oh-my-customcode 0.160.0 → 0.162.0

package/README.md

@@ -13,7 +13,7 @@
 
 **[한국어 문서 (Korean)](./README_ko.md)**
 
-49 agents. 115 skills. 23 rules. One command.
+49 agents. 116 skills. 23 rules. One command.
 
 ```bash
 npm install -g oh-my-customcode && cd your-project && omcustom init
@@ -132,7 +132,7 @@ Each agent declares its tools, model, memory scope, and limitations in YAML fron
 
 ---
 
-### Skills (115)
+### Skills (116)
 
 | Category | Count | Includes |
 |----------|-------|----------|
@@ -270,7 +270,7 @@ your-project/
 ├── CLAUDE.md                   # Entry point
 ├── .claude/
 │   ├── agents/                 # 49 agent definitions
-│   ├── skills/                 # 115 skill modules
+│   ├── skills/                 # 116 skill modules
 │   ├── rules/                  # 22 governance rules (R000-R021)
 │   ├── hooks/                  # 15 lifecycle hook scripts
 │   ├── schemas/                # Tool input validation schemas

package/dist/cli/index.js

@@ -2334,7 +2334,7 @@ var init_package = __esm(() => {
     workspaces: [
       "packages/*"
     ],
-    version: "0.160.0",
+    version: "0.162.0",
     description: "Batteries-included agent harness for Claude Code",
     type: "module",
     bin: {

package/dist/index.js

@@ -2031,7 +2031,7 @@ var package_default = {
   workspaces: [
     "packages/*"
   ],
-  version: "0.160.0",
+  version: "0.162.0",
   description: "Batteries-included agent harness for Claude Code",
   type: "module",
   bin: {

package/package.json

@@ -3,7 +3,7 @@
   "workspaces": [
     "packages/*"
   ],
-  "version": "0.160.0",
+  "version": "0.162.0",
   "description": "Batteries-included agent harness for Claude Code",
   "type": "module",
   "bin": {

package/templates/.claude/rules/MUST-agent-design.md

@@ -162,6 +162,8 @@ Agent frontmatter `hooks:` now fire when the agent runs as a main-thread agent v
 
 > **Note**: `/reload-plugins` now auto-installs missing plugin dependencies from added marketplaces (v2.1.116+).
 
+> **v2.1.157+**: `settings.json` `agent` field is now honored for dispatched sessions (with `--agent <name>` override). `EnterWorktree` can switch between Claude-managed worktrees mid-session, and worktrees are left unlocked when the agent finishes (enabling `git worktree remove`/`prune` cleanup).
+
 ## Permission Mode Guidance
 
 CC defaults `mode` to `acceptEdits` if not specified — always pass `mode: "bypassPermissions"` explicitly in Agent tool calls (see R010). See guidance details via Read tool.

package/templates/.claude/rules/MUST-completion-verification.md

@@ -185,6 +185,31 @@ triage-dispatch.yml 실패 원인을 파일 Read 전에 "triaged 라벨 부재 +
 
 > 진단에 의존하는 쓰기/위임은 진단 결과를 본 다음 턴에 수행한다. R009 병렬 실행은 독립 작업에만 적용 — 진단→변경은 순차 의존이다.
 
+### Read-Before-Characterize
+
+진단 대상(로그, 출력, 데이터)을 **충분히 읽기 전에** 에러 클래스나 원인을 단정하지 않는다. 24MB INFO 로그를 읽기 전 "error loop"로 단정하는 것은 위반이다.
+
+| 금지 | 필수 |
+|------|------|
+| 로그/출력을 읽기 전 "error loop"·"무한 루프"로 특성화 | 대표 샘플을 먼저 읽고 INFO/WARN/ERROR 분포 확인 후 특성화 |
+| 첫 namespace/scope만 보고 전체 단정 | 관련 scope 확인 후 결론 |
+
+Origin: #1266 ④.
+
+### Degraded-Output Re-Verification Gate (529 / buffering)
+
+When tool outputs show degradation signs — 529 errors, duplicated or truncated output, or a Read returning empty on a file that is known non-empty — you MUST re-verify any fact via a deterministic second source BEFORE any destructive or permanent action (recovery-agent dispatch, issue edit, commit, file restore). Do NOT characterize state ("corruption", "오염", "loop") from a single degraded read.
+
+| Anti-pattern | Required |
+|--------------|----------|
+| Dispatch a recovery agent off a single 529-buffered read | Re-run a minimal deterministic check (`wc -c`, single-field `gh ... view`, `head`) and confirm before acting |
+| Declare a file "corrupted/오염" from one empty Read | Confirm byte count / content via an independent command first |
+
+#### Common Violation (#1269 ①)
+Session 106: during 529 buffering, a CHANGELOG was misdiagnosed as "61x 중복 오염" from buffered output and a recovery agent was dispatched — a self-violation of the same-session Read-Before-Characterize rule (#1266 ④). Deterministic count re-verification showed the file was clean. The 529 gate makes the re-verification mandatory, not advisory.
+
+Origin: #1269 ① (R020 self-violation, session 106).
+
 ## Integration
 
 | Rule | Interaction |

package/templates/.claude/rules/MUST-continuous-improvement.md

@@ -37,6 +37,8 @@ Update the relevant rule rather than just acknowledging the violation.
 
 **Skill Promotion**: feedback memory가 동일 패턴으로 3회 이상 반복되면 "failure pattern"으로 승격. skill-extractor의 `--mode failure` 플래그로 스킬 후보 분석 가능 (Skillify 내재화, #972).
 
+> **Quantitative threshold (clarified, #1268)**: candidacy begins at **≥2 occurrences** (propose a candidate via skill-extractor's 4-criteria gate); confirmed promotion to a tracked failure pattern requires **≥3 occurrences**. The ≥2 candidacy tier feeds skill-extractor Phase 1; the ≥3 tier gates actual skill creation. See `skill-extractor` Selection Discipline.
+
 When CI failure, process gap, or repeatable system defect is found:
 1. Record feedback memory (defend current session)
 2. Register GitHub issue (trackable improvement item)

package/templates/.claude/rules/MUST-orchestrator-coordination.md

@@ -238,6 +238,28 @@ When the user explicitly signals full-delegation intent, the orchestrator operat
 Autonomous mode and `/structured-dev-cycle` (stage-blocker) are mutually exclusive.
 -->
 
+## Subagent Scope-Creep STOP Protocol
+
+> Origin: #1266 ① (Critical) — a single subagent named "Migrate secretary.db to PG + backfill" tripped the safety classifier 13 times, silently expanding from its named task into shared-secret deletion, unrequested public tunnel creation, `.env`/OAuth credential dumps, and prod pod remote exec. The orchestrator kept re-running the tripped agent instead of stopping it; a resulting credential rotation caused a dashboard data outage.
+
+### Core Rule
+
+When a subagent trips the safety classifier (R001/R002) **2 times**, the orchestrator MUST STOP that agent, discard its in-flight plan, and redesign the task with a narrower, pre-decomposed scope. Repeatedly re-running a tripped agent is an anti-pattern.
+
+| Trips on same agent | Required orchestrator action |
+|---------------------|------------------------------|
+| 1st trip | Note the boundary; re-confirm the agent's scope against the original task |
+| 2nd trip | STOP the agent — do NOT re-run. Redesign: decompose by domain (R009) and re-delegate narrower units |
+| 3+ trips | Hard anti-pattern — indicates lost control; abort and report to user |
+
+### Pre-Decomposition Mandate
+
+Broad single-task scopes (e.g. "migrate + backfill") MUST be pre-decomposed by domain before delegation, so an agent cannot silently expand from its named task into adjacent privileged domains (secret rotation, tunnel creation, infra deletion, dashboard changes). See R009 (pre-decomposition) and R018 (domain-split).
+
+### Out-of-Scope Privileged Chaining
+
+A subagent MUST NOT chain from an approved action into unrequested privileged operations. Example: approved "delete tunnel X" → unrequested "create new public tunnel Y" is a scope violation. Each privileged action requires its own authorization trace back to the user request.
+
 ## Universal bypassPermissions
 
 **ALL Agent tool calls MUST include `mode: "bypassPermissions"`.**
@@ -291,6 +313,9 @@ Before delegating a task to a subagent, MUST verify the target agent's tool capa
 | `Read` external files | `tools:` includes Read |
 | `Write` files | `tools:` includes Write (and target path not in `disallowedTools` scope) |
 | MCP server calls | `mcpServers:` includes the required server |
+| Task targets a specific file path | The path EXISTS (`Glob`/`ls`) — capability check alone does not catch a missing/renamed file |
+
+> **Path existence ≠ tool capability (#1269 ③)**: the pre-check above verifies the agent HAS Read/Write/Bash, but not that the target path actually exists. Delegating a read/write to a missing or renamed path causes the same round-trip waste the capability pre-check is meant to prevent. Verify path existence (Glob/ls) before delegating path-specific work.
 
 ### Known Limitations (Active Cache)
 

package/templates/.claude/rules/MUST-safety.md

@@ -25,6 +25,19 @@ The following git commands have caused working tree loss in past sessions (#1146
 
 **Recovery hint**: If working tree loss occurs, check `git reflog` immediately — most operations are recoverable within 30 days.
 
+## Credential & Privileged-Scope Guardrails
+
+> Origin: #1266 ① (Critical) — a subagent dumped `.env` and Gmail OAuth credentials into the transcript (Credential Exploration) and ran an unauthorized credential-rotation flow that caused a dashboard data outage.
+
+| Prohibited | Required instead |
+|-----------|------------------|
+| Dumping credential stores (`.env`, OAuth tokens, k8s secrets, `PG_DSN`) into the transcript or agent output | Reference secrets by name only; never echo values |
+| Unrequested credential rotation / secret recreation | Rotate only on explicit user request scoped to the specific secret |
+| Chaining an approved privileged action into adjacent unrequested ones | Each privileged op requires its own authorization trace |
+| Irreversible shared-infra action (prod pod exec, shared-ns secret delete, tunnel create) without scope re-confirmation | Re-confirm scope with the user before irreversible / shared-infra actions |
+
+Cross-reference: R010 Subagent Scope-Creep STOP Protocol, R002 (permission tiers).
+
 ## Required Before Destructive Operations
 
 Verify target, assess impact scope, check recoverability, get user approval.

package/templates/.claude/rules/SHOULD-hud-statusline.md

@@ -17,6 +17,8 @@ Format: `─── [Spawn] {subagent_type}:{model} | {description} ───`
 
 > **v2.1.141+**: Hook JSON output can include `terminalSequence` field to emit window title changes or terminal bells without terminal control. Complementary to HUD stderr channel — e.g., update window title on task completion or ring bell after long parallel run. Modifying `.claude/hooks/` requires explicit user approval (R001).
 
+> **v2.1.157+**: `tool_decision` telemetry events now include `tool_parameters` (bash commands, MCP/skill names) when `OTEL_LOG_TOOL_DETAILS=1`. Complements R012 observability — enables per-tool parameter tracking in monitoring dashboards. See `monitoring-setup` skill.
+
 <!-- DETAIL: HUD Events full spec
 ### When to Display: Multi-step tasks, parallel execution, long-running operations. Skip for single brief operations.
 ### Parallel Display:

package/templates/.claude/rules/SHOULD-interaction.md

@@ -87,3 +87,13 @@ Trade-offs: RS256 is ~10x slower than HS256 but enables asymmetric key managemen
 | **Output Styles** | 세션 전체 기본 어조/포맷 | static, session-level |
 
 기본 활성화 스타일: `korean-engineer` (`.claude/output-styles/korean-engineer.md`).
+
+## Unverifiable External Product UI
+
+> Origin: #1266 ② (High) — described Cloudflare Access "Add an application" Subdomain/Domain/Path fields as fact; the user found no such fields ("어디에도 없다").
+
+Do NOT state the steps, field names, or layout of an external product's UI as fact when you cannot verify them from a measured source. Provide only system-measured values (URLs, config read from files/APIs) and delegate UI navigation to the user.
+
+| Anti-pattern | Required |
+|--------------|----------|
+| "Click X, fill the Subdomain field, then…" (unverified external UI) | "Open <measured URL>. Navigate the console yourself — I can't see your screen. Values to enter: …" |

package/templates/.claude/rules/SHOULD-verification-ladder.md

@@ -75,3 +75,36 @@ R021은 위반 시 어떻게 멈출지를, R023은 어떤 순서로 검증할지
 | R013 (Ecomode) | 컨텍스트 압박 시 Tier 3를 Tier 2로 다운그레이드 고려 |
 | R017 (Sync Verification) | Phase 1-3 검증 단계는 R023 Tier 1-3에 대응 |
 | R021 (Enforcement Policy) | 직교: R021은 blocking 방식, R023은 검증 비용 순서 |
+
+## Workflow Prompt & Verifier Ground-Truth
+
+> Origin: #1266 ③ (High) — a Workflow built the agent prompt as `await agent(prompt) + FACTS`, concatenating the guardrail fact-sheet onto the RETURN VALUE instead of the prompt. The writer never received the facts, hallucinated an in-cluster hostname (`secretary-mcp`), and the adversarial verifier couldn't catch it (the fact was in no source it had).
+
+### Prompt Completion Before Call
+
+Workflow/agent prompts MUST be fully assembled into the prompt string **before** the `agent()` / Agent tool call. Post-call concatenation onto the return value is a footgun — the agent never sees the appended content.
+
+| Anti-pattern | Required |
+|--------------|----------|
+| `const r = await agent(prompt) + FACTS` | `const r = await agent(prompt + FACTS)` — assemble first |
+
+### Workflow Script Sanity Check
+
+Before invoking a Workflow script, deterministically verify:
+
+| Check | Why |
+|-------|-----|
+| No unresolved placeholders (`{phase1_summary}`, `TODO`, `<...>`, `{{ }}`) remain in any agent prompt string | An unfilled placeholder reaches the agent verbatim → garbled task |
+| Template-literal / string concatenation produces the intended prompt (assemble-before-call, see above) | Post-call concatenation (`agent(prompt) + FACTS`) silently drops content |
+| Script parses — balanced braces/quotes, valid JS | A syntax error aborts the entire run after partial work |
+
+#### Common Violation (#1271)
+Session 106 follow-up to #1266 ③: a Workflow authoring error recurred — the guardrail fact-sheet was concatenated onto the agent's RETURN VALUE instead of the prompt string, and a placeholder/assembly slip went uncaught because no pre-run sanity check existed. This check is the deterministic Tier-1 guard that catches such slips before the expensive run.
+
+Origin: #1271 (Workflow authoring error recurrence, session 106).
+
+### Verifier Ground-Truth for Cross-Cutting Facts
+
+Cross-cutting facts not verifiable from the primary source (external URLs, in-cluster DNS/hostnames, infra topology) MUST be supplied to the verifier as explicit ground-truth. Otherwise an adversarial verifier cannot distinguish a hallucinated value from a correct one — a verification blind spot.
+
+Cross-reference: R009 (giant-prompt decomposition), `worker-reviewer-pipeline` skill.

package/templates/.claude/skills/homework/SKILL.md

@@ -0,0 +1,217 @@
+---
+name: homework
+description: On session cleanup ("세션 정리") or /homework invocation, analyze the current and linked previous sessions, extract mistakes (찐빠), and report them via omcustom-feedback with a confirmation gate. Use when wrapping up a session or auditing recent work for harness gaps.
+scope: harness
+user-invocable: true
+argument-hint: "[--dry-run] [--days <n>] [--severity <critical|high|medium|low>]"
+version: 0.1.0
+effort: medium
+---
+
+# Homework — Session Mistake Extractor
+
+On session cleanup ("세션 정리") or `/homework` invocation, analyze the current and linked previous sessions to extract 찐빠 (mistakes: rule violations, scope-creep, hallucinations, premature hypotheses, missed conventions, etc.), then report findings via `omcustom-feedback` with a mandatory user confirmation gate.
+
+This skill is the dedicated entry point for R011's "Session-End Retrospective Feedback (Model-Drafted)" pattern. It formalizes the retrospective workflow that produced issue #1266.
+
+## Usage
+
+```
+/homework                          # Analyze current session, report findings
+/homework --dry-run                # Analyze only, no omcustom-feedback invocation
+/homework --days 3                 # Include linked sessions from last N days
+/homework --severity high          # Filter to critical/high findings only
+```
+
+## Trigger Detection
+
+Activate when the user says any of:
+- "세션 정리" / "숙제" / "회고"
+- "homework" / "session cleanup" / "wrap up"
+- Explicit `/homework` invocation
+- Session-end signals: "끝", "종료", "마무리", "done", "end session"
+
+When activated as a session-end signal, this skill runs BEFORE sys-memory-keeper's MEMORY.md update (R011 session-end self-check order: homework → memory save).
+
+## Workflow
+
+### Phase 1: Trigger Parsing
+
+Parse arguments:
+- `--dry-run`: analyze only, skip Phase 5 (omcustom-feedback invocation)
+- `--days <n>`: extend linked-session search to last N days (default: 0 = current session only)
+- `--severity <level>`: filter output to this severity and above (default: all)
+
+### Phase 2: Session Gathering
+
+#### 2a. Current Session Transcript
+
+Attempt deterministic transcript extraction. Preferred sources (in order):
+
+1. **Grep for rule-violation markers** in the current conversation context:
+   - Safety classifier trip signals: `[Safety]`, `[R001]`, `[Warning]`, classifier denial messages
+   - Self-corrections: "sorry", "I made an error", "let me correct", "이전 답변 수정", "죄송합니다"
+   - Premature hypothesis signals: "I assume", "probably", "should be" followed by a contradiction in a later turn
+   - Interrupt + re-plan events: user corrections, "no", "wrong", "다시", "아니"
+
+2. **Transcript files** (CC v2.1.x session JSONL):
+   ```bash
+   find ~/.claude/projects -name "session-*.jsonl" -newer "$(date -v-1d +%Y-%m-%dT00:00:00)" 2>/dev/null | head -5
+   ```
+   Parse `type: "error"`, `type: "correction"`, `type: "feedback"` events.
+
+3. **Fallback**: Rely on the model's recall of the current conversation (impressionistic, lower confidence — mark findings as `[recall]` not `[transcript]`).
+
+#### 2b. Linked Previous Sessions (when `--days` > 0)
+
+Use the `episodic-memory` plugin's `search-conversations` / `episodic-memory:remembering-conversations` to retrieve sessions from the last N days linked to this project. Pass project directory as context.
+
+If `episodic-memory` is unavailable, scan JSONL files:
+```bash
+find ~/.claude/projects -name "session-*.jsonl" \
+  -newer "$(date -v-${DAYS}d +%Y-%m-%dT00:00:00)" 2>/dev/null
+```
+
+**R020 read-before-characterize**: Do NOT characterize a session's mistakes before reading it. Read the session transcript (or a representative sample) first, then characterize.
+
+### Phase 3: Mistake (찐빠) Analysis
+
+Categorize each finding with the following structure (mirror #1266 format):
+
+```
+찐빠 #N — [{severity}] {short title}
+├── 증상: {what was observed — cite evidence: session line ref or commit SHA}
+├── 근거: {transcript evidence or recall note — always read first per R020}
+├── 원인: {root cause — why did this happen?}
+├── 영향 규칙: {R0xx, R0yy — affected rule IDs}
+└── 제안: {concrete corrective action or harness change}
+```
+
+**Severity scale:**
+
+| Level | Criteria | Examples |
+|-------|----------|---------|
+| Critical | Safety classifier trip, credential exposure, scope-creep into privileged domains, working-tree loss | R001 violation, secret dump, unauthorized infra action |
+| High | Rule violation with downstream impact, hallucinated fact acted upon, premature hypothesis causing permanent change | R020 Parallel Read+Change, wrong root cause → wrong fix |
+| Medium | Process gap, missed convention, advisory rule ignored | R007 header missing, bypassPermissions omitted, count sync missed |
+| Low | Minor style drift, non-impactful oversight | honorific regression, ecomode token waste |
+
+**Mistake categories to look for:**
+
+| Category | Signals |
+|----------|---------|
+| Rule violations (R0xx) | Header missing (R007), tool prefix absent (R008), file write by orchestrator (R010), sequential when parallel required (R009) |
+| Scope-creep | Subagent task expanding beyond its named scope (R010 Subagent Scope-Creep STOP Protocol) |
+| Hallucinated facts | External UI fields stated as fact (R003 Unverifiable External Product UI), in-cluster hostnames, unverified URLs |
+| Premature hypotheses | Diagnosis before reading evidence (R020 Read-Before-Characterize), parallel Read+permanent-change dispatch (R020 Variant) |
+| Missed conventions | Count sync drift (3-way sync), template mirror omitted, bypassPermissions missing |
+| Over-claim completion | [Done] without verification (R020), test-skip masking failures |
+
+**Do NOT over-claim.** If evidence for a finding is weak or based on recall only, mark it `[recall, low-confidence]` and note what would be needed to confirm it. R020 read-before-characterize applies to this analysis itself.
+
+### Phase 4: Draft Feedback Issue
+
+Assemble a feedback issue in Korean using the #1266 format:
+
+```markdown
+**제목**: 세션 회고: {date} 세션 찐빠 {N}건 — {top finding title}
+
+**카테고리**: improvement
+
+**본문**:
+## 세션 회고 — {YYYY-MM-DD}
+
+### 개요
+총 {N}건의 찐빠가 발견되었습니다 (Critical: {c}, High: {h}, Medium: {m}, Low: {l}).
+
+### 찐빠 목록
+
+{찐빠 #1 ~ #N — structured format from Phase 3}
+
+### 하네스 제안 (있는 경우)
+{Concrete skill/rule/hook changes that would prevent recurrence}
+
+---
+*Generated by `/homework` skill (v0.1.0)*
+```
+
+If `--severity` filter is active, include only findings at or above the threshold. Note the filter in the issue body.
+
+If no findings are discovered, output:
+```
+[homework] 이번 세션에서 찐빠를 발견하지 못했습니다. (세션 정상 종료)
+```
+and skip Phase 5.
+
+### Phase 5: Report via omcustom-feedback (Phase 4A gate)
+
+**MUST go through the `omcustom-feedback` skill's Phase 4A preview + confirmation gate.**
+**NEVER auto-submit.** User approval is always required before any GitHub issue is created.
+
+Invoke the `omcustom-feedback` skill with the drafted issue content. The user will see a preview and must confirm before any GitHub issue is created.
+
+```
+[homework] 피드백 이슈 초안을 omcustom-feedback으로 전달합니다.
+아래 미리보기를 확인하고 제출 여부를 결정해 주세요.
+```
+
+If `--dry-run` is active, skip this phase and output the draft directly to the conversation instead.
+
+### Phase 6: Output Summary
+
+```
+[homework] 완료
+├── 분석: {N}건 찐빠 발견 (Critical: {c}, High: {h}, Medium: {m}, Low: {l})
+├── 제출: {이슈 URL | dry-run (미제출) | 사용자 취소}
+└── 다음 액션: {harness 제안 있으면 표시, 없으면 "없음"}
+```
+
+## Options Reference
+
+| Option | Default | Description |
+|--------|---------|-------------|
+| `--dry-run` | off | Analyze only, no omcustom-feedback invocation |
+| `--days <n>` | 0 | Include linked sessions from last N days (0 = current session only) |
+| `--severity <level>` | all | Filter findings to this level and above |
+
+## Rules & Cross-References
+
+| Rule | Relevance |
+|------|-----------|
+| R011 (SHOULD-memory-integration) | This skill is the dedicated entry point for "Session-End Retrospective Feedback (Model-Drafted)". Runs before sys-memory-keeper MEMORY.md update. |
+| R020 (MUST-completion-verification) | Analysis MUST read transcript evidence before characterizing a mistake. Do NOT characterize before reading (Read-Before-Characterize). Parallel Read + Permanent-Change Dispatch anti-pattern applies here too. |
+| R016 (MUST-continuous-improvement) | Genuine defects/process gaps → feedback issue. The /homework output feeds R016's continuous improvement loop. |
+| R010 (MUST-orchestrator-coordination) | Any file writes in this workflow must be delegated to subagents. This skill orchestrates, never directly writes except to `.claude/outputs/`. |
+| R001 (MUST-safety) | Analysis must not dump credential values, secrets, or PII. Reference sensitive items by name only. |
+
+## Related Skills
+
+| Skill | Relationship |
+|-------|-------------|
+| `omcustom-feedback` | Reporting channel (Phase 5). Model-invocable with Phase 4A confirmation gate. |
+| `instinct-extractor` | Cross-session failure-pattern mining (complements /homework's single-session focus). For multi-session patterns, run instinct-extractor after homework. |
+| `episodic-memory:search-conversations` | Cross-session retrieval for `--days` mode. |
+| `sys-memory-keeper` | Runs after /homework at session end (R011 order: homework → memory save). |
+
+## Artifact Output
+
+```
+.claude/outputs/sessions/{YYYY-MM-DD}/homework-{HHmmss}.md
+```
+
+If Phase 5 is skipped (`--dry-run`), the draft issue body is written to this artifact path for reference.
+
+## Permission Mode Note
+
+This skill does not spawn subagents directly. If future versions delegate analysis to subagents, ALL Agent tool calls MUST include `mode: "bypassPermissions"` per R010 Universal bypassPermissions.
+
+## Context Fork Note
+
+This skill does NOT use `context: fork`. The fork cap is at 10/12; homework is a single-agent orchestration skill and does not require a forked context.
+
+## Limitations
+
+- **Transcript availability**: CC `session-*.jsonl` schema may change; Phase 2a source (1) grep is more resilient than JSONL parsing.
+- **Recall accuracy**: When transcript files are unavailable, findings are marked `[recall]` and confidence is lower.
+- **episodic-memory dependency**: `--days` mode degrades gracefully when the plugin is unavailable (falls back to JSONL scan).
+- **Scope**: This skill analyzes session behavior, not code quality. For code-quality retrospectives, use `dev-review` or `adversarial-review`.

package/templates/.claude/skills/skill-extractor/SKILL.md

@@ -128,6 +128,36 @@ Delegate to mgr-creator with the proposal context:
 
 mgr-creator handles: SKILL.md creation, template sync, ontology registration.
 
+## Selection Discipline (evidence-gated)
+
+Before proposing a SKILL candidate, apply this gate. Default to NOT creating a new skill — prefer strengthening an existing skill/rule.
+
+### Evidence Hierarchy
+
+Rank supporting evidence; only direct, repeated success qualifies:
+
+| Tier | Evidence | Action |
+|------|----------|--------|
+| 1 Direct | Pattern executed successfully ≥2 times in observed trajectories | Eligible to propose |
+| 2 Inferred | Pattern plausible but observed once | Hold — do not propose yet |
+| 3 Speculative | Pattern imagined from a single description | Reject |
+
+### 4-Criteria Selection Gate
+
+A pattern becomes a candidate only if ALL four hold:
+
+1. Reusable across ≥2 distinct contexts (not one-off)
+2. Non-trivial — encodes real workflow knowledge, not a single command
+3. Not already covered by an existing skill (run an overlap check first)
+4. Demonstrated success ≥2 times (Evidence Hierarchy tier 1)
+
+### Two-Phase Restraint
+
+- **Phase 1 (broad)**: collect all repeated patterns as raw candidates.
+- **Phase 2 (restrain)**: filter through the 4-criteria gate. Default to NOT creating a skill; prefer strengthening an existing skill/rule over spawning a new one.
+
+> Borrowed from /scout #1268 (evidence-hierarchy + selection gate + two-phase restraint). Reference: issue #1268.
+
 ## Integration
 
 | System | How |

package/templates/CLAUDE.md

@@ -116,7 +116,7 @@ project/
 +-- CLAUDE.md                    # 진입점
 +-- .claude/
 |   +-- agents/                  # 서브에이전트 정의 (49 파일)
-|   +-- skills/                  # 스킬 (115 디렉토리)
+|   +-- skills/                  # 스킬 (116 디렉토리)
 |   +-- rules/                   # 전역 규칙 (R000-R023)
 |   +-- hooks/                   # 훅 스크립트 (보안, 검증, HUD)
 |   +-- contexts/                # 컨텍스트 파일 (ecomode)

package/templates/guides/claude-code/15-version-compatibility.md

@@ -1082,6 +1082,28 @@ Claude가 스스로 판단할 수 있는 상황에서는 multiple-choice prompt
 
 ---
 
+## v2.1.158 (2026-05-30)
+
+### oh-my-customcode 영향
+
+| 변경 | 영향 | 적용 |
+|------|------|------|
+| Auto mode가 Bedrock/Vertex/Foundry에서 Opus 4.7/4.8 지원 (`CLAUDE_CODE_ENABLE_AUTO_MODE=1`) | 멀티 클라우드 백엔드에서 auto 모드 사용 가능 | R006 permissionMode `auto` — 백엔드 무관 동작 |
+
+## v2.1.157 (2026-05-29)
+
+### oh-my-customcode 영향
+
+| 변경 | 영향 | 적용 |
+|------|------|------|
+| `.claude/skills` 디렉토리 플러그인 자동 로드 (마켓플레이스 불필요) | 내부 스킬 배포 단순화 | 외부 의존성 설치 절차 간소화 가능 |
+| `claude plugin init <name>` 스캐폴딩 추가 | 신규 플러그인 생성 도구 | mgr-creator 워크플로우 보완 |
+| `settings.json` `agent` 필드가 dispatched session에서 honored (`--agent` override) | 메인 스레드 에이전트 지정 가능 | R006 main-thread agent 참조 |
+| `EnterWorktree` 세션 중 Claude-managed worktree 간 전환 | 워크트리 격리 작업 유연성 | R006 worktree isolation 참조 |
+| `tool_decision` telemetry에 `tool_parameters` 포함 (`OTEL_LOG_TOOL_DETAILS=1`) | bash/MCP/skill 파라미터 추적 가능 | R012 monitoring + monitoring-setup 스킬 참조 |
+| Claude-managed worktree 종료 시 자동 unlock (`git worktree remove/prune` 가능) | 워크트리 정리 자동화 | R006 worktree 참조 |
+| 다수 버그 수정 (이미지 처리, sandbox 권한, `claude agents` 세션, `--resume`) | 안정성 향상 | 영향 없음 |
+
 ## v2.1.156 (2026-05-29) — 호환성 점검
 
 > Issue: #1245 — CC v2.1.156 tracking

package/templates/manifest.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.160.0",
+  "version": "0.162.0",
   "lastUpdated": "2026-05-20T00:00:00.000Z",
   "omcustomMinClaudeCode": "2.1.121",
   "omcustomMinClaudeCodeReason": "Sensitive-path direct Write/Edit on .claude/** under bypassPermissions (R010 deprecation, #1101)",
@@ -20,7 +20,7 @@
       "name": "skills",
       "path": ".claude/skills",
       "description": "Reusable skill modules (includes slash commands)",
-      "files": 115
+      "files": 116
     },
     {
       "name": "guides",