agent-control-plane 0.1.14 → 0.2.0

package/tools/bin/agent-project-run-openclaw-session

@@ -115,6 +115,7 @@ result_file="${artifact_dir}/result.env"
 runner_state_file="${artifact_dir}/runner.env"
 sandbox_artifact_dir="${worktree%/}/${sandbox_subdir}"
 sandbox_run_dir="${worktree%/}/${sandbox_subdir}/${session}"
+retained_repo_root="${ACP_RETAINED_REPO_ROOT:-${F_LOSNING_RETAINED_REPO_ROOT:-}}"
 started_at="$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
 openclaw_bin="$(command -v openclaw)"
 default_openclaw_agent_id="$(
@@ -154,6 +155,7 @@ printf -v runner_state_q '%q' "$runner_state_file"
 printf -v branch_q '%q' "$branch_name"
 printf -v sandbox_artifact_dir_q '%q' "$sandbox_artifact_dir"
 printf -v sandbox_run_dir_q '%q' "$sandbox_run_dir"
+printf -v retained_repo_root_q '%q' "$retained_repo_root"
 printf -v adapter_id_q '%q' "$adapter_id"
 printf -v started_at_q '%q' "$started_at"
 printf -v openclaw_bin_q '%q' "$openclaw_bin"
@@ -230,18 +232,21 @@ export AGENT_PROJECT_RUN_DIR=${sandbox_run_dir_q}
 export AGENT_PROJECT_HOST_RUN_DIR=${artifact_dir_q}
 export AGENT_PROJECT_RESULT_FILE=${sandbox_run_dir_q}/result.env
 export AGENT_PROJECT_OPENCLAW_BIN=${openclaw_bin_q}
+export AGENT_PROJECT_RETAINED_REPO_ROOT=${retained_repo_root_q}
 export ACP_SESSION=${session_q}
 export ACP_RUN_DIR=${sandbox_run_dir_q}
 export ACP_HOST_RUN_DIR=${artifact_dir_q}
 export ACP_RESULT_FILE=${sandbox_run_dir_q}/result.env
 export ACP_OPENCLAW_BIN=${openclaw_bin_q}
 export ACP_OPENCLAW_SESSION_ID=${openclaw_session_id_q}
+export ACP_RETAINED_REPO_ROOT=${retained_repo_root_q}
 export F_LOSNING_SESSION=${session_q}
 export F_LOSNING_RUN_DIR=${sandbox_run_dir_q}
 export F_LOSNING_HOST_RUN_DIR=${artifact_dir_q}
 export F_LOSNING_RESULT_FILE=${sandbox_run_dir_q}/result.env
 export F_LOSNING_OPENCLAW_BIN=${openclaw_bin_q}
 export F_LOSNING_OPENCLAW_SESSION_ID=${openclaw_session_id_q}
+export F_LOSNING_RETAINED_REPO_ROOT=${retained_repo_root_q}
 export OPENCLAW_STATE_DIR=${openclaw_state_dir_q}
 export OPENCLAW_CONFIG_PATH=${openclaw_config_path_q}
 EOF
@@ -294,6 +299,7 @@ runner_state_file=${runner_state_q}
 output_file=${output_q}
 sandbox_artifact_dir=${sandbox_artifact_dir_q}
 sandbox_run_dir=${sandbox_run_dir_q}
+retained_repo_root=${retained_repo_root_q}
 artifact_dir=${artifact_dir_q}
 run_dir=${artifact_dir_q}
 task_kind=${task_kind_q}
@@ -554,6 +560,45 @@ recover_literal_runtime_artifacts() {
   return 0
 }
 
+recover_retained_repo_artifact_leaks() {
+  local retained_worktree_root=""
+  local leaked_run_dir=""
+  local worktree_name=""
+  local session_name=""
+  local artifact_name=""
+  local recovered="no"
+
+  [[ -n "\${retained_repo_root}" ]] || return 0
+  worktree_name="\$(basename "\${worktree}")"
+  session_name="\${AGENT_PROJECT_SESSION:-}"
+  [[ -n "\${session_name}" ]] || return 0
+  retained_worktree_root="\${retained_repo_root%/}/worktrees"
+  leaked_run_dir="\${retained_worktree_root}/\${worktree_name}/.openclaw-artifacts/\${session_name}"
+
+  if [[ ! -d "\${leaked_run_dir}" || "\${leaked_run_dir}" == "\${sandbox_run_dir}" ]]; then
+    return 0
+  fi
+
+  for artifact_name in result.env verification.jsonl issue-comment.md pr-comment.md; do
+    if [[ -f "\${leaked_run_dir}/\${artifact_name}" ]]; then
+      cp "\${leaked_run_dir}/\${artifact_name}" "\${sandbox_run_dir}/\${artifact_name}" 2>/dev/null || true
+      cp "\${leaked_run_dir}/\${artifact_name}" "\${artifact_dir}/\${artifact_name}" 2>/dev/null || true
+      recovered="yes"
+    fi
+  done
+
+  rm -rf "\${leaked_run_dir}" 2>/dev/null || true
+  rmdir "\${retained_worktree_root}/\${worktree_name}/.openclaw-artifacts" 2>/dev/null || true
+  rmdir "\${retained_worktree_root}/\${worktree_name}" 2>/dev/null || true
+  rmdir "\${retained_worktree_root}" 2>/dev/null || true
+
+  if [[ "\${recovered}" == "yes" ]]; then
+    printf '[openclaw] recovered retained-repo artifact leak: %s\n' "\${leaked_run_dir}" >>"\${output_file}" 2>/dev/null || true
+  fi
+
+  return 0
+}
+
 reset_sandbox_run_dir() {
   mkdir -p "\${sandbox_run_dir}"
   find "\${sandbox_run_dir}" -mindepth 1 -maxdepth 1 -exec rm -rf {} + 2>/dev/null || true
@@ -640,14 +685,16 @@ for key in ("OUTCOME", "ACTION", "DETAIL", "ISSUE_ID"):
 PY
   }
 
-  # If sandbox result.env exists with implemented, validate it has verification
+  # If sandbox result.env already exists, trust the agent's contract.
+  # When the agent wrote OUTCOME=implemented but verification.jsonl is missing,
+  # keep the contract intact — the host reconcile will attempt verification
+  # recovery (extract_issue_host_recovery_commands) before publish, and that
+  # path can block if recovery also fails.  Overriding to blocked here would
+  # skip reconcile's host-side recovery entirely and always produce a false
+  # block when the tool sandbox didn't inherit env vars for record-verification.
   if [[ -f "\${result_file_path}" ]]; then
-    if grep -q 'OUTCOME=implemented' "\${result_file_path}" 2>/dev/null; then
-      if [[ ! -f "\${verification_file}" ]]; then
-        write_result 'OUTCOME=blocked\nACTION=host-comment-blocker\n'
-        printf '[infer] BLOCKED: agent wrote OUTCOME=implemented but verification.jsonl is missing\n' >> "\${output_file}" 2>/dev/null || true
-        return 0
-      fi
+    if grep -q 'OUTCOME=implemented' "\${result_file_path}" 2>/dev/null && [[ ! -f "\${verification_file}" ]]; then
+      printf '[infer] WARN: agent wrote OUTCOME=implemented but verification.jsonl is missing — deferring to host reconcile recovery\n' >> "\${output_file}" 2>/dev/null || true
     fi
     return 0
   fi
@@ -663,15 +710,15 @@ PY
     return 0
   fi
 
-  # Check if there are actual code changes (not just artifact files)
+  # Check if there are actual code changes (not just artifact files or docs)
   local has_product_changes="no"
-  if git -C ${worktree_q} diff --name-only HEAD 2>/dev/null | grep -qvE '\.openclaw-artifacts/|\.md$' 2>/dev/null; then
+  if git -C ${worktree_q} diff --name-only HEAD 2>/dev/null | grep -qvE '\.openclaw-artifacts/|\.openclaw/|\.agent-session\.env$|\.md$' 2>/dev/null; then
     has_product_changes="yes"
   fi
-  if git -C ${worktree_q} diff --cached --name-only 2>/dev/null | grep -qvE '\.openclaw-artifacts/|\.md$' 2>/dev/null; then
+  if git -C ${worktree_q} diff --cached --name-only 2>/dev/null | grep -qvE '\.openclaw-artifacts/|\.openclaw/|\.agent-session\.env$|\.md$' 2>/dev/null; then
     has_product_changes="yes"
   fi
-  if git -C ${worktree_q} log --oneline origin/main..HEAD 2>/dev/null | grep -q . 2>/dev/null; then
+  if git -C ${worktree_q} diff --name-only origin/main..HEAD 2>/dev/null | grep -qvE '\.openclaw-artifacts/|\.openclaw/|\.agent-session\.env$|\.md$' 2>/dev/null; then
     has_product_changes="yes"
   fi
 
@@ -681,32 +728,32 @@ PY
     return 0
   fi
 
-  # If there are product changes but NO verification.jsonl, this is BLOCKED
-  # The worker skipped verification — do not allow publish
-  if [[ "\${has_product_changes}" == "yes" && ! -f "\${verification_file}" ]]; then
-    write_result 'OUTCOME=blocked\nACTION=host-comment-blocker\n'
+  # If there are product changes AND verification.jsonl exists with pass entries, allow implemented
+  if [[ "\${has_product_changes}" == "yes" && -f "\${verification_file}" ]] && grep -q '"status":"pass"' "\${verification_file}" 2>/dev/null; then
+    write_result 'OUTCOME=implemented\nACTION=host-publish-issue-pr\n'
     return 0
   fi
 
-  # If there are product changes AND verification.jsonl exists with entries, allow implemented
-  if [[ "\${has_product_changes}" == "yes" && -f "\${verification_file}" ]] && grep -q '"status":"pass"' "\${verification_file}" 2>/dev/null; then
+  # If there are product changes but NO verification.jsonl, still mark as
+  # implemented and let the host reconcile attempt verification recovery.
+  # Blocking here would prevent host-side recovery from ever running.
+  if [[ "\${has_product_changes}" == "yes" && ! -f "\${verification_file}" ]]; then
+    printf '[infer] product changes detected without verification.jsonl — marking implemented for host recovery\n' >> "\${output_file}" 2>/dev/null || true
     write_result 'OUTCOME=implemented\nACTION=host-publish-issue-pr\n'
     return 0
   fi
 
-  # If output explicitly says blocked, trust that
-  if grep -Eiq 'blocked|cannot proceed|unable to complete|not possible|missing spec' "\${output_file}" 2>/dev/null; then
+  # If output explicitly indicates the agent decided it is blocked.
+  # Use narrow patterns to avoid false positives from prompt context echoed in logs
+  # (e.g. "Prior Blocker Context" sections or issue comments mentioning "blocked").
+  if grep -Eiq '^(OUTCOME=blocked|I am blocked|This issue is blocked|Cannot proceed with implementation|Unable to complete the task)' "\${output_file}" 2>/dev/null; then
     write_result 'OUTCOME=blocked\nACTION=host-comment-blocker\n'
     return 0
   fi
 
-  # If output suggests implemented but we couldn't verify, still block
+  # If output suggests implemented, mark as implemented and let reconcile verify
   if grep -Eiq 'created PR|opened PR|PR #|pull request|implemented' "\${output_file}" 2>/dev/null; then
-    if [[ -f "\${verification_file}" ]]; then
-      write_result 'OUTCOME=implemented\nACTION=host-publish-issue-pr\n'
-    else
-      write_result 'OUTCOME=blocked\nACTION=host-comment-blocker\n'
-    fi
+    write_result 'OUTCOME=implemented\nACTION=host-publish-issue-pr\n'
     return 0
   fi
 
@@ -1217,6 +1264,7 @@ while true; do
   break
 done
 recover_literal_runtime_artifacts
+recover_retained_repo_artifact_leaks
 infer_result_from_output
 synthesize_comment_artifact_from_output
 if [[ "\${status}" -eq 0 ]]; then

package/tools/bin/agent-project-run-opencode-session

@@ -4,24 +4,364 @@ set -euo pipefail
 usage() {
   cat <<'EOF'
 Usage:
-  agent-project-run-opencode-session [shared session-wrapper options]
+  agent-project-run-opencode-session --mode safe|bypass --session <id> --worktree <path> --prompt-file <path> --runs-root <path> --adapter-id <id> --task-kind <kind> --task-id <id> [options]
 
-Placeholder adapter for the roadmap. The public package ships this command so
-ACP can expose and test worker routing for `opencode`, but live session
-execution is not implemented yet.
+Launch a Crush (formerly OpenCode) worker session inside tmux for a project
+adapter and persist the standard run artifacts.
 
-Use `codex`, `claude`, or `openclaw` for real runs today. See ROADMAP.md for
-current backend maturity.
+Crush is the Go-based coding agent by Charm (charmbracelet/crush).
+It executes via `crush run` in non-interactive mode.
+
+Options:
+  --env-prefix <prefix>             Export prefixed runtime/context env vars inside the worker
+  --context <KEY=VALUE>             Extra metadata written to run.env and exported to the worker
+  --collect-file <name>             Copy sandbox artifact file into the host run dir after execution
+  --reconcile-command <cmd>         Host-side command queued after the worker exits
+  --sandbox-subdir <name>           Subdir under the worktree for worker artifacts (default: .opencode-artifacts)
+  --opencode-model <id>             Model in provider/name format (default: anthropic/claude-sonnet-4-20250514)
+  --opencode-timeout-seconds <secs> Hard timeout in seconds (default: 900)
+  --help                            Show this help
 EOF
 }
 
-case "${1:-}" in
-  --help|-h)
-    usage
-    exit 0
-    ;;
+mode=""
+session=""
+worktree=""
+prompt_file=""
+runs_root=""
+adapter_id=""
+task_kind=""
+task_id=""
+env_prefix=""
+sandbox_subdir=".opencode-artifacts"
+reconcile_command=""
+opencode_model="${ACP_OPENCODE_MODEL:-${F_LOSNING_OPENCODE_MODEL:-anthropic/claude-sonnet-4-20250514}}"
+opencode_timeout_seconds="${ACP_OPENCODE_TIMEOUT_SECONDS:-${F_LOSNING_OPENCODE_TIMEOUT_SECONDS:-900}}"
+declare -a context_items=()
+declare -a collect_files=()
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --mode) mode="${2:-}"; shift 2 ;;
+    --session) session="${2:-}"; shift 2 ;;
+    --worktree) worktree="${2:-}"; shift 2 ;;
+    --prompt-file) prompt_file="${2:-}"; shift 2 ;;
+    --runs-root) runs_root="${2:-}"; shift 2 ;;
+    --adapter-id) adapter_id="${2:-}"; shift 2 ;;
+    --task-kind) task_kind="${2:-}"; shift 2 ;;
+    --task-id) task_id="${2:-}"; shift 2 ;;
+    --env-prefix) env_prefix="${2:-}"; shift 2 ;;
+    --context) context_items+=("${2:-}"); shift 2 ;;
+    --collect-file) collect_files+=("${2:-}"); shift 2 ;;
+    --reconcile-command) reconcile_command="${2:-}"; shift 2 ;;
+    --sandbox-subdir) sandbox_subdir="${2:-}"; shift 2 ;;
+    --opencode-model) opencode_model="${2:-}"; shift 2 ;;
+    --opencode-timeout-seconds) opencode_timeout_seconds="${2:-}"; shift 2 ;;
+    --help|-h) usage; exit 0 ;;
+    *) echo "Unknown argument: $1" >&2; usage >&2; exit 1 ;;
+  esac
+done
+
+if [[ -z "$mode" || -z "$session" || -z "$worktree" || -z "$prompt_file" || -z "$runs_root" || -z "$adapter_id" || -z "$task_kind" || -z "$task_id" ]]; then
+  usage >&2
+  exit 1
+fi
+
+case "$mode" in
+  safe|bypass) ;;
+  *) echo "--mode must be safe or bypass" >&2; exit 1 ;;
+esac
+
+case "$opencode_timeout_seconds" in
+  ''|*[!0-9]*|0) echo "--opencode-timeout-seconds must be a positive integer" >&2; exit 1 ;;
 esac
 
-echo "agent-project-run-opencode-session: opencode support is scaffolded, but execution is not implemented yet" >&2
-echo "Choose codex, claude, or openclaw for live runs today." >&2
-exit 1
+resolve_crush_bin() {
+  local configured_bin="${CRUSH_BIN:-${ACP_CRUSH_BIN:-${ACP_OPENCODE_BIN:-}}}"
+  if [[ -n "${configured_bin}" && -x "${configured_bin}" ]]; then
+    printf '%s\n' "${configured_bin}"
+    return 0
+  fi
+  # Try crush first (current name), then opencode (legacy name)
+  if command -v crush >/dev/null 2>&1; then
+    command -v crush
+    return 0
+  fi
+  if command -v opencode >/dev/null 2>&1; then
+    command -v opencode
+    return 0
+  fi
+  local -a fallback_paths=(
+    "/opt/homebrew/bin/crush"
+    "/usr/local/bin/crush"
+    "${HOME}/.local/bin/crush"
+    "${HOME}/go/bin/crush"
+    "/opt/homebrew/bin/opencode"
+    "/usr/local/bin/opencode"
+  )
+  local p
+  for p in "${fallback_paths[@]}"; do
+    if [[ -x "${p}" ]]; then
+      printf '%s\n' "${p}"
+      return 0
+    fi
+  done
+  return 1
+}
+
+crush_bin="$(resolve_crush_bin || true)"
+if [[ -z "${crush_bin}" || ! -x "${crush_bin}" ]]; then
+  echo "unable to resolve a runnable crush/opencode binary — install with: brew install charmbracelet/tap/crush" >&2
+  exit 1
+fi
+
+artifact_dir="${runs_root}/${session}"
+output_file="${artifact_dir}/${session}.log"
+inner_script="${artifact_dir}/${session}.sh"
+meta_file="${artifact_dir}/run.env"
+result_file="${artifact_dir}/result.env"
+runner_state_file="${artifact_dir}/runner.env"
+sandbox_run_dir="${worktree%/}/${sandbox_subdir}/${session}"
+started_at="$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
+
+mkdir -p "$artifact_dir" "$sandbox_run_dir"
+
+if tmux has-session -t "$session" 2>/dev/null; then
+  echo "tmux session already exists: $session" >&2
+  exit 1
+fi
+
+branch_name="$(git -C "$worktree" branch --show-current 2>/dev/null || true)"
+
+printf -v session_q '%q' "$session"
+printf -v task_kind_q '%q' "$task_kind"
+printf -v task_id_q '%q' "$task_id"
+printf -v mode_q '%q' "$mode"
+printf -v worktree_q '%q' "$worktree"
+printf -v prompt_q '%q' "$prompt_file"
+printf -v output_q '%q' "$output_file"
+printf -v artifact_dir_q '%q' "$artifact_dir"
+printf -v script_q '%q' "$inner_script"
+printf -v result_q '%q' "$result_file"
+printf -v meta_file_q '%q' "$meta_file"
+printf -v runner_state_q '%q' "$runner_state_file"
+printf -v branch_q '%q' "$branch_name"
+printf -v sandbox_run_dir_q '%q' "$sandbox_run_dir"
+printf -v adapter_id_q '%q' "$adapter_id"
+printf -v started_at_q '%q' "$started_at"
+printf -v crush_bin_q '%q' "$crush_bin"
+printf -v opencode_model_q '%q' "$opencode_model"
+printf -v opencode_timeout_q '%q' "$opencode_timeout_seconds"
+
+{
+  printf 'TASK_KIND=%s\n' "$task_kind_q"
+  printf 'TASK_ID=%s\n' "$task_id_q"
+  printf 'SESSION=%s\n' "$session_q"
+  printf 'MODE=%s\n' "$mode_q"
+  printf 'WORKTREE=%s\n' "$worktree_q"
+  printf 'PROMPT_FILE=%s\n' "$prompt_q"
+  printf 'OUTPUT_FILE=%s\n' "$output_q"
+  printf 'BRANCH=%s\n' "$branch_q"
+  printf 'RESULT_FILE=%s\n' "$result_q"
+  printf 'RUNNER_STATE_FILE=%s\n' "$runner_state_q"
+  printf 'SANDBOX_RUN_DIR=%s\n' "$sandbox_run_dir_q"
+  printf 'ADAPTER_ID=%s\n' "$adapter_id_q"
+  printf 'STARTED_AT=%s\n' "$started_at_q"
+  printf 'CRUSH_BIN=%s\n' "$crush_bin_q"
+  printf 'OPENCODE_MODEL=%s\n' "$opencode_model_q"
+  printf 'OPENCODE_TIMEOUT_SECONDS=%s\n' "$opencode_timeout_q"
+} >"$meta_file"
+
+context_exports=""
+if ((${#context_items[@]} > 0)); then
+  for item in "${context_items[@]}"; do
+    if [[ "$item" != *=* ]]; then
+      echo "--context must use KEY=VALUE syntax: $item" >&2
+      exit 1
+    fi
+    key="${item%%=*}"
+    value="${item#*=}"
+    if [[ ! "$key" =~ ^[A-Z0-9_]+$ ]]; then
+      echo "Invalid context key: $key" >&2
+      exit 1
+    fi
+    printf -v value_q '%q' "$value"
+    printf '%s=%s\n' "$key" "$value_q" >>"$meta_file"
+    if [[ -n "$env_prefix" ]]; then
+      context_exports+="export ${env_prefix}${key}=${value_q}"$'\n'
+    fi
+    context_exports+="export ACP_${key}=${value_q}"$'\n'
+    if [[ "$env_prefix" != "F_LOSNING_" ]]; then
+      context_exports+="export F_LOSNING_${key}=${value_q}"$'\n'
+    fi
+  done
+fi
+
+runtime_exports=$(
+  cat <<EOF
+export AGENT_PROJECT_SESSION=${session_q}
+export AGENT_PROJECT_RUN_DIR=${sandbox_run_dir_q}
+export AGENT_PROJECT_HOST_RUN_DIR=${artifact_dir_q}
+export AGENT_PROJECT_RESULT_FILE=${sandbox_run_dir_q}/result.env
+export ACP_SESSION=${session_q}
+export ACP_RUN_DIR=${sandbox_run_dir_q}
+export ACP_HOST_RUN_DIR=${artifact_dir_q}
+export ACP_RESULT_FILE=${sandbox_run_dir_q}/result.env
+export F_LOSNING_SESSION=${session_q}
+export F_LOSNING_RUN_DIR=${sandbox_run_dir_q}
+export F_LOSNING_HOST_RUN_DIR=${artifact_dir_q}
+export F_LOSNING_RESULT_FILE=${sandbox_run_dir_q}/result.env
+EOF
+)
+
+if [[ -n "$env_prefix" ]]; then
+  runtime_exports+=$'\n'
+  runtime_exports+=$(cat <<EOF
+export ${env_prefix}SESSION=${session_q}
+export ${env_prefix}RUN_DIR=${sandbox_run_dir_q}
+export ${env_prefix}HOST_RUN_DIR=${artifact_dir_q}
+export ${env_prefix}RESULT_FILE=${sandbox_run_dir_q}/result.env
+EOF
+)
+fi
+
+collect_copy_snippet=""
+if ((${#collect_files[@]} > 0)); then
+  for artifact_name in "${collect_files[@]}"; do
+    [[ -z "$artifact_name" ]] && continue
+    printf -v artifact_q '%q' "$artifact_name"
+    collect_copy_snippet+=$(cat <<EOF
+if [[ -f ${sandbox_run_dir_q}/${artifact_q} ]]; then
+  cp ${sandbox_run_dir_q}/${artifact_q} ${artifact_dir_q}/${artifact_q}
+fi
+EOF
+    )
+    collect_copy_snippet+=$'\n'
+  done
+fi
+
+reconcile_snippet=""
+if [[ -n "$reconcile_command" ]]; then
+  printf -v delayed_reconcile_q '%q' "export ACP_EXPECTED_RUN_STARTED_AT=${started_at_q}; export F_LOSNING_EXPECTED_RUN_STARTED_AT=${started_at_q}; while tmux has-session -t ${session_q} 2>/dev/null; do sleep 1; done; sleep 2; $reconcile_command"
+  reconcile_snippet="nohup bash -lc ${delayed_reconcile_q} >> ${output_q} 2>&1 </dev/null &"
+fi
+
+cat >"$inner_script" <<EOF
+#!/usr/bin/env bash
+set -euo pipefail
+${runtime_exports}
+${context_exports}cd ${worktree_q}
+
+runner_state_file=${runner_state_q}
+output_file=${output_q}
+sandbox_run_dir=${sandbox_run_dir_q}
+artifact_dir=${artifact_dir_q}
+result_file_path=${sandbox_run_dir_q}/result.env
+host_result_file=${result_q}
+crush_bin=${crush_bin_q}
+opencode_model=${opencode_model_q}
+opencode_timeout=${opencode_timeout_q}
+prompt_file=${prompt_q}
+worktree=${worktree_q}
+
+write_state() {
+  local runner_state="\${1:?runner state required}"
+  local last_exit_code="\${2:-}"
+  local failure_reason="\${3:-}"
+  local updated_at tmp_file
+
+  updated_at="\$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
+  tmp_file="\${runner_state_file}.tmp.\$\$"
+  {
+    printf 'RUNNER_STATE=%q\n' "\${runner_state}"
+    printf 'ATTEMPT=1\n'
+    printf 'RESUME_COUNT=0\n'
+    printf 'LAST_EXIT_CODE=%q\n' "\${last_exit_code}"
+    printf 'LAST_FAILURE_REASON=%q\n' "\${failure_reason}"
+    printf 'UPDATED_AT=%q\n' "\${updated_at}"
+  } >"\${tmp_file}"
+  mv "\${tmp_file}" "\${runner_state_file}"
+}
+
+record_final_git_state() {
+  local final_head final_branch tmp_file
+  final_head="\$(git -C ${worktree_q} rev-parse HEAD 2>/dev/null || true)"
+  final_branch="\$(git -C ${worktree_q} branch --show-current 2>/dev/null || true)"
+  tmp_file=${meta_file_q}.tmp.final.\$\$
+  grep -vE '^(FINAL_HEAD|FINAL_BRANCH)=' ${meta_file_q} >"\${tmp_file}" 2>/dev/null || true
+  {
+    printf 'FINAL_HEAD=%q\n' "\${final_head}"
+    printf 'FINAL_BRANCH=%q\n' "\${final_branch}"
+  } >>"\${tmp_file}"
+  mv "\${tmp_file}" ${meta_file_q}
+}
+
+write_state running
+
+mkdir -p "\${sandbox_run_dir}"
+
+# Crush (opencode) runs via 'crush run' in non-interactive mode.
+# --quiet suppresses spinner, --yolo auto-approves all tool permissions,
+# --model selects the provider/model, --cwd sets the working directory.
+# Prompt is provided via stdin.
+crush_exit_code=0
+crush_args=(run --quiet --model "\${opencode_model}" --cwd ${worktree_q})
+if [[ "${mode_q}" == "bypass" ]]; then
+  crush_args+=(--yolo)
+fi
+
+if command -v timeout >/dev/null 2>&1; then
+  timeout "\${opencode_timeout}" "\${crush_bin}" "\${crush_args[@]}" <"\${prompt_file}" 2>&1 | tee -a "\${output_file}" || crush_exit_code=\$?
+elif command -v gtimeout >/dev/null 2>&1; then
+  gtimeout "\${opencode_timeout}" "\${crush_bin}" "\${crush_args[@]}" <"\${prompt_file}" 2>&1 | tee -a "\${output_file}" || crush_exit_code=\$?
+else
+  "\${crush_bin}" "\${crush_args[@]}" <"\${prompt_file}" 2>&1 | tee -a "\${output_file}" &
+  _crush_pid=\$!
+  ( sleep "\${opencode_timeout}" && kill "\${_crush_pid}" 2>/dev/null ) &
+  _wd=\$!
+  wait "\${_crush_pid}" || crush_exit_code=\$?
+  kill "\${_wd}" 2>/dev/null || true; wait "\${_wd}" 2>/dev/null || true
+  [[ "\${crush_exit_code}" -eq 143 ]] && crush_exit_code=124
+fi
+
+if [[ "\${crush_exit_code}" -eq 0 ]]; then
+  write_state succeeded 0
+  # Crush has full tool access — it can write files and make commits.
+  # Infer result from git state if result.env was not written by the agent.
+  if [[ ! -f "\${result_file_path}" ]]; then
+    if git -C ${worktree_q} diff --name-only HEAD 2>/dev/null | grep -qvE '\.md$' 2>/dev/null \\
+      || git -C ${worktree_q} diff --cached --name-only 2>/dev/null | grep -qvE '\.md$' 2>/dev/null \\
+      || git -C ${worktree_q} diff --name-only origin/main..HEAD 2>/dev/null | grep -qvE '\.md$' 2>/dev/null; then
+      printf 'OUTCOME=implemented\nACTION=host-publish-issue-pr\n' >"\${result_file_path}"
+    else
+      printf 'OUTCOME=blocked\nACTION=host-comment-blocker\nDETAIL=missing-result-contract\n' >"\${result_file_path}"
+    fi
+  fi
+else
+  failure_reason="opencode-exit-\${crush_exit_code}"
+  [[ "\${crush_exit_code}" -eq 124 ]] && failure_reason="timeout"
+  write_state failed "\${crush_exit_code}" "\${failure_reason}"
+  if [[ ! -f "\${result_file_path}" ]]; then
+    printf 'OUTCOME=blocked\nACTION=host-comment-blocker\nDETAIL=%s\n' "\${failure_reason}" >"\${result_file_path}"
+  fi
+fi
+
+record_final_git_state
+
+if [[ -f "\${result_file_path}" ]]; then
+  cp "\${result_file_path}" "\${host_result_file}"
+fi
+${collect_copy_snippet}
+${reconcile_snippet}
+printf '\n__CODEX_EXIT__:%s\n' "\${crush_exit_code}" | tee -a "\${output_file}"
+exit "\${crush_exit_code}"
+EOF
+
+chmod +x "$inner_script"
+tmux new-session -d -s "$session" "$inner_script"
+
+printf 'SESSION=%s\n' "$session"
+printf 'TASK_KIND=%s\n' "$task_kind"
+printf 'TASK_ID=%s\n' "$task_id"
+printf 'WORKTREE=%s\n' "$worktree"
+printf 'OUTPUT=%s\n' "$output_file"