npm - oh-my-customcodex - Versions diffs - 0.4.12 → 0.4.13 - Mend

oh-my-customcodex 0.4.12 → 0.4.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/dist/cli/index.js CHANGED Viewed

@@ -3091,7 +3091,12 @@ var init_package = __esm(() => {
     workspaces: [
       "packages/*"
     ],
-    version: "0.4.12",
+    version: "0.4.13",
+    requiresCC: ">=2.1.121",
+    claudeCode: {
+      minimumVersion: "2.1.121",
+      protectedPathBypassVersion: "2.1.126"
+    },
     description: "Batteries-included agent harness on top of GPT Codex + OMX",
     type: "module",
     bin: {

package/dist/index.js CHANGED Viewed

@@ -2180,7 +2180,12 @@ var package_default = {
   workspaces: [
     "packages/*"
   ],
-  version: "0.4.12",
+  version: "0.4.13",
+  requiresCC: ">=2.1.121",
+  claudeCode: {
+    minimumVersion: "2.1.121",
+    protectedPathBypassVersion: "2.1.126"
+  },
   description: "Batteries-included agent harness on top of GPT Codex + OMX",
   type: "module",
   bin: {

package/package.json CHANGED Viewed

@@ -3,7 +3,12 @@
   "workspaces": [
     "packages/*"
   ],
-  "version": "0.4.12",
+  "version": "0.4.13",
+  "requiresCC": ">=2.1.121",
+  "claudeCode": {
+    "minimumVersion": "2.1.121",
+    "protectedPathBypassVersion": "2.1.126"
+  },
   "description": "Batteries-included agent harness on top of GPT Codex + OMX",
   "type": "module",
   "bin": {

package/templates/.claude/agents/mgr-creator.md CHANGED Viewed

@@ -21,7 +21,7 @@ permissionMode: bypassPermissions
 ## Mandatory Sensitive Compatibility Paths
-When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, do not call Write/Edit directly on those paths in unattended automation. Produce the artifact body in `/tmp`, then apply it through the repo-approved sensitive-path script/artifact protocol so Codex-native `.codex/**` work remains autonomous and reviewable.
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
 You are an agent creation specialist following R006 (MUST-agent-design.md) rules.

package/templates/.claude/agents/mgr-gitnerd.md CHANGED Viewed

@@ -21,7 +21,7 @@ permissionMode: bypassPermissions
 ## Mandatory Sensitive Compatibility Paths
-When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, do not call Write/Edit directly on those paths in unattended automation. Produce the artifact body in `/tmp`, then apply it through the repo-approved sensitive-path script/artifact protocol so Codex-native `.codex/**` work remains autonomous and reviewable.
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
 You are a Git operations specialist following GitHub flow best practices.

package/templates/.claude/agents/sys-memory-keeper.md CHANGED Viewed

@@ -25,7 +25,7 @@ permissionMode: bypassPermissions
 ## Mandatory Sensitive Compatibility Paths
-When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, do not call Write/Edit directly on those paths in unattended automation. Produce the artifact body in `/tmp`, then apply it through the repo-approved sensitive-path script/artifact protocol so Codex-native `.codex/**` work remains autonomous and reviewable.
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
 You are a session memory management specialist ensuring context survives across session compactions using claude-mem.

package/templates/.claude/agents/tracker-checkpoint.md CHANGED Viewed

@@ -12,7 +12,7 @@ permissionMode: bypassPermissions
 ## Mandatory Sensitive Compatibility Paths
-When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, do not call Write/Edit directly on those paths in unattended automation. Produce the artifact body in `/tmp`, then apply it through the repo-approved sensitive-path script/artifact protocol so Codex-native `.codex/**` work remains autonomous and reviewable.
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
 # Tracker Checkpoint Agent

package/templates/.claude/agents/wiki-curator.md CHANGED Viewed

@@ -16,7 +16,7 @@ permissionMode: bypassPermissions
 ## Mandatory Sensitive Compatibility Paths
-When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, do not call Write/Edit directly on those paths in unattended automation. Produce the artifact body in `/tmp`, then apply it through the repo-approved sensitive-path script/artifact protocol so Codex-native `.codex/**` work remains autonomous and reviewable.
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
 # Wiki Curator

package/templates/.claude/rules/MUST-agent-design.md CHANGED Viewed

@@ -243,34 +243,39 @@ Skills persist output to `.codex/outputs/sessions/{YYYY-MM-DD}/{skill-name}-{HHm
 ## Sensitive Path Handling
-Claude Code treats `.claude/` and `templates/.claude/` as sensitive directories across Bash, Write, and Edit operations. The sensitive-path check runs above `bypassPermissions` and explicit allow rules, so allow rules do not override the sensitive-path check.
+Claude Code still treats `.claude/` and `templates/.claude/` as protected compatibility surfaces, but the current behavior is version-sensitive rather than a universal prompt wall.
-This Codex port uses `.codex/` as the active runtime surface, but packaged compatibility templates still live under `templates/.claude/`. Any automation that writes those templates must account for Claude Code permission prompts.
+This Codex port uses `.codex/` as the active runtime surface. `.codex/**` edits should use the normal Codex edit/patch flow with no Claude-only `/tmp` wrapper.
-**Key rule**: `.claude/` and `templates/.claude/` Bash/Write/Edit targets can trigger sensitive-path prompts regardless of allow rules. In unattended flows, delegated agents must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and avoid direct `.claude/**` tool targets.
+**Current compatibility rule**:
+- **CC v2.1.121+**: `bypassPermissions` no longer prompts for direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`.
+- **CC v2.1.126+**: `bypassPermissions` also bypasses prompts for broader protected paths such as `.claude/**`, `.git/**`, `.vscode/**`, and shell config files.
+- **Historical fallback only**: if the target runtime is older than v2.1.121, not running with `bypassPermissions`, or still surfaces a protected-path prompt, use `/tmp/{skill}-{timestamp}.md` only as a compatibility fallback for the final `.claude/**` or `templates/.claude/**` write.
 <!-- DETAIL: Sensitive Path Behavior table and Recommended practice
-| Path pattern | Sensitive in Claude Code? | Affected operations |
-|--------------|---------------------------|---------------------|
-| `.claude/**` | Yes | Bash writes, Write, Edit |
-| `templates/.claude/**` | Yes | Bash writes, Write, Edit |
-| `.codex/**` | No | Normal Codex runtime writes; still follow R010/R017 |
-| `.codex/outputs/**` and `.claude/outputs/**` | Treat as constrained artifact paths | Use file-write APIs that create parents; do not pre-create with Bash |
+| Path pattern | Guidance |
+|--------------|----------|
+| `.claude/skills/**`, `.claude/agents/**`, `.claude/commands/**` | Direct writes are acceptable in Claude Code `bypassPermissions` on v2.1.121+ |
+| `.claude/**`, `.git/**`, `.vscode/**`, shell config files | Direct writes are acceptable in Claude Code `bypassPermissions` on v2.1.126+ |
+| `templates/.claude/**` | Mirror deliberately; use the historical `/tmp` fallback only when the runtime still prompts |
+| `.codex/**` | Normal Codex runtime writes; still follow R010/R017 |
+| `.codex/outputs/**` and `.claude/outputs/**` | Treat as constrained artifact paths; use file-write APIs that create parents and do not pre-create with Bash |
 Recommended practice:
-1. Prefer Write/Edit in an interactive session, or managed sync/update paths, over Bash copy/mkdir/tee writes for `.claude/` and `templates/.claude/`.
-2. Keep allow rules only as defensive documentation; do not rely on them to suppress sensitive-path prompts.
-3. Do not run unattended Claude Code release automation that writes `templates/.claude/**` unless the workflow can handle interactive approval.
-4. In this Codex port, update `.codex/...` source files and their `templates/.claude/...` mirrors deliberately instead of bulk-copying with shell commands.
-5. For unattended Claude compatibility-template writes, use a reviewed temporary script wrapper and verify the resulting diff; direct Bash/Write/Edit targets under `templates/.claude/**` can all trigger the sensitive-path guard.
+1. Prefer direct Write/Edit for `.codex/**` and for compatible `.claude/**` targets when the runtime version and permission mode allow it.
+2. Keep allow rules only as defensive documentation; current behavior depends on Claude Code version and permission mode, not allow-rule wishful thinking.
+3. In this Codex port, update `.codex/...` source files and their `templates/.claude/...` mirrors deliberately instead of bulk-copying with shell commands.
+4. Use the historical `/tmp` artifact-body fallback only for legacy Claude Code versions or sessions that still prompt on protected paths.
+5. When compatibility-template writes still require a fallback, verify the resulting diff and remove stale wrapper boilerplate from repeated prompts.
 -->
 Delegation prompt requirement:
-Any prompt that delegates work involving `.claude/**`, `templates/.claude/**`, `.claude/outputs/**`, or read-only measurement of those paths MUST include this block verbatim:
+Delegated prompts touching `.claude/**`, `templates/.claude/**`, `.claude/outputs/**`, or read-only measurement of those paths MUST include this block:
-> Sensitive-path artifact protocol (mandatory): do not ask a subagent to call Read, Bash, Write, or Edit directly on `.claude/**` or `templates/.claude/**` paths. If Claude compatibility artifacts are required, have the subagent produce the artifact body in `/tmp/{skill}-{timestamp}.md`, then use a reviewed temporary script wrapper or managed file-write API for the final checked-in path. Do not use direct Write/Edit/Bash targets under `.claude/**` in unattended flows.
+> Sensitive-path compatibility note: Codex-managed `.codex/**` edits use the normal edit/patch flow. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that also extends to broader protected paths such as `.claude/**`, `.git/**`, and `.vscode/**`. Only fall back to `/tmp/{skill}-{timestamp}.md` when the target runtime is older than v2.1.121, not running with `bypassPermissions`, or still surfaces a protected-path prompt.
 ## Separation of Concerns

package/templates/.claude/rules/MUST-orchestrator-coordination.md CHANGED Viewed

@@ -147,6 +147,19 @@ Key violations to avoid (file writes, git commands, bundled operations — all m
 ```
 -->
+## Historical Sensitive-Path Bypass
+**Status**: deprecated as of Claude Code v2.1.121 for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; fully deprecated in `bypassPermissions` as of v2.1.126 for broader protected paths.
+Older guidance sometimes required a universal `/tmp` artifact-wrapper flow before touching Claude compatibility paths. Do not use that as the default in this Codex-native port.
+Current guidance:
+- Edit `.codex/**` directly with the normal Codex edit/patch flow.
+- In Claude Code `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are acceptable on v2.1.121+.
+- In Claude Code `bypassPermissions`, broader protected-path writes such as `.claude/**`, `.git/**`, and `.vscode/**` are acceptable on v2.1.126+.
+- Keep the `/tmp/{skill}-{timestamp}.md` pattern only as a legacy fallback for older Claude Code versions or sessions that still surface a protected-path prompt.
 <!-- DETAIL: Autonomous Execution Mode
 ## Autonomous Execution Mode

package/templates/.claude/rules/MUST-permissions.md CHANGED Viewed

@@ -21,6 +21,21 @@
 | Write | Source code, new files in project | .env, .git/config, paths outside project |
 | Delete | Temp files created by agent | Existing files (without request), entire directories |
+## Claude Code Protected-Path Compatibility
+Codex-native `.codex/**` edits are normal project writes and do not require the historical Claude-only `/tmp` bypass pattern.
+Claude Code compatibility behavior changed in two steps:
+- **CC v2.1.121+**: `--dangerously-skip-permissions` / `bypassPermissions` no longer prompts for writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`.
+- **CC v2.1.126+**: the same mode also bypasses prompts for broader protected paths such as `.claude/**`, `.git/**`, `.vscode/**`, and shell config files.
+Current guidance:
+- Prefer direct Write/Edit/Bash targets for `.codex/**`.
+- For `.claude/**` or `templates/.claude/**`, direct writes are acceptable when the target Claude Code runtime is new enough and the session is running with `bypassPermissions`.
+- Treat the old `/tmp/{skill}-{timestamp}.md` wrapper flow as a historical fallback only for older Claude Code versions, non-bypass sessions, or interactive runs that still surface a protected-path prompt.
 ## Permission Request Format
 ```

package/templates/.claude/skills/action-validator/SKILL.md CHANGED Viewed

@@ -109,7 +109,7 @@ When a synthesized harness exists for an agent (`.codex/outputs/harnesses/{agent
 ### Compatibility artifact protocol
-When delegated work must touch `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, use the mandatory 2-step bypass: write the artifact body to `/tmp/action-validator-$(date +%H%M%S).md` first, then execute a `/tmp/*.sh` Bash script that copies or writes that body to the final compatibility path. Do not call Read, Bash, Write, or Edit directly on `.claude/**` or `templates/.claude/**` in unattended flows.
+Sensitive-path compatibility note: when delegated work touches `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, keep `.codex/**` artifacts on the normal file-write path. On Claude Code v2.1.121+ with `bypassPermissions`, direct compatibility writes are allowed for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; on v2.1.126+ broader protected paths are covered. Use `/tmp/<skill>-<timestamp>.md` only as a legacy fallback when the runtime is older or still prompts.
 | Mode | Source | Behavior |

package/templates/.claude/skills/adaptive-harness/SKILL.md CHANGED Viewed

@@ -187,7 +187,7 @@ Append a record to `.codex/outputs/harness-adaptations/YYYY-MM-DD.md`:
 ### Compatibility artifact protocol
-When delegated work must touch `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, use the mandatory 2-step bypass: write the artifact body to `/tmp/adaptive-harness-$(date +%H%M%S).md` first, then execute a `/tmp/*.sh` Bash script that copies or writes that body to the final compatibility path. Do not call Read, Bash, Write, or Edit directly on `.claude/**` or `templates/.claude/**` in unattended flows.
+Sensitive-path compatibility note: when delegated work touches `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, keep `.codex/**` artifacts on the normal file-write path. On Claude Code v2.1.121+ with `bypassPermissions`, direct compatibility writes are allowed for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; on v2.1.126+ broader protected paths are covered. Use `/tmp/<skill>-<timestamp>.md` only as a legacy fallback when the runtime is older or still prompts.
 ```markdown

package/templates/.claude/skills/agora/SKILL.md CHANGED Viewed

@@ -25,7 +25,7 @@ source:
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Usage

package/templates/.claude/skills/dag-orchestration/SKILL.md CHANGED Viewed

@@ -86,7 +86,7 @@ config:
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Execution Rules

package/templates/.claude/skills/de-lead-routing/SKILL.md CHANGED Viewed

@@ -221,7 +221,7 @@ Delegate to mgr-creator with context:
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Usage

package/templates/.claude/skills/deep-plan/SKILL.md CHANGED Viewed

@@ -50,18 +50,18 @@ Research-validated planning that eliminates the gap between research assumptions
 | `/structured-dev-cycle` | Implementation pipeline | Yes, stage by stage |
 | `/deep-plan` | Analysis + planning + verification | Yes, 3-pass cross-verification |
-## Sensitive-path artifact protocol (mandatory)
+## Sensitive-path compatibility note
 Codex-native verification artifacts go under `.codex/outputs/sessions/YYYY-MM-DD/deep-plan-HHmmss.md` and may be written with the repo's normal file-write APIs.
-If any research, planning, or verification delegate must touch `.claude/**`, `.claude/outputs/**`, or `templates/.claude/**`, include this block verbatim in that delegate prompt:
+If any research, planning, or verification delegate must touch `.claude/**`, `.claude/outputs/**`, or `templates/.claude/**`, include this block in that delegate prompt:
 ```text
-Sensitive-path artifact protocol (mandatory):
-1. Build the artifact body in /tmp first, for example /tmp/deep-plan-<timestamp>.md.
-2. If the final target is under .claude/** or templates/.claude/**, create and execute a /tmp/*.sh script that copies or writes the /tmp artifact to the final path.
-3. Do not call Read, Bash, Write, or Edit directly on .claude/** or templates/.claude/** in unattended flows.
-4. Verify the final file through the least sensitive available path and report the exact artifact path.
+Sensitive-path compatibility note:
+1. Keep Codex-native .codex/** artifacts on the normal file-write path.
+2. On Claude Code v2.1.121+ with bypassPermissions, direct writes to .claude/skills/, .claude/agents/, and .claude/commands/ are allowed.
+3. On Claude Code v2.1.126+ with bypassPermissions, broader protected paths such as .claude/**, .git/**, and .vscode/** are also covered.
+4. Use /tmp/deep-plan-<timestamp>.md only as a legacy fallback when the runtime is older or still prompts, then verify the resulting diff.
 ```
 The protocol must be copied into delegate prompts. A parent-only mention is insufficient because forked contexts can lose the directive.

package/templates/.claude/skills/deep-verify/SKILL.md CHANGED Viewed

@@ -73,7 +73,7 @@ Each agent receives the full diff and returns findings as structured JSON:
 - Verify all changes align with project's compilation metaphor (Skills=source, Agents=artifacts, Rules=spec)
 - Check separation of concerns: no agents containing skill logic, no skills with agent definitions
 - Verify orchestrator rules: no new file writes from orchestrator context
-- Verify sensitive-path delegation: prompts that touch `.claude/**`, `.claude/outputs/**`, or `templates/.claude/**` include the exact phrase `Sensitive-path artifact protocol (mandatory)`, require an explicit `/tmp/{skill}-{timestamp}.md` artifact body path, mention `Read, Bash, Write, or Edit` coverage, and do not rely on a single vague `/tmp` recommendation
+- Verify sensitive-path compatibility: prompts that touch `.claude/**`, `.claude/outputs/**`, or `templates/.claude/**` include the `Sensitive-path compatibility note`, keep `.codex/**` artifacts on the normal file-write path, and treat `/tmp/{skill}-{timestamp}.md` only as a legacy fallback for older Claude Code versions or sessions that still prompt
 - Check advisory-first: no new hard-blocking hooks introduced
 - Confirm no feature regressions: existing APIs preserved, test coverage maintained
 - Performance sanity: no O(n^2) on large datasets, no missing indexes for new queries

package/templates/.claude/skills/dev-lead-routing/SKILL.md CHANGED Viewed

@@ -10,7 +10,7 @@ context: fork
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Engineers

package/templates/.claude/skills/dev-review/SKILL.md CHANGED Viewed

@@ -116,7 +116,7 @@ If only PASS/INFO: proceed automatically.
 ### Compatibility artifact protocol
-When delegated work must touch `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, use the mandatory 2-step bypass: write the artifact body to `/tmp/dev-review-$(date +%H%M%S).md` first, then execute a `/tmp/*.sh` Bash script that copies or writes that body to the final compatibility path. Do not call Read, Bash, Write, or Edit directly on `.claude/**` or `templates/.claude/**` in unattended flows.
+Sensitive-path compatibility note: when delegated work touches `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, keep `.codex/**` artifacts on the normal file-write path. On Claude Code v2.1.121+ with `bypassPermissions`, direct compatibility writes are allowed for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; on v2.1.126+ broader protected paths are covered. Use `/tmp/<skill>-<timestamp>.md` only as a legacy fallback when the runtime is older or still prompts.
    ```
    With metadata header:

package/templates/.claude/skills/hada-scout/SKILL.md CHANGED Viewed

@@ -15,7 +15,7 @@ high-scoring candidates.
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Purpose

package/templates/.claude/skills/harness-eval/SKILL.md CHANGED Viewed

@@ -16,7 +16,7 @@ Evaluate agent quality using 15 structured software engineering task definitions
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Usage

package/templates/.claude/skills/harness-synthesizer/SKILL.md CHANGED Viewed

@@ -96,7 +96,7 @@ harness:
 ### Compatibility artifact protocol
-When delegated work must touch `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, use the mandatory 2-step bypass: write the artifact body to `/tmp/harness-synthesizer-$(date +%H%M%S).md` first, then execute a `/tmp/*.sh` Bash script that copies or writes that body to the final compatibility path. Do not call Read, Bash, Write, or Edit directly on `.claude/**` or `templates/.claude/**` in unattended flows.
+Sensitive-path compatibility note: when delegated work touches `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, keep `.codex/**` artifacts on the normal file-write path. On Claude Code v2.1.121+ with `bypassPermissions`, direct compatibility writes are allowed for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; on v2.1.126+ broader protected paths are covered. Use `/tmp/<skill>-<timestamp>.md` only as a legacy fallback when the runtime is older or still prompts.
 3. **Synthesize validation harness** — generate YAML harness matching agent's declared capabilities
 4. **Refine via evaluator-optimizer loop** — iterate harness against edge cases (3 rounds max)

package/templates/.claude/skills/omcodex-improve-report/SKILL.md CHANGED Viewed

@@ -15,7 +15,7 @@ Surface actionable improvement suggestions gathered by the eval-core analysis en
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Usage

package/templates/.claude/skills/omcodex-takeover/SKILL.md CHANGED Viewed

@@ -16,7 +16,7 @@ When an agent or skill has evolved organically without a formal spec, `omcodex:t
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Usage

package/templates/.claude/skills/optimize-analyze/SKILL.md CHANGED Viewed

@@ -24,7 +24,7 @@ target           Build output path or project root (optional, auto-detects)
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Workflow

package/templates/.claude/skills/optimize-report/SKILL.md CHANGED Viewed

@@ -20,7 +20,7 @@ Generate comprehensive optimization report with analysis, metrics, and recommend
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Workflow

package/templates/.claude/skills/post-release-followup/SKILL.md CHANGED Viewed

@@ -27,7 +27,7 @@ Gather unfinished work from multiple sources:
 ### Compatibility artifact protocol
-When delegated work must touch `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, use the mandatory 2-step bypass: write the artifact body to `/tmp/post-release-followup-$(date +%H%M%S).md` first, then execute a `/tmp/*.sh` Bash script that copies or writes that body to the final compatibility path. Do not call Read, Bash, Write, or Edit directly on `.claude/**` or `templates/.claude/**` in unattended flows.
+Sensitive-path compatibility note: when delegated work touches `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, keep `.codex/**` artifacts on the normal file-write path. On Claude Code v2.1.121+ with `bypassPermissions`, direct compatibility writes are allowed for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; on v2.1.126+ broader protected paths are covered. Use `/tmp/<skill>-<timestamp>.md` only as a legacy fallback when the runtime is older or still prompts.
 - Extract any MEDIUM or LOW severity findings that were flagged but not fixed

package/templates/.claude/skills/professor-triage/SKILL.md CHANGED Viewed

@@ -58,18 +58,18 @@ Agent selection constraint: artifact-writing delegated agents need Bash access f
 - 10+ issues: prefer a coordinated team surface when available.
 - Phase 4A and 4B are parallel; Phase 4C waits for both; Phase 4D and 4E are parallel after synthesis.
-## Sensitive-path artifact protocol (mandatory)
+## Sensitive-path compatibility note
 Codex-native artifacts go under `.codex/outputs/sessions/YYYY-MM-DD/professor-triage-HHmmss.md` and may be written with the repo's normal file-write APIs.
-If a delegated task must create, inspect, or modify Claude compatibility artifacts under `.claude/**`, `.claude/outputs/**`, or `templates/.claude/**`, include this block verbatim in the delegated prompt:
+If a delegated task must create, inspect, or modify Claude compatibility artifacts under `.claude/**`, `.claude/outputs/**`, or `templates/.claude/**`, include this block in the delegated prompt:
 ```text
-Sensitive-path artifact protocol (mandatory):
-1. Build the artifact body in /tmp first, for example /tmp/professor-triage-<timestamp>.md.
-2. If the final target is under .claude/** or templates/.claude/**, create and execute a /tmp/*.sh script that copies or writes the /tmp artifact to the final path.
-3. Do not call Read, Bash, Write, or Edit directly on .claude/** or templates/.claude/** in unattended flows.
-4. Verify the final file through the least sensitive available path and report the exact artifact path.
+Sensitive-path compatibility note:
+1. Keep Codex-native .codex/** artifacts on the normal file-write path.
+2. On Claude Code v2.1.121+ with bypassPermissions, direct writes to .claude/skills/, .claude/agents/, and .claude/commands/ are allowed.
+3. On Claude Code v2.1.126+ with bypassPermissions, broader protected paths such as .claude/**, .git/**, and .vscode/** are also covered.
+4. Use /tmp/professor-triage-<timestamp>.md only as a legacy fallback when the runtime is older or still prompts, then verify the resulting diff.
 ```
 This protocol must be inline in the delegate prompt; relying on this SKILL.md being present in the parent context is not enough.

package/templates/.claude/skills/qa-lead-routing/SKILL.md CHANGED Viewed

@@ -94,7 +94,7 @@ Delegate to mgr-creator with context:
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Usage

package/templates/.claude/skills/research/SKILL.md CHANGED Viewed

@@ -207,7 +207,7 @@ Convergence expected by round 3. Hard stop at round 30.
 ### Compatibility artifact protocol
-When delegated work must touch `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, use the mandatory 2-step bypass: write the artifact body to `/tmp/research-$(date +%H%M%S).md` first, then execute a `/tmp/*.sh` Bash script that copies or writes that body to the final compatibility path. Do not call Read, Bash, Write, or Edit directly on `.claude/**` or `templates/.claude/**` in unattended flows.
+Sensitive-path compatibility note: when delegated work touches `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, keep `.codex/**` artifacts on the normal file-write path. On Claude Code v2.1.121+ with `bypassPermissions`, direct compatibility writes are allowed for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; on v2.1.126+ broader protected paths are covered. Use `/tmp/<skill>-<timestamp>.md` only as a legacy fallback when the runtime is older or still prompts.
    ```
    With metadata header:
@@ -219,7 +219,7 @@ When delegated work must touch `.claude/outputs/`, `.claude/**`, or `templates/.
    ---
    ```
    The agent writes the artifact file using a file-write API that creates missing parent directories; do not run any Bash directory-creation pre-step for session outputs (R010 compliance).
-   Sensitive-path artifact protocol (mandatory): if a delegated research agent must inspect or create Claude compatibility artifacts under `.claude/**`, `.claude/outputs/**`, or `templates/.claude/**`, the delegated prompt must require `/tmp/research-{timestamp}.md` as the first artifact body target and must forbid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+   Sensitive-path compatibility note: delegated research agents should keep `.codex/**` artifacts on the normal write path and use `/tmp/research-{timestamp}.md` only as a legacy fallback when an older Claude Code runtime still prompts on compatibility paths.
 3. GitHub issue auto-created with findings
 4. Action items with effort estimates

package/templates/.claude/skills/result-aggregation/SKILL.md CHANGED Viewed

@@ -117,7 +117,7 @@ Secretary outputs:
 ### Compatibility artifact protocol
-When delegated work must read or consolidate artifacts from `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, use the mandatory 2-step bypass in unattended flows: copy the required body to `/tmp/result-aggregation-$(date +%H%M%S).md` first, then execute a `/tmp/*.sh` Bash script that reads or writes the final compatibility path. Do not call Read, Bash, Write, or Edit directly on `.claude/**` or `templates/.claude/**`.
+Sensitive-path compatibility note: when delegated work touches `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, keep `.codex/**` artifacts on the normal file-write path. On Claude Code v2.1.121+ with `bypassPermissions`, direct compatibility writes are allowed for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; on v2.1.126+ broader protected paths are covered. Use `/tmp/<skill>-<timestamp>.md` only as a legacy fallback when the runtime is older or still prompts.
 ### With Ecomode

package/templates/.claude/skills/roundtable-debate/SKILL.md CHANGED Viewed

@@ -22,7 +22,7 @@ Run a bounded debate when convergence would hide useful disagreement. Unlike `ag
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Workflow

package/templates/.claude/skills/scout/SKILL.md CHANGED Viewed

@@ -13,7 +13,7 @@ Analyze an external URL (tech blog, tool, library, methodology) to evaluate its
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Usage

package/templates/.claude/skills/secretary-routing/SKILL.md CHANGED Viewed

@@ -134,7 +134,7 @@ Evaluate: Is this a specialized management/tooling task?
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Usage

package/templates/.claude/skills/skill-extractor/SKILL.md CHANGED Viewed

@@ -148,7 +148,7 @@ The `skill-extractor-analyzer.sh` Stop hook provides a lightweight pre-analysis:
 ## Compatibility Artifact Protocol
-When delegated work must write extraction evidence under `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, use the mandatory 2-step bypass in unattended flows: write the evidence body to `/tmp/skill-extractor-$(date +%H%M%S).md` first, then execute a `/tmp/*.sh` Bash script that copies or writes the body to the final compatibility path. Do not call Read, Bash, Write, or Edit directly on `.claude/**` or `templates/.claude/**`.
+Sensitive-path compatibility note: when delegated work touches `.claude/outputs/`, `.claude/**`, or `templates/.claude/**`, keep `.codex/**` artifacts on the normal file-write path. On Claude Code v2.1.121+ with `bypassPermissions`, direct compatibility writes are allowed for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; on v2.1.126+ broader protected paths are covered. Use `/tmp/<skill>-<timestamp>.md` only as a legacy fallback when the runtime is older or still prompts.
 ## Safety

package/templates/.claude/skills/task-decomposition/SKILL.md CHANGED Viewed

@@ -12,7 +12,7 @@ Analyzes task complexity and decomposes large tasks into smaller, parallelizable
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## Trigger Conditions

package/templates/.claude/skills/worker-reviewer-pipeline/SKILL.md CHANGED Viewed

@@ -14,7 +14,7 @@ Defines an iterative Worker→Reviewer pipeline where one agent implements chang
 ## Sensitive-Path Delegation
-Sensitive-path artifact protocol (mandatory): if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, include this protocol directly in the delegated prompt. The delegate must produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and must avoid direct Read, Bash, Write, or Edit targets under `.claude/**` in unattended flows.
+Sensitive-path compatibility note: if this skill delegates work that touches `.claude/**`, `.claude/outputs/**`, `templates/.claude/**`, or read-only measurements of those paths, keep `.codex/**` edits on the normal Codex path. On Claude Code v2.1.121+ with `bypassPermissions`, direct writes to `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` are allowed; on v2.1.126+ that extends to broader protected paths. Only use `/tmp/{skill}-{timestamp}.md` as a legacy fallback when the target runtime is older or still prompts.
 ## When to Activate

package/templates/manifest.json CHANGED Viewed

@@ -1,5 +1,10 @@
 {
-  "version": "0.4.12",
+  "version": "0.4.13",
+  "requiresCC": ">=2.1.121",
+  "claudeCode": {
+    "minimumVersion": "2.1.121",
+    "protectedPathBypassVersion": "2.1.126"
+  },
   "lastUpdated": "2026-04-28T00:01:33.302Z",
   "components": [
     {

package/templates/workflows/auto-dev.yaml CHANGED Viewed

@@ -40,9 +40,9 @@ steps:
       Codex-native sensitive-path policy:
       - Codex-managed `.codex/` edits use the normal edit/patch flow.
-      - Do not adopt upstream Claude-only `/tmp` bypass guidance as the default path.
+      - Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path writes available on v2.1.126+.
       - If a port requires `.claude` template parity changes, make the change explicit and verify sensitive-path guard tests.
-      - Sensitive-path artifact protocol (mandatory): delegated prompts that touch `.claude/**`, `templates/.claude/**`, `.claude/outputs/**`, or read-only measurements of those paths must instruct the subagent to produce artifact bodies in `/tmp/{skill}-{timestamp}.md` first and avoid direct Read/Bash/Write/Edit targets under `.claude/**` in unattended flows.
+      - Use `/tmp/{skill}-{timestamp}.md` only as a historical fallback for older Claude Code versions, non-bypass sessions, or runs that still surface a protected-path prompt.
     description: Execute implementation plan with appropriate agents
     foreach: planned-issue