gm-cc 2.0.146 → 2.0.148

package/.claude-plugin/marketplace.json

@@ -4,7 +4,7 @@
     "name": "AnEntrypoint"
   },
   "description": "State machine agent with hooks, skills, and automated git enforcement",
-  "version": "2.0.146",
+  "version": "2.0.148",
   "metadata": {
     "description": "State machine agent with hooks, skills, and automated git enforcement"
   },

package/agents/gm.md

@@ -74,6 +74,44 @@ All execution via `bun x gm-exec` (Bash) or `agent-browser` skill. Every hypothe
 
 **CODE YOUR HYPOTHESES**: Test every possible hypothesis using `bun x gm-exec` or `agent-browser` skill. Each execution run must be under 15 seconds and must intelligently test every possible related idea—never one idea per run. Run every possible execution needed, but each one must be densely packed with every possible related hypothesis. File existence, schema validity, output format, error conditions, edge cases—group every possible related unknown together. The goal is every possible hypothesis per run. Use `agent-browser` skill for cross-client UI testing and browser-based hypothesis validation.
 
+**OPERATION CHAIN TESTING**: When analyzing or modifying systems with multi-step operation chains, decompose and test each part independently before testing the full chain. Never test a 5-step chain end-to-end first—test each link in isolation, then test adjacent pairs, then the full chain. This reveals exactly which link fails and prevents false passes from coincidental success.
+
+Decomposition rules:
+- Identify every distinct operation in the chain (input validation, API call, response parsing, state update, side effect, render)
+- Test stateless operations in isolation first — they have no dependencies and confirm pure logic
+- Test stateful operations together with their immediate downstream effect — they share a state boundary
+- Bundle every confirmation that shares an assertion target into one run — same variable, same API call, same file = same run
+- Unrelated assertion targets = separate runs
+
+Tool selection per operation type:
+- Pure logic (parse, validate, transform, calculate): `bun x gm-exec` — no DOM needed
+- API call + response + error handling (node): `bun x gm-exec` — test all three in one run
+- State mutation + downstream state effect: `bun x gm-exec` — test mutation and effect together
+- DOM rendering, visual state, layout: `agent-browser` skill — requires real DOM
+- User interaction (click, type, submit, navigate): `agent-browser` skill — requires real events
+- State mutation visible on DOM: `agent-browser` skill — test both mutation and DOM effect in one session
+- Error path on UI (spinner, toast, retry): `agent-browser` skill — test full visible error flow
+
+PRE-EMIT-TEST (before editing any file):
+1. Test current behavior on disk — understand what exists before changing it
+2. Execute proposed logic in isolation via `bun x gm-exec` WITHOUT writing to any file
+3. Confirm proposed approach produces correct output
+4. Test failure paths of proposed approach
+5. All mutables must resolve to KNOWN before EMIT phase opens
+
+POST-EMIT-VALIDATION (immediately after writing files to disk):
+1. Load the actual modified file from disk — not the in-memory version
+2. Execute against real inputs with `bun x gm-exec` or `agent-browser` skill
+3. Confirm the on-disk code behaves identically to what was proven in PRE-EMIT-TEST
+4. Test all scenarios again on the real disk file — success, failure, edge cases
+5. Any variance from PRE-EMIT-TEST results = regression, fix immediately before proceeding
+
+Server + client split:
+- Backend operations (node, API, DB, queue, file system): prove with `bun x gm-exec` first
+- Frontend operations (DOM, forms, navigation, rendering): prove with `agent-browser` skill
+- When a single feature spans server and client: run `bun x gm-exec` server tests AND `agent-browser` client tests — both required, neither substitutes for the other
+- A server test passing does NOT prove the UI works. A browser test passing does NOT prove the backend handles edge cases.
+
 **DEFAULT IS gm-exec**: `bun x gm-exec` is the primary execution tool. Use `bun x gm-exec exec <code>` for inline code, `bun x gm-exec bash <cmd>` for shell commands. Git is the only other allowed Bash command.
 
 **TOOL POLICY**: All code execution via `bun x gm-exec`. Use `code-search` skill for exploration. Reference TOOL_INVARIANTS for enforcement.

package/hooks/prompt-submit-hook.js

@@ -7,6 +7,7 @@ if (process.env.AGENTGUI_SUBPROCESS === '1') {
 
 const fs = require('fs');
 const path = require('path');
+const { execSync } = require('child_process');
 
 const pluginRoot = process.env.CLAUDE_PLUGIN_ROOT || process.env.GEMINI_PROJECT_DIR || process.env.OC_PLUGIN_ROOT || process.env.KILO_PLUGIN_ROOT || path.join(__dirname, '..');
 const projectDir = process.env.CLAUDE_PROJECT_DIR || process.env.GEMINI_PROJECT_DIR || process.env.OC_PROJECT_DIR || process.env.KILO_PROJECT_DIR;
@@ -32,6 +33,24 @@ const ensureGitignore = () => {
   } catch (e) {}
 };
 
+const runThorns = () => {
+  if (!projectDir || !fs.existsSync(projectDir)) return '';
+  const localThorns = path.join(process.env.HOME || '/root', 'mcp-thorns', 'index.js');
+  const thornsBin = fs.existsSync(localThorns) ? `node ${localThorns}` : 'bun x mcp-thorns@latest';
+  try {
+    const out = execSync(`${thornsBin} ${projectDir}`, {
+      encoding: 'utf-8',
+      stdio: ['pipe', 'pipe', 'pipe'],
+      timeout: 15000,
+      killSignal: 'SIGTERM'
+    });
+    return `=== mcp-thorns ===\n${out.trim()}`;
+  } catch (e) {
+    if (e.killed) return '=== mcp-thorns ===\nSkipped (timeout)';
+    return '';
+  }
+};
+
 const emit = (additionalContext) => {
   const isGemini = process.env.GEMINI_PROJECT_DIR !== undefined;
   const isOpenCode = process.env.OC_PROJECT_DIR !== undefined;
@@ -48,7 +67,11 @@ const emit = (additionalContext) => {
 
 try {
   ensureGitignore();
-  emit('use gm agent | ' + COMPACT_CONTEXT + ' | ' + PLAN_MODE_BLOCK);
+  const parts = [];
+  const thorns = runThorns();
+  if (thorns) parts.push(thorns);
+  parts.push('use gm agent | ' + COMPACT_CONTEXT + ' | ' + PLAN_MODE_BLOCK);
+  emit(parts.join('\n\n'));
 } catch (error) {
   emit('use gm agent | hook error: ' + error.message);
   process.exit(0);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gm-cc",
-  "version": "2.0.146",
+  "version": "2.0.148",
   "description": "State machine agent with hooks, skills, and automated git enforcement",
   "author": "AnEntrypoint",
   "license": "MIT",

package/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "gm",
-  "version": "2.0.146",
+  "version": "2.0.148",
   "description": "State machine agent with hooks, skills, and automated git enforcement",
   "author": {
     "name": "AnEntrypoint",

package/skills/code-search/SKILL.md

@@ -1,7 +1,165 @@
 ---
 name: code-search
-description: Semantic code search across the codebase. Use for all code exploration, finding implementations, locating files, and answering codebase questions. Replaces mcp__plugin_gm_code-search__search and codebasesearch MCP tool.
+description: Semantic code search across the codebase. Returns structured results with file paths, line numbers, and relevance scores. Use for all code exploration, finding implementations, locating files, and answering codebase questions.
+category: exploration
 allowed-tools: Bash(bun x codebasesearch*)
+input-schema:
+  type: object
+  required: [prompt]
+  properties:
+    prompt:
+      type: string
+      minLength: 3
+      maxLength: 200
+      description: Natural language search query describing what you're looking for
+    context:
+      type: object
+      description: Optional context about search scope and restrictions
+      properties:
+        path:
+          type: string
+          description: Restrict search to this directory path (relative or absolute)
+        file-types:
+          type: array
+          items: { type: string }
+          description: Filter results by file extensions (e.g., ["js", "ts", "py"])
+        exclude-patterns:
+          type: array
+          items: { type: string }
+          description: Exclude paths matching glob patterns (e.g., ["node_modules", "*.test.js"])
+    filter:
+      type: object
+      description: Output filtering and formatting options
+      properties:
+        max-results:
+          type: integer
+          minimum: 1
+          maximum: 500
+          default: 50
+          description: Maximum number of results to return
+        min-score:
+          type: number
+          minimum: 0
+          maximum: 1
+          default: 0.5
+          description: Minimum relevance score (0-1) to include in results
+        sort-by:
+          type: string
+          enum: [relevance, path, line-number]
+          default: relevance
+          description: Result sort order
+    timeout:
+      type: integer
+      minimum: 1000
+      maximum: 30000
+      default: 10000
+      description: Search timeout in milliseconds (query returns partial results if exceeded)
+output-schema:
+  type: object
+  required: [status, results, meta]
+  properties:
+    status:
+      type: string
+      enum: [success, partial, empty, timeout, error]
+      description: Overall operation status
+    results:
+      type: array
+      description: Array of matching code locations
+      items:
+        type: object
+        required: [file, line, content, score]
+        properties:
+          file:
+            type: string
+            description: Absolute or relative file path to matched file
+          line:
+            type: integer
+            description: Line number where match occurs (1-indexed)
+          content:
+            type: string
+            description: The matched line or context snippet
+          score:
+            type: number
+            minimum: 0
+            maximum: 1
+            description: Relevance score where 1.0 is perfect match
+          context:
+            type: object
+            description: Surrounding context lines (optional)
+            properties:
+              before:
+                type: array
+                items: { type: string }
+                description: Lines before the match
+              after:
+                type: array
+                items: { type: string }
+                description: Lines after the match
+          metadata:
+            type: object
+            description: File and match metadata (optional)
+            properties:
+              language:
+                type: string
+                description: Programming language detected (js, ts, py, rs, go, etc.)
+              size:
+                type: integer
+                description: File size in bytes
+              modified:
+                type: string
+                format: date-time
+                description: Last modification timestamp
+    meta:
+      type: object
+      required: [query, count, duration_ms]
+      description: Query execution metadata
+      properties:
+        query:
+          type: string
+          description: Normalized query that was executed
+        count:
+          type: integer
+          description: Total matches found (before filtering)
+        filtered:
+          type: integer
+          description: Results returned (after filtering and limiting)
+        duration_ms:
+          type: integer
+          description: Execution time in milliseconds
+        scanned_files:
+          type: integer
+          description: Total files examined during search
+        timestamp:
+          type: string
+          format: date-time
+          description: When execution completed
+    errors:
+      type: array
+      description: Non-fatal errors that occurred (may appear alongside partial results)
+      items:
+        type: object
+        properties:
+          code:
+            type: string
+            enum: [TIMEOUT, INVALID_PATH, SCHEMA_VIOLATION, EXECUTION_FAILED]
+            description: Error classification
+          message:
+            type: string
+            description: Human-readable error description
+output-format: json
+error-handling:
+  timeout:
+    behavior: return-partial
+    description: Returns results collected before timeout with status=partial
+  invalid-input:
+    behavior: reject
+    description: Returns status=error with validation errors in errors array
+  empty-results:
+    behavior: return-empty
+    description: Returns status=empty with count=0, filtered=0, results=[]
+  execution-error:
+    behavior: return-error
+    description: Returns status=error with error details in errors array
 ---
 
 # Semantic Code Search
@@ -14,7 +172,56 @@ Only use bun x codebasesearch for searching code, or execute some custom code if
 bun x codebasesearch "your natural language query"
 ```
 
-## Examples
+## Invocation Examples
+
+### Via Skill Tool (Recommended - Structured JSON Input)
+
+**Basic search**:
+```json
+{
+  "prompt": "where is authentication handled"
+}
+```
+
+**With filtering and limits**:
+```json
+{
+  "prompt": "database connection setup",
+  "filter": {
+    "max-results": 20,
+    "min-score": 0.7,
+    "sort-by": "path"
+  }
+}
+```
+
+**Scoped to directory with file type filter**:
+```json
+{
+  "prompt": "error logging middleware",
+  "context": {
+    "path": "src/middleware/",
+    "file-types": ["js", "ts"]
+  },
+  "timeout": 5000
+}
+```
+
+**Exclude patterns and narrow results**:
+```json
+{
+  "prompt": "rate limiter implementation",
+  "context": {
+    "exclude-patterns": ["*.test.js", "node_modules/*"]
+  },
+  "filter": {
+    "max-results": 10,
+    "min-score": 0.8
+  }
+}
+```
+
+### Legacy CLI Invocation (Still Supported)
 
 ```bash
 bun x codebasesearch "where is authentication handled"
@@ -24,9 +231,146 @@ bun x codebasesearch "function that parses config files"
 bun x codebasesearch "where is the rate limiter"
 ```
 
+## Output Examples
+
+### Success Response (Multiple Results)
+
+```json
+{
+  "status": "success",
+  "results": [
+    {
+      "file": "src/auth/handler.js",
+      "line": 42,
+      "content": "async function authenticateUser(credentials) {",
+      "score": 0.95,
+      "context": {
+        "before": [
+          "// Main authentication entry point",
+          ""
+        ],
+        "after": [
+          "  const { username, password } = credentials;",
+          "  const user = await db.users.findOne({ username });"
+        ]
+      },
+      "metadata": {
+        "language": "javascript",
+        "size": 2048,
+        "modified": "2025-03-10T14:23:00Z"
+      }
+    },
+    {
+      "file": "src/middleware/auth-middleware.js",
+      "line": 18,
+      "content": "export const requireAuth = (req, res, next) => {",
+      "score": 0.78,
+      "metadata": {
+        "language": "javascript",
+        "size": 1024,
+        "modified": "2025-03-10T14:20:00Z"
+      }
+    }
+  ],
+  "meta": {
+    "query": "authentication handled",
+    "count": 2,
+    "filtered": 2,
+    "duration_ms": 245,
+    "scanned_files": 87,
+    "timestamp": "2025-03-15T10:30:00Z"
+  }
+}
+```
+
+### Empty Results Response
+
+```json
+{
+  "status": "empty",
+  "results": [],
+  "meta": {
+    "query": "nonexistent pattern xyz123",
+    "count": 0,
+    "filtered": 0,
+    "duration_ms": 123,
+    "scanned_files": 87,
+    "timestamp": "2025-03-15T10:30:00Z"
+  }
+}
+```
+
+### Timeout Response (Partial Results)
+
+```json
+{
+  "status": "partial",
+  "results": [
+    {
+      "file": "src/a.js",
+      "line": 5,
+      "content": "function init() {",
+      "score": 0.92,
+      "metadata": { "language": "javascript", "size": 512 }
+    },
+    {
+      "file": "src/b.js",
+      "line": 12,
+      "content": "const setup = () => {",
+      "score": 0.85,
+      "metadata": { "language": "javascript", "size": 768 }
+    }
+  ],
+  "meta": {
+    "query": "expensive search pattern",
+    "count": 1847,
+    "filtered": 2,
+    "duration_ms": 10000,
+    "scanned_files": 45,
+    "timestamp": "2025-03-15T10:30:00Z"
+  },
+  "errors": [
+    {
+      "code": "TIMEOUT",
+      "message": "Search exceeded 10000ms limit. Returning partial results (2 of 1847 matches)."
+    }
+  ]
+}
+```
+
+### Error Response (Invalid Input)
+
+```json
+{
+  "status": "error",
+  "results": [],
+  "meta": {
+    "query": null,
+    "count": 0,
+    "filtered": 0,
+    "duration_ms": 50,
+    "scanned_files": 0,
+    "timestamp": "2025-03-15T10:30:00Z"
+  },
+  "errors": [
+    {
+      "code": "INVALID_PATH",
+      "message": "context.path='/nonexistent' does not exist"
+    },
+    {
+      "code": "SCHEMA_VIOLATION",
+      "message": "filter.max-results must be between 1 and 500, got 1000"
+    }
+  ]
+}
+```
+
 ## Rules
 
 - Always use this first before reading files — it returns file paths and line numbers
-- Natural language queries work best; be descriptive
-- No persistent files created; results stream to stdout only
-- Use the returned file paths + line numbers to go directly to relevant code
+- Natural language queries work best; be descriptive about what you're looking for
+- Structured JSON output includes relevance scores and file paths for immediate navigation
+- Use returned file paths and line numbers to read full file context via Read tool
+- Results are pre-sorted by relevance (highest scores first) unless sort-by specifies otherwise
+- Timeout queries return partial results with status=partial — use if time-critical
+- Schema validation ensures valid input before execution — invalid args return error with details