oh-my-customcode 1.1.0 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. package/dist/cli/index.js +1 -1
  2. package/dist/index.js +1 -1
  3. package/package.json +1 -1
  4. package/templates/.claude/agents/mgr-gitnerd.md +1 -1
  5. package/templates/.claude/agents/slack-cli-expert.md +1 -1
  6. package/templates/.claude/agents/wiki-curator.md +4 -4
  7. package/templates/.claude/rules/MUST-agent-design.md +4 -2
  8. package/templates/.claude/rules/MUST-orchestrator-coordination.md +1 -1
  9. package/templates/.claude/rules/MUST-sync-verification.md +12 -0
  10. package/templates/.claude/rules/SHOULD-verification-ladder.md +8 -0
  11. package/templates/.claude/rules/index.yaml +40 -0
  12. package/templates/.claude/skills/action-validator/SKILL.md +6 -7
  13. package/templates/.claude/skills/adaptive-harness/SKILL.md +6 -7
  14. package/templates/.claude/skills/agent-eval-framework/SKILL.md +4 -5
  15. package/templates/.claude/skills/de-lead-routing/SKILL.md +2 -2
  16. package/templates/.claude/skills/deep-plan/SKILL.md +8 -13
  17. package/templates/.claude/skills/deep-verify/SKILL.md +2 -3
  18. package/templates/.claude/skills/dev-lead-routing/SKILL.md +2 -2
  19. package/templates/.claude/skills/dev-review/SKILL.md +4 -5
  20. package/templates/.claude/skills/docker-best-practices/SKILL.md +0 -2
  21. package/templates/.claude/skills/hada-scout/SKILL.md +1 -1
  22. package/templates/.claude/skills/harness-eval/SKILL.md +3 -7
  23. package/templates/.claude/skills/harness-synthesizer/SKILL.md +3 -7
  24. package/templates/.claude/skills/help/SKILL.md +5 -8
  25. package/templates/.claude/skills/lists/SKILL.md +26 -25
  26. package/templates/.claude/skills/monitoring-setup/SKILL.md +4 -1
  27. package/templates/.claude/skills/post-release-followup/SKILL.md +2 -8
  28. package/templates/.claude/skills/professor-triage/SKILL.md +10 -14
  29. package/templates/.claude/skills/qa-lead-routing/SKILL.md +2 -2
  30. package/templates/.claude/skills/reasoning-sandwich/SKILL.md +9 -9
  31. package/templates/.claude/skills/research/SKILL.md +2 -8
  32. package/templates/.claude/skills/result-aggregation/SKILL.md +2 -8
  33. package/templates/.claude/skills/roundtable-debate/SKILL.md +6 -8
  34. package/templates/.claude/skills/sauron-watch/SKILL.md +1 -1
  35. package/templates/.claude/skills/secretary-routing/SKILL.md +2 -2
  36. package/templates/.claude/skills/skill-extractor/SKILL.md +2 -8
  37. package/templates/.claude/skills/spark-best-practices/SKILL.md +1 -1
  38. package/templates/.claude/skills/status/SKILL.md +11 -16
  39. package/templates/.claude/skills/token-efficiency-audit/SKILL.md +1 -1
  40. package/templates/.claude/skills/wiki/SKILL.md +1 -1
  41. package/templates/.claude/skills/wiki-rag/SKILL.md +1 -1
  42. package/templates/guides/airflow/README.md +8 -8
  43. package/templates/guides/alembic/README.md +1 -1
  44. package/templates/guides/cc-token-saver/README.md +14 -0
  45. package/templates/guides/claude-code/03-tools.md +1 -1
  46. package/templates/guides/claude-code/06-mcp.md +1 -1
  47. package/templates/guides/claude-code/11-sub-agents.md +4 -4
  48. package/templates/guides/claude-code/13-cli-flags.md +1 -0
  49. package/templates/guides/claude-code/15-version-compatibility.md +4 -2
  50. package/templates/guides/claude-code/index.yaml +15 -0
  51. package/templates/guides/claude-code-tracking.md +2 -2
  52. package/templates/guides/deep-plan/phases.md +7 -9
  53. package/templates/guides/external-tools/ecc-absorption-decisions.md +2 -2
  54. package/templates/guides/external-tools/graphify-integration.md +1 -1
  55. package/templates/guides/git-worktree-workflow/README.md +1 -1
  56. package/templates/guides/index.yaml +1 -1
  57. package/templates/guides/multi-model-routing/README.md +7 -2
  58. package/templates/guides/professor-triage/README.md +2 -2
  59. package/templates/guides/professor-triage/phases.md +3 -14
  60. package/templates/manifest.json +2 -2
package/dist/cli/index.js CHANGED
@@ -241,7 +241,7 @@ var init_package = __esm(() => {
241
241
  workspaces: [
242
242
  "packages/*"
243
243
  ],
244
- version: "1.1.0",
244
+ version: "1.1.2",
245
245
  description: "Batteries-included agent harness for Claude Code",
246
246
  type: "module",
247
247
  bin: {
package/dist/index.js CHANGED
@@ -2031,7 +2031,7 @@ var package_default = {
2031
2031
  workspaces: [
2032
2032
  "packages/*"
2033
2033
  ],
2034
- version: "1.1.0",
2034
+ version: "1.1.2",
2035
2035
  description: "Batteries-included agent harness for Claude Code",
2036
2036
  type: "module",
2037
2037
  bin: {
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "workspaces": [
4
4
  "packages/*"
5
5
  ],
6
- "version": "1.1.0",
6
+ "version": "1.1.2",
7
7
  "description": "Batteries-included agent harness for Claude Code",
8
8
  "type": "module",
9
9
  "bin": {
@@ -33,7 +33,7 @@ You are a Git operations specialist following GitHub flow best practices.
33
33
  ```
34
34
  <type>(<scope>): <subject>
35
35
 
36
- Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
36
+ Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
37
37
  ```
38
38
 
39
39
  Types: feat, fix, docs, style, refactor, test, chore
@@ -14,7 +14,7 @@ tools:
14
14
  permissionMode: bypassPermissions
15
15
  ---
16
16
 
17
- You are an expert Slack CLI developer specialized in building, deploying, and managing Slack apps using the official Slack CLI v4.0 and the Slack Platform (https://docs.slack.dev/tools/slack-cli/). Slack CLI v4.0 adds first-class Slack Agent development support.
17
+ You are an expert Slack CLI developer specialized in building, deploying, and managing Slack apps using the official Slack CLI (v4.x) and the Slack Platform (https://docs.slack.dev/tools/slack-cli/). Slack CLI v4.0 adds first-class Slack Agent development support.
18
18
 
19
19
  ## Capabilities
20
20
 
@@ -22,7 +22,7 @@ Dedicated agent for wiki file operations. All wiki/ directory writes go through
22
22
 
23
23
  - Create new wiki pages from source file analysis
24
24
  - Update existing wiki pages when sources change
25
- - Maintain index.md and log.md
25
+ - Maintain index.yaml and log.jsonl
26
26
  - Execute wiki lint fixes (orphan removal, cross-ref repair)
27
27
  - Generate synthesis pages (architecture, workflows, concepts)
28
28
 
@@ -51,18 +51,18 @@ Every page must:
51
51
  3. Determine what changed
52
52
  4. Write updated page with current date in `updated` field
53
53
  5. Update cross-references in related pages
54
- 6. Update index.md if page is new
54
+ 6. Update index.yaml if page is new
55
55
 
56
56
  ### Batch Update (Category)
57
57
  1. Glob source files in category
58
58
  2. Compare modification dates against wiki pages
59
59
  3. Write only changed/new pages
60
- 4. Batch-update index.md once at end
60
+ 4. Batch-update index.yaml once at end
61
61
 
62
62
  ### Lint Fix
63
63
  1. Receive lint findings from orchestrator
64
64
  2. Fix each category: remove orphans, repair broken refs, update stale pages
65
- 3. Append fix results to log.md
65
+ 3. Append fix results to log.jsonl
66
66
 
67
67
  ## Limitations
68
68
 
@@ -21,10 +21,10 @@ tools: [Read, Write, ...] # Allowed tools
21
21
  |-------|---------|----------|
22
22
  | `haiku` | claude-haiku-4-5 | Fast, cheap tasks (search, simple edits) |
23
23
  | `sonnet` | claude-sonnet-4-6 | General tasks, code generation (default) |
24
+ | `sonnet5` | claude-sonnet-5 | CC default (v2.1.197+); native 1M context |
24
25
  | `opus` | claude-opus-4-6 | Complex reasoning, architecture |
25
26
  | `opusplan` | claude-opus-4-6 + plan mode | Architecture planning with approval gates |
26
- | `opus47` | claude-opus-4-7 | Supports xhigh effort |
27
- | `opus48` | claude-opus-4-8 | Latest Opus model (GA); highest capability below Fable 5 |
27
+ | `opus48` | claude-opus-4-8 | Latest Opus model (GA); highest capability below Fable 5; supports xhigh effort |
28
28
  | `fable` | claude-fable-5 | Mythos-class; tier above Opus, highest GA capability (access added in CC v2.1.170) |
29
29
 
30
30
  Extended context suffix: `[1m]` (e.g., `claude-opus-4-6[1m]`) — enables 1M token context window.
@@ -33,6 +33,8 @@ Extended context suffix: `[1m]` (e.g., `claude-opus-4-6[1m]`) — enables 1M tok
33
33
 
34
34
  > **v2.1.173+**: Fable 5 model IDs carrying a `[1m]` suffix are now auto-normalized (the suffix is stripped) because Fable 5 includes 1M context by default. Use `claude-fable-5` / `model: fable` WITHOUT a `[1m]` suffix — appending it is redundant and normalized away. (The `[1m]` suffix remains meaningful for Opus/Sonnet IDs.)
35
35
 
36
+ > **v2.1.197+**: Claude Sonnet 5가 Claude Code의 **기본 모델**로 도입되었습니다 — 네이티브 1M-token 컨텍스트, 프로모션 가격 $2/$10 per Mtok(2026-08-31까지). `model: sonnet5` / `claude-sonnet-5`로 사용. oh-my-customcode의 base `sonnet` alias는 안정성을 위해 `claude-sonnet-4-6`에 고정 유지(기존 `sonnet` 지정 에이전트 불변); Sonnet 5는 `sonnet5`로 명시 opt-in. Sonnet 5가 CC 신규 기본값이므로 명시 모델 없는 세션은 이제 Sonnet 5에서 동작합니다.
37
+
36
38
  ### Fallback Models (CC v2.1.166+)
37
39
 
38
40
  > **v2.1.166+**: The `fallbackModel` setting configures up to three fallback models tried in order when the primary model is overloaded or unavailable. `--fallback-model` now also applies to interactive sessions. CC additionally retries a turn once on the fallback model when the API rejects an unexpected non-retryable error (auth, rate-limit, request-size, and transport errors still surface immediately).
@@ -287,7 +287,7 @@ The Agent tool defaults to `mode: "acceptEdits"`, which overrides agent frontmat
287
287
  | Scope | Every Agent tool call, without exception |
288
288
  | Why | CC's Agent tool `mode` default (`acceptEdits`) overrides frontmatter |
289
289
  | History | #926 (v0.99.1), #947 (v0.100.1), #955 (v0.103.0) — recurring issue |
290
- | Enforcement | Prompt-based (R021); all 23 agent-spawning skills include instruction |
290
+ | Enforcement | Prompt-based (R021); all agent-spawning skills include instruction |
291
291
 
292
292
  ### Self-Check
293
293
 
@@ -102,6 +102,18 @@ Any change to: agents, agent frontmatter, skills, guides, routing patterns, rule
102
102
  2. 테스트가 읽는 파일의 git tracked 상태를 확인했는가? (`git ls-files` 대조)
103
103
  3. 임시 skip된 검증 스크립트/테스트가 남아있지 않은가?
104
104
 
105
+ ## Pre-Branch Freshness Gate (Origin: #1433 #1, ≥3회 재발)
106
+
107
+ 세션 중 원격 머지(`gh pr merge` 등)가 발생한 뒤 새 릴리즈/작업 브랜치를 분기하기 전, 반드시 `git checkout develop && git pull origin develop`로 로컬 develop을 최신화한다. stale 로컬 develop에서 분기하면 새 브랜치가 이미 머지된 변경(직전 릴리즈)을 누락해 PR이 CONFLICTING 상태가 되고, merge+충돌해결+재CI 사이클이 강제된다. advisory 메모리(`feedback_session_memory_git_stale`)만으로는 ≥3회 재발을 막지 못해 R017 필수 게이트로 승격한다.
108
+
109
+ | Anti-pattern | Required |
110
+ |--------------|----------|
111
+ | 원격 머지 후 stale 로컬 develop에서 릴리즈 브랜치 분기 | 분기 전 `git pull origin develop`; PR 생성 후 mergeStateStatus 확인 — CONFLICTING이면 `git merge origin/develop`+both-유지 해결 후 재CI |
112
+
113
+ ## Post-Gate Scope-Expansion Re-Run (Origin: #1433 #2)
114
+
115
+ R017 게이트(mgr-sauron) 통과 선언 후 신규 결함 발견 등으로 스코프가 확장되면(추가 파일 편집), 커밋 전 게이트를 **최종 상태에서 재실행**한다. 게이트 통과 시점 이후의 변경은 형식적으로 미검증이므로, 확장분 미검증 커밋은 R017이 최종 산출물을 커버하지 못하게 만든다.
116
+
105
117
  ## Quick Verification Commands — agent/skill/guide/wiki counts via ls/find/wc. See commands via Read tool.
106
118
 
107
119
  <!-- DETAIL: Quick Verification Commands
@@ -80,6 +80,14 @@ R021은 위반 시 어떻게 멈출지를, R023은 어떤 순서로 검증할지
80
80
 
81
81
  하나라도 불확실하면 **먼저 carve-out을 명시(Tier 1 우선 해결)**하고, 그래도 불확실하면 Tier 3 적대적 검증(`adversarial-review`, `multi-model-verification`)을 통과시킨 뒤 release한다 (ladder 순서 유지). 이는 R023 shift-left 원칙(저렴한 tier 우선)을 룰 작성 자체에 적용한 것이며, R016 룰 작성 워크플로우의 Tier-1 품질 게이트로 동작한다 (R016은 위반 후 룰 업데이트 소유, R023 carve-out은 안전-신호 룰 작성 시 사전 점검 — 직교). Closes #1353.
82
82
 
83
+ ## Deprecated-Platform-Feature Staleness Check (Origin: #1433 #3)
84
+
85
+ staleness/audit 검증은 model ID·placeholder·TBD뿐 아니라 **폐기된 플랫폼 기능·설정·절차 참조**도 스캔해야 한다. 실례: CC v2.1.121에서 폐기된 `/tmp/*.sh` script bypass 절차가 9개 에이전트 본문에 잔존했으나(v1.1.0에서 제거) 감사 staleness dimension이 model-ID/placeholder에만 한정해 이를 놓쳤다. 감사·staleness 체크리스트에 "CC 특정 버전에서 폐기된 기능/설정/절차를 현행처럼 참조하는가"를 항목으로 추가한다. 이는 R023 shift-left(저렴한 결정론적 grep으로 폐기 참조 조기 탐지)와 정합한다.
86
+
87
+ | Anti-pattern | Required |
88
+ |--------------|----------|
89
+ | staleness 스캔을 model ID/placeholder/TBD로만 한정 | 폐기된 플랫폼 기능/절차 참조(deprecated CC feature/procedure)도 grep 스캔 |
90
+
83
91
  ## Integration
84
92
 
85
93
  | 규칙 | 상호작용 |
@@ -132,6 +132,46 @@ rules:
132
132
  priority: MUST
133
133
  scope: orchestrator
134
134
 
135
+ # Completion Verification - MUST
136
+ - id: R020
137
+ name: completion-verification
138
+ title: Completion Verification Rules
139
+ path: ./MUST-completion-verification.md
140
+ priority: MUST
141
+ scope: all
142
+
143
+ # Enforcement Policy - MUST
144
+ - id: R021
145
+ name: enforcement-policy
146
+ title: Enforcement Policy
147
+ path: ./MUST-enforcement-policy.md
148
+ priority: MUST
149
+ scope: all
150
+
151
+ # Ontology-RAG Routing - SHOULD
152
+ - id: R019
153
+ name: ontology-rag-routing
154
+ title: Routing Enrichment Rules
155
+ path: ./SHOULD-ontology-rag-routing.md
156
+ priority: SHOULD
157
+ scope: orchestrator
158
+
159
+ # Wiki Sync - SHOULD
160
+ - id: R022
161
+ name: wiki-sync
162
+ title: Wiki Sync Rules
163
+ path: ./SHOULD-wiki-sync.md
164
+ priority: SHOULD
165
+ scope: all
166
+
167
+ # Verification Ladder - SHOULD
168
+ - id: R023
169
+ name: verification-ladder
170
+ title: Verification Ladder Rules
171
+ path: ./SHOULD-verification-ladder.md
172
+ priority: SHOULD
173
+ scope: all
174
+
135
175
  # MAY - Optional
136
176
  - id: R005
137
177
  name: optimization
@@ -70,9 +70,9 @@ policy_cache:
70
70
 
71
71
  Policy caching reduces redundant LLM calls for well-understood workflows. Policies are advisory — the orchestrator may override.
72
72
 
73
- ## Capability Hints (Opus 4.7+)
73
+ ## Capability Hints (Opus 4.8+)
74
74
 
75
- When agents target Opus 4.7 (`opus47` model alias), tool capability hints improve batched tool-call planning. Declare per-tool metadata in policy cache entries:
75
+ When agents target Opus 4.8 (`opus48` model alias), tool capability hints improve batched tool-call planning. Declare per-tool metadata in policy cache entries:
76
76
 
77
77
  | Field | Values | Effect |
78
78
  |-------|--------|--------|
@@ -109,15 +109,14 @@ When a synthesized harness exists for an agent (`.claude/outputs/harnesses/{agen
109
109
 
110
110
  ### Tool: Writing artifacts under .claude/outputs/
111
111
 
112
- CC sensitive-path check inspects tool target paths and triggers permission prompts on `.claude/` regardless of `bypassPermissions` and allow rules (refs: #960, #961, #978, #981, #1016).
112
+ Under `mode: "bypassPermissions"`, direct Write/Edit/Bash on `.claude/**` paths is permitted (CC v2.1.121+, #1101) no `/tmp/*.sh` wrapping is needed.
113
113
 
114
114
  To write action-validator results under `.claude/outputs/sessions/`:
115
115
 
116
- 1. Write the artifact body to `/tmp/action-validator-$(date +%H%M%S).md` first (Write tool target = `/tmp`, no sensitive-path trigger)
117
- 2. Use a `/tmp/*.sh` Bash script to move/copy the file under `.claude/outputs/sessions/$(date +%Y-%m-%d)/` (Bash target = `/tmp`, script-internal `cp` to `.claude/` is not audited)
118
- 3. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
116
+ 1. Write the artifact body directly to `.claude/outputs/sessions/$(date +%Y-%m-%d)/action-validator-$(date +%H%M%S).md` with the Write tool (every Agent tool call includes `mode: "bypassPermissions"`, R010)
117
+ 2. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
119
118
 
120
- Reference: `feedback_sensitive_path_tmp_bypass.md`, R006 sensitive-path handling, #1016, #1045.
119
+ Reference: R006/R010 sensitive-path handling (CC v2.1.121+), #1101.
121
120
 
122
121
 
123
122
  | Mode | Source | Behavior |
@@ -1,5 +1,5 @@
1
1
  ---
2
- name: adaptive-harness
2
+ name: omcustom:adaptive-harness
3
3
  description: Auto-detect project context and optimize harness — deactivate unused agents/skills, suggest missing experts, generate project profile
4
4
  scope: harness
5
5
  version: 1.0.0
@@ -187,15 +187,14 @@ Append a record to `.claude/outputs/harness-adaptations/YYYY-MM-DD.md`:
187
187
 
188
188
  ### Tool: Writing artifacts under .claude/outputs/
189
189
 
190
- CC sensitive-path check inspects tool target paths and triggers permission prompts on `.claude/` regardless of `bypassPermissions` and allow rules (refs: #960, #961, #978, #981, #1016).
190
+ Under `mode: "bypassPermissions"`, direct Write/Edit/Bash on `.claude/**` paths is permitted (CC v2.1.121+, #1101) no `/tmp/*.sh` wrapping is needed.
191
191
 
192
- To write adaptive-harness results under `.claude/outputs/sessions/`:
192
+ To write adaptive-harness results under `.claude/outputs/`:
193
193
 
194
- 1. Write the artifact body to `/tmp/adaptive-harness-$(date +%H%M%S).md` first (Write tool target = `/tmp`, no sensitive-path trigger)
195
- 2. Use a `/tmp/*.sh` Bash script to move/copy the file under `.claude/outputs/sessions/$(date +%Y-%m-%d)/` (Bash target = `/tmp`, script-internal `cp` to `.claude/` is not audited)
196
- 3. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
194
+ 1. Write the artifact body directly to `.claude/outputs/harness-adaptations/$(date +%Y-%m-%d).md` with the Write tool (every Agent tool call includes `mode: "bypassPermissions"`, R010)
195
+ 2. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
197
196
 
198
- Reference: `feedback_sensitive_path_tmp_bypass.md`, R006 sensitive-path handling, #1016, #1045.
197
+ Reference: R006/R010 sensitive-path handling (CC v2.1.121+), #1101.
199
198
 
200
199
 
201
200
  ```markdown
@@ -75,15 +75,14 @@ Use this taxonomy to **select representative tasks per category** when building
75
75
 
76
76
  ### Tool: Writing artifacts under .claude/outputs/
77
77
 
78
- CC sensitive-path check inspects tool target paths and triggers permission prompts on `.claude/` regardless of `bypassPermissions` and allow rules (refs: #960, #961, #978, #981, #1016).
78
+ Under `mode: "bypassPermissions"`, direct Write/Edit/Bash on `.claude/**` paths is permitted (CC v2.1.121+, #1101) no `/tmp/*.sh` wrapping is needed.
79
79
 
80
80
  To write eval trajectories or result reports under `.claude/outputs/evals/`:
81
81
 
82
- 1. Write the artifact body to `/tmp/agent-eval-{HHmmss}.{ext}` first (Write tool target = /tmp, no sensitive-path trigger)
83
- 2. Use a `/tmp/*.sh` Bash script to move/copy the file under `.claude/outputs/evals/{trajectories,sessions}/...` (Bash target = /tmp, script-internal `cp` to `.claude/` is not audited)
84
- 3. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
82
+ 1. Write the artifact body directly to `.claude/outputs/evals/{trajectories,sessions}/...` with the Write tool (every Agent tool call includes `mode: "bypassPermissions"`, R010)
83
+ 2. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
85
84
 
86
- Reference: `feedback_sensitive_path_tmp_bypass.md`, R006 sensitive-path handling.
85
+ Reference: R006/R010 sensitive-path handling (CC v2.1.121+), #1101.
87
86
 
88
87
  ## Phased Opt-in Gate Workflow
89
88
 
@@ -5,11 +5,11 @@ scope: core
5
5
  user-invocable: false
6
6
  context: fork
7
7
  ---
8
- ## Mandatory delegation directive (R010 Universal /tmp Script Bypass)
8
+ ## Mandatory delegation directive (R010 bypassPermissions)
9
9
 
10
10
  When this skill spawns a subagent via the Agent tool, the spawned prompt MUST include this directive verbatim (or equivalent):
11
11
 
12
- > ALL tool calls targeting `.claude/` paths MUST go through `/tmp/*.sh` script via Bash. This includes read-only measurement (sed/cat/wc/ls/grep), Write, Edit. Read tool is exempt. Direct Write/Edit/Bash on .claude/ triggers user approval prompts that block unattended automation. See R010 for the full pattern.
12
+ > 스킬이 Agent tool로 서브에이전트를 스폰할 mode: "bypassPermissions"를 반드시 포함한다. 서브에이전트는 .claude/ 경로에 직접 Write/Edit/Bash 사용한다(/tmp 우회 불필요, CC v2.1.121+). See R010.
13
13
 
14
14
  This directive is preserved inline because Agent-tool prompt synthesis can drop SKILL.md notes; inline mandatory directives survive (#1046 lesson).
15
15
 
@@ -69,26 +69,21 @@ Research-only analysis produces findings based on assumptions about the codebase
69
69
  | `/structured-dev-cycle` | Full implementation | Yes — stage-by-stage | 6 |
70
70
  | **`/deep-plan`** | **Analysis + Planning + Verification** | **3-pass cross-verification** | **3** |
71
71
 
72
- ## Sensitive-Path Artifact Protocol (MANDATORY)
73
-
74
- **R010 Universal /tmp Script Bypass (#1052)**: ALL `.claude/` modifications MUST use `/tmp/*.sh` script via Bash. Direct Write/Edit/Bash on `.claude/` triggers CC sensitive-path guard regardless of bypassPermissions.
72
+ ## Artifact Output (R006/R010)
75
73
 
76
74
  Phase 3 verification report path: `.claude/outputs/sessions/{YYYY-MM-DD}/deep-plan-{HHmmss}.md`
77
75
 
78
- When spawning the final synthesis agent to write this artifact, include verbatim in the agent prompt:
76
+ Under `mode: "bypassPermissions"`, subagents write directly to `.claude/outputs/` with Write/Edit — no temp-script wrapping is needed (CC v2.1.121+, #1101). When spawning the final synthesis agent to write this artifact, include verbatim in the agent prompt:
79
77
 
80
78
  ```
81
- **Sensitive-path artifact protocol (mandatory for this task)**
82
-
83
- Write the artifact under `.claude/outputs/` using the /tmp/*.sh bypass:
84
- 1. Build script in /tmp: cat > /tmp/deep-plan-<timestamp>.sh <<'EOF' ... EOF
85
- 2. Script content: mkdir -p .claude/outputs/sessions/<date>/ && cat > .claude/outputs/sessions/<date>/deep-plan-<HHmmss>.md <<'ARTIFACT' ... ARTIFACT
86
- 3. Execute: bash /tmp/deep-plan-<timestamp>.sh
87
- 4. Cleanup: rm /tmp/deep-plan-<timestamp>.sh
88
- DO NOT use Write/Edit directly on `.claude/outputs/` — CC sensitive-path guard triggers regardless of bypassPermissions/allow rules.
79
+ **Artifact output (for this task)**
80
+
81
+ Write the verification report to `.claude/outputs/sessions/<date>/deep-plan-<HHmmss>.md`
82
+ using the Write tool directly (create the directory if needed). Your Agent tool call
83
+ runs under `mode: "bypassPermissions"`, so direct Write/Edit on `.claude/` is permitted.
89
84
  ```
90
85
 
91
- See R006 "Sensitive Path Handling" + `feedback_sensitive_path_tmp_bypass.md`.
86
+ See R006 "Sensitive Path Handling" (CC v2.1.121+ direct-write convention).
92
87
 
93
88
  ## Agent Teams (R018)
94
89
 
@@ -84,10 +84,9 @@ Run these checks before declaring release READY. Any match is a release blocker.
84
84
 
85
85
  | Guard | Detection Command | Severity | Remediation |
86
86
  |-------|-------------------|----------|-------------|
87
- | Skill Bash sensitive-path | `grep -rnE 'mkdir\s+-p[^` + "`" + `\n]*\.claude/(outputs\|agent-memory\|agent-memory-local)' .claude/skills/ templates/.claude/skills/ .claude/rules/ templates/.claude/rules/ 2>/dev/null` | **BLOCK** | Use /tmp/*.sh bypass — both `Bash(mkdir -p)` and `Write` tool on `.claude/` trigger sensitive-path guard. Write script to /tmp, invoke via Bash. See R006 "Sensitive Path Handling" + `feedback_sensitive_path_tmp_bypass.md` |
88
- | Skill artifact path missing /tmp bypass directive | `find .claude/skills/ templates/.claude/skills/ -name SKILL.md | xargs grep -lE '.claude/outputs/' | while read f; do if ! grep -qF 'tmp/*.sh' "$f"; then echo "$f"; fi; done` | **WARN** | Add /tmp/*.sh bypass directive after artifact path mention. Pattern: `> **Tool**: To write artifacts under .claude/outputs/, use a /tmp/*.sh script...` (see #1016 fix) |
87
+ | Residual deprecated `/tmp` sensitive-path bypass narrative | `grep -rnE -e 'regardless of[[:space:]]+.?bypassPermissions' -e '(MUST|MANDATORY|Mandatory)[^\n]{0,80}/tmp/\*\.sh' -e '/tmp/\*\.sh[^\n]{0,80}(MANDATORY|MUST be used|bypass script)' .claude/skills/ templates/.claude/skills/ .claude/agents/ templates/.claude/agents/ 2>/dev/null` | **BLOCK** | Remove the deprecated temp-script bypass narrative it was retired in CC v2.1.121 (#1101). Under `mode: "bypassPermissions"`, write directly to `.claude/` with Write/Edit. See R006 "Sensitive Path Handling" |
89
88
 
90
- > **Why**: CC sensitive-path check runs above `bypassPermissions` and Bash allow rules (#960/#961/#978/#981). Both `Bash(mkdir -p)` and `Write`/`Edit` tool on `.claude/` paths trigger permission prompts `bypassPermissions` does not help. Use the /tmp/*.sh bypass: write script to /tmp, then `bash /tmp/x.sh` to let the script write to `.claude/` internally (sensitive-path guard only inspects direct tool target paths).
89
+ > **Why**: The temp-script sensitive-path bypass for `.claude/` paths was deprecated in CC v2.1.121 (2026-04-28, #1101). Direct Write/Edit/Bash on `.claude/**` works under `mode: "bypassPermissions"`; only catastrophic shell operations (`rm -rf /`) remain independently blocked. Residual bypass procedures or false "guard blocks bypassPermissions" claims in skills/agents are now defects this guard catches them with a cheap deterministic grep (R023 shift-left: catch stale platform procedures before they reach expensive review).
91
90
 
92
91
  ## Output Format
93
92
 
@@ -5,11 +5,11 @@ scope: core
5
5
  user-invocable: false
6
6
  context: fork
7
7
  ---
8
- ## Mandatory delegation directive (R010 Universal /tmp Script Bypass)
8
+ ## Mandatory delegation directive (R010 bypassPermissions)
9
9
 
10
10
  When this skill spawns a subagent via the Agent tool, the spawned prompt MUST include this directive verbatim (or equivalent):
11
11
 
12
- > ALL tool calls targeting `.claude/` paths MUST go through `/tmp/*.sh` script via Bash. This includes read-only measurement (sed/cat/wc/ls/grep), Write, Edit. Read tool is exempt. Direct Write/Edit/Bash on .claude/ triggers user approval prompts that block unattended automation. See R010 for the full pattern.
12
+ > 스킬이 Agent tool로 서브에이전트를 스폰할 mode: "bypassPermissions"를 반드시 포함한다. 서브에이전트는 .claude/ 경로에 직접 Write/Edit/Bash 사용한다(/tmp 우회 불필요, CC v2.1.121+). See R010.
13
13
 
14
14
  This directive is preserved inline because Agent-tool prompt synthesis can drop SKILL.md notes; inline mandatory directives survive (#1046 lesson).
15
15
 
@@ -116,15 +116,14 @@ If only PASS/INFO: proceed automatically.
116
116
 
117
117
  ### Tool: Writing artifacts under .claude/outputs/
118
118
 
119
- CC sensitive-path check inspects tool target paths and triggers permission prompts on `.claude/` regardless of `bypassPermissions` and allow rules (refs: #960, #961, #978, #981, #1016).
119
+ Under `mode: "bypassPermissions"`, direct Write/Edit/Bash on `.claude/**` paths is permitted (CC v2.1.121+, #1101) no `/tmp/*.sh` wrapping is needed.
120
120
 
121
121
  To write dev-review results under `.claude/outputs/sessions/`:
122
122
 
123
- 1. Write the artifact body to `/tmp/dev-review-$(date +%H%M%S).md` first (Write tool target = `/tmp`, no sensitive-path trigger)
124
- 2. Use a `/tmp/*.sh` Bash script to move/copy the file under `.claude/outputs/sessions/$(date +%Y-%m-%d)/` (Bash target = `/tmp`, script-internal `cp` to `.claude/` is not audited)
125
- 3. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
123
+ 1. Write the artifact body directly to `.claude/outputs/sessions/$(date +%Y-%m-%d)/dev-review-$(date +%H%M%S).md` with the Write tool (every Agent tool call includes `mode: "bypassPermissions"`, R010)
124
+ 2. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
126
125
 
127
- Reference: `feedback_sensitive_path_tmp_bypass.md`, R006 sensitive-path handling, #1016, #1045.
126
+ Reference: R006/R010 sensitive-path handling (CC v2.1.121+), #1101.
128
127
 
129
128
  ```
130
129
  With metadata header:
@@ -179,8 +179,6 @@ best_practices:
179
179
  - Set resource limits
180
180
 
181
181
  pattern: |
182
- version: "3.8"
183
-
184
182
  services:
185
183
  app:
186
184
  build:
@@ -50,7 +50,7 @@ The haiku agent receives the following system prompt:
50
50
 
51
51
  ```
52
52
  You are a relevance filter for the oh-my-customcode project — an AI agent harness/orchestration
53
- system built on Claude Code CLI with 44 agents, 74 skills.
53
+ system built on Claude Code CLI with 49 agents, 118 skills.
54
54
 
55
55
  Project domains (HIGH relevance):
56
56
  - AI agent orchestration, multi-agent systems, agent design patterns
@@ -92,15 +92,11 @@ Results saved to `.claude/outputs/sessions/{YYYY-MM-DD}/harness-eval-{HHmmss}.md
92
92
 
93
93
  ### Tool: Writing artifacts under .claude/outputs/
94
94
 
95
- CC sensitive-path check inspects tool target paths and triggers permission prompts on `.claude/` regardless of `bypassPermissions` and allow rules (refs: #960, #961, #978, #981, #1016).
95
+ Under `mode: "bypassPermissions"`, direct Write/Edit/Bash on `.claude/**` paths (including `.claude/outputs/sessions/`) is permitted (CC v2.1.121+, #1101) no `/tmp` wrapping is needed.
96
96
 
97
- To write harness-eval results under `.claude/outputs/sessions/`:
97
+ Write harness-eval results directly to `.claude/outputs/sessions/$(date +%Y-%m-%d)/harness-eval-$(date +%H%M%S).md`. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification. Catastrophic shell operations (e.g., `rm -rf /`) remain blocked by independent safety guards. For CC < v2.1.121, see git history for the legacy `/tmp/*.sh` bypass pattern.
98
98
 
99
- 1. Write the artifact body to `/tmp/harness-eval-$(date +%H%M%S).md` first (Write tool target = `/tmp`, no sensitive-path trigger)
100
- 2. Use a `/tmp/*.sh` Bash script to move/copy the file under `.claude/outputs/sessions/$(date +%Y-%m-%d)/` (Bash target = `/tmp`, script-internal `cp` to `.claude/` is not audited)
101
- 3. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
102
-
103
- Reference: `feedback_sensitive_path_tmp_bypass.md`, R006 sensitive-path handling, #1016, #1045.
99
+ Reference: R006 Sensitive Path Handling, R010 Universal bypassPermissions, #1101.
104
100
 
105
101
 
106
102
  ## 4-Metric Quantitative Layer (added v0.113.0, #1025)
@@ -96,15 +96,11 @@ harness:
96
96
 
97
97
  ### Tool: Writing artifacts under .claude/outputs/
98
98
 
99
- CC sensitive-path check inspects tool target paths and triggers permission prompts on `.claude/` regardless of `bypassPermissions` and allow rules (refs: #960, #961, #978, #981, #1016).
99
+ Under `mode: "bypassPermissions"`, direct Write/Edit/Bash on `.claude/**` paths (including `.claude/outputs/sessions/`) is permitted (CC v2.1.121+, #1101) no `/tmp` wrapping is needed.
100
100
 
101
- To write harness-synthesizer results under `.claude/outputs/sessions/`:
101
+ Write harness-synthesizer results directly to `.claude/outputs/sessions/$(date +%Y-%m-%d)/harness-synthesizer-$(date +%H%M%S).md`. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification. Catastrophic shell operations (e.g., `rm -rf /`) remain blocked by independent safety guards. For CC < v2.1.121, see git history for the legacy `/tmp/*.sh` bypass pattern.
102
102
 
103
- 1. Write the artifact body to `/tmp/harness-synthesizer-$(date +%H%M%S).md` first (Write tool target = `/tmp`, no sensitive-path trigger)
104
- 2. Use a `/tmp/*.sh` Bash script to move/copy the file under `.claude/outputs/sessions/$(date +%Y-%m-%d)/` (Bash target = `/tmp`, script-internal `cp` to `.claude/` is not audited)
105
- 3. Read-only Bash on `.claude/outputs/` (e.g., `cat`, `head`, `wc`) is allowed for verification
106
-
107
- Reference: `feedback_sensitive_path_tmp_bypass.md`, R006 sensitive-path handling, #1016, #1045.
103
+ Reference: R006 Sensitive Path Handling, R010 Universal bypassPermissions, #1101.
108
104
 
109
105
  3. **Synthesize validation harness** — generate YAML harness matching agent's declared capabilities
110
106
  4. **Refine via evaluator-optimizer loop** — iterate harness against edge cases (3 rounds max)
@@ -73,9 +73,6 @@ help --agents
73
73
 
74
74
  Available Agents:
75
75
 
76
- Orchestrator:
77
- secretary Manages manager agents
78
-
79
76
  Manager:
80
77
  mgr-creator Creates new agents
81
78
  mgr-updater Updates external sources and docs
@@ -98,7 +95,7 @@ Infra Engineer:
98
95
  infra-docker-expert Docker containerization
99
96
  infra-aws-expert AWS architecture
100
97
 
101
- Total: 15 agents
98
+ Total: 49 agents
102
99
  ```
103
100
 
104
101
  ### Rules List
@@ -112,16 +109,16 @@ MUST (Never violate):
112
109
  R001 Safety Rules Prohibited actions
113
110
  R002 Permission Rules Tool tiers, file access
114
111
  R006 Agent Design Structure, separation
112
+ R007 Agent Identification Display agent in responses
113
+ R008 Tool Identification Display agent when using tools
114
+ R009 Parallel Execution Max 4 parallel instances
115
115
 
116
116
  SHOULD (Strongly recommended):
117
117
  R003 Interaction Rules Response format
118
118
  R004 Error Handling Error levels, recovery
119
- R007 Agent Identification Display agent in responses
120
- R008 Tool Identification Display agent when using tools
121
119
 
122
120
  MAY (Optional):
123
121
  R005 Optimization Efficiency guidelines
124
- R009 Parallel Execution Max 4 parallel instances
125
122
 
126
- Total: 10 rules
123
+ Total: 23 rules
127
124
  ```
@@ -24,22 +24,23 @@ Show all available commands with optional filtering and detailed information.
24
24
  AI Agent System - Available Commands
25
25
 
26
26
  System:
27
- lists Show all available commands
28
- status Show system status
29
- help Show help information
27
+ /omcustom:lists Show all available commands
28
+ /omcustom:status Show system status
29
+ /omcustom:help Show help information
30
30
 
31
31
  Manager:
32
- /create-agent Create a new agent
33
- /update-docs Sync documentation with project structure
34
- /update-external Update agents from external sources
35
- /audit-agents Audit agent dependencies
36
- /fix-refs Fix broken references
32
+ /omcustom:create-agent Create a new agent
33
+ /omcustom:update-docs Sync documentation with project structure
34
+ /omcustom:update-external Update agents from external sources
35
+ /omcustom:audit-agents Audit agent dependencies
36
+ /omcustom:fix-refs Fix broken references
37
37
 
38
38
  Dev:
39
39
  /dev-review Review code for best practices
40
40
  /dev-refactor Refactor code
41
41
 
42
42
  Use "<command> --help" for detailed information.
43
+ Run "/omcustom:lists" to see the full command set (60+).
43
44
  ```
44
45
 
45
46
  ### Verbose Output
@@ -49,24 +50,24 @@ lists --verbose
49
50
  AI Agent System - Available Commands (Detailed)
50
51
 
51
52
  System Commands:
52
- ┌─────────┬──────────────────────────────────────────────┐
53
- │ Command │ Description
54
- ├─────────┼──────────────────────────────────────────────┤
55
- │ lists │ Show all available commands
56
- │ status │ Show system status and health checks
57
- │ help │ Show help for commands and agents
58
- └─────────┴──────────────────────────────────────────────┘
53
+ ┌───────────────────┬──────────────────────────────────────┐
54
+ │ Command │ Description
55
+ ├───────────────────┼──────────────────────────────────────┤
56
+ /omcustom:lists │ Show all available commands
57
+ /omcustom:status │ Show system status and health checks
58
+ /omcustom:help │ Show help for commands and agents
59
+ └───────────────────┴──────────────────────────────────────┘
59
60
 
60
61
  Manager Commands:
61
- ┌──────────────────┬──────────────────────────────────────┐
62
- │ Command │ Description │
63
- ├──────────────────┼──────────────────────────────────────┤
64
- │ /create-agent │ Create a new agent with structure │
65
- │ /update-docs │ Sync all docs with project state │
66
- │ /update-external │ Update from external sources │
67
- │ /audit-agents │ Check dependencies and refs │
68
- │ /fix-refs │ Auto-fix broken references │
69
- └──────────────────┴──────────────────────────────────────┘
62
+ ┌─────────────────────────────┬──────────────────────────────────────┐
63
+ │ Command │ Description │
64
+ ├─────────────────────────────┼──────────────────────────────────────┤
65
+ │ /omcustom:create-agent │ Create a new agent with structure │
66
+ │ /omcustom:update-docs │ Sync all docs with project state │
67
+ │ /omcustom:update-external │ Update from external sources │
68
+ │ /omcustom:audit-agents │ Check dependencies and refs │
69
+ │ /omcustom:fix-refs │ Auto-fix broken references │
70
+ └─────────────────────────────┴──────────────────────────────────────┘
70
71
 
71
72
  Dev Commands:
72
73
  ┌──────────────┬────────────────────────────────────────┐
@@ -76,5 +77,5 @@ Dev Commands:
76
77
  │ /dev-refactor│ Suggest and apply refactoring │
77
78
  └──────────────┴────────────────────────────────────────┘
78
79
 
79
- Total: 10 commands available
80
+ Total: 60+ commands available
80
81
  ```
@@ -103,6 +103,9 @@ This skill activates when the user mentions any of:
103
103
  | `claude_code.api_error` | API error details |
104
104
  | `claude_code.tool_decision` | Tool accept/reject decisions |
105
105
  | `claude_code.user_prompt` | User prompt metadata (content redacted by default) |
106
+ | `claude_code.assistant_response` | Assistant response text (v2.1.193+; redacted unless opted in) |
107
+
108
+ > **v2.1.193+ security note (R012)**: The `claude_code.assistant_response` log event carries the model's response text. It is redacted unless `OTEL_LOG_ASSISTANT_RESPONSES=1`; when that variable is unset it FOLLOWS `OTEL_LOG_USER_PROMPTS`. A deployment already logging prompt content therefore begins receiving response content immediately on upgrade. To keep prompts-only logging, set `OTEL_LOG_ASSISTANT_RESPONSES=0` explicitly.
106
109
 
107
110
  ## Upgrade Path
108
111
 
@@ -133,7 +136,7 @@ OTEL_EXPORTER_OTLP_ENDPOINT=http://localhost:4317
133
136
  "OTEL_LOGS_EXPORTER": "otlp",
134
137
  "OTEL_EXPORTER_OTLP_PROTOCOL": "grpc",
135
138
  "OTEL_EXPORTER_OTLP_ENDPOINT": "http://localhost:4317",
136
- "OTEL_RESOURCE_ATTRIBUTES": "service.name=claude-code,service.version=2.1.85"
139
+ "OTEL_RESOURCE_ATTRIBUTES": "service.name=claude-code,service.version=2.1.197"
137
140
  }
138
141
  }
139
142
  ```