oh-my-customcodex 0.5.0 → 0.5.2

package/templates/.claude/hooks/scripts/agent-capability-precheck.sh

@@ -0,0 +1,99 @@
+#!/usr/bin/env bash
+# agent-capability-precheck.sh — R010 capability gate for Agent/Task spawns
+#
+# Blocks delegation when the prompt asks for shell/GitHub work but the target
+# agent frontmatter does not allow Bash, or explicitly disallows it.
+
+set +e
+
+input="$(cat)"
+
+json_string_field() {
+  local jq_expr="$1"
+  local key="$2"
+
+  if command -v jq >/dev/null 2>&1; then
+    printf '%s' "$input" | jq -r "$jq_expr" 2>/dev/null
+    return
+  fi
+
+  printf '%s' "$input" | sed -nE "s/.*\"${key}\"[[:space:]]*:[[:space:]]*\"([^\"]*)\".*/\\1/p" | head -n 1
+}
+
+agent_type="$(json_string_field '.tool_input.subagent_type // .tool_input.agent_type // .agent_type // empty' 'subagent_type')"
+if [[ -z "$agent_type" ]]; then
+  agent_type="$(json_string_field '.tool_input.agent_type // .agent_type // empty' 'agent_type')"
+fi
+prompt="$(json_string_field '.tool_input.prompt // .tool_input.description // .prompt // .description // empty' 'prompt')"
+if [[ -z "$prompt" ]]; then
+  prompt="$(json_string_field '.tool_input.description // .description // empty' 'description')"
+fi
+
+if [[ -z "$agent_type" || -z "$prompt" ]]; then
+  printf '%s' "$input"
+  exit 0
+fi
+
+shell_pattern='(^|[^[:alnum:]_-])(bash|shell|command|execute|run|gh|git|npm|pnpm|yarn|bun|python|node|curl|jq|sed|awk|make|docker)([[:space:]:;,.]|$)'
+if ! printf '%s' "$prompt" | grep -Eiq "$shell_pattern"; then
+  printf '%s' "$input"
+  exit 0
+fi
+
+agent_file=""
+for candidate in \
+  ".codex/agents/${agent_type}.md" \
+  "templates/.claude/agents/${agent_type}.md" \
+  ".claude/agents/${agent_type}.md"
+do
+  if [[ -f "$candidate" ]]; then
+    agent_file="$candidate"
+    break
+  fi
+done
+
+if [[ -z "$agent_file" ]]; then
+  echo "[Hook] Agent capability pre-check: no frontmatter found for ${agent_type}; proceeding advisory-only" >&2
+  printf '%s' "$input"
+  exit 0
+fi
+
+frontmatter="$(awk '
+  BEGIN { in_fm = 0; seen = 0 }
+  /^---[[:space:]]*$/ {
+    if (seen == 0) { in_fm = 1; seen = 1; next }
+    if (in_fm == 1) { exit }
+  }
+  in_fm == 1 { print }
+' "$agent_file")"
+
+has_bash_tool="$(printf '%s\n' "$frontmatter" | awk '
+  /^tools:[[:space:]]*$/ { in_tools = 1; next }
+  /^[^[:space:]-][^:]*:/ { in_tools = 0 }
+  in_tools == 1 && /^[[:space:]]*-[[:space:]]*Bash[[:space:]]*$/ { found = 1 }
+  END { print found ? "yes" : "no" }
+')"
+
+disallows_bash="no"
+if printf '%s\n' "$frontmatter" | grep -Eq '^disallowedTools:[[:space:]]*\[[^]]*Bash[^]]*\]'; then
+  disallows_bash="yes"
+elif printf '%s\n' "$frontmatter" | awk '
+  /^disallowedTools:[[:space:]]*$/ { in_disallowed = 1; next }
+  /^[^[:space:]-][^:]*:/ { in_disallowed = 0 }
+  in_disallowed == 1 && /^[[:space:]]*-[[:space:]]*Bash[[:space:]]*$/ { found = 1 }
+  END { exit found ? 0 : 1 }
+'; then
+  disallows_bash="yes"
+fi
+
+if [[ "$has_bash_tool" != "yes" || "$disallows_bash" == "yes" ]]; then
+  echo "[Hook] BLOCKED: Agent capability mismatch for '${agent_type}'" >&2
+  echo "[Hook] Prompt appears to require shell/GitHub/command execution, but ${agent_file} does not allow Bash." >&2
+  if [[ "$disallows_bash" == "yes" ]]; then
+    echo "[Hook] The agent frontmatter explicitly lists disallowedTools: Bash." >&2
+  fi
+  echo "[Hook] Re-route command work to a Bash-capable agent, or pre-collect command output before delegating." >&2
+  exit 2
+fi
+
+printf '%s' "$input"

package/templates/.claude/hooks/scripts/agent-mode-guard.sh

@@ -6,10 +6,21 @@
 
 set -euo pipefail
 
-command -v jq >/dev/null 2>&1 || exit 0
-
 input=$(cat)
-mode=$(echo "$input" | jq -r '.tool_input.mode // ""')
+
+json_string_field() {
+  local jq_expr="$1"
+  local key="$2"
+
+  if command -v jq >/dev/null 2>&1; then
+    echo "$input" | jq -r "$jq_expr" 2>/dev/null
+    return
+  fi
+
+  echo "$input" | sed -nE "s/.*\"${key}\"[[:space:]]*:[[:space:]]*\"([^\"]*)\".*/\\1/p" | head -n 1
+}
+
+mode=$(json_string_field '.tool_input.mode // ""' 'mode')
 
 if [ "$mode" != "bypassPermissions" ]; then
   echo "[Hook] BLOCKED: Agent/Task spawn missing required mode: \"bypassPermissions\"" >&2

package/templates/.claude/hooks/scripts/git-delegation-guard.sh

@@ -9,13 +9,22 @@
 #   Pattern: /tmp/.codex-{purpose}-${PPID}
 #   See also: agent-teams-advisor.sh, context-budget-advisor.sh, stuck-detector.sh
 
-# Dependency check: exit silently if jq not available
-command -v jq >/dev/null 2>&1 || exit 0
-
 input=$(cat)
 
-agent_type=$(echo "$input" | jq -r '.tool_input.subagent_type // ""')
-prompt=$(echo "$input" | jq -r '.tool_input.prompt // ""')
+json_string_field() {
+  local jq_expr="$1"
+  local key="$2"
+
+  if command -v jq >/dev/null 2>&1; then
+    echo "$input" | jq -r "$jq_expr" 2>/dev/null
+    return
+  fi
+
+  echo "$input" | sed -nE "s/.*\"${key}\"[[:space:]]*:[[:space:]]*\"([^\"]*)\".*/\\1/p" | head -n 1
+}
+
+agent_type=$(json_string_field '.tool_input.subagent_type // ""' 'subagent_type')
+prompt=$(json_string_field '.tool_input.prompt // ""' 'prompt')
 
 # R010 violation tracking file (PPID-scoped for session persistence)
 VIOLATION_FILE="/tmp/.codex-r010-violations-${PPID}"

package/templates/.claude/hooks/scripts/plugin-cache-check.sh

@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+# plugin-cache-check.sh - SessionStart advisory hook.
+# Detects plugin cache packages with package.json but missing node_modules.
+# Always exits 0. Output advisory to stderr only.
+
+set -euo pipefail
+
+input=$(cat)
+
+cache_roots=()
+if [ -n "${CODEX_PLUGIN_CACHE:-}" ]; then
+  cache_roots+=("$CODEX_PLUGIN_CACHE")
+fi
+if [ -n "${CLAUDE_PLUGIN_CACHE:-}" ]; then
+  cache_roots+=("$CLAUDE_PLUGIN_CACHE")
+fi
+cache_roots+=("${HOME}/.codex/plugins/cache")
+cache_roots+=("${HOME}/.claude/shared-plugins/cache")
+
+missing=()
+for cache_root in "${cache_roots[@]}"; do
+  if [ ! -d "$cache_root" ]; then
+    continue
+  fi
+
+  while IFS= read -r package_json; do
+    package_dir=$(dirname "$package_json")
+    if [ ! -d "$package_dir/node_modules" ]; then
+      missing+=("$package_dir")
+    fi
+  done < <(find "$cache_root" -maxdepth 5 -name package.json 2>/dev/null)
+done
+
+if [ "${#missing[@]}" -gt 0 ]; then
+  echo "[Advisory] Plugin cache missing node_modules (run \`(cd <dir> && bun install)\` per directory):" >&2
+  for dir in "${missing[@]}"; do
+    echo "  - $dir" >&2
+  done
+fi
+
+echo "$input"
+exit 0

package/templates/.claude/hooks/scripts/session-reflection.sh

@@ -0,0 +1,106 @@
+#!/usr/bin/env bash
+# session-reflection.sh — Stop/SubagentStop advisory reflection capture
+#
+# Records lightweight session-end evidence from Claude/Codex hook input. The
+# hook never blocks shutdown; it writes a markdown reflection when transcript,
+# background task, or session cron evidence is available.
+
+set +e
+
+input="$(cat)"
+project_root="${OMCUSTOMCODEX_PROJECT_ROOT:-${OMCODEX_PROJECT_ROOT:-$PWD}}"
+
+pass_through() {
+  printf '%s' "$input"
+  exit 0
+}
+
+case "${OMCUSTOMCODEX_SESSION_REFLECTION:-${OMCODEX_SESSION_REFLECTION:-${OMCUSTOM_SESSION_REFLECTION:-on}}}" in
+  off|false|0|no)
+    pass_through
+    ;;
+esac
+
+json_get() {
+  local expr="$1"
+  local fallback_key="$2"
+
+  if command -v jq >/dev/null 2>&1; then
+    printf '%s' "$input" | jq -r "$expr" 2>/dev/null
+    return
+  fi
+
+  # Minimal fallback for flat string fields when jq is unavailable.
+  printf '%s' "$input" | sed -nE "s/.*\"${fallback_key}\"[[:space:]]*:[[:space:]]*\"([^\"]*)\".*/\\1/p" | head -n 1
+}
+
+session_id="$(json_get '.session_id // .sessionId // empty' 'session_id')"
+transcript_path="$(json_get '.transcript_path // .conversation_transcript_path // .transcript.path // .transcript.file_path // empty' 'transcript_path')"
+
+if command -v jq >/dev/null 2>&1; then
+  background_task_count="$(printf '%s' "$input" | jq -r '[.background_tasks[]?] | length' 2>/dev/null)"
+  session_cron_count="$(printf '%s' "$input" | jq -r '[.session_crons[]?] | length' 2>/dev/null)"
+  background_task_lines="$(printf '%s' "$input" | jq -r '.background_tasks[]? | "- " + ((.id // .task_id // "task") | tostring) + " [" + ((.status // .state // "unknown") | tostring) + "] " + ((.command // .description // .prompt // "") | tostring)' 2>/dev/null)"
+  session_cron_lines="$(printf '%s' "$input" | jq -r '.session_crons[]? | "- " + ((.id // .name // "cron") | tostring) + " [" + ((.status // .state // "unknown") | tostring) + "] " + ((.command // .description // .schedule // "") | tostring)' 2>/dev/null)"
+else
+  background_task_count=0
+  session_cron_count=0
+  background_task_lines=""
+  session_cron_lines=""
+fi
+
+if ! [[ "$background_task_count" =~ ^[0-9]+$ ]]; then
+  background_task_count=0
+fi
+if ! [[ "$session_cron_count" =~ ^[0-9]+$ ]]; then
+  session_cron_count=0
+fi
+
+if [[ -z "$transcript_path" && -n "$session_id" ]]; then
+  transcript_base="${OMCUSTOMCODEX_TRANSCRIPT_BASE:-${OMCODEX_TRANSCRIPT_BASE:-${OMCUSTOM_TRANSCRIPT_BASE:-${HOME}/.codex/projects}}}"
+  if [[ -d "$transcript_base" ]]; then
+    transcript_path="$(find "$transcript_base" -type f -name "*${session_id}*.jsonl" -print -quit 2>/dev/null)"
+  fi
+fi
+
+if [[ -z "$transcript_path" && "$background_task_count" -eq 0 && "$session_cron_count" -eq 0 ]]; then
+  pass_through
+fi
+
+out_dir="${project_root}/.codex/outputs/reflections"
+mkdir -p "$out_dir" 2>/dev/null || pass_through
+out_file="${out_dir}/$(date -u +%Y-%m-%d).md"
+
+tool_uses=0
+assistant_turns=0
+handoff_prompts=0
+if [[ -n "$transcript_path" && -f "$transcript_path" ]]; then
+  tool_uses="$(grep -c '"tool_use"' "$transcript_path" 2>/dev/null || echo 0)"
+  assistant_turns="$(grep -c '"role"[[:space:]]*:[[:space:]]*"assistant"' "$transcript_path" 2>/dev/null || echo 0)"
+  handoff_prompts="$(grep -Eci 'should I proceed|shall I proceed|계속할까요|진행할까요' "$transcript_path" 2>/dev/null || echo 0)"
+fi
+
+{
+  printf '\n## %s Session Reflection\n\n' "$(date -u +%Y-%m-%dT%H:%M:%SZ)"
+  printf -- '- Session: `%s`\n' "${session_id:-unknown}"
+  printf -- '- Transcript: `%s`\n' "${transcript_path:-unavailable}"
+  printf -- '- Tool uses observed: %s\n' "$tool_uses"
+  printf -- '- Assistant turns observed: %s\n' "$assistant_turns"
+  printf -- '- Permission-handoff prompts observed: %s\n' "$handoff_prompts"
+  printf -- '- Background tasks in hook input: %s\n' "$background_task_count"
+  printf -- '- Session crons in hook input: %s\n' "$session_cron_count"
+  if [[ -n "$background_task_lines" ]]; then
+    printf '\n### Background Tasks\n%s\n' "$background_task_lines"
+  fi
+  if [[ -n "$session_cron_lines" ]]; then
+    printf '\n### Session Crons\n%s\n' "$session_cron_lines"
+  fi
+  if [[ "$handoff_prompts" =~ ^[0-9]+$ && "$handoff_prompts" -gt 0 ]]; then
+    printf -- '\n### Follow-up\n- Review permission-handoff prompts against the autonomous execution directive.\n'
+  fi
+} >> "$out_file" 2>/dev/null
+
+echo "[SessionReflection] Recorded reflection: ${out_file}" >&2
+echo "[SessionReflection] background_tasks=${background_task_count} session_crons=${session_cron_count}" >&2
+
+pass_through

package/templates/.claude/output-styles/korean-engineer.md

@@ -8,6 +8,10 @@ keep-coding-instructions: true
 
 Use Korean for user-facing communication unless the user explicitly asks otherwise. Keep code, file contents, identifiers, and commit trailers in English when that is the repository convention.
 
+## Honorific Level
+
+Default to formal Korean 합쇼체 for user-facing prose. Use `-습니다`, `-합니다`, and `-했습니다`; avoid 반말 and casual 해요체 unless the user explicitly requests a different tone.
+
 Every response starts with the agent identity block required by the project guidance:
 
 ```text

package/templates/.claude/rules/MUST-agent-identification.md

@@ -9,61 +9,89 @@ Every response MUST start with agent identification:
 ```
 ┌─ Agent: {agent-name} ({agent-type})
 ├─ Skill: {skill-name} (if applicable)
-└─ Task: {brief-task-description}
+└─ Status: {current-action-or-verdict}
 ```
 
-Default (no specific agent): `┌─ Agent: claude (default)`
+Use `├─` for every intermediate metadata line. Only the final metadata line uses `└─`.
+
+Default (no specific agent): `┌─ Agent: Codex (default)`
 
 ## Simplified Format
 
-For brief responses: `[mgr-creator] Creating agent structure...`
-With skill: `[fe-vercel-agent → react-best-practices] Analyzing...`
+The full block is still required for brief user-facing responses. A one-line response may contain only the block plus one concise sentence, but it must not drop the block.
+
+Legacy bracket shorthand is allowed only inside internal logs or non-user-facing scratch output:
+
+```
+[mgr-creator] Creating agent structure...
+[fe-vercel-agent → react-best-practices] Analyzing...
+```
+
+## Short Response Discipline
+
+Short answers, diagnostics, status pings, and corrections are not exempt. If the response is visible to the user, start with the identity block even when the body is one sentence.
+
+Anti-pattern:
+
+```text
+확인했습니다.
+```
+
+Correct:
+
+```text
+┌─ Agent: Codex (default)
+├─ Skill: none
+└─ Status: 확인
+
+확인했습니다.
+```
 
 ## Routing & Skill Context
 
 When the orchestrator uses a routing skill, identification should reflect the active context:
 
 ```
-┌─ Agent: claude (secretary-routing)
+┌─ Agent: Codex (secretary-routing)
 ├─ Skill: secretary-routing
-└─ Task: route agent management request
+└─ Status: route agent management request
 ```
 
 | Context | Identification |
 |---------|---------------|
-| No routing active | `claude (default)` |
-| secretary-routing | `claude (secretary-routing)` |
-| dev-lead-routing | `claude (dev-lead-routing)` |
-| de-lead-routing | `claude (de-lead-routing)` |
-| qa-lead-routing | `claude (qa-lead-routing)` |
-| Skill invocation | `claude → {skill-name}` |
+| No routing active | `Codex (default)` |
+| secretary-routing | `Codex (secretary-routing)` |
+| dev-lead-routing | `Codex (dev-lead-routing)` |
+| de-lead-routing | `Codex (de-lead-routing)` |
+| qa-lead-routing | `Codex (qa-lead-routing)` |
+| Skill invocation | `Codex → {skill-name}` |
 
 ## Skill Invocation Format
 
 When the orchestrator invokes a skill via the Skill tool, the skill name MUST be integrated into the identification block — NOT displayed as a separate tool call.
 
 ```
-┌─ Agent: claude → {skill-name}
-└─ Task: {brief-task-description}
+┌─ Agent: Codex → {skill-name}
+└─ Status: {current-action-or-verdict}
 ```
 
 ### Common Violations
 
 ```
 Incorrect: Skill as separate display
-   ┌─ Agent: claude (default)
-   └─ Task: research topic analysis
+   ┌─ Agent: Codex (default)
+   └─ Status: research topic analysis
 
    Skill(research)    ← separate, disconnected
 
 Correct: Skill integrated into identification
-   ┌─ Agent: claude → research
-   └─ Task: research topic analysis
+   ┌─ Agent: Codex → research
+   └─ Status: research topic analysis
 
 Correct: With sub-skill
-   ┌─ Agent: claude → research
+   ┌─ Agent: Codex → research
    ├─ Skill: result-aggregation
-   └─ Task: aggregate team findings
+   └─ Status: aggregate team findings
 ```
 
 ## When to Display
@@ -72,6 +100,6 @@ Correct: With sub-skill
 |-----------|---------|
 | Agent-specific task | Full header |
 | Using skill | Include skill name |
-| General conversation | "claude (default)" |
+| General conversation | "Codex (default)" |
 | Long tasks | Show progress with agent context |
-| Skill invocation | Integrated `claude → {skill-name}` format |
+| Skill invocation | Integrated `Codex → {skill-name}` format |

package/templates/.claude/rules/MUST-agent-teams.md

@@ -37,14 +37,18 @@ These are distinct mechanisms. Agent Teams `SendMessage` requires `TeamCreate` a
 ## Self-Check (Before Agent Tool)
 
 Before using Agent tool for 2+ agent tasks, complete this check:
-Quick rule: 3+ agents OR review cycle → use Agent Teams. Sequential deps / scaffolding → Agent Tool. 2+ issues in same batch → prefer Agent Teams.
+Quick rule: User explicitly preferred plain subagents this session? → use Agent Tool (R000 user instructions > R018). Otherwise: 3+ agents OR review cycle → use Agent Teams. Sequential deps / scaffolding → Agent Tool. 2+ issues in same batch → prefer Agent Teams.
 
 <!-- DETAIL: Self-Check (Before Agent Tool)
 ╔══════════════════════════════════════════════════════════════════╗
 ║  BEFORE USING Agent TOOL FOR 2+ AGENTS:                          ║
 ║                                                                   ║
+║  0. Has user explicitly preferred plain subagents this session?  ║
+║     YES → Use Agent tool (R000 user instructions > R018)         ║
+║     NO  → Continue to #1                                          ║
+║                                                                   ║
 ║  1. Is Agent Teams available?                                    ║
-║     YES → check criteria #2-#4                                  ║
+║     YES → check criteria #2-#5                                  ║
 ║     NO  → Proceed with Agent tool                               ║
 ║                                                                   ║
 ║  2. Will 3+ agents be involved?                                  ║

package/templates/.claude/rules/MUST-completion-verification.md

@@ -12,6 +12,7 @@ Before declaring any task `[Done]`, verify completion against task-type-specific
 |-----------|-------------------------------------|
 | Release | All issues closed, version bumped, PR merged, GitHub Release created; **External automation verified**: `.github/workflows/` listed AND `gh run list --limit 10` checked for auto-publish workflows |
 | Implementation | Code compiles/passes lint, tests pass (if exist), no TODO markers left |
+| UI/Frontend | Screenshot or browser smoke evidence collected; text/layout does not overlap at target viewports |
 | Documentation | Links valid, counts accurate, cross-references updated |
 | Git Operations | Operation succeeded (check exit code), working tree clean |
 | Code Review | All findings addressed or explicitly deferred with justification |
@@ -70,8 +71,18 @@ Never accept "pre-existing" without direct base-branch evidence. A false "pre-ex
 | "Tests pass" | Only ran subset | Run full test suite |
 | "Waiting for manual publish" | External CI/CD auto-publishes on merge | Check `.github/workflows/` BEFORE assuming manual step |
 | "Subagent said pre-existing" | Claim not verified against base branch | Run test on base branch, compare directly |
+| "User interrupted, old plan still continued" | Newer user instruction has priority | Re-rank current work against the newest user message before continuing |
 -->
 
+## Interrupt Priority Re-Ordering
+
+When a user sends a new instruction while work is in progress, completion status must be re-evaluated against the newest message before any `[Done]` claim.
+
+1. If the new message conflicts with the old plan, stop or re-route the old plan.
+2. If the new message narrows scope, verify only the narrowed scope and report what was left out.
+3. If the new message adds a requirement, add it to the completion contract before closing.
+4. If no conflict exists, continue but explicitly preserve the new requirement in the next verification pass.
+
 ## Completion Contract Format — [Contract] + [Done] with criterion/evidence pairs. See template via Read tool.
 
 <!-- DETAIL: Completion Contract Format

package/templates/.claude/rules/MUST-continuous-improvement.md

@@ -33,6 +33,7 @@ Update the relevant rule rather than just acknowledging the violation.
 | Process gap (workflow hole) | ✅ | ✅ | ✅ |
 | Repeatable system bug | — | ✅ | ✅ |
 | Agent selection failure (wrong agent routed) | — | ✅ | — |
+| External repository convention miss | ✅ | ✅ | ✅ |
 
 When CI failure, process gap, or repeatable system defect is found:
 1. Record feedback memory (defend current session)
@@ -48,7 +49,19 @@ When repeating agent failures or suboptimal routing is detected:
 
 This connects R016's continuous improvement loop with the adaptive-harness skill's learning capability.
 
-## Anti-Patterns — 4 patterns: "I'll update later", "one-time exception", "doesn't cover this", "finish task first". See table via Read tool.
+## External Repository Contribution Pre-Check
+
+Before creating or modifying assets for an external repository or upstream contribution target, inspect that repository's local contract before implementing:
+
+1. Read the nearest `AGENTS.md` or equivalent agent guidance.
+2. Read `CONTRIBUTING.md`, plugin/skill authoring docs, or project-specific creation guides when present.
+3. Identify required metadata enums, naming conventions, validation commands, and forbidden paths.
+4. Add the discovered constraints to the task plan before editing.
+5. If the repo lacks guidance, state that explicitly and use the smallest conventional change.
+
+Late discovery of contribution rules is a process defect. Record it as memory and an issue when the miss is repeatable or affected delivered work.
+
+## Anti-Patterns — 5 patterns: "I'll update later", "one-time exception", "doesn't cover this", "finish task first", "calibration during action-oriented tone". See table via Read tool.
 
 <!-- DETAIL: Anti-Patterns
 | Anti-Pattern | Why It's Wrong | Correct Action |
@@ -57,6 +70,7 @@ This connects R016's continuous improvement loop with the adaptive-harness skill
 | "This is a one-time exception" | Exceptions become patterns | If the rule is wrong, fix it; if it's right, follow it |
 | "The rule doesn't cover this case" | Missing coverage = rule gap | Add the case to the rule immediately |
 | "Let me finish the task first" | Rule violations compound | Fix rule first (5 min), then continue (prevents N future violations) |
+| "Calibration/humility during action-oriented tone (auto mode, ㄱㄱ, 계속해)" | Self-questioning wastes time when user signals action; action-mode preempts meta-reflection | Defer calibration to post-task feedback memory; respond with short action confirmation |
 -->
 
 ## Timing — Rule updates MUST happen before continuing original task, in the same session.

package/templates/.claude/rules/MUST-intent-transparency.md

@@ -39,6 +39,35 @@ Display reasoning when routing to agents. Users must always know which agent was
 
 Users can specify agent directly with `@{agent-name} {command}`. Override bypasses detection.
 
+## Git Push Continuation
+
+If the user has already explicitly authorized `commit` or `push` in this session, that authorization persists for follow-up work in the same branch and the same change family. Do not restart confirmation just because the next step is a related doc, rule, or mirror update.
+
+Continue without asking again when:
+
+- the branch is unchanged
+- the remote target is unchanged
+- the follow-up work is the same category as the earlier approved change
+
+Reconfirm when:
+
+- the branch changes
+- the remote changes
+- the operation becomes history-rewriting or destructive (`--force`, rebase, reset, tag overwrite)
+- the user narrows or revokes the earlier approval
+
+## Structured Question Failure Discipline
+
+When a structured question surface (`AskUserQuestion`, `omx question`, or native structured input) is rejected, unavailable, or malformed, the orchestrator must not silently downgrade to a different workflow.
+
+Required behavior:
+
+1. Treat the failed question attempt as evidence, not as user refusal.
+2. Retry once with the smallest valid single-question shape.
+3. If the structured surface is unavailable, ask exactly one concise plain-text question.
+4. Preserve the original active workflow and user directive after the fallback.
+5. Do not ask confirmation questions for already-authorized reversible work.
+
 ## User Directive Persistence — Named tool/skill/workflow preferences persist entire session. Anti-pattern: treating autonomous mode as clean slate. See full spec via Read tool.
 
 <!-- DETAIL: User Directive Persistence

package/templates/.claude/rules/MUST-language-policy.md

@@ -7,10 +7,17 @@
 | Context | Language |
 |---------|----------|
 | User communication | Korean |
+| User communication honorific | 합쇼체 (formal polite, `-습니다/-합니다`) |
 | Code, file contents, commits | English |
 | Error messages to user | Korean |
 | PR title/body, GitHub issues | Korean (default, overridable in project AGENTS.md) |
 
+## Honorific Level
+
+Default user-facing Korean MUST use 합쇼체. Use `-습니다`, `-합니다`, `-했습니다`, and concise formal engineering phrasing.
+
+Do not use 반말 or casual 해요체 unless the user explicitly asks for that style. The repo-visible response block in `AGENTS.md` does not replace this requirement; it is the header before the formal Korean body.
+
 ## Delegation Model
 
 User delegates ALL file operations to AI agent. User does NOT directly edit files.

package/templates/.claude/rules/MUST-orchestrator-coordination.md

@@ -10,6 +10,40 @@ The main conversation is the **sole orchestrator**. It uses routing skills to de
 
 **The orchestrator MUST NEVER directly write, edit, or create files. ALL file modifications MUST be delegated to appropriate subagents.**
 
+## Codex-Native Meta-File Boundary
+
+Treat orchestration meta-files as delegated surfaces, not direct-orchestrator edit targets. This includes:
+
+- `AGENTS.md`
+- `.codex/rules/*.md`
+- `.codex/skills/*/SKILL.md`
+- `templates/AGENTS.md.*`
+- `templates/.claude/rules/*.md`
+
+If the change touches routing policy, guide indexes, mirrored templates, or release-time instructions, delegate the edit to the specialist that owns the surface. `mgr-creator` handles new structure and path scaffolding; `arch-documenter` or `mgr-updater` can handle content sync.
+
+### Self-Check Before Editing Meta Files
+
+```
+╔══════════════════════════════════════════════════════════════════╗
+║  BEFORE CHANGING A META FILE, ASK YOURSELF:                     ║
+║                                                                   ║
+║  1. Is the target AGENTS.md or under .codex/ / templates/?      ║
+║     YES → delegate; do not edit directly                         ║
+║                                                                   ║
+║  2. Is this a one-line policy, index, or routing tweak?         ║
+║     YES → still delegate; there are no small exceptions          ║
+║                                                                   ║
+║  3. Does the change need mirrored Codex + template updates?     ║
+║     YES → delegate the pair together, then verify parity         ║
+║                                                                   ║
+║  4. Am I calling it "temporary" or "debugging" to justify it?   ║
+║     YES → stop; meta-file edits are never direct from orchestrator ║
+║                                                                   ║
+║  If any answer points to a problem → route the edit first       ║
+╚══════════════════════════════════════════════════════════════════╝
+```
+
 <!-- DETAIL: Self-Check (Before File Modification)
 ```
 ╔══════════════════════════════════════════════════════════════════╗
@@ -147,6 +181,20 @@ Key violations to avoid (file writes, git commands, bundled operations — all m
 ```
 -->
 
+### Meta-File Examples
+
+```
+❌ WRONG: Main conversation edits AGENTS.md directly
+   Main conversation → Write("AGENTS.md", content)
+
+✓ CORRECT: Main conversation → Agent(mgr-creator) → update AGENTS.md and mirrored template files
+
+❌ WRONG: Main conversation patches .codex/rules/MUST-intent-transparency.md directly
+   Main conversation → Edit(".codex/rules/MUST-intent-transparency.md", content)
+
+✓ CORRECT: Main conversation → Agent(arch-documenter) → revise the rule text, then verify the mirrored template file
+```
+
 ## Historical Sensitive-Path Bypass
 
 **Status**: deprecated as of Claude Code v2.1.121 for `.claude/skills/`, `.claude/agents/`, and `.claude/commands/`; fully deprecated in `bypassPermissions` as of v2.1.126 for broader protected paths.
@@ -166,6 +214,20 @@ Claude Code v2.1.141+ preserves the current permission mode when a session is de
 
 For this Codex port, native Codex/OMX subagents still follow the active Codex runtime tool policy. Claude compatibility prompts should keep delegated write authority explicit when a workflow relies on unattended edits, but v2.1.141+ no longer needs an extra `/bg` permission-mode workaround.
 
+## Agent Capability Pre-Check
+
+Before delegating work, compare the task requirements with the target agent frontmatter:
+
+| Requirement in prompt | Required frontmatter |
+|-----------------------|----------------------|
+| Shell, CLI, GitHub CLI, package manager, test, build, or script execution | `tools` includes `Bash` |
+| Any `gh`, `git`, `npm`, `bun`, `pnpm`, `yarn`, `python`, `node`, `curl`, `jq`, `make`, or `docker` command | `tools` includes `Bash`; `disallowedTools` does not include `Bash` |
+| Documentation-only synthesis from provided evidence | Bash is not required |
+
+Known limitation: `arch-documenter` has `disallowedTools: [Bash]`. Do not ask it to inspect GitHub issues, run shell commands, or collect command output. Pre-collect that evidence with a Bash-capable lane, then delegate the writing task.
+
+The `agent-capability-precheck.sh` hook blocks obvious mismatches so the orchestrator re-routes before spawning an agent that cannot execute the requested work.
+
 <!-- DETAIL: Autonomous Execution Mode
 
 ## Autonomous Execution Mode