@nimiplatform/nimi-coding 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Nimi
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,348 @@
+# @nimiplatform/nimi-coding
+
+`@nimiplatform/nimi-coding` is the standalone host-agnostic boundary package
+for the Nimi Coding methodology.
+
+The product goal is to let arbitrary projects install a reusable AI coding
+governance toolkit, bootstrap a project-local `.nimi/**` layer, and then use
+AI-native authority, packet, and acceptance discipline for high-risk work.
+
+## Primary Path
+
+The primary `nimicoding` path is for an ordinary project with mixed inputs:
+
+1. gather code/docs/structure/human notes
+2. hand off `spec_reconstruction` to an external host
+3. generate a canonical tree under `/.nimi/spec/**`
+4. run `validate-spec-tree`
+5. run `validate-spec-audit`
+6. close out reconstruction
+7. hand off `doc_spec_audit` and close it out locally
+
+`blueprint-audit`, benchmark parity, and direct-copy helpers remain available,
+but they are support-only or repo-local special cases. They do not define
+default reconstruction completion.
+
+In this monorepo, `/.nimi/spec/**` is now the repo-wide product authority.
+Pre-cutover authority history now lives in Git rather than a repo-local
+archive tree. Pre-cutover readiness work was evidence only and did not
+authorize the flip by itself.
+
+## Current Status
+
+This repository is boundary-complete for its intended standalone scope.
+
+Its completed standalone scope is:
+
+- package identity
+- repository foundation
+- initial AI-native methodology seed
+- package-owned repo-local support profile source for future governance slices
+- machine-readable reconstruction, doc-spec-audit, and high-risk execution result contracts
+- package-owned canonical high-risk admission schema contract
+- seed-only high-risk execution schemas for packet, orchestration-state, prompt, worker-output, and acceptance
+- vendor-neutral external host-profile seed
+- package-owned external host compatibility contract seed
+- host-adapter seed for constrained external execution-host interop
+- package-owned admitted host-profile overlay seed for `oh_my_codex`
+- package-owned external execution artifact landing-path contract seed
+- vendor-neutral external delegated skill runtime contract seed
+- vendor-neutral delegated skill installer seed
+- fail-closed delegated skill installer result-contract seed
+- local-only installer operational evidence-home seed
+- fail-closed collapsed installer summary projection lifecycle-contract seed
+- package-owned bootstrap source under `config/**`, `contracts/**`, `methodology/**`, and `spec/**`
+- a bounded standalone CLI with staged `start`, validation, handoff, local closeout projection, explicit admission, and mechanical execution-artifact validation
+- a host-agnostic semantic + interop boundary for external AI hosts such as OMX, Codex, Claude, Gemini, or another contract-observing host
+
+It intentionally defers:
+
+- packet-bound run kernel
+- provider-backed execution
+- scheduler, notification, and automation backend surfaces
+- self-hosted methodology execution
+
+## CLI Status
+
+This repository now carries a boundary-complete standalone `nimicoding` CLI.
+
+At the current stage it provides:
+
+- executable package bin wiring
+- help and version output
+- a primary `nimicoding start` entrypoint for bootstrap, resume, and next-stage AI task prep
+- a conservative `nimicoding clear` entrypoint for removing package-managed setup without deleting project-owned truth
+- a bounded `nimicoding doctor`
+- an explicit `nimicoding blueprint-audit` equivalence check for comparing a repo-local blueprint root with the candidate canonical tree under `.nimi/spec`
+- a repo-local `pnpm check:spec-authority-cutover-readiness` gate for pre-cutover readiness validation before authority execution
+- an explicit `nimicoding handoff` export
+- an explicit `nimicoding admit-high-risk-decision` semantic admission surface
+- a local-only `nimicoding closeout` projection
+- a bounded local-only `nimicoding ingest-high-risk-execution` projection
+- a bounded local-only `nimicoding review-high-risk-execution` projection
+- a bounded local-only `nimicoding decide-high-risk-execution` projection
+- mechanical validators for execution-packet, orchestration-state, prompt, worker-output, and acceptance
+- skill-specific result contract seeding for reconstruction, doc/spec audit, and local-only high-risk execution closeout
+- seed-only execution contract extraction under `.nimi/contracts/**`
+- package-owned bootstrap source projection from `config/**`, `contracts/**`, `methodology/**`, and `spec/**`
+
+Current `nimicoding start` behavior is intentionally narrow:
+
+- detect the current project state and continue from the right stage
+- create or resume the `.nimi/**` seed by projecting package-owned source into host paths
+- seed AI-native spec-reconstruction guidance inside `.nimi/**`
+- keep repo-local support-only methodology assets package-owned unless a host explicitly opts into them
+- seed package-owned machine contracts inside `.nimi/contracts/**`
+- seed package-owned execution schemas for future high-risk methodology artifacts without admitting runtime ownership
+- seed canonical skill-manifest, host-profile, installer, delegated runtime contract, installer result contract, installer operational evidence home, and external handoff truth inside `.nimi/**`
+- seed canonical host-adapter truth inside `.nimi/**` so external execution hosts can be admitted without becoming semantic owners
+- seed canonical collapsed installer summary projection lifecycle truth inside `.nimi/**`
+- update `.gitignore` for local runtime state
+- optionally update `AGENTS.md` and `CLAUDE.md` as a staged confirmation inside `start`
+- explain one step at a time, confirm one step at a time, and apply one step at a time in interactive mode
+- prepare one authoritative JSON AI task package for `spec_reconstruction` or `doc_spec_audit` when the current project stage requires it
+- let the user choose a target host such as Codex, Claude, or oh-my-codex for that next AI task
+- print a short paste-ready prompt directly in the terminal during `start` instead of requiring users to open a generated prompt file
+- fail closed on unknown CLI options
+- validate bootstrap integrity and delegated-runtime posture with `doctor`
+- preserve existing truth files rather than overwriting them
+- refuse unsupported bootstrap contract versions
+
+Current `nimicoding clear` behavior is intentionally narrow:
+
+- remove only managed AI blocks in `AGENTS.md` and `CLAUDE.md`
+- remove only package-owned bootstrap files under `.nimi/config/**`, `.nimi/contracts/**`, and `.nimi/methodology/**` when the local file still exactly matches the packaged seed
+- preserve locally modified bootstrap files even when they live under those package-owned bootstrap paths
+- preserve `.nimi/spec/**`, `.nimi/local/**`, and `.nimi/cache/**`
+- avoid deleting project-owned truth or local operational artifacts implicitly
+
+## Topic Lifecycle Reports
+
+Human-authored local report work now uses a topic lifecycle workspace rooted at:
+
+- `/.nimi/topics/**`
+
+Canonical topic lifecycle roots are:
+
+- `proposal`
+- `ongoing`
+- `pending`
+- `closed`
+
+The primary organization unit is a topic folder:
+
+- `.nimi/topics/<state>/YYYY-MM-DD-topic-slug/`
+
+Each topic folder should carry a lightweight `topic.yaml` state record and may
+include:
+
+- `README.md`
+- `design.md`
+- `preflight.md`
+- `waves.md`
+- `packet-*.md`
+- `closeout.md`
+
+Topic folder rules:
+
+- use sortable date-first topic ids: `YYYY-MM-DD-topic-slug`
+- express lifecycle by moving the topic folder between `proposal`, `ongoing`,
+  `pending`, and `closed`
+- keep one canonical copy of a topic at a time
+- record lifecycle transitions in `topic.yaml`; do not rely on folder moves
+  alone as the state evidence surface
+
+Canonical constraints:
+
+- human-authored topic lifecycle reports must use
+  `/.nimi/topics/{proposal|ongoing|pending|closed}/<topic-id>/**`
+- flat markdown files directly under `/.nimi/topics/` are outside the
+  admitted methodology model
+- `.local/report/**` is not an accepted root for human-authored topic
+  lifecycle reports; keep it only for execution evidence or machine outputs
+- `.local/work/**` is no longer the primary methodology workspace for
+  human-authored topic execution materials
+
+Applicability boundary:
+
+- topic workflow is intentionally heavy and not the default entrypoint for all
+  engineering work
+- use a topic when the work is authority-bearing, high-risk, cross-module,
+  multi-wave, or likely to need remediation / re-audit discipline
+- small low-risk changes should stay on the ordinary non-topic path unless there
+  is an explicit reason they need topic-level governance
+
+Development rhythm:
+
+- a topic is the canonical home for one major iteration line, not a micro
+  requirement backlog
+- waves are the bounded execution unit inside a topic
+- entering `ongoing` requires a topic-local `preflight.md` with one selected
+  next execution target, a bounded stop line, consumed inputs/contexts, expected
+  closeout checks, and explicit forbidden reopenings
+- `pending` is an optional no-active-development state for topics that are not
+  ready to close: use it when you want to distinguish "waiting on evidence or
+  an external trigger" from active `ongoing` work, and record explicit reopen
+  or close criteria instead of leaving that wait implicit
+- each wave should own one primary closure goal and end in a bounded result such
+  as an authority cut, implementation packet, bounded re-audit, or explicit
+  pause/defer note
+- planning-only waves may harden one execution target, but they must not chain
+  indefinitely; if no bounded closure is reached after a planning wave, pause or
+  re-preflight instead of opening unbounded new planning waves
+- closeout stays layered: context closure, wave closeout, and final topic
+  closeout are distinct evidence surfaces
+
+Avoid the older `slug-YYYY-MM-DD.md` shape because it sorts poorly and makes
+cross-report navigation harder. Stable machine report artifacts that are meant
+to behave like a current snapshot, such as `blueprint-equivalence-audit.json`,
+should keep their fixed names.
+
+## Canonical Spec Redesign Prep
+
+The package now seeds Phase 0 / Phase 1 canonical-spec redesign contracts under
+`.nimi/spec/_meta/**` together with rewritten `bootstrap-state.yaml` and
+`product-scope.yaml`.
+
+At this stage:
+
+- these files are machine contracts and implementation authority for canonical spec generation
+- active repository authority now lives under `/.nimi/spec/**`
+- `start`, `doctor`, `handoff`, `closeout`, and high-risk gating already read the canonical tree lifecycle instead of treating the old five-file compact model as authoritative completion
+- `nimicoding blueprint-audit` remains the explicit audit surface for benchmark-vs-canonical equivalence checks; it does not perform routing changes on its own
+- `pnpm check:spec-authority-cutover-readiness` remains a pre-cutover readiness aggregator; after cutover it is historical/preflight-only rather than the active authority source
+- canonical spec generation now reads mixed inputs from `.nimi/config/spec-generation-inputs.yaml` and treats any blueprint root as an optional benchmark rather than a universal host assumption
+- completed canonical reconstruction now requires both structural validity and file-level auditability under `.nimi/spec/_meta/spec-generation-audit.yaml`
+- `nimicoding validate-spec-tree` checks canonical tree structure, while `nimicoding validate-spec-audit` checks per-file grounding, inference, and unresolved-gap tracking
+
+Current `nimicoding doctor` behavior is intentionally narrow:
+
+- validate that `.nimi/**` bootstrap seed files are present
+- validate that `.nimi/local/` and `.nimi/cache/` exist and remain ignored
+- validate bootstrap contract compatibility metadata
+- validate bootstrap-only and reconstruction-seeded lifecycle markers
+- validate cross-contract reference alignment across manifest, handoff, runtime, installer, and host-profile truth
+- validate host-adapter boundary truth and adapter selection posture
+- validate admitted package-owned adapter profile overlays for named external hosts
+- validate the packaged external host compatibility contract
+- expose the supported external host posture, examples, and required/forbidden host behavior
+- validate skill result-contract alignment
+- validate the packaged high-risk execution result contract
+- validate the packaged canonical high-risk admission schema contract
+- validate the external execution artifact landing-path contract
+- validate seed-only high-risk execution schemas under `.nimi/contracts/**`
+- validate handoff context-order readiness for an external AI host
+- expose the standalone completion profile, status, completed surfaces, deferred execution surfaces, and promoted parity gaps
+- expose the generic external-host compatibility posture, admitted named overlay posture, and future-only host-specific surfaces
+- validate canonical `.nimi/spec/high-risk-admissions.yaml` record shape against the packaged admission schema contract when present
+- fail closed when lifecycle state, canonical tree readiness, and auditability drift apart
+- report local `doc_spec_audit` closeout artifact status without promoting it to semantic truth
+- emit either human-readable output or machine-readable JSON with `--json`
+
+Current `nimicoding handoff` behavior is intentionally narrow:
+
+- require explicit `--skill <skill-id>`
+- export an authoritative machine-readable external handoff payload with `--json`
+- optionally project a human-readable host briefing with `--prompt`
+- remain host-agnostic: Claude, Codex, Gemini, OMX, or another external host may consume the same contract if it respects the declared boundaries
+- export the package-owned host compatibility contract ref, supported host posture, supported host examples, and required/forbidden host behavior
+- expose whether a generic external host is compatible, whether a named admitted overlay is merely available or currently selected, and which host-specific surfaces remain future-only
+- reuse `doctor` validation and fail closed when bootstrap or delegated handoff posture is invalid
+- allow `spec_reconstruction` handoff during bootstrap-only mode
+- expose selected named adapter overlay metadata when an admitted host profile is selected
+- export `resultContractRef` plus skill-specific closeout summary expectations
+- export execution schema refs, expected artifact kinds, expected local artifact roots, and external execution summary status for `high_risk_execution`
+- refuse `doc_spec_audit` and `high_risk_execution` handoff until the canonical tree under `.nimi/spec` is ready
+
+Current `nimicoding closeout` behavior is intentionally narrow:
+
+- require explicit `--skill`, `--outcome`, and `--verified-at`
+- optionally import those fields plus an optional contract-validated `summary` from an external JSON payload with `--from`
+- project external skill results into a local-only closeout payload
+- optionally write the payload under `.nimi/local/handoff-results/` with `--write-local`
+- fail closed if a `completed` outcome contradicts the current canonical-tree or audit state
+- support contract-validated local-only summary import for `high_risk_execution`
+- fail closed if imported high-risk execution refs escape the declared local artifact roots
+- fail closed if imported high-risk execution summaries omit refs, drift in shape, or claim an illegal external execution status
+- fail closed if imported `summary` content violates the declared skill result contract
+- fail closed if an imported JSON summary does not match the current project or required shape
+- never promote local closeout artifacts to project semantic truth
+
+Current `nimicoding admit-high-risk-decision` behavior is intentionally narrow:
+
+- require explicit `--from <json>` and `--admitted-at <iso8601>`
+- accept only `nimicoding.high-risk-decision.v1` payloads with `decisionStatus: manager_decision_recorded`
+- derive `topic_id` and `packet_id` from the mechanically valid attached packet
+- project canonical admission preview for `.nimi/spec/high-risk-admissions.yaml`
+- write tracked semantic truth only when `--write-spec` is given explicitly
+- fail closed on malformed decision payloads, malformed admissions truth, or missing packet identity
+
+Current `nimicoding ingest-high-risk-execution` behavior is intentionally narrow:
+
+- require explicit `--from <json>` pointing at a local high-risk closeout artifact
+- accept only `high_risk_execution` closeout artifacts with `outcome: completed` and `summary.status: candidate_ready`
+- mechanically validate the referenced packet, orchestration-state, prompt, and worker-output artifacts using the packaged validators
+- require all evidence refs to exist under the declared local artifact roots
+- project a local-only ingest payload and optionally write it under `.nimi/local/handoff-results/`
+- fail closed on contract drift, root escape, missing artifacts, or invalid worker-output/prompt/schema shape
+- never decide semantic acceptance, disposition, or finding judgment
+
+Current `nimicoding review-high-risk-execution` behavior is intentionally narrow:
+
+- require explicit `--from <json>` pointing at a local high-risk ingest artifact
+- accept only `nimicoding.high-risk-ingest.v1` payloads with `ok: true`
+- project a local-only review-ready attachment payload for manager-owned review
+- carry attachment refs, ingest validation evidence, and the declared semantic review owner
+- fail closed if the ingest payload is malformed, not local-only, or mechanically invalid
+- never decide semantic acceptance, disposition, or finding judgment
+
+Current `nimicoding decide-high-risk-execution` behavior is intentionally narrow:
+
+- require explicit `--from <json>`, `--acceptance <path>`, and `--verified-at <iso8601>`
+- accept only `nimicoding.high-risk-review.v1` payloads with `ok: true`
+- require `reviewStatus: ready_for_manager_review`
+- mechanically validate the provided acceptance artifact and require an explicit `Disposition:` line
+- project a local-only manager decision payload and optionally write it under `.nimi/local/handoff-results/`
+- fail closed if the review payload is malformed, not local-only, or points at another project
+- never auto-promote the manager decision into canonical semantic truth without explicit admission
+
+Current mechanical validator behavior is intentionally narrow:
+
+- require an explicit artifact path for each validator command
+- emit machine-readable `validator-cli-result.v1` JSON on both success and refusal
+- validate only the package-owned seed contract shape for execution-packet, orchestration-state, prompt, worker-output, and acceptance
+- fail closed on missing required sections, malformed YAML, or seed-contract drift
+- avoid semantic acceptance, topic orchestration, scheduler ownership, or provider execution claims
+
+The package now carries package-owned bootstrap source under `config/**`,
+`contracts/**`, `methodology/**`, and `spec/**`. `nimicoding start`
+projects those files into a host project's `/.nimi/**`
+surface at runtime. The package also carries adapter overlays under
+`adapters/**/profile.yaml` so external execution hosts such as
+`oh-my-codex` can be admitted as constrained bridges instead of semantic
+owners while keeping external execution closeout local-only, root-bounded,
+and non-semantic until an explicit manager-owned admission writes canonical
+summary truth into `.nimi/spec/high-risk-admissions.yaml`.
+
+Boundary-complete in this package does not mean promoted-runtime parity. The
+package-owned source lives directly under `config/**`, `contracts/**`,
+`methodology/**`, and `spec/**`. Only generated or adopted host projects use
+`.nimi/**`. Standalone does not add `run-*` commands, provider invocation,
+scheduler logic, or transport adapters in this cut.
+
+## Intended Direction
+
+The expected future experience is roughly:
+
+1. install `@nimiplatform/nimi-coding`
+2. run `nimicoding start`
+3. confirm or accept managed AI entrypoints
+4. let an external AI host use seeded `.nimi/**` reconstruction guidance, manifest, host-profile, installer, delegated runtime contract, installer result contract, collapsed installer summary projection lifecycle contract, installer operational evidence guidance, and the authoritative handoff JSON contract to
+   reconstruct the project canonical tree
+5. use the methodology for later high-risk work
+
+## Development Posture
+
+This repository is the standalone boundary package. Deferred runtime surfaces
+such as packet-bound execution, provider-backed execution, scheduler,
+notification, and automation remain outside the packaged scope.

package/adapters/README.md

@@ -0,0 +1,25 @@
+# Adapters
+
+This directory holds optional runtime-adapter guidance for external execution
+hosts.
+
+Adapters in this package do not become methodology owners. They exist to map
+project-local `.nimi/**` truth into a host-specific execution surface while
+preserving these boundaries:
+
+- `.nimi/**` remains the semantic owner.
+- External hosts may own operational state, transport, routing, and execution
+  continuity.
+- Native host review features may provide evidence or risk signals only.
+- External hosts must not redefine acceptance, disposition, or canonical
+  project truth.
+
+Admitted adapter sketches:
+
+- [`codex`](./codex/README.md) — native Codex SDK host via `@openai/codex-sdk`
+- [`oh-my-codex`](./oh-my-codex/README.md) — external execution host via JSON handoff
+- [`claude`](./claude/README.md) — inline coding host via CLAUDE.md + PreToolUse hooks
+
+The package-owned host-agnostic baseline for any external host lives in
+`.nimi/contracts/external-host-compatibility.yaml`. Named adapter overlays may
+specialize that baseline, but they do not replace it.

package/adapters/claude/README.md

@@ -0,0 +1,89 @@
+# Claude Code Adapter
+
+This adapter defines how to use `@nimiplatform/nimi-coding` with Claude Code
+without turning Claude into the semantic owner.
+
+## Intent
+
+Use Claude Code for:
+
+- inline coding with direct filesystem access
+- exploration, planning, and execution in a single session
+- review and decision projection (manager-ready, not manager-owned)
+- AGENTS.md-governed module-scoped work via PreToolUse hooks
+
+Keep `nimicoding` responsible for:
+
+- project-local `.nimi/**` truth
+- authority boundaries
+- handoff constraints
+- packet, prompt, worker-output, and acceptance schema ownership
+- fail-closed validation
+
+## Integration Mode
+
+Claude Code integrates differently from oh-my-codex:
+
+| Concern | oh-my-codex | Claude Code |
+|---|---|---|
+| Host class | external execution host | inline coding host |
+| Instruction format | AGENTS.md (native) | CLAUDE.md (native) + AGENTS.md (hook-injected) |
+| Module context | automatic on every interaction | PreToolUse hook on Read/Edit/Write |
+| Operational state | `.omx/` | `.claude/` |
+| Execution mode | external handoff via JSON | inline in-repo execution |
+| Review capability | execution only | execution + inline review |
+
+## Boundary
+
+Treat the systems as layered rather than merged:
+
+- `@nimiplatform/nimi-coding` is the semantic kernel.
+- Claude Code is a constrained inline coding host.
+- This adapter is only the bridge.
+
+Claude Code may read `.nimi/**` and produce execution artifacts, but it must not:
+
+- become the owner of `.nimi/spec/**`
+- treat cutover readiness as an authority flip
+- decide semantic acceptance or final disposition
+- redefine methodology state from `.claude/**` operational state
+- bypass `nimicoding doctor`, `handoff`, or validator gates
+- use hooks as a replacement for AGENTS.md authority
+
+## Context Channel
+
+Claude Code receives module-level AGENTS.md content through a PreToolUse hook:
+
+1. Hook fires on **Read**, **Edit**, and **Write** tool calls
+2. Script walks up from the target file to find the nearest `AGENTS.md`
+3. Content is injected as `additionalContext` before the tool executes
+4. Root `AGENTS.md` is already synced into `CLAUDE.md` (not re-injected)
+5. **Grep/Glob/Bash** do not trigger injection — manual AGENTS.md reads
+   are still needed for search-based exploration
+
+The `CLAUDE.md` managed block (marker `nimicoding:managed:claude`) provides
+the baseline methodology context. Module-level AGENTS.md provides scoped
+constraints on top of that baseline.
+
+## Coverage Gap
+
+| Tool | Hook fires? | Module AGENTS.md visible? |
+|---|---|---|
+| Read | Yes | Automatic |
+| Edit | Yes | Automatic |
+| Write | Yes | Automatic |
+| Grep | No | Manual read needed |
+| Glob | No | Manual read needed |
+| Bash | No | Manual read needed |
+| Agent (subagent) | No | Manual read needed |
+
+## Mapping
+
+| Claude concern | Adapter rule | `nimicoding` owner |
+|---|---|---|
+| exploration/planning | hook-injected module context | `.nimi/methodology/skill-handoff.yaml` |
+| prompt handoff | consume exported prompt/context | `.nimi/methodology/skill-handoff.yaml` |
+| worker output | write candidate artifact only under declared local roots | `.nimi/contracts/worker-output.schema.yaml` |
+| evidence | write candidate artifact only under declared local roots | packet/evidence contract family |
+| inline review | project decision material, do not decide | manager-reviewed `nimicoding` semantics |
+| final disposition | Claude must not decide | manager-reviewed `nimicoding` semantics |

package/adapters/claude/profile.yaml

@@ -0,0 +1,70 @@
+version: 1
+adapter_profile:
+  id: claude
+  host_class: inline_coding_host
+  upstream_seed_profile: external_ai_host
+  purpose: >
+    Constrain Claude Code to act as an inline coding host for nimicoding
+    methodology execution, with AGENTS.md authority injected via PreToolUse
+    hooks and CLAUDE.md as the native entrypoint, without promoting Claude
+    operational state into semantic truth.
+  semantic_owner:
+    - .nimi/methodology
+    - .nimi/spec
+    - .nimi/contracts
+    - .nimi/config
+  operational_owner:
+    - .claude
+    - .nimi/local
+    - .nimi/cache
+  admitted_skill_surfaces:
+    - spec_reconstruction
+    - doc_spec_audit
+    - audit_sweep
+    - high_risk_execution
+    - inline_review
+    - authority_convergence_audit
+  context_integration:
+    native_entrypoint: CLAUDE.md
+    module_context_channel: PreToolUse_hook_agents_md_injection
+    managed_block_marker: "nimicoding:managed:claude"
+    hook_matcher: Read|Edit|Write
+    hook_script: .claude/hooks/inject-agents-md.sh
+    agents_md_authority: >
+      AGENTS.md files remain the authoritative module-level rules.
+      CLAUDE.md defers to AGENTS.md on conflict. The hook injects the
+      nearest AGENTS.md as additionalContext on Read/Edit/Write tool
+      calls. Grep/Glob/Bash do not trigger injection.
+  prompt_handoff:
+    bootstrap_surface:
+      - nimicoding handoff --skill spec_reconstruction --prompt
+      - nimicoding handoff --skill doc_spec_audit --prompt
+      - nimicoding handoff --skill audit_sweep --prompt
+      - nimicoding handoff --skill high_risk_execution --prompt
+    future_surface:
+      status: active_via_hooks
+      commands: []
+      channel: CLAUDE.md managed block + PreToolUse AGENTS.md hooks
+  output_handoff:
+    worker_output_target: .nimi/local/outputs/** candidate artifact
+    evidence_target: .nimi/local/evidence/** candidate artifact
+    closeout_target: local-only closeout payload unless later admitted
+  authority_convergence_audit:
+    execution_projection: claude_task_subagent_auditor
+    dispatch_source: nimicoding topic audit dispatch
+    output_target: .nimi/local/outputs/** candidate audit evidence
+    semantic_effect: none_until_manager_records_topic_audit_result
+    required_prompt_posture:
+      - audit_only_no_code_or_spec_edits
+      - report_PASS_NEEDS_REVISION_or_FAIL
+      - list_blocking_findings_concerns_deferred_non_blockers_and_authority_refs
+  hard_constraints:
+    - claude_must_not_become_semantic_owner
+    - claude_must_not_write_canonical_.nimi/spec_truth_directly_without_validator_admission
+    - claude_must_not_define_acceptance_disposition_or_finding_judgment
+    - claude_operational_state_must_remain_operational_only
+    - claude_hooks_must_not_replace_agents_md_authority
+    - unresolved_authority_or_missing_context_must_fail_closed
+    - claude_subagent_authority_convergence_output_must_remain_candidate_evidence
+  current_gaps:
+    - automatic_semantic_admission_automation_not_packaged_in_standalone

package/adapters/codex/README.md

@@ -0,0 +1,53 @@
+# Codex Adapter Sketch
+
+This adapter defines native Codex support for `@nimiplatform/nimi-coding`.
+
+It is intentionally separate from `oh_my_codex`. `oh_my_codex` is an external
+adapter boundary; `codex` is the native Codex SDK host boundary.
+
+## Boundary
+
+- Codex SDK owns operational thread execution.
+- `.nimi/**` remains semantic truth.
+- Topic decisions come from `nimicoding topic run-next-step`.
+- Run continuity is recorded by `nimicoding topic run-ledger`.
+- Codex thread IDs are operational state and must not become semantic truth.
+
+## SDK Surface
+
+The admitted native surface is the official TypeScript package:
+
+- package: `@openai/codex-sdk`
+- primary API: `new Codex().startThread().run(prompt)`
+- resume API: `new Codex().resumeThread(threadId).run(prompt)`
+
+The first packaged runner must call the SDK directly. It must not shell out to
+the Codex CLI and must not route through `oh_my_codex`.
+
+## Execution Rule
+
+The runner may call Codex only after `run-next-step` returns:
+
+- `stop_class: continue`
+- a mechanical `recommended_action`
+- a concrete `next_command_ref`
+
+`continue` means the next package-owned command is placeholder-free and
+mechanically determined. It may include lifecycle transitions such as admitting
+the uniquely selected wave or freezing the uniquely matching draft packet; those
+transitions do not by themselves create a human gate.
+
+All other stop classes must be represented as run-ledger events and returned to
+the manager/operator without hidden continuation.
+
+## Native Review Boundary
+
+Codex native review features are admitted only as lower-layer host capabilities:
+
+- automatic approval review may evaluate permission prompts and risk posture
+- GitHub automatic review may provide PR findings
+- both outputs may be recorded as `.nimi/local/evidence/**` candidate evidence
+
+They must not admit a wave, freeze a packet, record a result verdict, close a
+wave, close a topic, or satisfy true-close. Those transitions remain
+`nimicoding topic` command semantics with package-owned artifact lineage.