npm - oh-my-codex - Versions diffs - 0.16.0 → 0.16.2 - Mend

oh-my-codex 0.16.0 → 0.16.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (357) hide show

package/Cargo.lock +5 -5
package/Cargo.toml +1 -1
package/README.md +2 -2
package/crates/omx-explore/src/main.rs +434 -28
package/dist/agents/__tests__/native-config.test.js +50 -0
package/dist/agents/__tests__/native-config.test.js.map +1 -1
package/dist/agents/native-config.d.ts.map +1 -1
package/dist/agents/native-config.js +3 -2
package/dist/agents/native-config.js.map +1 -1
package/dist/cli/__tests__/codex-plugin-layout.test.js +1 -0
package/dist/cli/__tests__/codex-plugin-layout.test.js.map +1 -1
package/dist/cli/__tests__/doctor-warning-copy.test.js +1 -1
package/dist/cli/__tests__/doctor-warning-copy.test.js.map +1 -1
package/dist/cli/__tests__/explore.test.js +120 -3
package/dist/cli/__tests__/explore.test.js.map +1 -1
package/dist/cli/__tests__/imagegen-continuation.test.d.ts +2 -0
package/dist/cli/__tests__/imagegen-continuation.test.d.ts.map +1 -0
package/dist/cli/__tests__/imagegen-continuation.test.js +135 -0
package/dist/cli/__tests__/imagegen-continuation.test.js.map +1 -0
package/dist/cli/__tests__/index.test.js +182 -18
package/dist/cli/__tests__/index.test.js.map +1 -1
package/dist/cli/__tests__/launch-fallback.test.js +88 -2
package/dist/cli/__tests__/launch-fallback.test.js.map +1 -1
package/dist/cli/__tests__/ralph.test.js +62 -0
package/dist/cli/__tests__/ralph.test.js.map +1 -1
package/dist/cli/__tests__/setup-install-mode.test.js +48 -0
package/dist/cli/__tests__/setup-install-mode.test.js.map +1 -1
package/dist/cli/__tests__/setup-scope.test.js +12 -0
package/dist/cli/__tests__/setup-scope.test.js.map +1 -1
package/dist/cli/__tests__/team.test.js +465 -12
package/dist/cli/__tests__/team.test.js.map +1 -1
package/dist/cli/__tests__/ultragoal.test.js +50 -5
package/dist/cli/__tests__/ultragoal.test.js.map +1 -1
package/dist/cli/__tests__/uninstall.test.js +6 -2
package/dist/cli/__tests__/uninstall.test.js.map +1 -1
package/dist/cli/explore.d.ts.map +1 -1
package/dist/cli/explore.js +211 -12
package/dist/cli/explore.js.map +1 -1
package/dist/cli/index.d.ts +11 -3
package/dist/cli/index.d.ts.map +1 -1
package/dist/cli/index.js +124 -18
package/dist/cli/index.js.map +1 -1
package/dist/cli/ralph.d.ts.map +1 -1
package/dist/cli/ralph.js +37 -3
package/dist/cli/ralph.js.map +1 -1
package/dist/cli/setup.d.ts.map +1 -1
package/dist/cli/setup.js +100 -9
package/dist/cli/setup.js.map +1 -1
package/dist/cli/team.d.ts +1 -0
package/dist/cli/team.d.ts.map +1 -1
package/dist/cli/team.js +42 -7
package/dist/cli/team.js.map +1 -1
package/dist/cli/ultragoal.d.ts +1 -1
package/dist/cli/ultragoal.d.ts.map +1 -1
package/dist/cli/ultragoal.js +29 -8
package/dist/cli/ultragoal.js.map +1 -1
package/dist/cli/uninstall.d.ts.map +1 -1
package/dist/cli/uninstall.js +2 -1
package/dist/cli/uninstall.js.map +1 -1
package/dist/config/__tests__/codex-hooks.test.js +97 -2
package/dist/config/__tests__/codex-hooks.test.js.map +1 -1
package/dist/config/__tests__/generator-idempotent.test.js +1 -1
package/dist/config/__tests__/generator-idempotent.test.js.map +1 -1
package/dist/config/__tests__/generator-notify.test.js +22 -0
package/dist/config/__tests__/generator-notify.test.js.map +1 -1
package/dist/config/__tests__/models.test.js +18 -1
package/dist/config/__tests__/models.test.js.map +1 -1
package/dist/config/__tests__/wiki-config-contract.test.js +2 -1
package/dist/config/__tests__/wiki-config-contract.test.js.map +1 -1
package/dist/config/codex-hooks.d.ts +17 -3
package/dist/config/codex-hooks.d.ts.map +1 -1
package/dist/config/codex-hooks.js +102 -2
package/dist/config/codex-hooks.js.map +1 -1
package/dist/config/generator.d.ts +4 -1
package/dist/config/generator.d.ts.map +1 -1
package/dist/config/generator.js +69 -12
package/dist/config/generator.js.map +1 -1
package/dist/config/models.d.ts +6 -0
package/dist/config/models.d.ts.map +1 -1
package/dist/config/models.js +37 -0
package/dist/config/models.js.map +1 -1
package/dist/exec/followup.d.ts +1 -0
package/dist/exec/followup.d.ts.map +1 -1
package/dist/exec/followup.js +9 -3
package/dist/exec/followup.js.map +1 -1
package/dist/hooks/__tests__/anti-slop-workflow.test.js +19 -0
package/dist/hooks/__tests__/anti-slop-workflow.test.js.map +1 -1
package/dist/hooks/__tests__/consensus-execution-handoff.test.js +19 -2
package/dist/hooks/__tests__/consensus-execution-handoff.test.js.map +1 -1
package/dist/hooks/__tests__/deep-interview-contract.test.js +40 -0
package/dist/hooks/__tests__/deep-interview-contract.test.js.map +1 -1
package/dist/hooks/__tests__/foreground-isolation-contract.test.d.ts +2 -0
package/dist/hooks/__tests__/foreground-isolation-contract.test.d.ts.map +1 -0
package/dist/hooks/__tests__/foreground-isolation-contract.test.js +28 -0
package/dist/hooks/__tests__/foreground-isolation-contract.test.js.map +1 -0
package/dist/hooks/__tests__/keyword-detector.test.js +37 -25
package/dist/hooks/__tests__/keyword-detector.test.js.map +1 -1
package/dist/hooks/__tests__/notify-hook-auto-nudge.test.js +10 -4
package/dist/hooks/__tests__/notify-hook-auto-nudge.test.js.map +1 -1
package/dist/hooks/__tests__/session.test.js +32 -0
package/dist/hooks/__tests__/session.test.js.map +1 -1
package/dist/hooks/__tests__/wiki-docs-contract.test.js +6 -4
package/dist/hooks/__tests__/wiki-docs-contract.test.js.map +1 -1
package/dist/hooks/codebase-map.d.ts.map +1 -1
package/dist/hooks/codebase-map.js +3 -2
package/dist/hooks/codebase-map.js.map +1 -1
package/dist/hooks/extensibility/dispatcher.d.ts.map +1 -1
package/dist/hooks/extensibility/dispatcher.js +6 -4
package/dist/hooks/extensibility/dispatcher.js.map +1 -1
package/dist/hooks/extensibility/logging.d.ts.map +1 -1
package/dist/hooks/extensibility/logging.js +3 -2
package/dist/hooks/extensibility/logging.js.map +1 -1
package/dist/hooks/extensibility/sdk/paths.d.ts.map +1 -1
package/dist/hooks/extensibility/sdk/paths.js +4 -3
package/dist/hooks/extensibility/sdk/paths.js.map +1 -1
package/dist/hooks/keyword-detector.d.ts.map +1 -1
package/dist/hooks/keyword-detector.js +2 -4
package/dist/hooks/keyword-detector.js.map +1 -1
package/dist/hooks/session.d.ts.map +1 -1
package/dist/hooks/session.js +22 -12
package/dist/hooks/session.js.map +1 -1
package/dist/hud/__tests__/hud-tmux-injection.test.js +8 -7
package/dist/hud/__tests__/hud-tmux-injection.test.js.map +1 -1
package/dist/hud/__tests__/reconcile.test.js +1 -1
package/dist/hud/__tests__/state.test.js +24 -0
package/dist/hud/__tests__/state.test.js.map +1 -1
package/dist/hud/index.js +1 -1
package/dist/hud/index.js.map +1 -1
package/dist/hud/state.d.ts.map +1 -1
package/dist/hud/state.js +22 -8
package/dist/hud/state.js.map +1 -1
package/dist/hud/tmux.js +1 -1
package/dist/hud/tmux.js.map +1 -1
package/dist/imagegen/continuation.d.ts +44 -0
package/dist/imagegen/continuation.d.ts.map +1 -0
package/dist/imagegen/continuation.js +220 -0
package/dist/imagegen/continuation.js.map +1 -0
package/dist/mcp/__tests__/bootstrap.test.js +47 -2
package/dist/mcp/__tests__/bootstrap.test.js.map +1 -1
package/dist/mcp/__tests__/server-lifecycle.test.js +49 -1
package/dist/mcp/__tests__/server-lifecycle.test.js.map +1 -1
package/dist/mcp/__tests__/state-server.test.js +145 -6
package/dist/mcp/__tests__/state-server.test.js.map +1 -1
package/dist/mcp/__tests__/wiki-server.test.js +97 -1
package/dist/mcp/__tests__/wiki-server.test.js.map +1 -1
package/dist/mcp/bootstrap.d.ts +2 -0
package/dist/mcp/bootstrap.d.ts.map +1 -1
package/dist/mcp/bootstrap.js +95 -15
package/dist/mcp/bootstrap.js.map +1 -1
package/dist/mcp/lifecycle-telemetry.d.ts +16 -0
package/dist/mcp/lifecycle-telemetry.d.ts.map +1 -0
package/dist/mcp/lifecycle-telemetry.js +95 -0
package/dist/mcp/lifecycle-telemetry.js.map +1 -0
package/dist/mcp/wiki-server.d.ts.map +1 -1
package/dist/mcp/wiki-server.js +11 -2
package/dist/mcp/wiki-server.js.map +1 -1
package/dist/pipeline/__tests__/stages.test.js +274 -5
package/dist/pipeline/__tests__/stages.test.js.map +1 -1
package/dist/pipeline/stages/team-exec.d.ts +2 -0
package/dist/pipeline/stages/team-exec.d.ts.map +1 -1
package/dist/pipeline/stages/team-exec.js +51 -26
package/dist/pipeline/stages/team-exec.js.map +1 -1
package/dist/planning/__tests__/artifacts.test.js +138 -3
package/dist/planning/__tests__/artifacts.test.js.map +1 -1
package/dist/planning/__tests__/context-pack-status.test.d.ts +2 -0
package/dist/planning/__tests__/context-pack-status.test.d.ts.map +1 -0
package/dist/planning/__tests__/context-pack-status.test.js +271 -0
package/dist/planning/__tests__/context-pack-status.test.js.map +1 -0
package/dist/planning/artifacts.d.ts +12 -1
package/dist/planning/artifacts.d.ts.map +1 -1
package/dist/planning/artifacts.js +32 -9
package/dist/planning/artifacts.js.map +1 -1
package/dist/planning/context-pack-status.d.ts +42 -0
package/dist/planning/context-pack-status.d.ts.map +1 -0
package/dist/planning/context-pack-status.js +479 -0
package/dist/planning/context-pack-status.js.map +1 -0
package/dist/runtime/__tests__/process-tree.test.d.ts +2 -0
package/dist/runtime/__tests__/process-tree.test.d.ts.map +1 -0
package/dist/runtime/__tests__/process-tree.test.js +107 -0
package/dist/runtime/__tests__/process-tree.test.js.map +1 -0
package/dist/runtime/process-tree.d.ts +28 -0
package/dist/runtime/process-tree.d.ts.map +1 -0
package/dist/runtime/process-tree.js +230 -0
package/dist/runtime/process-tree.js.map +1 -0
package/dist/scripts/__tests__/codex-native-hook.test.js +267 -2
package/dist/scripts/__tests__/codex-native-hook.test.js.map +1 -1
package/dist/scripts/__tests__/notify-state-io.test.d.ts +2 -0
package/dist/scripts/__tests__/notify-state-io.test.d.ts.map +1 -0
package/dist/scripts/__tests__/notify-state-io.test.js +40 -0
package/dist/scripts/__tests__/notify-state-io.test.js.map +1 -0
package/dist/scripts/codex-execution-surface.d.ts +1 -1
package/dist/scripts/codex-execution-surface.d.ts.map +1 -1
package/dist/scripts/codex-execution-surface.js.map +1 -1
package/dist/scripts/codex-native-hook.d.ts +1 -1
package/dist/scripts/codex-native-hook.d.ts.map +1 -1
package/dist/scripts/codex-native-hook.js +141 -9
package/dist/scripts/codex-native-hook.js.map +1 -1
package/dist/scripts/notify-hook/managed-tmux.d.ts.map +1 -1
package/dist/scripts/notify-hook/managed-tmux.js +6 -9
package/dist/scripts/notify-hook/managed-tmux.js.map +1 -1
package/dist/scripts/notify-hook/process-runner.d.ts.map +1 -1
package/dist/scripts/notify-hook/process-runner.js +4 -1
package/dist/scripts/notify-hook/process-runner.js.map +1 -1
package/dist/scripts/notify-hook/state-io.d.ts.map +1 -1
package/dist/scripts/notify-hook/state-io.js +4 -7
package/dist/scripts/notify-hook/state-io.js.map +1 -1
package/dist/scripts/notify-hook.js +25 -3
package/dist/scripts/notify-hook.js.map +1 -1
package/dist/scripts/verify-native-agents.d.ts.map +1 -1
package/dist/scripts/verify-native-agents.js +3 -1
package/dist/scripts/verify-native-agents.js.map +1 -1
package/dist/sidecar/__tests__/tmux.test.js +1 -1
package/dist/sidecar/__tests__/tmux.test.js.map +1 -1
package/dist/sidecar/tmux.js +1 -1
package/dist/sidecar/tmux.js.map +1 -1
package/dist/state/__tests__/operations.test.js +79 -0
package/dist/state/__tests__/operations.test.js.map +1 -1
package/dist/state/__tests__/skill-active.test.js +10 -18
package/dist/state/__tests__/skill-active.test.js.map +1 -1
package/dist/state/__tests__/workflow-transition.test.js +45 -1
package/dist/state/__tests__/workflow-transition.test.js.map +1 -1
package/dist/state/operations.d.ts.map +1 -1
package/dist/state/operations.js +1 -20
package/dist/state/operations.js.map +1 -1
package/dist/state/skill-active.d.ts +1 -0
package/dist/state/skill-active.d.ts.map +1 -1
package/dist/state/skill-active.js +28 -18
package/dist/state/skill-active.js.map +1 -1
package/dist/state/workflow-transition-reconcile.d.ts.map +1 -1
package/dist/state/workflow-transition-reconcile.js +3 -2
package/dist/state/workflow-transition-reconcile.js.map +1 -1
package/dist/state/workflow-transition.js +2 -2
package/dist/state/workflow-transition.js.map +1 -1
package/dist/team/__tests__/approved-execution.test.js +96 -0
package/dist/team/__tests__/approved-execution.test.js.map +1 -1
package/dist/team/__tests__/followup-planner.test.js +16 -0
package/dist/team/__tests__/followup-planner.test.js.map +1 -1
package/dist/team/__tests__/model-contract.test.js +16 -0
package/dist/team/__tests__/model-contract.test.js.map +1 -1
package/dist/team/__tests__/repo-aware-decomposition.test.js +20 -0
package/dist/team/__tests__/repo-aware-decomposition.test.js.map +1 -1
package/dist/team/__tests__/runtime-cli.test.js +16 -0
package/dist/team/__tests__/runtime-cli.test.js.map +1 -1
package/dist/team/__tests__/runtime.test.js +209 -11
package/dist/team/__tests__/runtime.test.js.map +1 -1
package/dist/team/__tests__/scaling.test.js +110 -0
package/dist/team/__tests__/scaling.test.js.map +1 -1
package/dist/team/__tests__/tmux-session.test.js +9 -0
package/dist/team/__tests__/tmux-session.test.js.map +1 -1
package/dist/team/__tests__/worker-runtime-identity.test.js +6 -0
package/dist/team/__tests__/worker-runtime-identity.test.js.map +1 -1
package/dist/team/approved-execution.d.ts +13 -0
package/dist/team/approved-execution.d.ts.map +1 -1
package/dist/team/approved-execution.js +40 -22
package/dist/team/approved-execution.js.map +1 -1
package/dist/team/followup-planner.d.ts +1 -0
package/dist/team/followup-planner.d.ts.map +1 -1
package/dist/team/followup-planner.js +9 -9
package/dist/team/followup-planner.js.map +1 -1
package/dist/team/model-contract.d.ts +1 -1
package/dist/team/model-contract.d.ts.map +1 -1
package/dist/team/model-contract.js +4 -3
package/dist/team/model-contract.js.map +1 -1
package/dist/team/repo-aware-decomposition.d.ts +1 -0
package/dist/team/repo-aware-decomposition.d.ts.map +1 -1
package/dist/team/repo-aware-decomposition.js +5 -1
package/dist/team/repo-aware-decomposition.js.map +1 -1
package/dist/team/runtime-cli.d.ts +4 -0
package/dist/team/runtime-cli.d.ts.map +1 -1
package/dist/team/runtime-cli.js +14 -1
package/dist/team/runtime-cli.js.map +1 -1
package/dist/team/runtime.d.ts +1 -0
package/dist/team/runtime.d.ts.map +1 -1
package/dist/team/runtime.js +46 -16
package/dist/team/runtime.js.map +1 -1
package/dist/team/scaling.d.ts.map +1 -1
package/dist/team/scaling.js +13 -6
package/dist/team/scaling.js.map +1 -1
package/dist/team/tmux-session.d.ts.map +1 -1
package/dist/team/tmux-session.js +7 -0
package/dist/team/tmux-session.js.map +1 -1
package/dist/ultragoal/__tests__/artifacts.test.js +129 -4
package/dist/ultragoal/__tests__/artifacts.test.js.map +1 -1
package/dist/ultragoal/__tests__/docs-contract.test.d.ts +2 -0
package/dist/ultragoal/__tests__/docs-contract.test.d.ts.map +1 -0
package/dist/ultragoal/__tests__/docs-contract.test.js +31 -0
package/dist/ultragoal/__tests__/docs-contract.test.js.map +1 -0
package/dist/ultragoal/artifacts.d.ts +6 -2
package/dist/ultragoal/artifacts.d.ts.map +1 -1
package/dist/ultragoal/artifacts.js +108 -4
package/dist/ultragoal/artifacts.js.map +1 -1
package/dist/utils/paths.d.ts +3 -1
package/dist/utils/paths.d.ts.map +1 -1
package/dist/utils/paths.js +6 -2
package/dist/utils/paths.js.map +1 -1
package/dist/verification/__tests__/ci-rust-gates.test.js +44 -14
package/dist/verification/__tests__/ci-rust-gates.test.js.map +1 -1
package/dist/wiki/__tests__/ingest.test.js +35 -1
package/dist/wiki/__tests__/ingest.test.js.map +1 -1
package/dist/wiki/__tests__/lint.test.js +14 -1
package/dist/wiki/__tests__/lint.test.js.map +1 -1
package/dist/wiki/__tests__/query.test.js +28 -3
package/dist/wiki/__tests__/query.test.js.map +1 -1
package/dist/wiki/__tests__/session-hooks.test.js +30 -2
package/dist/wiki/__tests__/session-hooks.test.js.map +1 -1
package/dist/wiki/__tests__/storage.test.js +62 -22
package/dist/wiki/__tests__/storage.test.js.map +1 -1
package/dist/wiki/index.d.ts +2 -2
package/dist/wiki/index.d.ts.map +1 -1
package/dist/wiki/index.js +2 -2
package/dist/wiki/index.js.map +1 -1
package/dist/wiki/ingest.js +2 -2
package/dist/wiki/ingest.js.map +1 -1
package/dist/wiki/lifecycle.d.ts +5 -0
package/dist/wiki/lifecycle.d.ts.map +1 -1
package/dist/wiki/lifecycle.js +31 -4
package/dist/wiki/lifecycle.js.map +1 -1
package/dist/wiki/lint.d.ts.map +1 -1
package/dist/wiki/lint.js +12 -8
package/dist/wiki/lint.js.map +1 -1
package/dist/wiki/query.d.ts.map +1 -1
package/dist/wiki/query.js +3 -2
package/dist/wiki/query.js.map +1 -1
package/dist/wiki/storage.d.ts +4 -0
package/dist/wiki/storage.d.ts.map +1 -1
package/dist/wiki/storage.js +54 -18
package/dist/wiki/storage.js.map +1 -1
package/package.json +1 -1
package/plugins/oh-my-codex/.codex-plugin/plugin.json +1 -1
package/plugins/oh-my-codex/skills/ai-slop-cleaner/SKILL.md +9 -0
package/plugins/oh-my-codex/skills/deep-interview/SKILL.md +25 -2
package/plugins/oh-my-codex/skills/omx-setup/SKILL.md +1 -1
package/plugins/oh-my-codex/skills/plan/SKILL.md +7 -4
package/plugins/oh-my-codex/skills/ralplan/SKILL.md +13 -3
package/plugins/oh-my-codex/skills/team/SKILL.md +2 -2
package/plugins/oh-my-codex/skills/ultragoal/SKILL.md +11 -7
package/plugins/oh-my-codex/skills/visual-ralph/SKILL.md +8 -0
package/plugins/oh-my-codex/skills/wiki/SKILL.md +5 -5
package/prompts/planner.md +1 -1
package/skills/ai-slop-cleaner/SKILL.md +9 -0
package/skills/deep-interview/SKILL.md +25 -2
package/skills/omx-setup/SKILL.md +1 -1
package/skills/plan/SKILL.md +7 -4
package/skills/ralplan/SKILL.md +13 -3
package/skills/team/SKILL.md +2 -2
package/skills/ultragoal/SKILL.md +11 -7
package/skills/visual-ralph/SKILL.md +8 -0
package/skills/wiki/SKILL.md +5 -5
package/src/scripts/__tests__/codex-native-hook.test.ts +302 -2
package/src/scripts/__tests__/notify-state-io.test.ts +73 -0
package/src/scripts/codex-execution-surface.ts +2 -0
package/src/scripts/codex-native-hook.ts +163 -16
package/src/scripts/notify-hook/managed-tmux.ts +6 -7
package/src/scripts/notify-hook/process-runner.ts +4 -1
package/src/scripts/notify-hook/state-io.ts +5 -7
package/src/scripts/notify-hook.ts +26 -3
package/src/scripts/verify-native-agents.ts +3 -1

package/Cargo.lock CHANGED Viewed

@@ -32,14 +32,14 @@ checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79"
 [[package]]
 name = "omx-explore-harness"
-version = "0.16.0"
+version = "0.16.2"
 dependencies = [
  "libc",
 ]
 [[package]]
 name = "omx-mux"
-version = "0.16.0"
+version = "0.16.2"
 dependencies = [
  "serde",
  "serde_json",
@@ -47,7 +47,7 @@ dependencies = [
 [[package]]
 name = "omx-runtime"
-version = "0.16.0"
+version = "0.16.2"
 dependencies = [
  "omx-mux",
  "omx-runtime-core",
@@ -56,7 +56,7 @@ dependencies = [
 [[package]]
 name = "omx-runtime-core"
-version = "0.16.0"
+version = "0.16.2"
 dependencies = [
  "fs2",
  "serde",
@@ -65,7 +65,7 @@ dependencies = [
 [[package]]
 name = "omx-sparkshell"
-version = "0.16.0"
+version = "0.16.2"
 dependencies = [
  "omx-mux",
 ]

package/Cargo.toml CHANGED Viewed

@@ -10,7 +10,7 @@ resolver = "2"
 [workspace.package]
-version = "0.16.0"
+version = "0.16.2"
 edition = "2021"
 rust-version = "1.73"

package/README.md CHANGED Viewed

@@ -265,7 +265,7 @@ If `Shift+Enter` still submits instead of inserting a newline inside an OMX-mana
 - `omx explore --prompt "..."` is for read-only repository lookup
 - `omx sparkshell <command>` is for shell-native inspection and bounded verification
-- when `.omx/wiki/` exists, `omx explore` can inject wiki-first context before falling back to broader repository search
+- when `omx_wiki/` exists, `omx explore` can inject wiki-first context before falling back to broader repository search
 - fallback boundaries are explicit: sparkshell-backend fallback is reported on stderr, and spark-model fallback emits stderr metadata plus an `## OMX Explore fallback` notice in stdout so users can see when cost/behavior may differ from the low-cost path
 Examples:
@@ -279,7 +279,7 @@ omx sparkshell --tmux-pane %12 --tail-lines 400
 ### Wiki
 - `omx wiki` is the CLI parity surface for the OMX wiki MCP server
-- wiki data lives locally under `.omx/wiki/`
+- wiki data lives as repository project knowledge under `omx_wiki/`
 - the wiki is markdown-first and search-first, not vector-first
 Examples:

package/crates/omx-explore/src/main.rs CHANGED Viewed

@@ -6,22 +6,35 @@ use std::fs::{
 use std::io::{self, BufRead, BufReader, Read};
 use std::path::{Path, PathBuf};
 use std::process::{Child, Command, Output, Stdio};
-use std::sync::mpsc::{self, Receiver, RecvTimeoutError};
+use std::sync::mpsc::{self, Receiver, RecvTimeoutError, TryRecvError};
 use std::thread;
 use std::time::{Duration, Instant, SystemTime, UNIX_EPOCH};
 const CODEX_BIN_ENV: &str = "OMX_EXPLORE_CODEX_BIN";
 const HARNESS_ROOT_ENV: &str = "OMX_EXPLORE_ROOT";
 const CODEX_TIMEOUT_MS_ENV: &str = "OMX_EXPLORE_CODEX_TIMEOUT_MS";
+const PROCESS_LIMIT_ENV: &str = "OMX_EXPLORE_PROCESS_LIMIT";
+const CODEX_OUTPUT_LIMIT_BYTES_ENV: &str = "OMX_EXPLORE_CODEX_OUTPUT_LIMIT_BYTES";
 const INTERNAL_DIRECT_WRAPPER_FLAG: &str = "--internal-allowlist-direct";
 const INTERNAL_SHELL_WRAPPER_FLAG: &str = "--internal-allowlist-shell";
 const TEMP_ALLOWLIST_DIR_PREFIX: &str = "omx-explore-allowlist-";
 const DEFAULT_CODEX_TIMEOUT_MS: u64 = 180_000;
+const DEFAULT_PROCESS_LIMIT: usize = 96;
+const DEFAULT_CODEX_OUTPUT_LIMIT_BYTES: usize = 8 * 1024 * 1024;
+const PROCESS_LIMIT_POLL_MS: u64 = 100;
 const PROCESS_TERMINATION_GRACE_MS: u64 = 500;
 const PIPE_READER_READY_GRACE_MS: u64 = 25;
 const PIPE_READER_JOIN_GRACE_MS: u64 = 500;
-const EXPLORE_SUBPROCESS_ENV_VARS_TO_SCRUB: &[&str] =
-    &["BASH_ENV", "ENV", "PROMPT_COMMAND", "NODE_OPTIONS"];
+const EXPLORE_SUBPROCESS_ENV_VARS_TO_SCRUB: &[&str] = &[
+    "BASH_ENV",
+    "ENV",
+    "PROMPT_COMMAND",
+    "NODE_OPTIONS",
+    "SHELLOPTS",
+    "BASHOPTS",
+    "GREP_OPTIONS",
+    "GREP_COLORS",
+];
 const WINDOWS_UNSUPPORTED_ALLOWLIST_MESSAGE: &str =
     "omx explore built-in harness is not ready on Windows because its allowlist runtime relies on POSIX sh/bash wrappers. Set OMX_EXPLORE_BIN to a compatible custom harness, prefer `omx sparkshell` for shell-native read-only lookups, or run `omx doctor` for readiness details.";
@@ -334,13 +347,59 @@ fn invoke_codex(args: &Args, model: &str, prompt_contract: &str) -> io::Result<A
             ),
             output_markdown: None,
         }),
+        TimedCommandOutput::ProcessLimitExceeded {
+            stderr,
+            process_count,
+            process_limit,
+        } => Ok(AttemptResult {
+            status_code: 125,
+            stderr: format!(
+                "[omx explore] codex exec exceeded per-run process limit ({process_count}>{process_limit}); terminated process tree to avoid runaway shell storms{}{}",
+                if stderr.trim().is_empty() {
+                    ""
+                } else {
+                    ". stderr before termination: "
+                },
+                stderr.trim()
+            ),
+            output_markdown: None,
+        }),
+        TimedCommandOutput::OutputLimitExceeded {
+            stderr,
+            output_limit,
+            stream,
+        } => Ok(AttemptResult {
+            status_code: 126,
+            stderr: format!(
+                "[omx explore] codex exec exceeded subprocess {stream} output limit ({output_limit} bytes); terminated process tree to avoid unbounded memory growth{}{}",
+                if stderr.trim().is_empty() {
+                    ""
+                } else {
+                    ". stderr before termination: "
+                },
+                stderr.trim()
+            ),
+            output_markdown: None,
+        }),
     }
 }
 #[derive(Debug)]
 enum TimedCommandOutput {
     Completed(Output),
-    TimedOut { stderr: String },
+    TimedOut {
+        stderr: String,
+    },
+    ProcessLimitExceeded {
+        stderr: String,
+        process_count: usize,
+        process_limit: usize,
+    },
+    OutputLimitExceeded {
+        stderr: String,
+        output_limit: usize,
+        stream: &'static str,
+    },
 }
 fn codex_timeout() -> Duration {
@@ -352,6 +411,22 @@ fn codex_timeout() -> Duration {
     Duration::from_millis(timeout_ms)
 }
+fn codex_output_limit_bytes() -> usize {
+    env::var(CODEX_OUTPUT_LIMIT_BYTES_ENV)
+        .ok()
+        .and_then(|value| value.trim().parse::<usize>().ok())
+        .filter(|value| *value > 0)
+        .unwrap_or(DEFAULT_CODEX_OUTPUT_LIMIT_BYTES)
+}
+fn process_limit() -> usize {
+    env::var(PROCESS_LIMIT_ENV)
+        .ok()
+        .and_then(|value| value.trim().parse::<usize>().ok())
+        .filter(|value| *value > 0)
+        .unwrap_or(DEFAULT_PROCESS_LIMIT)
+}
 fn run_command_with_timeout(
     mut command: Command,
     timeout: Duration,
@@ -360,19 +435,37 @@ fn run_command_with_timeout(
     configure_process_group(&mut command);
     let mut child = command.spawn()?;
-    let stdout_reader = spawn_pipe_reader(child.stdout.take());
-    let stderr_reader = spawn_pipe_reader(child.stderr.take());
+    let output_limit = codex_output_limit_bytes();
+    let mut stdout_reader = spawn_pipe_reader("stdout", child.stdout.take(), output_limit);
+    let mut stderr_reader = spawn_pipe_reader("stderr", child.stderr.take(), output_limit);
     let deadline = Instant::now() + timeout;
+    let process_limit = process_limit();
+    let mut next_process_limit_poll = Instant::now() + Duration::from_millis(PROCESS_LIMIT_POLL_MS);
     loop {
         if let Some(status) = child.try_wait()? {
-            let (stdout, stderr) = collect_completed_output(
+            // The wrapper may exit while grandchildren keep the process group
+            // alive. Sweep it before collecting pipes so completed harness
+            // runs cannot leave detached shells behind.
+            terminate_child_process_tree(&mut child);
+            let output = collect_completed_output(
                 &mut child,
-                &stdout_reader,
-                &stderr_reader,
+                &mut stdout_reader,
+                &mut stderr_reader,
                 Duration::from_millis(PIPE_READER_READY_GRACE_MS),
                 Duration::from_millis(PIPE_READER_JOIN_GRACE_MS),
-            )?;
+            );
+            let (stdout, stderr) = match output {
+                Ok(output) => output,
+                Err(err) if is_output_limit_error(&err) => {
+                    return Ok(TimedCommandOutput::OutputLimitExceeded {
+                        stderr: String::new(),
+                        output_limit,
+                        stream: output_limit_stream(&err),
+                    });
+                }
+                Err(err) => return Err(err),
+            };
             return Ok(TimedCommandOutput::Completed(Output {
                 status,
                 stdout,
@@ -384,37 +477,192 @@ fn run_command_with_timeout(
             terminate_child_process_tree(&mut child);
             let _ = child.wait();
             let reader_timeout = Duration::from_millis(PIPE_READER_JOIN_GRACE_MS);
-            let _ = receive_pipe_reader(&stdout_reader, reader_timeout);
-            let stderr = receive_pipe_reader(&stderr_reader, reader_timeout).unwrap_or_default();
+            let _ = receive_pipe_reader(&mut stdout_reader, reader_timeout);
+            let stderr =
+                receive_pipe_reader(&mut stderr_reader, reader_timeout).unwrap_or_default();
             return Ok(TimedCommandOutput::TimedOut {
                 stderr: String::from_utf8_lossy(&stderr).into_owned(),
             });
         }
+        if Instant::now() >= next_process_limit_poll {
+            next_process_limit_poll = Instant::now() + Duration::from_millis(PROCESS_LIMIT_POLL_MS);
+            if let Some(process_count) = count_process_tree(child.id()) {
+                if process_count > process_limit {
+                    terminate_child_process_tree(&mut child);
+                    let _ = child.wait();
+                    let reader_timeout = Duration::from_millis(PIPE_READER_JOIN_GRACE_MS);
+                    let _ = receive_pipe_reader(&mut stdout_reader, reader_timeout);
+                    let stderr =
+                        receive_pipe_reader(&mut stderr_reader, reader_timeout).unwrap_or_default();
+                    return Ok(TimedCommandOutput::ProcessLimitExceeded {
+                        stderr: String::from_utf8_lossy(&stderr).into_owned(),
+                        process_count,
+                        process_limit,
+                    });
+                }
+            }
+        }
+        if let Some(stream) = poll_output_limit(&mut stdout_reader, &mut stderr_reader)? {
+            terminate_child_process_tree(&mut child);
+            let _ = child.wait();
+            let reader_timeout = Duration::from_millis(PIPE_READER_JOIN_GRACE_MS);
+            let stderr = if stream == "stderr" {
+                Vec::new()
+            } else {
+                receive_pipe_reader(&mut stderr_reader, reader_timeout).unwrap_or_default()
+            };
+            return Ok(TimedCommandOutput::OutputLimitExceeded {
+                stderr: String::from_utf8_lossy(&stderr).into_owned(),
+                output_limit,
+                stream,
+            });
+        }
         thread::sleep(Duration::from_millis(25));
     }
 }
-fn spawn_pipe_reader<R: Read + Send + 'static>(pipe: Option<R>) -> Receiver<io::Result<Vec<u8>>> {
+#[cfg(target_os = "linux")]
+fn count_process_tree(root_pid: u32) -> Option<usize> {
+    use std::collections::HashMap;
+    let entries = std::fs::read_dir("/proc").ok()?;
+    let mut children: HashMap<u32, Vec<u32>> = HashMap::new();
+    for entry in entries.flatten() {
+        let name = entry.file_name();
+        let Some(name) = name.to_str() else {
+            continue;
+        };
+        let Ok(pid) = name.parse::<u32>() else {
+            continue;
+        };
+        let Ok(stat) = std::fs::read_to_string(format!("/proc/{pid}/stat")) else {
+            continue;
+        };
+        let Some(close_paren) = stat.rfind(')') else {
+            continue;
+        };
+        let fields: Vec<&str> = stat[close_paren + 2..].split(' ').collect();
+        let Some(ppid) = fields.get(1).and_then(|field| field.parse::<u32>().ok()) else {
+            continue;
+        };
+        children.entry(ppid).or_default().push(pid);
+    }
+    let mut count = 1;
+    let mut stack = children.remove(&root_pid).unwrap_or_default();
+    while let Some(pid) = stack.pop() {
+        count += 1;
+        if let Some(mut nested) = children.remove(&pid) {
+            stack.append(&mut nested);
+        }
+    }
+    Some(count)
+}
+#[cfg(not(target_os = "linux"))]
+fn count_process_tree(_root_pid: u32) -> Option<usize> {
+    None
+}
+struct PipeReader {
+    receiver: Receiver<io::Result<Vec<u8>>>,
+    cached: Option<io::Result<Vec<u8>>>,
+}
+fn spawn_pipe_reader<R: Read + Send + 'static>(
+    stream: &'static str,
+    pipe: Option<R>,
+    output_limit: usize,
+) -> PipeReader {
     let (sender, receiver) = mpsc::channel();
     thread::spawn(move || {
-        let _ = sender.send(read_pipe_to_end(pipe));
+        let _ = sender.send(read_pipe_bounded(pipe, stream, output_limit));
     });
-    receiver
+    PipeReader {
+        receiver,
+        cached: None,
+    }
 }
-fn read_pipe_to_end<R: Read + Send + 'static>(pipe: Option<R>) -> io::Result<Vec<u8>> {
+fn read_pipe_bounded<R: Read + Send + 'static>(
+    pipe: Option<R>,
+    stream: &'static str,
+    output_limit: usize,
+) -> io::Result<Vec<u8>> {
     let mut bytes = Vec::new();
-    if let Some(mut pipe) = pipe {
-        pipe.read_to_end(&mut bytes)?;
+    let Some(pipe) = pipe else {
+        return Ok(bytes);
+    };
+    let mut reader = BufReader::new(pipe);
+    let mut chunk = [0_u8; 8192];
+    loop {
+        let read = reader.read(&mut chunk)?;
+        if read == 0 {
+            return Ok(bytes);
+        }
+        if bytes.len().saturating_add(read) > output_limit {
+            return Err(output_limit_error(stream, output_limit));
+        }
+        bytes.extend_from_slice(&chunk[..read]);
+    }
+}
+fn output_limit_error(stream: &'static str, output_limit: usize) -> io::Error {
+    io::Error::new(
+        io::ErrorKind::Other,
+        format!("subprocess {stream} exceeded output limit of {output_limit} bytes"),
+    )
+}
+fn is_output_limit_error(err: &io::Error) -> bool {
+    err.to_string().contains("exceeded output limit")
+}
+fn output_limit_stream(err: &io::Error) -> &'static str {
+    if err.to_string().contains("stderr") {
+        "stderr"
+    } else {
+        "stdout"
+    }
+}
+fn poll_output_limit(
+    stdout_reader: &mut PipeReader,
+    stderr_reader: &mut PipeReader,
+) -> io::Result<Option<&'static str>> {
+    if let Some(stream) = poll_one_output_limit("stdout", stdout_reader)? {
+        return Ok(Some(stream));
+    }
+    poll_one_output_limit("stderr", stderr_reader)
+}
+fn poll_one_output_limit(
+    stream: &'static str,
+    reader: &mut PipeReader,
+) -> io::Result<Option<&'static str>> {
+    if reader.cached.is_some() {
+        return Ok(None);
+    }
+    match reader.receiver.try_recv() {
+        Ok(Ok(bytes)) => {
+            reader.cached = Some(Ok(bytes));
+            Ok(None)
+        }
+        Ok(Err(err)) if is_output_limit_error(&err) => Ok(Some(stream)),
+        Ok(Err(err)) => Err(err),
+        Err(TryRecvError::Empty) => Ok(None),
+        Err(TryRecvError::Disconnected) => Err(io::Error::new(
+            io::ErrorKind::Other,
+            "subprocess output reader disconnected",
+        )),
     }
-    Ok(bytes)
 }
 fn collect_completed_output(
     child: &mut Child,
-    stdout_reader: &Receiver<io::Result<Vec<u8>>>,
-    stderr_reader: &Receiver<io::Result<Vec<u8>>>,
+    stdout_reader: &mut PipeReader,
+    stderr_reader: &mut PipeReader,
     ready_timeout: Duration,
     cleanup_timeout: Duration,
 ) -> io::Result<(Vec<u8>, Vec<u8>)> {
@@ -438,21 +686,21 @@ fn collect_completed_output(
 }
 fn receive_pipe_reader_if_ready(
-    receiver: &Receiver<io::Result<Vec<u8>>>,
+    reader: &mut PipeReader,
     timeout: Duration,
 ) -> io::Result<Option<Vec<u8>>> {
-    match receive_pipe_reader(receiver, timeout) {
+    match receive_pipe_reader(reader, timeout) {
         Ok(bytes) => Ok(Some(bytes)),
         Err(err) if err.kind() == io::ErrorKind::TimedOut => Ok(None),
         Err(err) => Err(err),
     }
 }
-fn receive_pipe_reader(
-    receiver: &Receiver<io::Result<Vec<u8>>>,
-    timeout: Duration,
-) -> io::Result<Vec<u8>> {
-    match receiver.recv_timeout(timeout) {
+fn receive_pipe_reader(reader: &mut PipeReader, timeout: Duration) -> io::Result<Vec<u8>> {
+    if let Some(result) = reader.cached.take() {
+        return result;
+    }
+    match reader.receiver.recv_timeout(timeout) {
         Ok(result) => result,
         Err(RecvTimeoutError::Timeout) => Err(io::Error::new(
             io::ErrorKind::TimedOut,
@@ -2476,6 +2724,126 @@ sleep 30
         assert_eq!(read_to_string(&term_file).unwrap_or_default(), "term");
     }
+    #[cfg(target_os = "linux")]
+    #[test]
+    fn run_command_with_timeout_aborts_suspicious_process_storm() {
+        let _env_guard = env_lock();
+        let _process_guard = process_tree_lock();
+        let root = temp_allowlist_dir().expect("temp root");
+        let script = root.path.join("storm.sh");
+        write_executable(
+            &script,
+            r#"#!/bin/sh
+while :; do
+  sleep 30 &
+  sleep 0.01
+done
+"#,
+        )
+        .expect("write script");
+        unsafe {
+            env::set_var(PROCESS_LIMIT_ENV, "12");
+        }
+        let started = Instant::now();
+        let result = run_command_with_timeout(Command::new(&script), Duration::from_secs(10))
+            .expect("run with process storm");
+        unsafe {
+            env::remove_var(PROCESS_LIMIT_ENV);
+        }
+        let TimedCommandOutput::ProcessLimitExceeded {
+            process_count,
+            process_limit,
+            ..
+        } = result
+        else {
+            panic!("expected process limit failure");
+        };
+        assert!(process_count > process_limit);
+        assert!(started.elapsed() < Duration::from_secs(5));
+    }
+    #[cfg(unix)]
+    #[test]
+    fn run_command_with_timeout_fails_closed_on_large_stdout() {
+        let _env_guard = env_lock();
+        let _process_guard = process_tree_lock();
+        let root = temp_allowlist_dir().expect("temp root");
+        let script = root.path.join("large-stdout.sh");
+        write_executable(
+            &script,
+            r#"#!/bin/sh
+while :; do
+  printf 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
+done
+"#,
+        )
+        .expect("write script");
+        unsafe {
+            env::set_var(CODEX_OUTPUT_LIMIT_BYTES_ENV, "4096");
+        }
+        let started = Instant::now();
+        let result = run_command_with_timeout(Command::new(&script), Duration::from_secs(10))
+            .expect("run with large stdout");
+        unsafe {
+            env::remove_var(CODEX_OUTPUT_LIMIT_BYTES_ENV);
+        }
+        let TimedCommandOutput::OutputLimitExceeded {
+            stream,
+            output_limit,
+            ..
+        } = result
+        else {
+            panic!("expected stdout output limit failure");
+        };
+        assert_eq!(stream, "stdout");
+        assert_eq!(output_limit, 4096);
+        assert!(started.elapsed() < Duration::from_secs(3));
+    }
+    #[cfg(unix)]
+    #[test]
+    fn run_command_with_timeout_fails_closed_on_large_stderr() {
+        let _env_guard = env_lock();
+        let _process_guard = process_tree_lock();
+        let root = temp_allowlist_dir().expect("temp root");
+        let script = root.path.join("large-stderr.sh");
+        write_executable(
+            &script,
+            r#"#!/bin/sh
+while :; do
+  printf 'eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee' >&2
+done
+"#,
+        )
+        .expect("write script");
+        unsafe {
+            env::set_var(CODEX_OUTPUT_LIMIT_BYTES_ENV, "4096");
+        }
+        let started = Instant::now();
+        let result = run_command_with_timeout(Command::new(&script), Duration::from_secs(10))
+            .expect("run with large stderr");
+        unsafe {
+            env::remove_var(CODEX_OUTPUT_LIMIT_BYTES_ENV);
+        }
+        let TimedCommandOutput::OutputLimitExceeded {
+            stream,
+            output_limit,
+            ..
+        } = result
+        else {
+            panic!("expected stderr output limit failure");
+        };
+        assert_eq!(stream, "stderr");
+        assert_eq!(output_limit, 4096);
+        assert!(started.elapsed() < Duration::from_secs(3));
+    }
     #[cfg(unix)]
     #[test]
     fn run_command_with_timeout_closes_inherited_stdio_after_parent_exit() {
@@ -2510,6 +2878,44 @@ exit 0
         assert_eq!(String::from_utf8_lossy(&output.stderr), "parent stderr\n");
     }
+    #[cfg(unix)]
+    #[test]
+    fn run_command_with_timeout_sweeps_detached_grandchildren_after_parent_exit() {
+        let _env_guard = env_lock();
+        let _process_guard = process_tree_lock();
+        let root = temp_allowlist_dir().expect("temp root");
+        let term_file = root.path.join("orphan.term");
+        let ready_file = root.path.join("orphan.ready");
+        let script = root.path.join("spawn-detached-grandchild.sh");
+        write_executable(
+            &script,
+            &format!(
+                r#"#!/bin/sh
+(trap 'printf term > {}; exit 0' TERM; printf ready > {}; sleep 30) >/dev/null 2>&1 &
+while [ ! -f {} ]; do
+  sleep 0.01
+done
+printf 'parent done\n'
+exit 0
+"#,
+                shell_quote(&term_file.display().to_string()),
+                shell_quote(&ready_file.display().to_string()),
+                shell_quote(&ready_file.display().to_string()),
+            ),
+        )
+        .expect("write script");
+        let result = run_command_with_timeout(Command::new(&script), Duration::from_secs(10))
+            .expect("run with detached grandchild");
+        let TimedCommandOutput::Completed(output) = result else {
+            panic!("expected parent completion");
+        };
+        assert!(output.status.success());
+        assert_eq!(String::from_utf8_lossy(&output.stdout), "parent done\n");
+        assert_eq!(read_to_string(&term_file).unwrap_or_default(), "term");
+    }
     fn fallback_test_event() -> FallbackEvent {
         FallbackEvent {
             from_model: "spark-model".to_string(),