gm-kilo 2.0.47 → 2.0.49

package/.github/workflows/publish-npm.yml

@@ -11,27 +11,52 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GH_PAT || github.token }}
 
       - uses: actions/setup-node@v4
         with:
           node-version: '22'
           registry-url: 'https://registry.npmjs.org'
 
+      - name: Configure git
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+      - name: Bump patch version
+        run: |
+          PACKAGE=$(jq -r '.name' package.json)
+          OLD_VERSION=$(jq -r '.version' package.json)
+
+          # Skip bump if last commit was already a version bump
+          LAST_MSG=$(git log -1 --pretty=%s)
+          if echo "$LAST_MSG" | grep -qE '^v[0-9]+\.[0-9]+\.[0-9]+$'; then
+            echo "Last commit was a version bump, skipping"
+            echo "SKIP_BUMP=true" >> $GITHUB_ENV
+          else
+            npm version patch --no-git-tag-version
+            NEW_VERSION=$(jq -r '.version' package.json)
+            git add package.json
+            git commit -m "v$NEW_VERSION"
+            git push
+            echo "Bumped $PACKAGE from $OLD_VERSION to $NEW_VERSION"
+          fi
+
       - name: Publish to npm
         run: |
           PACKAGE=$(jq -r '.name' package.json)
           VERSION=$(jq -r '.version' package.json)
           echo "Package: $PACKAGE@$VERSION"
 
-          # Skip if this exact version is already on npm
           PUBLISHED=$(npm view "$PACKAGE@$VERSION" version 2>/dev/null || echo "")
           if [ "$PUBLISHED" = "$VERSION" ]; then
-            echo "✅ $PACKAGE@$VERSION already published - skipping"
+            echo "$PACKAGE@$VERSION already published - skipping"
             exit 0
           fi
 
           echo "Publishing $PACKAGE@$VERSION..."
           npm publish --access public
-          echo "✅ Published $PACKAGE@$VERSION"
+          echo "Published $PACKAGE@$VERSION"
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/.gitignore

@@ -11,3 +11,6 @@ build/
 .vscode/
 .idea/
 *.iml
+.gm-stop-verified
+
+.code-search/

package/agents/gm.md

@@ -54,11 +54,11 @@ The .prd path must resolve to exactly ./.prd in current working directory. No va
 
 Scope: Where and how code runs. Governs tool selection and execution context.
 
-All execution via `dev` skill or `agent-browser` skill. Every hypothesis proven by execution before changing files. Know nothing until execution proves it.
+All execution via `code_execution` tool (Python) or `agent-browser` skill. Every hypothesis proven by execution before changing files. Know nothing until execution proves it.
 
-**CODE YOUR HYPOTHESES**: Test every possible hypothesis using the `dev` skill or `agent-browser` skill. Each execution run must be under 15 seconds and must intelligently test every possible related idea—never one idea per run. Run every possible execution needed, but each one must be densely packed with every possible related hypothesis. File existence, schema validity, output format, error conditions, edge cases—group every possible related unknown together. The goal is every possible hypothesis per run. Use `agent-browser` skill for cross-client UI testing and browser-based hypothesis validation.
+**CODE YOUR HYPOTHESES**: Test every possible hypothesis using the `code_execution` tool with Python or `agent-browser` skill. Each run must be under 15 seconds and must densely pack every possible related hypothesis. File existence, schema validity, output format, error conditions, edge cases—group every possible related unknown together. The goal is every possible hypothesis per run. Use `agent-browser` skill for cross-client UI testing and browser-based hypothesis validation.
 
-**DEFAULT IS CODE, NOT BASH**: `dev` skill is the primary execution tool. Bash is a last resort for operations that cannot be done in code (git, npm publish, docker). If you find yourself writing a bash command, stop and ask: can this be done in the `dev` skill? The answer is almost always yes.
+**DEFAULT IS code_execution WITH PYTHON**: Call the `code_execution` tool with Python code. The PreToolUse hook intercepts it, runs python3, and returns the output. Bash is blocked except for git, npm publish, and docker. If you find yourself writing a bash command, stop and ask: can this be done in Python? The answer is almost always yes. Use `subprocess.run()` for shell operations that truly can't be done otherwise.
 
 **TOOL POLICY**: All code execution via `dev` skill. Use `code-search` skill for exploration. Reference TOOL_INVARIANTS for enforcement.
 
@@ -74,8 +74,8 @@ All execution via `dev` skill or `agent-browser` skill. Every hypothesis proven
 
 **REQUIRED TOOL MAPPING**:
 - Code exploration: `code-search` skill — THE ONLY exploration tool. Semantic search 102 file types. Natural language queries with line numbers. No glob, no grep, no find, no explore agent, no Read for discovery.
-- Code execution: `dev` skill — run JS/TS/Python/Go/Rust/etc via Bash
-- File operations: `dev` skill with bun/node fs inline — read, write, stat files
+- Code execution: call the `code_execution` tool directly with Python code — the PreToolUse hook intercepts it, runs python3, and returns `[CODE EXECUTION RESULT]\nstdout: ...\nstderr: ...\nexit_code: N` as the result. Use Python's `subprocess` module for shell operations, `pathlib`/`os` for files, `requests` for HTTP.
+- File operations: `code_execution` tool with Python `pathlib`/`os`/`open()` — read, write, stat files
 - Bash: ONLY git, npm publish/pack, docker, system daemons
 - Browser: Use **`agent-browser` skill** instead of puppeteer/playwright - same power, cleaner syntax, built for AI agents
 

package/hooks/pre-tool-use-hook.js

@@ -55,6 +55,29 @@ const run = () => {
       return { block: true, reason: 'Plan mode is disabled. Use GM agent planning (PLAN→EXECUTE→EMIT→VERIFY→COMPLETE state machine) via gm:gm subagent instead.' };
     }
 
+    if (tool_name === 'Bash') {
+      const command = (tool_input?.command || '').trim();
+      const allowed = /^(git |npm publish|npm pack|docker |sudo systemctl|systemctl )/.test(command);
+      if (!allowed) {
+        return { block: true, reason: 'Bash is blocked. Use the code_execution tool with Python instead. The hook intercepts code_execution, runs python3, and returns stdout/stderr/exit_code. Example: use code_execution with code "import subprocess; r=subprocess.run([\'node\',\'--version\'],capture_output=True,text=True); print(r.stdout)"' };
+      }
+    }
+
+    if (tool_name === 'code_execution') {
+      const code = tool_input?.code || '';
+      const { spawnSync } = require('child_process');
+      const proc = spawnSync('python3', ['-'], {
+        input: code,
+        encoding: 'utf-8',
+        timeout: 30000
+      });
+      const stdout = proc.stdout || '';
+      const stderr = proc.stderr || '';
+      const exitCode = proc.status !== null ? proc.status : 1;
+      const result = `[CODE EXECUTION RESULT]\nstdout: ${stdout}\nstderr: ${stderr}\nexit_code: ${exitCode}`;
+      return { block: true, reason: result };
+    }
+
     return { allow: true };
   } catch (error) {
     return { allow: true };
@@ -70,7 +93,7 @@ try {
     } else {
       console.log(JSON.stringify({ hookSpecificOutput: { hookEventName: 'PreToolUse', permissionDecision: 'deny', permissionDecisionReason: result.reason } }));
     }
-    process.exit(2);
+    process.exit(0);
   }
 
   if (isGemini) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gm-kilo",
-  "version": "2.0.47",
+  "version": "2.0.49",
   "description": "State machine agent with hooks, skills, and automated git enforcement",
   "author": "AnEntrypoint",
   "license": "MIT",
@@ -54,4 +54,4 @@
     ".gitignore",
     ".editorconfig"
   ]
-}
+}

package/skills/dev/SKILL.md

@@ -1,48 +1,54 @@
 ---
 name: dev
-description: Execute code and shell commands. Use for all code execution, file operations, running scripts, testing hypotheses, and any task that requires running code. Replaces plugin:gm:dev and mcp-glootie.
-allowed-tools: Bash
+description: Execute code by calling the code_execution tool with Python code. The PreToolUse hook intercepts code_execution calls, runs the Python via python3, and returns stdout/stderr/exit_code as the result. Use for all code execution, file operations, running scripts, and hypothesis testing.
+allowed-tools: Bash,code_execution
 ---
 
 # Code Execution with dev
 
-Execute code directly using the Bash tool. No wrapper, no persistent files, no cleanup needed beyond what the code itself creates.
+Use the `code_execution` tool with Python code. The hook intercepts the call, executes the Python locally, and returns the result as a deny reason formatted as:
 
-## Run code inline
-
-```bash
-# JavaScript / TypeScript
-bun -e "const fs = require('fs'); console.log(fs.readdirSync('.'))"
-bun -e "import { readFileSync } from 'fs'; console.log(readFileSync('package.json', 'utf-8'))"
-
-# Run a file
-bun run script.ts
-node script.js
-
-# Python
-python -c "import json; print(json.dumps({'ok': True}))"
-
-# Shell
-bash -c "ls -la && cat package.json"
 ```
+[CODE EXECUTION RESULT]
+stdout: <output>
+stderr: <errors>
+exit_code: <N>
+```
+
+## Run code inline
 
-## File operations (inline, no temp files)
+```python
+# File operations
+import os, json
+print(json.dumps(os.listdir('.')))
 
-```bash
-# Read
-bun -e "console.log(require('fs').readFileSync('path/to/file', 'utf-8'))"
+# Read a file
+with open('package.json') as f:
+    print(f.read())
 
-# Write
-bun -e "require('fs').writeFileSync('out.json', JSON.stringify({x:1}, null, 2))"
+# Write a file
+with open('out.json', 'w') as f:
+    import json
+    json.dump({'ok': True}, f, indent=2)
 
 # Stat / exists
-bun -e "const fs=require('fs'); console.log(fs.existsSync('file.txt'), fs.statSync?.('.')?.size)"
+import os
+print(os.path.exists('file.txt'), os.path.getsize('.'))
+
+# HTTP requests
+import urllib.request
+resp = urllib.request.urlopen('https://example.com')
+print(resp.read()[:200])
+
+# Run subprocess
+import subprocess
+r = subprocess.run(['node', '--version'], capture_output=True, text=True)
+print(r.stdout)
 ```
 
 ## Rules
 
 - Each run under 15 seconds
 - Pack every related hypothesis into one run — never one idea per run
-- No persistent temp files; if a temp file is needed, delete it in the same command
-- No spawn/exec/fork inside executed code
-- Use `bun` over `node` when available
+- No persistent temp files; if a temp file is needed, delete it in the same code
+- Use `code_execution` tool for all execution; Bash only for git/npm publish/docker

package/skills/process-management/SKILL.md

@@ -12,6 +12,27 @@ description: >-
 
 All applications MUST run through PM2. Direct invocations (node, bun, python) are forbidden for any process that produces output or has a lifecycle.
 
+## Installation (First Time Only)
+
+Check if PM2 is installed:
+
+```bash
+pm2 --version
+```
+
+If command not found, install globally:
+
+```bash
+npm install -g pm2
+```
+
+Verify installation:
+
+```bash
+pm2 --version        # should print version number
+pm2 ping             # should respond "pong"
+```
+
 ## Pre-Start Check (MANDATORY)
 
 Before starting any process, check what is already running: