oh-my-customcode 0.161.0 → 0.162.0

package/dist/cli/index.js

@@ -2334,7 +2334,7 @@ var init_package = __esm(() => {
     workspaces: [
       "packages/*"
     ],
-    version: "0.161.0",
+    version: "0.162.0",
     description: "Batteries-included agent harness for Claude Code",
     type: "module",
     bin: {

package/dist/index.js

@@ -2031,7 +2031,7 @@ var package_default = {
   workspaces: [
     "packages/*"
   ],
-  version: "0.161.0",
+  version: "0.162.0",
   description: "Batteries-included agent harness for Claude Code",
   type: "module",
   bin: {

package/package.json

@@ -3,7 +3,7 @@
   "workspaces": [
     "packages/*"
   ],
-  "version": "0.161.0",
+  "version": "0.162.0",
   "description": "Batteries-included agent harness for Claude Code",
   "type": "module",
   "bin": {

package/templates/.claude/rules/MUST-completion-verification.md

@@ -196,6 +196,20 @@ triage-dispatch.yml 실패 원인을 파일 Read 전에 "triaged 라벨 부재 +
 
 Origin: #1266 ④.
 
+### Degraded-Output Re-Verification Gate (529 / buffering)
+
+When tool outputs show degradation signs — 529 errors, duplicated or truncated output, or a Read returning empty on a file that is known non-empty — you MUST re-verify any fact via a deterministic second source BEFORE any destructive or permanent action (recovery-agent dispatch, issue edit, commit, file restore). Do NOT characterize state ("corruption", "오염", "loop") from a single degraded read.
+
+| Anti-pattern | Required |
+|--------------|----------|
+| Dispatch a recovery agent off a single 529-buffered read | Re-run a minimal deterministic check (`wc -c`, single-field `gh ... view`, `head`) and confirm before acting |
+| Declare a file "corrupted/오염" from one empty Read | Confirm byte count / content via an independent command first |
+
+#### Common Violation (#1269 ①)
+Session 106: during 529 buffering, a CHANGELOG was misdiagnosed as "61x 중복 오염" from buffered output and a recovery agent was dispatched — a self-violation of the same-session Read-Before-Characterize rule (#1266 ④). Deterministic count re-verification showed the file was clean. The 529 gate makes the re-verification mandatory, not advisory.
+
+Origin: #1269 ① (R020 self-violation, session 106).
+
 ## Integration
 
 | Rule | Interaction |

package/templates/.claude/rules/MUST-continuous-improvement.md

@@ -37,6 +37,8 @@ Update the relevant rule rather than just acknowledging the violation.
 
 **Skill Promotion**: feedback memory가 동일 패턴으로 3회 이상 반복되면 "failure pattern"으로 승격. skill-extractor의 `--mode failure` 플래그로 스킬 후보 분석 가능 (Skillify 내재화, #972).
 
+> **Quantitative threshold (clarified, #1268)**: candidacy begins at **≥2 occurrences** (propose a candidate via skill-extractor's 4-criteria gate); confirmed promotion to a tracked failure pattern requires **≥3 occurrences**. The ≥2 candidacy tier feeds skill-extractor Phase 1; the ≥3 tier gates actual skill creation. See `skill-extractor` Selection Discipline.
+
 When CI failure, process gap, or repeatable system defect is found:
 1. Record feedback memory (defend current session)
 2. Register GitHub issue (trackable improvement item)

package/templates/.claude/rules/MUST-orchestrator-coordination.md

@@ -313,6 +313,9 @@ Before delegating a task to a subagent, MUST verify the target agent's tool capa
 | `Read` external files | `tools:` includes Read |
 | `Write` files | `tools:` includes Write (and target path not in `disallowedTools` scope) |
 | MCP server calls | `mcpServers:` includes the required server |
+| Task targets a specific file path | The path EXISTS (`Glob`/`ls`) — capability check alone does not catch a missing/renamed file |
+
+> **Path existence ≠ tool capability (#1269 ③)**: the pre-check above verifies the agent HAS Read/Write/Bash, but not that the target path actually exists. Delegating a read/write to a missing or renamed path causes the same round-trip waste the capability pre-check is meant to prevent. Verify path existence (Glob/ls) before delegating path-specific work.
 
 ### Known Limitations (Active Cache)
 

package/templates/.claude/rules/SHOULD-verification-ladder.md

@@ -88,6 +88,21 @@ Workflow/agent prompts MUST be fully assembled into the prompt string **before**
 |--------------|----------|
 | `const r = await agent(prompt) + FACTS` | `const r = await agent(prompt + FACTS)` — assemble first |
 
+### Workflow Script Sanity Check
+
+Before invoking a Workflow script, deterministically verify:
+
+| Check | Why |
+|-------|-----|
+| No unresolved placeholders (`{phase1_summary}`, `TODO`, `<...>`, `{{ }}`) remain in any agent prompt string | An unfilled placeholder reaches the agent verbatim → garbled task |
+| Template-literal / string concatenation produces the intended prompt (assemble-before-call, see above) | Post-call concatenation (`agent(prompt) + FACTS`) silently drops content |
+| Script parses — balanced braces/quotes, valid JS | A syntax error aborts the entire run after partial work |
+
+#### Common Violation (#1271)
+Session 106 follow-up to #1266 ③: a Workflow authoring error recurred — the guardrail fact-sheet was concatenated onto the agent's RETURN VALUE instead of the prompt string, and a placeholder/assembly slip went uncaught because no pre-run sanity check existed. This check is the deterministic Tier-1 guard that catches such slips before the expensive run.
+
+Origin: #1271 (Workflow authoring error recurrence, session 106).
+
 ### Verifier Ground-Truth for Cross-Cutting Facts
 
 Cross-cutting facts not verifiable from the primary source (external URLs, in-cluster DNS/hostnames, infra topology) MUST be supplied to the verifier as explicit ground-truth. Otherwise an adversarial verifier cannot distinguish a hallucinated value from a correct one — a verification blind spot.

package/templates/.claude/skills/skill-extractor/SKILL.md

@@ -128,6 +128,36 @@ Delegate to mgr-creator with the proposal context:
 
 mgr-creator handles: SKILL.md creation, template sync, ontology registration.
 
+## Selection Discipline (evidence-gated)
+
+Before proposing a SKILL candidate, apply this gate. Default to NOT creating a new skill — prefer strengthening an existing skill/rule.
+
+### Evidence Hierarchy
+
+Rank supporting evidence; only direct, repeated success qualifies:
+
+| Tier | Evidence | Action |
+|------|----------|--------|
+| 1 Direct | Pattern executed successfully ≥2 times in observed trajectories | Eligible to propose |
+| 2 Inferred | Pattern plausible but observed once | Hold — do not propose yet |
+| 3 Speculative | Pattern imagined from a single description | Reject |
+
+### 4-Criteria Selection Gate
+
+A pattern becomes a candidate only if ALL four hold:
+
+1. Reusable across ≥2 distinct contexts (not one-off)
+2. Non-trivial — encodes real workflow knowledge, not a single command
+3. Not already covered by an existing skill (run an overlap check first)
+4. Demonstrated success ≥2 times (Evidence Hierarchy tier 1)
+
+### Two-Phase Restraint
+
+- **Phase 1 (broad)**: collect all repeated patterns as raw candidates.
+- **Phase 2 (restrain)**: filter through the 4-criteria gate. Default to NOT creating a skill; prefer strengthening an existing skill/rule over spawning a new one.
+
+> Borrowed from /scout #1268 (evidence-hierarchy + selection gate + two-phase restraint). Reference: issue #1268.
+
 ## Integration
 
 | System | How |

package/templates/manifest.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.161.0",
+  "version": "0.162.0",
   "lastUpdated": "2026-05-20T00:00:00.000Z",
   "omcustomMinClaudeCode": "2.1.121",
   "omcustomMinClaudeCodeReason": "Sensitive-path direct Write/Edit on .claude/** under bypassPermissions (R010 deprecation, #1101)",