gm-copilot-cli 2.0.726 → 2.0.1063

package/skills/gm-cc/SKILL.md

@@ -0,0 +1,19 @@
+---
+name: gm-cc
+description: AI-native software engineering via skill-driven orchestration on cc; bootstraps plugkit for task execution and session isolation
+allowed-tools: Skill
+---
+
+# GM — cc Platform
+
+AI-native software engineering orchestrated via skill chain: PLAN → EXECUTE → EMIT → VERIFY → UPDATE-DOCS.
+
+**Bootstrap pattern**: `bun x gm-plugkit@latest --daemon` downloads the correct platform binary, verifies SHA256, and starts the spool watcher daemon. Call once at session start; idempotent on subsequent calls. All execution routes through the file-spool: write to `.gm/exec-spool/in/<lang>/<N>.<ext>` or `in/<verb>/<N>.txt`, poll `out/<N>.json` for results.
+
+**Session-ID threading (no session-start hook)**: At skill invoke time, generate or detect SESSION_ID (env var `SESSION_ID` or `uuid()`). Pass `sessionId: "<id>"` in every rs-exec RPC body (spawn, tail, watch, etc.) and every spool-written task body. All task-scoped cleanup (deleteTask, getTask, appendOutput, killSessionTasks) requires matching sessionId. Absence is forbidden — hard reject by rs-exec handler.
+
+**Spool dispatch surface**: Write to `.gm/exec-spool/in/<lang>/<N>.<ext>` (languages: nodejs, python, bash, typescript, go, rust, c, cpp, java, deno) or `in/<verb>/<N>.txt` (verbs: codesearch, recall, memorize, wait, sleep, status, close, browser, runner, etc.). Watcher executes and streams `out/<N>.out` (stdout) + `out/<N>.err` (stderr) line-by-line, then `out/<N>.json` metadata (exitCode, durationMs, timedOut, startedAt, endedAt) at completion.
+
+**End-to-end skill chaining (skills-based platforms)**: When gm SKILL.md includes `end-to-end: true`, adapter detects signal and parses stdout for trailing JSON: `{"nextSkill": "...", "context": {...}, "phase": "..."}`. If nextSkill is non-null, invoke `Skill(skill="gm:<nextSkill>")` with context dict, repeat until null. This auto-chains 5 invocations into 1 user invocation.
+
+Every task returns complete: taskId, exitCode, durationMs, timedOut, stdout, stderr. Background tasks return immediately with task_id; continue with exec:tail, exec:watch, or exec:close.

package/skills/gm-codex/SKILL.md

@@ -0,0 +1,19 @@
+---
+name: gm-codex
+description: AI-native software engineering via skill-driven orchestration on codex; bootstraps plugkit for task execution and session isolation
+allowed-tools: Skill
+---
+
+# GM — codex Platform
+
+AI-native software engineering orchestrated via skill chain: PLAN → EXECUTE → EMIT → VERIFY → UPDATE-DOCS.
+
+**Bootstrap pattern**: `bun x gm-plugkit@latest --daemon` downloads the correct platform binary, verifies SHA256, and starts the spool watcher daemon. Call once at session start; idempotent on subsequent calls. All execution routes through the file-spool: write to `.gm/exec-spool/in/<lang>/<N>.<ext>` or `in/<verb>/<N>.txt`, poll `out/<N>.json` for results.
+
+**Session-ID threading (no session-start hook)**: At skill invoke time, generate or detect SESSION_ID (env var `SESSION_ID` or `uuid()`). Pass `sessionId: "<id>"` in every rs-exec RPC body (spawn, tail, watch, etc.) and every spool-written task body. All task-scoped cleanup (deleteTask, getTask, appendOutput, killSessionTasks) requires matching sessionId. Absence is forbidden — hard reject by rs-exec handler.
+
+**Spool dispatch surface**: Write to `.gm/exec-spool/in/<lang>/<N>.<ext>` (languages: nodejs, python, bash, typescript, go, rust, c, cpp, java, deno) or `in/<verb>/<N>.txt` (verbs: codesearch, recall, memorize, wait, sleep, status, close, browser, runner, etc.). Watcher executes and streams `out/<N>.out` (stdout) + `out/<N>.err` (stderr) line-by-line, then `out/<N>.json` metadata (exitCode, durationMs, timedOut, startedAt, endedAt) at completion.
+
+**End-to-end skill chaining (skills-based platforms)**: When gm SKILL.md includes `end-to-end: true`, adapter detects signal and parses stdout for trailing JSON: `{"nextSkill": "...", "context": {...}, "phase": "..."}`. If nextSkill is non-null, invoke `Skill(skill="gm:<nextSkill>")` with context dict, repeat until null. This auto-chains 5 invocations into 1 user invocation.
+
+Every task returns complete: taskId, exitCode, durationMs, timedOut, stdout, stderr. Background tasks return immediately with task_id; continue with exec:tail, exec:watch, or exec:close.

package/skills/gm-complete/SKILL.md

@@ -3,121 +3,104 @@ name: gm-complete
 description: VERIFY and COMPLETE phase. End-to-end system verification and git enforcement. Any new unknown triggers immediate snake back to planning — restart chain.
 ---
 
-# GM COMPLETE — Verify and Complete
+# GM COMPLETE — Verify, then close
 
-GRAPH: `PLAN → EXECUTE → EMIT → [VERIFY] → UPDATE-DOCS → COMPLETE`
-Entry: all EMIT gates passed. From `gm-emit`.
+Entry: EMIT gates clear, from `gm-emit`. Exit: `.prd` deleted + test.js green + pushed + CI green → `update-docs`.
 
-## TRANSITIONS
+Cross-cutting dispositions live in `gm` SKILL.md.
 
-**EXIT → EXECUTE**: .prd items remain → invoke `gm-execute` immediately.
-**EXIT → COMPLETE**: .prd deleted + test.js passes + pushed + CI green → invoke `update-docs`.
-**REGRESS → EMIT**: broken file output.
-**REGRESS → EXECUTE**: logic wrong.
-**REGRESS → PLAN**: new unknown or wrong requirements.
+## Transitions
 
-Failure triage: broken output → EMIT | wrong logic → EXECUTE | new unknown → PLAN. Never patch around surprises.
+- `.prd` items remain → `gm-execute`
+- `.prd` empty AND test.js green AND pushed AND CI green → `update-docs`
+- Broken file output → `gm-emit`
+- Wrong logic → `gm-execute`
+- New unknown or wrong requirements → `planning`
 
-## MUTABLES — ALL MUST RESOLVE BEFORE COMPLETE
+Failure triage: broken output to EMIT, wrong logic to EXECUTE, new unknown to PLAN. Never patch around surprises.
+
+## Mutables that must resolve before COMPLETE
 
 - `witnessed_e2e` — real end-to-end run with witnessed output
-- `browser_validated` — MANDATORY for any change touching client/UI/browser-facing code (anything served to a browser, rendered, or whose output is visible to a user). Must invoke `browser` skill, navigate the live page, and witness the change in `window` / DOM / scene state. test.js + node-side imports DO NOT satisfy this gate. See BROWSER VALIDATION GATE below.
+- `browser_validated` — for any change touching client / UI / browser-facing code, see gate below. test.js + node-side imports DO NOT satisfy this gate.
 - `git_clean` — `git status --porcelain` returns empty
 - `git_pushed` — `git log origin/main..HEAD --oneline` returns empty
-- `ci_passed` — all GitHub Actions runs reach `conclusion: success`
-- `prd_empty` — `.gm/prd.yml` deleted (file must not exist)
-- `stress_suite_clear` — change walked through all applicable governance stress cases (M1-D1), none flunk
-- `hidden_decision_posture` — advances open→down_weighted→closed only when CI green + stress suite clear
+- `ci_passed` — every GitHub Actions run reaches `conclusion: success`
+- `mutables_resolved` — `.gm/mutables.yml` deleted OR every entry `status: witnessed`. Stop hook hard-blocks turn-stop while any entry is `status: unknown`.
+- `prd_empty` — `.gm/prd.yml` deleted AFTER residual scan: enumerate every in-spirit reachable residual surfaced this session; any hit re-enters `planning`, appends PRD items, executes. Empty PRD is necessary, not sufficient — done = empty PRD AND zero reachable in-spirit residuals. Out-of-spirit-or-unreachable residuals are named in the response and skipped; everything else is this turn's work.
+- `stress_suite_clear` — change walked through M1–D1 (governance), none flunked
+- `hidden_decision_posture` — open → down_weighted → closed only when CI is green AND stress suite is clear
 
-## END-TO-END VERIFICATION
+## End-to-end verification
 
-Run real system, real data, witness actual output. NOT verification: docs updates, saying done, screenshots alone.
+Real system, real data, witness actual output. Doc updates, "saying done", and screenshots alone are not verification. Write the e2e probe to the spool (`.gm/exec-spool/in/nodejs/<N>.js`):
 
 ```
-exec:nodejs
 const { fn } = await import('/abs/path/to/module.js');
 console.log(await fn(realInput));
 ```
 
-Browser/UI: invoke `browser` skill. After every success: enumerate what remains — never stop at first green.
+After every success, enumerate what remains — never stop at first green.
+
+## Browser validation gate
+
+Required when this session changed any code that runs in a browser: anything under `client/`, UI components, shaders, page-loaded JS, served HTML, gh-pages assets, dev-server endpoints, or any module imported into the page bundle.
 
-## BROWSER VALIDATION GATE — MANDATORY FOR CLIENT WORK
+Trigger detection (any one): `git diff --name-only origin/main..HEAD` includes paths under `client/`, `apps/*/index.js` with client export, `docs/`, `*.html`, shader files, or any file imported by a browser entry; new/changed export consumed by `window.*` or rendered in DOM/canvas/WebGL; visual, layout, animation, input, network-on-page, or shader behavior altered.
 
-If this session changed any code that runs in a browser — anything under client/, UI components, shaders, page-loaded JS, served HTML, gh-pages assets, dev-server endpoints, or any module imported into the page bundle — `browser_validated` MUST resolve before COMPLETE. Skipping it because "node tests pass" or "test.js is green" is a forced-closure refusal of witnessed verification.
+Protocol: boot the real server (or open the static page) on a known URL — witness HTTP 200. `exec:browser` → `page.goto(url)` → wait for app init by polling for the global the change affects (`window.__app.<system>`). Probe via `page.evaluate(() => …)` asserting the specific invariant the change was supposed to establish — instance counts, scene meshes, DOM nodes, render stats, network frames. Capture witnessed numbers in the response — "looks fine" is not a witness. Failures route to `gm-execute` (logic) or `gm-emit` (output) — never paper over.
 
-Trigger detection (any one suffices):
-- `git diff --name-only origin/main..HEAD` includes paths under `client/`, `apps/*/index.js` with client export, `docs/`, `*.html`, shader files, or any file imported by a browser entry.
-- New/changed export consumed by `window.*` or rendered in DOM/canvas/WebGL.
-- Visual, layout, animation, input, network-on-page, or shader behavior altered.
+Long-running probes split into navigate-call → `exec:wait N` → probe-call to stay under the per-call budget. Do not stack multi-second `setTimeout` inside one `exec:browser` invocation.
 
-Required protocol:
-1. Boot the real server (or open the static page) on a known URL — witness HTTP 200.
-2. `exec:browser` → `page.goto(url)` → wait for app init (poll for the global the change affects, e.g. `window.__app.<system>`).
-3. Probe via `page.evaluate(() => …)` — assert the specific invariant the change was supposed to establish (instance counts, scene meshes, DOM nodes, render stats, network frames, etc.).
-4. Capture the witnessed numbers in the response. "Looks fine" is not a witness.
-5. Failures → regress to `gm-execute` (logic) or `gm-emit` (output) — never paper over.
+Exempt only when: change is server-only with zero browser-facing surface, OR the repository has no browser surface at all (pure CLI / library). Exemption requires explicit tag in the response: `BROWSER EXEMPT: <reason — must reference diff paths showing zero browser-facing surface>`. Default posture is NOT exempt — burden is on the agent to prove exemption with diff evidence.
 
-Long-running probes: split into navigate-call → `exec:wait N` → probe-call to stay under the per-call budget. Do not stack multi-second `setTimeout` inside one `exec:browser` invocation.
+Pre-flight: run `git diff --name-only origin/main..HEAD` directly via Bash, then dispatch a nodejs spool file that reads the diff list and filters lines matching `client/|docs/|\.html$|\.glsl$|\.frag$|\.vert$`. Any hit AND no `exec:browser` block in this session → mandatory regression to `gm-execute`.
 
-Exempt only when: change is server-only with zero browser-facing surface, OR repository has no browser surface at all (pure CLI/library). Tag the exemption in the response with the reason; do not silently skip.
+## Integration test gate
 
-## INTEGRATION TEST GATE
+Write to `.gm/exec-spool/in/nodejs/<N>.js`:
 
 ```
-exec:nodejs
 const { execSync } = require('child_process');
 try { execSync('node test.js', { stdio: 'inherit', timeout: 30000 }); console.log('PASS'); }
 catch (e) { console.error('FAIL'); process.exit(1); }
 ```
 
-Failure → regress to `gm-execute`. No test.js + testable surface → regress to `gm-execute` to create it.
+Failure → `gm-execute`. No test.js in a repo with testable surface → `gm-execute` to create it.
 
-## GIT ENFORCEMENT
+## Git enforcement
+
+Run directly via Bash:
 
 ```
-exec:bash
 git status --porcelain
 git log origin/main..HEAD --oneline
 ```
 
-Both must return empty. Local commit without push ≠ complete.
+Both must return empty. Local commit without push is not complete.
 
-## CI — AUTOMATED
+## CI is automated
 
-Stop hook watches all GitHub Actions runs for the pushed HEAD. Do not call `gh run list` manually.
-- All-green → Stop approves with CI summary in next turn context
-- Failure → Stop blocks with run names+IDs → investigate with `gh run view <id> --log-failed`, fix, push, hook re-watches
-- Deadline 180s (override `GM_CI_WATCH_SECS`) → slow jobs get "still in progress" approve
+The Stop hook watches Actions for the pushed HEAD. Do not call `gh run list` manually. All-green → Stop approves with CI summary in next-turn context. Failure → Stop blocks with run names + IDs; investigate via `gh run view <id> --log-failed`, fix, push, hook re-watches. Deadline 180s (override `GM_CI_WATCH_SECS`); slow jobs get a "still in progress" approve.
 
-## HYGIENE SWEEP
+## Hygiene sweep
 
-Before declaring complete:
 1. Files >200 lines → split
 2. Comments in code → remove
-3. Scattered test files (.test.js, .spec.js, __tests__/, fixtures/, mocks/) → delete, consolidate into root test.js
-4. Mock/stub/simulation files → delete
-5. Unnecessary doc files (not CHANGELOG/CLAUDE/README/TODO.md) → delete
-6. Duplicate concern → snake to `planning` with restructuring instructions
+3. Scattered test files (`.test.js`, `.spec.js`, `__tests__/`, `fixtures/`, `mocks/`) → delete, consolidate into root `test.js`
+4. Mock / stub / simulation files → delete
+5. Unnecessary doc files (not CHANGELOG, CLAUDE, README, TODO.md) → delete
+6. Duplicate concern → regress to `planning` with restructuring instructions
 7. Hardcoded values → derive from ground truth
-8. Fallback/demo modes → remove, fail loud
-9. TODO.md → empty/deleted
-10. CHANGELOG.md → has entries for this session
+8. Fallback / demo modes → remove, fail loud
+9. TODO.md → empty or deleted
+10. CHANGELOG.md → entries for this session
 11. Observability gaps → server subsystems expose `/debug/<subsystem>`; client modules register in `window.__debug`
-12. Memorize → every fact from verification handed off via background Agent(memorize) at moment of resolution
-13. Deploy/publish → if deployable, deploy; if npm package, publish
+12. Memorize → every fact from verification handed off via background `Agent(memorize)` at moment of resolution
+13. Deploy / publish → if deployable, deploy; if npm package, publish
 14. GitHub Pages → check `.github/workflows/pages.yml` + `docs/index.html` exist; invoke `pages` skill if absent
-15. Governance stress-suite → walk change through M1,F1,C1,H1,S1,B1,A1,D1; any flunk = regress to owning phase
-
-## MEMORIZE
-
-```
-Agent(subagent_type='gm:memorize', model='haiku', run_in_background=true, prompt='## CONTEXT TO MEMORIZE\n<fact>')
-```
-
-One per fact, parallel, same turn resolved. End-of-turn self-check mandatory.
-
-## COMPLETION DEFINITION
+15. Governance stress-suite → walk change through M1, F1, C1, H1, S1, B1, A1, D1; any flunk regresses to the owning phase
 
-All: witnessed e2e | browser_validated (when client work touched) | failure paths exercised | test.js passes | .prd deleted | git clean+pushed | CI green | hygiene sweep clean | TODO.md gone | CHANGELOG.md updated
+## Completion
 
-**Never**: claim done without witnessed output | claim done on a client change without browser-validation witness | stop while .prd has items | skip hygiene | skip test.js | uncommitted/unpushed work | stop at first green
+All true at once: witnessed e2e | browser_validated when client work touched | failure paths exercised | test.js passes | `.prd` deleted | git clean and pushed | CI green | hygiene sweep clean | TODO.md gone | CHANGELOG.md updated.

package/skills/gm-copilot-cli/SKILL.md

@@ -0,0 +1,19 @@
+---
+name: gm-copilot-cli
+description: AI-native software engineering via skill-driven orchestration on copilot-cli; bootstraps plugkit for task execution and session isolation
+allowed-tools: Skill
+---
+
+# GM — copilot-cli Platform
+
+AI-native software engineering orchestrated via skill chain: PLAN → EXECUTE → EMIT → VERIFY → UPDATE-DOCS.
+
+**Bootstrap pattern**: `bun x gm-plugkit@latest --daemon` downloads the correct platform binary, verifies SHA256, and starts the spool watcher daemon. Call once at session start; idempotent on subsequent calls. All execution routes through the file-spool: write to `.gm/exec-spool/in/<lang>/<N>.<ext>` or `in/<verb>/<N>.txt`, poll `out/<N>.json` for results.
+
+**Session-ID threading (no session-start hook)**: At skill invoke time, generate or detect SESSION_ID (env var `SESSION_ID` or `uuid()`). Pass `sessionId: "<id>"` in every rs-exec RPC body (spawn, tail, watch, etc.) and every spool-written task body. All task-scoped cleanup (deleteTask, getTask, appendOutput, killSessionTasks) requires matching sessionId. Absence is forbidden — hard reject by rs-exec handler.
+
+**Spool dispatch surface**: Write to `.gm/exec-spool/in/<lang>/<N>.<ext>` (languages: nodejs, python, bash, typescript, go, rust, c, cpp, java, deno) or `in/<verb>/<N>.txt` (verbs: codesearch, recall, memorize, wait, sleep, status, close, browser, runner, etc.). Watcher executes and streams `out/<N>.out` (stdout) + `out/<N>.err` (stderr) line-by-line, then `out/<N>.json` metadata (exitCode, durationMs, timedOut, startedAt, endedAt) at completion.
+
+**End-to-end skill chaining (skills-based platforms)**: When gm SKILL.md includes `end-to-end: true`, adapter detects signal and parses stdout for trailing JSON: `{"nextSkill": "...", "context": {...}, "phase": "..."}`. If nextSkill is non-null, invoke `Skill(skill="gm:<nextSkill>")` with context dict, repeat until null. This auto-chains 5 invocations into 1 user invocation.
+
+Every task returns complete: taskId, exitCode, durationMs, timedOut, stdout, stderr. Background tasks return immediately with task_id; continue with exec:tail, exec:watch, or exec:close.

package/skills/gm-cursor/SKILL.md

@@ -0,0 +1,19 @@
+---
+name: gm-cursor
+description: AI-native software engineering via skill-driven orchestration on cursor; bootstraps plugkit for task execution and session isolation
+allowed-tools: Skill
+---
+
+# GM — cursor Platform
+
+AI-native software engineering orchestrated via skill chain: PLAN → EXECUTE → EMIT → VERIFY → UPDATE-DOCS.
+
+**Bootstrap pattern**: `bun x gm-plugkit@latest --daemon` downloads the correct platform binary, verifies SHA256, and starts the spool watcher daemon. Call once at session start; idempotent on subsequent calls. All execution routes through the file-spool: write to `.gm/exec-spool/in/<lang>/<N>.<ext>` or `in/<verb>/<N>.txt`, poll `out/<N>.json` for results.
+
+**Session-ID threading (no session-start hook)**: At skill invoke time, generate or detect SESSION_ID (env var `SESSION_ID` or `uuid()`). Pass `sessionId: "<id>"` in every rs-exec RPC body (spawn, tail, watch, etc.) and every spool-written task body. All task-scoped cleanup (deleteTask, getTask, appendOutput, killSessionTasks) requires matching sessionId. Absence is forbidden — hard reject by rs-exec handler.
+
+**Spool dispatch surface**: Write to `.gm/exec-spool/in/<lang>/<N>.<ext>` (languages: nodejs, python, bash, typescript, go, rust, c, cpp, java, deno) or `in/<verb>/<N>.txt` (verbs: codesearch, recall, memorize, wait, sleep, status, close, browser, runner, etc.). Watcher executes and streams `out/<N>.out` (stdout) + `out/<N>.err` (stderr) line-by-line, then `out/<N>.json` metadata (exitCode, durationMs, timedOut, startedAt, endedAt) at completion.
+
+**End-to-end skill chaining (skills-based platforms)**: When gm SKILL.md includes `end-to-end: true`, adapter detects signal and parses stdout for trailing JSON: `{"nextSkill": "...", "context": {...}, "phase": "..."}`. If nextSkill is non-null, invoke `Skill(skill="gm:<nextSkill>")` with context dict, repeat until null. This auto-chains 5 invocations into 1 user invocation.
+
+Every task returns complete: taskId, exitCode, durationMs, timedOut, stdout, stderr. Background tasks return immediately with task_id; continue with exec:tail, exec:watch, or exec:close.

package/skills/gm-emit/SKILL.md

@@ -3,85 +3,68 @@ name: gm-emit
 description: EMIT phase. Pre-emit debug, write files, post-emit verify from disk. Any new unknown triggers immediate snake back to planning — restart chain.
 ---
 
-# GM EMIT — Write and Verify
+# GM EMIT — Write and verify from disk
 
-GRAPH: `PLAN → EXECUTE → [EMIT] → VERIFY → COMPLETE`
-Entry: all mutables KNOWN. From `gm-execute` or re-entered from VERIFY.
+Entry: every mutable KNOWN, from `gm-execute` or re-entered from VERIFY. Exit: gates clear → `gm-complete`.
 
-## TRANSITIONS
+Cross-cutting dispositions live in `gm` SKILL.md.
 
-**EXIT → VERIFY**: all gate conditions true → invoke `gm-complete` immediately.
-**SELF-LOOP**: post-emit variance with known cause → fix, re-verify, stay in EMIT.
-**REGRESS → EXECUTE**: pre-emit reveals known logic error.
-**REGRESS → PLAN**: pre-emit reveals new unknown | post-emit variance with unknown cause | scope changed.
+## Transitions
 
-## LEGITIMACY GATE (before pre-emit run)
+- All gates clear → `gm-complete`
+- Post-emit variance with known cause → fix in-band, re-verify, stay in EMIT
+- Pre-emit reveals known logic error → `gm-execute`
+- Pre-emit reveals new unknown OR post-emit variance with unknown cause OR scope changed → `planning`
 
-For every claim landing in a file:
-1. **Earned specificity** — traces to `authorization=witnessed`, not inflated from weak prior?
-2. **Repair legality** — local patch dressed as structural repair? Downgrade scope or snake to PLAN.
-3. **Lawful downgrade** — can a weaker, true statement replace it? PREFER the downgrade.
-4. **Alternative-route suppression** — live competing route being silenced? Preserve it.
-5. **Strongest objection** — if a reviewer pushed back on this change, what would the sharpest argument be? Articulate it. Cannot articulate = have not understood the alternatives = regress to `gm-execute`.
+## Legitimacy gate (before pre-emit run)
 
-Fail any → regress to `gm-execute` to witness what was missing, or `planning` if gap is structural.
+For every claim landing in a file, answer five questions:
 
-## PRE-EMIT RUN (mandatory before writing any file)
+1. Earned specificity — does it trace to `authorization=witnessed`, or is it inflated from a weak prior?
+2. Repair legality — is a local patch dressed as structural repair? Downgrade scope or regress to PLAN.
+3. Lawful downgrade — can a weaker, true statement replace it? Prefer the downgrade.
+4. Alternative-route suppression — is a live competing route being silenced? Preserve it.
+5. Strongest objection — what would the sharpest reviewer pushback be? Articulate it. Cannot articulate = have not understood the alternatives → `gm-execute`.
+
+Any failure regresses to `gm-execute` to witness what was missing, or `planning` if the gap is structural.
+
+## Pre-emit run
+
+Mandatory before writing any file. Write the probe to the spool (`.gm/exec-spool/in/nodejs/<N>.js`):
 
 ```
-exec:nodejs
 const { fn } = await import('/abs/path/to/module.js');
 console.log(await fn(realInput));
 ```
 
-1. Import actual module from disk — witness current behavior as baseline
-2. Run proposed logic in isolation WITHOUT writing — witness with real inputs
-3. Probe failure paths with real error inputs
-4. Compare: matches expected → write. Unexpected → new unknown → `planning`.
-
-## WRITING FILES
+Import the actual module from disk to witness current behavior as the baseline. Run the proposed logic in isolation without writing — witness with real inputs and with real error inputs. Match expected → write. Unexpected → new unknown → `planning`.
 
-`exec:nodejs` with `require('fs')`. Write only when every gate mutable resolved simultaneously.
+## Writing
 
-## POST-EMIT VERIFICATION (immediately after writing)
+Use the Write tool, or a nodejs spool file with `require('fs')`. Write only when every gate mutable resolves simultaneously.
 
-1. Re-import from disk (not in-memory — stale is inadmissible)
-2. Run identical inputs as pre-emit — must match pre-emit baseline exactly
-3. Known variance → fix immediately, re-verify (EMIT self-loop)
-4. Unknown variance → new unknown → invoke `planning`
-
-## GATE CONDITIONS (all true simultaneously)
-
-- Legitimacy gate passed; none of five refused collapses
-- Pre-emit passed with real inputs + error inputs
-- Post-emit matches pre-emit exactly
-- Hot reloadable; errors throw with context (no fallbacks, `|| default`, `catch { return null }`)
-- No mocks/fakes/stubs/scattered test files (delete on discovery)
-- Behavior change in this emit = a corresponding assertion in test.js (a change no test would catch is a change you cannot prove)
-- If this emit changes any browser-facing code (client/, served HTML/JS, shaders, page-bundle imports, gh-pages assets), the post-emit verify MUST include a live browser witness via `exec:browser` (boot server → page.goto → page.evaluate asserting the invariant the change established). Node-side import + test.js does NOT satisfy this — see `gm-complete` BROWSER VALIDATION GATE.
-- Files ≤200 lines
-- No duplicate concern (run exec:codesearch for primary concern after writing; any overlap → `planning`)
-- No comments; no hardcoded values; no adjectives in identifiers; no unnecessary files
-- Observability: new server subsystems expose `/debug/<subsystem>`; new client modules in `window.__debug`
-- Structure: no if/else where dispatch table suffices; no one-liners that require decoding; no reinvented APIs
-- All facts resolved this phase memorized via background Agent(memorize)
-- CHANGELOG.md updated; TODO.md cleared/deleted
+## Post-emit verification
 
-## CODE EXECUTION
+Re-import from disk — in-memory state is stale and inadmissible. Run identical inputs as pre-emit; output must match the baseline exactly. Known variance → fix and re-verify (self-loop). Unknown variance → `planning`.
 
-`exec:<lang>` only. File writes via exec:nodejs + require('fs'). Never Bash(node/npm/npx/bun).
-Pack runs: Promise.allSettled, each idea own try/catch, under 12s per call.
+## Mutables gate
 
-## CODEBASE SEARCH
+Before pre-emit run, read `.gm/mutables.yml`. Any entry with `status: unknown` → regress to `gm-execute`. The pre-tool-use hook hard-blocks Write/Edit/NotebookEdit while unresolved entries exist; trying to emit anyway returns deny. Zero unresolved is the precondition for every legitimacy question below.
 
-`exec:codesearch` only. Grep/Glob/Find/Explore = hook-blocked. Known path → `Read`.
+## Gate (all true at once)
 
-## MEMORIZE
-
-```
-Agent(subagent_type='gm:memorize', model='haiku', run_in_background=true, prompt='## CONTEXT TO MEMORIZE\n<fact>')
-```
-
-Same turn as resolution. Parallel when multiple. End-of-turn self-check mandatory.
-
-**Never**: write before pre-emit | advance with post-emit variance | absorb surprises | respond to user mid-phase
+- `.gm/mutables.yml` empty/absent OR every entry `status: witnessed` with filled `witness_evidence`
+- Legitimacy gate passed; no refused collapse
+- Pre-emit passed with real inputs and real error inputs
+- Post-emit matches pre-emit exactly
+- Hot-reloadable; errors throw with context (no `|| default`, no `catch { return null }`, no fallbacks)
+- No mocks, fakes, stubs, or scattered test files (delete on discovery)
+- Any behavior change has a corresponding assertion in `test.js` — a change no test catches is a change you cannot prove
+- Browser-facing change → post-emit verify includes a live `exec:browser` witness (boot server → `page.goto` → `page.evaluate` asserting the invariant the change established). Node-side import + test.js does not satisfy this — the final gate runs again in `gm-complete`.
+- Files ≤ 200 lines
+- No duplicate concern (run `exec:codesearch` for the primary concern after writing; overlap → `planning`)
+- No comments, no hardcoded values, no adjectives in identifiers, no unnecessary files
+- Observability: new server subsystems expose `/debug/<subsystem>`; new client modules register in `window.__debug`
+- Structure: no if/else where dispatch suffices; no one-liners that obscure; no reinvented APIs
+- Every fact resolved this phase memorized via background `Agent(memorize)`
+- CHANGELOG.md updated; TODO.md cleared or deleted

package/skills/gm-execute/SKILL.md

@@ -3,123 +3,86 @@ name: gm-execute
 description: EXECUTE phase AND the foundational execution contract for every skill. Every exec:<lang> run, every witnessed check, every code search, in every phase, follows this skill's discipline. Resolve all mutables via witnessed execution. Any new unknown triggers immediate snake back to planning — restart chain from PLAN.
 ---
 
-# GM EXECUTE — Resolve Every Unknown
+# GM EXECUTE — Resolve every unknown by witness
 
-GRAPH: `PLAN → [EXECUTE] → EMIT → VERIFY → COMPLETE`. Entry: .prd with named unknowns.
+Entry: `.prd` with named unknowns. Exit: every mutable KNOWN → invoke `gm-emit`.
 
-This skill = execution contract for ALL phases. About to run anything → load this first.
+A `@<discipline>` sigil propagates from PLAN through every recall, codesearch, and memorize call; reads without one fan across default plus enabled disciplines, writes without one go to default only.
 
-## TRANSITIONS
+This skill is the execution contract for ALL phases — pre-emit witnesses, post-emit verifies, e2e checks all run on this discipline. Cross-cutting dispositions live in `gm` SKILL.md.
 
-- **EXIT → EMIT**: all mutables KNOWN → invoke `gm-emit`.
-- **SELF-LOOP**: still UNKNOWN → re-run different angle (max 2 passes).
-- **REGRESS → PLAN**: new unknown | unresolvable after 2 passes.
+## Transitions
 
-## MUTABLE DISCIPLINE
+- All mutables KNOWN → `gm-emit`
+- Still UNKNOWN → re-run from a different angle (max 2 passes)
+- New unknown OR unresolvable after 2 passes → `planning`
 
-Each mutable: name | expected | current | resolution method.
+## Mutable discipline
 
-Resolves to KNOWN only when ALL four pass:
-- **ΔS=0** — witnessed output equals expected
-- **λ≥2** — two independent paths agree
-- **ε intact** — adjacent invariants hold
-- **Coverage≥0.70** — enough corpus inspected
+Each mutable carries: name, expected, current, resolution method.
 
-Unresolved after 2 passes = regress to `planning`. Never narrate past an unresolved mutable.
+Resolves to KNOWN only when all four pass:
 
-## PRIORS DON'T AUTHORIZE
+- **ΔS = 0** — witnessed output equals expected
+- **λ ≥ 2** — two independent paths agree
+- **ε intact** — adjacent invariants hold
+- **Coverage ≥ 0.70** — enough corpus inspected to rule out contradiction
 
-Route candidates from PLAN = `weak_prior` only. Plausibility = right to TEST, not BELIEVE.
-weak_prior → witnessed probe → witnessed → feed to EMIT. "The plan says" / "obviously X" = prior, not fact.
+Unresolved after 2 passes regresses to `planning`. Never narrate past an unresolved mutable.
 
-Claims in response prose stand or fall by their last witness. A claim with no witness in this session is a hypothesis, not a finding — say so when you state it, and say what would settle it. The next reader (you, next turn) needs to know which lines were earned and which were carried forward.
+Every witness that resolves a mutable writes back to `.gm/mutables.yml` the same step: set `status: witnessed` and fill `witness_evidence` with concrete proof (file:line, codesearch hit, exec output snippet). No write-back = the mutable stays unknown and the EMIT-gate stays closed. The hook reads this file; the agent's memory of "I resolved it" does not unblock anything.
 
-## VERIFICATION BUDGET
+Route candidates from PLAN are `weak_prior` only. Plausibility is the right to test, not the right to believe. A claim with no witness in the current session is a hypothesis — say so when stating it, and say what would settle it. The next reader (you, next turn) needs to know which lines were earned and which were carried forward.
 
-Spend on `.prd` items in descending order of consequence-if-wrong × distance-from-witnessed. Items whose failure would collapse the headline finding must reach witnessed status before EMIT; items with sub-argument-level consequence need at minimum a stated fallback path.
+## Verification budget
 
-## CODE EXECUTION
+Spend on `.prd` items in descending order of consequence-if-wrong × distance-from-witnessed. Items whose failure would collapse the headline finding must reach witnessed status before EMIT; sub-argument-level items need at minimum a stated fallback path.
 
-`exec:<lang>` only via Bash: `exec:<lang>\n<code>`
+## Code execution
 
-Langs: `nodejs` (default) | `bash` | `python` | `typescript` | `go` | `rust` | `c` | `cpp` | `java` | `deno` | `cmd`
+Code AND utility verbs both run through the file-spool. Write a file to `.gm/exec-spool/in/<lang-or-verb>/<N>.<ext>` — language stems (`in/nodejs/42.js`, `in/python/43.py`, `in/bash/44.sh`, plus typescript, go, rust, c, cpp, java, deno) or verb stems (`in/codesearch/45.txt`, `in/recall/46.txt`, `in/memorize/47.md`, plus wait, sleep, status, close, browser, runner, type, kill-port, forget, feedback, learn-status, learn-debug, learn-build, discipline, pause, health). The spool watcher executes and streams stdout to `out/<N>.out`, stderr to `out/<N>.err`, then writes `out/<N>.json` metadata sidecar at completion (taskId, lang, ok, exitCode, durationMs, timedOut, startedAt, endedAt). Both streams return as systemMessage with `--- stdout ---` / `--- stderr ---` separators. File I/O via a nodejs spool file + `require('fs')`. Only `git` and `gh` run directly in Bash. Never `Bash(node/npm/npx/bun)`, never `Bash(exec:<anything>)`.
 
-File I/O: exec:nodejs + require('fs'). Git directly in Bash. **Never** Bash(node/npm/npx/bun).
+Pack runs: `Promise.allSettled`, each idea own try/catch, under 12s per call. Runner: write `in/runner/<N>.txt` with body `start` | `stop` | `status`.
 
-Pack runs: Promise.allSettled parallel, each idea own try/catch, under 12s per call.
-Runner: `exec:runner\nstart|stop|status`
+Every exec daemonizes. The hook tails the task logfile up to 30s wall-clock and returns whatever is there — short tasks complete inside the window and look synchronous; long tasks return a task_id with partial output. Continue with `exec:tail` (drain, bounded), `exec:watch` (resume blocking until match or timeout), or `exec:close` (terminate). Never re-spawn a long task to check on it — that orphans the first one. `exec:wait` is a pure timer; `exec:sleep` blocks on a specific task's output; `exec:watch` is the match-or-timeout primitive. Every execution-platform RPC returns the live list of running tasks for this session — close stragglers via `exec:close\n<id>` so the list stays scannable. Session-end (clear/logout/prompt_input_exit) kills the session's tasks; compaction/handoff preserves them.
 
-## CODEBASE SEARCH
+Every utility verb dispatches via `in/<verb>/<N>.txt`; the body of the file is the verb's argument. There is no inline form and no Bash-prefix form — both are denied by the hook.
 
-`exec:codesearch` only. Grep/Glob/Find/Explore/grep/rg/find = hook-blocked.
+## Codebase search
 
-Known absolute path → `Read`. Known dir → exec:nodejs + fs.readdirSync.
+`exec:codesearch` only. Grep, Glob, Find, Explore, raw grep/rg/find inside `exec:bash` are all hook-blocked.
 
 ```
 exec:codesearch
 <two-word query>
 ```
 
-Iterate: change/add one word per pass. Min 4 attempts before concluding absent.
-
-## IMPORT-BASED EXECUTION
-
-Always import actual modules. Reimplemented = UNKNOWN.
-
-```
-exec:nodejs
-const { fn } = await import('/abs/path/to/module.js');
-console.log(await fn(realInput));
-```
-
-Differential diagnosis: smallest reproduction → compare actual vs expected → name the delta = mutable.
-
-## CI — AUTOMATED
+Start two words, change/add one per pass, minimum four attempts before concluding absent. Known absolute path → `Read`. Known directory → `exec:nodejs` + `fs.readdirSync`.
 
-`git push` → Stop hook auto-watches Actions for pushed HEAD. Same-repo only — downstream cascades not auto-watched.
-- Green → Stop approves with summary
-- Failure → run names+IDs → `gh run view <id> --log-failed`
-- Deadline 180s (override `GM_CI_WATCH_SECS`)
+## Utility verb failure handling
 
-## GROUND TRUTH
+**Utility verb failures must surface**: exec:memorize, exec:recall, exec:codesearch, and other utility verbs may fail (socket unavailable, timeout, network error). Failures do not block witness completion but must be reported to the user with error context. Fallback mechanisms (AGENTS.md for memorize) ensure memory preservation even when rs-learn is temporarily unavailable.
 
-Real services, real data, real timing. Mocks/stubs/scattered tests/fallbacks = delete.
+## Import-based execution
 
-**Scan before edit**: exec:codesearch before creating/modifying. Duplicate concern = regress to `planning`.
-**Hypothesize via execution**: hypothesis → run → witness → edit. Never edit on unwitnessed assumption.
-**Code quality**: native → library → structure (map/pipeline) → write.
-
-## PARALLEL SUBAGENTS
-
-≤3 `gm:gm` subagents for independent items in ONE message. Browser escalation: exec:browser → browser skill → screenshot last resort.
-
-## RECALL — HARD RULE
-
-Before resolving any new unknown via fresh execution, recall first.
+Hypotheses become real by importing actual modules from disk. Reimplemented behavior is UNKNOWN. Write the import probe to the spool:
 
 ```
-exec:recall
-<2-6 word query>
+# write .gm/exec-spool/in/nodejs/42.js
+const { fn } = await import('/abs/path/to/module.js');
+console.log(await fn(realInput));
 ```
 
-Triggers: "did we hit this" | feels familiar | new sub-task in known project | about to comment a non-obvious choice | about to ask user something likely discussed.
+Differential diagnosis: smallest reproduction → compare actual vs expected → name the delta — that delta is the mutable.
 
-Hits = weak_prior; still witness. Empty = proceed. Capped 6s, ~5ms when serve running. ~200 tokens / 5 hits.
-
-## MEMORIZE — HARD RULE
-
-Unknown→known = same-turn memorize.
-
-```
-Agent(subagent_type='gm:memorize', model='haiku', run_in_background=true, prompt='## CONTEXT TO MEMORIZE\n<fact>')
-```
+## Edits depend on witnesses
 
-Triggers: exec output answers prior unknown | CI log reveals root cause | code read confirms/refutes | env quirk | user states preference/constraint.
+Hypothesis → run → witness → edit. An edit before a witness is a guess. Scan via `exec:codesearch` before creating or modifying — duplicate concern regresses to `planning`. Code-quality preference: native → library → structure → write.
 
-N facts → N parallel Agent calls in ONE message. End-of-turn self-check mandatory.
+## Parallel subagents
 
-## CONSTRAINTS
+Up to 3 `gm:gm` subagents for independent items in one message. Browser escalation: `exec:browser` → `browser` skill → screenshot only as last resort.
 
-**Never**: Bash(node/npm/npx/bun) | fake data | mocks | scattered tests | fallbacks | Grep/Glob/Find/Explore | sequential independent items | respond mid-phase | edit before witnessing | duplicate code | if/else where dispatch suffices | one-liners that obscure | reinvent native/library
+## CI is automated
 
-**Always**: witness every hypothesis | import real modules | scan before edit | regress on new unknown | delete mocks/comments/scattered tests on discovery | update test.js for behavior changes | invoke next skill immediately when done | weight verification by load
+`git push` triggers the Stop hook to watch Actions for the pushed HEAD on the same repo (downstream cascades are not auto-watched). Green → Stop approves with summary; failure → run names + IDs surfaced, investigate via `gh run view <id> --log-failed`. Deadline 180s (override `GM_CI_WATCH_SECS`).

package/skills/gm-gc/SKILL.md

@@ -0,0 +1,19 @@
+---
+name: gm-gc
+description: AI-native software engineering via skill-driven orchestration on gc; bootstraps plugkit for task execution and session isolation
+allowed-tools: Skill
+---
+
+# GM — gc Platform
+
+AI-native software engineering orchestrated via skill chain: PLAN → EXECUTE → EMIT → VERIFY → UPDATE-DOCS.
+
+**Bootstrap pattern**: `bun x gm-plugkit@latest --daemon` downloads the correct platform binary, verifies SHA256, and starts the spool watcher daemon. Call once at session start; idempotent on subsequent calls. All execution routes through the file-spool: write to `.gm/exec-spool/in/<lang>/<N>.<ext>` or `in/<verb>/<N>.txt`, poll `out/<N>.json` for results.
+
+**Session-ID threading (no session-start hook)**: At skill invoke time, generate or detect SESSION_ID (env var `SESSION_ID` or `uuid()`). Pass `sessionId: "<id>"` in every rs-exec RPC body (spawn, tail, watch, etc.) and every spool-written task body. All task-scoped cleanup (deleteTask, getTask, appendOutput, killSessionTasks) requires matching sessionId. Absence is forbidden — hard reject by rs-exec handler.
+
+**Spool dispatch surface**: Write to `.gm/exec-spool/in/<lang>/<N>.<ext>` (languages: nodejs, python, bash, typescript, go, rust, c, cpp, java, deno) or `in/<verb>/<N>.txt` (verbs: codesearch, recall, memorize, wait, sleep, status, close, browser, runner, etc.). Watcher executes and streams `out/<N>.out` (stdout) + `out/<N>.err` (stderr) line-by-line, then `out/<N>.json` metadata (exitCode, durationMs, timedOut, startedAt, endedAt) at completion.
+
+**End-to-end skill chaining (skills-based platforms)**: When gm SKILL.md includes `end-to-end: true`, adapter detects signal and parses stdout for trailing JSON: `{"nextSkill": "...", "context": {...}, "phase": "..."}`. If nextSkill is non-null, invoke `Skill(skill="gm:<nextSkill>")` with context dict, repeat until null. This auto-chains 5 invocations into 1 user invocation.
+
+Every task returns complete: taskId, exitCode, durationMs, timedOut, stdout, stderr. Background tasks return immediately with task_id; continue with exec:tail, exec:watch, or exec:close.