doer-agent 0.4.2 → 0.4.4

package/dist/agent-settings-rpc.js

@@ -0,0 +1,75 @@
+import { readFile } from "node:fs/promises";
+import { StringCodec } from "nats";
+import { normalizeAgentSettingsConfig, normalizeAgentSettingsPatch, readAgentSettingsConfig, resolveAgentSettingsFilePath, toAgentSettingsPublic, writeAgentModelInstructions, writeAgentSettingsConfig, } from "./agent-settings.js";
+const settingsRpcCodec = StringCodec();
+function normalizeSettingsRpcRequest(args) {
+    const requestId = typeof args.request.requestId === "string" ? args.request.requestId.trim() : "";
+    const responseSubject = typeof args.request.responseSubject === "string" ? args.request.responseSubject.trim() : "";
+    const requestAgentId = typeof args.request.agentId === "string" ? args.request.agentId.trim() : "";
+    const action = args.request.action === "update" ? "update" : "get";
+    if (!requestId || !responseSubject || !requestAgentId || requestAgentId !== args.agentId) {
+        throw new Error("invalid settings rpc request");
+    }
+    return {
+        requestId,
+        responseSubject,
+        action,
+        patch: normalizeAgentSettingsPatch(args.request.patch),
+        defaults: args.request.defaults && typeof args.request.defaults === "object" && !Array.isArray(args.request.defaults)
+            ? normalizeAgentSettingsConfig(args.request.defaults)
+            : null,
+    };
+}
+function publishSettingsRpcResponse(args) {
+    args.nc.publish(args.responseSubject, settingsRpcCodec.encode(JSON.stringify(args.payload)));
+}
+export async function handleSettingsRpcMessage(args) {
+    let requestId = "unknown";
+    let responseSubject = "";
+    try {
+        const payload = JSON.parse(settingsRpcCodec.decode(args.msg.data));
+        const request = normalizeSettingsRpcRequest({ request: payload, agentId: args.agentId });
+        requestId = request.requestId;
+        responseSubject = request.responseSubject;
+        const existing = await readAgentSettingsConfig({ workspaceRoot: args.workspaceRoot, defaults: request.defaults });
+        const next = request.action === "update" ? normalizeAgentSettingsConfig(request.patch, existing) : existing;
+        if (request.action === "update") {
+            await writeAgentSettingsConfig({ workspaceRoot: args.workspaceRoot, config: next });
+            const customInstructions = typeof request.patch.customInstructions === "string"
+                ? request.patch.customInstructions
+                : request.patch.customInstructions === null
+                    ? null
+                    : undefined;
+            if (customInstructions !== undefined) {
+                await writeAgentModelInstructions({ workspaceRoot: args.workspaceRoot, value: customInstructions });
+            }
+        }
+        else if (request.defaults) {
+            const filePath = resolveAgentSettingsFilePath(args.workspaceRoot);
+            const raw = await readFile(filePath, "utf8").catch(() => "");
+            if (!raw.trim()) {
+                await writeAgentSettingsConfig({ workspaceRoot: args.workspaceRoot, config: next });
+            }
+        }
+        publishSettingsRpcResponse({
+            nc: args.nc,
+            responseSubject,
+            payload: {
+                requestId,
+                ok: true,
+                settings: await toAgentSettingsPublic({ workspaceRoot: args.workspaceRoot, config: next }),
+            },
+        });
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (responseSubject) {
+            publishSettingsRpcResponse({
+                nc: args.nc,
+                responseSubject,
+                payload: { requestId, ok: false, error: message },
+            });
+        }
+        args.onError(`settings rpc failed requestId=${requestId} error=${message}`);
+    }
+}

package/dist/agent-settings.js

@@ -0,0 +1,397 @@
+import path from "node:path";
+import { mkdir, readFile, unlink, writeFile } from "node:fs/promises";
+function resolveAgentSettingsDir(workspaceRoot) {
+    return path.join(workspaceRoot, ".doer-agent");
+}
+export function resolveAgentSettingsFilePath(workspaceRoot) {
+    return path.join(resolveAgentSettingsDir(workspaceRoot), "config.json");
+}
+export function resolveAgentModelInstructionsFilePath(workspaceRoot) {
+    return path.join(resolveAgentSettingsDir(workspaceRoot), "model-instructions.md");
+}
+export function createDefaultAgentSettingsConfig() {
+    return {
+        general: {
+            personality: "pragmatic",
+        },
+        codex: {
+            model: "gpt-5.4",
+            authMode: "api_key",
+        },
+        realtime: {
+            model: process.env.OPENAI_REALTIME_MODEL?.trim() || "gpt-realtime",
+            voice: process.env.OPENAI_REALTIME_VOICE?.trim() || "alloy",
+            wakeName: null,
+            requireWakeName: true,
+            apiKey: null,
+        },
+        git: {
+            enabled: true,
+            name: null,
+            email: null,
+            authMode: "none",
+            oauthToken: null,
+            oauthLogin: null,
+            oauthScope: null,
+        },
+        aws: {
+            enabled: true,
+            accessKeyId: null,
+            defaultRegion: null,
+            secretAccessKey: null,
+            sessionToken: null,
+        },
+        jira: {
+            baseUrl: null,
+            email: null,
+            enabled: false,
+            apiToken: null,
+        },
+        notion: {
+            baseUrl: "https://api.notion.com",
+            version: "2022-06-28",
+            enabled: false,
+            apiToken: null,
+        },
+        slack: {
+            baseUrl: "https://slack.com/api",
+            enabled: false,
+            botToken: null,
+        },
+        figma: {
+            baseUrl: "https://api.figma.com",
+            enabled: false,
+            apiToken: null,
+        },
+    };
+}
+function normalizeNullableString(value) {
+    if (value === null) {
+        return null;
+    }
+    if (typeof value !== "string") {
+        return null;
+    }
+    const trimmed = value.trim();
+    return trimmed ? trimmed : null;
+}
+function normalizeCodexPersonality(value, fallback) {
+    return value === "friendly" || value === "pragmatic" ? value : fallback;
+}
+export function normalizeAgentSettingsConfig(value, fallback) {
+    const base = fallback ?? createDefaultAgentSettingsConfig();
+    const raw = value && typeof value === "object" && !Array.isArray(value) ? value : {};
+    const general = raw.general && typeof raw.general === "object" ? raw.general : {};
+    const codex = raw.codex && typeof raw.codex === "object" ? raw.codex : {};
+    const realtime = raw.realtime && typeof raw.realtime === "object" ? raw.realtime : {};
+    const git = raw.git && typeof raw.git === "object" ? raw.git : {};
+    const aws = raw.aws && typeof raw.aws === "object" ? raw.aws : {};
+    const jira = raw.jira && typeof raw.jira === "object" ? raw.jira : {};
+    const notion = raw.notion && typeof raw.notion === "object" ? raw.notion : {};
+    const slack = raw.slack && typeof raw.slack === "object" ? raw.slack : {};
+    const figma = raw.figma && typeof raw.figma === "object" ? raw.figma : {};
+    return {
+        general: {
+            personality: normalizeCodexPersonality(general.personality, base.general.personality),
+        },
+        codex: {
+            model: typeof codex.model === "string" && codex.model.trim() ? codex.model.trim() : base.codex.model,
+            authMode: codex.authMode === "oauth" ? "oauth" : codex.authMode === "api_key" ? "api_key" : base.codex.authMode,
+        },
+        realtime: {
+            model: typeof realtime.model === "string" && realtime.model.trim() ? realtime.model.trim() : base.realtime.model,
+            voice: typeof realtime.voice === "string" && realtime.voice.trim() ? realtime.voice.trim() : base.realtime.voice,
+            wakeName: realtime.wakeName === null ? null : normalizeNullableString(realtime.wakeName) ?? base.realtime.wakeName,
+            requireWakeName: typeof realtime.requireWakeName === "boolean" ? realtime.requireWakeName : base.realtime.requireWakeName,
+            apiKey: realtime.apiKey === null ? null : normalizeNullableString(realtime.apiKey) ?? base.realtime.apiKey,
+        },
+        git: {
+            enabled: typeof git.enabled === "boolean" ? git.enabled : base.git.enabled,
+            name: git.name === null ? null : normalizeNullableString(git.name) ?? base.git.name,
+            email: git.email === null ? null : normalizeNullableString(git.email) ?? base.git.email,
+            authMode: git.authMode === "oauth_app" ? "oauth_app" : git.authMode === "none" ? "none" : base.git.authMode,
+            oauthToken: git.oauthToken === null ? null : normalizeNullableString(git.oauthToken) ?? base.git.oauthToken,
+            oauthLogin: git.oauthLogin === null ? null : normalizeNullableString(git.oauthLogin) ?? base.git.oauthLogin,
+            oauthScope: git.oauthScope === null ? null : normalizeNullableString(git.oauthScope) ?? base.git.oauthScope,
+        },
+        aws: {
+            enabled: typeof aws.enabled === "boolean" ? aws.enabled : base.aws.enabled,
+            accessKeyId: aws.accessKeyId === null ? null : normalizeNullableString(aws.accessKeyId) ?? base.aws.accessKeyId,
+            defaultRegion: aws.defaultRegion === null ? null : normalizeNullableString(aws.defaultRegion) ?? base.aws.defaultRegion,
+            secretAccessKey: aws.secretAccessKey === null
+                ? null
+                : normalizeNullableString(aws.secretAccessKey) ?? base.aws.secretAccessKey,
+            sessionToken: aws.sessionToken === null ? null : normalizeNullableString(aws.sessionToken) ?? base.aws.sessionToken,
+        },
+        jira: {
+            baseUrl: jira.baseUrl === null ? null : normalizeNullableString(jira.baseUrl) ?? base.jira.baseUrl,
+            email: jira.email === null ? null : normalizeNullableString(jira.email) ?? base.jira.email,
+            enabled: typeof jira.enabled === "boolean" ? jira.enabled : base.jira.enabled,
+            apiToken: jira.apiToken === null ? null : normalizeNullableString(jira.apiToken) ?? base.jira.apiToken,
+        },
+        notion: {
+            baseUrl: notion.baseUrl === null ? null : normalizeNullableString(notion.baseUrl) ?? base.notion.baseUrl,
+            version: notion.version === null ? null : normalizeNullableString(notion.version) ?? base.notion.version,
+            enabled: typeof notion.enabled === "boolean" ? notion.enabled : base.notion.enabled,
+            apiToken: notion.apiToken === null ? null : normalizeNullableString(notion.apiToken) ?? base.notion.apiToken,
+        },
+        slack: {
+            baseUrl: slack.baseUrl === null ? null : normalizeNullableString(slack.baseUrl) ?? base.slack.baseUrl,
+            enabled: typeof slack.enabled === "boolean" ? slack.enabled : base.slack.enabled,
+            botToken: slack.botToken === null ? null : normalizeNullableString(slack.botToken) ?? base.slack.botToken,
+        },
+        figma: {
+            baseUrl: figma.baseUrl === null ? null : normalizeNullableString(figma.baseUrl) ?? base.figma.baseUrl,
+            enabled: typeof figma.enabled === "boolean" ? figma.enabled : base.figma.enabled,
+            apiToken: figma.apiToken === null ? null : normalizeNullableString(figma.apiToken) ?? base.figma.apiToken,
+        },
+    };
+}
+export async function readAgentSettingsConfig(args) {
+    const fallback = normalizeAgentSettingsConfig(args.defaults ?? null);
+    const filePath = resolveAgentSettingsFilePath(args.workspaceRoot);
+    const raw = await readFile(filePath, "utf8").catch(() => "");
+    if (!raw.trim()) {
+        return fallback;
+    }
+    try {
+        return normalizeAgentSettingsConfig(JSON.parse(raw), fallback);
+    }
+    catch {
+        return fallback;
+    }
+}
+export async function writeAgentSettingsConfig(args) {
+    const dir = resolveAgentSettingsDir(args.workspaceRoot);
+    await mkdir(dir, { recursive: true });
+    await writeFile(resolveAgentSettingsFilePath(args.workspaceRoot), `${JSON.stringify(args.config, null, 2)}\n`, "utf8");
+}
+export async function readAgentModelInstructions(workspaceRoot) {
+    const raw = await readFile(resolveAgentModelInstructionsFilePath(workspaceRoot), "utf8").catch(() => "");
+    return raw.trim() ? raw : null;
+}
+export async function writeAgentModelInstructions(args) {
+    const filePath = resolveAgentModelInstructionsFilePath(args.workspaceRoot);
+    const nextValue = typeof args.value === "string" ? args.value.trim() : "";
+    if (!nextValue) {
+        await unlink(filePath).catch(() => undefined);
+        return;
+    }
+    await mkdir(resolveAgentSettingsDir(args.workspaceRoot), { recursive: true });
+    await writeFile(filePath, args.value ?? "", "utf8");
+}
+function maskSecretPreview(secret) {
+    if (secret.length <= 6) {
+        return `${secret.slice(0, 1)}***${secret.slice(-1)}`;
+    }
+    return `${secret.slice(0, 4)}...${secret.slice(-4)}`;
+}
+function toMaskedSecret(value) {
+    if (!value) {
+        return { has: false, masked: null, length: null };
+    }
+    return { has: true, masked: maskSecretPreview(value), length: value.length };
+}
+export async function toAgentSettingsPublic(args) {
+    const realtimeKey = toMaskedSecret(args.config.realtime.apiKey);
+    const gitOauth = toMaskedSecret(args.config.git.oauthToken);
+    const awsSecret = toMaskedSecret(args.config.aws.secretAccessKey);
+    const awsSession = toMaskedSecret(args.config.aws.sessionToken);
+    const jiraToken = toMaskedSecret(args.config.jira.apiToken);
+    const notionToken = toMaskedSecret(args.config.notion.apiToken);
+    const slackToken = toMaskedSecret(args.config.slack.botToken);
+    const figmaToken = toMaskedSecret(args.config.figma.apiToken);
+    const customInstructions = await readAgentModelInstructions(args.workspaceRoot);
+    return {
+        general: {
+            personality: args.config.general.personality,
+            customInstructions,
+        },
+        codex: {
+            model: args.config.codex.model,
+            authMode: args.config.codex.authMode,
+            hasApiKey: false,
+            apiKeyMasked: null,
+            apiKeyLength: null,
+        },
+        realtime: {
+            model: args.config.realtime.model,
+            voice: args.config.realtime.voice,
+            wakeName: args.config.realtime.wakeName,
+            requireWakeName: args.config.realtime.requireWakeName,
+            hasApiKey: realtimeKey.has,
+            apiKeyMasked: realtimeKey.masked,
+            apiKeyLength: realtimeKey.length,
+        },
+        git: {
+            enabled: args.config.git.enabled,
+            name: args.config.git.name,
+            email: args.config.git.email,
+            authMode: args.config.git.authMode,
+            hasOauthToken: gitOauth.has,
+            oauthTokenMasked: gitOauth.masked,
+            oauthTokenLength: gitOauth.length,
+            oauthLogin: args.config.git.oauthLogin,
+            oauthScope: args.config.git.oauthScope,
+        },
+        aws: {
+            enabled: args.config.aws.enabled,
+            accessKeyId: args.config.aws.accessKeyId,
+            defaultRegion: args.config.aws.defaultRegion,
+            hasSecretAccessKey: awsSecret.has,
+            secretAccessKeyMasked: awsSecret.masked,
+            secretAccessKeyLength: awsSecret.length,
+            hasSessionToken: awsSession.has,
+            sessionTokenMasked: awsSession.masked,
+            sessionTokenLength: awsSession.length,
+        },
+        jira: {
+            baseUrl: args.config.jira.baseUrl,
+            email: args.config.jira.email,
+            enabled: args.config.jira.enabled,
+            hasApiToken: jiraToken.has,
+            apiTokenMasked: jiraToken.masked,
+            apiTokenLength: jiraToken.length,
+        },
+        notion: {
+            baseUrl: args.config.notion.baseUrl,
+            version: args.config.notion.version,
+            enabled: args.config.notion.enabled,
+            hasApiToken: notionToken.has,
+            apiTokenMasked: notionToken.masked,
+            apiTokenLength: notionToken.length,
+        },
+        slack: {
+            baseUrl: args.config.slack.baseUrl,
+            enabled: args.config.slack.enabled,
+            hasBotToken: slackToken.has,
+            botTokenMasked: slackToken.masked,
+            botTokenLength: slackToken.length,
+        },
+        figma: {
+            baseUrl: args.config.figma.baseUrl,
+            enabled: args.config.figma.enabled,
+            hasApiToken: figmaToken.has,
+            apiTokenMasked: figmaToken.masked,
+            apiTokenLength: figmaToken.length,
+        },
+    };
+}
+export function normalizeAgentSettingsPatch(value) {
+    if (!value || typeof value !== "object" || Array.isArray(value)) {
+        return {};
+    }
+    const raw = value;
+    const patch = { ...raw };
+    const assignNested = (section, key, nextValue) => {
+        const current = patch[section] && typeof patch[section] === "object" && !Array.isArray(patch[section])
+            ? { ...patch[section] }
+            : {};
+        current[key] = nextValue;
+        patch[section] = current;
+    };
+    const move = (flatKey, section, key) => {
+        if (!(flatKey in raw)) {
+            return;
+        }
+        assignNested(section, key, raw[flatKey]);
+        delete patch[flatKey];
+    };
+    move("personality", "general", "personality");
+    move("codexModel", "codex", "model");
+    move("codexAuthMode", "codex", "authMode");
+    move("realtimeModel", "realtime", "model");
+    move("realtimeVoice", "realtime", "voice");
+    move("realtimeWakeName", "realtime", "wakeName");
+    move("realtimeRequireWakeName", "realtime", "requireWakeName");
+    move("realtimeApiKey", "realtime", "apiKey");
+    move("gitEnabled", "git", "enabled");
+    move("gitName", "git", "name");
+    move("gitEmail", "git", "email");
+    move("gitAuthMode", "git", "authMode");
+    move("gitOauthToken", "git", "oauthToken");
+    move("gitOauthLogin", "git", "oauthLogin");
+    move("gitOauthScope", "git", "oauthScope");
+    move("awsEnabled", "aws", "enabled");
+    move("awsAccessKeyId", "aws", "accessKeyId");
+    move("awsDefaultRegion", "aws", "defaultRegion");
+    move("awsSecretAccessKey", "aws", "secretAccessKey");
+    move("awsSessionToken", "aws", "sessionToken");
+    move("jiraBaseUrl", "jira", "baseUrl");
+    move("jiraEmail", "jira", "email");
+    move("jiraEnabled", "jira", "enabled");
+    move("jiraApiToken", "jira", "apiToken");
+    move("notionBaseUrl", "notion", "baseUrl");
+    move("notionVersion", "notion", "version");
+    move("notionEnabled", "notion", "enabled");
+    move("notionApiToken", "notion", "apiToken");
+    move("slackBaseUrl", "slack", "baseUrl");
+    move("slackEnabled", "slack", "enabled");
+    move("slackBotToken", "slack", "botToken");
+    move("figmaBaseUrl", "figma", "baseUrl");
+    move("figmaEnabled", "figma", "enabled");
+    move("figmaApiToken", "figma", "apiToken");
+    return patch;
+}
+export function buildAgentSettingsEnvPatch(config) {
+    const envPatch = {};
+    if (config.git.enabled) {
+        if (config.git.name)
+            envPatch.GIT_AUTHOR_NAME = config.git.name;
+        if (config.git.name)
+            envPatch.GIT_COMMITTER_NAME = config.git.name;
+        if (config.git.email)
+            envPatch.GIT_AUTHOR_EMAIL = config.git.email;
+        if (config.git.email)
+            envPatch.GIT_COMMITTER_EMAIL = config.git.email;
+        if (config.git.oauthToken)
+            envPatch.GITHUB_TOKEN = config.git.oauthToken;
+        if (config.git.oauthToken)
+            envPatch.GH_TOKEN = config.git.oauthToken;
+        if (config.git.oauthLogin)
+            envPatch.DOER_GIT_OAUTH_LOGIN = config.git.oauthLogin;
+        if (config.git.oauthScope)
+            envPatch.DOER_GIT_OAUTH_SCOPE = config.git.oauthScope;
+    }
+    if (config.aws.enabled) {
+        if (config.aws.accessKeyId)
+            envPatch.AWS_ACCESS_KEY_ID = config.aws.accessKeyId;
+        if (config.aws.defaultRegion)
+            envPatch.AWS_DEFAULT_REGION = config.aws.defaultRegion;
+        if (config.aws.defaultRegion)
+            envPatch.AWS_REGION = config.aws.defaultRegion;
+        if (config.aws.secretAccessKey)
+            envPatch.AWS_SECRET_ACCESS_KEY = config.aws.secretAccessKey;
+        if (config.aws.sessionToken)
+            envPatch.AWS_SESSION_TOKEN = config.aws.sessionToken;
+    }
+    if (config.jira.enabled) {
+        if (config.jira.baseUrl)
+            envPatch.JIRA_BASE_URL = config.jira.baseUrl;
+        if (config.jira.email)
+            envPatch.JIRA_EMAIL = config.jira.email;
+        if (config.jira.apiToken)
+            envPatch.JIRA_API_TOKEN = config.jira.apiToken;
+    }
+    if (config.notion.enabled) {
+        if (config.notion.baseUrl)
+            envPatch.NOTION_BASE_URL = config.notion.baseUrl;
+        if (config.notion.version)
+            envPatch.NOTION_VERSION = config.notion.version;
+        if (config.notion.apiToken)
+            envPatch.NOTION_API_TOKEN = config.notion.apiToken;
+    }
+    if (config.slack.enabled) {
+        if (config.slack.baseUrl)
+            envPatch.SLACK_BASE_URL = config.slack.baseUrl;
+        if (config.slack.botToken)
+            envPatch.SLACK_BOT_TOKEN = config.slack.botToken;
+    }
+    if (config.figma.enabled) {
+        if (config.figma.baseUrl)
+            envPatch.FIGMA_BASE_URL = config.figma.baseUrl;
+        if (config.figma.apiToken)
+            envPatch.FIGMA_API_TOKEN = config.figma.apiToken;
+    }
+    return envPatch;
+}

package/dist/agent-skill-rpc.js

@@ -0,0 +1,164 @@
+import path from "node:path";
+import { mkdir, stat, writeFile } from "node:fs/promises";
+import { StringCodec } from "nats";
+const skillRpcCodec = StringCodec();
+function buildSkillGeneratorPrompt(userPrompt) {
+    return [
+        "Create a Codex skill from the user's description.",
+        "",
+        "Return JSON only with this shape:",
+        '{ "skillName": "kebab-or-dot-or-underscore-name", "skillMd": "full SKILL.md content" }',
+        "",
+        "Requirements:",
+        "- skillName must be lowercase ASCII and use only letters, numbers, dot, underscore, or dash.",
+        "- skillName must not start with a dot and must not be .system.",
+        "- skillMd must be a complete SKILL.md file.",
+        "- skillMd must start with YAML frontmatter containing name and description.",
+        "- Keep the skill concise and action-oriented.",
+        "- Include when to use the skill, the core workflow, and any important constraints.",
+        "- Do not add README, changelog, or any extra files.",
+        "",
+        "User request:",
+        userPrompt.trim(),
+    ].join("\n");
+}
+function extractJsonObject(value) {
+    const trimmed = value.trim();
+    if (trimmed.startsWith("{") && trimmed.endsWith("}")) {
+        return trimmed;
+    }
+    const fenced = trimmed.match(/```(?:json)?\s*([\s\S]*?)```/i);
+    if (fenced?.[1]) {
+        return fenced[1].trim();
+    }
+    const start = trimmed.indexOf("{");
+    const end = trimmed.lastIndexOf("}");
+    if (start >= 0 && end > start) {
+        return trimmed.slice(start, end + 1);
+    }
+    throw new Error("Codex did not return JSON");
+}
+function slugifySkillName(value) {
+    return value
+        .trim()
+        .toLowerCase()
+        .replace(/[^a-z0-9._-]+/g, "-")
+        .replace(/^-+|-+$/g, "")
+        .replace(/-{2,}/g, "-");
+}
+function normalizeGeneratedSkill(value) {
+    if (!value || typeof value !== "object" || Array.isArray(value)) {
+        throw new Error("Invalid generated skill payload");
+    }
+    const row = value;
+    const skillName = slugifySkillName(typeof row.skillName === "string" ? row.skillName : "");
+    const skillMd = typeof row.skillMd === "string" ? row.skillMd.trim() : "";
+    if (!skillName || skillName.startsWith(".") || skillName === ".system") {
+        throw new Error("Codex returned an invalid skill name");
+    }
+    if (!skillMd) {
+        throw new Error("Codex returned an empty SKILL.md");
+    }
+    if (!/^---\s*\n[\s\S]*?\n---\s*\n/m.test(skillMd)) {
+        throw new Error("Generated SKILL.md is missing YAML frontmatter");
+    }
+    if (!/\nname:\s*[^\n]+/i.test(skillMd) || !/\ndescription:\s*[^\n]+/i.test(skillMd)) {
+        throw new Error("Generated SKILL.md frontmatter is incomplete");
+    }
+    return { skillName, skillMd };
+}
+function buildSkillGeneratorCodexArgs(prompt, model) {
+    return ["--dangerously-bypass-approvals-and-sandbox", "--model", model, "exec", "--", prompt];
+}
+async function generateSkillViaCodex(args) {
+    const localAgentSettings = await args.readAgentSettingsConfig({ workspaceRoot: args.workspaceRoot });
+    const envPatch = args.buildAgentSettingsEnvPatch(localAgentSettings);
+    const prompt = buildSkillGeneratorPrompt(args.userPrompt);
+    const result = await args.runLocalCodexCli(buildSkillGeneratorCodexArgs(prompt, localAgentSettings.codex.model || "gpt-5.4"), 120_000, envPatch);
+    if (result.timedOut) {
+        throw new Error("Codex timed out while generating the skill");
+    }
+    if ((result.code ?? 1) !== 0) {
+        const details = args.stripAnsi(result.stderr || result.stdout).trim();
+        throw new Error(details || `Codex exited with code ${result.code ?? "null"}`);
+    }
+    const payload = JSON.parse(extractJsonObject(args.stripAnsi(result.stdout)));
+    const generated = normalizeGeneratedSkill(payload);
+    const skillPath = path.join(args.resolveCodexHomePath(), "skills", generated.skillName);
+    const skillFilePath = path.join(skillPath, "SKILL.md");
+    try {
+        await stat(skillPath);
+        throw new Error("A skill with that name already exists");
+    }
+    catch (error) {
+        if (!(error instanceof Error) || !/ENOENT/i.test(error.message)) {
+            throw error;
+        }
+    }
+    await mkdir(skillPath, { recursive: true });
+    await writeFile(skillFilePath, `${generated.skillMd}\n`, "utf8");
+    return {
+        skillName: generated.skillName,
+        skillPath: `.codex/skills/${generated.skillName}`,
+        skillFilePath: `.codex/skills/${generated.skillName}/SKILL.md`,
+    };
+}
+async function handleSkillRpcMessage(args) {
+    let payload = {};
+    try {
+        payload = JSON.parse(skillRpcCodec.decode(args.msg.data));
+        if (typeof payload.agentId === "string" && payload.agentId.trim() && payload.agentId !== args.agentId) {
+            throw new Error("agent id mismatch");
+        }
+        const prompt = typeof payload.prompt === "string" ? payload.prompt.trim() : "";
+        if (!prompt) {
+            throw new Error("prompt is required");
+        }
+        const result = await generateSkillViaCodex({
+            userPrompt: prompt,
+            workspaceRoot: args.workspaceRoot,
+            resolveCodexHomePath: args.resolveCodexHomePath,
+            readAgentSettingsConfig: args.readAgentSettingsConfig,
+            buildAgentSettingsEnvPatch: args.buildAgentSettingsEnvPatch,
+            runLocalCodexCli: args.runLocalCodexCli,
+            stripAnsi: args.stripAnsi,
+        });
+        args.msg.respond(skillRpcCodec.encode(JSON.stringify({
+            ok: true,
+            skillName: result.skillName,
+            skillPath: result.skillPath,
+            skillFilePath: result.skillFilePath,
+        })));
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : "unknown error";
+        args.msg.respond(skillRpcCodec.encode(JSON.stringify({
+            ok: false,
+            error: message,
+        })));
+        args.onError(`skill rpc failed error=${message}`);
+    }
+}
+export function subscribeToSkillRpc(args) {
+    args.nc.subscribe(args.subject, {
+        callback: (error, msg) => {
+            if (error) {
+                const message = error instanceof Error ? error.message : String(error);
+                args.onError(`skill rpc subscription error: ${message}`);
+                return;
+            }
+            void handleSkillRpcMessage({
+                msg,
+                agentId: args.agentId,
+                workspaceRoot: args.workspaceRoot,
+                resolveCodexHomePath: args.resolveCodexHomePath,
+                readAgentSettingsConfig: args.readAgentSettingsConfig,
+                buildAgentSettingsEnvPatch: args.buildAgentSettingsEnvPatch,
+                runLocalCodexCli: args.runLocalCodexCli,
+                stripAnsi: args.stripAnsi,
+                onError: args.onError,
+            });
+        },
+    });
+    args.onInfo(`skill rpc subscribed subject=${args.subject}`);
+}