@open-agent-toolkit/cli 0.1.43 → 0.1.46

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (94) hide show
  1. package/assets/agents/oat-reviewer.md +2 -2
  2. package/assets/config/dispatch-matrix-recommendation.json +23 -0
  3. package/assets/docs/cli-utilities/config-and-local-state.md +7 -0
  4. package/assets/docs/cli-utilities/configuration.md +104 -25
  5. package/assets/docs/cli-utilities/workflow-gates.md +79 -16
  6. package/assets/docs/contributing/code.md +10 -4
  7. package/assets/docs/contributing/hooks-and-safety.md +23 -0
  8. package/assets/docs/provider-sync/config.md +5 -1
  9. package/assets/docs/provider-sync/manifest-and-drift.md +6 -1
  10. package/assets/docs/provider-sync/providers.md +6 -3
  11. package/assets/docs/provider-sync/scope-and-surface.md +2 -1
  12. package/assets/docs/reference/oat-directory-structure.md +2 -2
  13. package/assets/docs/workflows/projects/dispatch-ceiling.md +110 -27
  14. package/assets/docs/workflows/projects/implementation-execution.md +20 -13
  15. package/assets/public-package-versions.json +4 -4
  16. package/assets/skills/oat-project-implement/SKILL.md +155 -58
  17. package/assets/skills/oat-project-plan/SKILL.md +22 -3
  18. package/assets/skills/oat-project-quick-start/SKILL.md +54 -23
  19. package/assets/templates/state.md +5 -0
  20. package/dist/commands/config/index.d.ts +6 -0
  21. package/dist/commands/config/index.d.ts.map +1 -1
  22. package/dist/commands/config/index.js +429 -20
  23. package/dist/commands/doctor/index.d.ts +6 -1
  24. package/dist/commands/doctor/index.d.ts.map +1 -1
  25. package/dist/commands/doctor/index.js +209 -19
  26. package/dist/commands/gate/index.d.ts +39 -2
  27. package/dist/commands/gate/index.d.ts.map +1 -1
  28. package/dist/commands/gate/index.js +343 -30
  29. package/dist/commands/internal/cursor-current-target.d.ts +37 -0
  30. package/dist/commands/internal/cursor-current-target.d.ts.map +1 -0
  31. package/dist/commands/internal/cursor-current-target.js +228 -0
  32. package/dist/commands/internal/index.d.ts.map +1 -1
  33. package/dist/commands/internal/index.js +2 -0
  34. package/dist/commands/project/dispatch-ceiling/index.d.ts.map +1 -1
  35. package/dist/commands/project/dispatch-ceiling/index.js +487 -17
  36. package/dist/commands/providers/codex/index.d.ts +4 -0
  37. package/dist/commands/providers/codex/index.d.ts.map +1 -0
  38. package/dist/commands/providers/codex/index.js +7 -0
  39. package/dist/commands/providers/codex/materialize.d.ts +5 -0
  40. package/dist/commands/providers/codex/materialize.d.ts.map +1 -0
  41. package/dist/commands/providers/codex/materialize.js +152 -0
  42. package/dist/commands/providers/index.d.ts +2 -2
  43. package/dist/commands/providers/index.d.ts.map +1 -1
  44. package/dist/commands/providers/index.js +4 -2
  45. package/dist/commands/providers/providers.types.d.ts +23 -0
  46. package/dist/commands/providers/providers.types.d.ts.map +1 -1
  47. package/dist/commands/shared/codex-strays.d.ts.map +1 -1
  48. package/dist/commands/shared/codex-strays.js +11 -1
  49. package/dist/commands/status/index.d.ts +4 -1
  50. package/dist/commands/status/index.d.ts.map +1 -1
  51. package/dist/commands/status/index.js +1 -1
  52. package/dist/commands/sync/index.d.ts.map +1 -1
  53. package/dist/commands/sync/index.js +1 -1
  54. package/dist/commands/sync/sync.types.d.ts +4 -1
  55. package/dist/commands/sync/sync.types.d.ts.map +1 -1
  56. package/dist/config/dispatch-ceiling-preset.d.ts +4 -0
  57. package/dist/config/dispatch-ceiling-preset.d.ts.map +1 -1
  58. package/dist/config/dispatch-ceiling-preset.js +3 -0
  59. package/dist/config/dispatch-policy-options.d.ts +20 -0
  60. package/dist/config/dispatch-policy-options.d.ts.map +1 -0
  61. package/dist/config/dispatch-policy-options.js +96 -0
  62. package/dist/config/oat-config.d.ts +21 -5
  63. package/dist/config/oat-config.d.ts.map +1 -1
  64. package/dist/config/oat-config.js +118 -10
  65. package/dist/config/resolve.js +12 -0
  66. package/dist/manifest/manifest.types.d.ts +12 -12
  67. package/dist/providers/ceiling/registry.d.ts +7 -5
  68. package/dist/providers/ceiling/registry.d.ts.map +1 -1
  69. package/dist/providers/ceiling/registry.js +32 -5
  70. package/dist/providers/codex/codec/config-merge.d.ts +6 -0
  71. package/dist/providers/codex/codec/config-merge.d.ts.map +1 -1
  72. package/dist/providers/codex/codec/config-merge.js +7 -0
  73. package/dist/providers/codex/codec/materialize.d.ts +16 -0
  74. package/dist/providers/codex/codec/materialize.d.ts.map +1 -0
  75. package/dist/providers/codex/codec/materialize.js +57 -0
  76. package/dist/providers/codex/codec/shared.d.ts +1 -0
  77. package/dist/providers/codex/codec/shared.d.ts.map +1 -1
  78. package/dist/providers/codex/codec/shared.js +9 -1
  79. package/dist/providers/codex/codec/sync-extension.d.ts +7 -1
  80. package/dist/providers/codex/codec/sync-extension.d.ts.map +1 -1
  81. package/dist/providers/codex/codec/sync-extension.js +183 -46
  82. package/dist/providers/identity/availability.d.ts +45 -0
  83. package/dist/providers/identity/availability.d.ts.map +1 -0
  84. package/dist/providers/identity/availability.js +353 -0
  85. package/dist/providers/identity/family.d.ts +13 -0
  86. package/dist/providers/identity/family.d.ts.map +1 -0
  87. package/dist/providers/identity/family.js +32 -0
  88. package/dist/providers/identity/provenance.d.ts +21 -0
  89. package/dist/providers/identity/provenance.d.ts.map +1 -0
  90. package/dist/providers/identity/provenance.js +65 -0
  91. package/dist/providers/identity/stamp.d.ts +35 -0
  92. package/dist/providers/identity/stamp.d.ts.map +1 -0
  93. package/dist/providers/identity/stamp.js +171 -0
  94. package/package.json +2 -2
@@ -1,6 +1,6 @@
1
1
  ---
2
2
  name: oat-reviewer
3
- version: 1.1.4
3
+ version: 1.1.5
4
4
  description: Unified reviewer for OAT projects - mode-aware verification of requirements/design alignment and code quality. Writes a review artifact to disk by default, or returns structured findings in-memory when dispatched in structured-output mode.
5
5
  tools: Read, Bash, Grep, Glob, Write
6
6
  color: yellow
@@ -68,7 +68,7 @@ You will be given a "Review Scope" block including:
68
68
 
69
69
  The orchestrator owns dispatch control. Do not read `plan.md` Dispatch Profile rows to self-select a tier.
70
70
 
71
- For Codex, deterministic review dispatch under a capped managed policy uses pinned reviewer variants (`oat-reviewer-low`, `oat-reviewer-medium`, `oat-reviewer-high`, or `oat-reviewer-xhigh`) selected by the resolved OAT dispatch policy cap. Managed `Uncapped` and inherit/default policies have no reviewer target, so the base `oat-reviewer` role is used as a provider-default/unpinned fallback. If you are running as the base role, report any provided `provider_default_effort` as context but do not treat it as managed uncapped selection or an OAT cap.
71
+ For Codex, deterministic review dispatch under a capped managed policy uses the materialized Codex role name returned by `providers.codex.dispatchArgs.variant`; the orchestrator also supplies `providers.codex.selection.target` context when available and should derive `model_axis` and `effort_axis` from resolver output. Managed `Uncapped` and inherit/default policies have no reviewer target, so the base `oat-reviewer` role is used only when the resolver returns no `dispatchArgs.variant`, as a provider-default/unpinned fallback. If you are running as the base role, report any provided `provider_default_effort` as context but do not treat it as managed uncapped selection or an OAT cap. Use base `oat-reviewer` only when the resolver returns no `dispatchArgs.variant`.
72
72
 
73
73
  For Claude Code, review dispatch is model-axis based and the effort axis is `not-applicable`.
74
74
 
@@ -0,0 +1,23 @@
1
+ {
2
+ "version": "2026-07-07.1",
3
+ "providers": {
4
+ "codex": {
5
+ "economy": "low",
6
+ "balanced": "medium",
7
+ "high": "high",
8
+ "frontier": "xhigh"
9
+ },
10
+ "claude": {
11
+ "economy": "haiku",
12
+ "balanced": "sonnet",
13
+ "high": "opus",
14
+ "frontier": "fable"
15
+ },
16
+ "cursor": {
17
+ "economy": "composer-2.5",
18
+ "balanced": "composer-2.5-fast",
19
+ "high": "gpt-5.5-high",
20
+ "frontier": "fable-5"
21
+ }
22
+ }
23
+ }
@@ -113,6 +113,13 @@ Use `oat config` for repo runtime config inspection and supported key mutation.
113
113
 
114
114
  Use `oat config dump --json` when you need the whole resolved config in one machine-readable response rather than a single key or a human-oriented list view.
115
115
 
116
+ Dispatch policy keys are part of this surface, but provider-specific generation
117
+ still belongs to provider commands. Use `oat config describe
118
+ workflow.dispatchPolicy.policy` to inspect capped managed, managed uncapped,
119
+ inherit/default, and unresolved behavior; use `oat providers codex materialize`
120
+ or `oat sync --scope project` to create materialized Codex roles from explicit
121
+ model+effort targets.
122
+
116
123
  Archive lifecycle settings live here as shared repo config:
117
124
 
118
125
  - `archive.s3Uri`
@@ -173,8 +173,8 @@ oat config describe activeIdea
173
173
  Dispatch policy is the workflow setting that tells OAT whether to manage
174
174
  subagent model/effort selection and, if so, which managed policy to use.
175
175
 
176
- For the full conceptual model - managed capped tiers, managed `Uncapped`,
177
- `Inherit Host Defaults`, and provider-specific enforcement - see
176
+ For the full conceptual model - managed capped tiers, dispatch matrix cells,
177
+ managed `Uncapped`, `Inherit Host Defaults`, and provider-specific enforcement - see
178
178
  [Dispatch Policy](../workflows/projects/dispatch-ceiling.md).
179
179
 
180
180
  ### Config keys
@@ -196,35 +196,109 @@ Managed policies compile to:
196
196
  | `frontier` | `xhigh` | `fable` |
197
197
  | `uncapped` | none | none |
198
198
 
199
- Legacy compatibility keys remain supported for capped managed behavior:
199
+ Dispatch matrix and legacy compatibility keys:
200
200
 
201
- | Key | Values | Purpose |
202
- | ------------------------------------------- | --------------------------------------- | ---------------------------------------------------------------------------- |
203
- | `workflow.dispatchCeiling.preset` | `balanced`, `maximum`, `cost-conscious` | Legacy preset alias; `maximum` maps to `high`, `cost-conscious` to `economy` |
204
- | `workflow.dispatchCeiling.providers.codex` | `low`, `medium`, `high`, `xhigh` | Legacy concrete Codex capped target |
205
- | `workflow.dispatchCeiling.providers.claude` | `haiku`, `sonnet`, `opus`, `fable` | Legacy concrete Claude capped target |
201
+ | Key | Values | Purpose |
202
+ | ------------------------------------------------------ | --------------------------------------- | -------------------------------------------------------------------------------------- |
203
+ | `workflow.dispatchCeiling.preset` | `balanced`, `maximum`, `cost-conscious` | Legacy preset alias; `maximum` maps to `high`, `cost-conscious` to `economy` |
204
+ | `workflow.dispatchCeiling.providers.<provider>` | bare value or tier map | Provider column; bare Codex/Claude values remain legacy capped targets |
205
+ | `workflow.dispatchCeiling.providers.<provider>.<tier>` | bare value or ordered route | One matrix cell for `economy`, `balanced`, `high`, or `frontier` |
206
+ | `workflow.dispatchCeiling.recommendationVersion` | string | Version stamp written by `oat config adopt dispatch-matrix`; used for drift visibility |
206
207
 
207
- `Uncapped` is explicit managed state. Do not represent it by leaving policy
208
- state absent. To request no OAT model/effort selection, set:
208
+ Examples:
209
+
210
+ ```bash
211
+ oat config adopt dispatch-matrix --shared
212
+ oat config set workflow.dispatchCeiling.providers.cursor.balanced composer-2.5 --shared
213
+ oat config set workflow.dispatchCeiling.providers.codex high --shared
214
+ oat config set workflow.dispatchCeiling.providers.claude opus --shared
215
+ ```
216
+
217
+ For ordered routes, edit the config JSON so a tier cell is an array. Route
218
+ entries are either bare slugs or objects with `harness`, `model`, and optional
219
+ `effort`:
220
+
221
+ ```json
222
+ {
223
+ "workflow": {
224
+ "dispatchCeiling": {
225
+ "providers": {
226
+ "cursor": {
227
+ "high": [
228
+ "composer-2.5",
229
+ { "harness": "cursor", "model": "gpt-5.5-xhigh" }
230
+ ]
231
+ }
232
+ }
233
+ }
234
+ }
235
+ }
236
+ ```
237
+
238
+ `Uncapped` is explicit managed state: OAT still selects the preferred
239
+ provider-specific dispatch target, but does not apply a maximum cap. Do not
240
+ represent it by leaving policy state absent. To request no OAT model/effort
241
+ selection, set:
209
242
 
210
243
  ```bash
211
244
  oat config set workflow.dispatchPolicy.mode inherit
212
245
  ```
213
246
 
247
+ If no managed policy, legacy cap, or inherit/default mode resolves during an
248
+ implementation preflight, the policy remains unresolved. Interactive
249
+ implementation may ask once and persist a choice; non-interactive
250
+ implementation blocks rather than silently falling back to host defaults.
251
+
214
252
  ### How enforcement works
215
253
 
216
254
  OAT applies managed policies where the provider exposes a reliable mechanism.
217
- Other providers receive them as advisory/unsupported.
255
+ Providers without an adapter receive them as advisory/unsupported.
256
+
257
+ | Provider | Mechanism | Enforcement mode |
258
+ | -------- | ------------------------------------ | ------------------------------- |
259
+ | Codex | Materialized model+effort role names | `enforced` |
260
+ | Claude | Task `model` parameter | `enforced` |
261
+ | Cursor | `--model` argument / Task `model` | `enforced` when a cell resolves |
262
+ | Others | None (informational only) | `advisory` / `unsupported` |
263
+
264
+ Codex managed dispatch compiles an explicit `model` plus reasoning `effort`
265
+ target into a materialized OAT role name, for example
266
+ `oat-phase-implementer-gpt-5-6-terra-xhigh`. OAT-managed Codex roles are not
267
+ the old hard-coded effort-only pins; they come from resolver targets, dispatch
268
+ matrix cells, or an explicit materialization command. Base roles such as
269
+ `oat-phase-implementer` and `oat-reviewer` are fallback paths that follow the
270
+ provider default effort when inherit/default behavior is selected or no
271
+ materialized target resolves.
218
272
 
219
- | Provider | Mechanism | Enforcement mode |
220
- | -------- | ------------------------- | -------------------------- |
221
- | Codex | Pinned role variants | `enforced` |
222
- | Claude | Task `model` parameter | `enforced` |
223
- | Others | None (informational only) | `advisory` / `unsupported` |
224
-
225
- Codex uses effort (`low < medium < high < xhigh`) and pinned OAT role variants.
226
273
  Claude uses Task `model` (`haiku < sonnet < opus < fable`) and keeps
227
- `effort_axis=not-applicable`.
274
+ `effort_axis=not-applicable`. Cursor and other model-arg providers use opaque
275
+ matrix slugs; OAT validates availability when a provider oracle is available,
276
+ but the configured matrix owns tier meaning. For Cursor subagents, validation
277
+ checks the model can actually be used by Task subagent dispatch, not just that
278
+ the broad `cursor-agent models` catalog lists the slug.
279
+
280
+ ### Codex role materialization
281
+
282
+ Use `oat providers codex materialize` when you need to materialize one
283
+ canonical agent as a Codex role outside a full sync run:
284
+
285
+ ```bash
286
+ oat providers codex materialize oat-reviewer --model gpt-5.6-terra --effort xhigh --dry-run
287
+ oat providers codex materialize oat-phase-implementer --model gpt-5.6-terra --effort high
288
+ ```
289
+
290
+ Required inputs are the canonical agent name, `--model <model-id>`, and
291
+ `--effort <reasoning-effort>`. The command defaults to project scope, reads
292
+ `.agents/agents/<agent-name>.md`, writes `.codex/agents/<role>.toml`, and
293
+ upserts `.codex/config.toml` unless `--dry-run` is present. `--agent-path` can
294
+ point at a specific canonical agent markdown file, and `--role-name` can
295
+ override the generated role name.
296
+
297
+ Normal project sync also materializes Codex roles for configured matrix targets:
298
+
299
+ ```bash
300
+ oat sync --scope project
301
+ ```
228
302
 
229
303
  **Verify-on-upgrade:** when the requested tier exceeds the current orchestrator
230
304
  tier (an upgrade request), the resolver sets `verifyOnDispatch: true`. The skill
@@ -249,12 +323,14 @@ oat project dispatch-ceiling resolve --provider codex --json
249
323
  oat project dispatch-ceiling resolve --provider codex --role implementer --preferred medium --json
250
324
  oat project dispatch-ceiling resolve --provider claude --role implementer --preferred sonnet --orchestrator-tier sonnet --json
251
325
  oat project dispatch-ceiling resolve --provider claude --orchestrator-tier sonnet --json
326
+ oat project dispatch-ceiling resolve --provider cursor --role implementer --preferred high --escalation-level 0 --json
252
327
  ```
253
328
 
254
329
  The resolver checks effective config first, then project `state.md`
255
- `oat_dispatch_policy` frontmatter, then legacy `oat_dispatch_ceiling`.
256
- For Codex it also reports `providerDefaultEffort`, which is informational only
257
- for explicit inherit/default behavior or base/unpinned fallback paths.
330
+ `oat_dispatch_policy` frontmatter, including sparse `matrix` overrides, then
331
+ legacy `oat_dispatch_ceiling`. For Codex it also reports
332
+ `providerDefaultEffort`, which is informational only for explicit
333
+ inherit/default behavior or base/unpinned fallback paths.
258
334
 
259
335
  For non-interactive preflight checks, use:
260
336
 
@@ -284,10 +360,11 @@ Workflow preference keys live under the `workflow.*` namespace:
284
360
  - `workflow.autoArtifactReview.plan` — boolean, default `true`. Automatically run the bounded artifact-review loop for generated `plan.md` files before implementation handoff. Set to `false` only when you intentionally want to skip the plan artifact review.
285
361
  - `workflow.autoArtifactReview.analysis` — boolean, default `true`. Automatically run the bounded accuracy-review loop for generated docs and agent-instructions analysis artifacts before the matching apply workflow consumes them.
286
362
  - `workflow.dispatchPolicy.mode` — `managed` or `inherit`. `managed` means OAT selects model/effort controls from `workflow.dispatchPolicy.policy`; `inherit` means OAT leaves controls to host/provider defaults.
287
- - `workflow.dispatchPolicy.policy` — `economy`, `balanced`, `high`, `frontier`, or `uncapped`. `economy` through `frontier` are capped managed policies; `uncapped` keeps OAT-managed preferred selection without provider caps.
363
+ - `workflow.dispatchPolicy.policy` — `economy`, `balanced`, `high`, `frontier`, or `uncapped`. `economy` through `frontier` are capped managed policies; `uncapped` keeps OAT-managed preferred selection without provider caps. It is distinct from `workflow.dispatchPolicy.mode=inherit`, which leaves controls to the host/provider.
288
364
  - `workflow.dispatchCeiling.preset` — legacy compatibility alias (`balanced`, `maximum`, or `cost-conscious`) for capped managed policy setup.
289
- - `workflow.dispatchCeiling.providers.codex`legacy concrete Codex cap (`low`, `medium`, `high`, or `xhigh`).
290
- - `workflow.dispatchCeiling.providers.claude`legacy concrete Claude cap (`haiku`, `sonnet`, `opus`, or `fable`). Claude has no separate per-dispatch effort axis, so the effort axis remains `not-applicable`.
365
+ - `workflow.dispatchCeiling.providers.<provider>`dispatch matrix provider column or legacy bare provider target.
366
+ - `workflow.dispatchCeiling.providers.<provider>.<tier>`one matrix cell for `economy`, `balanced`, `high`, or `frontier`.
367
+ - `workflow.dispatchCeiling.recommendationVersion` — version of the adopted recommended matrix.
291
368
  - `workflow.gates.skills` / `workflow.gates.execTargets` — structured per-skill final gate commands and exec-target registry. Use `oat gate set`, `oat gate target set`, `oat gate review`, and `oat gate cross-provider-exec`; do not use `oat config set` for these objects.
292
369
 
293
370
  ### Auto artifact-review preferences
@@ -324,6 +401,7 @@ oat config set workflow.autoReviewAtHillCheckpoints true --user
324
401
  oat config set workflow.autoNarrowReReviewScope true --user
325
402
  oat config set workflow.designMode selective --user
326
403
  oat config set workflow.dispatchCeiling.preset balanced --user
404
+ oat config adopt dispatch-matrix --user
327
405
  oat config set workflow.autoArtifactReview.plan true --user
328
406
  oat config set workflow.autoArtifactReview.analysis true --user
329
407
 
@@ -331,6 +409,7 @@ oat config set workflow.autoArtifactReview.analysis true --user
331
409
  oat config set workflow.createPrOnComplete false --shared
332
410
  oat config set workflow.designMode collaborative --shared
333
411
  oat config set workflow.dispatchCeiling.preset balanced --shared
412
+ oat config set workflow.dispatchCeiling.providers.cursor.high composer-2.5 --shared
334
413
  oat config set workflow.autoArtifactReview.plan false --shared
335
414
 
336
415
  # Repo-local: personal override for this repo (default when no flag)
@@ -1,6 +1,6 @@
1
1
  ---
2
2
  title: Workflow Gates
3
- description: Configure per-skill final commands and cross-runtime review dispatch with oat gate.
3
+ description: Configure per-skill final commands and family-aware review dispatch with oat gate.
4
4
  ---
5
5
 
6
6
  # Workflow Gates
@@ -16,6 +16,13 @@ selects an exec target, runs the prompt, and exits with the child process
16
16
  status. Use `oat gate review` when the command is specifically an OAT review
17
17
  gate that should inspect the produced review artifact.
18
18
 
19
+ :::note Release note: default avoidance changed
20
+ Gate dispatch now defaults to `--avoid same-family`, not `same-runtime`.
21
+ For multi-family providers such as Cursor, this prevents a gate from reviewing
22
+ with the same model family that produced the work. Use `--avoid none` only when
23
+ you intentionally allow same-family review.
24
+ :::
25
+
19
26
  ## Gate config
20
27
 
21
28
  Gate config lives under `workflow.gates.skills` and is keyed by skill name.
@@ -129,9 +136,9 @@ contract.
129
136
  ## Exec targets
130
137
 
131
138
  `oat gate cross-provider-exec` chooses from `workflow.gates.execTargets`.
132
- Targets are keyed by opaque id. OAT uses only the declared runtime, commands,
133
- and priority; it does not parse model names or infer provider semantics from the
134
- id.
139
+ Targets are keyed by opaque id. OAT uses the declared runtime, commands,
140
+ priority, optional `models` list, and any pinned `--model` already present in
141
+ the command. It does not infer provider semantics from the target id.
135
142
 
136
143
  Built-in targets:
137
144
 
@@ -162,6 +169,34 @@ oat gate target set claude-opus \
162
169
  JSON argv is intentional: provider commands often contain flags such as `-p` or
163
170
  `--model`, which would be ambiguous as variadic CLI options.
164
171
 
172
+ Targets may also define a `models` list directly in config. During selection,
173
+ OAT expands that target into `(target, model)` candidates, preserves the target
174
+ priority and model list order, and appends `--model <winner>` to the command.
175
+ A long-form target that already pins `--model` in `baseCommand` is treated as
176
+ that candidate's model and is not double-pinned.
177
+
178
+ ```json
179
+ {
180
+ "workflow": {
181
+ "gates": {
182
+ "execTargets": {
183
+ "cursor-family-gate": {
184
+ "runtime": "cursor",
185
+ "baseCommand": ["cursor-agent", "-p", "--force"],
186
+ "models": ["composer-2.5", "gpt-5.5-xhigh", "claude-opus-4-8"],
187
+ "availabilityCommand": [
188
+ "sh",
189
+ "-c",
190
+ "command -v cursor-agent || command -v agent"
191
+ ],
192
+ "priority": 95
193
+ }
194
+ }
195
+ }
196
+ }
197
+ }
198
+ ```
199
+
165
200
  ### Trusted target examples
166
201
 
167
202
  Use these examples only in trusted environments where the provider process may
@@ -275,12 +310,15 @@ oat gate cross-provider-exec "Use oat-project-review-provide to review the curre
275
310
  By default the dispatcher:
276
311
 
277
312
  1. Resolves built-in and configured exec targets.
278
- 2. Detects the current runtime with host detection commands.
279
- 3. Applies `--avoid same-runtime`.
280
- 4. Checks candidate availability in descending priority order, with target id as
313
+ 2. Expands target `models` into candidate `(target, model)` pairs.
314
+ 3. Detects the current runtime with host detection commands.
315
+ 4. Resolves producer identity from `--producer-identity` or dispatch stamps when
316
+ available.
317
+ 5. Applies `--avoid same-family`.
318
+ 6. Checks candidate availability in descending priority order, with target id as
281
319
  the tie-breaker.
282
- 5. Runs the chosen `baseCommand` with the prompt appended.
283
- 6. Exits with the child process status.
320
+ 7. Runs the chosen `baseCommand` with the selected model and prompt appended.
321
+ 8. Exits with the child process status.
284
322
 
285
323
  Use `--target <id>` to pin one target and skip detection/avoidance:
286
324
 
@@ -289,12 +327,32 @@ oat gate cross-provider-exec --target claude-opus "Review the current project"
289
327
  ```
290
328
 
291
329
  Use `--avoid none` only when you intentionally allow the current runtime to be
292
- selected:
330
+ selected or same-family review to run:
293
331
 
294
332
  ```bash
295
333
  oat gate cross-provider-exec --avoid none "Run this gate on any available target"
296
334
  ```
297
335
 
336
+ Use `--producer-identity <value>:<provenance>` to route manually from a known
337
+ producer when no project dispatch stamp exists:
338
+
339
+ ```bash
340
+ oat gate review \
341
+ --producer-identity gpt-5.5-xhigh:declared \
342
+ --review-type code \
343
+ --review-scope final \
344
+ "Use oat-project-review-provide code final to review the current project"
345
+ ```
346
+
347
+ Gate JSON output includes `diversity` metadata with the requested avoid mode,
348
+ producer identity/provenance/confidence, reviewer target/model/family, and the
349
+ achieved level:
350
+
351
+ - `different-family`
352
+ - `degraded-to-different-slug`
353
+ - `same-family - no diverse target available`
354
+ - `unknown-producer`
355
+
298
356
  ## Failure behavior
299
357
 
300
358
  Gate failure behavior is owned by the gate-aware skill:
@@ -309,11 +367,16 @@ Gate failure behavior is owned by the gate-aware skill:
309
367
  available target. Once a target actually runs, its exit code is the gate result;
310
368
  OAT does not try another target after a failed review.
311
369
 
370
+ Gate target execution has a child-process timeout (default 10 minutes, override
371
+ with `OAT_GATE_EXEC_TIMEOUT_MS`). When a review target times out, JSON output
372
+ reports `status: review_failed`, `outcome: review_did_not_complete`,
373
+ `timedOut: true`, and the timeout value so automation can distinguish a hung
374
+ provider prompt from a completed review with findings.
375
+
312
376
  ## Current limits
313
377
 
314
- V1 gates avoid the current runtime, not the current model or effort setting.
315
- Same-runtime but different-target dispatch, such as using Cursor again with a
316
- different model slug, is future work. Until that exists, reusable lifecycle
317
- gates should rely on default `same-runtime` avoidance for cross-runtime review;
318
- manual and local overrides can pin an explicit reviewer target with
319
- `--target <id>`.
378
+ Family diversity is selected before dispatch. If the selected provider command
379
+ starts and then fails, OAT does not try another target after dispatch. If no
380
+ different-family target is available, OAT warns, records the degraded achieved
381
+ level, and runs the best available target rather than pretending diversity was
382
+ achieved.
@@ -12,15 +12,21 @@ Use this page when you are changing the OAT codebase itself rather than only edi
12
12
  Install and verify the workspace from the repo root:
13
13
 
14
14
  ```bash
15
- pnpm install
16
- pnpm build
17
- pnpm run cli -- help
15
+ nvm use
16
+ corepack pnpm install
17
+ corepack pnpm build
18
+ corepack pnpm run cli -- help
18
19
  ```
19
20
 
21
+ The repo pins Node in `.nvmrc` and the package manager in `package.json`
22
+ (`packageManager`). If your machine has multiple Node or pnpm installs, prefer
23
+ Corepack from the active `.nvmrc` Node so workspace commands use the same pnpm
24
+ version as the hooks and CI.
25
+
20
26
  For worktree-based implementation, initialize the worktree before starting the CLI workflow:
21
27
 
22
28
  ```bash
23
- pnpm run worktree:init
29
+ corepack pnpm run worktree:init
24
30
  ```
25
31
 
26
32
  ## Monorepo Structure
@@ -20,6 +20,29 @@ The hook is non-blocking: it never fails the commit, even when managed drift is
20
20
 
21
21
  OAT installs the hook into Git's currently active hook directory. When a consumer repo keeps hooks in a repo-managed folder such as `.githooks/`, Git must be configured to use that path before install, or OAT must configure it during the hook prompt flow.
22
22
 
23
+ ## OAT repo developer hooks
24
+
25
+ The `open-agent-toolkit` repository also ships its own managed hook scripts under
26
+ `tools/git-hooks/`. These are contributor hooks for this repo, separate from the
27
+ consumer hook snippet that `oat init` installs into other repositories.
28
+
29
+ The repo hooks source `tools/git-hooks/repo-toolchain.sh` before running pnpm
30
+ commands. The helper changes to the repo root, loads `.nvmrc` through nvm when
31
+ available, and then prefers Corepack pnpm. This keeps `commit-msg`,
32
+ `pre-commit`, `pre-push`, and `post-checkout` on the same Node/pnpm toolchain
33
+ even when a developer shell has multiple versions installed.
34
+
35
+ The repo's `pre-commit` OAT status check uses the repo-local source CLI when the
36
+ OAT source tree is present:
37
+
38
+ ```bash
39
+ corepack pnpm run --silent cli:source -- status --scope project --hook
40
+ ```
41
+
42
+ That avoids false sync drift from a stale globally installed `oat` while still
43
+ leaving the consumer-repo hook contract unchanged: generated hooks in other
44
+ repos continue to call `oat status --scope project --hook`.
45
+
23
46
  ## Safety contracts
24
47
 
25
48
  - `sync` mutates by default; use `--dry-run` to preview.
@@ -95,7 +95,11 @@ canonical `.agents/skills` inventory.
95
95
  - unset: provider falls back to directory detection.
96
96
  - `defaultStrategy` is used when no provider-specific `strategy` is set.
97
97
  - At runtime, config is normalized so `providers` is always present in memory.
98
- - Codex project sync also manages generated role variants derived from canonical agents. `oat-phase-implementer-low|medium|high|xhigh` and `oat-reviewer-low|medium|high|xhigh` are managed outputs used by dispatch-ceiling-aware implementation. They should not be adopted as stray roles.
98
+ - Codex project sync also manages generated materialized roles derived from
99
+ canonical agents and explicit model+effort targets. Dispatch-aware roles such
100
+ as `oat-phase-implementer-gpt-5-6-terra-xhigh` and
101
+ `oat-reviewer-gpt-5-6-terra-xhigh` are managed outputs and should not be
102
+ adopted as stray roles.
99
103
 
100
104
  ## Recommended management flow
101
105
 
@@ -69,7 +69,12 @@ After adoption, `oat sync` regenerates the managed provider copies from the cano
69
69
 
70
70
  ### Generated provider roles
71
71
 
72
- Some Codex roles are **generated-derived** produced by the Codex sync extension rather than mapped 1:1 from a canonical `.agents/agents/*.md` file. The effort-specific implementer variants (`oat-phase-implementer-low`, `oat-phase-implementer-medium`, `oat-phase-implementer-high`) are the current example.
72
+ Some Codex roles are **generated-derived** - produced by the Codex sync
73
+ extension rather than mapped 1:1 from a canonical `.agents/agents/*.md` file.
74
+ Materialized dispatch roles are the current example: a matrix target or
75
+ `oat providers codex materialize` command supplies a canonical agent, model, and
76
+ reasoning effort, and OAT writes a role such as
77
+ `oat-phase-implementer-gpt-5-6-terra-xhigh`.
73
78
 
74
79
  `oat status` and `oat init` treat any role listed in the Codex extension plan's `managedRoles` set as managed, so generated variants are **not** reported as `stray` and are **not** offered for adoption — even though they have no canonical `.agents` source. A genuinely orphaned Codex role (no canonical source and not in `managedRoles`) is still flagged.
75
80
 
@@ -18,6 +18,8 @@ description: 'Provider-specific path mappings for Claude, Cursor, Copilot, Gemin
18
18
  - Project: `.agents/skills` -> `.cursor/skills`, `.agents/agents` -> `.cursor/agents`, `.agents/rules` -> `.cursor/rules`
19
19
  - User: `~/.agents/skills` -> `~/.cursor/skills`, `~/.agents/agents` -> `~/.cursor/agents`
20
20
  - Subagent invocation in Cursor is prompt-driven (`/name` or natural mention), not `subagent_type`
21
+ - OAT-controlled Cursor dispatch uses the generic `.cursor/agents/<name>.md` file plus the Task-level `model` argument selected from the dispatch matrix. A `model` frontmatter value is only a default/fallback mechanism.
22
+ - Cursor model validation checks whether the selected model is eligible for subagent Task dispatch; the broad `cursor-agent models` catalog alone is not enough proof.
21
23
  - Rule files render as `.cursor/rules/*.mdc`
22
24
 
23
25
  === "Copilot"
@@ -42,9 +44,10 @@ description: 'Provider-specific path mappings for Claude, Cursor, Copilot, Gemin
42
44
  - `.codex/agents/<role>.toml`
43
45
  - `.codex/config.toml` (`[features] multi_agent = true`, `[agents.<role>]` upserts)
44
46
  - Codex role files include OAT managed provenance headers and are regenerated by `oat sync --scope project`
45
- - The Codex sync extension also generates effort-specific implementer role variants `oat-phase-implementer-low`, `oat-phase-implementer-medium`, `oat-phase-implementer-high`, each setting `model_reasoning_effort` — alongside the canonical-derived roles; the base `oat-phase-implementer` role represents inherited effort. These generated variants are managed by `oat sync` and are not treated as strays (see Manifest and Drift Generated provider roles)
47
+ - The Codex sync extension also generates materialized roles from explicit model+effort targets, such as `oat-phase-implementer-gpt-5-6-terra-xhigh` or `oat-reviewer-gpt-5-6-terra-xhigh`, alongside canonical-derived base roles. These generated variants are managed by `oat sync` and are not treated as strays (see Manifest and Drift -> Generated provider roles)
48
+ - A single role can be materialized directly with `oat providers codex materialize <agent-name> --model <model-id> --effort <reasoning-effort>`; `--agent-path` selects a specific canonical markdown agent, `--role-name` overrides the generated role name, and `--scope user` writes a one-off user-scope role.
46
49
  - Aggregate Codex config drift metadata (`aggregateConfigHash`) is emitted in sync/status codex extension output and intentionally not stored as a separate manifest row
47
- - User-scope Codex role generation (`~/.codex`) remains deferred
50
+ - User-scope Codex role generation via provider sync (`~/.codex`) remains deferred
48
51
  - Codex multi-agent dispatch uses config-defined roles (`[agents.<name>]`) and `agent_type`
49
52
  - Codex subagent workflows require `[features] multi_agent = true` in active Codex config layers
50
53
 
@@ -53,7 +56,7 @@ description: 'Provider-specific path mappings for Claude, Cursor, Copilot, Gemin
53
56
  - Project scope: skills + agents + rules
54
57
  - User scope: skills + agents (provider mappings vary by adapter)
55
58
  - Rules are project-scoped only in this release
56
- - Codex user-scope role generation under `~/.codex` remains deferred in this release
59
+ - Codex user-scope role generation under `~/.codex` via provider sync remains deferred in this release; direct one-off materialization can use `--scope user`
57
60
 
58
61
  ## Adoption model
59
62
 
@@ -34,6 +34,7 @@ Rules are currently project-scoped canonical content. Unlike skills and agents,
34
34
  - `oat providers list`
35
35
  - `oat providers inspect`
36
36
  - `oat providers set`
37
+ - `oat providers codex materialize`
37
38
 
38
39
  ## Adjacent CLI commands (commonly used with provider interop)
39
40
 
@@ -46,7 +47,7 @@ Rules are currently project-scoped canonical content. Unlike skills and agents,
46
47
  - Project provider enablement is stored in `.oat/sync/config.json` (`providers.<name>.enabled`).
47
48
  - `oat init --scope project` (interactive) prompts for supported providers and persists explicit true/false values.
48
49
  - `oat sync --scope project` uses config-aware provider activation and can prompt to remediate detected mismatches.
49
- - Codex project-scope subagent sync is generated output (`.codex/agents/*.toml` + `.codex/config.toml`) computed at command layer after path-mapping sync. Generated Codex roles including the effort-specific implementer variants are tracked as managed by `oat status` and `oat init`, not as strays.
50
+ - Codex project-scope subagent sync is generated output (`.codex/agents/*.toml` + `.codex/config.toml`) computed at command layer after path-mapping sync. Generated Codex roles - including materialized model+effort implementer and reviewer variants - are tracked as managed by `oat status` and `oat init`, not as strays.
50
51
  - Codex aggregate config drift is reported via sync/status extension metadata (`aggregateConfigHash`); it is not persisted as a separate manifest schema entry.
51
52
  - Codex user-scope role generation remains intentionally deferred in this release.
52
53
 
@@ -107,9 +107,9 @@ Current schema keys:
107
107
  | `git.defaultBranch` | `string` | `"main"` | Default branch for PR creation. Auto-detected during `oat init` via `gh repo view` or `origin/HEAD`. Used by `oat-project-pr-final` and `oat-project-pr-progress`. |
108
108
  | `workflow.autoReviewAtHillCheckpoints` | `boolean` | unset | When `true`, completing a HiLL checkpoint automatically runs the extra lifecycle review. Does not control Tier 1 per-phase `oat-reviewer` gates. Can be overridden per-project via `oat_auto_review_at_hill_checkpoints` in `plan.md` frontmatter. Legacy `autoReviewAtCheckpoints` remains a fallback. |
109
109
  | `workflow.dispatchPolicy.mode` | `string` | unset | Dispatch policy mode: `managed` lets OAT select model/effort controls; `inherit` leaves controls to the host/provider defaults. |
110
- | `workflow.dispatchPolicy.policy` | `string` | unset | Managed dispatch policy: `economy`, `balanced`, `high`, `frontier`, or `uncapped`. Capped policies compile to provider targets; `uncapped` keeps OAT-managed preferred selection without provider caps. |
110
+ | `workflow.dispatchPolicy.policy` | `string` | unset | Managed dispatch policy: `economy`, `balanced`, `high`, `frontier`, or `uncapped`. Capped policies compile to provider targets; `uncapped` keeps OAT-managed preferred selection without provider caps. `inherit` mode is separate and leaves controls to the host/provider. |
111
111
  | `workflow.dispatchCeiling.preset` | `string` | unset | Legacy compatibility preset for capped managed policy setup (`balanced`, `maximum`, `cost-conscious`). `maximum` maps to `high`; `cost-conscious` maps to `economy`. |
112
- | `workflow.dispatchCeiling.providers.codex` | `string` | unset | Legacy concrete Codex capped target (`low`, `medium`, `high`, or `xhigh`). Codex provider default effort is informational only for explicit inherit/default behavior or base/unpinned fallback paths. |
112
+ | `workflow.dispatchCeiling.providers.codex` | `string` | unset | Legacy concrete Codex capped target (`low`, `medium`, `high`, or `xhigh`). New managed Codex dispatch resolves explicit model+effort targets to materialized role names; provider default effort is informational only for explicit inherit/default behavior or base/unpinned fallback paths. |
113
113
  | `workflow.dispatchCeiling.providers.claude` | `string` | unset | Legacy concrete Claude capped target (`haiku`, `sonnet`, `opus`, or `fable`). Claude has no separate per-dispatch effort axis. The flat keys `workflow.dispatchCeiling.codex` and `workflow.dispatchCeiling.claude` were removed (no migration). |
114
114
  | `workflow.gates.skills` | `object` | unset | Per-skill final gate config keyed by skill name. Managed with `oat gate set/unset`; gate-aware skills declare `oat_gateable: true`. |
115
115
  | `workflow.gates.execTargets` | `object` | built-ins | Cross-runtime exec target registry keyed by opaque target id. Managed with `oat gate target set/unset`; built-ins cover Codex, Claude, and Cursor defaults. |