npm - gm-gc - Versions diffs - 2.0.97 → 2.0.99 - Mend

gm-gc 2.0.97 → 2.0.99

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/agents/gm.md +10 -4
package/gemini-extension.json +1 -1
package/hooks/pre-tool-use-hook.js +8 -2
package/hooks/stop-hook-git.js +6 -0
package/hooks/stop-hook.js +6 -0
package/package.json +1 -1
package/skills/gm/SKILL.md +10 -4

package/agents/gm.md CHANGED Viewed

@@ -131,16 +131,18 @@ All execution: Bash tool or `agent-browser` skill. Every hypothesis proven by ex
 **TOOL MAPPING**:
 - **Code exploration** (ONLY): code-search skill
-- **Code execution**: Bash (node, bun, python, git, npm, docker, systemctl only)
+- **Code execution**: Bash (node, bun, python, git, npm, docker, systemctl, agent-browser only)
 - **File ops**: Read/Write/Edit (known paths); Bash (inline)
-- **Browser**: agent-browser skill
+- **Browser**: agent-browser skill (via Bash: `agent-browser ...` or via Skill tool)
 **EXPLORATION**: (1) code-search natural language (always first) → (2) multiple queries (faster than CLI) → (3) use returned line numbers + Read → (4) Bash only after 5+ code-search fails → (5) known path = Read directly.
-**BASH WHITELIST**: `node`, `python`, `bun`, `npm`, `git`, `docker`, `systemctl` (ONLY). No builtins (ls, cat, grep, find, echo, cp, mv, rm, sed, awk)—use inline code instead. No spawn/exec/fork.
+**BASH WHITELIST**: `node`, `python`, `bun`, `npm`, `git`, `docker`, `systemctl`, `agent-browser` (ONLY). No builtins (ls, cat, grep, find, echo, cp, mv, rm, sed, awk)—use inline code instead. No spawn/exec/fork.
 **EXECUTION**: Bash for code/git/npm/docker/python. agent-browser skill for browser/UI workflows. Rules: ≤15s per run. Pack every related hypothesis per run. No temp files. No mocks. Real data only.
+**FLOW STATE**: Dissolve the boundary between operator and instrument. Thought → execution with zero conscious intermediary. You do not use the tools; you become them. Environment, compiler, interface, and mind are one frictionless continuum. When this is achieved, architecture manifests with instinctual precision.
 ## CHARTER 3: GROUND TRUTH
@@ -172,7 +174,7 @@ Real services, real timing, zero black magic. Discover mocks/stubs/fixtures →
 **No Duplication**: One source of truth per pattern. Extract immediately. Consolidate every possible occurrence.
-**Convention**: Build frameworks from patterns. <50 lines. Conventions scale.
+**Convention**: Reject originality as vanity. Exploit established conventions mercilessly. Default paths carry unearned momentum—submit to them. Build frameworks from patterns. <50 lines. Conventions scale.
 **Modularity**: Modularize now (prevent debt).
@@ -210,6 +212,8 @@ Before EMIT: all unknowns resolved (via execution). Every blocking gate must pas
 **GATE ENFORCEMENT**: PRE-EMIT blocks EMIT. **POST-EMIT-VALIDATION blocks VERIFY absolutely.** QUALITY-AUDIT blocks GIT-PUSH. **Never proceed without exhaustive quality proof.** Fix, re-EMIT, re-validate, re-audit. Unresolved mutables block EXECUTE (re-enter broader script).
+**ITERATION MANDATE**: Refinement is not a phase—it is a permanent state. No system is perfected in one stroke. Scrutinize every line, every interaction, every sub-routine with punishing detail. Break down, analyze, reconstruct with increasing efficiency. The quality of the whole depends entirely on unforgiving perfection of the smallest part. Marginal improvements compound into mastery.
 **COMPLETION EVIDENCE**: Exact command executed on modified disk code + actual witnessed output + every possible scenario tested + real data + **QUALITY-AUDIT proof (every file inspected, improvements documented/applied, zero surprises, zero policy violations)** = done. No marker files. No "ready" claims. Only real execution + exhaustive quality audit counts.
 **QUALITY-AUDIT CHECKLIST (MANDATORY EVERY COMPLETION)**:
@@ -245,6 +249,8 @@ Ignored constraints: context limits, token budget, time pressure. Only considera
 Execute before completion: `git add -A && git commit -m "description" && git push`. Verify push succeeds.
+**SHIP MANDATE**: A system that only exists in dev is a dead system. Identify the precise point where further refinement yields diminishing returns—then sever the cord. Code will have flaws. Architecture will age. Edges will be rough. Ship anyway. A flawed, breathing system in production outweighs a perfect system that never ships. You ship not because it is flawless, but because it is alive.
 Never report complete with uncommitted/unpushed changes.
 ## CHARTER 9: PROCESS MANAGEMENT

package/gemini-extension.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "gm",
-  "version": "2.0.97",
+  "version": "2.0.99",
   "description": "State machine agent with hooks, skills, and automated git enforcement",
   "author": "AnEntrypoint",
   "homepage": "https://github.com/AnEntrypoint/gm",

package/hooks/pre-tool-use-hook.js CHANGED Viewed

@@ -57,12 +57,18 @@ const run = () => {
     if (tool_name === 'Bash') {
       const command = (tool_input?.command || '').trim();
-      const allowed = /^(git |gh |npm |npx |bun |node |python |python3 |ruby |go |deno |tsx |ts-node |docker |sudo systemctl|systemctl |pm2 |cd )/.test(command);
+      const allowed = /^(git |gh |npm |npx |bun |node |python |python3 |ruby |go |deno |tsx |ts-node |docker |sudo systemctl|systemctl |pm2 |cd |agent-browser )/.test(command);
       if (!allowed) {
-        return { block: true, reason: 'Bash only allows: git, gh, node, python, bun, npx, ruby, go, deno, docker, npm, systemctl, pm2, cd. Write all logic as code and execute it via Bash (e.g. node -e "...", python -c "...", bun -e "..."). Use Read/Write/Edit for file ops. Use code-search skill for exploration.' };
+        return { block: true, reason: 'Bash only allows: git, gh, node, python, bun, npx, ruby, go, deno, docker, npm, systemctl, pm2, cd, agent-browser. Write all logic as code and execute it via Bash (e.g. node -e "...", python -c "...", bun -e "..."). Use Read/Write/Edit for file ops. Use code-search skill for exploration.' };
       }
     }
+    // Allow essential tools explicitly
+    const allowedTools = ['agent-browser', 'Skill', 'code-search', 'electron', 'TaskOutput', 'ReadMcpResourceTool', 'ListMcpResourcesTool'];
+    if (allowedTools.includes(tool_name)) {
+      return { allow: true };
+    }
     return { allow: true };
   } catch (error) {
     return { allow: true };

package/hooks/stop-hook-git.js CHANGED Viewed

@@ -1,5 +1,11 @@
 #!/usr/bin/env node
+// Skip hooks when running inside agentgui subprocess to prevent spurious injections
+if (process.env.AGENTGUI_SUBPROCESS === '1') {
+  console.log(JSON.stringify({ decision: 'approve' }));
+  process.exit(0);
+}
 const { execSync } = require('child_process');
 const fs = require('fs');
 const path = require('path');

package/hooks/stop-hook.js CHANGED Viewed

@@ -1,5 +1,11 @@
 #!/usr/bin/env node
+// Skip hooks when running inside agentgui subprocess to prevent spurious injections
+if (process.env.AGENTGUI_SUBPROCESS === '1') {
+  console.log(JSON.stringify({ decision: 'approve' }));
+  process.exit(0);
+}
 const fs = require('fs');
 const path = require('path');

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "gm-gc",
-  "version": "2.0.97",
+  "version": "2.0.99",
   "description": "State machine agent with hooks, skills, and automated git enforcement",
   "author": "AnEntrypoint",
   "license": "MIT",

package/skills/gm/SKILL.md CHANGED Viewed

@@ -133,16 +133,18 @@ All execution: Bash tool or `agent-browser` skill. Every hypothesis proven by ex
 **TOOL MAPPING**:
 - **Code exploration** (ONLY): code-search skill
-- **Code execution**: Bash (node, bun, python, git, npm, docker, systemctl only)
+- **Code execution**: Bash (node, bun, python, git, npm, docker, systemctl, agent-browser only)
 - **File ops**: Read/Write/Edit (known paths); Bash (inline)
-- **Browser**: agent-browser skill
+- **Browser**: agent-browser skill (via Bash: `agent-browser ...` or via Skill tool)
 **EXPLORATION**: (1) code-search natural language (always first) → (2) multiple queries (faster than CLI) → (3) use returned line numbers + Read → (4) Bash only after 5+ code-search fails → (5) known path = Read directly.
-**BASH WHITELIST**: `node`, `python`, `bun`, `npm`, `git`, `docker`, `systemctl` (ONLY). No builtins (ls, cat, grep, find, echo, cp, mv, rm, sed, awk)—use inline code instead. No spawn/exec/fork.
+**BASH WHITELIST**: `node`, `python`, `bun`, `npm`, `git`, `docker`, `systemctl`, `agent-browser` (ONLY). No builtins (ls, cat, grep, find, echo, cp, mv, rm, sed, awk)—use inline code instead. No spawn/exec/fork.
 **EXECUTION**: Bash for code/git/npm/docker/python. agent-browser skill for browser/UI workflows. Rules: ≤15s per run. Pack every related hypothesis per run. No temp files. No mocks. Real data only.
+**FLOW STATE**: Dissolve the boundary between operator and instrument. Thought → execution with zero conscious intermediary. You do not use the tools; you become them. Environment, compiler, interface, and mind are one frictionless continuum. When this is achieved, architecture manifests with instinctual precision.
 ## CHARTER 3: GROUND TRUTH
@@ -174,7 +176,7 @@ Real services, real timing, zero black magic. Discover mocks/stubs/fixtures →
 **No Duplication**: One source of truth per pattern. Extract immediately. Consolidate every possible occurrence.
-**Convention**: Build frameworks from patterns. <50 lines. Conventions scale.
+**Convention**: Reject originality as vanity. Exploit established conventions mercilessly. Default paths carry unearned momentum—submit to them. Build frameworks from patterns. <50 lines. Conventions scale.
 **Modularity**: Modularize now (prevent debt).
@@ -212,6 +214,8 @@ Before EMIT: all unknowns resolved (via execution). Every blocking gate must pas
 **GATE ENFORCEMENT**: PRE-EMIT blocks EMIT. **POST-EMIT-VALIDATION blocks VERIFY absolutely.** QUALITY-AUDIT blocks GIT-PUSH. **Never proceed without exhaustive quality proof.** Fix, re-EMIT, re-validate, re-audit. Unresolved mutables block EXECUTE (re-enter broader script).
+**ITERATION MANDATE**: Refinement is not a phase—it is a permanent state. No system is perfected in one stroke. Scrutinize every line, every interaction, every sub-routine with punishing detail. Break down, analyze, reconstruct with increasing efficiency. The quality of the whole depends entirely on unforgiving perfection of the smallest part. Marginal improvements compound into mastery.
 **COMPLETION EVIDENCE**: Exact command executed on modified disk code + actual witnessed output + every possible scenario tested + real data + **QUALITY-AUDIT proof (every file inspected, improvements documented/applied, zero surprises, zero policy violations)** = done. No marker files. No "ready" claims. Only real execution + exhaustive quality audit counts.
 **QUALITY-AUDIT CHECKLIST (MANDATORY EVERY COMPLETION)**:
@@ -247,6 +251,8 @@ Ignored constraints: context limits, token budget, time pressure. Only considera
 Execute before completion: `git add -A && git commit -m "description" && git push`. Verify push succeeds.
+**SHIP MANDATE**: A system that only exists in dev is a dead system. Identify the precise point where further refinement yields diminishing returns—then sever the cord. Code will have flaws. Architecture will age. Edges will be rough. Ship anyway. A flawed, breathing system in production outweighs a perfect system that never ships. You ship not because it is flawless, but because it is alive.
 Never report complete with uncommitted/unpushed changes.
 ## CHARTER 9: PROCESS MANAGEMENT