oh-my-customcode 0.99.2 → 0.100.0

package/README.md

@@ -13,7 +13,7 @@
 
 **[한국어 문서 (Korean)](./README_ko.md)**
 
-48 agents. 107 skills. 22 rules. One command.
+48 agents. 109 skills. 22 rules. One command.
 
 ```bash
 npm install -g oh-my-customcode && cd your-project && omcustom init
@@ -132,7 +132,7 @@ Each agent declares its tools, model, memory scope, and limitations in YAML fron
 
 ---
 
-### Skills (107)
+### Skills (109)
 
 | Category | Count | Includes |
 |----------|-------|----------|
@@ -272,7 +272,7 @@ your-project/
 ├── CLAUDE.md                   # Entry point
 ├── .claude/
 │   ├── agents/                 # 48 agent definitions
-│   ├── skills/                 # 107 skill modules
+│   ├── skills/                 # 109 skill modules
 │   ├── rules/                  # 22 governance rules (R000-R021)
 │   ├── hooks/                  # 15 lifecycle hook scripts
 │   ├── schemas/                # Tool input validation schemas

package/dist/cli/index.js

@@ -2334,7 +2334,7 @@ var init_package = __esm(() => {
     workspaces: [
       "packages/*"
     ],
-    version: "0.99.2",
+    version: "0.100.0",
     description: "Batteries-included agent harness for Claude Code",
     type: "module",
     bin: {

package/dist/index.js

@@ -2014,7 +2014,7 @@ var package_default = {
   workspaces: [
     "packages/*"
   ],
-  version: "0.99.2",
+  version: "0.100.0",
   description: "Batteries-included agent harness for Claude Code",
   type: "module",
   bin: {

package/package.json

@@ -3,7 +3,7 @@
   "workspaces": [
     "packages/*"
   ],
-  "version": "0.99.2",
+  "version": "0.100.0",
   "description": "Batteries-included agent harness for Claude Code",
   "type": "module",
   "bin": {

package/templates/.claude/skills/pre-generation-arch-check/SKILL.md

@@ -0,0 +1,115 @@
+---
+name: pre-generation-arch-check
+description: Pre-generation architecture check — detect R006 separation-of-concerns and compilation metaphor violations before code generation begins
+scope: core
+user-invocable: false
+version: 1.0.0
+---
+
+# Pre-Generation Architecture Check
+
+AASM-inspired pre-generation architecture guard. Detects design violations before code generation (the "pre-compile lint" phase), complementing adversarial-review and deep-verify which operate post-generation.
+
+## Overview
+
+This skill fills the PRE-generation gap in the verification pipeline:
+
+| Phase | Skill | When |
+|-------|-------|------|
+| Pre-generation | **pre-generation-arch-check** | Before code is written |
+| Post-generation | adversarial-review | After code is written |
+| Post-generation | deep-verify | After changes are committed |
+
+Inspired by Contexty's AASM (AI Anti-pattern Severity Matrix) mechanism. Detects when a requested change might violate:
+- R006 separation of concerns (agents vs skills vs guides)
+- Compilation metaphor boundaries (source/build/spec/linker/stdlib)
+- R010 orchestrator delegation rules
+- Protected path rules (.claude/agents/, .claude/skills/, guides/)
+
+## Input
+
+- **Request summary**: What the user or pipeline is asking to generate
+- **Target files/paths**: Where changes will be made
+
+## Processing — Anti-Pattern Detection
+
+Check for each of the following anti-patterns against the request summary and target paths:
+
+### 1. Skill-in-Agent (WARN)
+An agent file (`.claude/agents/*.md`) body contains detailed step-by-step instructions, scripts, or workflow logic that belongs in a skill file.
+- **Signal**: Agent body exceeds ~50 lines OR contains code blocks / numbered step sequences
+- **Suggestion**: Extract instructions into `.claude/skills/{name}/SKILL.md`, reference from agent `skills:` frontmatter
+
+### 2. Agent-in-Skill (WARN)
+A skill file contains agent configuration fields (`model:`, `tools:`, `memory:`, `permissionMode:`).
+- **Signal**: Proposed skill SKILL.md frontmatter contains agent-only fields
+- **Suggestion**: Move agent configuration to `.claude/agents/{name}.md`; keep skill focused on instructions
+
+### 3. Guide-in-Skill (WARN)
+A skill file contains reference documentation, best-practices tutorials, or conceptual explanations that belong in `guides/`.
+- **Signal**: Proposed SKILL.md body contains "## Background", "## Concepts", or sections > 100 lines of prose
+- **Suggestion**: Move reference content to `guides/{topic}/`, link from skill
+
+### 4. Cross-Concern Write Without mgr-creator (BLOCK)
+A single atomic change spans two or more of: `.claude/agents/`, `.claude/skills/`, `guides/` — without routing through mgr-creator.
+- **Signal**: Target paths include files in 2+ protected directories in the same request
+- **Suggestion**: Route the request through mgr-creator (R010 protected path rule)
+
+### 5. Direct Orchestrator Write (BLOCK)
+An implementation step would have the orchestrator (main conversation) directly write or edit files, bypassing subagent delegation.
+- **Signal**: Request implies "I will write X" from orchestrator context rather than "delegate to specialist"
+- **Suggestion**: Delegate file writes to appropriate specialist agent per R010 delegation table
+
+### 6. Spec-Build Confusion (WARN)
+Rules (`.claude/rules/`) are being modified in the same atomic change as source code or agent/skill files.
+- **Signal**: Target paths include both `.claude/rules/*.md` and any code or `.claude/agents/` or `.claude/skills/` files
+- **Suggestion**: Separate rule updates (spec changes) from agent/skill/code changes (build changes) into distinct commits
+
+## Output Format
+
+When no violations are detected:
+
+```
+[ARCH-CHECK] No violations detected — proceed with generation
+```
+
+When violations are detected:
+
+```
+[ARCH-WARNING] {count} potential violation(s) detected:
+├── {pattern-name} ({severity}): {description}
+│   └── Suggestion: {fix}
+├── {pattern-name} ({severity}): {description}
+│   └── Suggestion: {fix}
+```
+
+## Severity Levels
+
+| Severity | Action |
+|----------|--------|
+| WARN | Advisory — proceed with caution, note in generation plan |
+| BLOCK | Halt — requires architectural redesign before proceeding |
+
+BLOCK violations must be resolved before generation continues. WARN violations are logged and surfaced to the user but do not halt execution (consistent with R021 advisory-first enforcement model).
+
+## Integration
+
+Auto-invoked at structured-dev-cycle Phase 1 (planning phase) before any file generation begins.
+
+This skill is advisory only — it does NOT hard-block execution. This is consistent with R021's advisory-first enforcement model. Future promotion to a PreToolUse hook is possible if violation rates warrant escalation.
+
+Invocation pattern:
+```
+[structured-dev-cycle Phase 1]
+  → pre-generation-arch-check
+    → returns [ARCH-CHECK] or [ARCH-WARNING]
+  → continue to Phase 2 (generation) with findings surfaced
+```
+
+## Cross-References
+
+- `.claude/rules/MUST-agent-design.md` (R006) — separation of concerns
+- `.claude/rules/MUST-orchestrator-coordination.md` (R010) — protected paths and delegation
+- `.claude/skills/adversarial-review/` — post-generation security counterpart
+- `.claude/skills/deep-verify/` — post-generation quality counterpart
+- Source concept: Contexty AASM (https://github.com/ttalkkak-lab/opencode-contexty)

package/templates/.claude/skills/token-efficiency-audit/SKILL.md

@@ -0,0 +1,242 @@
+---
+name: token-efficiency-audit
+description: Three-layer token defense stack — audit current settings, apply safe/CI levers, and monitor status
+scope: package
+user-invocable: true
+argument-hint: "[audit|apply-interactive|apply-ci|status]"
+version: 1.0.0
+---
+
+# Token Efficiency Audit Skill
+
+Layer 3 of the three-layer token defense stack. Audits current Claude Code settings against the token efficiency lever reference table, applies safe interactive levers, and reports combined layer status.
+
+Reference guide: `guides/claude-code/14-token-efficiency.md`
+
+## Three-Layer Stack
+
+```
+┌─────────────────────────────────────────────────────────────────┐
+│  Layer 1: cc-token-saver (CACHE DEFENSE)                        │
+│  Before session — protect prompt cache TTL from idle expiry     │
+├─────────────────────────────────────────────────────────────────┤
+│  Layer 2: R013 Ecomode (RUNTIME COMPRESSION)                    │
+│  During session — compact output, aggregate results, prune input│
+├─────────────────────────────────────────────────────────────────┤
+│  Layer 3: token-efficiency-audit (PRE-SESSION PREVENTION)       │
+│  Config time — disable injections before they happen            │
+└─────────────────────────────────────────────────────────────────┘
+```
+
+Each layer is independently deployable and non-overlapping. Layer 3 (this skill) operates at config time — it prevents overhead from ever entering the context window.
+
+## Modes
+
+### audit (default)
+
+1. Read `.claude/settings.json` (project-level, git-tracked)
+2. Read `.claude/settings.local.json` (local, not git-tracked)
+3. Check each lever from the Interactive Session Levers table in the guide:
+   - `includeGitInstructions`
+   - `autoConnectIde`
+   - `attribution.commit`
+   - `attribution.pr`
+   - `env.BASH_MAX_OUTPUT_LENGTH`
+   - `env.CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENS`
+   - `env.MAX_MCP_OUTPUT_TOKENS`
+4. Output a table:
+
+```
+[Token Efficiency Audit]
+Reference: guides/claude-code/14-token-efficiency.md (CC v2.1.114+)
+
+| Lever                               | Current     | Recommended | Gap    | Location              |
+|-------------------------------------|-------------|-------------|--------|-----------------------|
+| includeGitInstructions              | true        | false       | ⚠ SET  | settings.json         |
+| autoConnectIde                      | true        | false       | ⚠ SET  | settings.json         |
+| attribution.commit                  | auto text   | ""          | ⚠ SET  | settings.json         |
+| attribution.pr                      | auto text   | ""          | ⚠ SET  | settings.json         |
+| BASH_MAX_OUTPUT_LENGTH              | unlimited   | 15000       | ⚠ SET  | settings.local.json   |
+| CLAUDE_CODE_FILE_READ_MAX_OUTPUT... | unlimited   | 8000        | ⚠ SET  | settings.local.json   |
+| MAX_MCP_OUTPUT_TOKENS               | unlimited   | 8000        | ⚠ SET  | settings.local.json   |
+
+Run /token-efficiency-audit apply-interactive to apply all safe levers.
+```
+
+Gap column values:
+- `OK` — already at recommended value
+- `⚠ SET` — currently at default, recommended change available
+- `CUSTOM` — non-default value that differs from recommendation (display actual value)
+
+### apply-interactive
+
+Applies Interactive Session Levers only (safe for development use).
+
+1. Read `.claude/settings.json` and `.claude/settings.local.json` (create if not exists)
+2. Apply to `settings.json`:
+   ```json
+   {
+     "includeGitInstructions": false,
+     "autoConnectIde": false,
+     "attribution": {
+       "commit": "",
+       "pr": ""
+     }
+   }
+   ```
+3. Apply to `settings.local.json` (env block):
+   ```json
+   {
+     "env": {
+       "BASH_MAX_OUTPUT_LENGTH": "15000",
+       "CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENS": "8000",
+       "MAX_MCP_OUTPUT_TOKENS": "8000"
+     }
+   }
+   ```
+4. Preserve all existing settings (merge, do not overwrite unrelated keys)
+5. Report applied changes:
+   ```
+   [Done] Interactive levers applied
+
+   settings.json:
+     includeGitInstructions: true → false
+     autoConnectIde: true → false
+     attribution.commit: (auto) → ""
+     attribution.pr: (auto) → ""
+
+   settings.local.json:
+     BASH_MAX_OUTPUT_LENGTH: (none) → 15000
+     CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENS: (none) → 8000
+     MAX_MCP_OUTPUT_TOKENS: (none) → 8000
+
+   Note: settings.json is git-tracked. Commit if appropriate.
+   Takes effect on next claude session restart.
+   ```
+
+### apply-ci
+
+Applies CI/Worker-Only Levers. These disable core oh-my-customcode functionality.
+
+**R001 Risk: HIGH** — Display this warning prominently BEFORE applying:
+
+```
+⚠ WARNING — CI/WORKER LEVERS
+
+These settings disable core oh-my-customcode functionality:
+  • CLAUDE_CODE_DISABLE_CLAUDE_MDS=1  → ALL rules and routing offline (R010 disabled)
+  • CLAUDE_AGENT_SDK_DISABLE_BUILTIN_AGENTS=1 → All 48 agents unavailable
+  • ENABLE_CLAUDEAI_MCP_SERVERS=false → MCP-dependent skills unavailable
+  • CLAUDE_CODE_DISABLE_AUTO_MEMORY=1 → No persistent memory across sessions
+
+Only use for CI/worker pipelines. Never apply to interactive development sessions.
+
+Type "yes" to confirm, or anything else to cancel:
+```
+
+1. Require explicit user confirmation ("yes") before proceeding
+2. On confirmation, apply to `settings.local.json`:
+   ```json
+   {
+     "env": {
+       "CLAUDE_CODE_DISABLE_CLAUDE_MDS": "1",
+       "CLAUDE_AGENT_SDK_DISABLE_BUILTIN_AGENTS": "1",
+       "ENABLE_CLAUDEAI_MCP_SERVERS": "false",
+       "CLAUDE_CODE_DISABLE_AUTO_MEMORY": "1"
+     }
+   }
+   ```
+3. Report:
+   ```
+   [Done] CI/Worker levers applied to settings.local.json
+
+   This file is NOT git-tracked.
+   To undo: remove the four env keys or run /token-efficiency-audit status
+   ```
+4. On cancellation: `[Cancelled] No changes made.`
+
+### status
+
+Reports current state of all three layers.
+
+1. Check Layer 1 — cc-token-saver:
+   - Check if plugin is present (look for cc-token-saver in `.claude/` plugin config or known plugin markers)
+   - Report: Installed / Not installed
+2. Check Layer 2 — R013 Ecomode:
+   - Read `.claude/settings.json` for ecomode config
+   - Report: threshold, result_format, max_result_length if set; otherwise "auto-threshold (4 tasks)"
+3. Check Layer 3 — Settings levers:
+   - Run the same lever checks as `audit` mode
+   - Summarize: N/7 levers at recommended values
+4. Check OTel availability:
+   - Look for `CLAUDE_CODE_ENABLE_TELEMETRY` in settings
+   - If present: report "OTel enabled — use /monitoring-setup status for metrics"
+5. Output:
+
+```
+[Token Efficiency Status]
+
+Layer 1: cc-token-saver    ✓ Installed / ✗ Not installed
+Layer 2: R013 Ecomode      ✓ Active (threshold: 4) / ✗ Not configured
+Layer 3: Settings levers   4/7 at recommended
+
+Layer 3 details:
+  includeGitInstructions: false ✓
+  autoConnectIde: true ⚠
+  attribution.commit: "" ✓
+  attribution.pr: "" ✓
+  BASH_MAX_OUTPUT_LENGTH: 15000 ✓
+  CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENS: unlimited ⚠
+  MAX_MCP_OUTPUT_TOKENS: unlimited ⚠
+
+Run /token-efficiency-audit apply-interactive to fix ⚠ levers.
+OTel: not enabled — run /monitoring-setup enable to measure effectiveness.
+```
+
+## Codex Levers
+
+When Codex CLI is in use (detected by presence of `~/.codex/config.toml`):
+
+Recommended settings in `config.toml`:
+```toml
+[features]
+apps = false
+
+[apps._default]
+enabled = false
+
+web_search = "disabled"
+
+tool_output_token_limit = 10000
+```
+
+Non-interactive Codex CLI flag reference: `guides/claude-code/13-cli-flags.md`
+
+## Guardrails
+
+### The Re-Call Trap
+
+Setting output limits too low forces repeated re-call loops — the model issues `tail -n 50 output.txt` or re-reads files in chunks, costing more tokens than the original uncapped output.
+
+**Enforce these minimum floors (never go below):**
+
+| Variable | Safe minimum | Recommended |
+|----------|-------------|-------------|
+| `BASH_MAX_OUTPUT_LENGTH` | 10000 | 15000 |
+| `CLAUDE_CODE_FILE_READ_MAX_OUTPUT_TOKENS` | 4000 | 8000 |
+| `MAX_MCP_OUTPUT_TOKENS` | 4000 | 8000 |
+| Codex `tool_output_token_limit` | 5000 | 10000 |
+
+If a user requests values below these floors, warn them of the re-call trap risk before applying.
+
+### Version Drift
+
+Settings defaults change with minor CC version releases. After each upgrade, re-run `/token-efficiency-audit audit` to verify active defaults. Reference baseline: CC v2.1.114+ / Codex v0.121.0+.
+
+## Cross-References
+
+- `guides/claude-code/14-token-efficiency.md` — Full three-layer stack guide and lever table
+- `.claude/rules/SHOULD-ecomode.md` (R013) — Layer 2 specification
+- `.claude/skills/monitoring-setup/SKILL.md` — Measure effectiveness via OTel metrics
+- `guides/cc-token-saver/README.md` — Layer 1 detailed guide
+- `guides/claude-code/13-cli-flags.md` — Non-interactive/CI CLI flags

package/templates/CLAUDE.md

@@ -114,7 +114,7 @@ project/
 +-- CLAUDE.md                    # 진입점
 +-- .claude/
 |   +-- agents/                  # 서브에이전트 정의 (48 파일)
-|   +-- skills/                  # 스킬 (107 디렉토리)
+|   +-- skills/                  # 스킬 (109 디렉토리)
 |   +-- rules/                   # 전역 규칙 (R000-R022)
 |   +-- hooks/                   # 훅 스크립트 (보안, 검증, HUD)
 |   +-- contexts/                # 컨텍스트 파일 (ecomode)

package/templates/manifest.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.99.2",
+  "version": "0.100.0",
   "lastUpdated": "2026-04-18T00:00:00.000Z",
   "components": [
     {
@@ -18,7 +18,7 @@
       "name": "skills",
       "path": ".claude/skills",
       "description": "Reusable skill modules (includes slash commands)",
-      "files": 107
+      "files": 109
     },
     {
       "name": "guides",