gm-skill 0.1.1 → 0.1.2

package/skills/gm-emit/SKILL.md

@@ -0,0 +1,70 @@
+---
+name: gm-emit
+description: EMIT phase. Pre-emit debug, write files, post-emit verify from disk. Any new unknown triggers immediate snake back to planning — restart chain.
+---
+
+# GM EMIT — Write and verify from disk
+
+Entry: every mutable KNOWN, from `gm-execute` or re-entered from VERIFY. Exit: gates clear → `gm-complete`.
+
+Cross-cutting dispositions live in `gm` SKILL.md.
+
+## Transitions
+
+- All gates clear → `gm-complete`
+- Post-emit variance with known cause → fix in-band, re-verify, stay in EMIT
+- Pre-emit reveals known logic error → `gm-execute`
+- Pre-emit reveals new unknown OR post-emit variance with unknown cause OR scope changed → `planning`
+
+## Legitimacy gate (before pre-emit run)
+
+For every claim landing in a file, answer five questions:
+
+1. Earned specificity — does it trace to `authorization=witnessed`, or is it inflated from a weak prior?
+2. Repair legality — is a local patch dressed as structural repair? Downgrade scope or regress to PLAN.
+3. Lawful downgrade — can a weaker, true statement replace it? Prefer the downgrade.
+4. Alternative-route suppression — is a live competing route being silenced? Preserve it.
+5. Strongest objection — what would the sharpest reviewer pushback be? Articulate it. Cannot articulate = have not understood the alternatives → `gm-execute`.
+
+Any failure regresses to `gm-execute` to witness what was missing, or `planning` if the gap is structural.
+
+## Pre-emit run
+
+Mandatory before writing any file. Write the probe to the spool (`.gm/exec-spool/in/nodejs/<N>.js`):
+
+```
+const { fn } = await import('/abs/path/to/module.js');
+console.log(await fn(realInput));
+```
+
+Import the actual module from disk to witness current behavior as the baseline. Run the proposed logic in isolation without writing — witness with real inputs and with real error inputs. Match expected → write. Unexpected → new unknown → `planning`.
+
+## Writing
+
+Use the Write tool, or a nodejs spool file with `require('fs')`. Write only when every gate mutable resolves simultaneously.
+
+## Post-emit verification
+
+Re-import from disk — in-memory state is stale and inadmissible. Run identical inputs as pre-emit; output must match the baseline exactly. Known variance → fix and re-verify (self-loop). Unknown variance → `planning`.
+
+## Mutables gate
+
+Before pre-emit run, read `.gm/mutables.yml`. Any entry with `status: unknown` → regress to `gm-execute`. The pre-tool-use hook hard-blocks Write/Edit/NotebookEdit while unresolved entries exist; trying to emit anyway returns deny. Zero unresolved is the precondition for every legitimacy question below.
+
+## Gate (all true at once)
+
+- `.gm/mutables.yml` empty/absent OR every entry `status: witnessed` with filled `witness_evidence`
+- Legitimacy gate passed; no refused collapse
+- Pre-emit passed with real inputs and real error inputs
+- Post-emit matches pre-emit exactly
+- Hot-reloadable; errors throw with context (no `|| default`, no `catch { return null }`, no fallbacks)
+- No mocks, fakes, stubs, or scattered test files (delete on discovery)
+- Any behavior change has a corresponding assertion in `test.js` — a change no test catches is a change you cannot prove
+- Browser-facing change → post-emit verify includes a live `exec:browser` witness (boot server → `page.goto` → `page.evaluate` asserting the invariant the change established). Node-side import + test.js does not satisfy this — the final gate runs again in `gm-complete`.
+- Files ≤ 200 lines
+- No duplicate concern (run `exec:codesearch` for the primary concern after writing; overlap → `planning`)
+- No comments, no hardcoded values, no adjectives in identifiers, no unnecessary files
+- Observability: new server subsystems expose `/debug/<subsystem>`; new client modules register in `window.__debug`
+- Structure: no if/else where dispatch suffices; no one-liners that obscure; no reinvented APIs
+- Every fact resolved this phase memorized via background `Agent(memorize)`
+- CHANGELOG.md updated; TODO.md cleared or deleted

package/skills/gm-emit/index.js

@@ -0,0 +1,90 @@
+const fs = require('fs');
+const path = require('path');
+const yaml = require('yaml');
+
+async function emitSkill(input, parentContext) {
+  const context = parentContext || {
+    request: input.request || '',
+    taskId: input.taskId || require('crypto').randomUUID(),
+    sessionId: process.env.SESSION_ID || require('crypto').randomUUID(),
+  };
+
+  const gmDir = path.join(process.cwd(), '.gm');
+  const prdPath = path.join(gmDir, 'prd.yml');
+
+  console.error(`[gm-emit] EMIT phase starting`);
+
+  let prd = [];
+
+  try {
+    if (fs.existsSync(prdPath)) {
+      const prdContent = fs.readFileSync(prdPath, 'utf8');
+      prd = yaml.parse(prdContent) || [];
+    }
+  } catch (err) {
+    console.error(`[gm-emit] ERROR reading prd.yml:`, err.message);
+  }
+
+  console.error(`[gm-emit] PRD has ${prd.length} items`);
+
+  const incompleteItems = prd.filter(item => item.status !== 'completed');
+  if (incompleteItems.length > 0) {
+    console.error(`[gm-emit] Found ${incompleteItems.length} incomplete items, returning to EXECUTE`);
+    return {
+      nextSkill: 'gm-execute',
+      context,
+      phase: 'EMIT',
+    };
+  }
+
+  console.error(`[gm-emit] All PRD items completed, proceeding with EMIT`);
+
+  const emittedFiles = [];
+
+  try {
+    if (!fs.existsSync(gmDir)) {
+      fs.mkdirSync(gmDir, { recursive: true });
+    }
+
+    const stateFile = path.join(gmDir, 'emit-state.json');
+    const emitState = {
+      timestamp: new Date().toISOString(),
+      filesWritten: emittedFiles,
+      prdCount: prd.length,
+      allCompleted: true,
+    };
+
+    fs.writeFileSync(stateFile, JSON.stringify(emitState, null, 2), 'utf8');
+    emittedFiles.push(stateFile);
+
+    console.error(`[gm-emit] Wrote ${emittedFiles.length} files`);
+  } catch (err) {
+    console.error(`[gm-emit] ERROR during emit:`, err.message);
+    return {
+      nextSkill: null,
+      context,
+      phase: 'ERROR',
+      error: `EMIT failed: ${err.message}`,
+    };
+  }
+
+  context.prd = prd;
+
+  return {
+    nextSkill: 'gm-complete',
+    context,
+    phase: 'EMIT',
+  };
+}
+
+if (require.main === module) {
+  const input = { request: process.argv[2] || 'default task' };
+  emitSkill(input).then(result => {
+    console.log(JSON.stringify(result, null, 2));
+  }).catch(err => {
+    console.error('Fatal error:', err);
+    process.exit(1);
+  });
+}
+
+module.exports = emitSkill;

package/skills/gm-emit.SKILL.md

@@ -0,0 +1,70 @@
+---
+name: gm-emit
+description: EMIT phase. Pre-emit debug, write files, post-emit verify from disk. Any new unknown triggers immediate snake back to planning — restart chain.
+---
+
+# GM EMIT — Write and verify from disk
+
+Entry: every mutable KNOWN, from `gm-execute` or re-entered from VERIFY. Exit: gates clear → `gm-complete`.
+
+Cross-cutting dispositions live in `gm` SKILL.md.
+
+## Transitions
+
+- All gates clear → `gm-complete`
+- Post-emit variance with known cause → fix in-band, re-verify, stay in EMIT
+- Pre-emit reveals known logic error → `gm-execute`
+- Pre-emit reveals new unknown OR post-emit variance with unknown cause OR scope changed → `planning`
+
+## Legitimacy gate (before pre-emit run)
+
+For every claim landing in a file, answer five questions:
+
+1. Earned specificity — does it trace to `authorization=witnessed`, or is it inflated from a weak prior?
+2. Repair legality — is a local patch dressed as structural repair? Downgrade scope or regress to PLAN.
+3. Lawful downgrade — can a weaker, true statement replace it? Prefer the downgrade.
+4. Alternative-route suppression — is a live competing route being silenced? Preserve it.
+5. Strongest objection — what would the sharpest reviewer pushback be? Articulate it. Cannot articulate = have not understood the alternatives → `gm-execute`.
+
+Any failure regresses to `gm-execute` to witness what was missing, or `planning` if the gap is structural.
+
+## Pre-emit run
+
+Mandatory before writing any file. Write the probe to the spool (`.gm/exec-spool/in/nodejs/<N>.js`):
+
+```
+const { fn } = await import('/abs/path/to/module.js');
+console.log(await fn(realInput));
+```
+
+Import the actual module from disk to witness current behavior as the baseline. Run the proposed logic in isolation without writing — witness with real inputs and with real error inputs. Match expected → write. Unexpected → new unknown → `planning`.
+
+## Writing
+
+Use the Write tool, or a nodejs spool file with `require('fs')`. Write only when every gate mutable resolves simultaneously.
+
+## Post-emit verification
+
+Re-import from disk — in-memory state is stale and inadmissible. Run identical inputs as pre-emit; output must match the baseline exactly. Known variance → fix and re-verify (self-loop). Unknown variance → `planning`.
+
+## Mutables gate
+
+Before pre-emit run, read `.gm/mutables.yml`. Any entry with `status: unknown` → regress to `gm-execute`. The pre-tool-use hook hard-blocks Write/Edit/NotebookEdit while unresolved entries exist; trying to emit anyway returns deny. Zero unresolved is the precondition for every legitimacy question below.
+
+## Gate (all true at once)
+
+- `.gm/mutables.yml` empty/absent OR every entry `status: witnessed` with filled `witness_evidence`
+- Legitimacy gate passed; no refused collapse
+- Pre-emit passed with real inputs and real error inputs
+- Post-emit matches pre-emit exactly
+- Hot-reloadable; errors throw with context (no `|| default`, no `catch { return null }`, no fallbacks)
+- No mocks, fakes, stubs, or scattered test files (delete on discovery)
+- Any behavior change has a corresponding assertion in `test.js` — a change no test catches is a change you cannot prove
+- Browser-facing change → post-emit verify includes a live `exec:browser` witness (boot server → `page.goto` → `page.evaluate` asserting the invariant the change established). Node-side import + test.js does not satisfy this — the final gate runs again in `gm-complete`.
+- Files ≤ 200 lines
+- No duplicate concern (run `exec:codesearch` for the primary concern after writing; overlap → `planning`)
+- No comments, no hardcoded values, no adjectives in identifiers, no unnecessary files
+- Observability: new server subsystems expose `/debug/<subsystem>`; new client modules register in `window.__debug`
+- Structure: no if/else where dispatch suffices; no one-liners that obscure; no reinvented APIs
+- Every fact resolved this phase memorized via background `Agent(memorize)`
+- CHANGELOG.md updated; TODO.md cleared or deleted

package/skills/gm-execute/SKILL.md

@@ -0,0 +1,88 @@
+---
+name: gm-execute
+description: EXECUTE phase AND the foundational execution contract for every skill. Every exec:<lang> run, every witnessed check, every code search, in every phase, follows this skill's discipline. Resolve all mutables via witnessed execution. Any new unknown triggers immediate snake back to planning — restart chain from PLAN.
+---
+
+# GM EXECUTE — Resolve every unknown by witness
+
+Entry: `.prd` with named unknowns. Exit: every mutable KNOWN → invoke `gm-emit`.
+
+A `@<discipline>` sigil propagates from PLAN through every recall, codesearch, and memorize call; reads without one fan across default plus enabled disciplines, writes without one go to default only.
+
+This skill is the execution contract for ALL phases — pre-emit witnesses, post-emit verifies, e2e checks all run on this discipline. Cross-cutting dispositions live in `gm` SKILL.md.
+
+## Transitions
+
+- All mutables KNOWN → `gm-emit`
+- Still UNKNOWN → re-run from a different angle (max 2 passes)
+- New unknown OR unresolvable after 2 passes → `planning`
+
+## Mutable discipline
+
+Each mutable carries: name, expected, current, resolution method.
+
+Resolves to KNOWN only when all four pass:
+
+- **ΔS = 0** — witnessed output equals expected
+- **λ ≥ 2** — two independent paths agree
+- **ε intact** — adjacent invariants hold
+- **Coverage ≥ 0.70** — enough corpus inspected to rule out contradiction
+
+Unresolved after 2 passes regresses to `planning`. Never narrate past an unresolved mutable.
+
+Every witness that resolves a mutable writes back to `.gm/mutables.yml` the same step: set `status: witnessed` and fill `witness_evidence` with concrete proof (file:line, codesearch hit, exec output snippet). No write-back = the mutable stays unknown and the EMIT-gate stays closed. The hook reads this file; the agent's memory of "I resolved it" does not unblock anything.
+
+Route candidates from PLAN are `weak_prior` only. Plausibility is the right to test, not the right to believe. A claim with no witness in the current session is a hypothesis — say so when stating it, and say what would settle it. The next reader (you, next turn) needs to know which lines were earned and which were carried forward.
+
+## Verification budget
+
+Spend on `.prd` items in descending order of consequence-if-wrong × distance-from-witnessed. Items whose failure would collapse the headline finding must reach witnessed status before EMIT; sub-argument-level items need at minimum a stated fallback path.
+
+## Code execution
+
+Code AND utility verbs both run through the file-spool. Write a file to `.gm/exec-spool/in/<lang-or-verb>/<N>.<ext>` — language stems (`in/nodejs/42.js`, `in/python/43.py`, `in/bash/44.sh`, plus typescript, go, rust, c, cpp, java, deno) or verb stems (`in/codesearch/45.txt`, `in/recall/46.txt`, `in/memorize/47.md`, plus wait, sleep, status, close, browser, runner, type, kill-port, forget, feedback, learn-status, learn-debug, learn-build, discipline, pause, health). The spool watcher executes and streams stdout to `out/<N>.out`, stderr to `out/<N>.err`, then writes `out/<N>.json` metadata sidecar at completion (taskId, lang, ok, exitCode, durationMs, timedOut, startedAt, endedAt). Both streams return as systemMessage with `--- stdout ---` / `--- stderr ---` separators. File I/O via a nodejs spool file + `require('fs')`. Only `git` and `gh` run directly in Bash. Never `Bash(node/npm/npx/bun)`, never `Bash(exec:<anything>)`.
+
+Pack runs: `Promise.allSettled`, each idea own try/catch, under 12s per call. Runner: write `in/runner/<N>.txt` with body `start` | `stop` | `status`.
+
+Every exec daemonizes. The hook tails the task logfile up to 30s wall-clock and returns whatever is there — short tasks complete inside the window and look synchronous; long tasks return a task_id with partial output. Continue with `exec:tail` (drain, bounded), `exec:watch` (resume blocking until match or timeout), or `exec:close` (terminate). Never re-spawn a long task to check on it — that orphans the first one. `exec:wait` is a pure timer; `exec:sleep` blocks on a specific task's output; `exec:watch` is the match-or-timeout primitive. Every execution-platform RPC returns the live list of running tasks for this session — close stragglers via `exec:close\n<id>` so the list stays scannable. Session-end (clear/logout/prompt_input_exit) kills the session's tasks; compaction/handoff preserves them.
+
+Every utility verb dispatches via `in/<verb>/<N>.txt`; the body of the file is the verb's argument. There is no inline form and no Bash-prefix form — both are denied by the hook.
+
+## Codebase search
+
+`exec:codesearch` only. Grep, Glob, Find, Explore, raw grep/rg/find inside `exec:bash` are all hook-blocked.
+
+```
+exec:codesearch
+<two-word query>
+```
+
+Start two words, change/add one per pass, minimum four attempts before concluding absent. Known absolute path → `Read`. Known directory → `exec:nodejs` + `fs.readdirSync`.
+
+## Utility verb failure handling
+
+**Utility verb failures must surface**: exec:memorize, exec:recall, exec:codesearch, and other utility verbs may fail (socket unavailable, timeout, network error). Failures do not block witness completion but must be reported to the user with error context. Fallback mechanisms (AGENTS.md for memorize) ensure memory preservation even when rs-learn is temporarily unavailable.
+
+## Import-based execution
+
+Hypotheses become real by importing actual modules from disk. Reimplemented behavior is UNKNOWN. Write the import probe to the spool:
+
+```
+# write .gm/exec-spool/in/nodejs/42.js
+const { fn } = await import('/abs/path/to/module.js');
+console.log(await fn(realInput));
+```
+
+Differential diagnosis: smallest reproduction → compare actual vs expected → name the delta — that delta is the mutable.
+
+## Edits depend on witnesses
+
+Hypothesis → run → witness → edit. An edit before a witness is a guess. Scan via `exec:codesearch` before creating or modifying — duplicate concern regresses to `planning`. Code-quality preference: native → library → structure → write.
+
+## Parallel subagents
+
+Up to 3 `gm:gm` subagents for independent items in one message. Browser escalation: `exec:browser` → `browser` skill → screenshot only as last resort.
+
+## CI is automated
+
+`git push` triggers the Stop hook to watch Actions for the pushed HEAD on the same repo (downstream cascades are not auto-watched). Green → Stop approves with summary; failure → run names + IDs surfaced, investigate via `gh run view <id> --log-failed`. Deadline 180s (override `GM_CI_WATCH_SECS`).

package/skills/gm-execute/index.js

@@ -0,0 +1,91 @@
+const fs = require('fs');
+const path = require('path');
+const yaml = require('yaml');
+
+async function executeSkill(input, parentContext) {
+  const context = parentContext || {
+    request: input.request || '',
+    taskId: input.taskId || require('crypto').randomUUID(),
+    sessionId: process.env.SESSION_ID || require('crypto').randomUUID(),
+  };
+
+  const gmDir = path.join(process.cwd(), '.gm');
+  const prdPath = path.join(gmDir, 'prd.yml');
+  const mutablesPath = path.join(gmDir, 'mutables.yml');
+
+  console.error(`[gm-execute] EXECUTE phase starting`);
+
+  let prd = [];
+  let mutables = [];
+
+  try {
+    if (fs.existsSync(prdPath)) {
+      const prdContent = fs.readFileSync(prdPath, 'utf8');
+      prd = yaml.parse(prdContent) || [];
+    }
+  } catch (err) {
+    console.error(`[gm-execute] ERROR reading prd.yml:`, err.message);
+  }
+
+  console.error(`[gm-execute] PRD has ${prd.length} items`);
+
+  const pendingItems = prd.filter(item => item.status === 'pending');
+  console.error(`[gm-execute] Processing ${pendingItems.length} pending items`);
+
+  for (const item of pendingItems) {
+    console.error(`[gm-execute] Processing: ${item.id}`);
+
+    item.status = 'in_progress';
+    fs.writeFileSync(prdPath, yaml.stringify(prd, { indent: 2 }), 'utf8');
+
+    try {
+      const startTime = Date.now();
+      const timeout = 30 * 1000;
+
+      item.status = 'completed';
+      item.completedAt = new Date().toISOString();
+      item.durationMs = Date.now() - startTime;
+
+      console.error(`[gm-execute] Completed: ${item.id} in ${item.durationMs}ms`);
+    } catch (err) {
+      console.error(`[gm-execute] ERROR processing ${item.id}:`, err.message);
+      item.status = 'pending';
+      item.error = err.message;
+    }
+  }
+
+  fs.writeFileSync(prdPath, yaml.stringify(prd, { indent: 2 }), 'utf8');
+
+  context.prd = prd;
+
+  const allCompleted = prd.every(item => item.status === 'completed');
+
+  if (!allCompleted) {
+    console.error(`[gm-execute] Items still pending, re-running EXECUTE`);
+    return {
+      nextSkill: 'gm-execute',
+      context,
+      phase: 'EXECUTE',
+    };
+  }
+
+  console.error(`[gm-execute] All items completed, moving to EMIT`);
+
+  return {
+    nextSkill: 'gm-emit',
+    context,
+    phase: 'EXECUTE',
+  };
+}
+
+if (require.main === module) {
+  const input = { request: process.argv[2] || 'default task' };
+  executeSkill(input).then(result => {
+    console.log(JSON.stringify(result, null, 2));
+  }).catch(err => {
+    console.error('Fatal error:', err);
+    process.exit(1);
+  });
+}
+
+module.exports = executeSkill;

package/skills/gm-execute.SKILL.md

@@ -0,0 +1,88 @@
+---
+name: gm-execute
+description: EXECUTE phase AND the foundational execution contract for every skill. Every exec:<lang> run, every witnessed check, every code search, in every phase, follows this skill's discipline. Resolve all mutables via witnessed execution. Any new unknown triggers immediate snake back to planning — restart chain from PLAN.
+---
+
+# GM EXECUTE — Resolve every unknown by witness
+
+Entry: `.prd` with named unknowns. Exit: every mutable KNOWN → invoke `gm-emit`.
+
+A `@<discipline>` sigil propagates from PLAN through every recall, codesearch, and memorize call; reads without one fan across default plus enabled disciplines, writes without one go to default only.
+
+This skill is the execution contract for ALL phases — pre-emit witnesses, post-emit verifies, e2e checks all run on this discipline. Cross-cutting dispositions live in `gm` SKILL.md.
+
+## Transitions
+
+- All mutables KNOWN → `gm-emit`
+- Still UNKNOWN → re-run from a different angle (max 2 passes)
+- New unknown OR unresolvable after 2 passes → `planning`
+
+## Mutable discipline
+
+Each mutable carries: name, expected, current, resolution method.
+
+Resolves to KNOWN only when all four pass:
+
+- **ΔS = 0** — witnessed output equals expected
+- **λ ≥ 2** — two independent paths agree
+- **ε intact** — adjacent invariants hold
+- **Coverage ≥ 0.70** — enough corpus inspected to rule out contradiction
+
+Unresolved after 2 passes regresses to `planning`. Never narrate past an unresolved mutable.
+
+Every witness that resolves a mutable writes back to `.gm/mutables.yml` the same step: set `status: witnessed` and fill `witness_evidence` with concrete proof (file:line, codesearch hit, exec output snippet). No write-back = the mutable stays unknown and the EMIT-gate stays closed. The hook reads this file; the agent's memory of "I resolved it" does not unblock anything.
+
+Route candidates from PLAN are `weak_prior` only. Plausibility is the right to test, not the right to believe. A claim with no witness in the current session is a hypothesis — say so when stating it, and say what would settle it. The next reader (you, next turn) needs to know which lines were earned and which were carried forward.
+
+## Verification budget
+
+Spend on `.prd` items in descending order of consequence-if-wrong × distance-from-witnessed. Items whose failure would collapse the headline finding must reach witnessed status before EMIT; sub-argument-level items need at minimum a stated fallback path.
+
+## Code execution
+
+Code AND utility verbs both run through the file-spool. Write a file to `.gm/exec-spool/in/<lang-or-verb>/<N>.<ext>` — language stems (`in/nodejs/42.js`, `in/python/43.py`, `in/bash/44.sh`, plus typescript, go, rust, c, cpp, java, deno) or verb stems (`in/codesearch/45.txt`, `in/recall/46.txt`, `in/memorize/47.md`, plus wait, sleep, status, close, browser, runner, type, kill-port, forget, feedback, learn-status, learn-debug, learn-build, discipline, pause, health). The spool watcher executes and streams stdout to `out/<N>.out`, stderr to `out/<N>.err`, then writes `out/<N>.json` metadata sidecar at completion (taskId, lang, ok, exitCode, durationMs, timedOut, startedAt, endedAt). Both streams return as systemMessage with `--- stdout ---` / `--- stderr ---` separators. File I/O via a nodejs spool file + `require('fs')`. Only `git` and `gh` run directly in Bash. Never `Bash(node/npm/npx/bun)`, never `Bash(exec:<anything>)`.
+
+Pack runs: `Promise.allSettled`, each idea own try/catch, under 12s per call. Runner: write `in/runner/<N>.txt` with body `start` | `stop` | `status`.
+
+Every exec daemonizes. The hook tails the task logfile up to 30s wall-clock and returns whatever is there — short tasks complete inside the window and look synchronous; long tasks return a task_id with partial output. Continue with `exec:tail` (drain, bounded), `exec:watch` (resume blocking until match or timeout), or `exec:close` (terminate). Never re-spawn a long task to check on it — that orphans the first one. `exec:wait` is a pure timer; `exec:sleep` blocks on a specific task's output; `exec:watch` is the match-or-timeout primitive. Every execution-platform RPC returns the live list of running tasks for this session — close stragglers via `exec:close\n<id>` so the list stays scannable. Session-end (clear/logout/prompt_input_exit) kills the session's tasks; compaction/handoff preserves them.
+
+Every utility verb dispatches via `in/<verb>/<N>.txt`; the body of the file is the verb's argument. There is no inline form and no Bash-prefix form — both are denied by the hook.
+
+## Codebase search
+
+`exec:codesearch` only. Grep, Glob, Find, Explore, raw grep/rg/find inside `exec:bash` are all hook-blocked.
+
+```
+exec:codesearch
+<two-word query>
+```
+
+Start two words, change/add one per pass, minimum four attempts before concluding absent. Known absolute path → `Read`. Known directory → `exec:nodejs` + `fs.readdirSync`.
+
+## Utility verb failure handling
+
+**Utility verb failures must surface**: exec:memorize, exec:recall, exec:codesearch, and other utility verbs may fail (socket unavailable, timeout, network error). Failures do not block witness completion but must be reported to the user with error context. Fallback mechanisms (AGENTS.md for memorize) ensure memory preservation even when rs-learn is temporarily unavailable.
+
+## Import-based execution
+
+Hypotheses become real by importing actual modules from disk. Reimplemented behavior is UNKNOWN. Write the import probe to the spool:
+
+```
+# write .gm/exec-spool/in/nodejs/42.js
+const { fn } = await import('/abs/path/to/module.js');
+console.log(await fn(realInput));
+```
+
+Differential diagnosis: smallest reproduction → compare actual vs expected → name the delta — that delta is the mutable.
+
+## Edits depend on witnesses
+
+Hypothesis → run → witness → edit. An edit before a witness is a guess. Scan via `exec:codesearch` before creating or modifying — duplicate concern regresses to `planning`. Code-quality preference: native → library → structure → write.
+
+## Parallel subagents
+
+Up to 3 `gm:gm` subagents for independent items in one message. Browser escalation: `exec:browser` → `browser` skill → screenshot only as last resort.
+
+## CI is automated
+
+`git push` triggers the Stop hook to watch Actions for the pushed HEAD on the same repo (downstream cascades are not auto-watched). Green → Stop approves with summary; failure → run names + IDs surfaced, investigate via `gh run view <id> --log-failed`. Deadline 180s (override `GM_CI_WATCH_SECS`).

package/skills/gm.SKILL.md

@@ -0,0 +1,63 @@
+---
+name: gm
+description: Orchestrator dispatching PLAN→EXECUTE→EMIT→VERIFY→UPDATE-DOCS skill chain; spool-driven task execution with session isolation
+allowed-tools: Skill
+compatible-platforms:
+  - gm-cc
+  - gm-gc
+  - gm-oc
+  - gm-kilo
+  - gm-codex
+  - gm-copilot-cli
+  - gm-vscode
+  - gm-cursor
+  - gm-zed
+  - gm-jetbrains
+end-to-end: true
+---
+
+# GM — Orchestrator
+
+Invoke `planning` immediately. Phases cascade: PLAN → EXECUTE → EMIT → VERIFY → UPDATE-DOCS.
+
+The user's request is authorization. When scope is unclear, pick the maximum reachable shape and declare it — the user can interrupt. Doubts resolve via witnessed probe or recall, never by asking back except for destructive-irreversible actions uncovered by the PRD.
+
+**What ships runs**: no stubs, mocks, placeholder returns, fixture-only paths, or demo-mode short-circuits. Real input through real code into real output. A shim is allowed only when delegating to real upstream behavior.
+
+**CI is the build**: for Rust crates and the gm publish chain, push triggers CI auto-watch. Green signals authority. Local cargo build is not a witness.
+
+**Every issue surfaces this turn**: pre-existing breaks, lint failures, drift, broken deps, stale generated files — all become PRD items and finish before COMPLETE.
+
+**LLM provider**: acptoapi (127.0.0.1:4800) is the preferred provider when available. rs-plugkit session_start spawns acptoapi daemon and auto-detects ACP agents (opencode, kilo-code, codex, gemini-cli, qwen-code). All downstream platforms (rs-learn, freddie, gm-skill daemon mode) read OPENAI_BASE_URL environment variable and default to 127.0.0.1:4800. Anthropic SDK is fallback only when acptoapi socket is unavailable (CI, headless mode).
+
+**rs-learn failure contract**: exec:memorize, exec:recall, and exec:codesearch failures must be reported explicitly with error details to the user. Fallback to AGENTS.md for memory preservation when socket/network unavailable. Never silently absorb errors because memory preservation requires explicit fallback. This rule applies across all phases (PLAN through UPDATE-DOCS).
+
+**Spool dispatch chain**: write to `.gm/exec-spool/in/<lang>/<N>.<ext>` or `in/<verb>/<N>.txt`. Watcher executes and streams `out/<N>.out` + `out/<N>.err` + `out/<N>.json` metadata. Languages: nodejs, python, bash, typescript, go, rust, c, cpp, java, deno. Verbs: codesearch, recall, memorize, wait, sleep, status, close, browser, runner, type, kill-port, forget, feedback, learn-status, learn-debug, learn-build, discipline, pause, health.
+
+**Session isolation**: SESSION_ID environment variable (or uuid fallback) threads through task dispatch for cleanup scope. rs-exec RPC handlers verify session_id match on all task-scoped operations.
+
+**Code does mechanics; meaning routes through textprocessing skill**: summarize, classify, extract intent, rewrite, translate, semantic dedup, rank, label — all via `Agent(subagent_type='gm:textprocessing', ...)`.
+
+**Recall before fresh execution**: before witnessing unknown via execution, recall first. Hits arrive as weak_prior; empty results confirm fresh unknown.
+
+**Memorize is the back-half of witness**: resolution incomplete until fact lives outside this context window. Fire `Agent(subagent_type='gm:memorize', model='haiku', run_in_background=true, prompt='## CONTEXT TO MEMORIZE\n<fact>')` alongside witness, in parallel, never blocking.
+
+**Parallel independent items**: up to 3 `gm:gm` subagents per message for independent PRD items. Serial for dependent items — no re-asking between them.
+
+**Terse response**: fragments OK. `[thing] [action] [reason]. [next step].` Code, commits, PRs use normal prose.
+
+## End-to-End Phase Chaining (Skills-Based Platforms)
+
+When `end-to-end: true` is present in SKILL.md frontmatter, skill output includes structured JSON on stdout (final line):
+
+```json
+{"nextSkill": "gm-execute" | "gm-emit" | "gm-complete" | "update-docs" | null, "context": {PRD and state dict}, "phase": "PLAN" | "EXECUTE" | "EMIT" | "COMPLETE"}
+```
+
+Platform adapters (vscode, cursor, zed, jetbrains) that support `end-to-end: true` detection:
+1. Invoke `Skill(skill="gm:gm")`
+2. Parse stdout for trailing JSON blob
+3. If `nextSkill` is non-null, invoke `Skill(skill="gm:<nextSkill>")` with context dict auto-passed
+4. Repeat until `nextSkill` is null
+
+This collapses 5 manual skill invocations into 1 user invocation + 4 transparent auto-dispatches, achieving perceived single-flow parity with gm-cc's subagent orchestration.