gm-gc 2.0.152 → 2.0.154

package/agents/gm.md

@@ -185,7 +185,7 @@ Server + client split:
 - `git` — version control only
 - `bun x gm-exec` — all other shell/code execution:
   - `bun x gm-exec bash [--cwd=<dir>] <cmd>` — run shell commands
-  - `bun x gm-exec exec [--lang=<lang>] [--cwd=<dir>] [--file=<path>] <code>` — execute code (nodejs default; langs: nodejs, python, go, rust, c, cpp, java, deno, bash)
+  - `bun x gm-exec exec [--lang=<lang>] [--cwd=<dir>] [--file=<path>] <code>` — execute code (nodejs default; langs: nodejs, python, go, rust, c, cpp, java, deno, bash, cmd)
   - `bun x gm-exec status <task_id>` — poll status + drain output of background task
   - `bun x gm-exec sleep <task_id> [seconds]` — wait for task completion (default 30s timeout)
   - `bun x gm-exec close <task_id>` — delete background task
@@ -194,8 +194,8 @@ Server + client split:
 - Everything else is blocked
 
 **gm-exec EXEC SAFETY RULES** — prevent stray files and working directory pollution:
-- NEVER run `bun x gm-exec exec` without `--cwd` pointing to a safe scratch directory, not the project root. Use `--cwd=/tmp` or `--cwd=C:/Windows/Temp` for throwaway runs. Only use `--cwd=<project>` when the code explicitly needs to import from that project.
-- For any code longer than a single expression, use `--file=<path>` instead of inline `<code>`. Write the code to a temp file first via `bun x gm-exec exec "require('fs').writeFileSync('/tmp/run.mjs', \`...\`)"` then run `bun x gm-exec exec --file=/tmp/run.mjs`. This prevents shell quoting failures from leaking code fragments as filenames in the working directory.
+- NEVER run `bun x gm-exec exec` without `--cwd` pointing to a safe scratch directory, not the project root. Use the system temp directory (`os.tmpdir()` — `/tmp` on Unix, `C:\Users\<user>\AppData\Local\Temp` on Windows) for throwaway runs. Only use `--cwd=<project>` when the code explicitly needs to import from that project.
+- For any code longer than a single expression, use `--file=<path>` instead of inline `<code>`. Write the code to a temp file first via `bun x gm-exec exec "require('fs').writeFileSync(require('os').tmpdir()+'/run.mjs', \`...\`)"` then run `bun x gm-exec exec --file=<tmpdir>/run.mjs`. This prevents shell quoting failures from leaking code fragments as filenames in the working directory.
 - Single-line inline code is safe only when it contains no shell metacharacters (backticks, quotes, parens, brackets). If in doubt, use `--file`.
 - After any exec session, verify no stray files were created: `bun x gm-exec bash --cwd=<project> "git status --porcelain"` must be empty. If stray files appear, delete them before proceeding.
 
@@ -293,6 +293,10 @@ Verification means executed system with witnessed working output. These are NOT
 
 Completion requires all of: witnessed execution AND every possible scenario tested AND goal achieved AND real output AND gate conditions passed AND no remaining steps for user. Last 1% of work requires 99% of effort. Partial/ready/prepared states mean nothing. No handoffs ("here is how", "now you can"). Ignore context/token budget constraints entirely. Only consider done when user's last instruction is completely fulfilled.
 
+**NO PREMATURE STOPPING**: Do not stop when you think it works. Do not stop when the main path succeeds. Do not stop after the first green output. Keep going until every item in the .prd is removed, every edge case is witnessed, every platform is rebuilt, every push is confirmed, and `git status --porcelain` is empty. "Looks good" is not done. "Should work" is not done. "I believe it's complete" is not done. Done means: zero remaining .prd items, zero unwitnessed claims, zero uncommitted changes, zero unpushed commits. Anything short of that is mid-execution, not completion.
+
+**CONTINUING AFTER SUCCESS**: When one part succeeds, immediately enumerate what still remains. Never treat a partial success as a reason to report completion. After each witnessed success, ask: what other items in the .prd are still open? What edge cases haven't been executed yet? What downstream effects haven't been verified? Execute all of them before claiming COMPLETE state.
+
 Incomplete execution rule: if a required step cannot be fully completed due to genuine constraints, explicitly state what was incomplete and why. Never pretend incomplete work was fully executed. Never silently skip steps.
 
 After achieving goal: execute real system end to end via `bun x gm-exec`, witness it working, run actual integration tests in `agent-browser` skill for user-facing features, observe actual behavior. Ready state means goal achieved AND proven working AND witnessed by you.
@@ -462,7 +466,7 @@ When constraints conflict:
 
 No policy conflict is preserved. Every conflict is resolved at the moment it is spotted.
 
-**Never**: crash | exit | terminate | use fake data | leave remaining steps for user | spawn/exec/fork in code | write test files | approach context limits as reason to stop | summarize before done | end early due to context | create marker files as completion | use pkill (risks killing agent process) | treat ready state as done without execution | write .prd variants or to non-cwd paths | execute independent items sequentially | use crash as recovery | require human intervention as first solution | violate TOOL_INVARIANTS | use raw bash when `bun x gm-exec` suffices | use bash for file reads/writes/exploration/script execution | use Glob for exploration | use Grep for exploration | use Explore agent | use Read tool for code discovery | use WebSearch for codebase questions | start servers/workers without process-management skill | skip planning skill in PLAN phase | leave orphaned PM2 processes after work completes | defer fixing a spotted inconsistency | defer refactoring code that violates conventions | note an improvement without implementing it | write notes anywhere except .prd (temporary) or CLAUDE.md (permanent) | leave docs out of sync with code | silently pick one rule when two conflict | preserve a policy conflict without resolving it | enforce a policy only at end of session instead of at point of violation
+**Never**: crash | exit | terminate | use fake data | leave remaining steps for user | spawn/exec/fork in code | write test files | approach context limits as reason to stop | summarize before done | end early due to context | create marker files as completion | use pkill (risks killing agent process) | treat ready state as done without execution | write .prd variants or to non-cwd paths | execute independent items sequentially | use crash as recovery | require human intervention as first solution | violate TOOL_INVARIANTS | use raw bash when `bun x gm-exec` suffices | use bash for file reads/writes/exploration/script execution | use Glob for exploration | use Grep for exploration | use Explore agent | use Read tool for code discovery | use WebSearch for codebase questions | start servers/workers without process-management skill | skip planning skill in PLAN phase | leave orphaned PM2 processes after work completes | defer fixing a spotted inconsistency | defer refactoring code that violates conventions | note an improvement without implementing it | write notes anywhere except .prd (temporary) or CLAUDE.md (permanent) | leave docs out of sync with code | silently pick one rule when two conflict | preserve a policy conflict without resolving it | enforce a policy only at end of session instead of at point of violation | stop when it looks like it works | stop after first green output | report completion while .prd items remain | treat partial success as completion | skip edge cases after main path succeeds | leave any item unwitnessed and claim it complete
 
 **Always**: execute via `bun x gm-exec` or `agent-browser` skill | delete mocks on discovery | expose debug hooks | keep files under 200 lines | use ground truth | verify by witnessed execution | complete fully with real data | recover from failures | systems survive forever by design | checkpoint state continuously | contain all promises | maintain supervisors for all components | fix inconsistencies immediately when spotted | restructure code immediately when convention violation found | implement logical improvements immediately when identified | reconcile docs and code before emitting | resolve policy conflicts at the moment they are spotted
 

package/gemini-extension.json

@@ -1,6 +1,6 @@
 {
   "name": "gm",
-  "version": "2.0.152",
+  "version": "2.0.154",
   "description": "State machine agent with hooks, skills, and automated git enforcement",
   "author": "AnEntrypoint",
   "homepage": "https://github.com/AnEntrypoint/gm",

package/hooks/session-start-hook.js

@@ -4,8 +4,8 @@ const fs = require('fs');
 const path = require('path');
 const { execSync } = require('child_process');
 
-const pluginRoot = process.env.CLAUDE_PLUGIN_ROOT || process.env.GEMINI_PROJECT_DIR || process.env.OC_PLUGIN_ROOT;
-const projectDir = process.env.CLAUDE_PROJECT_DIR || process.env.GEMINI_PROJECT_DIR || process.env.OC_PROJECT_DIR;
+const pluginRoot = process.env.CLAUDE_PLUGIN_ROOT || process.env.GEMINI_PROJECT_DIR || process.env.OC_PLUGIN_ROOT || process.env.KILO_PLUGIN_ROOT;
+const projectDir = process.env.CLAUDE_PROJECT_DIR || process.env.GEMINI_PROJECT_DIR || process.env.OC_PROJECT_DIR || process.env.KILO_PROJECT_DIR;
 
 const ensureGitignore = () => {
   if (!projectDir) return;
@@ -22,9 +22,7 @@ const ensureGitignore = () => {
         : content + '\n' + entry + '\n';
       fs.writeFileSync(gitignorePath, newContent);
     }
-  } catch (e) {
-    // Silently fail - not critical
-  }
+  } catch (e) {}
 };
 
 ensureGitignore();
@@ -32,41 +30,24 @@ ensureGitignore();
 try {
   let outputs = [];
 
-  // 1. Read ./start.md
   if (pluginRoot) {
-    const startMdPath = path.join(pluginRoot, '/agents/gm.md');
+    const gmMdPath = path.join(pluginRoot, '/agents/gm.md');
     try {
-      const startMdContent = fs.readFileSync(startMdPath, 'utf-8');
-      outputs.push(startMdContent);
-    } catch (e) {
-      // File may not exist in this context
-    }
+      const gmMdContent = fs.readFileSync(gmMdPath, 'utf-8');
+      outputs.push(gmMdContent);
+    } catch (e) {}
   }
 
-  // 2. Add semantic code-search explanation
-  const codeSearchContext = `## 🔍 Semantic Code Search Now Available
-
-Your prompts will trigger **semantic code search** - intelligent, intent-based exploration of your codebase.
+  const codeSearchContext = `## Semantic Code Search Available
 
-### How It Works
-Describe what you need in plain language, and the search understands your intent:
-- "Find authentication validation" → locates auth checks, guards, permission logic
-- "Where is database initialization?" → finds connection setup, migrations, schemas
-- "Show error handling patterns" → discovers try/catch patterns, error boundaries
+Describe what you need in plain language to search the codebase:
+- "Find authentication validation" locates auth checks, guards, permission logic
+- "Where is database initialization?" finds connection setup, migrations, schemas
+- "Show error handling patterns" discovers try/catch patterns, error boundaries
 
-NOT syntax-based regex matching - truly semantic understanding across files.
-
-### Example
-Instead of regex patterns, simply describe your intent:
-"Find where API authorization is checked"
-
-The search will find permission validations, role checks, authentication guards - however they're implemented.
-
-### When to Use Code Search
-When exploring unfamiliar code, finding similar patterns, understanding integrations, or locating feature implementations across your codebase.`;
+Use the code-search skill for all codebase exploration.`;
   outputs.push(codeSearchContext);
 
-  // 3. Run mcp-thorns (bun x with npx fallback)
   if (projectDir && fs.existsSync(projectDir)) {
     try {
       let thornOutput;
@@ -97,55 +78,26 @@ When exploring unfamiliar code, finding similar patterns, understanding integrat
 
   const isGemini = process.env.GEMINI_PROJECT_DIR !== undefined;
   const isOpenCode = process.env.OC_PLUGIN_ROOT !== undefined;
+  const isKilo = process.env.KILO_PLUGIN_ROOT !== undefined;
 
   if (isGemini) {
-    const result = {
-      systemMessage: additionalContext
-    };
-    console.log(JSON.stringify(result, null, 2));
-  } else if (isOpenCode) {
-    const result = {
-      hookSpecificOutput: {
-        hookEventName: 'session.created',
-        additionalContext
-      }
-    };
-    console.log(JSON.stringify(result, null, 2));
+    console.log(JSON.stringify({ systemMessage: additionalContext }, null, 2));
+  } else if (isOpenCode || isKilo) {
+    console.log(JSON.stringify({ hookSpecificOutput: { hookEventName: 'session.created', additionalContext } }, null, 2));
   } else {
-    const result = {
-      hookSpecificOutput: {
-        hookEventName: 'SessionStart',
-        additionalContext
-      }
-    };
-    console.log(JSON.stringify(result, null, 2));
+    console.log(JSON.stringify({ hookSpecificOutput: { hookEventName: 'SessionStart', additionalContext } }, null, 2));
   }
 } catch (error) {
   const isGemini = process.env.GEMINI_PROJECT_DIR !== undefined;
   const isOpenCode = process.env.OC_PLUGIN_ROOT !== undefined;
+  const isKilo = process.env.KILO_PLUGIN_ROOT !== undefined;
 
   if (isGemini) {
-    console.log(JSON.stringify({
-      systemMessage: `Error executing hook: ${error.message}`
-    }, null, 2));
-  } else if (isOpenCode) {
-    console.log(JSON.stringify({
-      hookSpecificOutput: {
-        hookEventName: 'session.created',
-        additionalContext: `Error executing hook: ${error.message}`
-      }
-    }, null, 2));
+    console.log(JSON.stringify({ systemMessage: `Error executing hook: ${error.message}` }, null, 2));
+  } else if (isOpenCode || isKilo) {
+    console.log(JSON.stringify({ hookSpecificOutput: { hookEventName: 'session.created', additionalContext: `Error executing hook: ${error.message}` } }, null, 2));
   } else {
-    console.log(JSON.stringify({
-      hookSpecificOutput: {
-        hookEventName: 'SessionStart',
-        additionalContext: `Error executing hook: ${error.message}`
-      }
-    }, null, 2));
+    console.log(JSON.stringify({ hookSpecificOutput: { hookEventName: 'SessionStart', additionalContext: `Error executing hook: ${error.message}` } }, null, 2));
   }
   process.exit(0);
 }
-
-
-
-

package/hooks/stop-hook-git.js

@@ -1,6 +1,5 @@
-#!/usr/bin/env node
+#!/usr/bin/env bun
 
-// Skip hooks when running inside agentgui subprocess to prevent spurious injections
 if (process.env.AGENTGUI_SUBPROCESS === '1') {
   console.log(JSON.stringify({ decision: 'approve' }));
   process.exit(0);
@@ -9,13 +8,14 @@ if (process.env.AGENTGUI_SUBPROCESS === '1') {
 const { execSync } = require('child_process');
 const fs = require('fs');
 const path = require('path');
+const os = require('os');
 const crypto = require('crypto');
 
 const projectDir = process.env.CLAUDE_PROJECT_DIR || process.cwd();
 
 const getCounterPath = () => {
   const hash = crypto.createHash('md5').update(projectDir).digest('hex');
-  return path.join('/tmp', `gm-git-block-counter-${hash}.json`);
+  return path.join(os.tmpdir(), `gm-git-block-counter-${hash}.json`);
 };
 
 const readCounter = () => {

package/hooks/stop-hook.js

@@ -1,6 +1,5 @@
-#!/usr/bin/env node
+#!/usr/bin/env bun
 
-// Skip hooks when running inside agentgui subprocess to prevent spurious injections
 if (process.env.AGENTGUI_SUBPROCESS === '1') {
   console.log(JSON.stringify({ decision: 'approve' }));
   process.exit(0);
@@ -9,8 +8,6 @@ if (process.env.AGENTGUI_SUBPROCESS === '1') {
 const fs = require('fs');
 const path = require('path');
 
-// Always use current working directory for .prd location
-// Explicitly resolve to ./.prd in the current folder
 const projectDir = process.cwd();
 const prdFile = path.resolve(projectDir, '.prd');
 
@@ -22,19 +19,15 @@ const run = () => {
   if (aborted) return { ok: true };
 
   try {
-    // Check if .prd file exists and has content
     if (fs.existsSync(prdFile)) {
       const prdContent = fs.readFileSync(prdFile, 'utf-8').trim();
       if (prdContent.length > 0) {
-        // .prd has content, block stopping
         return {
           ok: false,
           reason: `Work items remain in ${prdFile}. Remove completed items as they finish. Current items:\n\n${prdContent}`
         };
       }
     }
-
-    // .prd doesn't exist or is empty, allow stop
     return { ok: true };
   } catch (error) {
     return { ok: true };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gm-gc",
-  "version": "2.0.152",
+  "version": "2.0.154",
   "description": "State machine agent with hooks, skills, and automated git enforcement",
   "author": "AnEntrypoint",
   "license": "MIT",