godpowers 1.6.12 → 1.6.13

package/CHANGELOG.md

@@ -5,6 +5,36 @@ All notable changes to Godpowers will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.6.13] - 2026-05-16
+
+Host automation provider discovery and opt-in setup planning.
+
+### Added
+- Added `lib/automation-providers.js`, a shared provider detector for
+  host-native automation support.
+- Added `godpowers automation-status --project .` and
+  `godpowers automation-setup --project .` for opt-in automation support.
+- Added `/god-automation-status` and `/god-automation-setup` slash commands.
+- Added `docs/automation-providers.md` with provider classes, safe templates,
+  and approval rules.
+- Added automation provider tests covering provider classification, active
+  automation config, setup-plan rendering, and CLI JSON output.
+
+### Changed
+- The dashboard engine now reports automation support when host-native
+  automation providers are available.
+- The installer help now documents automation-status and automation-setup as
+  first-class read-only helper commands.
+- Godpowers command guidance now recommends automation setup when provider
+  support exists and no approved automation template is active.
+
+### Guardrails
+- Automation setup is opt-in only. Godpowers must not create schedules,
+  routines, background agents, API triggers, or CI workflows during install.
+- Default automation templates are read-only and must not commit, push,
+  publish, deploy, clear reviews, accept Critical security findings, or access
+  provider dashboards without explicit user approval.
+
 ## [1.6.12] - 2026-05-16
 
 Executable dashboard CLI and shared runtime status engine.

package/README.md

@@ -2,7 +2,7 @@
 
 [![CI](https://github.com/aihxp/godpowers/actions/workflows/ci.yml/badge.svg)](https://github.com/aihxp/godpowers/actions/workflows/ci.yml)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
-[![Version](https://img.shields.io/badge/version-1.6.12-blue)](CHANGELOG.md)
+[![Version](https://img.shields.io/badge/version-1.6.13-blue)](CHANGELOG.md)
 [![npm](https://img.shields.io/npm/v/godpowers.svg)](https://www.npmjs.com/package/godpowers)
 
 **Ship fast. Ship right. Ship everything. Ship accountably.**
@@ -12,10 +12,14 @@ idea to hardened production. It runs as **slash commands inside your AI coding
 tool** (Claude Code, Codex, Cursor, etc.) that orchestrate **specialist agents**
 in fresh contexts to do the work.
 
-Version 1.6.12 adds an executable dashboard engine and CLI status surface:
+Version 1.6.13 builds on the executable dashboard engine and CLI status surface:
 `godpowers status --project .` and `godpowers next --project .` now compute the
 same disk-derived progress, planning visibility, proactive checks, and next
 action used by `/god-status`, `/god-next`, and God Mode closeouts.
+It adds an opt-in automation-provider layer so Godpowers can detect host
+automation surfaces such as Codex App automations, Claude Routines, Cline
+schedules, Qwen loops, Cursor Background Agents, Copilot cloud agent, and
+scriptable CLI providers without silently creating background work.
 
 It fuses four disciplines into one unified workflow:
 
@@ -139,6 +143,8 @@ npx godpowers status --project=. --json
 | `/god-launch` | Launch (gated on harden) | god-launch-strategist |
 | `/god-harden` | Adversarial security review | god-harden-auditor |
 | `/god-status` | Re-derive state from disk | (built-in) |
+| `/god-automation-status` | Show host automation provider support | (built-in) |
+| `/god-automation-setup` | Prepare opt-in automation setup | (built-in) |
 | `/god-preflight` | Read-only intake audit before project-run readiness and pillars | god-auditor |
 | `/god-audit` | Score artifacts against have-nots | god-auditor |
 | `/god-debug` | 4-phase systematic debug | god-debugger |
@@ -197,6 +203,18 @@ ends in a vague "done" state. The dashboard is backed by
 `lib/dashboard.js`, so status and next-step commands share one executable
 source of disk truth instead of parallel Markdown-only contracts.
 
+Godpowers can also inspect automation support:
+
+```bash
+npx godpowers automation-status --project=.
+npx godpowers automation-setup --project=.
+```
+
+Automation setup is opt-in. The installer does not create schedules, routines,
+background agents, API triggers, or CI workflows. Safe starting templates are
+read-only status, checkpoint, review queue, hygiene, and release readiness
+reports.
+
 For existing codebases and org-constrained new projects, God Mode now runs a
 greenfield simulation audit and then actions it through a greenfieldification
 plan. It pauses before risky artifact rewrites because that process can change
@@ -319,7 +337,7 @@ Pi. T3 Code inherits from the underlying agent (Codex / Claude / OpenCode).
 
 - [Getting Started](docs/getting-started.md)
 - [Concepts](docs/concepts.md)
-- [Command reference (all 106 skills + 39 agents)](docs/reference.md)
+- [Command reference (all 108 skills + 39 agents)](docs/reference.md)
 - [Roadmap](docs/ROADMAP.md)
 - [1.5 Release Notes](RELEASE.md)
 - [Changelog](CHANGELOG.md)

package/RELEASE.md

@@ -1,19 +1,21 @@
-# Godpowers 1.6.12 Release
+# Godpowers 1.6.13 Release
 
 Date: 2026-05-16
 
-Godpowers 1.6.12 turns progress visibility into executable product behavior.
-The same dashboard logic now powers slash command closeouts, direct CLI status
-checks, JSON status output, and next-action recommendations from disk state.
+Godpowers 1.6.13 adds host automation provider discovery and opt-in setup
+planning. The same local runtime surface can now report Codex App automations,
+Claude Routines, Cline schedules, Qwen loops, Cursor Background Agents,
+Copilot cloud agent support, and scriptable CLI options without silently
+creating background work.
 
 ## What is stable
 
-- 106 slash commands
+- 108 slash commands
 - 39 specialist agents
 - 13 executable workflows
 - 36 intent recipes
 - 15-runtime installer
-- 453 package files in the npm tarball
+- 458 package files in the npm tarball
 - Codex installs with generated `god-*.toml` agent metadata files
 - Markdown specialist agent contracts at `<runtime>/agents/god-*.md`
 - Shared runtime bundle at `<runtime>/godpowers-runtime`
@@ -27,16 +29,15 @@ checks, JSON status output, and next-action recommendations from disk state.
 
 ## What is new
 
-- Added `lib/dashboard.js`, a shared executable status engine.
-- Added `godpowers status --project .`.
-- Added `godpowers next --project .`.
-- Added `--json` output for machine-readable status and next-step routing.
-- Dashboard output now reports current phase, tier position, percentage,
-  planning visibility, proactive checks, open items, and recommended action.
-- `/god-status`, `/god-next`, `/god-mode`, and `god-orchestrator` now reference
-  the same dashboard engine when local runtime execution is available.
-- Tests now cover dashboard computation, rendering, CLI output, review queue
-  detection, and git porcelain parsing.
+- Added `lib/automation-providers.js`, a shared automation provider detector.
+- Added `godpowers automation-status --project .`.
+- Added `godpowers automation-setup --project .`.
+- Added `/god-automation-status` and `/god-automation-setup`.
+- Added `docs/automation-providers.md`.
+- Dashboard output now reports automation support when a host-native provider
+  is available.
+- Tests now cover provider classification, active automation config,
+  setup-plan rendering, and CLI JSON output.
 
 ## Platform behavior
 
@@ -45,11 +46,12 @@ Trae, Cline, Kilo, Antigravity, Qwen, CodeBuddy, and Pi all receive the same
 portable Markdown agent contracts. Codex also receives `god-*.toml` files as
 its registry adapter.
 
-The dashboard engine ships in the installed runtime bundle so host tools can
-use one shared implementation instead of parallel command-specific Markdown
-contracts. If a host platform cannot provide a true fresh-context agent spawn,
-Godpowers must say so visibly and report the work as local runtime only or
-simulated in current context.
+The dashboard and automation provider engines ship in the installed runtime
+bundle so host tools can use shared implementation code instead of parallel
+command-specific Markdown contracts. If a host platform cannot provide a true
+fresh-context agent spawn or durable scheduler, Godpowers must say so visibly
+and report the work as local runtime only, manual workflow only, or simulated
+in current context.
 
 ## Safety policy
 
@@ -62,6 +64,7 @@ Godpowers still must not auto-run these without explicit user intent:
 - deployed staging verification against a guessed URL
 - production launch
 - provider dashboard, admin console, DNS, credential, or secret checks
+- schedule, routine, background agent, API trigger, or CI workflow creation
 - broad dependency upgrades
 - destructive repair, rollback, reset, delete, or cleanup
 - clearing `.godpowers/REVIEW-REQUIRED.md`
@@ -73,10 +76,11 @@ Godpowers still must not auto-run these without explicit user intent:
 Release validation includes:
 
 - `node scripts/test-dashboard.js`
+- `node scripts/test-automation-providers.js`
 - `npm test`
 - `npm run test:audit`
 - `node scripts/check-package-contents.js`
 - `git diff --check`
 
-The `v1.6.12` git tag points to the release commit that matches the npm
-`godpowers@1.6.12` package.
+The `v1.6.13` git tag points to the release commit that matches the npm
+`godpowers@1.6.13` package.

package/SKILL.md

@@ -156,6 +156,7 @@ Proactive checks:
   Sync: <fresh | missing | stale | local helper ran | suggest /god-sync>
   Docs: <fresh | possible drift, suggest /god-docs>
   Runtime: <not-applicable | known URL, suggest /god-test-runtime | no known URL, defer deployed verification>
+  Automation: <not configured | N active | available via provider, suggest /god-automation-setup>
   Security: <clear | sensitive files changed, suggest /god-harden>
   Dependencies: <clear | dependency files changed, suggest /god-update-deps>
   Hygiene: <fresh | stale, suggest /god-hygiene>
@@ -235,6 +236,8 @@ Automatic steps that especially need visible reporting:
 - DESIGN/PRODUCT change detection that spawns `god-design-reviewer`
 - `/god-scan` when it runs reverse-sync directly without an agent
 - checkpoint refresh after state mutations
+- automation provider detection in `/god-status`, `/god-next`,
+  `/god-automation-status`, and `/god-automation-setup`
 
 ### 13. Proactive Auto-Invoke Policy
 Godpowers should be proactive from disk evidence, not from guesswork. Before
@@ -252,6 +255,9 @@ Run or apply these by default in every relevant closeout:
   status shows stale docs, deps, or review queues.
 - Suggest `/god-locate` when `.godpowers/CHECKPOINT.md` is missing, stale, or
   conflicts with `state.json`.
+- Suggest `/god-automation-status` or `/god-automation-setup` when host-native
+  automation support is available and `.godpowers/automations.json` has no
+  active read-only templates.
 
 #### Level 2: Auto-run local helpers, visible and logged
 Run these local runtime helpers automatically when their trigger is present:
@@ -291,6 +297,8 @@ Never auto-run these from inference alone:
 - clearing `.godpowers/REVIEW-REQUIRED.md`
 - accepting Critical security findings
 - git stage, commit, push, package, release, or publish
+- schedule, routine, background agent, API trigger, or CI workflow creation
+  without explicit user approval
 
 Every auto-invoke decision must be explainable from one of these inputs:
 changed files, Godpowers artifacts, `state.json`, `PROGRESS.md`,

package/agents/god-orchestrator.md

@@ -310,12 +310,15 @@ Use this trigger map:
 | frontend-visible files changed and no known URL exists | suggest `/god-test-runtime` with local URL setup, defer deployed URL | proposition |
 | security-sensitive files changed | auto-spawn only inside harden, hotfix, launch, or project run; otherwise suggest `/god-harden` | proposition |
 | dependency files changed | auto-spawn only inside update-deps, hygiene, or approved project run; otherwise suggest `/god-update-deps` | proposition |
+| host automation support detected and no active templates are recorded | suggest `/god-automation-status` or `/god-automation-setup` | proposition |
 | full project run complete or hygiene stale | suggest `/god-hygiene` | proposition |
 
 Never use this matrix to auto-run Level 4 actions: deployed staging against a
 guessed URL, production launch, provider dashboard access, broad dependency
 upgrades, destructive repair, review clearing, Critical security acceptance, or
-git stage, commit, push, package, release, or publish.
+git stage, commit, push, package, release, publish, schedule creation, routine
+creation, background agent creation, API trigger creation, or CI workflow
+creation.
 
 Every auto action must emit either `Auto-invoked:`, `Sync status:`, or a
 proposition explaining why it did not run.

package/bin/install.js

@@ -316,6 +316,8 @@ function parseArgs(argv) {
     switch (arg) {
       case 'status':
       case 'next':
+      case 'automation-status':
+      case 'automation-setup':
         opts.command = arg;
         break;
       case '--json':
@@ -571,10 +573,12 @@ function showHelp() {
   log('Commands:');
   log('  status               Show the Godpowers Dashboard for a project');
   log('  next                 Show the dashboard and recommended next command');
+  log('  automation-status    Show host automation provider support');
+  log('  automation-setup     Show an opt-in automation setup plan');
   log('');
   log('Options:');
-  log('  --project=<path>     Project root for status or next (default: cwd)');
-  log('  --json               Emit JSON for status or next');
+  log('  --project=<path>     Project root for status, next, or automation commands');
+  log('  --json               Emit JSON for status, next, or automation commands');
   log('  -g, --global         Install globally (to config directory)');
   log('  -l, --local          Install locally (to current directory)');
   log('  --claude             Install for Claude Code');
@@ -599,11 +603,27 @@ function showHelp() {
   log('Examples:');
   log('  npx godpowers status --project=.');
   log('  npx godpowers next --project=.');
+  log('  npx godpowers automation-status --project=.');
+  log('  npx godpowers automation-setup --project=.');
   log('  npx godpowers --claude --global');
   log('  npx godpowers --all');
   log('  npx godpowers --codex --cursor');
 }
 
+function runAutomationCommand(opts) {
+  const automation = require('../lib/automation-providers');
+  const result = opts.command === 'automation-setup'
+    ? automation.setupPlan(opts.project)
+    : automation.detect(opts.project);
+  if (opts.json) {
+    console.log(JSON.stringify(result, null, 2));
+  } else if (opts.command === 'automation-setup') {
+    console.log(automation.renderSetupPlan(result));
+  } else {
+    console.log(automation.render(result));
+  }
+}
+
 function runDashboardCommand(opts) {
   const dashboard = require('../lib/dashboard');
   const result = dashboard.compute(opts.project);
@@ -636,6 +656,11 @@ function main() {
     return;
   }
 
+  if (opts.command === 'automation-status' || opts.command === 'automation-setup') {
+    runAutomationCommand(opts);
+    return;
+  }
+
   console.log(BANNER);
 
   const srcDir = path.resolve(__dirname, '..');

package/lib/automation-providers.js

@@ -0,0 +1,411 @@
+/**
+ * Godpowers Automation Providers
+ *
+ * Detects host-native automation surfaces and renders opt-in setup guidance.
+ * This module never creates schedules, routines, background agents, commits,
+ * pushes, packages, publishes, deploys, or clears reviews by itself.
+ */
+
+const fs = require('fs');
+const path = require('path');
+const cp = require('child_process');
+const os = require('os');
+
+const CONFIG_PATH = '.godpowers/automations.json';
+
+const SAFE_TEMPLATES = [
+  {
+    id: 'daily-status',
+    title: 'Daily Godpowers status',
+    cadence: 'Daily at 9am local time',
+    risk: 'read-only',
+    prompt: 'Run godpowers status --project . and summarize current phase, progress, open items, and recommended next action.'
+  },
+  {
+    id: 'stale-checkpoint',
+    title: 'Stale checkpoint watcher',
+    cadence: 'Weekdays at 9am local time',
+    risk: 'read-only',
+    prompt: 'Check .godpowers/CHECKPOINT.md freshness. If stale, report that /god-sync or /god-resume-work should run.'
+  },
+  {
+    id: 'review-queue',
+    title: 'Review queue watcher',
+    cadence: 'Daily at 10am local time',
+    risk: 'read-only',
+    prompt: 'Inspect .godpowers/REVIEW-REQUIRED.md and report unresolved review items without clearing them.'
+  },
+  {
+    id: 'weekly-hygiene',
+    title: 'Weekly hygiene report',
+    cadence: 'Monday at 9am local time',
+    risk: 'read-only',
+    prompt: 'Run a read-only hygiene summary for docs drift, dependency signals, checkpoint age, and pending reviews.'
+  },
+  {
+    id: 'release-readiness',
+    title: 'Release readiness report',
+    cadence: 'Manual or before release',
+    risk: 'read-only',
+    prompt: 'Report release readiness from tests, package metadata, changelog, release notes, and unstaged work. Do not publish.'
+  }
+];
+
+const PROVIDERS = [
+  {
+    id: 'codex-app',
+    label: 'Codex App automations',
+    runtime: 'codex',
+    class: 'native-scheduler',
+    detect: (ctx) => hasRuntime(ctx, 'codex') || hasEnv(ctx, 'CODEX_HOME'),
+    setup: [
+      'Use /god-automation-setup inside Codex App so the host can create reviewed automations.',
+      'Prefer thread heartbeat for short follow-ups and worktree cron for durable project checks.'
+    ]
+  },
+  {
+    id: 'claude-routines',
+    label: 'Claude Code routines',
+    runtime: 'claude',
+    class: 'native-scheduler',
+    detect: (ctx) => hasCommand(ctx, 'claude') || hasRuntime(ctx, 'claude'),
+    setup: [
+      'Run /schedule in Claude Code for scheduled routines.',
+      'Use claude.ai/code/routines for API or GitHub triggers.'
+    ]
+  },
+  {
+    id: 'cline-schedule',
+    label: 'Cline scheduled agents',
+    runtime: 'cline',
+    class: 'native-scheduler',
+    detect: (ctx) => hasCommand(ctx, 'cline') || hasRuntime(ctx, 'cline'),
+    setup: [
+      'Run cline schedule to create, list, trigger, pause, resume, or delete schedules.',
+      'Use read-only prompts unless the user explicitly approves branch or PR automation.'
+    ]
+  },
+  {
+    id: 'kilo-scheduled-triggers',
+    label: 'Kilo scheduled triggers',
+    runtime: 'kilo',
+    class: 'native-scheduler',
+    detect: (ctx) => hasRuntime(ctx, 'kilo'),
+    setup: [
+      'Use KiloClaw Scheduled Triggers from Kilo settings.',
+      'Limit each trigger to read-only Godpowers reports unless the user approves write scope.'
+    ]
+  },
+  {
+    id: 'qwen-loop',
+    label: 'Qwen Code /loop',
+    runtime: 'qwen',
+    class: 'session-scheduler',
+    detect: (ctx) => hasCommand(ctx, 'qwen') || hasRuntime(ctx, 'qwen'),
+    setup: [
+      'Enable Qwen experimental cron support, then use /loop for session-scoped recurring prompts.',
+      'Do not treat Qwen loops as durable because they do not persist across restarts.'
+    ]
+  },
+  {
+    id: 'cursor-background-agent',
+    label: 'Cursor Background Agents',
+    runtime: 'cursor',
+    class: 'background-agent',
+    detect: (ctx) => hasCommand(ctx, 'cursor') || hasRuntime(ctx, 'cursor'),
+    setup: [
+      'Use Cursor Background Agent mode or Background Agent API for asynchronous branch work.',
+      'Prefer issue or branch scoped tasks and require human review before merge.'
+    ]
+  },
+  {
+    id: 'github-copilot-cloud-agent',
+    label: 'GitHub Copilot cloud agent',
+    runtime: 'copilot',
+    class: 'background-agent',
+    detect: (ctx) => hasGitRemote(ctx) || hasRuntime(ctx, 'copilot'),
+    setup: [
+      'Use GitHub issues, pull requests, or Copilot chat to delegate work to Copilot cloud agent.',
+      'Keep Godpowers automations branch or PR scoped and require human merge authority.'
+    ]
+  },
+  {
+    id: 'windsurf-workflows',
+    label: 'Windsurf workflows',
+    runtime: 'windsurf',
+    class: 'manual-workflow',
+    detect: (ctx) => hasRuntime(ctx, 'windsurf'),
+    setup: [
+      'Install reusable workflows under .windsurf/workflows/ or the global Windsurf workflow folder.',
+      'Windsurf workflows are manual-only; use Skills when Cascade should discover a procedure.'
+    ]
+  },
+  {
+    id: 'gemini-headless',
+    label: 'Gemini CLI headless mode',
+    runtime: 'gemini',
+    class: 'scriptable-headless',
+    detect: (ctx) => hasCommand(ctx, 'gemini') || hasRuntime(ctx, 'gemini'),
+    setup: [
+      'Use gemini -p for non-interactive scripting.',
+      'Use an external scheduler only when the user explicitly asks for OS or CI scheduling.'
+    ]
+  },
+  {
+    id: 'opencode-run',
+    label: 'OpenCode run and serve',
+    runtime: 'opencode',
+    class: 'scriptable-headless',
+    detect: (ctx) => hasCommand(ctx, 'opencode') || hasRuntime(ctx, 'opencode'),
+    setup: [
+      'Use opencode run for non-interactive prompts or opencode serve for an attachable server.',
+      'Use opencode github install when repo-native GitHub automation is preferred.'
+    ]
+  },
+  {
+    id: 'augment-subagents',
+    label: 'Augment Agent and subagents',
+    runtime: 'augment',
+    class: 'manual-workflow',
+    detect: (ctx) => hasRuntime(ctx, 'augment'),
+    setup: [
+      'Use Augment Agent or Agent Auto for supervised tasks.',
+      'Use Augment subagents for specialized review, test, or docs work.'
+    ]
+  },
+  {
+    id: 'codebuddy-sdk',
+    label: 'CodeBuddy Agent SDK',
+    runtime: 'codebuddy',
+    class: 'scriptable-headless',
+    detect: (ctx) => hasCommand(ctx, 'codebuddy') || hasRuntime(ctx, 'codebuddy'),
+    setup: [
+      'Use the CodeBuddy Agent SDK for programmatic automation.',
+      'Keep filesystem config loading explicit so automation stays predictable.'
+    ]
+  },
+  {
+    id: 'pi-sdk',
+    label: 'Pi CLI and SDK',
+    runtime: 'pi',
+    class: 'scriptable-headless',
+    detect: (ctx) => hasCommand(ctx, 'pi') || hasRuntime(ctx, 'pi'),
+    setup: [
+      'Use Pi CLI or SDK for scriptable coding-agent sessions.',
+      'Use host or CI scheduling only after explicit user approval.'
+    ]
+  },
+  {
+    id: 'trae',
+    label: 'Trae',
+    runtime: 'trae',
+    class: 'unknown',
+    detect: (ctx) => hasRuntime(ctx, 'trae'),
+    setup: [
+      'No stable scheduled automation provider is documented for Godpowers yet.',
+      'Use manual Godpowers commands until a native Trae automation surface is confirmed.'
+    ]
+  },
+  {
+    id: 'antigravity',
+    label: 'Google Antigravity',
+    runtime: 'antigravity',
+    class: 'unknown',
+    detect: (ctx) => hasRuntime(ctx, 'antigravity'),
+    setup: [
+      'Agent-first workflows are supported, but scheduled automation is not confirmed for Godpowers yet.',
+      'Use manual workflows and require artifact review for autonomous agent work.'
+    ]
+  }
+];
+
+function detect(projectRoot = process.cwd(), opts = {}) {
+  const ctx = {
+    projectRoot,
+    home: opts.home || os.homedir(),
+    env: opts.env || process.env,
+    commands: opts.commands || null,
+    gitRemote: opts.gitRemote
+  };
+  const active = readConfig(projectRoot).automations || [];
+  const providers = PROVIDERS.map(provider => {
+    const installed = Boolean(provider.detect(ctx));
+    return {
+      id: provider.id,
+      label: provider.label,
+      runtime: provider.runtime,
+      class: provider.class,
+      installed,
+      status: providerStatus(provider.class, installed),
+      active: active.filter(item => item.provider === provider.id),
+      setup: provider.setup.slice()
+    };
+  });
+
+  const safeTemplates = SAFE_TEMPLATES.map(template => ({
+    ...template,
+    active: active.some(item => item.id === template.id && item.status !== 'disabled')
+  }));
+
+  return {
+    configPath: path.join(projectRoot, CONFIG_PATH),
+    providers,
+    safeTemplates,
+    active,
+    recommendedProvider: recommendProvider(providers),
+    safety: [
+      'Do not create automations during install.',
+      'Create schedules, routines, background agents, or API triggers only after explicit user approval.',
+      'Default templates are read-only and must not commit, push, publish, deploy, clear reviews, or access provider dashboards.'
+    ]
+  };
+}
+
+function render(report) {
+  const active = report.active && report.active.length > 0
+    ? report.active.map(item => `  - ${item.id} via ${item.provider}: ${item.status || 'active'}`)
+    : ['  - none recorded'];
+  const providers = report.providers.map(provider => (
+    `  - ${provider.label}: ${provider.status} (${provider.class})`
+  ));
+  const recommended = report.recommendedProvider
+    ? `${report.recommendedProvider.label} (${report.recommendedProvider.class})`
+    : 'none available';
+  const templates = report.safeTemplates.map(template => (
+    `  - ${template.id}: ${template.title}, ${template.cadence}, ${template.risk}`
+  ));
+
+  return [
+    'Godpowers Automation Providers',
+    '',
+    `Config: ${report.configPath}`,
+    `Recommended provider: ${recommended}`,
+    '',
+    'Active automations:',
+    ...active,
+    '',
+    'Provider status:',
+    ...providers,
+    '',
+    'Safe templates:',
+    ...templates,
+    '',
+    'Safety rules:',
+    ...report.safety.map(rule => `  - ${rule}`)
+  ].join('\n');
+}
+
+function setupPlan(projectRoot = process.cwd(), opts = {}) {
+  const report = detect(projectRoot, opts);
+  const provider = report.recommendedProvider;
+  return {
+    ...report,
+    setup: provider ? provider.setup : ['No automation provider is available. Use /god-next or godpowers next --project . manually.']
+  };
+}
+
+function renderSetupPlan(plan) {
+  const provider = plan.recommendedProvider
+    ? `${plan.recommendedProvider.label} (${plan.recommendedProvider.id})`
+    : 'none available';
+  return [
+    'Godpowers Automation Setup Plan',
+    '',
+    `Recommended provider: ${provider}`,
+    '',
+    'Setup steps:',
+    ...plan.setup.map((step, index) => `  ${index + 1}. ${step}`),
+    '',
+    'Recommended safe templates:',
+    ...plan.safeTemplates.map(template => `  - ${template.id}: ${template.prompt}`),
+    '',
+    'Approval required:',
+    '  - Choose a provider',
+    '  - Choose one or more templates',
+    '  - Confirm any host-native schedule, routine, background agent, API trigger, or connector scope'
+  ].join('\n');
+}
+
+function readConfig(projectRoot) {
+  const file = path.join(projectRoot, CONFIG_PATH);
+  if (!fs.existsSync(file)) return { automations: [] };
+  try {
+    const parsed = JSON.parse(fs.readFileSync(file, 'utf8'));
+    return {
+      automations: Array.isArray(parsed.automations) ? parsed.automations : []
+    };
+  } catch (e) {
+    return { automations: [] };
+  }
+}
+
+function providerStatus(providerClass, installed) {
+  if (providerClass === 'unknown') return installed ? 'installed, capability unknown' : 'unknown';
+  if (providerClass === 'manual-workflow') return installed ? 'manual workflow available' : 'supported, not detected';
+  if (providerClass === 'session-scheduler') return installed ? 'session scheduler available' : 'supported, not detected';
+  if (providerClass === 'background-agent') return installed ? 'background agent available' : 'supported, not detected';
+  if (providerClass === 'scriptable-headless') return installed ? 'scriptable headless available' : 'supported, not detected';
+  if (providerClass === 'native-scheduler') return installed ? 'native scheduler available' : 'supported, not detected';
+  return installed ? 'available' : 'not detected';
+}
+
+function recommendProvider(providers) {
+  const order = [
+    'native-scheduler',
+    'background-agent',
+    'scriptable-headless',
+    'session-scheduler',
+    'manual-workflow'
+  ];
+  for (const providerClass of order) {
+    const found = providers.find(provider => provider.installed && provider.class === providerClass);
+    if (found) return found;
+  }
+  return null;
+}
+
+function hasRuntime(ctx, runtime) {
+  const homePath = path.join(ctx.home, `.${runtime}`, 'GODPOWERS_VERSION');
+  return fs.existsSync(homePath);
+}
+
+function hasEnv(ctx, key) {
+  return Boolean(ctx.env && ctx.env[key]);
+}
+
+function hasCommand(ctx, command) {
+  if (ctx.commands) {
+    return Boolean(ctx.commands[command]);
+  }
+  try {
+    cp.execFileSync('which', [command], { stdio: ['ignore', 'ignore', 'ignore'] });
+    return true;
+  } catch (e) {
+    return false;
+  }
+}
+
+function hasGitRemote(ctx) {
+  if (ctx.gitRemote !== undefined) return Boolean(ctx.gitRemote);
+  try {
+    const out = cp.execFileSync('git', ['remote', '-v'], {
+      cwd: ctx.projectRoot,
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'ignore']
+    });
+    return /github\.com[:/]/.test(out);
+  } catch (e) {
+    return false;
+  }
+}
+
+module.exports = {
+  CONFIG_PATH,
+  SAFE_TEMPLATES,
+  PROVIDERS,
+  detect,
+  render,
+  setupPlan,
+  renderSetupPlan,
+  readConfig
+};

package/lib/dashboard.js

@@ -11,6 +11,7 @@ const cp = require('child_process');
 
 const state = require('./state');
 const router = require('./router');
+const automationProviders = require('./automation-providers');
 
 const GOD_DIR = '.godpowers';
 const PRD_PATH = '.godpowers/prd/PRD.md';
@@ -164,12 +165,24 @@ function proactiveChecks(projectRoot, changedFiles = []) {
     sync,
     docs: 'fresh',
     runtime: 'not-applicable',
+    automation: automationSummary(projectRoot),
     security: sensitiveChanged ? 'sensitive files changed, suggest /god-harden' : 'clear',
     dependencies: pkgChanged ? 'dependency files changed, suggest /god-update-deps' : 'clear',
     hygiene: hygieneFresh ? 'fresh' : 'stale, suggest /god-hygiene'
   };
 }
 
+function automationSummary(projectRoot) {
+  const report = automationProviders.detect(projectRoot);
+  if (report.active.length > 0) {
+    return `${report.active.length} active`;
+  }
+  if (report.recommendedProvider) {
+    return `available via ${report.recommendedProvider.id}, suggest /god-automation-setup`;
+  }
+  return 'not configured';
+}
+
 function matchesAnyPrefix(file, prefixes) {
   return prefixes.some(prefix => file === prefix || file.startsWith(`${prefix}/`));
 }
@@ -273,6 +286,7 @@ function render(dashboard) {
     `  Sync: ${proactive.sync || 'unknown'}`,
     `  Docs: ${proactive.docs || 'unknown'}`,
     `  Runtime: ${proactive.runtime || 'unknown'}`,
+    `  Automation: ${proactive.automation || 'unknown'}`,
     `  Security: ${proactive.security || 'unknown'}`,
     `  Dependencies: ${proactive.dependencies || 'unknown'}`,
     `  Hygiene: ${proactive.hygiene || 'unknown'}`,
@@ -292,5 +306,6 @@ module.exports = {
   worktree,
   parseGitStatus,
   proactiveChecks,
+  automationSummary,
   planningVisibility
 };

package/package.json

@@ -1,12 +1,12 @@
 {
   "name": "godpowers",
-  "version": "1.6.12",
-  "description": "AI-powered development system: 106 slash commands and 39 specialist agents that take a project from raw idea to hardened production. Runs inside Claude Code, Codex, Cursor, Windsurf, Gemini, and 10+ other AI coding tools.",
+  "version": "1.6.13",
+  "description": "AI-powered development system: 108 slash commands and 39 specialist agents that take a project from raw idea to hardened production. Runs inside Claude Code, Codex, Cursor, Windsurf, Gemini, and 10+ other AI coding tools.",
   "bin": {
     "godpowers": "./bin/install.js"
   },
   "scripts": {
-    "test": "node scripts/validate-skills.js && node scripts/test-doc-surface-counts.js && bash scripts/smoke.sh && node scripts/test-runtime.js && node scripts/test-router.js && node scripts/test-recipes.js && node scripts/test-context-writer.js && node scripts/test-pillars.js && node scripts/test-artifact-linter.js && node scripts/test-artifact-diff.js && node scripts/test-design-foundation.js && node scripts/test-linkage.js && node scripts/test-impact.js && node scripts/test-reverse-sync.js && node scripts/test-integration.js && node scripts/test-cross-artifact.js && node scripts/test-awesome-design.js && node scripts/test-skillui-bridge.js && node scripts/test-runtime-verification.js && node scripts/test-agent-browser.js && node scripts/test-mode-d.js && node scripts/test-runtime-heuristics.js && node scripts/test-agent-validator.js && node scripts/test-story-validator.js && node scripts/test-state.js && node scripts/test-dashboard.js && node scripts/test-intent.js && node scripts/test-events.js && node scripts/test-golden-artifacts.js && node scripts/test-install-smoke.js && node scripts/test-checkpoint.js && node scripts/test-extensions.js && node scripts/test-event-reader.js && node scripts/test-state-lock.js && node scripts/test-cost-saver.js && node scripts/test-budget-onoff.js && node scripts/test-workflow-runner.js && npm run test:e2e && node scripts/test-otel-exporter.js && node scripts/test-extensions-publish.js",
+    "test": "node scripts/validate-skills.js && node scripts/test-doc-surface-counts.js && bash scripts/smoke.sh && node scripts/test-runtime.js && node scripts/test-router.js && node scripts/test-recipes.js && node scripts/test-context-writer.js && node scripts/test-pillars.js && node scripts/test-artifact-linter.js && node scripts/test-artifact-diff.js && node scripts/test-design-foundation.js && node scripts/test-linkage.js && node scripts/test-impact.js && node scripts/test-reverse-sync.js && node scripts/test-integration.js && node scripts/test-cross-artifact.js && node scripts/test-awesome-design.js && node scripts/test-skillui-bridge.js && node scripts/test-runtime-verification.js && node scripts/test-agent-browser.js && node scripts/test-mode-d.js && node scripts/test-runtime-heuristics.js && node scripts/test-agent-validator.js && node scripts/test-story-validator.js && node scripts/test-state.js && node scripts/test-dashboard.js && node scripts/test-automation-providers.js && node scripts/test-intent.js && node scripts/test-events.js && node scripts/test-golden-artifacts.js && node scripts/test-install-smoke.js && node scripts/test-checkpoint.js && node scripts/test-extensions.js && node scripts/test-event-reader.js && node scripts/test-state-lock.js && node scripts/test-cost-saver.js && node scripts/test-budget-onoff.js && node scripts/test-workflow-runner.js && npm run test:e2e && node scripts/test-otel-exporter.js && node scripts/test-extensions-publish.js",
     "prepublishOnly": "npm test",
     "validate-skills": "node scripts/validate-skills.js",
     "test:surface": "node scripts/test-doc-surface-counts.js",

package/routing/god-automation-setup.yaml

@@ -0,0 +1,25 @@
+apiVersion: godpowers/v1
+kind: CommandRouting
+metadata:
+  command: /god-automation-setup
+  description: Prepare opt-in host automation setup
+  tier: 0
+
+prerequisites:
+  required: []
+
+execution:
+  spawns: [built-in]
+  context: fresh
+  writes:
+    - .godpowers/automations.json
+
+success-path:
+  next-recommended: /god-automation-status
+
+failure-path:
+  on-error: /god-doctor
+
+endoff:
+  state-update: tier-0 updated for /god-automation-setup
+  events: [agent.start, artifact.created, agent.end]

package/routing/god-automation-status.yaml

@@ -0,0 +1,24 @@
+apiVersion: godpowers/v1
+kind: CommandRouting
+metadata:
+  command: /god-automation-status
+  description: Show host automation provider support
+  tier: 0
+
+prerequisites:
+  required: []
+
+execution:
+  spawns: [built-in]
+  context: fresh
+  writes: []
+
+success-path:
+  next-recommended: /god-automation-setup
+
+failure-path:
+  on-error: /god-doctor
+
+endoff:
+  state-update: tier-0 updated for /god-automation-status
+  events: [agent.start, agent.end]

package/skills/god-automation-setup.md

@@ -0,0 +1,105 @@
+---
+name: god-automation-setup
+description: |
+  Prepare an explicit opt-in setup plan for host-native Godpowers automation.
+  Never creates schedules, routines, background agents, API triggers, or CI
+  workflows without user approval.
+
+  Triggers on: "god automation setup", "set up background automation", "make godpowers proactive"
+---
+
+# /god-automation-setup
+
+Prepare a safe, host-native automation setup plan.
+
+## Process
+
+1. Resolve the runtime root and load `<runtimeRoot>/lib/automation-providers.js`.
+2. Call `automation.setupPlan(projectRoot)`.
+3. Print `automation.renderSetupPlan(plan)`.
+4. Ask the user to choose:
+   - provider
+   - templates
+   - cadence
+   - connector or repository scope
+   - whether write actions are allowed
+5. Create provider-native automation only if the current host exposes a safe
+   automation tool and the user explicitly approved the exact provider,
+   template, cadence, and scope.
+6. After creation, write or update `.godpowers/automations.json` with:
+   - automation id
+   - provider id
+   - status
+   - cadence
+   - prompt summary
+   - created timestamp
+   - host surface used
+7. Run `/god-automation-status` after setup and show the result.
+
+## Hard Stops
+
+Do not create automations during install.
+
+Do not create any automation that can do these unless the user explicitly asks
+for that exact write-capable automation:
+
+- stage, commit, push, merge, package, publish, or release
+- deploy to staging or production
+- access provider dashboards, DNS, credentials, secrets, or billing
+- clear `.godpowers/REVIEW-REQUIRED.md`
+- accept Critical security findings
+- run broad dependency upgrades
+- delete files, reset branches, or clean worktrees
+
+## Safe Starting Templates
+
+- `daily-status`: run `godpowers status --project .` and summarize current phase, progress, open items, and next action
+- `stale-checkpoint`: inspect checkpoint freshness and suggest `/god-sync` or `/god-resume-work`
+- `review-queue`: report unresolved review items without clearing them
+- `weekly-hygiene`: report docs, dependencies, checkpoint, reviews, and hygiene signals
+- `release-readiness`: report release readiness without publishing
+
+## Provider Guidance
+
+- Codex App: use native Codex automations when the host exposes them.
+- Claude Code: use `/schedule` for scheduled routines. Use Claude web for API or GitHub triggers.
+- Cline: use `cline schedule` or the Cline SDK scheduler.
+- Kilo: use KiloClaw Scheduled Triggers.
+- Qwen Code: use `/loop` only for session-scoped checks and report that it is not durable.
+- Cursor: use Background Agents or the Background Agent API for branch-scoped async work.
+- GitHub Copilot: use issues, pull requests, or Copilot cloud agent entry points.
+- Windsurf: install workflows or skills, but report that workflows are manual-only.
+- Gemini CLI, OpenCode, CodeBuddy, and Pi: use headless or SDK execution only with an approved scheduler.
+- Trae and Antigravity: report scheduled automation as unknown unless the host proves otherwise.
+
+## Output Shape
+
+```text
+Godpowers Automation Setup Plan
+
+Recommended provider: <provider>
+
+Setup steps:
+  1. <host-native setup step>
+
+Recommended safe templates:
+  - <template id>: <prompt>
+
+Approval required:
+  - Choose a provider
+  - Choose one or more templates
+  - Confirm any host-native schedule, routine, background agent, API trigger, or connector scope
+```
+
+## Proposition Closeout
+
+End with:
+
+```text
+Proposition:
+  1. Implement partial: create one read-only automation after approval
+  2. Implement complete: create all safe read-only automations after approval
+  3. Discuss more: tune provider, cadence, or safety rules
+  4. Inspect status: /god-automation-status
+Recommended: <one option tied to provider capability and user risk>
+```

package/skills/god-automation-status.md

@@ -0,0 +1,76 @@
+---
+name: god-automation-status
+description: |
+  Show host-native automation provider support for the current project.
+  Reports Codex App, Claude Routines, Cline schedules, Qwen loops, Cursor
+  background agents, Copilot cloud agent, and scriptable CLI providers.
+
+  Triggers on: "god automation status", "automation support", "background automation status"
+---
+
+# /god-automation-status
+
+Show which automation providers Godpowers can safely use in this project.
+
+## Process
+
+1. Resolve the runtime root and load `<runtimeRoot>/lib/automation-providers.js`.
+2. Call `automation.detect(projectRoot)`.
+3. Print `automation.render(result)`.
+4. Read `.godpowers/automations.json` if present and report active automations.
+5. Do not create, update, trigger, pause, resume, or delete schedules.
+6. Do not stage, commit, push, publish, deploy, clear review queues, or access
+   provider dashboards.
+
+If the executable runtime module is unavailable, manually report these provider
+classes:
+
+- native-scheduler: Codex App automations, Claude Code routines, Cline schedules, Kilo scheduled triggers
+- session-scheduler: Qwen Code `/loop`
+- background-agent: Cursor Background Agents, GitHub Copilot cloud agent
+- scriptable-headless: Gemini CLI, OpenCode, CodeBuddy SDK, Pi SDK
+- manual-workflow: Windsurf workflows, Augment subagents
+- unknown: Trae, Antigravity scheduled automation
+
+## Output Shape
+
+```text
+Godpowers Automation Providers
+
+Config: .godpowers/automations.json
+Recommended provider: <provider or none available>
+
+Active automations:
+  - <id via provider: status or none recorded>
+
+Provider status:
+  - <provider>: <status> (<class>)
+
+Safe templates:
+  - daily-status: Daily Godpowers status, Daily at 9am local time, read-only
+  - stale-checkpoint: Stale checkpoint watcher, Weekdays at 9am local time, read-only
+  - review-queue: Review queue watcher, Daily at 10am local time, read-only
+  - weekly-hygiene: Weekly hygiene report, Monday at 9am local time, read-only
+  - release-readiness: Release readiness report, Manual or before release, read-only
+
+Safety rules:
+  - Do not create automations during install.
+  - Create schedules, routines, background agents, or API triggers only after explicit user approval.
+  - Default templates are read-only.
+```
+
+## Proposition Closeout
+
+End with:
+
+```text
+Proposition:
+  1. Implement partial: /god-automation-setup for one safe read-only template
+  2. Implement complete: /god-automation-setup for all safe templates supported by the current host
+  3. Discuss more: /god-discuss automation policy and provider choice
+  4. Inspect status: /god-status to see project progress and automation status together
+Recommended: <one option tied to the detected provider>
+```
+
+If no provider is available, recommend manual `/god-next` or
+`godpowers next --project .`.

package/skills/god-doctor.md

@@ -46,7 +46,7 @@ Plain-text report grouped by severity:
 GODPOWERS DOCTOR
 
 Install: claude (~/.claude/)
-  [OK] 106 skills installed
+  [OK] 108 skills installed
   [OK] 39 agents installed
   [OK] VERSION matches (1.6.6)
   [WARN] routing/god-doctor.yaml exists but skill file did not until now

package/skills/god-status.md

@@ -97,6 +97,7 @@ Proactive opportunities:
   Sync: fresh
   Docs: possible drift, suggest /god-docs
   Runtime: known local URL, suggest /god-test-runtime
+  Automation: available via codex-app, suggest /god-automation-setup
   Security: clear
   Dependencies: clear
   Hygiene: stale, suggest /god-hygiene
@@ -174,6 +175,8 @@ Report:
   `docs drift-check already logged`
 - Runtime: `not-applicable`, `known URL, suggest /god-test-runtime`, or
   `no known URL, defer deployed verification`
+- Automation: `not configured`, `<N> active`, or
+  `available via <provider>, suggest /god-automation-setup`
 - Security: `clear` or `sensitive files changed, suggest /god-harden`
 - Dependencies: `clear` or `dependency files changed, suggest /god-update-deps`
 - Hygiene: `fresh` or `stale, suggest /god-hygiene`

package/skills/god-version.md

@@ -16,7 +16,7 @@ Print version and a short capability summary.
 ```
 Godpowers v1.6.6
 Install: /Users/.../.claude/  (matches package.json)
-Surface: 106 skills, 39 agents, 13 workflows, 36 recipes
+Surface: 108 skills, 39 agents, 13 workflows, 36 recipes
 Schema: intent.v1, state.v1, events.v1, workflow.v1, routing.v1, recipe.v1
 External integrations available: impeccable, agent-browser (others lazy)
 ```