@tw93/waza 3.28.0 → 3.29.0

package/scripts/skill_checks.py

@@ -46,6 +46,7 @@ FORCED_GITHUB_TOOL_RE = re.compile(
     r'for\s+all\s+GitHub\s+interactions,\s+not\s+MCP\s+or\s+raw\s+API)',
     re.IGNORECASE,
 )
+CJK_RE = re.compile(r"[\u3400-\u4dbf\u4e00-\u9fff\uf900-\ufaff]")
 
 DURABLE_CONTEXT_SKILLS = {"think", "check", "hunt", "design", "write", "health"}
 
@@ -59,6 +60,19 @@ ATTRIBUTION_PATTERNS = (
     "noreply@anthropic.com",
     "cursoragent@cursor.com",
 )
+CODEX_MIRROR_IGNORED_DIRS = {
+    "__pycache__",
+    ".mypy_cache",
+    ".pytest_cache",
+    ".ruff_cache",
+}
+CODEX_MIRROR_IGNORED_NAMES = {
+    ".DS_Store",
+}
+CODEX_MIRROR_IGNORED_SUFFIXES = {
+    ".pyc",
+    ".pyo",
+}
 
 
 def pipe_count(s: str) -> int:
@@ -75,6 +89,14 @@ def pipe_count(s: str) -> int:
     return n
 
 
+def should_include_codex_mirror_file(path: Path) -> bool:
+    if any(part in CODEX_MIRROR_IGNORED_DIRS for part in path.parts):
+        return False
+    if path.name in CODEX_MIRROR_IGNORED_NAMES:
+        return False
+    return path.suffix not in CODEX_MIRROR_IGNORED_SUFFIXES
+
+
 def check_skill_files(root: Path):
     skill_files = sorted((root / "skills").glob("*/SKILL.md"))
     if not skill_files:
@@ -105,7 +127,14 @@ def check_skill_files(root: Path):
 
 
 def check_marketplace(root: Path, expected_version: str, skill_names: set[str], skill_descriptions: dict[str, str]):
-    """Validate marketplace.json shape:
+    """Validate generated Claude Code and Codex marketplace metadata."""
+    check_claude_marketplace(root, expected_version, skill_names, skill_descriptions)
+    check_codex_plugin(root, expected_version)
+    check_codex_marketplace(root)
+
+
+def check_claude_marketplace(root: Path, expected_version: str, skill_names: set[str], skill_descriptions: dict[str, str]):
+    """Validate Claude Code marketplace.json shape:
 
     - One bundle entry: name == "waza", source == "./".
     - Per-skill entries: name == "waza-<skill>", source == "./skills/<skill>".
@@ -202,6 +231,138 @@ def check_marketplace(root: Path, expected_version: str, skill_names: set[str],
     print(f"ok: all versions in lock-step with VERSION={expected_version}")
 
 
+def check_codex_plugin(root: Path, expected_version: str):
+    """Validate Codex plugin manifest shape."""
+    plugin_root = root / "plugins" / "waza"
+    manifest_path = plugin_root / ".codex-plugin" / "plugin.json"
+    if not manifest_path.exists():
+        fail(
+            "MISSING CODEX PLUGIN MANIFEST: expected "
+            "plugins/waza/.codex-plugin/plugin.json "
+            "so Codex can install Waza as a plugin from the repo marketplace"
+        )
+    manifest = json.loads(manifest_path.read_text())
+    required = {
+        "name": "waza",
+        "version": expected_version,
+        "skills": "./skills/",
+        "license": "MIT",
+        "homepage": "https://github.com/tw93/Waza",
+        "repository": "https://github.com/tw93/Waza",
+    }
+    for key, expected in required.items():
+        actual = manifest.get(key)
+        if actual != expected:
+            fail(
+                f"CODEX PLUGIN FIELD DRIFT: plugins/waza/.codex-plugin/plugin.json {key}="
+                f"{actual!r} expected {expected!r}"
+            )
+    if not (manifest.get("description") or "").strip():
+        fail("CODEX PLUGIN DESCRIPTION: plugins/waza/.codex-plugin/plugin.json needs description")
+    author = manifest.get("author")
+    if not isinstance(author, dict) or not author.get("name"):
+        fail("CODEX PLUGIN AUTHOR: plugins/waza/.codex-plugin/plugin.json needs author.name")
+    interface = manifest.get("interface")
+    if not isinstance(interface, dict):
+        fail("CODEX PLUGIN INTERFACE: plugins/waza/.codex-plugin/plugin.json needs interface object")
+    interface_required = {
+        "displayName": "Waza",
+        "developerName": "Tw93",
+        "category": "Developer Tools",
+        "websiteURL": "https://github.com/tw93/Waza",
+    }
+    for key, expected in interface_required.items():
+        actual = interface.get(key)
+        if actual != expected:
+            fail(
+                f"CODEX PLUGIN INTERFACE DRIFT: plugins/waza/.codex-plugin/plugin.json "
+                f"interface.{key}={actual!r} expected {expected!r}"
+            )
+    default_prompt = interface.get("defaultPrompt")
+    if (
+        not isinstance(default_prompt, list)
+        or not default_prompt
+        or len(default_prompt) > 3
+        or any(not isinstance(item, str) or len(item) > 128 for item in default_prompt)
+    ):
+        fail(
+            "CODEX PLUGIN DEFAULT PROMPTS: interface.defaultPrompt must contain "
+            "1-3 strings, each <=128 chars"
+        )
+    if not (plugin_root / "skills").is_dir():
+        fail(
+            "CODEX PLUGIN SKILLS PATH: plugins/waza/.codex-plugin/plugin.json "
+            "points at missing plugins/waza/skills/"
+        )
+    for source_name in ("skills", "rules"):
+        source_root = root / source_name
+        mirror_root = plugin_root / source_name
+        for source_path in sorted(source_root.rglob("*")):
+            if not source_path.is_file():
+                continue
+            source_rel = source_path.relative_to(source_root)
+            if not should_include_codex_mirror_file(source_rel):
+                continue
+            mirror_path = mirror_root / source_rel
+            if not mirror_path.exists():
+                fail(
+                    f"CODEX PLUGIN MIRROR MISSING: {mirror_path.relative_to(root)} "
+                    f"must mirror {source_path.relative_to(root)}"
+                )
+            if mirror_path.read_bytes() != source_path.read_bytes():
+                fail(
+                    f"CODEX PLUGIN MIRROR DRIFT: {mirror_path.relative_to(root)} "
+                    f"differs from {source_path.relative_to(root)}"
+                )
+    print(f"ok: Codex plugin manifest pinned to {expected_version}")
+
+
+def check_codex_marketplace(root: Path):
+    """Validate repo-local Codex marketplace shape."""
+    marketplace_path = root / ".agents" / "plugins" / "marketplace.json"
+    if not marketplace_path.exists():
+        fail(
+            "MISSING CODEX MARKETPLACE: expected .agents/plugins/marketplace.json "
+            "so `codex plugin marketplace add tw93/Waza` can discover Waza"
+        )
+    marketplace = json.loads(marketplace_path.read_text())
+    if marketplace.get("name") != "waza":
+        fail("CODEX MARKETPLACE NAME: .agents/plugins/marketplace.json name must be 'waza'")
+    interface = marketplace.get("interface")
+    if not isinstance(interface, dict) or interface.get("displayName") != "Waza":
+        fail(
+            "CODEX MARKETPLACE DISPLAY NAME: .agents/plugins/marketplace.json "
+            "must set interface.displayName to 'Waza'"
+        )
+    plugins = marketplace.get("plugins")
+    if not isinstance(plugins, list) or len(plugins) != 1:
+        fail("CODEX MARKETPLACE PLUGINS: expected exactly one Waza plugin entry")
+    entry = plugins[0]
+    expected_entry = {
+        "name": "waza",
+        "source": {
+            "source": "local",
+            "path": "./plugins/waza",
+        },
+        "policy": {
+            "installation": "AVAILABLE",
+            "authentication": "ON_INSTALL",
+        },
+        "category": "Developer Tools",
+    }
+    if entry != expected_entry:
+        fail(
+            "CODEX MARKETPLACE ENTRY DRIFT: .agents/plugins/marketplace.json "
+            f"plugins[0]={entry!r} expected {expected_entry!r}"
+        )
+    if not (root / "plugins" / "waza" / ".codex-plugin" / "plugin.json").exists():
+        fail(
+            "CODEX MARKETPLACE SOURCE: source.path './plugins/waza' must resolve to a plugin "
+            "root containing .codex-plugin/plugin.json"
+        )
+    print("ok: Codex marketplace exposes waza plugin")
+
+
 def check_references(root: Path, skill_files: list[Path]):
     for path in skill_files:
         skill_dir = path.parent.name
@@ -245,6 +406,11 @@ def check_description_conformance(skill_descriptions: dict[str, str]):
                 f"DESCRIPTION MISSING EXCLUSION CLAUSE: {skill}\n"
                 f"  Must contain a 'Not for ...' clause so the resolver learns when NOT to fire. Got: {clean[:120]!r}"
             )
+        if CJK_RE.search(clean):
+            fail(
+                f"DESCRIPTION CONTAINS CJK: {skill}\n"
+                f"  Keep public-facing description metadata English-only. Put multilingual trigger phrases in when_to_use."
+            )
         print(f"ok: description {skill} ({length} chars)")
 
 
@@ -638,6 +804,21 @@ def check_readme_install_command(root: Path):
             f"README INSTALL COMMAND: README.md must include {expected!r}\n"
             f"  Waza's public install path depends on this exact string."
         )
+    expected_codex_marketplace = "codex plugin marketplace add tw93/Waza"
+    if expected_codex_marketplace not in text:
+        fail(
+            "README CODEX MARKETPLACE COMMAND: README.md must include "
+            f"{expected_codex_marketplace!r}\n"
+            f"  Codex plugin installs should use the repo marketplace so users can "
+            f"upgrade without rerunning npx skills add."
+        )
+    expected_codex_install = "codex plugin add waza@waza"
+    if expected_codex_install not in text:
+        fail(
+            "README CODEX PLUGIN COMMAND: README.md must include "
+            f"{expected_codex_install!r}\n"
+            f"  The Codex marketplace entry must document the plugin install selector."
+        )
     expected_pi = "pi install npm:@tw93/waza"
     if expected_pi not in text:
         fail(
@@ -668,8 +849,8 @@ def check_readme_install_command(root: Path):
                 f"without per-release README churn."
             )
     print(
-        "ok: README installs nested skills, Pi package, Antigravity, OpenCode, "
-        "and latest installer assets"
+        "ok: README installs nested skills, Codex plugin marketplace, Pi package, "
+        "Antigravity, OpenCode, and latest installer assets"
     )
 
 

package/scripts/statusline.sh

@@ -10,6 +10,7 @@ HIGHWATER_LOCK_DIR="$CACHE_DIR/highwater.lock"
 CACHE_MAX_AGE=21600  # 6 hours: one full rate_limit window
 HIGHWATER_LOCK_MAX_AGE=10
 HIGHWATER_RESET_SKEW_MAX=7200  # tolerate session jitter, reject crossed windows
+HIGHWATER_DROP_RESET_MIN=5  # fresh lower live values must drop by at least 5%
 
 input=$(cat)
 
@@ -20,6 +21,9 @@ jq_full='[
    + (.context_window.current_usage.cache_creation_input_tokens // 0)
    + (.context_window.current_usage.cache_read_input_tokens // 0) | tostring),
   (.context_window.context_window_size // 0 | tostring),
+  (.session_id // "null" | tostring),
+  (.cost.total_api_duration_ms // 0 | tonumber? // 0 | floor | tostring),
+  (.context_window.total_output_tokens // 0 | tonumber? // 0 | floor | tostring),
   (.rate_limits.five_hour.used_percentage // null | if . then (. | round | tostring) else "null" end),
   (.rate_limits.five_hour.resets_at // "" | tostring),
   (.rate_limits.seven_day.used_percentage // null | if . then (. | round | tostring) else "null" end),
@@ -33,6 +37,16 @@ jq_rl='[
   (.rate_limits.seven_day.resets_at // "" | tostring)
 ] | @tsv'
 
+jq_hw='[
+  (.five_hour.used_percentage // null | if . then (. | round | tostring) else "null" end),
+  (.five_hour.resets_at // "null" | tostring),
+  (.seven_day.used_percentage // null | if . then (. | round | tostring) else "null" end),
+  (.seven_day.resets_at // "null" | tostring),
+  (._last.session_id // "null" | tostring),
+  (._last.api_duration_ms // 0 | tonumber? // 0 | floor | tostring),
+  (._last.output_tokens // 0 | tonumber? // 0 | floor | tostring)
+] | @tsv'
+
 cache_file_mtime() {
   local path="$1"
   local ts=""
@@ -79,11 +93,40 @@ read_highwater() {
   hw_5h_reset=""
   hw_7d_pct=""
   hw_7d_reset=""
+  hw_last_session_id=""
+  hw_last_api_ms="0"
+  hw_last_output_tokens="0"
   [ -f "$HIGHWATER_FILE" ] || return
-  hw_5h_pct=$(jq -r 'if .five_hour.used_percentage == null then "" else (.five_hour.used_percentage | round | tostring) end' "$HIGHWATER_FILE" 2>/dev/null)
-  hw_5h_reset=$(jq -r 'if .five_hour.resets_at == null then "" else (.five_hour.resets_at | tostring) end' "$HIGHWATER_FILE" 2>/dev/null)
-  hw_7d_pct=$(jq -r 'if .seven_day.used_percentage == null then "" else (.seven_day.used_percentage | round | tostring) end' "$HIGHWATER_FILE" 2>/dev/null)
-  hw_7d_reset=$(jq -r 'if .seven_day.resets_at == null then "" else (.seven_day.resets_at | tostring) end' "$HIGHWATER_FILE" 2>/dev/null)
+  highwater_data=$(jq -r "$jq_hw" "$HIGHWATER_FILE" 2>/dev/null)
+  IFS="$tab" read -r hw_5h_pct hw_5h_reset hw_7d_pct hw_7d_reset hw_last_session_id hw_last_api_ms hw_last_output_tokens <<EOF
+$highwater_data
+EOF
+  [ "$hw_5h_pct" = "null" ] && hw_5h_pct=""
+  [ "$hw_5h_reset" = "null" ] && hw_5h_reset=""
+  [ "$hw_7d_pct" = "null" ] && hw_7d_pct=""
+  [ "$hw_7d_reset" = "null" ] && hw_7d_reset=""
+  [ "$hw_last_session_id" = "null" ] && hw_last_session_id=""
+  is_uint "$hw_last_api_ms" || hw_last_api_ms=0
+  is_uint "$hw_last_output_tokens" || hw_last_output_tokens=0
+}
+
+json_quote() {
+  printf '%s' "$1" | jq -Rs . 2>/dev/null
+}
+
+compute_fresh_activity() {
+  fresh_activity=0
+  [ "$live_rate_limits_present" = "1" ] || return
+  [ -n "$live_session_id" ] && [ "$live_session_id" != "null" ] || return
+  [ "$live_session_id" = "$hw_last_session_id" ] || return
+  is_uint "$live_api_ms" || live_api_ms=0
+  is_uint "$live_output_tokens" || live_output_tokens=0
+  is_uint "$hw_last_api_ms" || hw_last_api_ms=0
+  is_uint "$hw_last_output_tokens" || hw_last_output_tokens=0
+  if [ "$live_api_ms" -gt "$hw_last_api_ms" ] 2>/dev/null \
+    || [ "$live_output_tokens" -gt "$hw_last_output_tokens" ] 2>/dev/null; then
+    fresh_activity=1
+  fi
 }
 
 # apply_hw: compares live vs high-water marks for a single counter (5h or 7d).
@@ -132,28 +175,62 @@ apply_hw() {
     applied_hw_reset="$hw_reset"
     return
   fi
-  applied_pct="$live_pct"
-  applied_reset="$live_reset"
-  applied_hw_pct="$live_pct"
-  applied_hw_reset="$live_reset"
+  if [ "$hw_ok" = "0" ] || [ "$live_pct" -gt "$hw_pct" ] 2>/dev/null; then
+    applied_pct="$live_pct"
+    applied_reset="$live_reset"
+    applied_hw_pct="$live_pct"
+    applied_hw_reset="$live_reset"
+    return
+  fi
+  if [ "$fresh_activity" = "1" ] \
+    && is_uint "$live_reset" && is_uint "$hw_reset" \
+    && [ "$live_pct" -lt "$hw_pct" ] 2>/dev/null \
+    && [ $((hw_pct - live_pct)) -ge "$HIGHWATER_DROP_RESET_MIN" ] 2>/dev/null; then
+    applied_pct="$live_pct"
+    applied_reset="$live_reset"
+    applied_hw_pct="$live_pct"
+    applied_hw_reset="$live_reset"
+    return
+  fi
+
+  applied_pct="$hw_pct"
+  applied_reset="${live_reset:-$hw_reset}"
+  applied_hw_pct="$hw_pct"
+  applied_hw_reset="$hw_reset"
 }
 
 write_highwater() {
   is_uint "$new_hw_5h_pct" || is_uint "$new_hw_7d_pct" || return
   mkdir -p "$CACHE_DIR" 2>/dev/null || return
   local r5="${new_hw_5h_reset:-0}" r7="${new_hw_7d_reset:-0}"
+  local wrote=0 sid_json
   is_uint "$r5" || r5=0
   is_uint "$r7" || r7=0
   if ! {
     {
       printf '{\n'
+      if [ "$live_rate_limits_present" = "1" ] \
+        && [ -n "$live_session_id" ] && [ "$live_session_id" != "null" ]; then
+        sid_json=$(json_quote "$live_session_id")
+        printf '  "_last": {"session_id": %s, "api_duration_ms": %s, "output_tokens": %s}' \
+          "${sid_json:-\"\"}" "${live_api_ms:-0}" "${live_output_tokens:-0}"
+        wrote=1
+      elif [ -n "$hw_last_session_id" ]; then
+        sid_json=$(json_quote "$hw_last_session_id")
+        printf '  "_last": {"session_id": %s, "api_duration_ms": %s, "output_tokens": %s}' \
+          "${sid_json:-\"\"}" "${hw_last_api_ms:-0}" "${hw_last_output_tokens:-0}"
+        wrote=1
+      fi
       if is_uint "$new_hw_5h_pct"; then
+        [ "$wrote" = "1" ] && printf ',\n'
         printf '  "five_hour": {"used_percentage": %s, "resets_at": %s}' "$new_hw_5h_pct" "$r5"
-        is_uint "$new_hw_7d_pct" && printf ','
-        printf '\n'
+        wrote=1
       fi
       if is_uint "$new_hw_7d_pct"; then
+        [ "$wrote" = "1" ] && printf ',\n'
         printf '  "seven_day": {"used_percentage": %s, "resets_at": %s}\n' "$new_hw_7d_pct" "$r7"
+      else
+        printf '\n'
       fi
       printf '}\n'
     } > "${HIGHWATER_FILE}.tmp" 2>/dev/null \
@@ -165,6 +242,7 @@ write_highwater() {
 
 apply_highwater_all() {
   read_highwater
+  compute_fresh_activity
 
   apply_hw "$five_pct" "$five_reset" "$hw_5h_pct" "$hw_5h_reset"
   five_pct="$applied_pct"
@@ -183,14 +261,23 @@ apply_highwater_all() {
 parsed=""
 [ -n "$input" ] && parsed=$(printf '%s' "$input" | jq -r "$jq_full" 2>/dev/null)
 
-IFS="$tab" read -r used_tokens window_size live_five_pct live_five_reset live_seven_pct live_seven_reset <<EOF
+IFS="$tab" read -r used_tokens window_size live_session_id live_api_ms live_output_tokens live_five_pct live_five_reset live_seven_pct live_seven_reset <<EOF
 $parsed
 EOF
 
+live_session_id="${live_session_id:-}"
+[ "$live_session_id" = "null" ] && live_session_id=""
+live_api_ms="${live_api_ms:-0}"
+live_output_tokens="${live_output_tokens:-0}"
 five_pct="${live_five_pct:-}"
 five_reset="${live_five_reset:-}"
 seven_pct="${live_seven_pct:-}"
 seven_reset="${live_seven_reset:-}"
+live_rate_limits_present=0
+if { [ "$five_pct" != "null" ] && [ -n "$five_pct" ]; } \
+  || { [ "$seven_pct" != "null" ] && [ -n "$seven_pct" ]; }; then
+  live_rate_limits_present=1
+fi
 
 # If rate_limits missing from live input, read from cache
 if [ "$five_pct" = "null" ] || [ -z "$five_pct" ]; then

package/skills/check/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: check
-description: "Reviews code diffs, PRs, issue queues, release readiness, commits, pushes, publishing, and project audits. Use when users ask review/看看代码/合并前/看看issue/PR/release/push or to implement an approved plan, with safety gates for dirty and untracked worktrees. Not for exploring ideas, debugging root causes, or prose review."
+description: "Reviews code diffs, PRs, issue queues, release readiness, commits, pushes, publishing, and project audits. Use when users ask in any language for code review, issue or PR triage, release gates, publishing follow-through, or project audits. Not for debugging root causes or prose review."
 when_to_use: "review, 看看代码, 检查一下, 有没有问题, 是否需要优化, 合并前, 继续优化, 优化代码, 看看issue, 看看PR, release, publish, push, release reaction, GitHub reaction, 发布, 提交, 关闭issue, 发布表情, release表情, close issue, issue close, review my code, check changes, before merge, before release, code review, code-review, audit, project audit, 项目体检, 项目评分, 给项目打分, 深入分析项目代码, 评估项目质量, 代码质量评分, scorecard, linus review, rate this codebase, score this project"
 dispatch_intent: "Code review, before merge, release gates, generated artifacts, safety sinks, publish/push/reaction follow-through, triage issues/PRs, project-wide code-quality audit scorecard"
 ---
@@ -9,6 +9,8 @@ dispatch_intent: "Code review, before merge, release gates, generated artifacts,
 
 Prefix your first line with 🥷 inline, not as its own paragraph.
 
+**Update check (non-blocking).** Before starting, run `bash ../../scripts/check-update.sh` once; if it prints a line, relay it to the user, then continue. It runs at most once a day, only reads a public version file, sends no data, and fails silently.
+
 > Note: `/review` is a built-in Anthropic plugin command for PR review. Waza uses `/check` (or the alias `code-review`) instead. Do not re-trigger `/review` from within this skill.
 
 Read the diff, find the problems, fix what can be fixed safely, ask about the rest. Done means verification ran in this session and passed.
@@ -106,7 +108,7 @@ Activate when the user mentions: issue, PR, "review all", triage, "batch", or "
 
 **Status answer order:** For "都解决了吗", "is this fixed", "is this ready", or similar status checks, answer in this order: code or commit state, branch or CI state, release artifact or registry state, then public issue or PR state. Do not collapse fixed-on-main, available in pre-release, next stable release, and already shipped.
 
-**Flow:** First identify the project's issue/PR host from public context. For GitHub projects, pull open items with `gh issue list -R <repo> --state open --limit 20` and `gh pr list -R <repo> --state open`. For non-GitHub projects, use the platform CLI/API named by the project docs or user request; if none exists, stop and report the missing integration instead of pretending GitHub commands apply. For each item, check if a fix already shipped: `git log --oneline <latest-tag>..HEAD | grep -i "<keyword>"`. If shipped: close with note. If merged but unreleased: reply "已修复，等下一个版本 release" and close. If no fix: analyze and act. Fix now if possible (`fix: closes #N` commit); when the target project documents a nightly, beta, or pre-release channel that already contains the fix, reply with that exact upgrade path and close; for valid-but-unreleased items acknowledge and leave open; for invalid items give one-two sentence reason and close.
+**Flow:** First identify the project's issue/PR host from public context. For GitHub projects, pull open items with `gh issue list -R <repo> --state open --limit 20` and `gh pr list -R <repo> --state open`. For non-GitHub projects, use the platform CLI/API named by the project docs or user request; if none exists, stop and report the missing integration instead of pretending GitHub commands apply. For each item, check current state with the project's release boundary: latest public release, main branch, preview/nightly/beta channel, registry/appcast, and target issue/PR status. If the fix is already in the current public release or documented pre-release channel, close with that exact upgrade path. If fixed on `main` but unreleased, reply "已修复，等下一个版本 release" and close only when project convention or the current user request allows fixed-on-main closure; otherwise leave it open with the next-release note. If no fix exists, analyze and act. Fix now if possible (`fix: closes #N` commit); for valid-but-unreleased items acknowledge and leave open; for invalid items give one-two sentence reason and close.
 
 Before final conclusions in a live queue, refresh the issue/PR list once more and re-read any item that changed during the run. If evidence is incomplete, hold the item instead of closing it on a guess.
 
@@ -141,7 +143,8 @@ This mode extends review; it does not skip review. Before any public or irrevers
 1. Extract release rules from public project context: README, manifests, CI workflows, release notes, package scripts, changelogs, and explicit user instructions in the current thread.
 2. Fill the Release Gate 2.0 matrix from `references/project-context.md`: review base, dirty/staged/untracked state, latest tag, origin sync, version fields, generated artifacts, package/archive contents, release assets, registry/appcast/CI, and public issue/PR state.
 3. Verify generated or bundled outputs, version fields, release notes, package contents, and required artifacts are in sync. Prefer dry-run commands when the ecosystem provides them.
-   Generated deliverables include tracked archives, ignored dist files, appcasts, site/download copy, registry packages, checksums, and release assets. If project docs require them, regenerate, inspect, and stage or upload them explicitly even when they are ignored by git; do not infer readiness from source-only tests.
+   Generated deliverables include tracked archives, ignored dist files, appcasts, site/download copy, registry packages, checksums, and release assets. If project docs require them, regenerate, inspect, and stage or upload them explicitly even when they are ignored by git; do not infer readiness from source-only tests. For remote assets, prefer downloading or reading back the published artifact and comparing entries, checksums, or manifest contents; release page text, file size, or workflow success alone is not artifact proof.
+   If the project has preview, beta, nightly, stable, or App Store lanes, name the lane explicitly. Do not use a preview or beta artifact to claim stable release readiness, and do not touch stable appcast, registry, or download surfaces when the requested lane is preview-only unless project docs require it.
 4. Commit only intended files. Preserve unrelated dirty work, serialize git operations so index locks or overlapping adds do not corrupt the workflow, and re-check HEAD/status before pushing so concurrent agent or maintainer commits are not swept into your ship action.
 5. Push, publish, tag, or create a release only when the user has explicitly approved that action. If auth, OTP, CI, registry, or network state blocks the operation, pause and report the exact blocker.
 6. For issue/PR follow-through, confirm the item identity with the host's read command before posting. On GitHub, use `gh issue view` or `gh pr view`; on other hosts, use the CLI/API named by project docs or the current request. Use `references/public-reply.md` for the maintainer reply template (mention, single thanks, facts, explicit next release or verification step) and its closure criteria.
@@ -229,6 +232,8 @@ Measure the diff and classify depth:
 
 State the depth before proceeding.
 
+Static content diffs can stay quick even when they touch several generated files: version strings, dates, release-copy mirrors, sitemap dates, or one-for-one localization copy changes usually need line-by-line readback plus grep consistency, not a specialist fleet. Escalate only when the diff changes logic, generation rules, public distribution behavior, or user-facing semantics beyond the literal text replacement.
+
 ## Did We Build What Was Asked?
 
 Before reading code, check scope drift: do the diff and the stated goal match? Label: **on target** / **drift** / **incomplete**.
@@ -259,6 +264,16 @@ Check command contract and installed-runtime behavior, not just library tests: h
 
 For mutating CLI commands, also run the Safety Sink Review: dry-run or confirmation path, operation log or rollback story, retry/idempotency, signal/partial-failure handling, and test-mode guards for auth prompts or real system changes. For cleanup, uninstall, prune, reset, or cache-removal commands, add two checks before approval: can a normal user verify each selected item is safe, and is the deleted content locally rebuildable rather than a downloaded dependency or user data? If either answer is no, require narrower matching, explicit user selection, or leave the item visible but non-destructive.
 
+## Skill, Plugin, And Packaged Install Surface
+
+When a diff touches a skill, plugin, marketplace entry, installer, package allowlist, package manifest, generated mirror, or published archive, verify the installed runtime contract, not just the source tree:
+
+1. Identify the install path a real user will get: package manager, release archive, marketplace entry, plugin source path, or installer script default ref.
+2. Build or regenerate the package exactly as project docs require, then inspect the archive or generated mirror for every new script, reference, template, rule, manifest, and executable bit.
+3. Run an isolated install smoke when the surface is installable: fresh temp home/config/cache, add the marketplace or package, install the skill or plugin, list it, and invoke the smallest command or entrypoint that proves scripts and references resolve from the installed path.
+4. Filter generated mirrors and archives for cache/noise files such as `__pycache__`, `*.pyc`, `.pytest_cache`, `.ruff_cache`, `.mypy_cache`, `.DS_Store`, local logs, and screenshots unless the project explicitly ships them.
+5. If network, auth, or host tooling prevents the install smoke, state the missing layer as a blocker or gap. Do not replace installed-runtime proof with manifest JSON, source tests, or a successful local import.
+
 ## Hard Stops (fix before merging)
 
 Examples, not exhaustive -- flag any diff that could cause irreversible harm if merged unreviewed.
@@ -271,6 +286,7 @@ Examples, not exhaustive -- flag any diff that could cause irreversible harm if
 - **Generated artifact drift**: if source changes require generated or bundled outputs, verify the output was regenerated and included.
 - **Verifier failure layer unclear**: if a verifier fails before assertions or due to missing optional dependencies, bootstrap noise, transient build-service crashes, unavailable simulators, or tool setup, classify setup versus product failure. Retry only with new evidence or a narrower environment. Do not call the repo broken until the intended test body or artifact check actually ran.
 - **Tracked package omissions**: if a package script builds from tracked files, allowlists, or generated manifests, verify every new helper module, reference file, template, or script used by the diff is tracked and present in the built archive before sign-off.
+- **Manifest-only install proof**: if a diff changes a skill, plugin, installer, marketplace entry, package wrapper, or installable archive, metadata and source tests are not enough. Build or install through the real user path in an isolated environment, or mark the install/runtime layer unverified.
 - **Version skew**: release version fields across manifests, package metadata, app configs, changelogs, tags, or lockfiles must stay synchronized.
 - **Unknown identifiers in diff**: any function, variable, or type introduced in the diff that does not exist in the codebase is a hard stop. Grep before writing or approving any reference: `grep -r "name" .` -- no results outside the diff = does not exist.
 - **Dead-code or YAGNI deletion without proof**: any "zero callers" or "unused" claim must be checked across the whole repository, including top-level entrypoints, docs, tests, generated dispatch tables, scripts, CI, and dynamic lookup patterns. Treat sub-agent or tool reports as leads, not proof. Before deleting, batch-grep all candidates, classify test-only references separately from production references, and chase written variables or data tables that may become orphaned together. If the grep scope is partial, do not delete.

package/skills/check/references/project-context.md

@@ -21,11 +21,14 @@ Use this template to compress repository context before running Waza `/check`. T
 - Generated or bundled artifacts that must stay in sync with source changes.
 - Packaging source of truth: whether archives are built from `git ls-files`, explicit allowlists, generated manifests, or source directories.
 - Delivery surfaces: whether generated outputs are tracked, ignored, external release assets, registry uploads, appcasts, installer metadata, checksums, or site/download copy; how they are regenerated, inspected, staged, or uploaded.
+- Distribution lanes: preview, beta, nightly, stable, App Store, or registry channels, and which generated artifacts belong to each lane.
 - CLI command surfaces: entrypoints, subcommands, flags, help/version behavior, exit codes, stdout/stderr contract, TTY and non-interactive paths, config/env precedence, and installed-runtime checks.
 - Runtime dependencies introduced by the diff: Python packages, CLIs, network services, package managers, or platform tools that are not already declared in CI/docs.
+- Skill, plugin, marketplace, or package install surfaces: installer default ref, marketplace source path, generated mirror, package allowlist, archive root, executable bits, and the installed-runtime smoke command.
 - Domain-specific safety rules.
 - Release artifacts that must exist.
 - GitHub release reactions or other public release follow-through expected by the project.
+- Release-asset verification method: download, archive entry comparison, checksum manifest, package metadata readback, appcast readback, or registry query.
 - Public issue or PR reply conventions.
 - Known CI or test flakes documented by the project and how to distinguish them from real failures.
 - Release, publish, push, or issue-closure prerequisites documented by the project.
@@ -56,6 +59,14 @@ Use this template to compress repository context before running Waza `/check`. T
 - Install/run proof: built package, temp prefix, PATH shim, shebang/executable bit, or package-manager path checked with `<command>`.
 - Mutating commands: dry-run/confirmation, operation log, rollback/retry behavior, signal/partial-failure handling.
 
+## Skill Or Plugin Install Surface
+
+- User install path: `<package manager / release archive / marketplace entry / plugin id / installer script>`.
+- Source path and generated mirror: `<source dir>` -> `<installed dir>`.
+- Package/archive inclusion: new scripts, references, templates, rules, manifests, and executable bits checked with `<command>`.
+- Isolated install smoke: fresh temp home/config/cache plus `<install command>` and `<list or invoke command>`.
+- Noise filtering: cache files, local logs, screenshots, and temp outputs excluded or intentionally shipped.
+
 ## Project Hard Stops
 
 - Do not modify `<protected path>` unless explicitly requested.
@@ -78,7 +89,9 @@ See `public-reply.md` for the full reply template (language match, `@user` + tha
 
 - Version fields to check: `<manifest>`, `<app config>`, `<lockfile>`.
 - Generated artifacts to check: `<artifact>` from `<source>`.
+- Distribution lane: `<preview/beta/nightly/stable/etc.>` and which public surfaces it is allowed to touch.
 - Dry-run command before publishing: `<command>`.
+- Remote asset proof: `<download/readback command>` that checks content, manifest, digest, appcast, or registry state.
 - GitHub release reactions to add after asset verification: `<+1/laugh/heart/hooray/rocket/eyes or none>`.
 - Public state to re-read after publishing or closing: `<registry/release/issue URL or command>`.
 ```
@@ -95,10 +108,12 @@ Fill this before claiming a change is release-ready. Use "n/a" only when the pro
 | Worktree state | Dirty, staged, and untracked files accounted for |
 | Remote state | `origin/main` or release branch sync checked |
 | Version fields | Manifest, app config, changelog, appcast, and lockfile versions aligned |
+| Distribution lane | Preview, beta, nightly, stable, registry, or app-store lane named, with unrelated lanes left untouched |
 | Runtime dependencies | Newly introduced Python packages, CLIs, package managers, and network tools declared and available in CI |
 | Generated artifacts | Tracked archives, ignored dist outputs, bundled/minified files, appcasts, installer metadata, checksums, and site/download copy regenerated or proven not needed |
 | Package/archive contents | Built package inspected for required files, newly introduced helpers/references, and missing extras |
-| Release assets | GitHub release, appcast, download archive, checksum, or installer assets verified |
+| Installed runtime | Package, skill, plugin, CLI, or marketplace install exercised from a clean environment when the diff changes installable surfaces |
+| Release assets | GitHub release, appcast, download archive, checksum, or installer assets downloaded or read back and verified beyond page text or file size |
 | Registry/appcast | npm/crates/Homebrew/appcast/App Store or equivalent state re-read after publish |
 | CI status | Latest required checks passed or blocker named |
 | Issue/PR state | Target issue or PR re-read before commenting, closing, merging, or saying shipped |

package/skills/check/references/public-reply.md

@@ -6,8 +6,9 @@ Reusable by both Triage Mode and Ship / Release Follow-through. Default to this
 2. **Language:** Match the **opener's** language when it is Chinese or English. If the opener used Japanese or Korean, use English for the maintainer reply unless project docs override.
 3. Open with `@<login>` and **at most one** short thanks (`感谢反馈`, `thank you for the report`, etc.). Do **not** add closing thanks stacks (`再次感谢`, `Thanks again`, long courtesy endings).
 4. One or two short paragraphs: factual reason, what shipped or what is blocked, no ceremony.
-5. Always give a **next step tied to releases or verification**: next App Store or GitHub release, nightly upgrade command, cache path to clear once, or exactly what info is still needed.
-6. Prefer **editing** an existing maintainer comment (`PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}`) when updating wording; avoid delete plus repost unless the old text must disappear from history.
+5. Name the exact boundary: already released, fixed on `main` but unreleased, available in nightly/beta/preview, next release, not planned, duplicate, or still needs evidence. Do not write "shipped", "released", or "verified" unless that state was checked in the current turn.
+6. Always give a **next step tied to releases or verification**: next App Store or GitHub release, nightly upgrade command, cache path to clear once, or exactly what info is still needed.
+7. Prefer **editing** an existing maintainer comment (`PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}`) when updating wording; avoid delete plus repost unless the old text must disappear from history.
 
 ## When closing
 

package/skills/design/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: design
-description: "Produces distinctive, production-grade UI for pages, components, visual interfaces, typography, and screenshot-driven polish. Use when users ask 设计/做页面/做组件/UI/前端/截图 or say a screen is ugly, unclear, inconsistent, or visually wrong. Not for backend logic or data pipelines."
+description: "Produces distinctive, production-grade UI for pages, components, visual interfaces, typography, and screenshot-driven polish. Use when users ask in any language for UI, page, component, frontend, typography, screenshot-grounded visual polish, or complaints that a screen looks unclear, ugly, inconsistent, or visually wrong. Not for backend logic or data pipelines."
 when_to_use: "设计, 做页面, 做组件, 不好看, 不和谐, 不清晰, 很丑, 很怪, 很傻, 突兀, 不协调, 字体, 字形, 排印, 排版, 样式, 前端, UI, 截图, build page, create component, make it look good, style, design, screenshot with visual complaint, typography, font looks wrong"
 dispatch_intent: "UI, component, page, visual interface, frontend, artifact-grounded screenshot aesthetic complaint"
 ---
@@ -9,6 +9,8 @@ dispatch_intent: "UI, component, page, visual interface, frontend, artifact-grou
 
 Prefix your first line with 🥷 inline, not as its own paragraph.
 
+**Update check (non-blocking).** Before starting, run `bash ../../scripts/check-update.sh` once; if it prints a line, relay it to the user, then continue. It runs at most once a day, only reads a public version file, sends no data, and fails silently.
+
 If it could have been generated by a default prompt, it is not good enough.
 
 ## Outcome Contract
@@ -73,6 +75,8 @@ Activate when the user sends a screenshot or image alongside a complaint ("这
 - Do not flatten specific taste feedback into generic UI adjectives. "More premium" is not a diagnosis; "caption baseline drifts above the Chinese line" is.
 - If the screenshot exposes a regression, broken render, timing issue, or generated asset defect rather than taste, route to `/hunt` and preserve the visual evidence.
 
+**Native screenshot handoff.** For native apps, once you have proven the app builds, runs, and can reach the target view, do not spend repeated cycles fighting focus, window ordering, or coordinate-click automation just to capture final visual proof. Make one bounded automation attempt. If it is flaky, name the exact screen and ask the user for the screenshot to iterate against. This is a visual QA boundary, not a substitute for build/run verification.
+
 **Boundary**: if the fix requires changing 3 or more components, or if it reveals a direction problem rather than a specific bug, pause and run the full direction lock before continuing.
 
 **Redesign priority order** (when reworking an existing UI rather than building from scratch): font replacement → color cleanup → hover/active states → layout and whitespace → replace generic components → add loading/empty/error states → typographic polish. This order maximizes visual lift while minimizing the blast radius of each pass. Full rules in `references/design-reference.md`. Common traps and absolute CSS bans: `references/design-traps.md`.

package/skills/health/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: health
-description: "Runs a budget-aware agent-assisted engineering health audit for instruction/config drift, hooks/MCP, verifier surfaces, and AI maintainability. Use when users ask 检查claude/检查codex/检查pi/配置检查/健康度 or report agents ignoring instructions, missing validation, or code becoming hard to maintain. Not for debugging code or reviewing PRs."
+description: "Runs a budget-aware agent-assisted engineering health audit for instruction/config drift, hooks/MCP, verifier surfaces, and AI maintainability. Use when users ask in any language to audit Claude, Codex, Pi, agent instructions, MCP or hooks, verifier coverage, or AI-maintainability drift. Not for debugging application code or reviewing PRs."
 when_to_use: "检查claude, 检查codex, 检查pi, Codex 配置, Pi 配置, AGENTS.md, config.toml, agent instructions, 健康度, 配置检查, 配置对不对, AI coding 腐化, 代码变烂, 维护性, 上下文混乱, 验证缺失, 验证命令失真, Claude ignoring instructions, Pi coding agent, check config, settings not working, audit config"
 dispatch_intent: "Codex/Claude/Pi ignoring instructions, agent config audit, hooks/MCP broken, health token usage, AI coding code rot, hotspot ownership, unclear context, missing verification, stale verifier output"
 ---
@@ -9,6 +9,8 @@ dispatch_intent: "Codex/Claude/Pi ignoring instructions, agent config audit, hoo
 
 Prefix your first line with 🥷 inline, not as its own paragraph.
 
+**Update check (non-blocking).** Before starting, run `bash ../../scripts/check-update.sh` once; if it prints a line, relay it to the user, then continue. It runs at most once a day, only reads a public version file, sends no data, and fails silently.
+
 Audit the current project's agent setup and AI coding maintainability against this framework:
 `agent config → instruction surfaces → tools/runtime → verifiers → maintainability`