oh-my-customcodex 0.5.20 → 0.5.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -13,7 +13,7 @@
13
13
 
14
14
  **[한국어 문서 (Korean)](./README_ko.md)**
15
15
 
16
- 50 agents. 121 skills. 22 rules. One command.
16
+ 50 agents. 122 skills. 23 rules. One command.
17
17
 
18
18
  ```bash
19
19
  npm install -g oh-my-customcodex && cd your-project && omcustomcodex init
@@ -135,13 +135,13 @@ Each agent declares its tools, model, memory scope, and limitations in YAML fron
135
135
 
136
136
  ---
137
137
 
138
- ### Skills (121)
138
+ ### Skills (122)
139
139
 
140
140
  | Category | Count | Includes |
141
141
  |----------|-------|----------|
142
142
  | Best Practices | 24 | Go, Python, TypeScript, Kotlin, Rust, React, FastAPI, Spring Boot, Django, Flutter, Docker, AWS, Postgres, Redis, Kafka, dbt, Spark, Snowflake, Airflow, pipeline-architecture-patterns, alembic, and more |
143
143
  | Routing | 4 | secretary, dev-lead, de-lead, qa-lead |
144
- | Workflow | 13 | structured-dev-cycle, deep-plan, research, evaluator-optimizer, dag-orchestration, worker-reviewer-pipeline, reasoning-sandwich, pipeline, and more |
144
+ | Workflow | 14 | structured-dev-cycle, deep-plan, research, evaluator-optimizer, dag-orchestration, worker-reviewer-pipeline, reasoning-sandwich, pipeline, fsd, and more |
145
145
  | Development | 10 | dev-review, dev-refactor, analysis, create-agent, intent-detection, web-design-guidelines, omcodex:takeover, skill-extractor, pre-generation-arch-check, idea |
146
146
  | Operations | 10 | update-docs, audit-agents, sauron-watch, monitoring-setup, token-efficiency-audit, fix-refs, release-notes, and more |
147
147
  | Memory | 3 | memory-save, memory-recall, memory-management |
@@ -172,6 +172,7 @@ All commands are invoked inside the oh-my-customcodex GPT Codex + OMX session.
172
172
  | `/pre-generation-arch-check` | Check architecture risks before implementation |
173
173
  | `/adversarial-review` | Attacker-mindset security code review |
174
174
  | `/omcustomcodex:goal` | Keep a concrete objective in view through planning, execution, and verification |
175
+ | `/omcustomcodex:fsd` | Full Self Driving release loop: repeat `/pipeline auto-dev` + `/homework` until eligible issues are exhausted |
175
176
  | `/pipeline` | Execute YAML-defined pipelines |
176
177
  | `/pipeline resume` | Resume a halted pipeline from last failure point |
177
178
 
@@ -217,15 +218,15 @@ All commands are invoked inside the oh-my-customcodex GPT Codex + OMX session.
217
218
 
218
219
  ---
219
220
 
220
- ### Rules (22)
221
+ ### Rules (23)
221
222
 
222
223
  | Priority | Count | Purpose |
223
224
  |----------|-------|---------|
224
225
  | **MUST** | 14 | Safety, permissions, agent design, identification, orchestration, verification, completion, enforcement |
225
- | **SHOULD** | 6 | Interaction, error handling, memory, HUD, ecomode, ontology routing |
226
+ | **SHOULD** | 7 | Interaction, error handling, memory, HUD, ecomode, ontology routing, verification ladder |
226
227
  | **MAY** | 1 | Optimization |
227
228
 
228
- Key rules: R010 (orchestrator never writes files), R009 (parallel execution mandatory), R017 (sauron verification before push), R020 (completion verification before declaring done), R021 (advisory-first enforcement model).
229
+ Key rules: R010 (orchestrator never writes files), R009 (parallel execution mandatory), R017 (sauron verification before push), R020 (completion verification before declaring done), R021 (advisory-first enforcement model), R023 (verification ladder).
229
230
 
230
231
  ---
231
232
 
@@ -281,14 +282,14 @@ your-project/
281
282
  ├── AGENTS.md # Entry point
282
283
  ├── .codex/
283
284
  │ ├── agents/ # 50 agent definitions
284
- │ ├── rules/ # 22 governance rules (R000-R021)
285
+ │ ├── rules/ # 23 governance rules (R000-R023)
285
286
  │ ├── hooks/ # 15 lifecycle hook scripts
286
287
  │ ├── schemas/ # Tool input validation schemas
287
288
  │ ├── specs/ # Extracted canonical specs
288
289
  │ ├── contexts/ # 4 shared context files
289
290
  │ └── ontology/ # Knowledge graph for RAG
290
291
  ├── .agents/
291
- │ └── skills/ # 121 installed skill modules
292
+ │ └── skills/ # 122 installed skill modules
292
293
  └── guides/ # 52 reference documents
293
294
  ```
294
295
 
package/dist/cli/index.js CHANGED
@@ -3091,7 +3091,7 @@ var init_package = __esm(() => {
3091
3091
  workspaces: [
3092
3092
  "packages/*"
3093
3093
  ],
3094
- version: "0.5.20",
3094
+ version: "0.5.22",
3095
3095
  requiresCC: ">=2.1.121",
3096
3096
  claudeCode: {
3097
3097
  minimumVersion: "2.1.121",
@@ -26418,6 +26418,17 @@ function isCacheFresh(cache, now, cacheTtlMs) {
26418
26418
  }
26419
26419
  return now - checkedAt < cacheTtlMs;
26420
26420
  }
26421
+ function readFreshPlausibleCachedVersion(cachePath, currentVersion, now, cacheTtlMs) {
26422
+ const cache = readCache(cachePath);
26423
+ if (!cache || !isCacheFresh(cache, now, cacheTtlMs)) {
26424
+ return null;
26425
+ }
26426
+ const cachedVersion = normalizeVersion(cache.latestVersion);
26427
+ if (!cachedVersion || !isVersionPlausible(currentVersion, cachedVersion)) {
26428
+ return null;
26429
+ }
26430
+ return cachedVersion;
26431
+ }
26421
26432
  function fetchLatestVersionFromNpm(packageName = DEFAULT_PACKAGE_NAME) {
26422
26433
  try {
26423
26434
  const output = execSync2(`npm view ${packageName} version --json`, {
@@ -26534,7 +26545,8 @@ function executeSelfUpdate(options = {}) {
26534
26545
  if (!options.silent) {
26535
26546
  console.log(i18n.t("cli.selfUpdate.updatingGlobal", { version: latestVersion }));
26536
26547
  }
26537
- const installed = installGlobalPackage(packageName, latestVersion, options.silent ?? false);
26548
+ const installPackage = options.installPackage || installGlobalPackage;
26549
+ const installed = installPackage(packageName, latestVersion, options.silent ?? false);
26538
26550
  if (installed) {
26539
26551
  if (!options.silent) {
26540
26552
  console.log(i18n.t("cli.selfUpdate.updated", { version: latestVersion }));
@@ -26563,20 +26575,13 @@ function checkSelfUpdate(options) {
26563
26575
  reason: "invalid-current-version"
26564
26576
  };
26565
26577
  }
26566
- let latestVersion = null;
26567
- let usedCache = false;
26568
- const cache = readCache(cachePath);
26569
- if (cache && isCacheFresh(cache, now, cacheTtlMs)) {
26570
- const cachedVersion = normalizeVersion(cache.latestVersion);
26571
- if (isVersionPlausible(currentVersion, cachedVersion)) {
26572
- latestVersion = cachedVersion;
26573
- usedCache = true;
26574
- }
26575
- }
26578
+ let latestVersion = readFreshPlausibleCachedVersion(cachePath, currentVersion, now, cacheTtlMs);
26579
+ const usedCache = Boolean(latestVersion);
26576
26580
  if (!latestVersion) {
26577
26581
  const fetched = fetchLatestVersion(packageName);
26578
- if (fetched && isVersionPlausible(currentVersion, fetched)) {
26579
- latestVersion = fetched;
26582
+ const fetchedVersion = fetched ? normalizeVersion(fetched) : "";
26583
+ if (fetchedVersion) {
26584
+ latestVersion = fetchedVersion;
26580
26585
  writeCache(cachePath, latestVersion, now);
26581
26586
  }
26582
26587
  }
package/dist/index.js CHANGED
@@ -2316,7 +2316,7 @@ var package_default = {
2316
2316
  workspaces: [
2317
2317
  "packages/*"
2318
2318
  ],
2319
- version: "0.5.20",
2319
+ version: "0.5.22",
2320
2320
  requiresCC: ">=2.1.121",
2321
2321
  claudeCode: {
2322
2322
  minimumVersion: "2.1.121",
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "workspaces": [
4
4
  "packages/*"
5
5
  ],
6
- "version": "0.5.20",
6
+ "version": "0.5.22",
7
7
  "requiresCC": ">=2.1.121",
8
8
  "claudeCode": {
9
9
  "minimumVersion": "2.1.121",
@@ -24,11 +24,10 @@ tools: [Read, Write, ...] # Allowed tools
24
24
  | `opus` | claude-opus-4-6 | Complex reasoning, architecture |
25
25
  | `opusplan` | claude-opus-4-6 + plan mode | Architecture planning with approval gates |
26
26
  | `opus47` | claude-opus-4-7 | Latest Opus model, supports xhigh effort |
27
-
28
27
  Extended context suffix: `[1m]` (e.g., `claude-opus-4-6[1m]`) — enables 1M token context window.
29
28
 
30
29
  <!-- DETAIL: Fallback Models and Thinking Toggle (Claude Code v2.1.166+)
31
- Claude compatibility settings can declare up to three `fallbackModel` entries tried in order when the primary Claude model is overloaded or unavailable. `--fallback-model` also applies to interactive Claude sessions. Treat this as platform availability failover, not Codex-native model routing or outcome-based escalation. Claude Code v2.1.166+ also supports disabling default thinking with `MAX_THINKING_TOKENS=0`, `--thinking disabled`, or the per-model thinking toggle. Codex-native agents continue to use the OMX model contract and `reasoning_effort` routing.
30
+ Claude compatibility settings can declare up to three `fallbackModel` entries tried in order when the primary Claude model is overloaded or unavailable. `--fallback-model` also applies to interactive Claude sessions. Treat this as platform availability failover, not Codex-native model routing or outcome-based escalation. Claude Code v2.1.166+ also supports disabling default thinking with `MAX_THINKING_TOKENS=0`, `--thinking disabled`, or the per-model thinking toggle. Claude Code v2.1.169+ adds `--safe-mode` / `CLAUDE_CODE_SAFE_MODE` to disable customizations for regression isolation, plus `disableBundledSkills` / `CLAUDE_CODE_DISABLE_BUNDLED_SKILLS` to hide bundled skills/workflows/slash commands when they conflict with project skills. Codex-native agents continue to use the OMX model contract and `reasoning_effort` routing.
32
31
  -->
33
32
 
34
33
  ### Optional Frontmatter
@@ -88,6 +87,8 @@ This Codex port ships `.claude` compatibility templates. When updating those tem
88
87
  - v2.1.162: `claude agents --json` includes waiting/blocker metadata and explicit `--tools Grep/Glob` behavior is fixed; compatibility prompts may use those fields when diagnosing stuck Claude sessions.
89
88
  - v2.1.163: managed `requiredMinimumVersion`/`requiredMaximumVersion`, `/plugin list`, Stop/SubagentStop `hookSpecificOutput.additionalContext`, and skill command literal `\$` escaping are available. Hook/skill template changes should preserve these affordances.
90
89
  - v2.1.165: bug-fix/reliability release; no local template change required beyond compatibility confirmation. v2.1.166: fallbackModel availability failover and thinking-disable controls are Claude compatibility settings, not Codex/OMX routing. v2.1.167/v2.1.168: bug-fix-only compatibility confirmation.
90
+ - v2.1.169: `--safe-mode` / `CLAUDE_CODE_SAFE_MODE` disables all customizations for Claude regression isolation; `disableBundledSkills` / `CLAUDE_CODE_DISABLE_BUNDLED_SKILLS` hides bundled skills/workflows/slash commands from the model. Keep distinct from advisory `skills:` frontmatter metadata.
91
+ - v2.1.170: Claude compatibility sessions gain access to the `fable` alias (`claude-fable-5`) and fix a VS Code integrated-terminal transcript persistence bug. Skills that rely on transcript replay (for example `homework`) should prefer v2.1.170+ in Claude-template sessions. No Codex runtime model-routing change.
91
92
  -->
92
93
 
93
94
  ## Hook Event Types
@@ -8,6 +8,18 @@
8
8
 
9
9
  Available when `OMCODEX_AGENT_TEAMS=1` or `TeamCreate` / `SendMessage` exists.
10
10
 
11
+ ## Gate Transparency Scope
12
+
13
+ R018 gate-transparency announcements apply only when Agent Teams are enabled or callable; otherwise R009 parallel-execution announcements are sufficient.
14
+
15
+ <!--
16
+ DETAIL: Gate Transparency Scope
17
+ | Runtime state | Required |
18
+ |---------------|----------|
19
+ | Agent Teams enabled/callable | Announce the R018 gate result for qualifying 3+ agent dispatches |
20
+ | Agent Teams disabled/unavailable | Use R009 `[N]` dispatch format and state the fallback only if useful for clarity |
21
+ -->
22
+
11
23
  ## Decision Matrix
12
24
 
13
25
  | Scenario | Preferred | Reason |
@@ -37,6 +49,10 @@ Do not confuse these mechanisms.
37
49
  Claude Code v2.1.166+ no longer propagates user authority through cross-session relays: permission requests relayed from another session are refused, and auto mode blocks them. A relayed message from session A cannot grant session B permissions the user did not authorize in session B. This hardens `send_message` / peer relay against privilege escalation. Intra-session Agent Teams `SendMessage` is unaffected, but privileged actions still require authority in the receiving session.
38
50
  -->
39
51
 
52
+ <!-- DETAIL: Claude Agent Session Ground Truth (Claude Code v2.1.169+)
53
+ Claude Code v2.1.169+ makes `claude agents --json` include blocked and just-dispatched background sessions, adds `--all` for completed sessions, and includes `id` plus `state`. In Claude-template Agent Teams compatibility checks, prefer `--all` + `state` as ground truth for blocked/running/completed instead of inferring completion from a member disappearing from the active list. Codex/OMX sessions should use their native runtime state plus deterministic repository evidence.
54
+ -->
55
+
40
56
  ## Self-Check Before Agent Tool
41
57
 
42
58
  Quick rule: explicit user preference for plain subagents wins. Otherwise use Teams for 3+ agents, review cycles, shared state, complex debugging, dynamic creation, or multi-issue batches; use Agent Tool for 1-2 simple tasks, sequential scaffolding, or mechanical disjoint-file batches with explicit scopes.
@@ -67,6 +67,29 @@ Parallel batches return results together, so a same-batch permanent dispatch pro
67
67
 
68
68
  Example: do not diagnose `triage-dispatch.yml` from memory, create an issue, and delegate a fix in the same parallel call before reading the workflow. If the read later shows a different root cause, the issue, PR, and commit trail become correction debt even when the eventual code direction is acceptable.
69
69
 
70
+ ### Proxy Signal vs Canonical Ground-Truth
71
+
72
+ When diagnosing pipeline or data state, verify the canonical store — the authoritative DB, registry, API, or system-of-record — before characterizing state from a secondary proxy such as a `.txt` artifact, filesystem mtime, cached file, or one ingestion path.
73
+
74
+ | Anti-pattern | Required |
75
+ |--------------|----------|
76
+ | Characterize pipeline health from a filesystem proxy | Query the canonical store first |
77
+ | Generalize one ingestion path's failure to the whole pipeline | Check the final landing store across all relevant paths before alarming or reprocessing |
78
+
79
+ A single path's failure does not prove the whole multi-path system is down.
80
+
81
+ ## Config-Schema-Before-Edit
82
+
83
+ Before planning edits to configuration that participates in an override, precedence, inheritance, provider, endpoint, credential, or multi-key chain, read the full config schema and precedence chain first. Do not plan partial edits before understanding which fields override which.
84
+
85
+ This applies when a change touches interdependent fields such as provider + `base_url`, endpoint overrides, multi-key fallback, or layered defaults. A single independent field edit does not require a full-schema read.
86
+
87
+ | Anti-pattern | Required |
88
+ |--------------|----------|
89
+ | Plan a provider/endpoint switch as N commands without reading the override chain | Read schema and precedence → enumerate every touched field, including `base_url` → then plan |
90
+
91
+ Sibling discipline to Read-Before-Characterize: diagnosis must read evidence before labeling; config edits must read precedence before planning.
92
+
70
93
  ## Degraded-Output Re-Verification Gate
71
94
 
72
95
  When tool output shows provider instability, buffering, truncation, duplicated chunks, `529`, timeout recovery, or `(no result)` while a permanent action is being considered, treat the current read as degraded. Do not characterize corruption, missing files, stale state, release failure, or data loss from that single degraded read.
@@ -164,6 +187,17 @@ When a user sends a new instruction while work is in progress, completion status
164
187
  3. If the new message adds a requirement, add it to the completion contract before closing.
165
188
  4. If no conflict exists, continue but explicitly preserve the new requirement in the next verification pass.
166
189
 
190
+ ### Interrupt ≠ Prior-Request Cancellation
191
+
192
+ If the first message after an interrupt is ambiguous, do not assume the prior request was cancelled. The user may be continuing a multi-message request, correcting input, or starting a new request. Keep the prior non-destructive context alive and ask once only when the new message cannot be classified as a clear instruction.
193
+
194
+ **Safety carve-out:** if the interrupted work is destructive or irreversible (`git reset --hard`, `git clean -fd`, broad `rm`, force push, tunnel/DNS/k8s/infra deletion, production state changes), halt first and require explicit re-authorization before resuming. Interrupts retain their emergency-stop value for risky work.
195
+
196
+ | Anti-pattern | Required |
197
+ |--------------|----------|
198
+ | Treat an ambiguous interrupt as cancellation and switch to unrelated work | Preserve context and clarify intent once |
199
+ | Continue destructive work after an ambiguous interrupt | Stop immediately; resume only after explicit re-authorization |
200
+
167
201
  ### Tool-Call Payload Completeness
168
202
 
169
203
  도구 호출의 required 파라미터는 invoke 전에 확인한다(완료 선언 후가 아니라 호출 시점의 전제조건). announce(prefix)만 출력하고 payload의 required 필드를 누락하는 패턴은 R008 "Required-Parameter Completeness Check"가 canonical owner다. Reference: #1487 / upstream #1324.
@@ -212,6 +246,30 @@ Related memory records:
212
246
  - `feedback_subagent_pre_existing_claims.md` — subagent false-positive pattern
213
247
  -->
214
248
 
249
+ ## CI Publish-Step Error vs Published-Artifact Ground Truth
250
+
251
+ A CI publish/deploy step that logs an error has not necessarily failed. The step may recover through a fallback or the error may be non-fatal. Before declaring a publish/release failed, re-running it, rolling it back, or changing release workflow logic, verify the published artifact directly.
252
+
253
+ | Publish target | Ground-truth check |
254
+ |----------------|--------------------|
255
+ | npm | `npm view <pkg> version` equals expected |
256
+ | GitHub Release | `gh release view <tag>` exists and is not draft |
257
+ | Docker/registry image | image tag or manifest exists |
258
+ | Run outcome | `gh run view <id> --json jobs` conclusions, not one step log line |
259
+
260
+ ## State-Change Claim → Live System Verification
261
+
262
+ Before closing or marking-done a task that claims an infrastructure/resource state change, verify the actual live system state rather than only the command attempt.
263
+
264
+ | Claimed state change | Live ground-truth check |
265
+ |----------------------|-------------------------|
266
+ | Service stopped | `launchctl list`, `systemctl status`, or equivalent shows inactive/absent |
267
+ | k8s resource torn down | `kubectl get <resource>` returns NotFound |
268
+ | Container removed | `docker ps -a` does not list it |
269
+ | Process killed | `pgrep`/`ps` check returns empty |
270
+
271
+ "Issued the teardown" is not evidence that the resource is down.
272
+
215
273
  ## Integration
216
274
 
217
275
  | Rule | Interaction |
@@ -73,6 +73,19 @@ R001-listed catastrophic git operations (`git reset --hard`, `git clean -fd`, `g
73
73
 
74
74
  Boundary: this rule governs model behavior only. It cannot suppress Codex/Claude runtime auto-mode permission prompts. For genuine prompt suppression on a repeated destructive command, surface the scoped settings/permission-rule workaround for the specific command instead of re-asking the same high-level question.
75
75
 
76
+ ## User-Provided Input Precedence
77
+
78
+ When the user explicitly provides new input (credentials, config values, IdP, API keys, endpoints), applying that new input takes precedence over idempotent "reuse existing" logic. After applying, verify the change took effect using only non-secret identifiers such as `client_id`, endpoint URL, key fingerprint/last-4, or a side-effect probe. Never echo secret values into the transcript.
79
+
80
+ | Anti-pattern | Required |
81
+ |--------------|----------|
82
+ | "An existing X is present → reuse it" when the user just supplied a new X | Apply the user-supplied X; reuse only when the user supplied nothing |
83
+ | User-supplied X equals the existing X | Treat as an idempotent no-op; do not re-provision |
84
+ | User supplies only a subset of fields | Apply supplied fields; reuse existing values only for unsupplied fields |
85
+ | Apply new credential, assume it took effect | Verify via non-secret identifier match or side-effect probe |
86
+
87
+ Cross-reference: R001 credential guardrails and R020 actual-outcome verification.
88
+
76
89
  ## Structured Question Failure Discipline
77
90
 
78
91
  When a structured question surface (`AskUserQuestion`, `omx question`, or native structured input) is rejected, unavailable, or malformed, the orchestrator must not silently downgrade to a different workflow.
@@ -210,6 +210,19 @@ When announcing a parallel dispatch in prose text (not the Agent tool call itsel
210
210
  The list form mirrors the tool-call `[N]` prefix pattern and scales better to 3+ concurrent agents.
211
211
  -->
212
212
 
213
+ <!--
214
+ DETAIL: Parallel Feature Integration Gate
215
+
216
+ ## Parallel Feature Integration Gate
217
+
218
+ When parallel feature agents edit interdependent code, isolated passes are not enough: run aggregate build plus runtime/smoke verification on the merged worktree before declaring done.
219
+
220
+ | Anti-pattern | Required |
221
+ |--------------|----------|
222
+ | Accept each subagent's isolated pass as release-ready | Re-run aggregate verification on the merged worktree |
223
+ | Skip runtime smoke because every file-domain lane passed | Smoke the integrated feature path or device/browser/app surface |
224
+ -->
225
+
213
226
  ## Result Aggregation
214
227
 
215
228
  ```
@@ -17,6 +17,23 @@
17
17
  - Do not rotate, delete, recreate, or replace credentials unless the user explicitly requested that exact credential action.
18
18
  - Before irreversible action on shared infrastructure or credentials, reconfirm the target, namespace/account/project, requested scope, rollback path, and user authorization.
19
19
  - Stop instead of chaining privileged actions when the next step would affect a different credential, tunnel, namespace, pod, cluster, account, or shared service than the user requested.
20
+ - When a credential/token is needed, ask for the specific value or file before running blind discovery scans (`env | grep`, repo-wide token greps, credential-store dumps). If a classifier blocks a credential action once while a standing user-deny is active, switch to a user-runs command and do not retry by another mechanism.
21
+
22
+ ### Standing User-Deny + Classifier Block
23
+
24
+ When the user has a standing "do not touch X" constraint and a safety classifier blocks an action on X once, immediately switch to a user-runs command/instruction path. Do not retry the blocked edit, scan, or credential action via another mechanism.
25
+
26
+ ### Infra-Diagnostic File Checks — Metadata, Not Contents
27
+
28
+ When diagnosing infrastructure or health issues (502s, container state, env/config presence), file checks must stay metadata-only: `ls -la` for existence, size, permissions, and mtime. Do not `cat .env`, inspect credential JSON keys, parse secret-bearing files, or read secret contents into the transcript just to confirm configuration exists.
29
+
30
+ | Anti-pattern | Required |
31
+ |--------------|----------|
32
+ | `cat .env` / inspect OAuth or credential keys during a health diagnosis | `ls -la .env` or request the exact value from the user if genuinely needed |
33
+
34
+ ### Infra/Resource Deletion Blast Radius
35
+
36
+ Before deleting shared infrastructure resources (tunnels, DNS records, k8s resources, load balancers, security groups), enumerate every endpoint, route, selector, target, or rule served by that resource — not only the hostname or object the user named. Prefer reversible disable/detach/stop actions when they satisfy the task.
20
37
 
21
38
  ## Required Before Destructive Operations
22
39
 
@@ -26,6 +26,9 @@
26
26
  | Clear | Execute immediately |
27
27
  | Ambiguous | `[Confirm] Understood "{request}" as {interpretation}. Proceed?` |
28
28
  | Risky | `[Warning] This action has {risk}. Continue? Yes: {action} / No: Cancel` |
29
+ | Interrupt (ambiguous first message) | Do not assume the prior request is cancelled. The first message after an interrupt may be continuation, correction, or a new request. If the in-progress action is risky/destructive, apply the Risky row first and halt before clarification. |
30
+
31
+ Request handling precedence: **Risky > Interrupt > Ambiguous > Clear**. Clear new instructions should still be executed directly; the interrupt row exists only for ambiguous first messages after an interruption.
29
32
 
30
33
  ## External Product UI Claims
31
34
 
@@ -22,6 +22,20 @@ Agent frontmatter `memory: project|user|local` enables persistent memory:
22
22
  | `project` | `.codex/agent-memory/<name>/` | Yes |
23
23
  | `local` | `.codex/agent-memory-local/<name>/` | No |
24
24
 
25
+ <!--
26
+ DETAIL: Project memory root guard
27
+
28
+ ## Subagent `memory: project` Source-Tree Pollution Guard
29
+
30
+ A subagent working from a subdirectory must not create nested `.codex/agent-memory/` or `.claude/agent-memory/` directories inside source packages.
31
+
32
+ | Anti-pattern | Required |
33
+ |--------------|----------|
34
+ | Accept nested `src/**/.codex/agent-memory/` or `src/**/.claude/agent-memory/` created by a worker | Verify memory writes land at project-root `.codex/` (or template-root `.claude/` for compatibility) and remove nested memory directories before commit |
35
+
36
+ Before committing subagent work, check for nested memory pollution with a targeted search such as `find . \\( -path '*/src/*/.codex/agent-memory' -o -path '*/src/*/.claude/agent-memory' \\) -print`.
37
+ -->
38
+
25
39
  ## When to Use Searchable MCP Memory
26
40
 
27
41
  | Scenario | Native | AgentMemory-compatible / omx-memory |
@@ -0,0 +1,124 @@
1
+ # [SHOULD] Verification Ladder Rules
2
+
3
+ > **Priority**: SHOULD | **ID**: R023
4
+ > **Codex port**: `.codex/**` is the active rule/runtime surface; `templates/.claude/**` mirrors compatibility guidance.
5
+
6
+ ## Core Rule
7
+
8
+ 검증은 비용/속도 ladder로 구성한다: **결정론적 검사 → cheap LLM → expensive LLM → human**. 가장 저렴한 tier가 먼저 통과해야 다음 tier로 진행한다. 더 낮은 tier에서 잡을 수 있는 문제를 더 비싼 tier에 보내지 않는다.
9
+
10
+ ## Ladder Tiers
11
+
12
+ | Tier | 도구 | 비용 | 속도 | 적용 시점 |
13
+ |------|------|------|------|-----------|
14
+ | **1: Deterministic** | hooks, linters, type-check, JSON schema | $0 | <1s | Pre-write, write-time |
15
+ | **2: Cheap LLM** | haiku-based skills (`dev-review`, `action-validator`) | $ | <30s | Per-file review |
16
+ | **3: Expensive LLM** | sonnet/opus skills (`deep-verify`, `adversarial-review`, `multi-model-verification`, `evaluator-optimizer`) | $$$ | 1-5분 | Pre-commit, PR review |
17
+ | **4: Human** | maintainer review | time | hours-days | Final gate, contested decisions |
18
+
19
+ ## Shift-left 원칙
20
+
21
+ 결정론적 단계가 잡을 수 있는 문제는 LLM에 보내지 않는다. LLM 검증은 ambiguous/semantic 문제에 집중한다.
22
+
23
+ - **좋은 예**: JSON schema 오류 → Tier 1 hook이 차단 → LLM에 미전달
24
+ - **나쁜 예**: 탭/스페이스 혼용 오류 → sonnet으로 전달 → 불필요한 비용 발생
25
+
26
+ R013 (SHOULD-ecomode)의 "저렴한 검증 우선" 원칙과 정합: ecomode는 출력 토큰을 절약하고, R023은 검증 비용을 절약한다.
27
+
28
+ ## 기존 자산 매핑
29
+
30
+ | Tier | 자산 | 역할 |
31
+ |------|------|------|
32
+ | **Tier 1** | `.codex/hooks/ (and mirrored templates/.claude/hooks/)` (PreToolUse hooks) | 도구 호출 전 결정론적 차단 |
33
+ | **Tier 1** | `mgr-sauron` (R017 구조 검증) | 에이전트/스킬/가이드 frontmatter 검증 |
34
+ | **Tier 1** | pre-commit configs, linters | 코드 품질 정적 검사 |
35
+ | **Tier 2** | `dev-review` | 파일 단위 haiku 코드 리뷰 |
36
+ | **Tier 2** | `action-validator` | CI/CD 액션 구문 검증 |
37
+ | **Tier 2** | `pre-generation-arch-check` | 생성 전 아키텍처 lite 점검 |
38
+ | **Tier 3** | `deep-verify` | 다단계 품질 검증 (sonnet) |
39
+ | **Tier 3** | `adversarial-review` | 공격자 시각 보안 리뷰 (opus) |
40
+ | **Tier 3** | `multi-model-verification` | 복수 모델 교차 검증 |
41
+ | **Tier 3** | `evaluator-optimizer` | 평가-개선 반복 루프 |
42
+ | **Tier 3** | `worker-reviewer-pipeline` | 구현-리뷰 파이프라인 |
43
+ | **Tier 4** | maintainer manual review | PR approval, final gate |
44
+
45
+ ## R021과의 관계
46
+
47
+ R021 (MUST-enforcement-policy)과 R023은 **직교**한다. 두 규칙은 서로 다른 차원을 다룬다:
48
+
49
+ | 규칙 | 질문 | 차원 |
50
+ |------|------|------|
51
+ | **R021** | "어떻게 강제할 것인가?" | Hard block / Soft block / Advisory |
52
+ | **R023** | "어떤 비용으로 검증할 것인가?" | Deterministic / Cheap LLM / Expensive LLM |
53
+
54
+ 같은 도구가 두 규칙에 동시에 속할 수 있다:
55
+
56
+ - `mgr-sauron`: R021 관점에서 Advisory (PostToolUse hook), R023 관점에서 Tier 1 (구조 검증)
57
+ - `deep-verify`: R021 관점에서 Prompt-based (blocking 없음), R023 관점에서 Tier 3 (expensive LLM)
58
+ - `.codex/hooks/ (and mirrored templates/.claude/hooks/)` stage-blocker: R021 관점에서 Hard Block, R023 관점에서 Tier 1
59
+
60
+ R021은 위반 시 어떻게 멈출지를, R023은 어떤 순서로 검증할지를 정의한다.
61
+
62
+ ## Self-Check
63
+
64
+ 새 검증 도구 추가 시:
65
+
66
+ - [ ] 어느 tier에 속하는지 명확한가?
67
+ - [ ] 같은 tier 내 중복 도구는 없는가?
68
+ - [ ] Tier 1에서 잡을 수 있는 문제를 다루는가? (상위 tier 대신 시프트 권고)
69
+ - [ ] Ladder 순서를 문서화했는가? (어떤 검사를 먼저 실행하는지)
70
+
71
+ ## Safety-Signal Rule Authoring — Carve-Out Pre-Check (shift-left)
72
+
73
+ > Origin: #1353 (인터럽트 룰 #1341의 후속 회고에서 발견된 R001 carve-out 누락) — 인터럽트 룰(R003/R020)을 작성할 때 R001 파괴적-작업 carve-out을 1차 작성에서 빠뜨렸고, Tier 3 적대적 검증이 release-blocking으로 포착해 보정했다. Tier 3가 잡았으나, 같은 결함을 Tier 1(작성 시점 결정론적 점검)로 시프트하면 비용이 낮다.
74
+
75
+ 런타임 안전-신호 동작을 정의하는 룰(인터럽트·취소·halt·중단·emergency-stop 등)을 추가/수정할 때, 작성 단계(Tier 1)에서 다음을 사전 점검한다 — Tier 3 적대적 검증에 의존하기 전에 (이 checklist 같은 메타-룰은 대상 아님):
76
+
77
+ - [ ] 이 룰이 R001 파괴적·비가역 작업(`git reset --hard`, `clean -fd`, `rm`, 터널/DNS/k8s/인프라 삭제) 컨텍스트에서도 안전한가? (fail-closed carve-out 필요 여부)
78
+ - [ ] "진행/계속(proceed)" 류 지시의 대상이 파괴적 작업의 계속으로 오독될 여지가 없는가?
79
+ - [ ] 안전-신호의 fail-safe 의미(emergency-halt)를 약화시키지 않는가? (stop-first ask-after 우선)
80
+ - [ ] 기존 안전 규칙(R001/R002)과의 우선순위가 명시되어 있는가?
81
+
82
+ 하나라도 불확실하면 **먼저 carve-out을 명시(Tier 1 우선 해결)**하고, 그래도 불확실하면 Tier 3 적대적 검증(`adversarial-review`, `multi-model-verification`)을 통과시킨 뒤 release한다 (ladder 순서 유지). 이는 R023 shift-left 원칙(저렴한 tier 우선)을 룰 작성 자체에 적용한 것이며, R016 룰 작성 워크플로우의 Tier-1 품질 게이트로 동작한다 (R016은 위반 후 룰 업데이트 소유, R023 carve-out은 안전-신호 룰 작성 시 사전 점검 — 직교). Closes #1353.
83
+
84
+ ## Integration
85
+
86
+ | 규칙 | 상호작용 |
87
+ |------|---------|
88
+ | R009 (Parallel Execution) | Tier 1-2 검사는 독립 파일에 대해 병렬 실행 가능 |
89
+ | R013 (Ecomode) | 컨텍스트 압박 시 Tier 3를 Tier 2로 다운그레이드 고려 |
90
+ | R017 (Sync Verification) | Phase 1-3 검증 단계는 R023 Tier 1-3에 대응 |
91
+ | R021 (Enforcement Policy) | 직교: R021은 blocking 방식, R023은 검증 비용 순서 |
92
+
93
+ ## Workflow Prompt & Verifier Ground-Truth
94
+
95
+ > Origin: #1266 ③ (High) — a Workflow built the agent prompt as `await agent(prompt) + FACTS`, concatenating the guardrail fact-sheet onto the RETURN VALUE instead of the prompt. The writer never received the facts, hallucinated an in-cluster hostname (`secretary-mcp`), and the adversarial verifier couldn't catch it (the fact was in no source it had).
96
+
97
+ ### Prompt Completion Before Call
98
+
99
+ Workflow/agent prompts MUST be fully assembled into the prompt string **before** the `agent()` / Agent tool call. Post-call concatenation onto the return value is a footgun — the agent never sees the appended content.
100
+
101
+ | Anti-pattern | Required |
102
+ |--------------|----------|
103
+ | `const r = await agent(prompt) + FACTS` | `const r = await agent(prompt + FACTS)` — assemble first |
104
+
105
+ ### Workflow Script Sanity Check
106
+
107
+ Before invoking a Workflow script, deterministically verify:
108
+
109
+ | Check | Why |
110
+ |-------|-----|
111
+ | No unresolved placeholders (`{phase1_summary}`, `TODO`, `<...>`, `{{ }}`) remain in any agent prompt string | An unfilled placeholder reaches the agent verbatim → garbled task |
112
+ | Template-literal / string concatenation produces the intended prompt (assemble-before-call, see above) | Post-call concatenation (`agent(prompt) + FACTS`) silently drops content |
113
+ | Script parses — balanced braces/quotes, valid JS | A syntax error aborts the entire run after partial work |
114
+
115
+ #### Common Violation (#1271)
116
+ Session 106 follow-up to #1266 ③: a Workflow authoring error recurred — the guardrail fact-sheet was concatenated onto the agent's RETURN VALUE instead of the prompt string, and a placeholder/assembly slip went uncaught because no pre-run sanity check existed. This check is the deterministic Tier-1 guard that catches such slips before the expensive run.
117
+
118
+ Origin: #1271 (Workflow authoring error recurrence, session 106).
119
+
120
+ ### Verifier Ground-Truth for Cross-Cutting Facts
121
+
122
+ Cross-cutting facts not verifiable from the primary source (external URLs, in-cluster DNS/hostnames, infra topology) MUST be supplied to the verifier as explicit ground-truth. Otherwise an adversarial verifier cannot distinguish a hallucinated value from a correct one — a verification blind spot.
123
+
124
+ Cross-reference: R009 (giant-prompt decomposition), `worker-reviewer-pipeline` skill.
@@ -124,6 +124,14 @@ rules:
124
124
  priority: SHOULD
125
125
  scope: all
126
126
 
127
+ # Verification Ladder - SHOULD
128
+ - id: R023
129
+ name: verification-ladder
130
+ title: Verification Ladder Rules
131
+ path: ./SHOULD-verification-ladder.md
132
+ priority: SHOULD
133
+ scope: all
134
+
127
135
  # Agent Teams - MUST (Conditional)
128
136
  - id: R018
129
137
  name: agent-teams
@@ -0,0 +1,137 @@
1
+ ---
2
+ name: omcustomcodex:fsd
3
+ description: Full Self Driving — autonomous release loop that processes all auto-dev-eligible GitHub issues until none remain, by repeatedly running /pipeline auto-dev then /homework.
4
+ scope: harness
5
+ user-invocable: true
6
+ argument-hint: "[<max-releases>]"
7
+ version: 0.1.0
8
+ effort: high
9
+ ---
10
+
11
+ # /omcustomcodex:fsd — Full Self Driving
12
+
13
+ Autonomous release loop. Equivalent to running:
14
+
15
+ ```
16
+ /omcustomcodex:goal "모든 이슈가 처리될 때까지" /omcustomcodex:loop "/pipeline auto-dev -> /homework"
17
+ ```
18
+
19
+ This is a **thin alias / orchestrator skill**. It does not implement loop, issue-polling, release, or verification logic — it delegates entirely to existing skills.
20
+
21
+ ## Usage
22
+
23
+ ```
24
+ /omcustomcodex:fsd # Run until all auto-dev-eligible issues are exhausted
25
+ /omcustomcodex:fsd 3 # Optional: cap at N releases (default: unlimited)
26
+ ```
27
+
28
+ No arguments are required. The default behavior runs until the auto-dev-eligible issue set is empty.
29
+
30
+ ## What It Does
31
+
32
+ FSD expands into:
33
+
34
+ 1. **`/omcustomcodex:goal` wrapper** — applies disciplined goal-to-execution workflow:
35
+ - Objective: "모든 이슈가 처리될 때까지"
36
+ - Delegates planning, gap detection, and R020 completion verification to the `goal` skill
37
+ 2. **`/omcustomcodex:loop` recurrence** — self-paced loop, each iteration runs:
38
+ 1. `/pipeline auto-dev` — full release pipeline for the next eligible issue or release unit
39
+ 2. `/homework` — retrospective 찐빠 audit gate
40
+
41
+ ### Loop Convergence
42
+
43
+ The loop converges naturally when the auto-dev-eligible issue set reaches 0. Issue eligibility follows `/pipeline auto-dev` label selection exactly:
44
+
45
+ - **Included**: `verify-ready` (preferred), unlabeled auto-dev candidates
46
+ - **Excluded**: `verify-done`, `needs-review`, `decision-needed` labels
47
+
48
+ Do NOT invent new label logic here — defer to the `pipeline` skill's auto-dev issue selection.
49
+
50
+ ### Iteration Flow (per iteration)
51
+
52
+ ```
53
+ [FSD Iteration N]
54
+ ├── /pipeline auto-dev → one release (PR create → merge → npm publish → milestone close)
55
+ ├── /homework → extract 찐빠, confirm gate (or --dry-run if requested)
56
+ └── Check: any eligible issues remain?
57
+ ├── YES → next iteration
58
+ └── NO → [FSD Done] converged naturally
59
+ ```
60
+
61
+ ## Safety and Discipline
62
+
63
+ Each iteration operates under full project rules — no relaxation because FSD is autonomous:
64
+
65
+ | Rule | Applies |
66
+ |------|---------|
67
+ | R001 (safety) | Destructive ops still require explicit approval. Credential guardrails always active. |
68
+ | R009 (parallel) | Independent subtasks within each pipeline iteration run in parallel. |
69
+ | R010 (orchestration) | File modifications follow repo delegation/ownership rules. |
70
+ | R017 (sync verification) | Structural verification passes before any commit. |
71
+ | R020 (completion verification) | Each release verified via `npm view`, `gh release view`, closed issues before `[Done]`. |
72
+
73
+ `/homework` runs as a **retrospective gate** between iterations — findings go through `omcustomcodex:feedback`'s preview/confirmation gate. The loop does NOT skip homework because it is "automated". If homework requires user confirmation, the loop pauses and waits.
74
+
75
+ If a release operation triggers the safety classifier, the current iteration stops and surfaces the block before continuing.
76
+
77
+ ## When to Use
78
+
79
+ | Scenario | Use FSD? |
80
+ |----------|----------|
81
+ | Multiple eligible issues ready to process autonomously | YES |
82
+ | Session where the user wants to "let it run" through the backlog | YES |
83
+ | Verifying the autonomous release loop pattern from session memory | YES |
84
+ | Single targeted issue fix | NO — use `/pipeline auto-dev` directly |
85
+ | Exploratory research / planning only | NO — use `/research` or `/deep-plan` |
86
+ | Only one issue and it needs human judgment | NO — use `/pipeline auto-dev` with manual oversight |
87
+
88
+ ## When NOT to Use
89
+
90
+ - When issues require stakeholder approval or design decisions before implementation
91
+ - When the issue set includes `decision-needed` or `needs-review` items only
92
+ - When cost sensitivity is high and the issue backlog is large — inspect the eligible set first before running FSD
93
+
94
+ ## Optional Release Cap
95
+
96
+ Pass a numeric argument to cap at N releases:
97
+
98
+ ```
99
+ /omcustomcodex:fsd 3 # Process at most 3 releases this FSD run
100
+ ```
101
+
102
+ The cap is advisory — the pipeline itself may stop earlier if the eligible set runs out before the cap is reached.
103
+
104
+ ## Session 114 Precedent
105
+
106
+ This skill was extracted from the upstream manual pattern used in Session 114 (2026-06-09):
107
+
108
+ ```
109
+ /goal "모든 이슈가 처리될 때까지" /loop "/pipeline auto-dev -> /homework"
110
+ ```
111
+
112
+ The Codex port keeps the intent but uses `omcustomcodex:` namespaced goal/loop surfaces to avoid native runtime command collisions.
113
+
114
+ ## Cross-References
115
+
116
+ | Skill / Rule | Role |
117
+ |--------------|------|
118
+ | `omcustomcodex:goal` | Disciplined goal-to-execution wrapper — objective parse, gap detection, R020 verification |
119
+ | `omcustomcodex:loop` | Session auto-continuation during background work |
120
+ | `pipeline` | `/pipeline auto-dev` — the core release pipeline per iteration |
121
+ | `homework` | Retrospective 찐빠 audit gate per iteration |
122
+ | R001 (safety) | Destructive ops require approval; credential guardrails |
123
+ | R009 (parallel execution) | Parallel subtasks within each pipeline iteration |
124
+ | R010 (orchestrator coordination) | File ownership and delegation discipline |
125
+ | R017 (sync verification) | Structural verification before commit/push |
126
+ | R020 (completion verification) | Actual outcome verified before declaring each release done |
127
+
128
+ ## Design Notes
129
+
130
+ This skill is intentionally a **thin alias**. It does NOT duplicate issue polling, loop cadence, release steps, retrospective analysis, or completion verification. If the underlying skills evolve, FSD automatically benefits.
131
+
132
+ ## Artifact Output
133
+
134
+ Artifacts from each iteration follow the constituent skills' conventions:
135
+
136
+ - Pipeline artifacts: `.codex/outputs/sessions/{YYYY-MM-DD}/pipeline-auto-dev-{HHmmss}.md`
137
+ - Homework artifacts: `.codex/outputs/sessions/{YYYY-MM-DD}/homework-{HHmmss}.md`
@@ -31,9 +31,11 @@ Quick Start:
31
31
  status Show system status
32
32
  help <command> Get help for a specific command
33
33
  /omcustomcodex:goal <objective> Run a goal-to-execution workflow
34
+ /omcustomcodex:fsd [max] Run the autonomous full-backlog release loop
34
35
 
35
36
  Common Commands:
36
37
  /omcustomcodex:goal Keep an objective through planning, execution, and verification
38
+ /omcustomcodex:fsd Repeat /pipeline auto-dev + /homework until eligible issues are exhausted
37
39
  /update-docs Sync documentation with project
38
40
  /update-external Update external agents
39
41
  /audit-agents Check agent dependencies
@@ -161,6 +161,17 @@ Invoke the `omcustomcodex:feedback` skill with the drafted issue content. The us
161
161
 
162
162
  If `--dry-run` is active, skip this phase and output the draft directly to the conversation instead.
163
163
 
164
+ ## Cross-Project Import Compatibility
165
+
166
+ When `homework` is imported into another project, Phase 5 depends on `omcustomcodex:feedback` being available and model-invocable in that project.
167
+
168
+ | Condition | Behavior |
169
+ |-----------|----------|
170
+ | `omcustomcodex:feedback` model-invocable | Use the normal Phase 4A preview + confirmation gate |
171
+ | feedback skill missing or model invocation disabled | Fall back to manual submission: present the drafted findings to the user, write the dry-run artifact when possible, and ask the user to file/run the feedback workflow themselves |
172
+
173
+ Do not silently drop a retrospective because the imported feedback skill cannot be invoked.
174
+
164
175
  ### Phase 6: Output Summary
165
176
 
166
177
  ```
@@ -28,6 +28,7 @@ System:
28
28
  status Show system status
29
29
  help Show help information
30
30
  /omcustomcodex:goal Run a goal-to-execution workflow
31
+ /omcustomcodex:fsd Run the autonomous full-backlog release loop
31
32
 
32
33
  Manager:
33
34
  /create-agent Create a new agent
@@ -57,6 +58,7 @@ System Commands:
57
58
  │ status │ Show system status and health checks │
58
59
  │ help │ Show help for commands and agents │
59
60
  │ /omcustomcodex:goal │ Run a goal-to-execution workflow │
61
+ │ /omcustomcodex:fsd │ Run full-backlog auto-dev loop │
60
62
  └─────────┴──────────────────────────────────────────────┘
61
63
 
62
64
  Manager Commands:
@@ -122,7 +122,7 @@ Guides:
122
122
  ✓ docker, aws
123
123
 
124
124
  Commands:
125
- system: lists, status, help, omcustomcodex:goal
125
+ system: lists, status, help, omcustomcodex:goal, omcustomcodex:fsd
126
126
  manager: create-agent, update-docs, update-external, audit-agents, fix-refs
127
127
  dev: dev-review, dev-refactor
128
128
 
@@ -2,6 +2,30 @@
2
2
 
3
3
  This guide records Claude Code release-note impact that affects the Claude compatibility template. The Codex-native runtime still uses `.codex/**` and OMX as the primary surface.
4
4
 
5
+ ## v2.1.170
6
+
7
+ Published: 2026-06-10.
8
+
9
+ Source: upstream oh-my-customcode #1352/#1354, Codex port #1504.
10
+
11
+ | Change | Impact on oh-my-customcodex | Action |
12
+ |--------|------------------------------|--------|
13
+ | Claude Fable 5 is available through the `fable` alias (`claude-fable-5`) | Useful only for packaged Claude compatibility sessions needing mythos-class reasoning; Codex-native subagents continue to use the OMX model contract and `reasoning_effort`. | Document in R006 as Claude-compatibility metadata. Do not change Codex routing defaults. |
14
+ | VS Code integrated-terminal sessions save transcripts correctly and show them in `--resume` | Improves Claude-template workflows that depend on transcript replay, including imported `homework`/retrospective flows. | Prefer Claude Code v2.1.170+ when testing Claude compatibility transcript-dependent skills. No Codex runtime change. |
15
+
16
+ ## v2.1.169
17
+
18
+ Published: 2026-06-08.
19
+
20
+ Source: upstream oh-my-customcode #1329, Codex port #1496.
21
+
22
+ | Change | Impact on oh-my-customcodex | Action |
23
+ |--------|------------------------------|--------|
24
+ | `--safe-mode` and `CLAUDE_CODE_SAFE_MODE` start Claude Code with all customizations disabled | Useful for isolating whether a packaged `.claude` template, skill, hook, plugin, or MCP server causes a Claude-compatibility regression. | Document in R006; do not change Codex/OMX runtime loading. |
25
+ | `disableBundledSkills` and `CLAUDE_CODE_DISABLE_BUNDLED_SKILLS` hide bundled skills, workflows, and built-in slash commands from the model | Helps when Claude bundled skills duplicate or conflict with project skills. Distinct from advisory `skills:` frontmatter metadata. | Record as Claude platform setting; keep Codex skill roots unchanged. |
26
+ | `claude agents --json` includes blocked and just-dispatched sessions; `--all` includes completed sessions; output includes `id` and `state` | Strengthens Claude-template Agent Teams completion checks. | Prefer `--all` + `state` when diagnosing Claude Agent Teams; Codex/OMX uses native runtime state plus repo evidence. |
27
+ | `/cd` command and reliability fixes for MCP policy/history behavior | Claude operator convenience only. | No Codex runtime change. |
28
+
5
29
  ## v2.1.168
6
30
 
7
31
  Published: 2026-06-07.
@@ -2,6 +2,19 @@
2
2
 
3
3
  This guide records OpenAI Codex release-note impact decisions for oh-my-customcodex. Use it for Codex/OMX runtime compatibility notes; keep Claude-only release notes in `guides/claude-code/15-version-compatibility.md`.
4
4
 
5
+ ## rust-v0.139.0 / CLI 0.139.0
6
+
7
+ Source: upstream OpenAI Codex release `rust-v0.139.0`, Codex-port issue #1498.
8
+
9
+ | Change | Impact on oh-my-customcodex | Action |
10
+ | --- | --- | --- |
11
+ | Code mode can call standalone web search directly, including nested JavaScript tool calls, and receive plaintext results | Improves Codex runtime research ergonomics but does not change packaged skill/tool routing. | Keep repository research guidance source-backed; no package dependency change. |
12
+ | Tool and connector schemas preserve `oneOf`/`allOf`; large schemas keep more shallow structure during compaction | Reduces MCP/app connector schema loss for richer tools. | No template migration; continue to prefer connector schemas as runtime ground truth. |
13
+ | `codex doctor` includes editor and pager environment details while redacting raw values in JSON output | Aligns with metadata-only diagnostics and secret-redaction rules. | Document compatibility; keep `omcustomcodex doctor` separate. |
14
+ | Plugin marketplace automation exposes marketplace source in `list --json` and returns cached catalogs before background refresh | Useful for future plugin inventory automation. | Prefer JSON when automating plugin inventory; no current CLI behavior change. |
15
+ | `codex resume --last "..."` and `codex fork --last "..."` treat trailing text as the initial prompt | Reduces operator surprise for resume/fork workflows. | No package change. |
16
+ | MCP startup warnings are scoped to the owning thread, image edits use exact referenced paths, URLs with `~` linkify correctly, thread resets preserve cloud requirements, and sandbox execution preserves approved escalation/proxy-only networking more consistently | Runtime stability and evidence quality improvements. | No package change beyond this compatibility record. |
17
+
5
18
  ## rust-v0.138.0 / CLI 0.138.0
6
19
 
7
20
  Source: upstream OpenAI Codex release `rust-v0.138.0`, Codex-port issue #1481.
@@ -1,17 +1,17 @@
1
1
  {
2
- "version": "0.5.20",
2
+ "version": "0.5.22",
3
3
  "requiresCC": ">=2.1.121",
4
4
  "claudeCode": {
5
5
  "minimumVersion": "2.1.121",
6
6
  "protectedPathBypassVersion": "2.1.126"
7
7
  },
8
- "lastUpdated": "2026-06-06T00:00:00.000Z",
8
+ "lastUpdated": "2026-06-11T00:00:00.000Z",
9
9
  "components": [
10
10
  {
11
11
  "name": "rules",
12
12
  "path": ".codex/rules",
13
13
  "description": "Agent behavior rules and guidelines",
14
- "files": 22
14
+ "files": 23
15
15
  },
16
16
  {
17
17
  "name": "agents",
@@ -23,7 +23,7 @@
23
23
  "name": "skills",
24
24
  "path": ".agents/skills",
25
25
  "description": "Reusable skill modules (project-scoped repo skills)",
26
- "files": 121
26
+ "files": 122
27
27
  },
28
28
  {
29
29
  "name": "guides",
@@ -140,6 +140,10 @@ steps:
140
140
  6. Halt if current failures exceed baseline; otherwise report pass/fail counts and delta.
141
141
  7. Run `bun run build` when available.
142
142
 
143
+ Documentation/template validation:
144
+ - For local or CI docs validation, run `bun run .github/scripts/validate-docs.ts --programmatic-only` (or the repo's equivalent validate-docs command with `--programmatic-only`) before assuming a validation failure is an authentication failure.
145
+ - Treat interactive/auth-dependent validate-docs output as inconclusive until the programmatic-only path has been tried.
146
+
143
147
  Halt on lint errors, typecheck errors, new test failures, build failure, or lockfile drift.
144
148
  description: Auto-detected build + test verification with mandatory bun test baseline delta guard
145
149
 
@@ -155,6 +159,13 @@ steps:
155
159
 
156
160
  Required version preflight for npm package releases:
157
161
  - Determine NEW_VERSION before creating a release branch, PR, or tag.
162
+ - Version decision (semver) — PATCH-PREFERRED policy from v1.0.0 onward:
163
+ * No existing tags → v0.1.0.
164
+ * Previous tag exists → default to patch. When in doubt, patch; do not reflexively bump minor for rule/doc/skill/config/wiki/workflow edits.
165
+ * patch (DEFAULT): bugfixes, hardening, rule/doc/skill/config/wiki/workflow changes, compatibility notes, and release-process guardrails.
166
+ * minor: only a genuinely new user-facing capability, such as a new skill/agent/command adding visible surface, not a refinement of an existing one.
167
+ * major: breaking changes to user-facing contracts (CLI flags, public skill/command names, public API) or a deliberate milestone declaration such as v1.0.0.
168
+ * If a previous tag is ahead of the source version, use the next available skip-version.
158
169
  - Update `package.json` and `templates/manifest.json` to NEW_VERSION in the same commit.
159
170
  - Promote `CHANGELOG.md` before the release PR/tag: move non-empty `## [Unreleased]` entries into `## [NEW_VERSION] - YYYY-MM-DD`, then re-create an empty `## [Unreleased]` section above it.
160
171
  - If `CHANGELOG.md` has no user/package-visible entry for NEW_VERSION, add a concise release summary before continuing instead of relying on GitHub auto-generated release notes.