auriga-cli 1.9.4 → 1.10.1

package/README.md

@@ -13,11 +13,19 @@ This repo itself is a fully configured harness project. You can clone it to see
 | **Workflow** | `CLAUDE.md` auriga workflow: requirement clarification -> TDD -> Review, Harness principles, Subagent usage guide |
 | **Skills** | Development process + orchestration skills — brainstorming, systematic-debugging, TDD, verification, planning, playwright, deep-review, test-designer, parallel-implementation |
 | **Recommended Skills** | Optional utility skills (e.g. `codex-agent`, `claude-code-agent`) you can add on top of the workflow skills |
-| **Plugins** | Recommended Claude Code plugins — skill-creator, claude-md-management, codex, auriga-go |
-| **Hooks** | Claude Code hooks: `notify` (macOS notification, focus-aware sound-only when terminal is frontmost — **opt-in**: not installed by `install --all`, requires `install hooks --hook notify`), `pr-create-guard` (PostToolUse body snapshot after `gh pr create`), `pr-ready-guard` (PreToolUse block on stray planning docs / active specs in `docs/specs/` / unpushed commits before `gh pr ready`) |
+| **Plugins** | Recommended Claude Code and Codex plugins — skill-creator, claude-md-management, codex, auriga-go, auriga-pr-guards, session-instructions-loader |
+| **Hooks** | Claude Code hooks: `notify` (macOS notification, focus-aware sound-only when terminal is frontmost — **opt-in**: not installed by `install --all`, requires `install hooks --hook notify`) |
 
 ## Quick Start
 
+### Ask your Agent to install
+
+The easiest path is to let your current Agent read the install guide and follow it:
+
+> Run `npx -y auriga-cli guide`, read the guide, then install the Auriga harness into this repository by following the steps it prints.
+
+The guide command is intentionally non-interactive. It gives the Agent the prerequisite checks, catalog inspection commands, install commands, reload step, and verification checklist in one place.
+
 ### Agent Bootstrap (non-TTY)
 
 Running inside `claude -p`, `claude -p --worktree`, or any non-interactive Agent session? Start here:
@@ -35,11 +43,12 @@ Non-interactive install commands:
 ```bash
 npx -y auriga-cli install --all              # workflow + skills + plugins + hooks (atomic)
 npx -y auriga-cli install recommended        # opt-in utility skills (not in --all)
+npx -y auriga-cli install plugins --agent codex --plugin session-instructions-loader
 npx -y auriga-cli install <type> [--flags]   # one of: workflow | skills | recommended | plugins | hooks
 npx -y auriga-cli --help                     # full catalog + flags
 ```
 
-Exit codes: `0` success, `1` fatal (precheck / parse / fetch), `2` partial success — `stderr` lists per-category `[OK]/[FAIL]` and a `Retry:` hint. After install, reload the Claude Code session so the new `CLAUDE.md` / skills / plugins / hook registrations are picked up.
+Exit codes: `0` success, `1` fatal (precheck / parse / fetch), `2` partial success — `stderr` lists per-category `[OK]/[FAIL]` and a `Retry:` hint. After install, reload the Claude Code or Codex session so the new `CLAUDE.md` / skills / plugins / hook registrations are picked up.
 
 ### Interactive menu
 
@@ -54,11 +63,11 @@ Interactive menu — select what to install:
   ◉ Workflow — CLAUDE.md + AGENTS.md
   ◉ Skills — Development process skills
   ◉ Recommended Skills — Extra utility skills
-  ◉ Plugins — Claude Code plugins
+  ◉ Plugins — Claude Code / Codex plugins
   ◉ Hooks — Claude Code hooks
 ```
 
-Each module supports scope selection (Skills: project/global, Plugins: user/project, Hooks: project local / project / user).
+Each module supports scope selection where applicable (Skills: project/global, Claude Code Plugins: user/project, Hooks: project local / project / user). Plugin installation also asks which runtime to target: Claude Code, Codex, or both.
 
 ## Module Details
 
@@ -99,14 +108,24 @@ Supports both project and global installation scopes.
 
 ### Plugins
 
-Installs selected plugins via `claude plugins install`, automatically adding required marketplaces.
+Installs selected plugins for Claude Code, Codex, or both. Claude Code uses `claude plugins install` and honors `--scope project|user`; Codex uses `codex plugin marketplace add` and enables selected plugins in `~/.codex/config.toml`.
 
-| Plugin | Description |
-|---|---|
-| skill-creator | Create and manage custom skills |
-| claude-md-management | Audit and improve CLAUDE.md |
-| codex | Codex cross-model collaboration |
-| auriga-go | Workflow autopilot for the auriga workflow. Reminder-based navigation across the `CLAUDE.md` phases with an Experimental hook-backed `ship` mode. Bundles a skill (description-based NL trigger + `/auriga-go`) plus a plugin-level Stop hook for ship mode. |
+Examples:
+
+```bash
+npx -y auriga-cli install plugins --plugin auriga-go
+npx -y auriga-cli install plugins --agent codex --plugin session-instructions-loader
+npx -y auriga-cli install plugins --agent both --plugin auriga-pr-guards
+```
+
+| Plugin | Runtime | Description |
+|---|---|---|
+| skill-creator | Claude Code | Create and manage custom skills |
+| claude-md-management | Claude Code | Audit and improve CLAUDE.md |
+| codex | Claude Code | Codex cross-model collaboration |
+| auriga-go | Claude Code / Codex | Workflow autopilot for the auriga workflow. Reminder-based navigation across the `CLAUDE.md` phases with an Experimental hook-backed `ship` mode. Bundles a skill (description-based NL trigger + `/auriga-go`) plus a plugin-level Stop hook for ship mode. |
+| auriga-pr-guards | Claude Code / Codex | Two PR-workflow guardrails packaged as a dual-Agent plugin: `pr-create-guard` (PostToolUse for `gh pr create` → fetch the new PR's body via `gh pr view` and inject headings + TODO counts as `additionalContext` so the Agent can self-verify scope / acceptance / risks / TODO) and `pr-ready-guard` (PreToolUse for `gh pr ready` → block on stray planning docs at `findings.md` / `progress.md` / `task_plan.md` / `docs/superpowers/specs/*.md`, unfinalized active specs in `docs/specs/*.md`, or unpushed commits; otherwise inject the body snapshot). Codex currently fails open on the `additionalContext` field for PreToolUse but enforces blocks identically. |
+| session-instructions-loader | Codex | Codex-only SessionStart plugin that injects ancestor `AGENTS.md` files plus repo-configured extra instruction files. |
 
 ### Hooks
 
@@ -115,8 +134,6 @@ Installs Claude Code hooks into a chosen scope. Each hook is self-contained unde
 | Hook | Description |
 |---|---|
 | notify *(opt-in)* | Native macOS notification when Claude needs your attention. Shows the brand mark in the small app-icon position; click brings the originating terminal back to focus. **Focus-aware**: when the launching terminal is already frontmost, drops the banner and plays the sound only (toggle via `soundOnlyWhenFocused` in `config.json`). **Per-project group ID**: new notifications cleanly replace older ones in Notification Center, no process accumulation, no cross-project interference. Auto-installs `alerter` via Homebrew (`vjeantet/tap/alerter`). Customize sound and icon by editing `.claude/hooks/notify/config.json` and `.claude/hooks/notify/icon.png`. macOS-only at runtime; silent no-op on other platforms. |
-| pr-create-guard | PostToolUse hook for `gh pr create`. Queries the newly-created PR via `gh pr view` and injects a body snapshot (headings found + TODO-checkbox counts) as `additionalContext` for the Agent to self-verify against the PR-readiness scope / acceptance / risks / TODO contract. Never blocks — PostToolUse runs after the fact. Graceful degradation when gh is unavailable. |
-| pr-ready-guard | PreToolUse hook for `gh pr ready`. Blocks on structural signals only: (1) stray planning docs at `findings.md` / `progress.md` / `task_plan.md` / `docs/superpowers/specs/*.md` — must be archived to `docs/worklog/worklog-<date>-<branch>/` (or deleted) per CLAUDE.md `Document Conventions`; (2) unfinalized active specs at `docs/specs/*.md` — must be promoted to `docs/architecture/`, archived, or deleted; (3) unpushed commits on the current branch. No text regex of PR content is ever used as a block signal. On pass, injects a PR body snapshot as `additionalContext`. |
 
 Scope choices:
 
@@ -129,7 +146,8 @@ Re-running the installer preserves your customized `config.json` and `icon.png`,
 ## Requirements
 
 - Node.js >= 18
-- [Claude Code](https://docs.anthropic.com/en/docs/claude-code) (required for Plugins and Hooks modules)
+- [Claude Code](https://docs.anthropic.com/en/docs/claude-code) (required for Claude Code Plugins and Hooks modules)
+- Codex CLI (required only for `install plugins --agent codex|both`)
 - [Homebrew](https://brew.sh) (recommended for the `notify` hook to install `alerter`)
 
 ## Development

package/README.zh-CN.md

@@ -13,11 +13,19 @@
 | **Workflow** | `CLAUDE.md` 里的 auriga 工作流：需求澄清 → TDD → Review，Harness 原则，Subagent 使用指南 |
 | **Skills** | 开发流程 + 编排类 skills —— brainstorming、systematic-debugging、TDD、verification、planning、playwright、deep-review、test-designer、parallel-implementation |
 | **Recommended Skills** | 可选的工具类 skills（如 `codex-agent`、`claude-code-agent`），在 workflow skills 之外按需追加 |
-| **Plugins** | 推荐的 Claude Code 插件 —— skill-creator、claude-md-management、codex、auriga-go |
-| **Hooks** | Claude Code hooks：`notify`（macOS 通知，终端在焦点时仅放声不弹横幅 —— **opt-in**：`install --all` 不装，需要 `install hooks --hook notify`）、`pr-create-guard`（`gh pr create` 后注入 PR body 快照的 PostToolUse）、`pr-ready-guard`（`gh pr ready` 前按游离 planning 文档 / `docs/specs/` 内未清理的 spec / 未 push commits 拦截的 PreToolUse） |
+| **Plugins** | 推荐的 Claude Code 和 Codex 插件 —— skill-creator、claude-md-management、codex、auriga-go、auriga-pr-guards、session-instructions-loader |
+| **Hooks** | Claude Code hooks：`notify`（macOS 通知，终端在焦点时仅放声不弹横幅 —— **opt-in**：`install --all` 不装，需要 `install hooks --hook notify`） |
 
 ## 快速开始
 
+### 让你的 Agent 负责安装
+
+最简单的方式是让当前 Agent 先读取安装指南，再按指南执行：
+
+> 运行 `npx -y auriga-cli guide`，阅读指南，然后按输出步骤把 Auriga harness 安装到当前仓库。
+
+`guide` 命令是非交互式的。它会把前置检查、catalog 查看命令、安装命令、重启会话步骤和验证清单一次性提供给 Agent。
+
 ### Agent Bootstrap（非交互）
 
 在 `claude -p`、`claude -p --worktree` 或任何非交互 Agent 会话里想装整套 harness？从这里开始：
@@ -35,11 +43,12 @@ npx -y auriga-cli guide
 ```bash
 npx -y auriga-cli install --all              # workflow + skills + plugins + hooks（原子）
 npx -y auriga-cli install recommended        # 可选工具 skills（不在 --all 内）
+npx -y auriga-cli install plugins --agent codex --plugin session-instructions-loader
 npx -y auriga-cli install <type> [--flags]   # 单类：workflow | skills | recommended | plugins | hooks
 npx -y auriga-cli --help                     # 完整 catalog + flag 说明
 ```
 
-退出码：`0` 成功；`1` 致命错误（前置检查 / 解析 / 拉取失败）；`2` 部分成功——`stderr` 会列出逐类 `[OK]/[FAIL]` 和 `Retry:` 提示。装完后请重启 Claude Code session，让新的 `CLAUDE.md` / skills / plugins / hook 注册 生效。
+退出码：`0` 成功；`1` 致命错误（前置检查 / 解析 / 拉取失败）；`2` 部分成功——`stderr` 会列出逐类 `[OK]/[FAIL]` 和 `Retry:` 提示。装完后请重启 Claude Code 或 Codex 会话，让新的 `CLAUDE.md` / skills / plugins / hook 注册生效。
 
 ### 交互式菜单
 
@@ -54,11 +63,11 @@ npx auriga-cli
   ◉ Workflow — CLAUDE.md + AGENTS.md
   ◉ Skills — 开发流程 skills
   ◉ Recommended Skills — 额外的工具 skills
-  ◉ Plugins — Claude Code 插件
+  ◉ Plugins — Claude Code / Codex 插件
   ◉ Hooks — Claude Code hooks
 ```
 
-每个模块支持作用域选择（Skills: project/global，Plugins: user/project，Hooks: project local / project / user）。
+每个模块在适用时支持作用域选择（Skills: project/global，Claude Code Plugins: user/project，Hooks: project local / project / user）。安装插件时还会先选择目标运行时：Claude Code、Codex 或两者都装。
 
 ## 模块详情
 
@@ -99,14 +108,24 @@ npx auriga-cli
 
 ### Plugins
 
-通过 `claude plugins install` 安装选中的插件，自动添加所需的 marketplace。
+可以把选中的插件安装到 Claude Code、Codex 或两者都装。Claude Code 路径使用 `claude plugins install`，并遵守 `--scope project|user`；Codex 路径使用 `codex plugin marketplace add`，并在 `~/.codex/config.toml` 里启用选中的插件。
 
-| 插件 | 说明 |
-|---|---|
-| skill-creator | 创建和管理自定义 skills |
-| claude-md-management | 审计和改进 CLAUDE.md |
-| codex | Codex 跨模型协作 |
-| auriga-go | auriga 工作流的自动驾驶：按 `CLAUDE.md` 的 phase 做 reminder-based 导航；包含 Experimental 的 hook-backed `ship` 模式。内置一个 skill（按 description 的自然语言触发 + `/auriga-go` slash command）和一个 plugin 层面的 Stop hook。 |
+示例：
+
+```bash
+npx -y auriga-cli install plugins --plugin auriga-go
+npx -y auriga-cli install plugins --agent codex --plugin session-instructions-loader
+npx -y auriga-cli install plugins --agent both --plugin auriga-pr-guards
+```
+
+| 插件 | 运行时 | 说明 |
+|---|---|---|
+| skill-creator | Claude Code | 创建和管理自定义 skills |
+| claude-md-management | Claude Code | 审计和改进 CLAUDE.md |
+| codex | Claude Code | Codex 跨模型协作 |
+| auriga-go | Claude Code / Codex | auriga 工作流的自动驾驶：按 `CLAUDE.md` 的 phase 做 reminder-based 导航；包含 Experimental 的 hook-backed `ship` 模式。内置一个 skill（按 description 的自然语言触发 + `/auriga-go` slash command）和一个 plugin 层面的 Stop hook。 |
+| auriga-pr-guards | Claude Code / Codex | 两个 PR-workflow guardrail：`pr-create-guard`（`gh pr create` 的 PostToolUse —— 通过 `gh pr view` 拉真实 PR body，扫 `^##` / `^###` headings 并统计 `- [ ]` / `- [x]` 注入 `additionalContext`，让 Agent 对照范围 / 验收 / 风险 / 剩余 TODO 四要素）+ `pr-ready-guard`（`gh pr ready` 的 PreToolUse —— 仅按结构信号拦截：游离 `findings.md` / `progress.md` / `task_plan.md` / `docs/superpowers/specs/*.md`、`docs/specs/*.md` 内未结案的活跃 spec、未 push commits；放行时注入 body 快照）。Codex 当前对 PreToolUse 的 `additionalContext` 字段 fail-open（解析但不生效），block 路径两边一致。 |
+| session-instructions-loader | Codex | Codex-only SessionStart 插件，注入上层目录的 `AGENTS.md` 和仓库配置的额外 instruction 文件。 |
 
 ### Hooks
 
@@ -115,8 +134,6 @@ npx auriga-cli
 | Hook | 说明 |
 |---|---|
 | notify *(opt-in)* | 当 Claude 需要你关注时弹一条原生 macOS 通知。在通知小图标位显示品牌图，点击通知可把发起 Claude 的终端拉回前台。**焦点感知**：发起 Claude 的终端正处于前台时，仅放提示音不弹横幅（通过 `config.json` 的 `soundOnlyWhenFocused` 切换）。**按项目分组**：新通知会干净地替换通知中心里的旧条目，不会进程堆积，也不会跨项目互相覆盖。会自动通过 Homebrew 安装 `alerter`（`vjeantet/tap/alerter`）。改 `.claude/hooks/notify/config.json` 即可换提示音、替换 `.claude/hooks/notify/icon.png` 即可换图标。仅 macOS 运行时生效，其它平台静默 no-op。 |
-| pr-create-guard | `gh pr create` 的 PostToolUse hook。创建成功后通过 `gh pr view` 拉真实 PR body，扫 `^##` / `^###` headings 并统计 `- [ ]` / `- [x]`，通过 `additionalContext` 注入快照让 Agent 对照 PR-readiness 阶段的"范围 / 验收标准 / 风险 / 剩余 TODO"四要素。不 block——PostToolUse 发生在动作之后。gh 不可用时静默降级。 |
-| pr-ready-guard | `gh pr ready` 的 PreToolUse hook。**只按结构信号**拦截：(1) 仓库根存在游离 planning 文档（`findings.md` / `progress.md` / `task_plan.md`）或 `docs/superpowers/specs/*.md` 未归档——按 CLAUDE.md 的"文档规范"迁到 `docs/worklog/worklog-<date>-<branch>/` 或删除；(2) `docs/specs/*.md` 内有未结案的活跃 spec——晋升到 `docs/architecture/`、归档或删除；(3) 本地有未 push commits。**不做 PR 正文文本 regex 匹配**。放行时注入 PR body 快照。 |
 
 作用域选择：
 
@@ -129,7 +146,8 @@ npx auriga-cli
 ## 环境要求
 
 - Node.js >= 18
-- [Claude Code](https://docs.anthropic.com/en/docs/claude-code)（Plugins 和 Hooks 模块需要）
+- [Claude Code](https://docs.anthropic.com/en/docs/claude-code)（Claude Code Plugins 和 Hooks 模块需要）
+- Codex CLI（仅 `install plugins --agent codex|both` 需要）
 - [Homebrew](https://brew.sh)（`notify` hook 用来安装 `alerter`，可选）
 
 ## 开发

package/dist/catalog.json

@@ -1,5 +1,5 @@
 {
-  "generatedAt": "2026-05-06T14:58:34.641Z",
+  "generatedAt": "2026-05-07T13:10:22.979Z",
   "workflowSkills": [
     {
       "name": "brainstorming",
@@ -75,21 +75,21 @@
     },
     {
       "name": "auriga-go",
-      "description": "Workflow autopilot for the auriga workflow (reminder-based navigation + Experimental ship mode)"
+      "description": "(Claude/Codex) Workflow autopilot for the auriga workflow (reminder-based navigation + Experimental ship mode)"
+    },
+    {
+      "name": "auriga-pr-guards",
+      "description": "(Claude/Codex) PR-create snapshot inject + PR-ready structural block guardrails (Claude Code + Codex)"
+    },
+    {
+      "name": "session-instructions-loader",
+      "description": "(Codex) Injects extra instruction files on session start"
     }
   ],
   "hooks": [
     {
       "name": "notify",
       "description": "(opt-in) Native macOS notification when Claude needs your attention (auto-installs alerter via Homebrew)"
-    },
-    {
-      "name": "pr-create-guard",
-      "description": "Workflow guard: after `gh pr create`, query the new PR and inject a body snapshot (headings + TODO counts) so the Agent can verify scope / acceptance / risks / TODO"
-    },
-    {
-      "name": "pr-ready-guard",
-      "description": "Workflow guard: block `gh pr ready` on unpushed commits, stray planning docs, or unfinalized active specs in docs/specs/; filter-inject PR body snapshot otherwise"
     }
   ]
 }

package/dist/cli.d.ts

@@ -1,4 +1,5 @@
 #!/usr/bin/env node
+import { type PluginAgent } from "./utils.js";
 import { type CategoryName } from "./types.js";
 export type { CategoryName } from "./types.js";
 export interface InstallParsed {
@@ -8,6 +9,7 @@ export interface InstallParsed {
     lang?: string;
     cwd?: string;
     scope?: "project" | "user";
+    agent?: PluginAgent;
 }
 export type ParsedArgs = {
     command: "help";

package/dist/cli.js

@@ -11,7 +11,7 @@ import { loadCatalog } from "./catalog.js";
 import { renderHelp, renderTypeHelp } from "./help.js";
 import { renderGuide } from "./guide.js";
 import { CATEGORY_NAMES } from "./types.js";
-const RELOAD_REMINDER = "\n⚠ Reload your Claude Code session to pick up the new harness (CLAUDE.md / skills / plugins are loaded at session startup).\n";
+const RELOAD_REMINDER = "\n⚠ Reload your Claude Code or Codex session to pick up the new harness (CLAUDE.md / skills / plugins are loaded at session startup).\n";
 const CATEGORY_SET = new Set(CATEGORY_NAMES);
 const TYPE_FOR_FILTER = {
     "--skill": "skills",
@@ -153,6 +153,12 @@ function parseInstall(argv) {
             i += advance;
             continue;
         }
+        if (t === "--agent" || t.startsWith("--agent=")) {
+            const [v, advance] = readSingleValue(argv, i, "--agent");
+            out.agent = v;
+            i += advance;
+            continue;
+        }
         // Object.hasOwn (not `in`) so Object.prototype keys like `toString` /
         // `constructor` don't slip into the filter-flag branch and produce a
         // misleading error.
@@ -199,6 +205,8 @@ function validateInstall(out, filterFlag) {
         // --all may combine with --scope.
         if (out.scope !== undefined)
             validateScopeValue(out.scope);
+        if (out.agent !== undefined)
+            validateAgentValue(out.agent);
         return;
     }
     // Rule 3: filter flag requires matching type.
@@ -220,6 +228,12 @@ function validateInstall(out, filterFlag) {
         }
         validateScopeValue(out.scope);
     }
+    if (out.agent !== undefined) {
+        if (out.type !== "plugins") {
+            parseErr("--agent only applies to plugins or --all.");
+        }
+        validateAgentValue(out.agent);
+    }
     // Value validation for workflow.
     if (out.type === "workflow" && out.lang !== undefined) {
         const valid = LANGUAGES.map((l) => l.value);
@@ -269,6 +283,11 @@ function validateScopeValue(scope) {
         parseErr(`unknown --scope value '${scope}'; expected 'project' or 'user'.`);
     }
 }
+function validateAgentValue(agent) {
+    if (agent !== "claude" && agent !== "codex" && agent !== "both") {
+        parseErr(`unknown --agent value '${agent}'; expected 'claude', 'codex', or 'both'.`);
+    }
+}
 // ---------------------------------------------------------------------------
 // main — returns exit code (spec §5.3.1 / §7)
 // ---------------------------------------------------------------------------
@@ -341,13 +360,23 @@ async function runInstall(p) {
  * Precheck external prerequisites before touching any files.
  * Returns null if OK, or an error message.
  */
-function precheckExternal(need) {
+function precheckExternal(need, agent = "claude") {
     if (need.includes("plugins")) {
-        try {
-            exec("which claude");
+        if (agent === "claude" || agent === "both") {
+            try {
+                exec("which claude");
+            }
+            catch {
+                return "'claude' CLI not in PATH. Install Claude Code first (https://docs.claude.com/claude-code), then re-run.";
+            }
         }
-        catch {
-            return "'claude' CLI not in PATH. Install Claude Code first (https://docs.claude.com/claude-code), then re-run.";
+        if (agent === "codex" || agent === "both") {
+            try {
+                exec("which codex");
+            }
+            catch {
+                return "'codex' CLI not in PATH. Install Codex first, then re-run.";
+            }
         }
     }
     return null;
@@ -368,8 +397,8 @@ async function safeFetchContentRoot() {
  * bubble up. Keeps runAll / runSingle from drifting apart as new
  * pre-install behavior accrues.
  */
-async function prepareInstall(needs) {
-    const pre = precheckExternal(needs);
+async function prepareInstall(needs, agent) {
+    const pre = precheckExternal(needs, agent ?? "claude");
     if (pre) {
         log.error(pre);
         return { exit: 1 };
@@ -382,7 +411,7 @@ async function prepareInstall(needs) {
     return { packageRoot: fetched.root };
 }
 async function runAll(p) {
-    const prep = await prepareInstall(["plugins"]);
+    const prep = await prepareInstall(["plugins"], p.agent);
     if ("exit" in prep)
         return prep.exit;
     const { packageRoot } = prep;
@@ -395,6 +424,7 @@ async function runAll(p) {
         const opts = {
             interactive: false,
             scope: p.scope,
+            agent: p.agent,
         };
         try {
             await dispatchInstaller(category, packageRoot, opts);
@@ -422,9 +452,13 @@ async function runAll(p) {
     // the default project scope and leaves the intended user-scope
     // install incomplete.
     const scopeSuffix = p.scope ? ` --scope ${p.scope}` : "";
+    const agentSuffix = p.agent ? ` --agent ${p.agent}` : "";
     process.stderr.write("\nRetry:\n");
     for (const s of failed) {
-        const suffix = scopeCategory(s.category) ? scopeSuffix : "";
+        const suffix = [
+            scopeCategory(s.category) ? scopeSuffix : "",
+            s.category === "plugins" ? agentSuffix : "",
+        ].join("");
         process.stderr.write(`  npx -y auriga-cli install ${s.category}${suffix}\n`);
     }
     // Partial success still installed assets that need a session reload
@@ -442,7 +476,7 @@ function scopeCategory(c) {
 }
 async function runSingle(p) {
     const category = p.type;
-    const prep = await prepareInstall(category === "plugins" ? ["plugins"] : []);
+    const prep = await prepareInstall(category === "plugins" ? ["plugins"] : [], p.agent);
     if ("exit" in prep)
         return prep.exit;
     const { packageRoot } = prep;
@@ -451,6 +485,7 @@ async function runSingle(p) {
         lang: p.lang,
         cwd: p.cwd,
         scope: p.scope,
+        agent: p.agent,
         selected: p.filter,
     };
     try {
@@ -499,7 +534,7 @@ async function runLegacyMenu() {
             { name: "Workflow — CLAUDE.md + AGENTS.md", value: "workflow", checked: true },
             { name: "Skills — Development process skills (brainstorming, TDD, debugging...)", value: "skills", checked: true },
             { name: "Recommended Skills — Extra utility skills (claude-code-agent, codex-agent...)", value: "recommended", checked: true },
-            { name: "Plugins — Claude Code plugins (skill-creator, claude-md-management, codex...)", value: "plugins", checked: true },
+            { name: "Plugins — Claude Code / Codex plugins (skill-creator, codex, auriga-go...)", value: "plugins", checked: true },
             { name: "Hooks — Claude Code hooks (notifications, etc.)", value: "hooks", checked: true },
         ],
     }));

package/dist/codex-plugin-config.d.ts

@@ -0,0 +1,23 @@
+export interface CodexMarketplacePlugin {
+    name: string;
+    source?: {
+        source?: string;
+        path?: string;
+    } | string;
+}
+export interface CodexMarketplace {
+    name: string;
+    plugins: CodexMarketplacePlugin[];
+}
+export interface CodexInstallPlugin {
+    name: string;
+    description?: string;
+    defaultOn?: boolean;
+}
+export interface CodexInstallConfig {
+    plugins: CodexInstallPlugin[];
+}
+export declare function validateCodexMarketplace(raw: unknown): asserts raw is CodexMarketplace;
+export declare function validateCodexInstallConfig(raw: unknown): asserts raw is CodexInstallConfig;
+export declare function codexLocalPluginPath(plugin: CodexMarketplacePlugin): string | undefined;
+export declare function codexManifestPath(plugin: CodexMarketplacePlugin): string | undefined;

package/dist/codex-plugin-config.js

@@ -0,0 +1,75 @@
+import path from "node:path";
+const PLUGIN_NAME_RE = /^[A-Za-z0-9][A-Za-z0-9._-]{0,127}$/;
+const MARKETPLACE_NAME_RE = /^[A-Za-z0-9][A-Za-z0-9._-]{0,127}$/;
+export function validateCodexMarketplace(raw) {
+    if (!raw || typeof raw !== "object") {
+        throw new Error("Codex marketplace.json: root must be an object");
+    }
+    const cfg = raw;
+    if (typeof cfg.name !== "string" || !MARKETPLACE_NAME_RE.test(cfg.name)) {
+        throw new Error("Codex marketplace.json: root must include a safe name");
+    }
+    if (!Array.isArray(cfg.plugins)) {
+        throw new Error("Codex marketplace.json: .plugins must be an array");
+    }
+    for (const [i, plugin] of cfg.plugins.entries()) {
+        if (!plugin || typeof plugin !== "object") {
+            throw new Error(`Codex marketplace.json: plugins[${i}] must be an object`);
+        }
+        const p = plugin;
+        if (typeof p.name !== "string" || !PLUGIN_NAME_RE.test(p.name)) {
+            throw new Error(`Codex marketplace.json: plugins[${i}].name ${JSON.stringify(p.name)} does not match ${PLUGIN_NAME_RE}`);
+        }
+    }
+}
+export function validateCodexInstallConfig(raw) {
+    if (!raw || typeof raw !== "object") {
+        throw new Error("Codex install.json: root must be an object");
+    }
+    const cfg = raw;
+    if (!Array.isArray(cfg.plugins)) {
+        throw new Error("Codex install.json: .plugins must be an array");
+    }
+    for (const [i, plugin] of cfg.plugins.entries()) {
+        if (!plugin || typeof plugin !== "object") {
+            throw new Error(`Codex install.json: plugins[${i}] must be an object`);
+        }
+        const p = plugin;
+        if (typeof p.name !== "string" || !PLUGIN_NAME_RE.test(p.name)) {
+            throw new Error(`Codex install.json: plugins[${i}].name ${JSON.stringify(p.name)} does not match ${PLUGIN_NAME_RE}`);
+        }
+        if (p.description !== undefined && typeof p.description !== "string") {
+            throw new Error(`Codex install.json: plugins[${i}].description must be a string`);
+        }
+        if (p.defaultOn !== undefined && typeof p.defaultOn !== "boolean") {
+            throw new Error(`Codex install.json: plugins[${i}].defaultOn must be a boolean`);
+        }
+    }
+}
+export function codexLocalPluginPath(plugin) {
+    const sourcePath = typeof plugin.source === "object" && plugin.source?.source === "local"
+        ? plugin.source.path
+        : undefined;
+    if (typeof sourcePath !== "string" || sourcePath.length === 0)
+        return undefined;
+    if (sourcePath.startsWith("/") || sourcePath.startsWith("\\") || sourcePath.includes("\0")) {
+        throw new Error(`Codex marketplace.json: plugin ${plugin.name} has unsafe source.path`);
+    }
+    if (sourcePath.includes("\\")) {
+        throw new Error(`Codex marketplace.json: plugin ${plugin.name} source.path must use POSIX separators`);
+    }
+    const withoutDot = sourcePath.startsWith("./") ? sourcePath.slice(2) : sourcePath;
+    const normalized = path.posix.normalize(withoutDot);
+    if (normalized !== withoutDot ||
+        normalized === "." ||
+        normalized === ".." ||
+        normalized.startsWith("../") ||
+        normalized.includes("/../")) {
+        throw new Error(`Codex marketplace.json: plugin ${plugin.name} has unsafe source.path`);
+    }
+    return normalized;
+}
+export function codexManifestPath(plugin) {
+    const sourcePath = codexLocalPluginPath(plugin);
+    return sourcePath ? path.posix.join(sourcePath, ".codex-plugin", "plugin.json") : undefined;
+}

package/dist/guide.js

@@ -32,6 +32,7 @@ Ensure these CLIs are in PATH:
   - node   (>= 18)
   - git
   - claude (required for plugins; see https://docs.claude.com/claude-code)
+  - codex  (required only for plugins installed with --agent codex or --agent both)
 
 Optional (only if you'll push a PR): gh
 
@@ -39,6 +40,7 @@ Verify:
   ${cmd("node --version && git --version && claude --version")}
 
 If \`claude\` is missing: install Claude Code first, then re-run this guide.
+If you plan to install Codex plugins, also verify \`codex --version\`.
 
 ${h("## Step 2 — Read --help BEFORE installing (do not skip)")}
 
@@ -68,6 +70,7 @@ Targeted — single category, picking from the catalog surfaced in Step 2:
   ${cmd("npx -y auriga-cli install workflow --lang en")}
   ${cmd("npx -y auriga-cli install skills --skill brainstorming test-driven-development")}
   ${cmd("npx -y auriga-cli install plugins --plugin skill-creator codex --scope user")}
+  ${cmd("npx -y auriga-cli install plugins --agent codex --plugin session-instructions-loader")}
   ${cmd("npx -y auriga-cli install hooks --hook pr-ready-guard")}
 
 Opt-in hooks: some hooks (e.g. \`notify\`) are NOT in the default set
@@ -91,10 +94,10 @@ Exit codes:
 
 ${h("## Step 4 — Reload session (REQUIRED when installed non-interactively)")}
 
-${warn("⚠")} CLAUDE.md, .agents/skills/, .claude/plugins.json, and hook
-registrations are loaded at Claude Code session startup. If you ran
-\`npx -y auriga-cli install\` inside an existing Claude Code session
-(e.g., \`claude -p\` / \`claude -p --worktree\`), the current session
+${warn("⚠")} CLAUDE.md, .agents/skills/, .claude/plugins.json, Codex plugin
+config, and hook registrations are loaded at session startup. If you ran
+\`npx -y auriga-cli install\` inside an existing Claude Code or Codex session
+(e.g., \`claude -p\` / \`claude -p --worktree\` / \`codex exec\`), the current session
 will NOT see the new harness.
 
 Action:
@@ -109,6 +112,7 @@ Expected artifacts:
   - AGENTS.md -> CLAUDE.md    (symlink)
   - .agents/skills/<name>/    (one per installed skill)
   - .claude/plugins.json
+  - ~/.codex/config.toml      (Codex plugin enablement, if Codex plugins selected)
   - .claude/settings.json     (updated hook registrations, if hooks selected)
 
 ${h("## Troubleshooting")}

package/dist/help.js

@@ -10,7 +10,8 @@ export function renderHelp(catalog, version) {
 USAGE
   npx auriga-cli guide                                   Agent bootstrap SOP (start here)
   npx auriga-cli install                                 (TTY only) checkbox menu
-  npx auriga-cli install --all [--scope <s>]             workflow + skills + plugins + hooks
+  npx auriga-cli install --all [--scope <s>] [--agent <a>]
+                                                         workflow + skills + plugins + hooks
                                                          (excludes recommended — install separately)
   npx auriga-cli install <type> [type-specific flags]    single category
   npx auriga-cli install <type> --help                   per-category help + catalog subset
@@ -24,7 +25,7 @@ TYPES (exactly one with <type> form)
   workflow       CLAUDE.md + AGENTS.md (workflow manifesto)
   skills         Default-on workflow skills (listed below)
   recommended    Opt-in utility skills (listed below)
-  plugins        Claude Code plugins (listed below)
+  plugins        Claude Code and Codex plugins (listed below)
   hooks          Project-level hooks for Claude Code (listed below)
 
 TYPE-SPECIFIC FLAGS
@@ -35,6 +36,7 @@ TYPE-SPECIFIC FLAGS
   recommended:    --recommended-skill <names...>
                   --scope <project|user>         default project
   plugins:        --plugin <names...>
+                  --agent <claude|codex|both>   default claude
                   --scope <project|user>         default project
   hooks:          --hook <names...>              non-interactive default installs every
                                                  hook with defaultOn != false
@@ -117,12 +119,15 @@ ${col(catalog.recommendedSkills)}
             return `${header}
 
 USAGE
-  npx auriga-cli install plugins [--plugin <names...>] [--scope <project|user>]
+  npx auriga-cli install plugins [--plugin <names...>] [--agent <claude|codex|both>] [--scope <project|user>]
 
 FLAGS
   --plugin <names...>      space-separated; '*' = all
-                           omit → install every plugin listed below
+                           omit → install every plugin available for the selected agent
+  --agent <...>            target runtime: claude, codex, or both
+                           default claude; codex enablement is user-level
   --scope <project|user>   default project
+                           applies to Claude Code; ignored for Codex
 
 CATALOG (plugins)
 ${col(catalog.plugins)}

package/dist/hooks.js

@@ -1,10 +1,9 @@
 import { spawnSync } from "node:child_process";
-import crypto from "node:crypto";
 import fs from "node:fs";
 import os from "node:os";
 import path from "node:path";
 import { checkbox, confirm, input, select } from "@inquirer/prompts";
-import { exec, fetchExtraContentBinary, log, withEsc, } from "./utils.js";
+import { atomicWriteFile, exec, fetchExtraContentBinary, log, withEsc, } from "./utils.js";
 // --- Registry validation ---
 // hooks.json is fetched at runtime from raw.githubusercontent.com, so any
 // downstream code that interpolates registry values into shell commands or
@@ -539,31 +538,6 @@ function writeMergedSettings(resolved, hook, parsed) {
     }
     return { mutated };
 }
-/**
- * Write `content` to `filePath` atomically and TOCTOU-safely.
- *
- * A predictable tmp name like `settings.json.tmp` lets a local attacker
- * pre-create that path as a symlink pointing at, say, ~/.ssh/authorized_keys
- * — the next install would then clobber the link target. Defenses: random
- * suffix so the tmp name can't be predicted, plus O_CREAT|O_EXCL so we
- * refuse to open the path at all if anything (file or symlink) exists
- * there. Restrictive 0o600 perms in case the parent directory is
- * world-writable. Final rename(2) is the atomic step.
- */
-function atomicWriteFile(filePath, content) {
-    const dir = path.dirname(filePath);
-    const base = path.basename(filePath);
-    const suffix = crypto.randomBytes(8).toString("hex");
-    const tmp = path.join(dir, `.${base}.${suffix}.tmp`);
-    const fd = fs.openSync(tmp, fs.constants.O_CREAT | fs.constants.O_EXCL | fs.constants.O_WRONLY, 0o600);
-    try {
-        fs.writeSync(fd, content);
-    }
-    finally {
-        fs.closeSync(fd);
-    }
-    fs.renameSync(tmp, filePath);
-}
 export function loadHooksConfig(packageRoot) {
     const configPath = path.join(packageRoot, ".claude", "hooks", "hooks.json");
     const raw = JSON.parse(fs.readFileSync(configPath, "utf-8"));

package/dist/plugins.js

@@ -1,7 +1,10 @@
 import fs from "node:fs";
+import os from "node:os";
 import path from "node:path";
 import { checkbox, select } from "@inquirer/prompts";
-import { exec, log, withEsc } from "./utils.js";
+import { parse as parseToml, stringify as stringifyToml } from "smol-toml";
+import { codexManifestPath, validateCodexInstallConfig, validateCodexMarketplace, } from "./codex-plugin-config.js";
+import { atomicWriteFile, exec, fetchExtraContent, log, readPackageVersion, withEsc } from "./utils.js";
 // Plugin names, marketplace names/sources, and plugin-package names all
 // end up in `claude plugins ...` shell commands via string interpolation.
 // .claude/plugins.json is fetched from raw GitHub at runtime, so every
@@ -73,8 +76,12 @@ function getInstalledPlugins() {
 function resolvePluginSelection(all, selected) {
     if (!selected || (selected.length === 1 && selected[0] === "*"))
         return all;
-    const wanted = new Set(selected);
-    return all.filter((p) => wanted.has(p.name));
+    const byName = new Map(all.map((p) => [p.name, p]));
+    const missing = selected.filter((name) => !byName.has(name));
+    if (missing.length > 0) {
+        throw new Error(`${missing.join(", ")} not available for Claude Code plugins; available: ${all.map((p) => p.name).join(", ")}`);
+    }
+    return selected.map((name) => byName.get(name));
 }
 function getInstalledMarketplaces() {
     try {
@@ -89,7 +96,233 @@ function getInstalledMarketplaces() {
         return new Set();
     }
 }
+function loadCodexMarketplace(packageRoot) {
+    const marketplacePath = path.join(packageRoot, ".agents", "plugins", "marketplace.json");
+    if (!fs.existsSync(marketplacePath))
+        return null;
+    const raw = JSON.parse(fs.readFileSync(marketplacePath, "utf-8"));
+    validateCodexMarketplace(raw);
+    return raw;
+}
+function loadCodexInstallConfig(packageRoot) {
+    const installPath = path.join(packageRoot, ".agents", "plugins", "install.json");
+    if (!fs.existsSync(installPath))
+        return null;
+    const raw = JSON.parse(fs.readFileSync(installPath, "utf-8"));
+    validateCodexInstallConfig(raw);
+    return raw;
+}
+function resolveCodexPluginSelection(all, selected) {
+    if (!selected)
+        return all.filter((p) => p.defaultOn !== false);
+    if (selected.length === 1 && selected[0] === "*")
+        return all;
+    const byName = new Map(all.map((p) => [p.name, p]));
+    const missing = selected.filter((name) => !byName.has(name));
+    if (missing.length > 0) {
+        throw new Error(`${missing.join(", ")} not available for Codex plugins; available: ${all.map((p) => p.name).join(", ")}`);
+    }
+    return selected.map((name) => byName.get(name));
+}
+function codexHome() {
+    return process.env.CODEX_HOME || path.join(os.homedir(), ".codex");
+}
+function shellQuote(value) {
+    return `'${value.replace(/'/g, "'\\''")}'`;
+}
+function codexMarketplaceAddCommand(packageRoot) {
+    if (process.env.DEV === "1") {
+        return `codex plugin marketplace add ${shellQuote(packageRoot)}`;
+    }
+    const ref = process.env.AURIGA_CONTENT_REF || `v${readPackageVersion()}`;
+    return `codex plugin marketplace add Ben2pc/auriga-cli --ref ${shellQuote(ref)}`;
+}
+function pluginHasHooks(packageRoot, plugin) {
+    const relativeManifestPath = codexManifestPath(plugin);
+    if (!relativeManifestPath)
+        return false;
+    const manifestPath = path.join(packageRoot, relativeManifestPath);
+    if (!fs.existsSync(manifestPath))
+        return false;
+    const manifest = JSON.parse(fs.readFileSync(manifestPath, "utf-8"));
+    return typeof manifest.hooks === "string" || Array.isArray(manifest.hooks);
+}
+async function ensureCodexPluginManifests(packageRoot, plugins) {
+    for (const plugin of plugins) {
+        const manifestPath = codexManifestPath(plugin);
+        if (!manifestPath) {
+            throw new Error(`Codex marketplace.json: plugin ${plugin.name} must use a local source.path`);
+        }
+        if (fs.existsSync(path.join(packageRoot, manifestPath)))
+            continue;
+        await fetchExtraContent(packageRoot, manifestPath);
+    }
+}
+function ensureTomlBoolean(content, section, key, value) {
+    const line = `${key} = ${value ? "true" : "false"}`;
+    const header = `[${section}]`;
+    const lines = content.length > 0 ? content.split(/\r?\n/) : [];
+    const start = lines.findIndex((l) => l.trim() === header);
+    if (start === -1) {
+        const prefix = content.trimEnd();
+        return `${prefix}${prefix ? "\n\n" : ""}${header}\n${line}\n`;
+    }
+    let end = lines.length;
+    for (let i = start + 1; i < lines.length; i += 1) {
+        if (/^\s*\[/.test(lines[i])) {
+            end = i;
+            break;
+        }
+    }
+    const keyRe = new RegExp(`^\\s*${key}\\s*=`);
+    for (let i = start + 1; i < end; i += 1) {
+        if (keyRe.test(lines[i])) {
+            lines[i] = line;
+            return lines.join("\n");
+        }
+    }
+    lines.splice(end, 0, line);
+    return lines.join("\n");
+}
+function parseCodexConfigToml(content, configPath) {
+    if (content.trim().length === 0)
+        return {};
+    try {
+        return parseToml(content);
+    }
+    catch (e) {
+        throw new Error(`Codex config.toml is invalid TOML at ${configPath}: ${e.message}`);
+    }
+}
+function isTomlTable(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function getOrCreateTomlTable(parent, key, pathLabel) {
+    const existing = parent[key];
+    if (existing === undefined) {
+        const table = {};
+        parent[key] = table;
+        return table;
+    }
+    if (!isTomlTable(existing)) {
+        throw new Error(`Codex config.toml: ${pathLabel} must be a TOML table`);
+    }
+    return existing;
+}
+function buildCodexPluginConfigToml(originalContent, configPath, pluginKeys, needsPluginHooks) {
+    const parsed = parseCodexConfigToml(originalContent, configPath);
+    const features = getOrCreateTomlTable(parsed, "features", "features");
+    features.plugins = true;
+    if (needsPluginHooks) {
+        features.plugin_hooks = true;
+    }
+    const plugins = getOrCreateTomlTable(parsed, "plugins", "plugins");
+    for (const pluginKey of pluginKeys) {
+        const plugin = getOrCreateTomlTable(plugins, pluginKey, `plugins.${JSON.stringify(pluginKey)}`);
+        plugin.enabled = true;
+    }
+    return stringifyToml(parsed);
+}
+function tryMinimalCodexPluginConfigToml(originalContent, configPath, pluginKeys, needsPluginHooks) {
+    let content = originalContent;
+    content = ensureTomlBoolean(content, "features", "plugins", true);
+    if (needsPluginHooks) {
+        content = ensureTomlBoolean(content, "features", "plugin_hooks", true);
+    }
+    for (const pluginKey of pluginKeys) {
+        content = ensureTomlBoolean(content, `plugins."${pluginKey}"`, "enabled", true);
+    }
+    try {
+        parseToml(content);
+        return content;
+    }
+    catch {
+        // Existing configs may use legal TOML forms such as inline tables
+        // (`features = { plugins = false }`). In that case, a local section
+        // insertion would redefine the table, so fall back to structured output.
+        parseCodexConfigToml(originalContent, configPath);
+        return null;
+    }
+}
+function enableCodexPluginConfig(configPath, pluginKeys, needsPluginHooks) {
+    fs.mkdirSync(path.dirname(configPath), { recursive: true });
+    const originalContent = fs.existsSync(configPath) ? fs.readFileSync(configPath, "utf-8") : "";
+    const minimalContent = tryMinimalCodexPluginConfigToml(originalContent, configPath, pluginKeys, needsPluginHooks);
+    const content = minimalContent ?? buildCodexPluginConfigToml(originalContent, configPath, pluginKeys, needsPluginHooks);
+    atomicWriteFile(configPath, content.endsWith("\n") ? content : `${content}\n`);
+}
+async function installCodexPlugins(packageRoot, opts) {
+    const marketplace = loadCodexMarketplace(packageRoot);
+    if (!marketplace) {
+        const msg = "No .agents/plugins/marketplace.json found";
+        if (!opts.interactive)
+            throw new Error(msg);
+        log.warn(msg);
+        return;
+    }
+    const installConfig = loadCodexInstallConfig(packageRoot);
+    if (!installConfig) {
+        const msg = "No .agents/plugins/install.json found";
+        if (!opts.interactive)
+            throw new Error(msg);
+        log.warn(msg);
+        return;
+    }
+    const marketplaceByName = new Map(marketplace.plugins.map((p) => [p.name, p]));
+    const selected = opts.interactive
+        ? await withEsc(checkbox({
+            message: "Select Codex plugins to install:",
+            choices: installConfig.plugins.map((p) => ({
+                name: p.description ? `${p.name} — ${p.description}` : p.name,
+                value: p,
+                checked: p.defaultOn !== false,
+            })),
+        }))
+        : resolveCodexPluginSelection(installConfig.plugins, opts.selected);
+    if (selected.length === 0) {
+        log.skip("No Codex plugins selected");
+        return;
+    }
+    const failures = [];
+    try {
+        exec(codexMarketplaceAddCommand(packageRoot), { inherit: true });
+        log.ok(`Codex marketplace ${marketplace.name} added`);
+    }
+    catch {
+        log.error(`Failed to add Codex marketplace: ${marketplace.name}`);
+        failures.push(`codex marketplace ${marketplace.name}`);
+    }
+    if (failures.length === 0) {
+        const selectedMarketplacePlugins = selected.map((p) => {
+            const plugin = marketplaceByName.get(p.name);
+            if (!plugin) {
+                throw new Error(`Codex install.json: plugin ${p.name} is not present in marketplace.json`);
+            }
+            return plugin;
+        });
+        await ensureCodexPluginManifests(packageRoot, selectedMarketplacePlugins);
+        const pluginKeys = selectedMarketplacePlugins.map((p) => `${p.name}@${marketplace.name}`);
+        const needsPluginHooks = selectedMarketplacePlugins.some((p) => pluginHasHooks(packageRoot, p));
+        enableCodexPluginConfig(path.join(codexHome(), "config.toml"), pluginKeys, needsPluginHooks);
+        for (const plugin of selected) {
+            log.ok(`${plugin.name} enabled for Codex`);
+        }
+    }
+    if (failures.length > 0 && !opts.interactive) {
+        throw new Error(`${failures.length} Codex plugin operation(s) failed: ${failures.join(", ")}`);
+    }
+}
 export async function installPlugins(packageRoot, opts) {
+    const agent = opts.interactive
+        ? await withEsc(select({
+            message: "Plugins target runtime:",
+            choices: [
+                { name: "Claude Code", value: "claude" },
+                { name: "Codex", value: "codex" },
+                { name: "Both", value: "both" },
+            ],
+        }))
+        : opts.agent ?? "claude";
     // Non-interactive path already ran `precheckExternal(["plugins"])` in
     // cli.ts's runAll / runSingle before dispatching here, so rechecking
     // `which claude` would be a redundant subprocess on every install.
@@ -97,25 +330,51 @@ export async function installPlugins(packageRoot, opts) {
     // validate there — and fail soft (log-and-return) to match the menu's
     // continue-on-failure ergonomics.
     if (opts.interactive) {
-        try {
-            exec("which claude");
+        if (agent === "claude" || agent === "both") {
+            try {
+                exec("which claude");
+            }
+            catch {
+                log.error("'claude' CLI not found. Please install Claude Code first.");
+                return;
+            }
         }
-        catch {
-            log.error("'claude' CLI not found. Please install Claude Code first.");
-            return;
+        if (agent === "codex" || agent === "both") {
+            try {
+                exec("which codex");
+            }
+            catch {
+                log.error("'codex' CLI not found. Please install Codex first.");
+                return;
+            }
         }
     }
+    if (agent === "codex") {
+        await installCodexPlugins(packageRoot, opts);
+        return;
+    }
+    const failures = [];
     const configPath = path.join(packageRoot, ".claude", "plugins.json");
+    let config = null;
     if (!fs.existsSync(configPath)) {
         log.warn("No .claude/plugins.json found");
-        return;
+        if (agent === "both")
+            failures.push("Claude Code plugins config missing");
+        else
+            return;
     }
-    const raw = JSON.parse(fs.readFileSync(configPath, "utf-8"));
-    validatePluginsConfig(raw);
-    const config = raw;
-    if (config.plugins.length === 0) {
-        log.warn("No plugins defined in plugins.json");
-        return;
+    else {
+        const raw = JSON.parse(fs.readFileSync(configPath, "utf-8"));
+        validatePluginsConfig(raw);
+        config = raw;
+        if (config.plugins.length === 0) {
+            log.warn("No plugins defined in plugins.json");
+            if (agent === "both")
+                failures.push("Claude Code plugins config empty");
+            else
+                return;
+            config = null;
+        }
     }
     const scope = opts.interactive
         ? await withEsc(select({
@@ -126,60 +385,82 @@ export async function installPlugins(packageRoot, opts) {
             ],
         }))
         : opts.scope ?? "project";
-    const installed = getInstalledPlugins();
-    const selected = opts.interactive
-        ? await withEsc(checkbox({
-            message: "Select plugins to install:",
-            choices: config.plugins.map((p) => {
-                const scopes = installed.get(p.package);
-                const suffix = scopes ? ` (installed: ${scopes.join(", ")})` : "";
-                return {
-                    name: `${p.name} — ${p.description}${suffix}`,
-                    value: p,
-                    checked: !scopes || !(scopes.includes("user") && scopes.includes("project")),
-                };
-            }),
-        }))
-        : resolvePluginSelection(config.plugins, opts.selected);
-    if (selected.length === 0) {
-        log.skip("No plugins selected");
-        return;
-    }
-    // Install required marketplaces
-    const existingMarketplaces = getInstalledMarketplaces();
-    const marketplacesToAdd = new Map();
-    for (const plugin of selected) {
-        if (plugin.marketplace && !existingMarketplaces.has(plugin.marketplace.name)) {
-            marketplacesToAdd.set(plugin.marketplace.name, plugin.marketplace.source);
-        }
-    }
-    const failures = [];
-    for (const [name, source] of marketplacesToAdd) {
-        console.log(`\nAdding marketplace: ${name}...`);
+    if (config) {
+        const installed = getInstalledPlugins();
+        let selected;
         try {
-            exec(`claude plugins marketplace add ${source}`, { inherit: true });
-            log.ok(`Marketplace ${name} added`);
+            selected = opts.interactive
+                ? await withEsc(checkbox({
+                    message: "Select plugins to install:",
+                    choices: config.plugins.map((p) => {
+                        const scopes = installed.get(p.package);
+                        const suffix = scopes ? ` (installed: ${scopes.join(", ")})` : "";
+                        return {
+                            name: `${p.name} — ${p.description}${suffix}`,
+                            value: p,
+                            checked: !scopes || !(scopes.includes("user") && scopes.includes("project")),
+                        };
+                    }),
+                }))
+                : resolvePluginSelection(config.plugins, opts.selected);
         }
-        catch {
-            log.error(`Failed to add marketplace: ${name}`);
-            failures.push(`marketplace ${name}`);
+        catch (e) {
+            if (agent !== "both")
+                throw e;
+            selected = [];
+            failures.push(`Claude Code: ${e.message}`);
         }
-    }
-    // Install plugins
-    for (const plugin of selected) {
-        console.log(`\nInstalling ${plugin.name}...`);
-        try {
-            exec(`claude plugins install ${plugin.package} --scope ${scope}`, {
-                inherit: true,
-            });
-            log.ok(`${plugin.name} installed`);
+        if (selected.length === 0) {
+            log.skip("No plugins selected");
         }
-        catch {
-            log.error(`Failed to install: ${plugin.name}`);
-            failures.push(plugin.name);
+        else {
+            // Install required marketplaces
+            const existingMarketplaces = getInstalledMarketplaces();
+            const marketplacesToAdd = new Map();
+            for (const plugin of selected) {
+                if (plugin.marketplace && !existingMarketplaces.has(plugin.marketplace.name)) {
+                    marketplacesToAdd.set(plugin.marketplace.name, plugin.marketplace.source);
+                }
+            }
+            for (const [name, source] of marketplacesToAdd) {
+                console.log(`\nAdding marketplace: ${name}...`);
+                try {
+                    exec(`claude plugins marketplace add ${source}`, { inherit: true });
+                    log.ok(`Marketplace ${name} added`);
+                }
+                catch {
+                    log.error(`Failed to add marketplace: ${name}`);
+                    failures.push(`marketplace ${name}`);
+                }
+            }
+            // Install plugins
+            for (const plugin of selected) {
+                console.log(`\nInstalling ${plugin.name}...`);
+                try {
+                    exec(`claude plugins install ${plugin.package} --scope ${scope}`, {
+                        inherit: true,
+                    });
+                    log.ok(`${plugin.name} installed`);
+                }
+                catch {
+                    log.error(`Failed to install: ${plugin.name}`);
+                    failures.push(plugin.name);
+                }
+            }
         }
     }
-    if (failures.length > 0 && !opts.interactive) {
+    if (failures.length > 0 && !opts.interactive && agent !== "both") {
         throw new Error(`${failures.length} plugin operation(s) failed: ${failures.join(", ")}`);
     }
+    if (agent === "both") {
+        try {
+            await installCodexPlugins(packageRoot, opts);
+        }
+        catch (e) {
+            failures.push(`codex: ${e.message}`);
+        }
+        if (failures.length > 0 && !opts.interactive) {
+            throw new Error(`${failures.length} plugin operation(s) failed: ${failures.join(", ")}`);
+        }
+    }
 }

package/dist/utils.d.ts

@@ -19,6 +19,7 @@ export interface PluginDef {
 export interface PluginsConfig {
     plugins: PluginDef[];
 }
+export type PluginAgent = "claude" | "codex" | "both";
 /**
  * Shared install function argument shape. Each installer consumes the
  * subset of fields meaningful to its category; irrelevant fields are
@@ -35,6 +36,8 @@ export interface InstallOpts {
     cwd?: string;
     /** skills / recommended / plugins / hooks — `"user"` means install globally. */
     scope?: "project" | "user";
+    /** plugins only — runtime to install plugins for. Defaults to Claude Code. */
+    agent?: PluginAgent;
     /**
      * sub-item filter. `undefined` = full set of this category.
      * Names are validated against the catalog by the CLI layer; installers
@@ -73,6 +76,16 @@ export declare function readPackageVersion(): string;
 export declare function fetchContentRoot(): Promise<string>;
 export declare function fetchExtraContent(tmpDir: string, file: string): Promise<void>;
 export declare function fetchExtraContentBinary(tmpDir: string, file: string): Promise<void>;
+/**
+ * Write `content` to `filePath` atomically and TOCTOU-safely.
+ *
+ * A predictable tmp name like `settings.json.tmp` lets a local attacker
+ * pre-create that path as a symlink pointing at, say, ~/.ssh/authorized_keys.
+ * Defenses: random suffix so the tmp name can't be predicted, plus
+ * O_CREAT|O_EXCL so we refuse to open the path if anything already exists.
+ * Final rename(2) is the atomic step.
+ */
+export declare function atomicWriteFile(filePath: string, content: string): void;
 export declare function withEsc<T>(prompt: Promise<T> & {
     cancel?: () => void;
 }): Promise<T>;

package/dist/utils.js

@@ -1,5 +1,6 @@
 import { execSync } from "node:child_process";
 import { fileURLToPath } from "node:url";
+import crypto from "node:crypto";
 import fs from "node:fs";
 import os from "node:os";
 import path from "node:path";
@@ -91,6 +92,8 @@ const CONTENT_FILES = [
     "CLAUDE.md",
     "skills-lock.json",
     ".claude/plugins.json",
+    ".agents/plugins/marketplace.json",
+    ".agents/plugins/install.json",
     ".claude/hooks/hooks.json",
 ];
 async function fetchFile(file) {
@@ -134,6 +137,29 @@ export async function fetchExtraContentBinary(tmpDir, file) {
     fs.mkdirSync(path.dirname(dest), { recursive: true });
     fs.writeFileSync(dest, buf);
 }
+/**
+ * Write `content` to `filePath` atomically and TOCTOU-safely.
+ *
+ * A predictable tmp name like `settings.json.tmp` lets a local attacker
+ * pre-create that path as a symlink pointing at, say, ~/.ssh/authorized_keys.
+ * Defenses: random suffix so the tmp name can't be predicted, plus
+ * O_CREAT|O_EXCL so we refuse to open the path if anything already exists.
+ * Final rename(2) is the atomic step.
+ */
+export function atomicWriteFile(filePath, content) {
+    const dir = path.dirname(filePath);
+    const base = path.basename(filePath);
+    const suffix = crypto.randomBytes(8).toString("hex");
+    const tmp = path.join(dir, `.${base}.${suffix}.tmp`);
+    const fd = fs.openSync(tmp, fs.constants.O_CREAT | fs.constants.O_EXCL | fs.constants.O_WRONLY, 0o600);
+    try {
+        fs.writeSync(fd, content);
+    }
+    finally {
+        fs.closeSync(fd);
+    }
+    fs.renameSync(tmp, filePath);
+}
 // --- ESC support ---
 export function withEsc(prompt) {
     const onKeypress = (_, key) => {
@@ -294,8 +320,8 @@ export function printBanner(version) {
         ? renderBannerPlain(pixels)
         : renderBannerWithShadow(pixels, SHADOW_DX, SHADOW_DY);
     const subtitle = noColor
-        ? `  Claude Code Harness Installer  v${version}`
-        : `${dim}  Claude Code Harness Installer  v${version}${reset}`;
+        ? `  Auriga Harness Installer  v${version}`
+        : `${dim}  Auriga Harness Installer  v${version}${reset}`;
     console.log("");
     console.log(art);
     console.log(subtitle);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "auriga-cli",
-  "version": "1.9.4",
+  "version": "1.10.1",
   "description": "Interactive CLI to install Claude Code harness modules (Workflow, Skills, Recommended Skills, Plugins, Hooks)",
   "license": "MIT",
   "repository": {
@@ -25,17 +25,20 @@
     "dev": "tsc --watch",
     "start": "node dist/cli.js",
     "pretest": "npm run build",
-    "test": "tsc -p tsconfig.test.json && DEV=1 node --test --experimental-test-module-mocks dist-test/tests/hooks.test.js dist-test/tests/skills.test.js dist-test/tests/catalog.test.js dist-test/tests/cli-parse.test.js dist-test/tests/install-nontty.test.js dist-test/tests/guide.test.js dist-test/tests/validators.test.js dist-test/tests/entrypoint.test.js",
-    "test:watch": "tsc -p tsconfig.test.json --watch & node --test --watch --experimental-test-module-mocks dist-test/tests/hooks.test.js dist-test/tests/skills.test.js dist-test/tests/catalog.test.js dist-test/tests/cli-parse.test.js dist-test/tests/install-nontty.test.js dist-test/tests/guide.test.js dist-test/tests/validators.test.js dist-test/tests/entrypoint.test.js",
+    "test": "tsc -p tsconfig.test.json && DEV=1 node --test --experimental-test-module-mocks dist-test/tests/hooks.test.js dist-test/tests/skills.test.js dist-test/tests/catalog.test.js dist-test/tests/cli-parse.test.js dist-test/tests/install-nontty.test.js dist-test/tests/plugins.test.js dist-test/tests/content-fetch.test.js dist-test/tests/utils.test.js dist-test/tests/guide.test.js dist-test/tests/validators.test.js dist-test/tests/entrypoint.test.js",
+    "test:watch": "tsc -p tsconfig.test.json --watch & node --test --watch --experimental-test-module-mocks dist-test/tests/hooks.test.js dist-test/tests/skills.test.js dist-test/tests/catalog.test.js dist-test/tests/cli-parse.test.js dist-test/tests/install-nontty.test.js dist-test/tests/plugins.test.js dist-test/tests/content-fetch.test.js dist-test/tests/utils.test.js dist-test/tests/guide.test.js dist-test/tests/validators.test.js dist-test/tests/entrypoint.test.js",
     "pretest:e2e": "npm run build",
-    "test:e2e": "tsc -p tsconfig.test.json && node --test dist-test/tests/e2e-install.test.js"
+    "test:e2e": "tsc -p tsconfig.test.json && node --test dist-test/tests/e2e-install.test.js",
+    "test:session-instructions-loader": "node tests/session-instructions-loader.test.mjs",
+    "test:pr-guards": "node tests/pr-create-guard.test.mjs && node tests/pr-ready-guard.test.mjs"
   },
   "engines": {
     "node": ">=18"
   },
   "dependencies": {
     "@inquirer/prompts": "^8.0.0",
-    "gray-matter": "^4.0.3"
+    "gray-matter": "^4.0.3",
+    "smol-toml": "^1.6.1"
   },
   "devDependencies": {
     "@types/node": "^22.0.0",