@opencode_weave/weave 0.3.2

package/dist/index.js

@@ -0,0 +1,2191 @@
+// src/config/loader.ts
+import { existsSync, readFileSync } from "node:fs";
+import { join as join2 } from "node:path";
+import { homedir } from "node:os";
+import { parse } from "jsonc-parser";
+
+// src/config/schema.ts
+import { z } from "zod";
+var AgentOverrideConfigSchema = z.object({
+  model: z.string().optional(),
+  fallback_models: z.array(z.string()).optional(),
+  variant: z.string().optional(),
+  category: z.string().optional(),
+  skills: z.array(z.string()).optional(),
+  temperature: z.number().min(0).max(2).optional(),
+  top_p: z.number().min(0).max(1).optional(),
+  prompt: z.string().optional(),
+  prompt_append: z.string().optional(),
+  tools: z.record(z.string(), z.boolean()).optional(),
+  disable: z.boolean().optional(),
+  mode: z.enum(["subagent", "primary", "all"]).optional(),
+  maxTokens: z.number().optional()
+});
+var AgentOverridesSchema = z.record(z.string(), AgentOverrideConfigSchema);
+var CategoryConfigSchema = z.object({
+  description: z.string().optional(),
+  model: z.string().optional(),
+  fallback_models: z.array(z.string()).optional(),
+  variant: z.string().optional(),
+  temperature: z.number().min(0).max(2).optional(),
+  top_p: z.number().min(0).max(1).optional(),
+  maxTokens: z.number().optional(),
+  tools: z.record(z.string(), z.boolean()).optional(),
+  prompt_append: z.string().optional(),
+  disable: z.boolean().optional()
+});
+var CategoriesConfigSchema = z.record(z.string(), CategoryConfigSchema);
+var BackgroundConfigSchema = z.object({
+  defaultConcurrency: z.number().min(1).optional(),
+  providerConcurrency: z.record(z.string(), z.number().min(0)).optional(),
+  modelConcurrency: z.record(z.string(), z.number().min(0)).optional(),
+  staleTimeoutMs: z.number().min(60000).optional()
+});
+var TmuxConfigSchema = z.object({
+  enabled: z.boolean().optional(),
+  layout: z.enum(["main-horizontal", "main-vertical", "tiled", "even-horizontal", "even-vertical"]).optional(),
+  main_pane_size: z.number().optional()
+});
+var SkillsConfigSchema = z.object({
+  paths: z.array(z.string()).optional(),
+  recursive: z.boolean().optional()
+});
+var ExperimentalConfigSchema = z.object({
+  plugin_load_timeout_ms: z.number().min(1000).optional(),
+  context_window_warning_threshold: z.number().min(0).max(1).optional(),
+  context_window_critical_threshold: z.number().min(0).max(1).optional()
+});
+var WeaveConfigSchema = z.object({
+  $schema: z.string().optional(),
+  agents: AgentOverridesSchema.optional(),
+  categories: CategoriesConfigSchema.optional(),
+  disabled_hooks: z.array(z.string()).optional(),
+  disabled_tools: z.array(z.string()).optional(),
+  disabled_agents: z.array(z.string()).optional(),
+  disabled_skills: z.array(z.string()).optional(),
+  background: BackgroundConfigSchema.optional(),
+  tmux: TmuxConfigSchema.optional(),
+  skills: SkillsConfigSchema.optional(),
+  experimental: ExperimentalConfigSchema.optional()
+});
+
+// src/config/merge.ts
+function deepMergeObjects(base, override) {
+  const result = { ...base };
+  for (const key of Object.keys(override)) {
+    const overrideVal = override[key];
+    const baseVal = base[key];
+    if (overrideVal !== null && typeof overrideVal === "object" && !Array.isArray(overrideVal) && baseVal !== null && typeof baseVal === "object" && !Array.isArray(baseVal)) {
+      result[key] = deepMergeObjects(baseVal, overrideVal);
+    } else if (overrideVal !== undefined) {
+      result[key] = overrideVal;
+    }
+  }
+  return result;
+}
+function mergeStringArrays(base, override) {
+  if (!base && !override)
+    return;
+  return [...new Set([...base ?? [], ...override ?? []])];
+}
+function mergeConfigs(user, project) {
+  return {
+    ...user,
+    ...project,
+    agents: user.agents || project.agents ? deepMergeObjects(user.agents ?? {}, project.agents ?? {}) : undefined,
+    categories: user.categories || project.categories ? deepMergeObjects(user.categories ?? {}, project.categories ?? {}) : undefined,
+    disabled_hooks: mergeStringArrays(user.disabled_hooks, project.disabled_hooks),
+    disabled_tools: mergeStringArrays(user.disabled_tools, project.disabled_tools),
+    disabled_agents: mergeStringArrays(user.disabled_agents, project.disabled_agents),
+    disabled_skills: mergeStringArrays(user.disabled_skills, project.disabled_skills),
+    background: project.background ?? user.background,
+    tmux: project.tmux ?? user.tmux,
+    skills: project.skills ?? user.skills,
+    experimental: user.experimental || project.experimental ? { ...user.experimental, ...project.experimental } : undefined
+  };
+}
+
+// src/shared/log.ts
+import * as fs from "fs";
+import * as path from "path";
+import * as os from "os";
+var LOG_FILE = path.join(os.tmpdir(), "weave-opencode.log");
+function log(message, data) {
+  try {
+    const timestamp = new Date().toISOString();
+    const entry = `[${timestamp}] ${message}${data !== undefined ? " " + JSON.stringify(data) : ""}
+`;
+    fs.appendFileSync(LOG_FILE, entry);
+  } catch {}
+}
+
+// src/config/loader.ts
+function readJsoncFile(filePath) {
+  try {
+    const text = readFileSync(filePath, "utf-8");
+    const errors = [];
+    const parsed = parse(text, errors);
+    if (errors.length > 0) {
+      log(`JSONC parse warnings in ${filePath}: ${errors.length} issue(s)`);
+    }
+    return parsed ?? {};
+  } catch (e) {
+    log(`Failed to read config file ${filePath}`, e);
+    return {};
+  }
+}
+function detectConfigFile(basePath) {
+  const jsoncPath = basePath + ".jsonc";
+  if (existsSync(jsoncPath))
+    return jsoncPath;
+  const jsonPath = basePath + ".json";
+  if (existsSync(jsonPath))
+    return jsonPath;
+  return null;
+}
+function loadWeaveConfig(directory, _ctx) {
+  const userBasePath = join2(homedir(), ".config", "opencode", "weave-opencode");
+  const projectBasePath = join2(directory, ".opencode", "weave-opencode");
+  const userConfigPath = detectConfigFile(userBasePath);
+  const projectConfigPath = detectConfigFile(projectBasePath);
+  const userRaw = userConfigPath ? readJsoncFile(userConfigPath) : {};
+  const projectRaw = projectConfigPath ? readJsoncFile(projectConfigPath) : {};
+  const merged = mergeConfigs(userRaw, projectRaw);
+  const result = WeaveConfigSchema.safeParse(merged);
+  if (!result.success) {
+    log("WeaveConfig validation errors — using defaults", result.error.issues);
+    return WeaveConfigSchema.parse({});
+  }
+  return result.data;
+}
+
+// src/shared/agent-display-names.ts
+var AGENT_DISPLAY_NAMES = {
+  loom: "Loom (Main Orchestrator)",
+  tapestry: "Tapestry (Execution Orchestrator)",
+  shuttle: "shuttle",
+  pattern: "pattern",
+  thread: "thread",
+  spindle: "spindle",
+  warp: "warp"
+};
+function getAgentDisplayName(configKey) {
+  const exactMatch = AGENT_DISPLAY_NAMES[configKey];
+  if (exactMatch !== undefined)
+    return exactMatch;
+  const lowerKey = configKey.toLowerCase();
+  for (const [k, v] of Object.entries(AGENT_DISPLAY_NAMES)) {
+    if (k.toLowerCase() === lowerKey)
+      return v;
+  }
+  return configKey;
+}
+var REVERSE_DISPLAY_NAMES = Object.fromEntries(Object.entries(AGENT_DISPLAY_NAMES).map(([key, displayName]) => [displayName.toLowerCase(), key]));
+
+// src/features/builtin-commands/templates/start-work.ts
+var START_WORK_TEMPLATE = `You are being activated by the /start-work command to execute a Weave plan.
+
+## Your Mission
+Read and execute the work plan, completing each task systematically.
+
+## Startup Procedure
+
+1. **Check for active work state**: Read \`.weave/state.json\` to see if there's a plan already in progress.
+2. **If resuming**: The system has injected context below with the active plan path and progress. Read the plan file, find the first unchecked \`- [ ]\` task, and continue from there.
+3. **If starting fresh**: The system has selected a plan and created work state. Read the plan file and begin from the first task.
+
+## Execution Loop
+
+For each unchecked \`- [ ]\` task in the plan:
+
+1. **Read** the task description, acceptance criteria, and any references
+2. **Execute** the task — write code, run commands, create files as needed
+3. **Verify** the work — run tests, check for errors, validate acceptance criteria
+4. **Mark complete** — use the Edit tool to change \`- [ ]\` to \`- [x]\` in the plan file
+5. **Move on** — find the next unchecked task and repeat
+
+## Rules
+
+- Work through tasks **top to bottom** unless dependencies require a different order
+- **Verify every task** before marking it complete
+- If blocked on a task, document the reason as a comment in the plan and move to the next unblocked task
+- Report progress after each task: "Completed task N/M: [title]"
+- Do NOT stop until all checkboxes are checked or you are explicitly told to stop
+- After all tasks are complete, report a final summary`;
+
+// src/features/builtin-commands/commands.ts
+var BUILTIN_COMMANDS = {
+  "start-work": {
+    name: "start-work",
+    description: "Start executing a Weave plan created by Pattern",
+    agent: "tapestry",
+    template: `<command-instruction>
+${START_WORK_TEMPLATE}
+</command-instruction>
+<session-context>Session ID: $SESSION_ID  Timestamp: $TIMESTAMP</session-context>
+<user-request>$ARGUMENTS</user-request>`,
+    argumentHint: "[plan-name]"
+  }
+};
+// src/managers/config-handler.ts
+class ConfigHandler {
+  pluginConfig;
+  constructor(options) {
+    this.pluginConfig = options.pluginConfig;
+  }
+  async handle(input) {
+    const { pluginConfig, agents = {}, availableTools = [] } = input;
+    this.applyProviderConfig();
+    const resolvedAgents = this.applyAgentConfig(agents, pluginConfig);
+    const resolvedTools = this.applyToolConfig(availableTools, pluginConfig);
+    const resolvedMcps = this.applyMcpConfig();
+    const resolvedCommands = this.applyCommandConfig();
+    this.applySkillConfig();
+    const defaultAgent = this.resolveDefaultAgent(resolvedAgents);
+    return {
+      agents: resolvedAgents,
+      defaultAgent,
+      tools: resolvedTools,
+      mcps: resolvedMcps,
+      commands: resolvedCommands
+    };
+  }
+  applyProviderConfig() {}
+  applyAgentConfig(agents, pluginConfig) {
+    const disabledSet = new Set(pluginConfig.disabled_agents ?? []);
+    const overrides = pluginConfig.agents ?? {};
+    const result = {};
+    for (const [name, agentConfig] of Object.entries(agents)) {
+      if (disabledSet.has(name)) {
+        continue;
+      }
+      const override = overrides[name];
+      const merged = override ? { ...agentConfig, ...override } : { ...agentConfig };
+      const displayName = getAgentDisplayName(name);
+      result[displayName] = merged;
+    }
+    return result;
+  }
+  resolveDefaultAgent(agents) {
+    const loomDisplayName = getAgentDisplayName("loom");
+    if (agents[loomDisplayName])
+      return loomDisplayName;
+    const firstKey = Object.keys(agents)[0];
+    return firstKey;
+  }
+  applyToolConfig(availableTools, pluginConfig) {
+    const disabledSet = new Set(pluginConfig.disabled_tools ?? []);
+    return availableTools.filter((tool) => !disabledSet.has(tool));
+  }
+  applyMcpConfig() {
+    return {};
+  }
+  applyCommandConfig() {
+    const commands = structuredClone(BUILTIN_COMMANDS);
+    for (const cmd of Object.values(commands)) {
+      if (cmd?.agent && typeof cmd.agent === "string") {
+        cmd.agent = getAgentDisplayName(cmd.agent);
+      }
+    }
+    return commands;
+  }
+  applySkillConfig() {}
+}
+
+// src/managers/background-manager.ts
+var TERMINAL_STATUSES = new Set(["completed", "failed", "cancelled"]);
+
+class BackgroundManager {
+  tasks = new Map;
+  maxConcurrent;
+  constructor(options) {
+    this.maxConcurrent = options?.maxConcurrent ?? 5;
+  }
+  spawn(options) {
+    const runningCount = this.getRunningCount();
+    if (runningCount >= this.maxConcurrent) {
+      throw new Error(`Concurrency limit reached: ${runningCount}/${this.maxConcurrent} tasks running`);
+    }
+    const id = crypto.randomUUID();
+    const record = {
+      id,
+      status: "pending",
+      options,
+      startedAt: new Date
+    };
+    this.tasks.set(id, record);
+    return id;
+  }
+  getTask(taskId) {
+    return this.tasks.get(taskId);
+  }
+  cancel(taskId) {
+    const record = this.tasks.get(taskId);
+    if (!record) {
+      return false;
+    }
+    if (TERMINAL_STATUSES.has(record.status)) {
+      return false;
+    }
+    record.status = "cancelled";
+    record.completedAt = new Date;
+    return true;
+  }
+  cancelAll() {
+    for (const record of this.tasks.values()) {
+      if (!TERMINAL_STATUSES.has(record.status)) {
+        record.status = "cancelled";
+        record.completedAt = new Date;
+      }
+    }
+  }
+  list(filter) {
+    const all = Array.from(this.tasks.values());
+    if (filter?.status !== undefined) {
+      return all.filter((t) => t.status === filter.status);
+    }
+    return all;
+  }
+  getRunningCount() {
+    let count = 0;
+    for (const record of this.tasks.values()) {
+      if (record.status === "running") {
+        count++;
+      }
+    }
+    return count;
+  }
+}
+
+// src/managers/skill-mcp-manager.ts
+function createStdioClient(config, info) {
+  const { command, args = [] } = config;
+  const { serverName, skillName } = info;
+  if (!command) {
+    throw new Error(`missing 'command' field for stdio MCP server '${serverName}' in skill '${skillName}'`);
+  }
+  const env = { ...process.env, ...config.env ?? {} };
+  let proc = null;
+  try {
+    proc = Bun.spawn([command, ...args], {
+      env,
+      stdin: "pipe",
+      stdout: "pipe",
+      stderr: "pipe"
+    });
+  } catch (spawnError) {
+    const msg = spawnError instanceof Error ? spawnError.message : String(spawnError);
+    throw new Error(`stdio MCP server '${serverName}' in skill '${skillName}' failed to start: ${msg}`);
+  }
+  return {
+    async callTool(_params) {
+      throw new Error("not implemented in v1");
+    },
+    async close() {
+      if (proc) {
+        proc.kill();
+        proc = null;
+      }
+    }
+  };
+}
+function getClientKey(info) {
+  return `${info.sessionID}:${info.skillName}:${info.serverName}`;
+}
+
+class SkillMcpManager {
+  clients = new Map;
+  async getOrCreateClient(info, config) {
+    const key = getClientKey(info);
+    const existing = this.clients.get(key);
+    if (existing) {
+      return existing;
+    }
+    const { serverName, skillName } = info;
+    if (config.type === "http") {
+      throw new Error("HTTP MCP not supported in v1");
+    }
+    if (!config.command) {
+      throw new Error(`missing 'command' field for stdio MCP server '${serverName}' in skill '${skillName}'`);
+    }
+    const client = createStdioClient(config, info);
+    this.clients.set(key, client);
+    return client;
+  }
+  async disconnectSession(sessionID) {
+    const prefix = `${sessionID}:`;
+    const keysToRemove = [];
+    for (const key of this.clients.keys()) {
+      if (key.startsWith(prefix)) {
+        keysToRemove.push(key);
+      }
+    }
+    await Promise.all(keysToRemove.map(async (key) => {
+      const client = this.clients.get(key);
+      if (client) {
+        await client.close();
+        this.clients.delete(key);
+      }
+    }));
+  }
+  async disconnectAll() {
+    await Promise.all(Array.from(this.clients.entries()).map(async ([key, client]) => {
+      await client.close();
+      this.clients.delete(key);
+    }));
+    this.clients.clear();
+  }
+  getConnectedServers() {
+    return Array.from(this.clients.keys());
+  }
+  isConnected(info) {
+    return this.clients.has(getClientKey(info));
+  }
+  async callTool(info, config, name, args) {
+    const maxAttempts = 3;
+    let lastError = null;
+    for (let attempt = 1;attempt <= maxAttempts; attempt++) {
+      try {
+        const client = await this.getOrCreateClient(info, config);
+        const result = await client.callTool({ name, arguments: args });
+        return result.content;
+      } catch (error) {
+        lastError = error instanceof Error ? error : new Error(String(error));
+        if (!lastError.message.toLowerCase().includes("not connected")) {
+          throw lastError;
+        }
+        if (attempt === maxAttempts) {
+          throw new Error(`Failed after 3 reconnection attempts: ${lastError.message}`);
+        }
+      }
+    }
+    throw lastError ?? new Error("Operation failed with unknown error");
+  }
+}
+
+// src/agents/loom/default.ts
+var LOOM_DEFAULTS = {
+  temperature: 0.1,
+  description: "Loom (Main Orchestrator)",
+  prompt: `<Role>
+Loom — main orchestrator for Weave.
+Plan tasks, coordinate work, and delegate to specialized agents.
+You are the team lead. Understand the request, break it into tasks, delegate intelligently.
+</Role>
+
+<Discipline>
+TODO OBSESSION (NON-NEGOTIABLE):
+- 2+ steps → todowrite FIRST, atomic breakdown
+- Mark in_progress before starting (ONE at a time)
+- Mark completed IMMEDIATELY after each step
+- NEVER batch completions
+
+No todos on multi-step work = INCOMPLETE WORK.
+</Discipline>
+
+<SidebarTodos>
+The user sees a Todo sidebar (~35 char width). Use todowrite strategically:
+
+WHEN PLANNING (multi-step work):
+- Create "in_progress": "Planning: [brief desc]"
+- When plan ready: mark completed, add "Plan ready — /start-work"
+
+WHEN DELEGATING TO AGENTS:
+- Create "in_progress": "[agent]: [task]" (e.g. "thread: scan models")
+- Mark "completed" when agent returns results
+- If multiple delegations: one todo per active agent
+
+WHEN DOING QUICK TASKS (no plan needed):
+- One "in_progress" todo for current step
+- Mark "completed" immediately when done
+
+FORMAT RULES:
+- Max 35 chars per todo content
+- Max 5 visible todos at any time
+- in_progress = yellow highlight — use for ACTIVE work only
+- Prefix delegations with agent name
+- After all work done: mark everything completed (sidebar hides)
+</SidebarTodos>
+
+<Delegation>
+- Use thread for fast codebase exploration (read-only, cheap)
+- Use spindle for external docs and research (read-only)
+- Use pattern for detailed planning before complex implementations
+- Use /start-work to hand off to Tapestry for todo-list driven execution of multi-step plans
+- Use shuttle for category-specific specialized work
+- Use Weft for reviewing completed work or validating plans before execution
+- Use Warp for security audits when changes touch auth, crypto, tokens, or input validation
+- Delegate aggressively to keep your context lean
+</Delegation>
+
+<PlanWorkflow>
+For complex tasks that benefit from structured planning before execution:
+
+1. PLAN: Delegate to Pattern to produce a plan saved to \`.weave/plans/{name}.md\`
+   - Pattern researches the codebase, produces a structured plan with \`- [ ]\` checkboxes
+   - Pattern ONLY writes .md files in .weave/ — it never writes code
+2. REVIEW (optional): For complex plans, delegate to Weft to validate the plan before execution
+   - Weft reads the plan, verifies file references, checks executability
+   - If Weft rejects, send issues back to Pattern for revision
+3. EXECUTE: Tell the user to run \`/start-work\` to begin execution
+   - /start-work loads the plan, creates work state at \`.weave/state.json\`, and switches to Tapestry
+   - Tapestry reads the plan and works through tasks, marking checkboxes as it goes
+4. RESUME: If work was interrupted, \`/start-work\` resumes from the last unchecked task
+
+When to use this workflow vs. direct execution:
+- USE plan workflow: Large features, multi-file refactors, anything with 5+ steps or architectural decisions
+- SKIP plan workflow: Quick fixes, single-file changes, simple questions
+</PlanWorkflow>
+
+<ReviewWorkflow>
+After significant implementation work completes:
+- Delegate to Weft to review the changes
+- Weft is read-only and approval-biased — it rejects only for real problems
+- If Weft approves: proceed confidently
+- If Weft rejects: address the specific blocking issues, then re-review
+
+When to invoke Weft:
+- After completing a multi-step plan
+- After any task that touches 3+ files
+- Before shipping to the user when quality matters
+- When you're unsure if work meets acceptance criteria
+
+When to skip Weft:
+- Single-file trivial changes
+- User explicitly says "skip review"
+- Simple question-answering (no code changes)
+
+For security-relevant changes, also delegate to Warp:
+- Warp is read-only and skeptical-biased — it rejects when security is at risk
+- Warp self-triages: if no security-relevant changes, it fast-exits with APPROVE
+- If Warp rejects: address the specific security issues before shipping
+- Run Warp in parallel with Weft for comprehensive coverage
+</ReviewWorkflow>
+
+<Style>
+- Start immediately. No acknowledgments.
+- Dense > verbose.
+- Match user's communication style.
+</Style>`
+};
+
+// src/agents/loom/index.ts
+var createLoomAgent = (model) => ({
+  ...LOOM_DEFAULTS,
+  model,
+  mode: "primary"
+});
+createLoomAgent.mode = "primary";
+
+// src/agents/tapestry/default.ts
+var TAPESTRY_DEFAULTS = {
+  temperature: 0.1,
+  description: "Tapestry (Execution Orchestrator)",
+  tools: {
+    task: false,
+    call_weave_agent: false
+  },
+  prompt: `<Role>
+Tapestry — execution orchestrator for Weave.
+You manage todo-list driven execution of multi-step plans.
+Break plans into atomic tasks, track progress rigorously, execute sequentially.
+You do NOT spawn subagents — you execute directly.
+</Role>
+
+<Discipline>
+TODO OBSESSION (NON-NEGOTIABLE):
+- Load existing todos first — never re-plan if a plan exists
+- Mark in_progress before starting EACH task (ONE at a time)
+- Mark completed IMMEDIATELY after finishing
+- NEVER skip steps, NEVER batch completions
+
+Execution without todos = lost work.
+</Discipline>
+
+<SidebarTodos>
+The user sees a Todo sidebar (~35 char width). Use todowrite to keep it useful:
+
+WHEN STARTING A PLAN:
+- Create one "in_progress" todo for the current task (short title)
+- Create "pending" todos for the next 2-3 upcoming tasks
+- Create one summary todo: "[plan-name] 0/N done"
+
+WHEN COMPLETING A TASK:
+- Mark current task todo "completed"
+- Mark next task todo "in_progress"
+- Add next upcoming task as "pending" (keep 2-3 pending visible)
+- Update summary todo: "[plan-name] K/N done"
+
+WHEN BLOCKED:
+- Mark current task "cancelled" with reason
+- Set next unblocked task to "in_progress"
+
+WHEN PLAN COMPLETES:
+- Mark all remaining todos "completed"
+- Update summary: "[plan-name] DONE N/N"
+
+FORMAT RULES:
+- Max 35 chars per todo content
+- Use task number prefix: "3/7: Add user model"
+- Summary todo always present during execution
+- Max 5 visible todos (1 summary + 1 in_progress + 2-3 pending)
+- in_progress = yellow highlight — use for CURRENT task only
+</SidebarTodos>
+
+<PlanExecution>
+When activated by /start-work with a plan file:
+
+1. READ the plan file first — understand the full scope
+2. FIND the first unchecked \`- [ ]\` task
+3. For each task:
+   a. Read the task description, files, and acceptance criteria
+   b. Execute the work (write code, run commands, create files)
+   c. Verify: Read changed files, run tests, check acceptance criteria. If uncertain about quality, note that Loom should invoke Weft for formal review.
+   d. Mark complete: use Edit tool to change \`- [ ]\` to \`- [x]\` in the plan file
+   e. Report: "Completed task N/M: [title]"
+4. CONTINUE to the next unchecked task
+5. When ALL checkboxes are checked, report final summary
+
+NEVER stop mid-plan unless explicitly told to or completely blocked.
+</PlanExecution>
+
+<Execution>
+- Work through tasks top to bottom
+- Verify each step before marking complete
+- If blocked: document reason, move to next unblocked task
+- Report completion with evidence (test output, file paths, commands run)
+</Execution>
+
+<Style>
+- Terse status updates only
+- No meta-commentary
+- Dense > verbose
+</Style>`
+};
+
+// src/agents/tapestry/index.ts
+var createTapestryAgent = (model) => ({
+  ...TAPESTRY_DEFAULTS,
+  tools: { ...TAPESTRY_DEFAULTS.tools },
+  model,
+  mode: "primary"
+});
+createTapestryAgent.mode = "primary";
+
+// src/agents/shuttle/default.ts
+var SHUTTLE_DEFAULTS = {
+  temperature: 0.2,
+  description: "Shuttle (Domain Specialist)",
+  prompt: `<Role>
+Shuttle — category-based specialist worker for Weave.
+You execute domain-specific tasks assigned by the orchestrator.
+You have full tool access and specialize based on your assigned category.
+</Role>
+
+<Execution>
+- Execute the assigned task completely and precisely
+- Use all available tools as needed for your domain
+- Verify your work before reporting completion
+- Be thorough: partial work is worse than asking for clarification
+</Execution>
+
+<Style>
+- Start immediately. No acknowledgments.
+- Report results with evidence.
+- Dense > verbose.
+</Style>`
+};
+
+// src/agents/shuttle/index.ts
+var createShuttleAgent = (model) => ({
+  ...SHUTTLE_DEFAULTS,
+  model,
+  mode: "all"
+});
+createShuttleAgent.mode = "all";
+
+// src/agents/pattern/default.ts
+var PATTERN_DEFAULTS = {
+  temperature: 0.3,
+  description: "Pattern (Strategic Planner)",
+  prompt: `<Role>
+Pattern — strategic planner for Weave.
+You analyze requirements, research the codebase, and produce detailed implementation plans.
+You think before acting. Plans should be concrete, not abstract.
+You NEVER implement — you produce plans ONLY.
+</Role>
+
+<Planning>
+A good plan includes:
+- Clear objective and scope
+- Files to create/modify with exact paths
+- Implementation order (what depends on what)
+- Test strategy (what to test, how)
+- Potential pitfalls and how to handle them
+
+Do NOT start implementing — produce the plan ONLY.
+</Planning>
+
+<PlanOutput>
+Save plans to \`.weave/plans/{slug}.md\` where {slug} is a kebab-case name derived from the task.
+
+Use this structure:
+
+\`\`\`markdown
+# {Plan Title}
+
+## TL;DR
+> **Summary**: [1-2 sentence overview]
+> **Estimated Effort**: [Quick | Short | Medium | Large | XL]
+
+## Context
+### Original Request
+[What the user asked for]
+### Key Findings
+[What you discovered researching the codebase]
+
+## Objectives
+### Core Objective
+[The primary goal]
+### Deliverables
+- [ ] [Concrete deliverable 1]
+- [ ] [Concrete deliverable 2]
+### Definition of Done
+- [ ] [Verifiable condition — ideally a command to run]
+### Guardrails (Must NOT)
+- [Things explicitly out of scope or forbidden]
+
+## TODOs
+
+- [ ] 1. [Task Title]
+  **What**: [Specific description]
+  **Files**: [Exact paths to create/modify]
+  **Acceptance**: [How to verify this task is done]
+
+- [ ] 2. [Task Title]
+  ...
+
+## Verification
+- [ ] All tests pass
+- [ ] No regressions
+- [ ] [Project-specific checks]
+\`\`\`
+
+CRITICAL: Use \`- [ ]\` checkboxes for ALL actionable items. The /start-work system tracks progress by counting these checkboxes.
+</PlanOutput>
+
+<Constraints>
+- ONLY write .md files inside the .weave/ directory
+- NEVER write code files (.ts, .js, .py, .go, etc.)
+- NEVER edit source code
+- After completing a plan, tell the user: "Plan saved to \`.weave/plans/{name}.md\`. Run /start-work to begin execution."
+</Constraints>
+
+<Research>
+- Read relevant files before planning
+- Check existing patterns in the codebase
+- Understand dependencies before proposing changes
+- Use thread (codebase explorer) for broad searches
+- Use spindle (external researcher) for library/API docs
+</Research>
+
+<Style>
+- Structured markdown output
+- Numbered steps with clear acceptance criteria
+- Concise — every word earns its place
+</Style>`
+};
+
+// src/agents/pattern/index.ts
+var createPatternAgent = (model) => ({
+  ...PATTERN_DEFAULTS,
+  model,
+  mode: "subagent"
+});
+createPatternAgent.mode = "subagent";
+
+// src/agents/thread/default.ts
+var THREAD_DEFAULTS = {
+  temperature: 0,
+  description: "Thread (Codebase Explorer)",
+  tools: {
+    write: false,
+    edit: false,
+    task: false,
+    call_weave_agent: false
+  },
+  prompt: `<Role>
+Thread — codebase explorer for Weave.
+You navigate and analyze code fast. Read-only access only.
+Answer questions about the codebase with precision and speed.
+</Role>
+
+<Exploration>
+- Use grep/glob/read tools to traverse the codebase
+- Answer questions directly with file paths and line numbers
+- Never guess — always verify with actual file reads
+- Summarize findings concisely
+</Exploration>
+
+<Constraints>
+- READ ONLY — never write, edit, or create files
+- Never spawn subagents
+- One clear answer, backed by evidence
+</Constraints>`
+};
+
+// src/agents/thread/index.ts
+var createThreadAgent = (model) => ({
+  ...THREAD_DEFAULTS,
+  tools: { ...THREAD_DEFAULTS.tools },
+  model,
+  mode: "subagent"
+});
+createThreadAgent.mode = "subagent";
+
+// src/agents/spindle/default.ts
+var SPINDLE_DEFAULTS = {
+  temperature: 0.1,
+  description: "Spindle (External Researcher)",
+  tools: {
+    write: false,
+    edit: false,
+    task: false,
+    call_weave_agent: false
+  },
+  prompt: `<Role>
+Spindle — external researcher for Weave.
+You search documentation, APIs, and external sources to answer questions.
+Read-only access only. Never write or modify files.
+</Role>
+
+<Research>
+- Search the web, read docs, fetch URLs as needed
+- Synthesize findings from multiple sources
+- Cite sources with URLs or file paths
+- Report confidence level when information is uncertain
+</Research>
+
+<Constraints>
+- READ ONLY — never write, edit, or create files
+- Never spawn subagents
+- Always cite your sources
+</Constraints>`
+};
+
+// src/agents/spindle/index.ts
+var createSpindleAgent = (model) => ({
+  ...SPINDLE_DEFAULTS,
+  tools: { ...SPINDLE_DEFAULTS.tools },
+  model,
+  mode: "subagent"
+});
+createSpindleAgent.mode = "subagent";
+
+// src/agents/weft/default.ts
+var WEFT_DEFAULTS = {
+  temperature: 0.1,
+  description: "Weft (Reviewer/Auditor)",
+  tools: {
+    write: false,
+    edit: false,
+    task: false,
+    call_weave_agent: false
+  },
+  prompt: `<Role>
+Weft — reviewer and auditor for Weave.
+You review completed work and plans with a critical but fair eye.
+Read-only access only. You verify, you do not implement.
+</Role>
+
+<ReviewModes>
+You operate in two modes depending on what you're asked to review:
+
+**Plan Review** (reviewing Pattern's .weave/plans/*.md output):
+- Verify referenced files actually exist (read them)
+- Check each task has enough context to start working
+- Look for contradictions or impossible requirements
+- Do NOT question the author's approach or architecture choices
+
+**Work Review** (reviewing completed implementation):
+- Read every changed file (use git diff --stat, then Read each file)
+- Check the code actually does what the task required
+- Look for stubs, TODOs, placeholders, hardcoded values
+- Verify tests exist and test real behavior
+- Check for scope creep (changes outside the task spec)
+</ReviewModes>
+
+<Verdict>
+Always end with a structured verdict:
+
+**[APPROVE]** or **[REJECT]**
+
+**Summary**: 1-2 sentences explaining the verdict.
+
+If REJECT, list **Blocking Issues** (max 3):
+1. [Specific issue + what needs to change]
+2. [Specific issue + what needs to change]
+3. [Specific issue + what needs to change]
+
+Each issue must be:
+- Specific (exact file path, exact task, exact problem)
+- Actionable (what exactly needs to change)
+- Blocking (work genuinely cannot ship without this fix)
+</Verdict>
+
+<ApprovalBias>
+APPROVE by default. REJECT only for true blockers.
+
+NOT blocking issues (do not reject for these):
+- Missing edge case handling
+- Stylistic preferences
+- "Could be clearer" suggestions
+- Minor ambiguities a developer can resolve
+- Suboptimal but working approaches
+
+BLOCKING issues (reject for these):
+- Referenced files don't exist
+- Code doesn't do what the task required
+- Tests are fake (expect(true).toBe(true))
+- Critical logic errors in the happy path
+- Task is impossible to start (zero context)
+</ApprovalBias>
+
+<Constraints>
+- READ ONLY — never write, edit, or create files
+- Never spawn subagents
+- Max 3 blocking issues per rejection
+- Be specific — file paths, line numbers, exact problems
+- Dense > verbose. No filler.
+</Constraints>`
+};
+
+// src/agents/weft/index.ts
+var createWeftAgent = (model) => ({
+  ...WEFT_DEFAULTS,
+  tools: { ...WEFT_DEFAULTS.tools },
+  model,
+  mode: "subagent"
+});
+createWeftAgent.mode = "subagent";
+
+// src/agents/warp/default.ts
+var WARP_DEFAULTS = {
+  temperature: 0.1,
+  description: "Warp (Security Auditor)",
+  tools: {
+    write: false,
+    edit: false,
+    task: false,
+    call_weave_agent: false
+  },
+  prompt: `<Role>
+Warp — security and specification compliance auditor for Weave.
+You audit code changes for security vulnerabilities and specification violations.
+Read-only access only. You audit, you do not implement.
+</Role>
+
+<Triage>
+You are ALWAYS invoked on reviews. Self-triage to avoid wasting time on non-security changes.
+
+**Step 1: Diff scan** (fast)
+Run \`git diff --stat\` to see what files changed. If the changeset is purely:
+- Documentation (.md files only)
+- Test-only changes (no production code)
+- CSS/styling-only changes
+- Configuration comments or formatting
+
+Then FAST EXIT with:
+**[APPROVE]**
+**Summary**: No security-relevant changes detected. (Diff: [brief stat])
+
+**Step 2: Pattern grep** (if Step 1 didn't fast-exit)
+Grep the changed files for security-sensitive patterns:
+- Auth/token handling: \`token\`, \`jwt\`, \`session\`, \`cookie\`, \`bearer\`, \`oauth\`, \`oidc\`, \`saml\`
+- Crypto: \`hash\`, \`encrypt\`, \`decrypt\`, \`hmac\`, \`sign\`, \`verify\`, \`bcrypt\`, \`argon\`, \`pbkdf\`
+- Input handling: \`sanitize\`, \`escape\`, \`validate\`, \`innerHTML\`, \`eval\`, \`exec\`, \`spawn\`, \`sql\`, \`query\`
+- Secrets: \`secret\`, \`password\`, \`api_key\`, \`apikey\`, \`private_key\`, \`credential\`
+- Network: \`cors\`, \`csp\`, \`helmet\`, \`https\`, \`redirect\`, \`origin\`, \`referer\`
+- Headers: \`set-cookie\`, \`x-frame\`, \`strict-transport\`, \`content-security-policy\`
+
+If NO patterns match, FAST EXIT with [APPROVE].
+If patterns match, proceed to DEEP REVIEW.
+
+**Step 3: Deep review** (only when triggered)
+Read each security-relevant changed file in full. Apply SecurityReview and SpecificationCompliance checks.
+</Triage>
+
+<SecurityReview>
+Check for these vulnerability classes in changed code:
+
+**Injection**
+- SQL injection: parameterized queries required, no string concatenation for SQL
+- XSS: output encoding, no raw innerHTML with user input, CSP headers
+- Command injection: no shell interpolation of user input, use execFile over exec
+- Path traversal: validate/normalize file paths, reject \`../\` sequences
+
+**Authentication & Authorization**
+- Auth bypass: every protected endpoint checks auth before processing
+- Privilege escalation: role checks are server-side, not client-side
+- Session management: secure, httpOnly, sameSite cookies; session invalidation on logout
+- Password handling: bcrypt/argon2 only, never SHA/MD5 for passwords, salt per-user
+
+**Token Handling**
+- JWT: verify signature before trusting claims, check exp/nbf/iss/aud
+- Refresh tokens: stored securely, rotated on use, bound to user
+- CSRF: state parameter in OAuth flows, anti-CSRF tokens on state-changing endpoints
+- Token leakage: tokens never in URLs, logs, or error messages
+
+**Cryptography**
+- Algorithm selection: no MD5/SHA1 for security, minimum AES-256, RSA-2048
+- Key management: keys not hardcoded, rotatable, stored in env/vault
+- Random generation: crypto.randomBytes/crypto.getRandomValues, never Math.random for security
+
+**Data Exposure**
+- Error leakage: stack traces and internal details hidden from end users
+- Logging: no sensitive data (tokens, passwords, PII) in log output
+- API responses: no over-fetching of sensitive fields
+
+**Insecure Defaults**
+- CORS: not \`*\` in production, credentials mode requires explicit origins
+- HTTPS: redirects enforced, HSTS headers present
+- Debug mode: disabled in production configs
+</SecurityReview>
+
+<SpecificationCompliance>
+When code implements a known protocol, verify compliance against the relevant specification.
+
+**Built-in Spec Reference Table:**
+
+| Spec | Key Requirements |
+|------|-----------------|
+| RFC 6749 (OAuth 2.0) | Authorization code flow requires PKCE for public clients, redirect_uri exact match, state parameter REQUIRED |
+| RFC 7636 (PKCE) | code_verifier 43-128 chars, code_challenge_method=S256 (plain only for constrained devices) |
+| RFC 7519 (JWT) | Validate exp, nbf, iss, aud before trusting claims; reject alg=none; typ header present |
+| RFC 7517 (JWK) | Key rotation via jwks_uri, kid matching, reject unknown key types |
+| RFC 7009 (Token Revocation) | Revoke both access + refresh tokens, return 200 even for invalid tokens |
+| OIDC Core 1.0 | nonce REQUIRED in implicit/hybrid flows, sub claim is user identifier, id_token signature verification |
+| WebAuthn Level 2 | Challenge must be random >=16 bytes, origin validation, RP ID matching, attestation verification |
+| RFC 6238 (TOTP) | Default period=30s, digits=6, algorithm=SHA1; clock drift tolerance (1-2 steps) |
+| RFC 4226 (HOTP) | Counter synchronization, resync window, throttling after failed attempts |
+| CORS (Fetch Standard) | Preflight for non-simple requests, Access-Control-Allow-Origin not \`*\` with credentials |
+| CSP (Level 3) | script-src avoids \`unsafe-inline\`/\`unsafe-eval\`, default-src as fallback |
+
+**Verification Protocol:**
+1. Use built-in knowledge (table above) as the primary reference
+2. If confidence is below 90% on a spec requirement, use webfetch to verify against the actual RFC/spec document
+3. If the project has a \`.weave/specs.json\` file, check it for project-specific spec requirements
+
+**\`.weave/specs.json\` format** (optional, project-provided):
+\`\`\`json
+{
+  "specs": [
+    {
+      "name": "OAuth 2.0",
+      "url": "https://datatracker.ietf.org/doc/html/rfc6749",
+      "requirements": ["PKCE required for all public clients", "state parameter mandatory"]
+    }
+  ]
+}
+\`\`\`
+
+**Citing specs in findings**: Every spec-related finding MUST include:
+- The spec name and section (e.g., "RFC 6749 Section 4.1.1")
+- The specific requirement being violated
+- What the code does vs. what it should do
+</SpecificationCompliance>
+
+<Verdict>
+Always end with a structured verdict:
+
+**[APPROVE]** or **[REJECT]**
+
+**Summary**: 1-2 sentences explaining the verdict.
+
+If REJECT, list **Blocking Issues** (max 3):
+1. [Specific issue + spec citation if applicable + what needs to change]
+2. [Specific issue + spec citation if applicable + what needs to change]
+3. [Specific issue + spec citation if applicable + what needs to change]
+
+Each issue must be:
+- Specific (exact file path, exact line/function, exact problem)
+- Actionable (what exactly needs to change)
+- Blocking (genuine security risk or spec violation)
+- Cited (reference spec section when applicable)
+</Verdict>
+
+<SkepticalBias>
+REJECT by default when security patterns are detected. APPROVE only when confident.
+
+BLOCKING issues (reject for these):
+- Any authentication or authorization bypass
+- Unparameterized SQL/NoSQL queries with user input
+- Missing CSRF protection on state-changing endpoints
+- Hardcoded secrets, API keys, or private keys
+- Broken cryptography (MD5/SHA1 for security, ECB mode, weak keys)
+- JWT without signature verification or alg=none accepted
+- OAuth flows missing PKCE or state parameter
+- Token/password leakage in logs or URLs
+- Missing input validation on security boundaries
+- CORS wildcard with credentials
+
+NOT blocking (note but do not reject):
+- Defense-in-depth improvements (nice-to-have additional layers)
+- Non-security code style preferences
+- Performance optimizations unrelated to DoS
+- Missing security headers on non-sensitive endpoints
+</SkepticalBias>
+
+<Constraints>
+- READ ONLY — never write, edit, or create files
+- Never spawn subagents
+- Max 3 blocking issues per rejection
+- Every spec-related finding must cite the spec name and section
+- Be specific — file paths, line numbers, exact problems
+- Dense > verbose. No filler.
+</Constraints>`
+};
+
+// src/agents/warp/index.ts
+var createWarpAgent = (model) => ({
+  ...WARP_DEFAULTS,
+  tools: { ...WARP_DEFAULTS.tools },
+  model,
+  mode: "subagent"
+});
+createWarpAgent.mode = "subagent";
+
+// src/agents/model-resolution.ts
+var AGENT_MODEL_REQUIREMENTS = {
+  loom: {
+    fallbackChain: [
+      { providers: ["github-copilot"], model: "claude-opus-4.6" },
+      { providers: ["anthropic"], model: "claude-opus-4" },
+      { providers: ["openai"], model: "gpt-5" }
+    ]
+  },
+  tapestry: {
+    fallbackChain: [
+      { providers: ["github-copilot"], model: "claude-sonnet-4.6" },
+      { providers: ["anthropic"], model: "claude-sonnet-4" },
+      { providers: ["openai"], model: "gpt-5" }
+    ]
+  },
+  shuttle: {
+    fallbackChain: [
+      { providers: ["github-copilot"], model: "claude-sonnet-4.6" },
+      { providers: ["anthropic"], model: "claude-sonnet-4" },
+      { providers: ["openai"], model: "gpt-5" }
+    ]
+  },
+  pattern: {
+    fallbackChain: [
+      { providers: ["github-copilot"], model: "claude-opus-4.6" },
+      { providers: ["anthropic"], model: "claude-opus-4" },
+      { providers: ["openai"], model: "gpt-5" }
+    ]
+  },
+  thread: {
+    fallbackChain: [
+      { providers: ["github-copilot"], model: "claude-haiku-4.5" },
+      { providers: ["anthropic"], model: "claude-haiku-4" },
+      { providers: ["google"], model: "gemini-3-flash" }
+    ]
+  },
+  spindle: {
+    fallbackChain: [
+      { providers: ["github-copilot"], model: "claude-haiku-4.5" },
+      { providers: ["anthropic"], model: "claude-haiku-4" },
+      { providers: ["google"], model: "gemini-3-flash" }
+    ]
+  },
+  weft: {
+    fallbackChain: [
+      { providers: ["github-copilot"], model: "claude-sonnet-4.6" },
+      { providers: ["anthropic"], model: "claude-sonnet-4" },
+      { providers: ["openai"], model: "gpt-5" }
+    ]
+  },
+  warp: {
+    fallbackChain: [
+      { providers: ["github-copilot"], model: "claude-opus-4.6" },
+      { providers: ["anthropic"], model: "claude-opus-4" },
+      { providers: ["openai"], model: "gpt-5" }
+    ]
+  }
+};
+function resolveAgentModel(agentName, options) {
+  const { availableModels, agentMode, uiSelectedModel, categoryModel, overrideModel, systemDefaultModel } = options;
+  const requirement = AGENT_MODEL_REQUIREMENTS[agentName];
+  if (overrideModel)
+    return overrideModel;
+  if (uiSelectedModel && (agentMode === "primary" || agentMode === "all")) {
+    return uiSelectedModel;
+  }
+  if (categoryModel && availableModels.has(categoryModel))
+    return categoryModel;
+  for (const entry of requirement.fallbackChain) {
+    for (const provider of entry.providers) {
+      const qualified = `${provider}/${entry.model}`;
+      if (availableModels.has(qualified))
+        return qualified;
+      if (availableModels.has(entry.model))
+        return entry.model;
+    }
+  }
+  if (systemDefaultModel)
+    return systemDefaultModel;
+  const first = requirement.fallbackChain[0];
+  if (first && first.providers.length > 0) {
+    return `${first.providers[0]}/${first.model}`;
+  }
+  return "github-copilot/claude-opus-4.6";
+}
+
+// src/agents/types.ts
+function isFactory(source) {
+  return typeof source === "function";
+}
+
+// src/agents/agent-builder.ts
+function buildAgent(source, model, options) {
+  const base = isFactory(source) ? source(model) : { ...source };
+  if (base.category && options?.categories) {
+    const categoryConfig = options.categories[base.category];
+    if (categoryConfig) {
+      if (!base.model) {
+        base.model = categoryConfig.model;
+      }
+      if (base.temperature === undefined && categoryConfig.temperature !== undefined) {
+        base.temperature = categoryConfig.temperature;
+      }
+      if (base.variant === undefined && categoryConfig.variant !== undefined) {
+        base.variant = categoryConfig.variant;
+      }
+    }
+  }
+  if (base.skills?.length && options?.resolveSkills) {
+    const skillContent = options.resolveSkills(base.skills, options.disabledSkills);
+    if (skillContent) {
+      base.prompt = skillContent + (base.prompt ? `
+
+` + base.prompt : "");
+    }
+  }
+  return base;
+}
+
+// src/agents/builtin-agents.ts
+var AGENT_FACTORIES = {
+  loom: createLoomAgent,
+  tapestry: createTapestryAgent,
+  shuttle: createShuttleAgent,
+  pattern: createPatternAgent,
+  thread: createThreadAgent,
+  spindle: createSpindleAgent,
+  weft: createWeftAgent,
+  warp: createWarpAgent
+};
+function createBuiltinAgents(options = {}) {
+  const {
+    disabledAgents = [],
+    agentOverrides = {},
+    categories,
+    uiSelectedModel,
+    systemDefaultModel,
+    availableModels = new Set,
+    disabledSkills,
+    resolveSkills
+  } = options;
+  const disabledSet = new Set(disabledAgents);
+  const result = {};
+  for (const [name, factory] of Object.entries(AGENT_FACTORIES)) {
+    if (disabledSet.has(name))
+      continue;
+    const override = agentOverrides[name];
+    const overrideModel = override?.model;
+    const resolvedModel = resolveAgentModel(name, {
+      availableModels,
+      agentMode: factory.mode,
+      uiSelectedModel,
+      systemDefaultModel,
+      overrideModel
+    });
+    const built = buildAgent(factory, resolvedModel, {
+      categories,
+      disabledSkills,
+      resolveSkills
+    });
+    if (override) {
+      if (override.prompt_append) {
+        built.prompt = (built.prompt ? built.prompt + `
+
+` : "") + override.prompt_append;
+      }
+      if (override.temperature !== undefined) {
+        built.temperature = override.temperature;
+      }
+    }
+    result[name] = built;
+  }
+  return result;
+}
+
+// src/create-managers.ts
+function createManagers(options) {
+  const { pluginConfig, resolveSkills } = options;
+  const agents = createBuiltinAgents({
+    disabledAgents: pluginConfig.disabled_agents,
+    agentOverrides: pluginConfig.agents,
+    resolveSkills
+  });
+  const configHandler = new ConfigHandler({ pluginConfig });
+  const backgroundManager = new BackgroundManager({
+    maxConcurrent: pluginConfig.background?.defaultConcurrency ?? 5
+  });
+  const skillMcpManager = new SkillMcpManager;
+  return { configHandler, backgroundManager, skillMcpManager, agents };
+}
+
+// src/features/skill-loader/loader.ts
+import * as path3 from "path";
+import * as os2 from "os";
+
+// src/features/skill-loader/discovery.ts
+import * as fs2 from "fs";
+import * as path2 from "path";
+function parseFrontmatter(text) {
+  const frontmatterRegex = /^---\r?\n([\s\S]*?)\r?\n---\r?\n([\s\S]*)$/;
+  const match = frontmatterRegex.exec(text);
+  if (!match) {
+    return { metadata: {}, content: text };
+  }
+  const yamlBlock = match[1];
+  const body = match[2];
+  const metadata = {};
+  try {
+    const lines = yamlBlock.split(/\r?\n/);
+    let i = 0;
+    while (i < lines.length) {
+      const line = lines[i];
+      const keyValueMatch = /^(\w[\w-]*):\s*(.*)$/.exec(line);
+      if (!keyValueMatch) {
+        i++;
+        continue;
+      }
+      const key = keyValueMatch[1];
+      const rawValue = keyValueMatch[2].trim();
+      if (rawValue.startsWith("[") && rawValue.endsWith("]")) {
+        const items = rawValue.slice(1, -1).split(",").map((s) => s.trim().replace(/^['"]|['"]$/g, "")).filter((s) => s.length > 0);
+        setMetadataField(metadata, key, items);
+        i++;
+        continue;
+      }
+      if (rawValue === "") {
+        const listItems = [];
+        i++;
+        while (i < lines.length && /^\s+-\s+(.+)$/.test(lines[i])) {
+          const itemMatch = /^\s+-\s+(.+)$/.exec(lines[i]);
+          if (itemMatch) {
+            listItems.push(itemMatch[1].trim().replace(/^['"]|['"]$/g, ""));
+          }
+          i++;
+        }
+        if (listItems.length > 0) {
+          setMetadataField(metadata, key, listItems);
+        }
+        continue;
+      }
+      setMetadataField(metadata, key, rawValue.replace(/^['"]|['"]$/g, ""));
+      i++;
+    }
+  } catch (err) {
+    log("Failed to parse YAML frontmatter", { error: String(err) });
+    return { metadata: {}, content: text };
+  }
+  return { metadata, content: body };
+}
+function setMetadataField(metadata, key, value) {
+  switch (key) {
+    case "name":
+      if (typeof value === "string")
+        metadata.name = value;
+      break;
+    case "description":
+      if (typeof value === "string")
+        metadata.description = value;
+      break;
+    case "model":
+      if (typeof value === "string")
+        metadata.model = value;
+      break;
+    case "tools":
+      metadata.tools = value;
+      break;
+    default:
+      break;
+  }
+}
+function scanDirectory(options) {
+  const { directory, scope } = options;
+  if (!fs2.existsSync(directory)) {
+    return [];
+  }
+  let entries;
+  try {
+    entries = fs2.readdirSync(directory, { withFileTypes: true });
+  } catch (err) {
+    log("Failed to read skills directory", { directory, error: String(err) });
+    return [];
+  }
+  const skills = [];
+  for (const entry of entries) {
+    const fullPath = path2.join(directory, entry.name);
+    if (entry.isDirectory()) {
+      const skillFile = path2.join(fullPath, "SKILL.md");
+      if (fs2.existsSync(skillFile)) {
+        const skill = loadSkillFile(skillFile, scope);
+        if (skill)
+          skills.push(skill);
+      }
+      continue;
+    }
+    if (entry.isFile() && entry.name === "SKILL.md") {
+      const skill = loadSkillFile(fullPath, scope);
+      if (skill)
+        skills.push(skill);
+    }
+  }
+  return skills;
+}
+function loadSkillFile(filePath, scope) {
+  let text;
+  try {
+    text = fs2.readFileSync(filePath, "utf8");
+  } catch (err) {
+    log("Failed to read skill file", { filePath, error: String(err) });
+    return null;
+  }
+  const { metadata, content } = parseFrontmatter(text);
+  if (!metadata.name) {
+    log("Skill file missing name in frontmatter — skipping", { filePath });
+    return null;
+  }
+  return { name: metadata.name, description: metadata.description ?? "", content, scope, path: filePath, model: metadata.model };
+}
+
+// src/features/skill-loader/merger.ts
+var SCOPE_PRIORITY = { project: 3, user: 2, builtin: 1 };
+function mergeSkills(skills) {
+  const skillMap = new Map;
+  for (const skill of skills) {
+    const existing = skillMap.get(skill.name);
+    if (!existing || (SCOPE_PRIORITY[skill.scope] ?? 0) > (SCOPE_PRIORITY[existing.scope] ?? 0)) {
+      skillMap.set(skill.name, skill);
+    }
+  }
+  return Array.from(skillMap.values());
+}
+
+// src/features/skill-loader/builtin-skills.ts
+function createBuiltinSkills() {
+  return [];
+}
+
+// src/features/skill-loader/loader.ts
+function loadSkills(options = {}) {
+  const { directory, disabledSkills = [] } = options;
+  const projectDir = path3.join(directory ?? process.cwd(), ".opencode", "skills");
+  const userDir = path3.join(os2.homedir(), ".config", "opencode", "weave-opencode", "skills");
+  const projectSkills = scanDirectory({ directory: projectDir, scope: "project" });
+  const userSkills = scanDirectory({ directory: userDir, scope: "user" });
+  const builtinSkills = createBuiltinSkills();
+  const all = [...projectSkills, ...userSkills, ...builtinSkills];
+  const merged = mergeSkills(all);
+  if (disabledSkills.length === 0)
+    return { skills: merged };
+  const disabledSet = new Set(disabledSkills);
+  return { skills: merged.filter((s) => !disabledSet.has(s.name)) };
+}
+// src/features/skill-loader/resolver.ts
+function resolveSkill(name, result) {
+  return result.skills.find((s) => s.name === name)?.content ?? "";
+}
+function resolveMultipleSkills(skillNames, disabledSkills, discovered) {
+  if (!discovered)
+    return "";
+  const parts = [];
+  for (const name of skillNames) {
+    if (disabledSkills?.has(name))
+      continue;
+    const content = resolveSkill(name, discovered);
+    if (content) {
+      parts.push(content);
+    }
+  }
+  return parts.join(`
+
+`);
+}
+function createSkillResolver(discovered) {
+  return (skillNames, disabledSkills) => {
+    return resolveMultipleSkills(skillNames, disabledSkills, discovered);
+  };
+}
+// src/create-tools.ts
+async function createTools(options) {
+  const { ctx, pluginConfig } = options;
+  const skillResult = loadSkills({
+    directory: ctx.directory,
+    disabledSkills: pluginConfig.disabled_skills ?? []
+  });
+  const resolveSkillsFn = createSkillResolver(skillResult);
+  const tools = {};
+  return {
+    tools,
+    availableSkills: skillResult.skills,
+    resolveSkillsFn
+  };
+}
+
+// src/hooks/context-window-monitor.ts
+function checkContextWindow(state, thresholds = { warningPct: 0.8, criticalPct: 0.95 }) {
+  const usagePct = state.maxTokens > 0 ? state.usedTokens / state.maxTokens : 0;
+  if (usagePct >= thresholds.criticalPct) {
+    const message = buildRecoveryMessage(state, usagePct);
+    log(`[context-window] CRITICAL ${(usagePct * 100).toFixed(1)}% used in session ${state.sessionId}`);
+    return { action: "recover", usagePct, message };
+  }
+  if (usagePct >= thresholds.warningPct) {
+    log(`[context-window] WARNING ${(usagePct * 100).toFixed(1)}% used in session ${state.sessionId}`);
+    return { action: "warn", usagePct, message: buildWarningMessage(usagePct) };
+  }
+  return { action: "none", usagePct };
+}
+function buildWarningMessage(usagePct) {
+  const pct = (usagePct * 100).toFixed(0);
+  return `⚠️ Context window at ${pct}%. Consider wrapping up the current task or spawning a background agent for remaining work.
+
+Update the sidebar: use todowrite to create or update a todo (in_progress, high priority): "Context: ${pct}% — wrap up soon"`;
+}
+function buildRecoveryMessage(state, usagePct) {
+  const pct = (usagePct * 100).toFixed(0);
+  return `\uD83D\uDEA8 Context window at ${pct}% (${state.usedTokens}/${state.maxTokens} tokens).
+
+IMMEDIATE ACTION REQUIRED:
+1. Save your current progress and findings to a notepad or file
+2. Summarize completed work and remaining tasks
+3. If work remains: spawn a background agent or ask the user to continue in a new session
+4. Do NOT attempt large new tasks — wrap up gracefully
+
+Update the sidebar: use todowrite to create a todo (in_progress, high priority): "CONTEXT ${pct}% — save & stop"`;
+}
+
+// src/hooks/write-existing-file-guard.ts
+import * as fs3 from "fs";
+function createWriteGuardState() {
+  return { readFiles: new Set };
+}
+function trackFileRead(state, filePath) {
+  state.readFiles.add(filePath);
+}
+function checkWriteAllowed(state, filePath) {
+  if (!fs3.existsSync(filePath)) {
+    return { allowed: true };
+  }
+  if (state.readFiles.has(filePath)) {
+    return { allowed: true };
+  }
+  const warning = `⚠️ Write guard: Attempting to write to '${filePath}' without reading it first. Read the file before overwriting to avoid data loss.`;
+  log(`[write-guard] BLOCKED write to unread file: ${filePath}`);
+  return { allowed: false, warning };
+}
+function createWriteGuard(state) {
+  return {
+    trackRead: (filePath) => trackFileRead(state, filePath),
+    checkWrite: (filePath) => checkWriteAllowed(state, filePath)
+  };
+}
+
+// src/hooks/rules-injector.ts
+import * as fs4 from "fs";
+import * as path4 from "path";
+var RULES_FILENAMES = ["AGENTS.md", ".rules", "CLAUDE.md"];
+function findRulesFile(directory) {
+  for (const filename of RULES_FILENAMES) {
+    const candidate = path4.join(directory, filename);
+    if (fs4.existsSync(candidate)) {
+      return candidate;
+    }
+  }
+  return;
+}
+function loadRulesForDirectory(directory) {
+  const rulesFile = findRulesFile(directory);
+  if (!rulesFile)
+    return;
+  try {
+    const content = fs4.readFileSync(rulesFile, "utf8");
+    log(`[rules-injector] Loaded rules from ${rulesFile}`);
+    return content;
+  } catch {
+    log(`[rules-injector] Failed to read rules file: ${rulesFile}`);
+    return;
+  }
+}
+function shouldInjectRules(toolName) {
+  return toolName === "read" || toolName === "write" || toolName === "edit";
+}
+function getDirectoryFromFilePath(filePath) {
+  return path4.dirname(path4.resolve(filePath));
+}
+function buildRulesInjection(rulesContent, directory) {
+  return `<rules source="${directory}">
+${rulesContent}
+</rules>`;
+}
+function getRulesForFile(filePath) {
+  const dir = getDirectoryFromFilePath(filePath);
+  const content = loadRulesForDirectory(dir);
+  if (!content)
+    return;
+  return buildRulesInjection(content, dir);
+}
+
+// src/hooks/first-message-variant.ts
+var appliedSessions = new Set;
+var createdSessions = new Set;
+function markSessionCreated(sessionId) {
+  createdSessions.add(sessionId);
+}
+function markApplied(sessionId) {
+  appliedSessions.add(sessionId);
+}
+function shouldApplyVariant(sessionId) {
+  return createdSessions.has(sessionId) && !appliedSessions.has(sessionId);
+}
+function clearSession(sessionId) {
+  appliedSessions.delete(sessionId);
+  createdSessions.delete(sessionId);
+}
+
+// src/hooks/keyword-detector.ts
+var DEFAULT_KEYWORD_ACTIONS = [
+  {
+    keyword: "ultrawork",
+    injection: `[ULTRAWORK MODE ACTIVATED]
+Maximum effort engaged. Use ALL available agents in parallel. No shortcuts. Complete the task fully and deeply before responding.`
+  },
+  {
+    keyword: "ulw",
+    injection: `[ULTRAWORK MODE ACTIVATED]
+Maximum effort engaged. Use ALL available agents in parallel. No shortcuts. Complete the task fully and deeply before responding.`
+  }
+];
+function detectKeywords(message, actions = DEFAULT_KEYWORD_ACTIONS) {
+  const lower = message.toLowerCase();
+  return actions.filter((a) => lower.includes(a.keyword.toLowerCase()));
+}
+function buildKeywordInjection(detected) {
+  if (detected.length === 0)
+    return;
+  return detected.map((a) => a.injection).join(`
+
+`);
+}
+function processMessageForKeywords(message, sessionId, actions) {
+  const detected = detectKeywords(message, actions);
+  if (detected.length > 0) {
+    log(`[keyword-detector] Detected keywords in session ${sessionId}: ${detected.map((a) => a.keyword).join(", ")}`);
+  }
+  return buildKeywordInjection(detected);
+}
+
+// src/hooks/pattern-md-only.ts
+var WRITE_TOOLS = new Set(["write", "edit"]);
+var WEAVE_DIR_SEGMENT = ".weave";
+function checkPatternWrite(agentName, toolName, filePath) {
+  if (agentName !== "pattern") {
+    return { allowed: true };
+  }
+  if (!WRITE_TOOLS.has(toolName)) {
+    return { allowed: true };
+  }
+  const normalizedPath = filePath.replace(/\\/g, "/");
+  if (!normalizedPath.includes(`${WEAVE_DIR_SEGMENT}/`)) {
+    return {
+      allowed: false,
+      reason: `Pattern agent can only write to .weave/ directory. Attempted: ${filePath}`
+    };
+  }
+  if (!normalizedPath.endsWith(".md")) {
+    return {
+      allowed: false,
+      reason: `Pattern agent can only write .md files. Attempted: ${filePath}`
+    };
+  }
+  return { allowed: true };
+}
+
+// src/features/work-state/constants.ts
+var WEAVE_DIR = ".weave";
+var WORK_STATE_FILE = "state.json";
+var WORK_STATE_PATH = `${WEAVE_DIR}/${WORK_STATE_FILE}`;
+var PLANS_DIR = `${WEAVE_DIR}/plans`;
+// src/features/work-state/storage.ts
+import { existsSync as existsSync5, readFileSync as readFileSync4, writeFileSync, unlinkSync, mkdirSync, readdirSync as readdirSync2, statSync } from "fs";
+import { join as join6, basename } from "path";
+var UNCHECKED_RE = /^[-*]\s*\[\s*\]/gm;
+var CHECKED_RE = /^[-*]\s*\[[xX]\]/gm;
+function readWorkState(directory) {
+  const filePath = join6(directory, WEAVE_DIR, WORK_STATE_FILE);
+  try {
+    if (!existsSync5(filePath))
+      return null;
+    const raw = readFileSync4(filePath, "utf-8");
+    const parsed = JSON.parse(raw);
+    if (!parsed || typeof parsed !== "object" || Array.isArray(parsed))
+      return null;
+    if (typeof parsed.active_plan !== "string")
+      return null;
+    if (!Array.isArray(parsed.session_ids)) {
+      parsed.session_ids = [];
+    }
+    return parsed;
+  } catch {
+    return null;
+  }
+}
+function writeWorkState(directory, state) {
+  try {
+    const dir = join6(directory, WEAVE_DIR);
+    if (!existsSync5(dir)) {
+      mkdirSync(dir, { recursive: true });
+    }
+    writeFileSync(join6(dir, WORK_STATE_FILE), JSON.stringify(state, null, 2), "utf-8");
+    return true;
+  } catch {
+    return false;
+  }
+}
+function clearWorkState(directory) {
+  const filePath = join6(directory, WEAVE_DIR, WORK_STATE_FILE);
+  try {
+    if (existsSync5(filePath)) {
+      unlinkSync(filePath);
+    }
+    return true;
+  } catch {
+    return false;
+  }
+}
+function appendSessionId(directory, sessionId) {
+  const state = readWorkState(directory);
+  if (!state)
+    return null;
+  if (!state.session_ids.includes(sessionId)) {
+    state.session_ids.push(sessionId);
+    writeWorkState(directory, state);
+  }
+  return state;
+}
+function createWorkState(planPath, sessionId, agent) {
+  return {
+    active_plan: planPath,
+    started_at: new Date().toISOString(),
+    session_ids: [sessionId],
+    plan_name: getPlanName(planPath),
+    ...agent !== undefined ? { agent } : {}
+  };
+}
+function findPlans(directory) {
+  const plansDir = join6(directory, PLANS_DIR);
+  try {
+    if (!existsSync5(plansDir))
+      return [];
+    const files = readdirSync2(plansDir).filter((f) => f.endsWith(".md")).map((f) => {
+      const fullPath = join6(plansDir, f);
+      const stat = statSync(fullPath);
+      return { path: fullPath, mtime: stat.mtimeMs };
+    }).sort((a, b) => b.mtime - a.mtime).map((f) => f.path);
+    return files;
+  } catch {
+    return [];
+  }
+}
+function getPlanProgress(planPath) {
+  if (!existsSync5(planPath)) {
+    return { total: 0, completed: 0, isComplete: true };
+  }
+  try {
+    const content = readFileSync4(planPath, "utf-8");
+    const unchecked = content.match(UNCHECKED_RE) || [];
+    const checked = content.match(CHECKED_RE) || [];
+    const total = unchecked.length + checked.length;
+    const completed = checked.length;
+    return {
+      total,
+      completed,
+      isComplete: total === 0 || completed === total
+    };
+  } catch {
+    return { total: 0, completed: 0, isComplete: true };
+  }
+}
+function getPlanName(planPath) {
+  return basename(planPath, ".md");
+}
+// src/hooks/start-work-hook.ts
+function handleStartWork(input) {
+  const { promptText, sessionId, directory } = input;
+  if (!promptText.includes("<session-context>")) {
+    return { contextInjection: null, switchAgent: null };
+  }
+  const explicitPlanName = extractPlanName(promptText);
+  const existingState = readWorkState(directory);
+  const allPlans = findPlans(directory);
+  if (explicitPlanName) {
+    return handleExplicitPlan(explicitPlanName, allPlans, sessionId, directory);
+  }
+  if (existingState) {
+    const progress = getPlanProgress(existingState.active_plan);
+    if (!progress.isComplete) {
+      appendSessionId(directory, sessionId);
+      return {
+        switchAgent: "tapestry",
+        contextInjection: buildResumeContext(existingState.active_plan, existingState.plan_name, progress)
+      };
+    }
+  }
+  return handlePlanDiscovery(allPlans, sessionId, directory);
+}
+function extractPlanName(promptText) {
+  const match = promptText.match(/<user-request>\s*([\s\S]*?)\s*<\/user-request>/i);
+  if (!match)
+    return null;
+  const cleaned = match[1].trim();
+  return cleaned || null;
+}
+function handleExplicitPlan(requestedName, allPlans, sessionId, directory) {
+  const matched = findPlanByName(allPlans, requestedName);
+  if (!matched) {
+    const incompletePlans = allPlans.filter((p) => !getPlanProgress(p).isComplete);
+    const listing = incompletePlans.length > 0 ? incompletePlans.map((p) => `  - ${getPlanName(p)}`).join(`
+`) : "  (none)";
+    return {
+      switchAgent: "tapestry",
+      contextInjection: `## Plan Not Found
+No plan matching "${requestedName}" was found.
+
+Available incomplete plans:
+${listing}
+
+Tell the user which plans are available and ask them to specify one.`
+    };
+  }
+  const progress = getPlanProgress(matched);
+  if (progress.isComplete) {
+    return {
+      switchAgent: "tapestry",
+      contextInjection: `## Plan Already Complete
+The plan "${getPlanName(matched)}" has all ${progress.total} tasks completed.
+Tell the user this plan is already done and suggest creating a new one with Pattern.`
+    };
+  }
+  clearWorkState(directory);
+  const state = createWorkState(matched, sessionId, "tapestry");
+  writeWorkState(directory, state);
+  return {
+    switchAgent: "tapestry",
+    contextInjection: buildFreshContext(matched, getPlanName(matched), progress)
+  };
+}
+function handlePlanDiscovery(allPlans, sessionId, directory) {
+  if (allPlans.length === 0) {
+    return {
+      switchAgent: "tapestry",
+      contextInjection: "## No Plans Found\nNo plan files found at `.weave/plans/`.\nTell the user to switch to Pattern agent to create a work plan first."
+    };
+  }
+  const incompletePlans = allPlans.filter((p) => !getPlanProgress(p).isComplete);
+  if (incompletePlans.length === 0) {
+    return {
+      switchAgent: "tapestry",
+      contextInjection: `## All Plans Complete
+All existing plans have been completed.
+Tell the user to switch to Pattern agent to create a new plan.`
+    };
+  }
+  if (incompletePlans.length === 1) {
+    const plan = incompletePlans[0];
+    const progress = getPlanProgress(plan);
+    const state = createWorkState(plan, sessionId, "tapestry");
+    writeWorkState(directory, state);
+    return {
+      switchAgent: "tapestry",
+      contextInjection: buildFreshContext(plan, getPlanName(plan), progress)
+    };
+  }
+  const listing = incompletePlans.map((p) => {
+    const progress = getPlanProgress(p);
+    return `  - **${getPlanName(p)}** (${progress.completed}/${progress.total} tasks done)`;
+  }).join(`
+`);
+  return {
+    switchAgent: "tapestry",
+    contextInjection: `## Multiple Plans Found
+There are ${incompletePlans.length} incomplete plans:
+${listing}
+
+Ask the user which plan to work on. They can run \`/start-work [plan-name]\` to select one.`
+  };
+}
+function findPlanByName(plans, requestedName) {
+  const lower = requestedName.toLowerCase();
+  const exact = plans.find((p) => getPlanName(p).toLowerCase() === lower);
+  if (exact)
+    return exact;
+  const partial = plans.find((p) => getPlanName(p).toLowerCase().includes(lower));
+  return partial || null;
+}
+function buildFreshContext(planPath, planName, progress) {
+  return `## Starting Plan: ${planName}
+**Plan file**: ${planPath}
+**Progress**: ${progress.completed}/${progress.total} tasks completed
+
+Read the plan file now and begin executing from the first unchecked \`- [ ]\` task.
+
+**SIDEBAR TODOS — DO THIS FIRST:**
+Before starting any work, use todowrite to populate the sidebar:
+1. Create a summary todo (in_progress): "${planName} ${progress.completed}/${progress.total}"
+2. Create a todo for the first unchecked task (in_progress)
+3. Create todos for the next 2-3 tasks (pending)
+Keep each todo under 35 chars. Update as you complete tasks.`;
+}
+function buildResumeContext(planPath, planName, progress) {
+  const remaining = progress.total - progress.completed;
+  return `## Resuming Plan: ${planName}
+**Plan file**: ${planPath}
+**Progress**: ${progress.completed}/${progress.total} tasks completed
+**Status**: RESUMING — continuing from where the previous session left off.
+
+Read the plan file now and continue from the first unchecked \`- [ ]\` task.
+
+**SIDEBAR TODOS — RESTORE STATE:**
+Previous session's todos are lost. Use todowrite to restore the sidebar:
+1. Create a summary todo (in_progress): "${planName} ${progress.completed}/${progress.total}"
+2. Create a todo for the next unchecked task (in_progress)
+3. Create todos for the following 2-3 tasks (pending)
+Keep each todo under 35 chars. ${remaining} task${remaining !== 1 ? "s" : ""} remaining.`;
+}
+
+// src/hooks/work-continuation.ts
+function checkContinuation(input) {
+  const { directory } = input;
+  const state = readWorkState(directory);
+  if (!state) {
+    return { continuationPrompt: null };
+  }
+  const progress = getPlanProgress(state.active_plan);
+  if (progress.isComplete) {
+    return { continuationPrompt: null };
+  }
+  const remaining = progress.total - progress.completed;
+  return {
+    continuationPrompt: `You have an active work plan with incomplete tasks. Continue working.
+
+**Plan**: ${state.plan_name}
+**File**: ${state.active_plan}
+**Progress**: ${progress.completed}/${progress.total} tasks completed (${remaining} remaining)
+
+1. Read the plan file NOW to check exact current progress
+2. Use todowrite to restore sidebar: summary todo "${state.plan_name} ${progress.completed}/${progress.total}" (in_progress) + next task (in_progress) + 2-3 upcoming (pending). Max 35 chars each.
+3. Find the first unchecked \`- [ ]\` task
+4. Execute it, verify it, mark \`- [ ]\` → \`- [x]\`
+5. Update sidebar todos as you complete tasks
+6. Do not stop until all tasks are complete`
+  };
+}
+
+// src/hooks/verification-reminder.ts
+function buildVerificationReminder(input) {
+  const planContext = input.planName && input.progress ? `
+**Plan**: ${input.planName} (${input.progress.completed}/${input.progress.total} tasks done)` : "";
+  return {
+    verificationPrompt: `## Verification Required
+${planContext}
+
+Before marking this task complete, verify the work:
+
+1. **Read the changes**: \`git diff --stat\` then Read each changed file
+2. **Run checks**: Run relevant tests, check for linting/type errors
+3. **Validate behavior**: Does the code actually do what was requested?
+4. **Gate decision**: Can you explain what every changed line does?
+
+If uncertain about quality, delegate to \`weft\` agent for a formal review:
+\`call_weave_agent(agent="weft", prompt="Review the changes for [task description]")\`
+
+If changes touch auth, crypto, tokens, or input validation, delegate to \`warp\` agent for a security audit:
+\`call_weave_agent(agent="warp", prompt="Security audit the changes for [task description]")\`
+
+Only mark complete when ALL checks pass.`
+  };
+}
+
+// src/hooks/create-hooks.ts
+function createHooks(args) {
+  const { isHookEnabled, directory } = args;
+  const writeGuardState = createWriteGuardState();
+  const writeGuard = createWriteGuard(writeGuardState);
+  const contextWindowThresholds = {
+    warningPct: 0.8,
+    criticalPct: 0.95
+  };
+  return {
+    checkContextWindow: isHookEnabled("context-window-monitor") ? (state) => checkContextWindow(state, contextWindowThresholds) : null,
+    writeGuard: isHookEnabled("write-existing-file-guard") ? writeGuard : null,
+    shouldInjectRules: isHookEnabled("rules-injector") ? shouldInjectRules : null,
+    getRulesForFile: isHookEnabled("rules-injector") ? getRulesForFile : null,
+    firstMessageVariant: isHookEnabled("first-message-variant") ? { shouldApplyVariant, markApplied, markSessionCreated, clearSession } : null,
+    processMessageForKeywords: isHookEnabled("keyword-detector") ? processMessageForKeywords : null,
+    patternMdOnly: isHookEnabled("pattern-md-only") ? checkPatternWrite : null,
+    startWork: isHookEnabled("start-work") ? (promptText, sessionId) => handleStartWork({ promptText, sessionId, directory }) : null,
+    workContinuation: isHookEnabled("work-continuation") ? (sessionId) => checkContinuation({ sessionId, directory }) : null,
+    verificationReminder: isHookEnabled("verification-reminder") ? buildVerificationReminder : null
+  };
+}
+
+// src/plugin/plugin-interface.ts
+function createPluginInterface(args) {
+  const { pluginConfig, hooks, tools, configHandler, agents } = args;
+  return {
+    tool: tools,
+    config: async (config) => {
+      const result = await configHandler.handle({
+        pluginConfig,
+        agents,
+        availableTools: []
+      });
+      config.agent = result.agents;
+      config.command = result.commands;
+      if (result.defaultAgent) {
+        config.default_agent = result.defaultAgent;
+      }
+    },
+    "chat.message": async (input, _output) => {
+      const { sessionID } = input;
+      if (hooks.checkContextWindow) {
+        hooks.checkContextWindow({
+          usedTokens: 0,
+          maxTokens: 0,
+          sessionId: sessionID
+        });
+      }
+      if (hooks.firstMessageVariant) {
+        if (hooks.firstMessageVariant.shouldApplyVariant(sessionID)) {
+          hooks.firstMessageVariant.markApplied(sessionID);
+        }
+      }
+      if (hooks.processMessageForKeywords) {
+        hooks.processMessageForKeywords("", sessionID);
+      }
+      if (hooks.startWork) {
+        const parts = _output.parts;
+        const message = _output.message;
+        if (parts) {
+          const timestamp = new Date().toISOString();
+          for (const part of parts) {
+            if (part.type === "text" && part.text) {
+              part.text = part.text.replace(/\$SESSION_ID/g, sessionID).replace(/\$TIMESTAMP/g, timestamp);
+            }
+          }
+        }
+        const promptText = parts?.filter((p) => p.type === "text" && p.text).map((p) => p.text).join(`
+`).trim() ?? "";
+        const result = hooks.startWork(promptText, sessionID);
+        if (result.switchAgent && message) {
+          message.agent = getAgentDisplayName(result.switchAgent);
+        }
+        if (result.contextInjection && parts) {
+          const idx = parts.findIndex((p) => p.type === "text" && p.text);
+          if (idx >= 0 && parts[idx].text) {
+            parts[idx].text += `
+
+---
+${result.contextInjection}`;
+          } else {
+            parts.push({ type: "text", text: result.contextInjection });
+          }
+        }
+      }
+    },
+    "chat.params": async (_input, _output) => {},
+    "chat.headers": async (_input, _output) => {},
+    event: async (input) => {
+      const { event } = input;
+      if (hooks.firstMessageVariant) {
+        if (event.type === "session.created") {
+          const evt = event;
+          hooks.firstMessageVariant.markSessionCreated(evt.properties.info.id);
+        }
+        if (event.type === "session.deleted") {
+          const evt = event;
+          hooks.firstMessageVariant.clearSession(evt.properties.info.id);
+        }
+      }
+      if (hooks.workContinuation && event.type === "session.idle") {
+        const evt = event;
+        const sessionId = evt.properties?.sessionID ?? "";
+        if (sessionId) {
+          const result = hooks.workContinuation(sessionId);
+          if (result.continuationPrompt) {}
+        }
+      }
+    },
+    "tool.execute.before": async (input, _output) => {
+      const args2 = _output.args;
+      const filePath = args2?.file_path ?? args2?.path ?? "";
+      if (filePath && hooks.shouldInjectRules && hooks.getRulesForFile) {
+        if (hooks.shouldInjectRules(input.tool)) {
+          hooks.getRulesForFile(filePath);
+        }
+      }
+      if (filePath && hooks.writeGuard) {
+        if (input.tool === "read") {
+          hooks.writeGuard.trackRead(filePath);
+        }
+      }
+      if (filePath && hooks.patternMdOnly) {
+        const agentName = input.agent;
+        if (agentName) {
+          const check = hooks.patternMdOnly(agentName, input.tool, filePath);
+          if (!check.allowed) {
+            throw new Error(check.reason ?? "Pattern agent is restricted to .md files in .weave/");
+          }
+        }
+      }
+    },
+    "tool.execute.after": async (_input, _output) => {}
+  };
+}
+
+// src/index.ts
+var WeavePlugin = async (ctx) => {
+  const pluginConfig = loadWeaveConfig(ctx.directory, ctx);
+  const disabledHooks = new Set(pluginConfig.disabled_hooks ?? []);
+  const isHookEnabled = (name) => !disabledHooks.has(name);
+  const toolsResult = await createTools({ ctx, pluginConfig });
+  const managers = createManagers({ ctx, pluginConfig, resolveSkills: toolsResult.resolveSkillsFn });
+  const hooks = createHooks({ pluginConfig, isHookEnabled, directory: ctx.directory });
+  return createPluginInterface({
+    pluginConfig,
+    hooks,
+    tools: toolsResult.tools,
+    configHandler: managers.configHandler,
+    agents: managers.agents
+  });
+};
+var src_default = WeavePlugin;
+export {
+  src_default as default
+};