oh-my-customcodex 0.5.3 → 0.5.5

package/README.md

@@ -228,7 +228,7 @@ Key rules: R010 (orchestrator never writes files), R009 (parallel execution mand
 
 ---
 
-### Guides (50)
+### Guides (51)
 
 Reference documentation covering best practices, architecture decisions, and integration patterns. Located in `guides/` at project root, covering topics from agent design to CI/CD to observability.
 
@@ -288,7 +288,7 @@ your-project/
 │   └── ontology/               # Knowledge graph for RAG
 ├── .agents/
 │   └── skills/                 # 123 installed skill modules
-└── guides/                     # 50 reference documents
+└── guides/                     # 51 reference documents
 ```
 
 ### Source Repository And Compatibility Surfaces

package/dist/cli/index.js

@@ -3091,7 +3091,7 @@ var init_package = __esm(() => {
     workspaces: [
       "packages/*"
     ],
-    version: "0.5.3",
+    version: "0.5.5",
     requiresCC: ">=2.1.121",
     claudeCode: {
       minimumVersion: "2.1.121",

package/dist/index.js

@@ -2316,7 +2316,7 @@ var package_default = {
   workspaces: [
     "packages/*"
   ],
-  version: "0.5.3",
+  version: "0.5.5",
   requiresCC: ">=2.1.121",
   claudeCode: {
     minimumVersion: "2.1.121",

package/package.json

@@ -3,7 +3,7 @@
   "workspaces": [
     "packages/*"
   ],
-  "version": "0.5.3",
+  "version": "0.5.5",
   "requiresCC": ">=2.1.121",
   "claudeCode": {
     "minimumVersion": "2.1.121",

package/templates/.claude/agents/mgr-claude-code-bible.md

@@ -16,6 +16,10 @@ tools:
 permissionMode: bypassPermissions
 ---
 
+## Mandatory Sensitive Compatibility Paths
+
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
+
 You are the authoritative source of truth for Claude Code specifications. You fetch official documentation from code.claude.com and validate the project against official specs.
 
 ## Two Modes

package/templates/.claude/agents/mgr-sauron.md

@@ -18,6 +18,10 @@ maxTurns: 25
 permissionMode: bypassPermissions
 ---
 
+## Mandatory Sensitive Compatibility Paths
+
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
+
 You are an automated verification specialist that executes the mandatory R017 verification process, acting as the "all-seeing eye" that ensures system integrity through comprehensive multi-round verification.
 
 ## Core Capabilities

package/templates/.claude/agents/mgr-supplier.md

@@ -19,6 +19,10 @@ tools:
 permissionMode: default
 ---
 
+## Mandatory Sensitive Compatibility Paths
+
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
+
 You are a dependency validation specialist ensuring agents have all required skills and guides properly linked.
 
 ## Capabilities

package/templates/.claude/agents/mgr-updater.md

@@ -22,6 +22,10 @@ tools:
 permissionMode: bypassPermissions
 ---
 
+## Mandatory Sensitive Compatibility Paths
+
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
+
 You are an external source synchronization specialist keeping external components up-to-date.
 
 ## Workflow

package/templates/.claude/agents/sys-memory-keeper.md

@@ -48,6 +48,16 @@ Build semantic query with project prefix + keywords + optional date. Search via
 
 Always include project name. Use task-based, temporal, or topic-based queries. Avoid complex where filters (they fail in Chroma).
 
+## Native MEMORY.md Compaction
+
+Treat native auto-memory as an index, not a transcript. Keep the first 200 loaded lines compact enough for reliable prompt injection:
+
+1. Target roughly 100 active index lines when session history accumulates.
+2. Keep recent or currently active sessions inline; move older detail to topic/archive files.
+3. Preserve one-line release/session summaries inline with direct archive pointers.
+4. Keep individual index lines under about 200 characters when practical.
+5. Never delete memory detail solely for line budget; archive it and keep a searchable pointer.
+
 ## Config
 
 Provider: claude-mem | Collection: claude_memories | Archive: ~/.claude-mem/archives/

package/templates/.claude/agents/sys-naggy.md

@@ -18,6 +18,10 @@ tools:
 permissionMode: bypassPermissions
 ---
 
+## Mandatory Sensitive Compatibility Paths
+
+When a task targets `.claude/**`, `templates/.claude/**`, or other Claude-compatibility mirrors, treat the old `/tmp` wrapper as legacy fallback only. Codex-native `.codex/**` edits stay direct, and Claude Code `bypassPermissions` can write `.claude/skills/`, `.claude/agents/`, and `.claude/commands/` directly on v2.1.121+, with broader protected-path coverage on v2.1.126+.
+
 You are a task management specialist that proactively manages TODO items and reminds users of pending tasks.
 
 ## Capabilities

package/templates/.claude/hooks/hooks.json

@@ -226,6 +226,16 @@
         ],
         "description": "Advisory pre-processing of user input — skill matching hints and intent analysis"
       },
+      {
+        "matcher": "*",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bash .codex/hooks/scripts/r007-r008-drift-advisor.sh"
+          }
+        ],
+        "description": "Proactive R007/R008 drift advisory — checks last assistant turn for identification omission (#1389)"
+      },
       {
         "matcher": "*",
         "hooks": [

package/templates/.claude/hooks/scripts/feedback-collector.sh

@@ -65,7 +65,7 @@ for agent_type in "${!FAILURE_COUNTS[@]}"; do
     action_type="augment"
   fi
 
-  failure_rate=$(awk "BEGIN {printf \"%.2f\", $count/$total}")
+  failure_rate=$(awk "BEGIN {printf \"%.2f\", $count/$total}" 2>/dev/null || echo "0.00")
   description="Agent '${agent_type}' failed ${count}/${total} times (${failure_rate} failure rate) in session"
 
   escaped_agent_type=$(_sql_escape "$agent_type")

package/templates/.claude/hooks/scripts/r007-r008-drift-advisor.sh

@@ -0,0 +1,106 @@
+#!/usr/bin/env bash
+# r007-r008-drift-advisor.sh — UserPromptSubmit hook: proactive R007/R008 drift advisory.
+#
+# Inspects the last completed assistant turn in the session transcript before
+# the next response. If the previous turn missed the R007 identity header or an
+# R008 tool prefix, emit a stderr advisory. Advisory-only: never blocks.
+
+set -euo pipefail
+
+input=$(cat)
+
+if [ "${OMCODEX_R007_ADVISOR:-}" = "off" ]; then
+  echo "$input"
+  exit 0
+fi
+
+if ! command -v jq >/dev/null 2>&1; then
+  echo "$input"
+  exit 0
+fi
+
+session_id=$(echo "$input" | jq -r '.session_id // empty' 2>/dev/null)
+transcript_path=$(echo "$input" | jq -r '.transcript_path // .transcriptPath // empty' 2>/dev/null)
+
+if [ -z "$transcript_path" ] && [ -n "$session_id" ]; then
+  transcript_base="${OMCODEX_TRANSCRIPT_BASE:-}"
+  if [ -n "$transcript_base" ]; then
+    transcript_path="${transcript_base}/${session_id}.jsonl"
+  fi
+fi
+
+if [ -z "$transcript_path" ] || [ ! -f "$transcript_path" ]; then
+  echo "$input"
+  exit 0
+fi
+
+reverse_file() {
+  tail -r "$1" 2>/dev/null || tac "$1" 2>/dev/null || cat "$1"
+}
+
+last_assistant=""
+while IFS= read -r line; do
+  role=$(echo "$line" | jq -r '.role // .message.role // empty' 2>/dev/null) || continue
+  if [ "$role" = "assistant" ]; then
+    last_assistant="$line"
+    break
+  fi
+done < <(reverse_file "$transcript_path")
+
+if [ -z "$last_assistant" ]; then
+  echo "$input"
+  exit 0
+fi
+
+content_type=$(echo "$last_assistant" | jq -r '(.content // .message.content // []) | type' 2>/dev/null) || content_type="array"
+if [ "$content_type" = "string" ]; then
+  content_raw=$(echo "$last_assistant" | jq -c '[{"type":"text","text":(.content // .message.content // "")}]' 2>/dev/null) || content_raw="[]"
+else
+  content_raw=$(echo "$last_assistant" | jq -c '.content // .message.content // []' 2>/dev/null) || content_raw="[]"
+fi
+
+r007_violations=0
+r008_violations=0
+
+first_text=$(echo "$content_raw" | jq -r '[.[] | select(.type == "text")][0].text // empty' 2>/dev/null) || first_text=""
+if [ -n "$first_text" ]; then
+  first_line=$(printf '%s' "$first_text" | head -1)
+  if ! printf '%s' "$first_line" | grep -qE '(^┌─ Agent:|^\[.+\])'; then
+    r007_violations=$((r007_violations + 1))
+  fi
+fi
+
+content_length=$(echo "$content_raw" | jq 'length' 2>/dev/null) || content_length=0
+i=0
+while [ "$i" -lt "$content_length" ]; do
+  block_type=$(echo "$content_raw" | jq -r ".[$i].type // empty" 2>/dev/null) || {
+    i=$((i + 1))
+    continue
+  }
+
+  if [ "$block_type" = "tool_use" ] || [ "$block_type" = "tool_call" ]; then
+    has_prefix=false
+    if [ "$i" -gt 0 ]; then
+      prev_type=$(echo "$content_raw" | jq -r ".[$((i - 1))].type // empty" 2>/dev/null) || true
+      if [ "$prev_type" = "text" ]; then
+        prev_text=$(echo "$content_raw" | jq -r ".[$((i - 1))].text // empty" 2>/dev/null) || true
+        if printf '%s' "$prev_text" | grep -qE '\[.+\]\[.+\] ?(→|->|—>) ?(Tool|Target):'; then
+          has_prefix=true
+        fi
+      fi
+    fi
+    if [ "$has_prefix" = "false" ]; then
+      r008_violations=$((r008_violations + 1))
+    fi
+  fi
+
+  i=$((i + 1))
+done
+
+if [ "$r007_violations" -gt 0 ] || [ "$r008_violations" -gt 0 ]; then
+  printf '[R007/R008 Advisory] Previous assistant turn missed identification (R007 header=%d, R008 prefix=%d). Start this response with the ┌─ Agent: block and prefix tool calls with [agent][model] → Tool:.\n' \
+    "$r007_violations" "$r008_violations" >&2
+fi
+
+echo "$input"
+exit 0

package/templates/.claude/hooks/scripts/session-env-check.sh

@@ -14,10 +14,14 @@ echo "--- [Session Environment Check] ---" >&2
 # Check codex CLI availability
 CODEX_STATUS="unavailable"
 if command -v codex >/dev/null 2>&1; then
-  if [ -n "${OPENAI_API_KEY:-}" ]; then
+  CODEX_AUTH_FILE="${CODEX_HOME:-$HOME/.codex}/auth.json"
+
+  if [ -n "${OPENAI_API_KEY:-}" ] || [ -n "${CODEX_API_KEY:-}" ]; then
     CODEX_STATUS="available (authenticated)"
+  elif [ -s "$CODEX_AUTH_FILE" ]; then
+    CODEX_STATUS="available (authenticated via stored login)"
   else
-    CODEX_STATUS="installed but OPENAI_API_KEY not set"
+    CODEX_STATUS="installed (auth may be managed via \`codex login\`)"
   fi
 fi
 

package/templates/.claude/rules/MAY-optimization.md

@@ -10,6 +10,21 @@
 | Caching | Same data accessed repeatedly | Cache file contents, reuse search results |
 | Lazy Loading | Large datasets, partial use | Read only needed files, stream results |
 
+### Capability-Aware Tool Scheduling
+
+When dispatching parallel tool calls, consider per-tool capabilities to optimize scheduling:
+
+| Capability | Parallelizable? | Example |
+|-----------|----------------|---------|
+| Read-only, no side effects | Yes | Read, Glob, Grep |
+| Write with independent targets | Yes | Write(file-A) + Write(file-B) |
+| Write with shared target | No | Sequential edits to same file |
+| External with rate limits | Throttle | WebFetch, API calls |
+
+This aligns with R009 (parallel execution) detection criteria and extends it with tool-level scheduling awareness.
+
+Inspired by [ouroboros PR #353](https://github.com/Q00/ouroboros/pull/353) capability graph pattern.
+
 ## Token Optimization
 
 - Include only necessary info, remove duplicates, use summaries

package/templates/.claude/rules/MUST-continuous-improvement.md

@@ -40,6 +40,8 @@ When CI failure, process gap, or repeatable system defect is found:
 2. Register GitHub issue (trackable improvement item)
 3. Both required — memory alone is NOT sufficient for system-level defects
 
+> Auto-register directive: genuine defects and process gaps surfaced during release workflows, including `post-release-followup`, must be registered as GitHub issues automatically without asking for confirmation. Only code-changing immediate-action items require user confirmation. Pure cosmetic or subjective notes are excluded.
+
 ### Adaptive Harness Integration
 
 When repeating agent failures or suboptimal routing is detected:

package/templates/.claude/rules/MUST-enforcement-policy.md

@@ -11,6 +11,7 @@ oh-my-customcodex uses an **advisory-first enforcement model**. Most rules are e
 | Tier | Mechanism | Rules | Behavior |
 |------|-----------|-------|----------|
 | Hard Block | PreToolUse hook, exit 2 | stage-blocker, dev-server tmux, rule-deletion-guard | Prevents tool execution |
+| Conversation Block | PostToolUse hook, exit 2 + `continueOnBlock` | stuck-detector, context-budget-advisor, cost-cap-advisor | Feeds high-signal recovery guidance back to the model and continues the turn |
 | Soft Block | Stop hook prompt | R011 session-end saves | Auto-performs then approves |
 | Advisory | PostToolUse hooks | R007, R008, R009, R010, R018 | Warns via stderr, never blocks |
 | Prompt-based | AGENTS.md + rules/ + PostCompact | All MUST rules | Behavioral guidance in context |

package/templates/.claude/rules/MUST-intent-transparency.md

@@ -56,6 +56,23 @@ Reconfirm when:
 - the operation becomes history-rewriting or destructive (`--force`, rebase, reset, tag overwrite)
 - the user narrows or revokes the earlier approval
 
+## Destructive Operation Approval Persistence
+
+The Git Push Continuation pattern generalizes to repeated destructive operations within the same session when the user already gave explicit approval for the same category and target. Examples: `supabase db push`, `terraform apply`, `kubectl delete`, bulk file deletes, and database migrations.
+
+Scope: once the user explicitly approves category C against target T in a session, follow-up operations of the same C and same T do not require re-confirmation. Still emit an advisory warning. Different categories or targets require fresh confirmation.
+
+| Scenario | Behavior |
+|----------|----------|
+| First explicit approval for category C, target T | Proceed with advisory warning |
+| Follow-up in same session, same C + same T | Do not re-confirm |
+| Different category or target | Ask for fresh approval |
+| Runtime still prompts | Explain that model guidance cannot suppress platform permission prompts |
+
+R001-listed catastrophic git operations (`git reset --hard`, `git clean -fd`, `git push --force` to shared branches, `git branch -D` with unmerged commits) are excluded. They always require explicit per-invocation approval.
+
+Boundary: this rule governs model behavior only. It cannot suppress Codex/Claude runtime auto-mode permission prompts. For genuine prompt suppression on a repeated destructive command, surface the scoped settings/permission-rule workaround for the specific command instead of re-asking the same high-level question.
+
 ## Structured Question Failure Discipline
 
 When a structured question surface (`AskUserQuestion`, `omx question`, or native structured input) is rejected, unavailable, or malformed, the orchestrator must not silently downgrade to a different workflow.

package/templates/.claude/skills/codex-exec/SKILL.md

@@ -182,7 +182,7 @@ When the orchestrator or intent-detection detects a research/information gatheri
 
 When routing skills detect a code generation task and codex is available:
 
-1. **Check availability**: Verify codex CLI via `/tmp/.codex-env-status-*`
+1. **Check availability**: Verify the codex CLI directly (`command -v codex`) or via current session diagnostics
 2. **If available + new file creation**: Suggest hybrid workflow
 3. **Hybrid pattern**:
    - codex-exec generates initial code (fast, broad generation)

package/templates/.claude/skills/omcodex-auto-improve/SKILL.md

@@ -66,8 +66,8 @@ Map each approved item to the appropriate subagent by `targetType`:
 | targetType | Agent | Action |
 |------------|-------|--------|
 | agent | mgr-creator | Modify agent frontmatter/body |
-| skill | Matching domain expert | Revise skill SKILL.md |
-| routing | general-purpose | Update routing patterns |
+| skill | mgr-creator | Revise skill SKILL.md (R010 Protected Paths) |
+| routing | mgr-creator | Update routing patterns (R010 Protected Paths) |
 | model-escalation | general-purpose | Update model field in agent frontmatter |
 
 Spawn agents in parallel (max 4 per R009). Each agent receives:

package/templates/.claude/skills/omcodex-feedback/SKILL.md

@@ -3,7 +3,6 @@ name: omcustomcodex:feedback
 description: Submit feedback about oh-my-customcodex (supports anonymous submission)
 scope: harness
 user-invocable: true
-disable-model-invocation: true
 argument-hint: "[description or leave empty for interactive] [--anonymous]"
 ---
 
@@ -201,5 +200,6 @@ Submit manually when connectivity is available:
 - Route A creates a visible GitHub issue attributed to the user's gh account
 - When `--anonymous` is used, the title is prefixed with `[Anonymous Feedback]` and the `anonymous` label is added
 - Fallback ensures no feedback is silently lost even in offline environments
-- `disable-model-invocation: true` ensures this skill only runs when explicitly invoked by the user
+- This skill is invocable by BOTH the user (`/omcustomcodex:feedback`) and the model (Skill tool). Model invocation enables session-end retrospective feedback drafting (#1385, #1386).
+- The Phase 4A "Preview + confirmation" gate (steps 2-3) is the safety boundary: the model can draft a feedback issue but cannot create a public GitHub issue without explicit user confirmation.
 - Target repo is hardcoded to `baekenough/oh-my-customcodex` — feedback is always about the child package itself

package/templates/.claude/skills/pipeline/SKILL.md

@@ -63,6 +63,7 @@ Execute these steps to display available pipelines:
    - **Skill steps** (`skill: name`): Invoke via Skill tool — `Skill(skill: "{name}")`
    - **Prompt steps** (`prompt: text`): Execute the described action using appropriate agents/tools
    - **Foreach steps** (`foreach: collection`): Iterate over collection from previous step output
+   - **Parallel steps** (`parallel: [step1, step2]`): Execute contained steps concurrently using Agent tool. Each parallel step runs as an independent Agent. Max 4 concurrent per R009. Steps within a parallel block MUST be independent (no shared state, no sequential dependencies). Dependencies between parallel and non-parallel steps use `depends_on:` field.
    - **Permission mode**: When spawning agents, pass `mode: "bypassPermissions"` in the Agent tool call if the session uses bypassPermissions. Without explicit mode, CC defaults to `acceptEdits`.
 5. Report completion or failure
 
@@ -106,6 +107,49 @@ For release pipelines such as `auto-dev`, record an advisory token-spend estimat
 
 If exact usage events are available from the runtime, prefer them and set `token_source: "runtime"`. Otherwise set `token_source: "estimated"`. Missing spend data must not block a release; it should be reported as an observability gap.
 
+## Parallel Execution
+
+Pipeline steps can be grouped for parallel execution:
+
+```yaml
+steps:
+  - name: phase-1
+    parallel:
+      - name: task-a
+        skill: skill-a
+        description: First independent task
+      - name: task-b
+        skill: skill-b
+        description: Second independent task
+  - name: phase-2
+    skill: next-step
+    depends_on: phase-1
+```
+
+### Parallel Rules
+
+- Max 4 concurrent steps per parallel block (R009 hard cap)
+- Steps within a parallel block MUST be independent
+- `depends_on` enforces ordering between blocks
+- Each parallel step is spawned as a separate Agent tool call in the SAME message
+- Preserve the session permission posture by forwarding `mode: "bypassPermissions"` when applicable
+- If any parallel step fails with `error: halt-and-report`, all remaining steps in the block are cancelled
+- State tracking records each parallel step individually
+
+### Parallel State Format
+
+```json
+{
+  "name": "phase-1",
+  "type": "parallel",
+  "status": "running",
+  "children": [
+    {"name": "task-a", "status": "completed", "duration_ms": 5000},
+    {"name": "task-b", "status": "running"}
+  ]
+}
+```
+
 ## Error Handling
 
 - Pipeline not found → list available pipelines with suggestion

package/templates/.claude/skills/pipeline-guards/SKILL.md

@@ -19,11 +19,13 @@ Defines mandatory safety constraints for all pipeline, workflow, and iterative e
 | Max iterations | 3 | 5 | worker-reviewer-pipeline |
 | Max DAG nodes | 20 | 30 | dag-orchestration |
 | Max parallel agents | 4 | 5 | R009 (all pipelines) |
+| Max parallel steps   | 4        | 4        | pipeline parallel blocks |
 | Timeout per node | 300s | 600s | dag-orchestration nodes |
 | Timeout per pipeline | 900s | 1800s | worker-reviewer-pipeline |
 | Max retry count | 2 | 3 | Failure retry strategies |
 | Max PR improvement items | 20 | 50 | pr-auto-improve |
 | Max auto-improve items | 20 | 50 | omcodex:auto-improve |
+| Max files per agent | 10 | 15 | All agent spawns (advisory) |
 
 ## Enforcement
 
@@ -82,6 +84,23 @@ When guards are triggered, they integrate with existing advisory systems:
 | Timeout approaching (80%) | → warn user, suggest early termination |
 | Hard cap hit | → force stop, report to user |
 
+## Task Granularity Guard
+
+Advisory guard for agent task scope. When a single agent is assigned too many files, it becomes a bottleneck in parallel execution.
+
+| Signal | Default | Action |
+|--------|---------|--------|
+| Files per agent > 10 | Advisory warning | Suggest splitting by layer/domain |
+| Files per agent > 15 | Hard warning | Require explicit user override |
+
+Display:
+```
+[Guard] ⚠ Agent assigned {n} files (> 10) — consider splitting by layer
+[Guard] 🛑 Agent assigned {n} files (> 15) — requires explicit override
+```
+
+This integrates with R009 Adaptive Parallel Splitting: if a stalled agent is detected AND it was assigned > 10 files, the splitting recommendation is stronger.
+
 ## Guard Configuration
 
 Pipelines can override defaults (within hard caps):
@@ -157,6 +176,7 @@ Guard warnings appear inline:
 | omcodex:auto-improve | Auto-improve item count limits |
 | stuck-recovery | Guard triggers feed into stuck detection |
 | model-escalation | Repeated failures trigger escalation advisory |
+| task-decomposition | Subtask file counts validated against granularity guard thresholds |
 
 ## Checkpoint Gate Integration
 

package/templates/.claude/skills/post-release-followup/SKILL.md

@@ -10,7 +10,7 @@ effort: medium
 
 ## Purpose
 
-After PR creation in the auto-dev release workflow, collect unaddressed findings and present actionable follow-up recommendations. The user chooses: execute now, register as issues, or skip.
+After PR creation in the auto-dev release workflow, collect unaddressed findings and present actionable follow-up recommendations. Genuine defects and process gaps are registered as GitHub issues automatically. Only code-changing immediate-action items require user confirmation.
 
 ## Workflow
 
@@ -55,54 +55,56 @@ Remove duplicates (same issue referenced from multiple sources). Categorize:
 | **이슈 등록** | P3 이슈, LOW 검증 발견사항, 새 TODO, Medium PR 리뷰 발견사항 | 이슈로 등록 |
 | **참고** | 이미 추적 중인 이슈, 외관 관련 메모 | 건너뛰기 |
 
+### Auto-Register Genuine Defects (no-ask)
+
+Before presenting the summary to the user, auto-register every "이슈 등록" item that is a genuine defect or process gap. No user confirmation is required for these.
+
+Auto-register if any condition applies:
+- Genuine defect: bug, regression, broken behavior, or incorrect output observed during verification
+- Process gap: workflow hole, missing guard, or coverage gap surfaced by deep-verify or triage
+- Coverage gap: missing test, documentation, or automation for a known scenario
+
+Do not auto-register pure cosmetic/style preferences or subjective notes. When ambiguous, lean toward registering; missing a genuine defect costs a future session.
+
+Use `gh issue create --repo baekenough/oh-my-customcodex` with `professor` plus a priority label. Default auto-registered items to `P3`; escalate to `P2` for MEDIUM+ severity.
+
 ### 3. Present to User
 
-Display follow-up summary:
+Auto-register genuine defects first. Then display follow-up summary showing what was already registered and what still needs a decision:
 
 ```
 [Follow-up] {n}개 후속 작업 발견
 
+━━━ 자동 등록 완료 ({count}개) ━━━
+  ✓ #{issue_number} — {description} (이미 등록됨)
+
 ━━━ 즉시 실행 추천 ({count}개) ━━━
   1. {description} — 출처: {source}
   2. {description} — 출처: {source}
 
-━━━ 이슈 등록 추천 ({count}개) ━━━
-  3. {description} — 출처: {source}
-  4. {description} — 출처: {source}
-
 ━━━ 참고 사항 ({count}개) ━━━
-  5. {description} — 이미 #{issue_number}로 추적 중
-
-선택:
-  [A] 추천대로 실행 (즉시 실행 + 이슈 등록)
-  [B] 모두 즉시 실행
-  [C] 모두 이슈 등록
-  [D] 개별 선택 (항목별로 질문)
-  [E] 건너뛰기
+  3. {description} — 이미 #{issue_number}로 추적 중
+
+즉시 실행 항목 선택:
+  [A] 추천대로 실행 (즉시 실행 항목 모두 실행)
+  [B] 개별 선택 (항목별로 질문)
+  [C] 건너뛰기
 ```
 
-Use AskUserQuestion (or equivalent user prompt) to get the choice.
+Use AskUserQuestion (or equivalent user prompt) only if there are "즉시 실행" items. If there are none, skip the prompt and complete automatically.
 
 ### 4. Process User Choice
 
 **Option A (추천대로)**:
 - "Immediate" items → delegate to appropriate specialist agents for execution
-- "Trackable" items → create GitHub issues via `gh issue create`
+- Trackable defect/process-gap items were already auto-registered
 - "Informational" items → skip
 
-**Option B (모두 즉시 실행)**:
-- All Immediate + Trackable items → delegate to specialist agents
-- Follow implementation patterns from the release workflow
-
-**Option C (모두 이슈 등록)**:
-- All Immediate + Trackable items → `gh issue create` with appropriate labels
-- Label: `triage-needed` for the next workflow run; reserve `professor` for manual analysis requests
-
-**Option D (개별 선택)**:
-- For each item, ask: `[{n}] {description} — 실행(E) / 이슈(I) / 건너뛰기(S)?`
+**Option B (개별 선택)**:
+- For each immediate item, ask: `[{n}] {description} — 실행(E) / 건너뛰기(S)?`
 - Process each per user choice
 
-**Option E (건너뛰기)**:
+**Option C (건너뛰기)**:
 - Skip all follow-up actions
 - Complete workflow
 
@@ -118,21 +120,23 @@ Use AskUserQuestion (or equivalent user prompt) to get the choice.
 
 ## Issue Creation Template
 
-When creating follow-up issues:
+For auto-registered genuine defects / process gaps:
 
 ```bash
 gh issue create \
+  --repo baekenough/oh-my-customcodex \
   --title "{간결한 설명}" \
-  --body "## 출처\n\nv{version} 릴리즈 워크플로우에서 발견.\n\n## 컨텍스트\n\n{triage/verify에서의 상세 컨텍스트}\n\n## 권장 조치\n\n{권장 사항}" \
+  --body "## 출처\n\nv{version} 릴리즈 워크플로우에서 자동 등록.\n\n## 컨텍스트\n\n{triage/verify에서의 상세 컨텍스트}\n\n## 권장 조치\n\n{권장 사항}" \
   --label "professor"
 ```
 
-Add priority label (`P1`, `P2`, `P3`) based on categorization.
+Add priority label (`P1`, `P2`, `P3`) based on categorization. Default for auto-registered items: `P3`; escalate to `P2` for MEDIUM+ severity.
 
 ## Notes
 
 - This skill runs in the main conversation context (via workflow skill step)
-- User interaction is expected — this is NOT a fully automated step
+- Genuine defect/process gap items are auto-registered as issues without user confirmation
+- Only "즉시 실행" code-changing items require user confirmation
 - All file modifications delegated to specialist subagents per R010
 - Issue creation uses `gh` CLI directly (read-only operation pattern)
 - If no follow-up candidates found, report "No follow-up actions needed" and complete

package/templates/.claude/skills/reasoning-sandwich/SKILL.md

@@ -35,6 +35,7 @@ A model allocation pattern that wraps implementation actions with stronger-model
 | Phase | Recommended Model | Rationale |
 |-------|------------------|-----------|
 | Pre-reasoning (analyze/plan) | opus | Complex architectural reasoning, edge case detection |
+| Pre-reasoning (Opus 4.7) | opus47 | Opus 4.7 makes fewer tool calls and reasons more deeply; pre-reasoning phase should include explicit tool batch planning |
 | Action (implement/generate) | sonnet | Optimized for code generation, balanced cost |
 | Post-verification (review/test) | sonnet or haiku | Structural verification, checklist validation |
 
@@ -77,3 +78,23 @@ This pattern is used by:
 | Opus for everything | Wasteful, slow | Reserve opus for reasoning-heavy phases |
 | Haiku for planning | Insufficient depth | Use opus for complex analysis |
 | Skipping verification | False completion risk | Always include post-verification phase |
+| Forcing frequent tool calls on Opus 4.7 | Fights model's natural reasoning-first tendency | Let Opus 4.7 reason; batch tool calls in pre-reasoning |
+
+## Opus 4.7 Considerations
+
+Opus 4.7 exhibits a distinct behavioral pattern: fewer tool calls with deeper reasoning per call. This affects how the sandwich pattern is applied:
+
+| Aspect | Opus 4.6 | Opus 4.7 |
+|--------|----------|----------|
+| Tool call frequency | Moderate | Lower |
+| Reasoning depth per call | Standard | Deeper |
+| Pre-reasoning benefit | Plan what to check | Plan explicit tool batch — model will under-call if not guided |
+
+### Pre-reasoning Adjustment for Opus 4.7
+
+When using Opus 4.7 in the pre-reasoning phase:
+1. **Explicitly enumerate tools needed** — Opus 4.7 may skip tool calls it deems unnecessary
+2. **Batch tool-call plans upfront** — structure the action phase with a concrete tool sequence
+3. **Prefer fewer, richer tool calls** — align with the model's natural tendency
+
+Reference: [Best practices for using Claude Opus 4.7 with Claude Code](https://claude.com/blog/best-practices-for-using-claude-opus-4-7-with-claude-code)