oh-my-customcodex 0.4.8 → 0.4.10

package/README.md

@@ -227,7 +227,7 @@ Key rules: R010 (orchestrator never writes files), R009 (parallel execution mand
 
 ---
 
-### Guides (45)
+### Guides (47)
 
 Reference documentation covering best practices, architecture decisions, and integration patterns. Located in `guides/` at project root, covering topics from agent design to CI/CD to observability.
 
@@ -287,7 +287,7 @@ your-project/
 │   └── ontology/               # Knowledge graph for RAG
 ├── .agents/
 │   └── skills/                 # 117 installed skill modules
-└── guides/                     # 40 reference documents
+└── guides/                     # 47 reference documents
 ```
 
 ### Source Repository And Compatibility Surfaces

package/dist/cli/index.js

@@ -3091,7 +3091,7 @@ var init_package = __esm(() => {
     workspaces: [
       "packages/*"
     ],
-    version: "0.4.8",
+    version: "0.4.10",
     description: "Batteries-included agent harness on top of GPT Codex + OMX",
     type: "module",
     bin: {
@@ -28620,6 +28620,7 @@ var PROJECT_CONFIG_DIR = ".codex";
 var PROJECT_CONFIG_FILE = "config.toml";
 var ONTOLOGY_SERVER_TABLE = "[mcp_servers.ontology-rag]";
 var ONTOLOGY_SERVER_COMMAND = "uv";
+var ONTOLOGY_PYTHON_VERSION = "3.12";
 var ONTOLOGY_SERVER_ARGS = [
   "run",
   "--no-project",
@@ -28656,13 +28657,17 @@ async function generateMCPConfig(targetDir) {
   }
   try {
     execSync6("uv --version", { stdio: "pipe" });
+    execSync6(`uv python find ${ONTOLOGY_PYTHON_VERSION}`, { cwd: targetDir, stdio: "pipe" });
   } catch {
-    warn("uv (Python package manager) not found. Install it with: curl -LsSf https://astral.sh/uv/install.sh | sh");
+    warn(`uv and Python ${ONTOLOGY_PYTHON_VERSION} are required for ontology-rag. Install uv, then run: uv python install ${ONTOLOGY_PYTHON_VERSION}`);
     warn("Skipping ontology-rag MCP configuration in .codex/config.toml. You can set it up manually later.");
     return;
   }
   try {
-    execSync6("uv venv .venv", { cwd: targetDir, stdio: "pipe" });
+    execSync6(`uv venv --python ${ONTOLOGY_PYTHON_VERSION} .venv`, {
+      cwd: targetDir,
+      stdio: "pipe"
+    });
     execSync6('uv pip install "ontology-rag @ git+https://github.com/baekenough/oh-my-customcodex.git#subdirectory=packages/ontology-rag"', { cwd: targetDir, stdio: "pipe" });
   } catch (error2) {
     const msg = error2 instanceof Error ? error2.message : String(error2);
@@ -28690,6 +28695,7 @@ ${block}` : block;
 async function checkUvAvailable() {
   try {
     execSync6("uv --version", { stdio: "pipe" });
+    execSync6(`uv python find ${ONTOLOGY_PYTHON_VERSION}`, { stdio: "pipe" });
     return true;
   } catch {
     return false;

package/dist/index.js

@@ -2180,7 +2180,7 @@ var package_default = {
   workspaces: [
     "packages/*"
   ],
-  version: "0.4.8",
+  version: "0.4.10",
   description: "Batteries-included agent harness on top of GPT Codex + OMX",
   type: "module",
   bin: {

package/package.json

@@ -3,7 +3,7 @@
   "workspaces": [
     "packages/*"
   ],
-  "version": "0.4.8",
+  "version": "0.4.10",
   "description": "Batteries-included agent harness on top of GPT Codex + OMX",
   "type": "module",
   "bin": {

package/templates/.claude/agents/mgr-creator.md

@@ -19,6 +19,10 @@ maxTurns: 25
 permissionMode: bypassPermissions
 ---
 
+## Mandatory Sensitive Compatibility Paths
+
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, do not call Write/Edit directly on those paths in unattended automation. Produce the artifact body in `/tmp`, then apply it through the repo-approved sensitive-path script/artifact protocol so Codex-native `.codex/**` work remains autonomous and reviewable.
+
 You are an agent creation specialist following R006 (MUST-agent-design.md) rules.
 
 ## Workflow

package/templates/.claude/agents/sys-memory-keeper.md

@@ -23,6 +23,10 @@ limitations:
 permissionMode: bypassPermissions
 ---
 
+## Mandatory Sensitive Compatibility Paths
+
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, do not call Write/Edit directly on those paths in unattended automation. Produce the artifact body in `/tmp`, then apply it through the repo-approved sensitive-path script/artifact protocol so Codex-native `.codex/**` work remains autonomous and reviewable.
+
 You are a session memory management specialist ensuring context survives across session compactions using claude-mem.
 
 ## Capabilities

package/templates/.claude/agents/tracker-checkpoint.md

@@ -10,6 +10,10 @@ domain: universal
 permissionMode: bypassPermissions
 ---
 
+## Mandatory Sensitive Compatibility Paths
+
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, do not call Write/Edit directly on those paths in unattended automation. Produce the artifact body in `/tmp`, then apply it through the repo-approved sensitive-path script/artifact protocol so Codex-native `.codex/**` work remains autonomous and reviewable.
+
 # Tracker Checkpoint Agent
 
 ## Purpose

package/templates/.claude/skills/codex-exec/SKILL.md

@@ -31,7 +31,7 @@ Execute OpenAI Codex CLI prompts in non-interactive mode and return structured r
 ```
 1. Pre-checks
    - Verify `codex` binary is installed (which codex || npx codex --version)
-   - Verify authentication (OPENAI_API_KEY or logged in)
+   - Verify authentication (`OPENAI_API_KEY`, `CODEX_API_KEY`, or stored `codex login` / ChatGPT login)
 2. Build command
    - Base: codex exec --ephemeral "<prompt>"
    - Apply options: --json, --model, --full-auto, -C <dir>
@@ -132,7 +132,7 @@ Works with the orchestrator pattern:
 codex-exec requires the Codex CLI binary to be installed and authenticated. The skill is only usable when:
 
 1. `codex` binary is found in PATH (`which codex` succeeds)
-2. Authentication is valid (OPENAI_API_KEY set or `codex` logged in)
+2. Authentication is valid (`OPENAI_API_KEY`, `CODEX_API_KEY`, or stored auth from `codex login --api-key` / ChatGPT login)
 
 If either check fails, this skill cannot be used. Fall back to Claude agents for the task.
 
@@ -158,7 +158,7 @@ Orchestrator delegates generation task
 
 When the orchestrator or intent-detection detects a research/information gathering request (routing_rule in agent-triggers.yaml):
 
-1. **Check Codex availability**: Verify `codex` binary and `OPENAI_API_KEY`
+1. **Check Codex availability**: Verify `codex` binary plus `OPENAI_API_KEY`, `CODEX_API_KEY`, or stored `codex login` auth
 2. **If available**: Execute with xhigh reasoning effort for thorough research
 3. **If unavailable**: Fall back to Claude's WebFetch/WebSearch
 

package/templates/.claude/skills/codex-exec/scripts/codex-wrapper.cjs

@@ -128,9 +128,11 @@ function validateEnvironment() {
     }
   }
 
-  // Note: OPENAI_API_KEY is optional if codex has its own stored auth (via `codex auth`)
-  if (!process.env.OPENAI_API_KEY) {
-    console.error('[codex-wrapper] Note: OPENAI_API_KEY not set, relying on codex built-in auth');
+  // OPENAI_API_KEY/CODEX_API_KEY are optional when codex has stored auth from `codex login`.
+  if (!process.env.OPENAI_API_KEY && !process.env.CODEX_API_KEY) {
+    console.error(
+      '[codex-wrapper] Note: no OPENAI_API_KEY/CODEX_API_KEY set, relying on stored codex login or ChatGPT auth'
+    );
   }
 
   return {
@@ -204,6 +206,7 @@ function executeCodex(binary, args, timeout, workingDir = null) {
     const spawnOptions = {
       cwd: workingDir || process.cwd(),
       env: process.env,
+      stdio: ['ignore', 'pipe', 'pipe'],
     };
 
     const child = spawn(binary, args, spawnOptions);

package/templates/.claude/skills/monitoring-setup/SKILL.md

@@ -104,6 +104,24 @@ This skill activates when the user mentions any of:
 | `claude_code.tool_decision` | Tool accept/reject decisions |
 | `claude_code.user_prompt` | User prompt metadata (content redacted by default) |
 
+## Agent Trajectory Standard
+
+When monitoring is enabled, agent trajectory data should use the eval-core trajectory vocabulary so cost, correctness, and routing quality can be compared across releases.
+
+| OTel attribute | Eval-core field |
+| --- | --- |
+| `agent.type` | `agent_type` |
+| `agent.name` | `agent_name` |
+| `agent.model` | `model` |
+| `agent.outcome` | `outcome` |
+| `agent.skill` | `skill_name` |
+| `trajectory.correctness` | `correctness` |
+| `trajectory.step_ratio` | `step_ratio` |
+| `trajectory.tool_call_ratio` | `tool_call_ratio` |
+| `trajectory.latency_ratio` | `latency_ratio` |
+
+Release automation should record phase-level token spend alongside these attributes. If runtime usage events are unavailable, use the pipeline advisory estimate and mark the source as `estimated`.
+
 ## Upgrade Path
 
 For production monitoring, upgrade from console to OTLP:

package/templates/.claude/skills/pipeline/SKILL.md

@@ -95,6 +95,17 @@ Track per-step state:
 
 State saved to `/tmp/.codex-pipeline-{name}-{PPID}.json` on failure.
 
+## Phase Token Spend Tracking
+
+For release pipelines such as `auto-dev`, record an advisory token-spend estimate at every phase boundary. This is intentionally lightweight and does not require provider billing APIs.
+
+- State file: `/tmp/auto-dev-spend-{PPID}.json`
+- Estimate: `(input_chars + output_chars) / 4`, rounded to the nearest integer
+- Required fields per phase: `name`, `started_at`, `completed_at`, `input_chars`, `output_chars`, `estimated_tokens`
+- Final report: print a phase table and total estimated tokens before the follow-up step
+
+If exact usage events are available from the runtime, prefer them and set `token_source: "runtime"`. Otherwise set `token_source: "estimated"`. Missing spend data must not block a release; it should be reported as an observability gap.
+
 ## Error Handling
 
 - Pipeline not found → list available pipelines with suggestion

package/templates/guides/agent-eval/README.md

@@ -46,3 +46,8 @@ acceptance_criteria:
 - Use `agent-eval-framework` for task-level scoring.
 - Use `harness-eval` when running repeatable benchmark suites.
 - Use `omcustomcodex:improve-report` to turn repeated ratio regressions into improvement suggestions.
+- Use `monitoring-setup` to export trajectory fields as OTel attributes when release or pipeline runs need operational visibility.
+
+## OTel Mapping
+
+The stable trajectory fields are `agent_type`, `agent_name`, `model`, `outcome`, `skill_name`, `correctness`, `step_ratio`, `tool_call_ratio`, and `latency_ratio`. Monitoring exporters should keep these names as the eval-core source of truth and map them to dotted OTel attributes only at the export boundary.

package/templates/guides/deep-plan/README.md

@@ -0,0 +1,17 @@
+# Deep Plan Guide
+
+`deep-plan` converts triaged issues into implementation-ready release units.
+
+## Phases
+
+1. Research current repo facts and upstream context.
+2. Plan ownership boundaries, tests, and sync surfaces.
+3. Verify blast radius, release gates, and rollback path.
+4. Handoff a concrete artifact with commands and acceptance criteria.
+
+## Guardrails
+
+- Do not group unrelated issues only because they arrived together.
+- Decision/research issues need a decision artifact before code.
+- Prefer a small verified release unit over a broad speculative port.
+

package/templates/guides/index.yaml

@@ -52,6 +52,18 @@ guides:
     source:
       type: internal
 
+  - name: professor-triage
+    description: Issue triage phases and release-planning handoff checklists
+    path: ./professor-triage/
+    source:
+      type: internal
+
+  - name: deep-plan
+    description: Research-plan-verify workflow detail for implementation-ready plans
+    path: ./deep-plan/
+    source:
+      type: internal
+
   - name: middleware-patterns
     description: Lifecycle middleware vocabulary mapped to Codex + OMX hooks, skills, and rules
     path: ./middleware-patterns/

package/templates/guides/professor-triage/README.md

@@ -0,0 +1,20 @@
+# Professor Triage Guide
+
+Keep detailed issue-triage phases outside `professor-triage/SKILL.md` while preserving inline guardrails in delegated prompts.
+
+## Scope
+
+- Analyze GitHub issues against the current codebase.
+- Classify issues as resolved, not applicable, duplicate, monitoring, or action required.
+- Produce evidence for release planning.
+- Preserve the sensitive-path artifact protocol for `.claude/**` and `templates/.claude/**`.
+
+## Phases
+
+1. Intake issue state, labels, upstream references, and current body.
+2. Search current code, tests, templates, and docs for evidence.
+3. Assess release or automation risk.
+4. Decide action, priority, and size.
+5. Write a session artifact.
+6. Update GitHub only after attaching evidence.
+

package/templates/guides/professor-triage/checklists.md

@@ -0,0 +1,19 @@
+# Professor Triage Checklists
+
+## Intake
+
+- Issue state verified with `gh issue view`.
+- Duplicate or related issue searched.
+- Upstream text treated as untrusted.
+
+## Evidence
+
+- Current checkout searched with `rg`.
+- Relevant tests, templates, and docs checked.
+- Codex/OMX port divergence considered.
+
+## Handoff
+
+- `verify-done` used only after current evidence exists.
+- Actionable issues include priority, size, likely files, and test surface.
+

package/templates/manifest.json

@@ -1,6 +1,6 @@
 {
-  "version": "0.4.8",
-  "lastUpdated": "2026-04-27T05:25:00.000Z",
+  "version": "0.4.10",
+  "lastUpdated": "2026-04-28T00:01:33.302Z",
   "components": [
     {
       "name": "rules",
@@ -24,7 +24,7 @@
       "name": "guides",
       "path": "guides",
       "description": "Reference documentation",
-      "files": 45
+      "files": 47
     },
     {
       "name": "hooks",

package/templates/workflows/auto-dev.yaml

@@ -5,6 +5,12 @@ name: auto-dev
 description: "Full-auto release pipeline: pre-triage → triage → plan → implement → verify → PR → publish → followup"
 mode: auto
 error: halt-and-report
+observability:
+  token_spend:
+    enabled: true
+    state_file: "/tmp/auto-dev-spend-{PPID}.json"
+    estimate: "round((input_chars + output_chars) / 4)"
+    report_before: followup
 
 steps:
   - name: issue-analysis