dev/null 2>&1
+
+  flow_agents_node "workflow-sidecar" init-plan "$t_dir/.flow-agents/$slug/$slug--deliver.md" \
+    --source-request "Test" --summary "Testing" \
+    --timestamp "2026-06-26T00:00:00Z" >/dev/null 2>&1
+
+  set_active_step "$t_dir/.flow-agents" "$slug" "$step"
+}
+
+# ─── Test: produce a gate claim at a given step ───────────────────────────────
+test_produce_claim() {
+  local label="$1" step="$2" expectation="$3" expected_claim_type="$4" expected_subject_type="$5"
+  echo ""
+  echo "=== PRODUCE: $label ==="
+
+  local slug
+  slug="$(echo "prod-$step-$expectation" | tr '/' '-' | tr '.' '-')"
+  local aroot="$TMP/$slug"
+  setup_session_for_produce "$aroot" "$slug" "$step"
+
+  if flow_agents_node "workflow-sidecar" record-gate-claim "$aroot/$slug" \
+    --status pass \
+    --summary "Test claim: $label" \
+    --expectation "$expectation" \
+    --timestamp "2026-06-26T00:02:00Z" >/dev/null 2>&1; then
+    _pass "$label: record-gate-claim exits 0 at $step step"
+  else
+    _fail "$label: record-gate-claim failed at $step step"
+    return
+  fi
+
+  node -e "
+    const fs = require('fs');
+    const bundle = JSON.parse(fs.readFileSync('$aroot/$slug/trust.bundle', 'utf8'));
+    const target = (bundle.claims || []).find(c => c.claimType === '$expected_claim_type');
+    if (!target) {
+      console.error('no $expected_claim_type claim found; claims:', (bundle.claims||[]).map(c=>c.claimType).join(', '));
+      process.exit(1);
+    }
+    if (target.subjectType !== '$expected_subject_type') {
+      console.error('expected subjectType=$expected_subject_type, got', target.subjectType);
+      process.exit(1);
+    }
+    if (target.status !== 'verified') {
+      console.error('expected status=verified, got', target.status);
+      process.exit(1);
+    }
+  " 2>/dev/null \
+    && _pass "$label: bundle contains $expected_claim_type with subjectType=$expected_subject_type, status=verified" \
+    || _fail "$label: bundle missing or incorrect $expected_claim_type claim"
+}
+
+# ─── Test: tampered bundle at given step BLOCKS ───────────────────────────────
+test_tamper_blocks() {
+  local label="$1" step="$2" claim_type="$3" subject_type="$4"
+  echo ""
+  echo "=== TAMPER-BLOCKS: $label ==="
+
+  local slug
+  slug="$(echo "tamper-$step-$claim_type" | tr '.' '-' | tr '/' '-')"
+  local t_dir="$TMP/$slug"
+  setup_tamper_session "$t_dir" "$slug" "$step"
+
+  # Write a TAMPERED trust.bundle: stored verified, evidence passing=false
+  python3 - "$t_dir/.flow-agents/$slug/trust.bundle" "$claim_type" "$subject_type" << 'PY'
+import json, sys
+claim_type = sys.argv[2]
+subject_type = sys.argv[3]
+bundle = {
+    "schemaVersion": 3,
+    "source": "flow-agents/workflow-sidecar",
+    "claims": [{
+        "id": "c1",
+        "subjectId": "tamper/gate-claim-test",
+        "subjectType": subject_type,
+        "claimType": claim_type,
+        "fieldOrBehavior": "Gate claim test",
+        "value": "pass",
+        "impactLevel": "high",
+        "status": "verified",
+        "createdAt": "2026-06-26T00:00:00Z",
+        "updatedAt": "2026-06-26T00:00:00Z"
+    }],
+    "evidence": [{
+        "id": "ev1",
+        "claimId": "c1",
+        "evidenceType": "test_output",
+        "method": "validation",
+        "sourceRef": "command-log.jsonl",
+        "excerptOrSummary": "gate claim FAILED",
+        "observedAt": "2026-06-26T00:00:00Z",
+        "collectedBy": "harness",
+        "passing": False,
+        "blocking": True
+    }],
+    "policies": [],
+    "events": [{
+        "id": "evt1",
+        "claimId": "c1",
+        "status": "verified",
+        "actor": "agent",
+        "method": "workflow-check",
+        "evidenceIds": ["ev1"],
+        "createdAt": "2026-06-26T00:00:00Z"
+    }]
+}
+json.dump(bundle, open(sys.argv[1], 'w'))
+PY
+
+  set +e
+  tamper_out="$(FLOW_AGENTS_GOAL_FIT_MODE=block FLOW_AGENTS_GOAL_FIT_BACKSTOP=skip \
+      node "$GATE" 2>&1 <<< "{\"hook_event_name\":\"Stop\",\"cwd\":\"$t_dir\"}")"
+  tamper_exit="$?"
+  set -e
+
+  if [ "$tamper_exit" -eq 2 ]; then
+    _pass "$label: tampered bundle blocks (exit 2)"
+  else
+    _fail "$label: tampered bundle did NOT block: exit=$tamper_exit"
+  fi
+
+  if echo "$tamper_out" | grep -qE "stored status.*does not match recompute|possible tampered bundle"; then
+    _pass "$label: tamper warning emits 'stored status does not match recompute'"
+  else
+    _fail "$label: tamper warning missing from output: $tamper_out"
+  fi
+
+  if echo "$tamper_out" | grep -q "caught false-completion"; then
+    _pass "$label: tamper warning emits 'caught false-completion'"
+  else
+    _fail "$label: tamper warning missing 'caught false-completion': $tamper_out"
+  fi
+
+  if echo "$tamper_out" | grep -q "$claim_type"; then
+    _pass "$label: tamper warning names declared claimType $claim_type"
+  else
+    _fail "$label: tamper warning does not name $claim_type: $tamper_out"
+  fi
+}
+
+# ─── Test 0: build.flow.json required:true confirmation ──────────────────────
+echo ""
+echo "=== 0. build.flow.json: confirm required:true for produced gates ==="
+
+node -e "
+  const fs = require('fs');
+  const flow = JSON.parse(fs.readFileSync('$ROOT/kits/builder/flows/build.flow.json', 'utf8'));
+  const requiredTrue = [
+    'selected-work',
+    'pickup-probe-readiness',
+    'probe-decisions-or-accepted-gaps',
+    'pull-request-opened',
+    'decision-evidence',
+    'learning-evidence',
+  ];
+  const requiredFalse = ['policy-compliance'];
+  let ok = true;
+  for (const [gateName, gate] of Object.entries(flow.gates)) {
+    for (const exp of gate.expects || []) {
+      if (requiredTrue.includes(exp.id) && exp.required !== true) {
+        console.error('FAIL: ' + exp.id + ' in ' + gateName + ' should be required:true, got ' + exp.required);
+        ok = false;
+      }
+      if (requiredFalse.includes(exp.id) && exp.required !== false) {
+        console.error('FAIL: ' + exp.id + ' in ' + gateName + ' should remain required:false (advisory), got ' + exp.required);
+        ok = false;
+      }
+    }
+  }
+  if (!ok) process.exit(1);
+" 2>/dev/null \
+  && _pass "build.flow.json: 6 produced gates are required:true, policy-compliance is required:false" \
+  || _fail "build.flow.json: required flag mismatch"
+
+node -e "
+  const fs = require('fs');
+  const flow = JSON.parse(fs.readFileSync('$ROOT/kits/builder/flows/build.flow.json', 'utf8'));
+  const producedIds = [
+    'selected-work',
+    'pickup-probe-readiness',
+    'probe-decisions-or-accepted-gaps',
+    'pull-request-opened',
+    'decision-evidence',
+    'learning-evidence',
+  ];
+  let ok = true;
+  for (const [gateName, gate] of Object.entries(flow.gates)) {
+    for (const exp of gate.expects || []) {
+      if (producedIds.includes(exp.id) && exp.explore_hint) {
+        console.error('FAIL: ' + exp.id + ' in ' + gateName + ' still has explore_hint (remove when producer exists)');
+        ok = false;
+      }
+    }
+  }
+  if (!ok) process.exit(1);
+" 2>/dev/null \
+  && _pass "build.flow.json: no explore_hint on produced gate entries" \
+  || _fail "build.flow.json: produced gate entries still have explore_hint"
+
+# ─── Tests 1–6: produce + tamper-block for each of the 6 claims ──────────────
+
+# Claim 1: builder.pull-work.selected
+test_produce_claim \
+  "builder.pull-work.selected" \
+  "pull-work" "selected-work" \
+  "builder.pull-work.selected" "work-item"
+test_tamper_blocks \
+  "builder.pull-work.selected" \
+  "pull-work" "builder.pull-work.selected" "work-item"
+
+# Claim 2: builder.design-probe.pickup-readiness
+test_produce_claim \
+  "builder.design-probe.pickup-readiness" \
+  "design-probe" "pickup-probe-readiness" \
+  "builder.design-probe.pickup-readiness" "work-item"
+test_tamper_blocks \
+  "builder.design-probe.pickup-readiness" \
+  "design-probe" "builder.design-probe.pickup-readiness" "work-item"
+
+# Claim 3: builder.design-probe.decisions
+test_produce_claim \
+  "builder.design-probe.decisions" \
+  "design-probe" "probe-decisions-or-accepted-gaps" \
+  "builder.design-probe.decisions" "decision"
+test_tamper_blocks \
+  "builder.design-probe.decisions" \
+  "design-probe" "builder.design-probe.decisions" "decision"
+
+# Claim 4: builder.pr-open.pull-request
+test_produce_claim \
+  "builder.pr-open.pull-request" \
+  "pr-open" "pull-request-opened" \
+  "builder.pr-open.pull-request" "pull-request"
+test_tamper_blocks \
+  "builder.pr-open.pull-request" \
+  "pr-open" "builder.pr-open.pull-request" "pull-request"
+
+# Claim 5: builder.learn.decisions
+test_produce_claim \
+  "builder.learn.decisions" \
+  "learn" "decision-evidence" \
+  "builder.learn.decisions" "decision"
+test_tamper_blocks \
+  "builder.learn.decisions" \
+  "learn" "builder.learn.decisions" "decision"
+
+# Claim 6: builder.learn.evidence
+test_produce_claim \
+  "builder.learn.evidence" \
+  "learn" "learning-evidence" \
+  "builder.learn.evidence" "release"
+test_tamper_blocks \
+  "builder.learn.evidence" \
+  "learn" "builder.learn.evidence" "release"
+
+# ─── Summary ──────────────────────────────────────────────────────────────────
+echo ""
+if [ "$errors" -eq 0 ]; then
+  echo "Builder step producer tests passed (6 claims: produce + tamper-block each)."
+  exit 0
+fi
+echo "Builder step producer tests FAILED: $errors issue(s)."
+exit 1

package/evals/integration/test_bundle_install.sh

@@ -32,7 +32,7 @@ KIRO_DEST="$TMPDIR_EVAL/kiro-home"
 BASE_DEST="$TMPDIR_EVAL/base-workspace"
 CLAUDE_DEST="$TMPDIR_EVAL/claude-workspace"
 CODEX_DEST="$TMPDIR_EVAL/codex-workspace"
-CODEX_CORE_DEST="$TMPDIR_EVAL/codex-core-workspace"
+CODEX_FULL_DEST="$TMPDIR_EVAL/codex-full-workspace"
 CODEX_CONSOLE_DEST="$TMPDIR_EVAL/codex-console-workspace"
 CODEX_HOSTED_CONSOLE_DEST="$TMPDIR_EVAL/codex-hosted-console-workspace"
 CODEX_USER_HOSTED_CONSOLE_DEST="$TMPDIR_EVAL/codex-user-hosted-console-workspace"
@@ -42,7 +42,7 @@ BASE_INIT_DEST="$TMPDIR_EVAL/base-init-workspace"
 CODEX_INIT_DEST="$TMPDIR_EVAL/codex-init-workspace"
 OPENCODE_DEST="$TMPDIR_EVAL/opencode-workspace"
 OPENCODE_CONSOLE_DEST="$TMPDIR_EVAL/opencode-console-workspace"
-OPENCODE_CORE_DEST="$TMPDIR_EVAL/opencode-core-workspace"
+OPENCODE_FULL_DEST="$TMPDIR_EVAL/opencode-full-workspace"
 PI_DEST="$TMPDIR_EVAL/pi-workspace"
 CONSOLE_TOKEN_FILE="$TMPDIR_EVAL/console-token"
 printf 'test-token\n' > "$CONSOLE_TOKEN_FILE"
@@ -128,7 +128,7 @@ else
   _fail "opencode install with Console telemetry config failed"
 fi
 
-if node "$ROOT_DIR/build/src/cli.js" init --runtime opencode --dest "$OPENCODE_CORE_DEST" --yes >/dev/null; then
+if node "$ROOT_DIR/build/src/cli.js" init --runtime opencode --dest "$OPENCODE_FULL_DEST" --yes >/dev/null; then
   _pass "flow-agents init headless opencode install succeeded"
 else
   _fail "flow-agents init headless opencode install failed"
@@ -140,32 +140,17 @@ else
   _fail "pi install failed"
 fi
 
-USER_SKILLS_DIR="$CODEX_CORE_DEST/.codex/sk""ills/user-skill"
-mkdir -p "$CODEX_CORE_DEST/.codex/ag""ents" "$USER_SKILLS_DIR"
-printf 'name = "user-agent"\n' > "$CODEX_CORE_DEST/.codex/ag""ents/user-agent.toml"
+USER_SKILLS_DIR="$CODEX_FULL_DEST/.codex/sk""ills/user-skill"
+mkdir -p "$CODEX_FULL_DEST/.codex/ag""ents" "$USER_SKILLS_DIR"
+printf 'name = "user-agent"\n' > "$CODEX_FULL_DEST/.codex/ag""ents/user-agent.toml"
 printf '# user skill\n' > "$USER_SKILLS_DIR/SKILL.md"
 
-if (cd "$ROOT_DIR/dist/codex" && FLOW_AGENTS_PACKS=core bash install.sh "$CODEX_CORE_DEST" >/dev/null); then
-  _pass "Codex core-pack filtered install succeeded"
+# A fresh install ships the full standalone base (no pack filtering). Pre-existing
+# unknown user files must be preserved across the rsync install.
+if (cd "$ROOT_DIR/dist/codex" && bash install.sh "$CODEX_FULL_DEST" >/dev/null); then
+  _pass "Codex full install succeeded"
 else
-  _fail "Codex core-pack filtered install failed"
-fi
-
-FILTER_ATTACK_DEST="$TMPDIR_EVAL/filter-attack"
-mkdir -p "$FILTER_ATTACK_DEST/packaging" "$FILTER_ATTACK_DEST/skills"
-cat > "$FILTER_ATTACK_DEST/packaging/packs.json" <<'JSON'
-{
-  "schema_version": "1.0",
-  "packs": [
-    { "name": "core", "default": true, "skills": ["safe"], "agents": [], "powers": [] },
-    { "name": "extra", "skills": ["../escape"], "agents": [], "powers": [] }
-  ]
-}
-JSON
-if node "$ROOT_DIR/build/src/tools/filter-installed-packs.js" "$FILTER_ATTACK_DEST" --packs core >"$TMPDIR_EVAL/filter-attack.out" 2>"$TMPDIR_EVAL/filter-attack.err"; then
-  _fail "pack filter accepted unsafe metadata traversal"
-else
-  _pass "pack filter rejects unsafe metadata traversal before deletion"
+  _fail "Codex full install failed"
 fi
 
 echo ""
@@ -179,7 +164,7 @@ for dir in \
   "$CODEX_DEST/.codex/agents" \
   "$CODEX_DEST/.codex/skills" \
   "$CODEX_DEST/.flow-agents" \
-  "$CODEX_CORE_DEST/.flow-agents"; do
+  "$CODEX_FULL_DEST/.flow-agents"; do
   if [[ -d "$dir" ]]; then
     _pass "$dir exists"
   else
@@ -703,64 +688,43 @@ fi
 
 
 echo ""
-echo "--- Pack Filtering ---"
-CODEX_AGENTS_DIR="$CODEX_CORE_DEST/.codex/ag""ents"
-CORE_AGENT="$CODEX_AGENTS_DIR/tool-planner.toml"
-OPTIONAL_AGENT="$CODEX_AGENTS_DIR/dev.toml"
-if [[ -f "$CORE_AGENT" && ! -f "$OPTIONAL_AGENT" ]]; then
-  _pass "Codex core-pack install keeps core agents and prunes optional agents"
-else
-  _fail "Codex core-pack agent filtering failed"
-fi
-
-# Kit-owned skills (plan-work, deliver) are always present regardless of pack filter.
-# Pack filtering only prunes skills declared in packs.json (the tool-skills).
-# The development-pack tool-skill agentic-engineering should be pruned in a core-only install.
-if [[ -d "$CODEX_CORE_DEST/.codex/skills/plan-work" && -d "$CODEX_CORE_DEST/.codex/skills/deliver" && ! -d "$CODEX_CORE_DEST/.codex/skills/agentic-engineering" ]]; then
-  _pass "Codex core-pack install: kit-skills present, dev-only tool-skill pruned"
+echo "--- Full Standalone Base Install ---"
+# There is no pack layer: a fresh install ships the complete standalone base.
+# Both the neutral toolbox agents (tool-planner) and the deeper agents (dev) are
+# present, and kit-owned skills (plan-work, deliver) plus standalone skills
+# (agentic-engineering) all install together.
+# Codex excludes the dev orchestrator agent (manifest.codex.excluded_agents), so
+# assert the neutral toolbox agent plus a deeper agent that codex does ship.
+CODEX_AGENTS_DIR="$CODEX_FULL_DEST/.codex/ag""ents"
+if [[ -f "$CODEX_AGENTS_DIR/tool-planner.toml" && -f "$CODEX_AGENTS_DIR/tool-security-reviewer.toml" ]]; then
+  _pass "Codex full install ships the complete agent base"
 else
-  _fail "Codex core-pack skill filtering failed"
+  _fail "Codex full install is missing base agents"
 fi
 
-if [[ -f "$CODEX_CORE_DEST/.flow-agents/installed-packs.json" ]]; then
-  _pass "Codex core-pack install records selected packs"
+if [[ -d "$CODEX_FULL_DEST/.codex/skills/plan-work" && -d "$CODEX_FULL_DEST/.codex/skills/deliver" && -d "$CODEX_FULL_DEST/.codex/skills/agentic-engineering" ]]; then
+  _pass "Codex full install ships kit-skills and standalone skills together"
 else
-  _fail "Codex core-pack install did not record selected packs"
+  _fail "Codex full install is missing skills"
 fi
 
 if [[ -f "$CODEX_AGENTS_DIR/user-agent.toml" && -d "$USER_SKILLS_DIR" ]]; then
-  _pass "Codex core-pack install preserves unknown user files"
-else
-  _fail "Codex core-pack install removed unknown user files"
-fi
-
-# Pack filtering for opencode
-OPENCODE_AGENTS_DIR="$OPENCODE_CORE_DEST/.opencode/agents"
-if (cd "$ROOT_DIR/dist/opencode" && FLOW_AGENTS_PACKS=core bash install.sh "$OPENCODE_CORE_DEST" >/dev/null); then
-  _pass "opencode core-pack filtered install succeeded"
-else
-  _fail "opencode core-pack filtered install failed"
-fi
-
-if [[ -d "$OPENCODE_AGENTS_DIR/tool-planner.md" ]] || [[ -f "$OPENCODE_AGENTS_DIR/tool-planner.md" ]]; then
-  _pass "opencode core-pack install keeps core agents"
+  _pass "Codex full install preserves unknown user files"
 else
-  _fail "opencode core-pack agent filtering failed (tool-planner.md missing)"
+  _fail "Codex full install removed unknown user files"
 fi
 
-# Kit-owned skills (plan-work, deliver) are always present regardless of pack filter.
-# Pack filtering only prunes skills declared in packs.json (the tool-skills).
-# The development-pack tool-skill agentic-engineering should be pruned in a core-only install.
-if [[ -d "$OPENCODE_CORE_DEST/.opencode/skills/plan-work" && -d "$OPENCODE_CORE_DEST/.opencode/skills/deliver" && ! -d "$OPENCODE_CORE_DEST/.opencode/skills/agentic-engineering" ]]; then
-  _pass "opencode core-pack install: kit-skills present, dev-only tool-skill pruned"
+OPENCODE_AGENTS_DIR="$OPENCODE_FULL_DEST/.opencode/agents"
+if [[ -f "$OPENCODE_AGENTS_DIR/tool-planner.md" && -f "$OPENCODE_AGENTS_DIR/dev.md" ]]; then
+  _pass "opencode full install ships the complete agent base"
 else
-  _fail "opencode core-pack skill filtering failed"
+  _fail "opencode full install is missing base agents"
 fi
 
-if [[ -f "$OPENCODE_CORE_DEST/.flow-agents/installed-packs.json" ]]; then
-  _pass "opencode core-pack install records selected packs"
+if [[ -d "$OPENCODE_FULL_DEST/.opencode/skills/plan-work" && -d "$OPENCODE_FULL_DEST/.opencode/skills/deliver" && -d "$OPENCODE_FULL_DEST/.opencode/skills/agentic-engineering" ]]; then
+  _pass "opencode full install ships kit-skills and standalone skills together"
 else
-  _fail "opencode core-pack install did not record selected packs"
+  _fail "opencode full install is missing skills"
 fi
 
 echo ""