oh-my-customcodex 0.5.22 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/cli/index.js CHANGED
@@ -3091,7 +3091,7 @@ var init_package = __esm(() => {
3091
3091
  workspaces: [
3092
3092
  "packages/*"
3093
3093
  ],
3094
- version: "0.5.22",
3094
+ version: "1.0.1",
3095
3095
  requiresCC: ">=2.1.121",
3096
3096
  claudeCode: {
3097
3097
  minimumVersion: "2.1.121",
package/dist/index.js CHANGED
@@ -2316,7 +2316,7 @@ var package_default = {
2316
2316
  workspaces: [
2317
2317
  "packages/*"
2318
2318
  ],
2319
- version: "0.5.22",
2319
+ version: "1.0.1",
2320
2320
  requiresCC: ">=2.1.121",
2321
2321
  claudeCode: {
2322
2322
  minimumVersion: "2.1.121",
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "workspaces": [
4
4
  "packages/*"
5
5
  ],
6
- "version": "0.5.22",
6
+ "version": "1.0.1",
7
7
  "requiresCC": ">=2.1.121",
8
8
  "claudeCode": {
9
9
  "minimumVersion": "2.1.121",
@@ -26,8 +26,9 @@ tools: [Read, Write, ...] # Allowed tools
26
26
  | `opus47` | claude-opus-4-7 | Latest Opus model, supports xhigh effort |
27
27
  Extended context suffix: `[1m]` (e.g., `claude-opus-4-6[1m]`) — enables 1M token context window.
28
28
 
29
+
29
30
  <!-- DETAIL: Fallback Models and Thinking Toggle (Claude Code v2.1.166+)
30
- Claude compatibility settings can declare up to three `fallbackModel` entries tried in order when the primary Claude model is overloaded or unavailable. `--fallback-model` also applies to interactive Claude sessions. Treat this as platform availability failover, not Codex-native model routing or outcome-based escalation. Claude Code v2.1.166+ also supports disabling default thinking with `MAX_THINKING_TOKENS=0`, `--thinking disabled`, or the per-model thinking toggle. Claude Code v2.1.169+ adds `--safe-mode` / `CLAUDE_CODE_SAFE_MODE` to disable customizations for regression isolation, plus `disableBundledSkills` / `CLAUDE_CODE_DISABLE_BUNDLED_SKILLS` to hide bundled skills/workflows/slash commands when they conflict with project skills. Codex-native agents continue to use the OMX model contract and `reasoning_effort` routing.
31
+ Claude compatibility settings can declare up to three `fallbackModel` entries tried in order when the primary Claude model is overloaded or unavailable. `--fallback-model` also applies to interactive Claude sessions. Treat this as platform availability failover, not Codex-native model routing or outcome-based escalation. Claude Code v2.1.166+ also supports disabling default thinking with `MAX_THINKING_TOKENS=0`, `--thinking disabled`, or the per-model thinking toggle. Claude Code v2.1.169+ adds `--safe-mode` / `CLAUDE_CODE_SAFE_MODE` to disable customizations for regression isolation, plus `disableBundledSkills` / `CLAUDE_CODE_DISABLE_BUNDLED_SKILLS` to hide bundled skills/workflows/slash commands when they conflict with project skills. Codex-native agents continue to use the OMX model contract and `reasoning_effort` routing. Claude Code v2.1.172+ applies `availableModels` restrictions to subagent `model:` overrides, the agent dispatch model picker, and the advisor model; compatibility allowlists should account for version-specific IDs and 1M suffix handling.
31
32
  -->
32
33
 
33
34
  ### Optional Frontmatter
@@ -8,6 +8,8 @@ The main conversation is the **sole orchestrator**. It uses routing skills to de
8
8
 
9
9
  **Agent Teams Exception**: Agent Teams members are peers, not hierarchical subagents. Teams members CAN spawn sub-agents via the Agent tool to execute complex workflows (e.g., research teams, verification teams). This enables Teams-compatible skills like `/research` and `/deep-plan` to run inside Team members. The Teams member acts as a local orchestrator for its own sub-tasks.
10
10
 
11
+ > **v2.1.172+ Claude compatibility**: The Claude Code platform allows sub-agents to spawn their own sub-agents up to 5 levels deep. oh-my-customcodex RETAINS the sole-orchestrator design as a deliberate project architecture choice for predictable R009 parallelism and R018 coordination, not because of a platform limitation. The sanctioned nesting path remains the Agent Teams Exception.
12
+
11
13
  **The orchestrator MUST NEVER directly write, edit, or create files. ALL file modifications MUST be delegated to appropriate subagents.**
12
14
 
13
15
  ## Codex-Native Meta-File Boundary
@@ -136,6 +138,22 @@ Required STOP response:
136
138
 
137
139
  Thirteen repeated security trips or repeated privileged retries are an anti-pattern: after the second trip, continuing without redesign is a coordination failure.
138
140
 
141
+ ### Pre-Delegation Privileged-Scope Boundary (proactive)
142
+
143
+ > Origin: upstream #1368 #5 — an infra subagent was delegated a prod-touching task with no explicit approval boundary in the delegation prompt; it freely ran prod DB queries, file deletes, and SMS reads, tripping the safety classifier 3+ times.
144
+
145
+ The Subagent Scope-Creep STOP Protocol above is reactive: it halts an agent after it trips the classifier. This rule is its proactive complement. When delegating ANY task that touches prod or privileged resources (prod DB, infra deletion, credential stores, external messaging/SMS, shared-namespace secrets), the orchestrator MUST state explicitly in the delegation prompt:
146
+
147
+ - the user-approved actions;
148
+ - explicit forbidden actions;
149
+ - the authorization scope tied back to the user request.
150
+
151
+ | Anti-pattern | Required |
152
+ |--------------|----------|
153
+ | Delegate a prod/privileged-touching task with no scope or forbidden-line in the prompt | State approved actions, forbidden actions (for example: do NOT delete files, do NOT query prod DB, do NOT read SMS/messages), and authorization scope |
154
+
155
+ Cross-reference: R001 credential/privileged-scope guardrails and the Subagent Scope-Creep STOP Protocol.
156
+
139
157
  ## Common Violations
140
158
 
141
159
  Key violations to avoid (file writes, git commands, bundled operations — all must be delegated):
@@ -234,6 +252,8 @@ Claude Code v2.1.141+ preserves the current permission mode when a session is de
234
252
 
235
253
  For this Codex port, native Codex/OMX subagents still follow the active Codex runtime tool policy. Claude compatibility prompts should keep delegated write authority explicit when a workflow relies on unattended edits, but v2.1.141+ no longer needs an extra `/bg` permission-mode workaround.
236
254
 
255
+ Claude Code v2.1.172+ fixes background agents potentially reading another project directory's settings (`.mcp.json` approvals, trust) when dispatched onto a pre-warmed worker, strengthening background-agent isolation for unattended `/bg` flows.
256
+
237
257
  ## Agent Capability Pre-Check
238
258
 
239
259
  Before delegating work, compare the task requirements with the target agent frontmatter:
@@ -17,6 +17,8 @@ Format: `─── [Spawn] {subagent_type}:{model} | {description} ───`
17
17
 
18
18
  > **Claude Code v2.1.141+ compatibility**: Hook JSON output can include `terminalSequence` to emit desktop notifications, window title changes, or terminal bells without a controlling terminal. Treat this as an optional companion to stderr HUD events and the command statusline; do not add terminal-control hook behavior until there is a concrete Codex-compatible UX need.
19
19
 
20
+ > **v2.1.172+ Claude compatibility**: The `claude_code.lines_of_code.count` OTEL metric includes a `model` attribute, so lines-of-code telemetry can be sliced by model when monitoring is enabled. This extends the per-dimension slicing configured through the `monitoring-setup` skill.
21
+
20
22
  <!-- DETAIL: HUD Events full spec
21
23
  ### When to Display: Multi-step tasks, parallel execution, long-running operations. Skip for single brief operations.
22
24
  ### Parallel Display:
@@ -1,11 +1,11 @@
1
1
  {
2
- "version": "0.5.22",
2
+ "version": "1.0.1",
3
3
  "requiresCC": ">=2.1.121",
4
4
  "claudeCode": {
5
5
  "minimumVersion": "2.1.121",
6
6
  "protectedPathBypassVersion": "2.1.126"
7
7
  },
8
- "lastUpdated": "2026-06-11T00:00:00.000Z",
8
+ "lastUpdated": "2026-06-11",
9
9
  "components": [
10
10
  {
11
11
  "name": "rules",