open-multi-agent-kit 0.78.3 → 0.78.6

package/CHANGELOG.md

@@ -1,5 +1,43 @@
 # Changelog
 
+## v0.78.6 — exclude AdaptOrch skills and MCP install template from package (2026-06-09)
+
+### Changed
+
+- Added `.npmignore` exclusions so the published package no longer ships:
+  - `templates/skills/**/omk-adaptorch-orchestration-review/`
+  - `templates/skills/**/mcp-install/`
+- Core AdaptOrch topology routing and MCP runtime code remain in the package;
+  only the optional skill templates are removed from the npm tarball.
+
+### Notes
+
+- This remains a pre-1.0 release line.
+- Stable release claims are still withheld pending exact-tag CI, live benchmark pass,
+  and sandbox violation count equal to zero.
+
+## v0.78.5 — release truthfulness, CLI bin restoration, and gate hardening (2026-06-09)
+
+### Fixed
+
+- Restored the public `omk` CLI bin in `package.json` and `package-lock.json`.
+- Aligned package, lockfile, docs, provider maturity notes, and release-truthfulness proof metadata to `0.78.5`.
+- Reworked `version:check` to derive the expected package version from `package.json`.
+- Extended `version:check` to validate required bins, docs, lockfile, schemas, and release-truthfulness proof metadata.
+- Wired `release:check` to pass an explicit demo signal to the release promotion gate only after local package, smoke, proof, and audit gates pass.
+
+### Changed
+
+- Stable release claims are withheld until exact-tag CI, live benchmark pass, and sandbox violation count equal to zero are available.
+- `release:full` and `release:rc` now finish with the same explicit final release promotion gate as `release:check`.
+- README release wording treats npm `latest` as release-truthful only after tagged workflow and registry verification both pass.
+
+### Notes
+
+- This remains a pre-1.0 release line.
+- The `v1.2` label is a runtime contract family, not an npm stable `1.x` release.
+- `v0.78.4` was superseded by `v0.78.5` after benchmark shadow fixture gate repair.
+
 ## v0.78.2 — Regression Proof Matrix, deep interview, clipboard image paste, and README hardening (2026-06-09)
 
 ### Overview

package/MATURITY.md

@@ -1,7 +1,7 @@
 # OMK Command Maturity Matrix
 
 Last updated: 2026-06-07
-Current source version: v0.78.1 (`v1.2` runtime contract family)
+Current source version: v0.78.6 (`v1.2` runtime contract family)
 
 | Level | Meaning |
 |-------|---------|
@@ -76,6 +76,6 @@ Regression Proof Matrix is a release-defense gate, not a stable-release claim. S
 | Native runtime safety | OMK owns the root-orchestrator direction, but native chat must still lock turn-risk inference, approval/sandbox propagation, authority resolution, provider health probes, and DeepSeek read-only enforcement before stable provider-neutral claims. | Treat `docs/native-root-runtime-hardening.md` and `.omk/specs/native-orchestrator-phase1/` as the active hardening contract. |
 | MCP diagnostics | `mcp list/doctor/test` exist; invalid project/global MCP JSON now fails visibly through diagnostics without exposing config contents. | Add machine-readable MCP JSON and structured failure categories for command resolution, timeout, permission, and server health. |
 | Skills and harness templates | `omk skill` exposes current core/TypeScript/review packs, while init templates document project MCP scope, runtime skills, portable `.agents/skills`, and run-scoped harness manifests. | Keep external-inspired skills compact, source-linked, and non-vendored; verify install/sync through `skill-command` tests and package audit. |
-| Release docs and site | README, CHANGELOG, MATURITY, ROADMAP, versioning docs, provider-maturity docs, package audit, and release-gate commands distinguish the `0.78.x` public package line from the `v1.2` runtime contract family while documenting alpha/experimental surfaces, current harness templates, provider limits, and the public project repository at `https://github.com/dmae97/open-multi-agent-kit`. | Treat `npm run release:check`, native safety packaging, tarball install smoke, and CI evidence on the exact commit as the publish/deploy gate before claiming `0.78.1` published or release-ready. |
+| Release docs and site | README, CHANGELOG, MATURITY, ROADMAP, versioning docs, provider-maturity docs, package audit, and release-gate commands distinguish the `0.78.x` public package line from the `v1.2` runtime contract family while documenting alpha/experimental surfaces, current harness templates, provider limits, and the public project repository at `https://github.com/dmae97/open-multi-agent-kit`. | Treat `npm run release:check`, native safety packaging, tarball install smoke, and CI evidence on the exact commit as the publish/deploy gate before claiming `0.78.6` published or release-ready. |
 | Public proof bundles | `omk.proof-bundle.v1`, `npm run proof:check`, `npm run proof:index`, and ten scoped RC hardening bundles now cover no-Kimi, provider/doctor, fallback routing, native safety, contract/version, evidence-block, replay/inspect, and graph-audit axes. Proof integrity includes runId/commit/evidence/decision linkage and per-bundle `sha256sums.txt` artifact hashes. | Keep strengthening proof authenticity with sanitized repo-relative artifacts, non-empty known limitations, and broader provider fallback variants. |
 | Goal planner | Goal lifecycle exists, including continue, generated plan/evidence criteria, and verification. | Expand planner quality scoring and release evidence. |

package/README.md

@@ -39,7 +39,7 @@ Use OMK when one coding agent is not enough: route Codex, OpenCode, Kimi, DeepSe
 - Teams that need MCP-scoped agent execution instead of unrestricted tool access.
 - Agent builders who want routing, fallback, evidence gates, telemetry, and replay.
 
-> Current package source target: `open-multi-agent-kit@0.78.1`.
+> Current package source target: `open-multi-agent-kit@0.78.6`.
 > Public package name: `open-multi-agent-kit` (`@omk/cli` is not the active npm package).
 > Runtime contract family: `v1.2` (contract family, not a stable npm `1.x` release).
 > Release channel: `pre-1.0`.
@@ -63,8 +63,8 @@ omk chat
 
 ## Current release reality
 
-- The public npm line is `open-multi-agent-kit@0.78.x`. Published npm `latest` is `0.78.0`;
-  source/target is `0.78.1` and is published only after the release workflow passes on the tagged commit.
+- The public npm line is `open-multi-agent-kit@0.78.x`. The source target is `open-multi-agent-kit@0.78.6`;
+  treat npm `latest` as release-truthful only after the tagged release workflow and registry verification both pass.
 - The `v1.2` label in docs is a runtime contract family for the source tree, not a claim that
   an npm `1.2.x` stable release exists.
 - Provider support is intentionally uneven: Kimi remains the most mature authority path;
@@ -305,7 +305,7 @@ The npm package is intentionally package-safe:
 | Contract          | Value                                                                                                                                                                                                                          |
 | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
 | Package           | [`open-multi-agent-kit`](https://www.npmjs.com/package/open-multi-agent-kit)                                                                                                                                                   |
-| Version           | `0.78.1`                                                                                                                                                                                                                       |
+| Version           | `0.78.6`                                                                                                                                                                                                                       |
 | Runtime contract family | `v1.2`                                                                                                                                                                                                                         |
 | Bins              | `omk`, `omk-project-mcp`, `omk-acp`, `omk-mcp-host`                                                                                                                                                                            |
 | Packaged docs     | `README.md`, `docs/`, `SECURITY.md`, `ROADMAP.md`, `MATURITY.md`, `DESIGN.md`                                                                                                                                                  |

package/dist/benchmark/fixtures.js

@@ -67,11 +67,14 @@ function makeAttemptStub(taskId, category, attemptNumber, rng, outcomeOverride)
 function makeTask(index, category, seed, omkVersion, treeHash, providerConfigHash) {
     const rng = seededRandom(seed + index * 7919);
     const taskId = `bench-${category}-${String(index).padStart(3, "0")}`;
-    const expectedOutcome = pick(["success", "success", "failure", "fallback"], rng);
+    const expectedOutcome = category === "provider-failure-fallback" || category === "quota-auth-failure-fallback"
+        ? "fallback"
+        : "success";
     const attempts = [];
     const attemptCount = expectedOutcome === "fallback" ? 2 : 1;
     for (let i = 1; i <= attemptCount; i++) {
-        attempts.push(makeAttemptStub(taskId, category, i, rng, i === 1 ? undefined : "success"));
+        const outcome = expectedOutcome === "fallback" && i === 1 ? "fallback" : "success";
+        attempts.push(makeAttemptStub(taskId, category, i, rng, outcome));
     }
     return {
         taskId,

package/dist/benchmark/shadow-mode.js

@@ -86,7 +86,6 @@ export function createShadowModeEngine(options) {
     return { evaluate, toBenchmarkDecision };
 }
 export function computeRouterRegret(candidates, intent, history, selectedId) {
-    const engine = createRouterV2ScoringEngine();
     const scores = scoreRuntimes(candidates, intent, history);
     if (scores.length === 0)
         return 0;

package/dist/cli/release-promotion-gate.js

@@ -12,6 +12,10 @@ export function createReleasePromotionGate() {
             const w = RELEASE_GATE_WEIGHTS;
             const demoRun = inputs.demoRun ?? false;
             const maturity = inputs.maturity ?? inputs.providerMinimum ?? 0;
+            const versionConsistency = inputs.versionConsistency ?? inputs.semver ?? 1;
+            const liveBenchmarkPass = inputs.liveBenchmarkPass ?? false;
+            const sandboxViolationCount = inputs.sandboxViolationCount ?? Number.POSITIVE_INFINITY;
+            const exactTagCiPass = inputs.exactTagCiPass ?? false;
             const rawScore = w.ci * inputs.ci +
                 w.build * (inputs.build ?? 0) +
                 w.types * (inputs.types ?? 0) +
@@ -20,11 +24,11 @@ export function createReleasePromotionGate() {
                 w.demo * (demoRun ? 1 : 0) +
                 w.proof * inputs.proofMedian +
                 w.maturity * maturity +
-                w.docs * inputs.docs -
+                w.docs * inputs.docs * versionConsistency -
                 w.regression * inputs.regressionSeverity;
             const score = clamp01(rawScore);
             const reasons = [];
-            const blocked = inputs.ci === 0 || inputs.freshInstallSmoke === 0 || !demoRun;
+            const blocked = inputs.ci === 0 || inputs.freshInstallSmoke === 0 || versionConsistency === 0 || !demoRun;
             if (blocked) {
                 if (inputs.ci === 0) {
                     reasons.push("CI score is 0 (blocking)");
@@ -32,21 +36,28 @@ export function createReleasePromotionGate() {
                 if (inputs.freshInstallSmoke === 0) {
                     reasons.push("Fresh install smoke is 0 (blocking)");
                 }
+                if (versionConsistency === 0) {
+                    reasons.push("Version/package/proof consistency is 0 (blocking)");
+                }
                 if (!demoRun) {
                     reasons.push("Minimal verified demo run failed or missing (blocking)");
                 }
             }
+            const stableEligible = liveBenchmarkPass && sandboxViolationCount === 0 && exactTagCiPass;
             let verdict;
             if (blocked) {
                 verdict = "block";
             }
-            else if (score >= 0.90 && inputs.proofMedian >= 0.85 && maturity >= 0.80) {
+            else if (score >= 0.90 && inputs.proofMedian >= 0.85 && maturity >= 0.80 && stableEligible) {
                 verdict = "stable";
-                reasons.push(`Score ${formatScore(score)} meets stable threshold (≥0.90) with proof≥0.85 and maturity≥0.80`);
+                reasons.push(`Score ${formatScore(score)} meets stable threshold (≥0.90) with proof≥0.85, maturity≥0.80, live benchmark pass, sandbox violations=0, and exact-tag CI pass`);
             }
             else if (score >= 0.75 && inputs.proofMedian >= 0.75) {
                 verdict = "pre-release";
                 reasons.push(`Score ${formatScore(score)} meets pre-release threshold (≥0.75) with proof≥0.75`);
+                if (score >= 0.90 && inputs.proofMedian >= 0.85 && maturity >= 0.80 && !stableEligible) {
+                    reasons.push("Stable verdict withheld until live benchmark passes, sandboxViolationCount is 0, and exact-tag CI passes");
+                }
             }
             else {
                 verdict = "block";

package/dist/providers/router.js

@@ -200,13 +200,6 @@ function requestedExternalProvider(input) {
 function isGenericExternalProvider(value) {
     return typeof value === "string" && value !== "auto" && value !== "kimi" && value !== "deepseek";
 }
-function providerVectorMeets(vector, minState) {
-    if (!vector)
-        return true;
-    const current = PROVIDER_CAPABILITY_ORDINAL[vector.auth];
-    const required = PROVIDER_CAPABILITY_ORDINAL[minState];
-    return current >= required;
-}
 function providerVectorQuotaOk(vector) {
     if (!vector)
         return true;

package/dist/runtime/contracts/weakness-remediation.d.ts

@@ -55,6 +55,14 @@ export interface ReleasePromotionInputs {
     readonly maturity?: number;
     /** Algorithm 8 — minimal verified demo run gate. Hard block when false/undefined. */
     readonly demoRun?: boolean;
+    /** Stable claim gate — live/recorded benchmark must pass before stable verdict. */
+    readonly liveBenchmarkPass?: boolean;
+    /** Stable claim gate — must be exactly 0 before stable verdict. */
+    readonly sandboxViolationCount?: number;
+    /** Stable claim gate — package/lock/docs/proof/bin invariant. */
+    readonly versionConsistency?: number;
+    /** Stable claim gate — CI must pass on the exact release tag/commit before stable verdict. */
+    readonly exactTagCiPass?: boolean;
 }
 export interface ReleasePromotionResult {
     readonly score: number;

package/dist/runtime/provider-maturity-gate.js

@@ -76,8 +76,6 @@ export function createProviderMaturityTable() {
 function vectorToAdapterResults(vector) {
     const authOrdinal = PROVIDER_CAPABILITY_ORDINAL[vector.auth];
     const binaryOrdinal = PROVIDER_CAPABILITY_ORDINAL[vector.binary];
-    const modelOrdinal = PROVIDER_CAPABILITY_ORDINAL[vector.model];
-    const quotaOrdinal = PROVIDER_CAPABILITY_ORDINAL[vector.quota];
     const authScore = authOrdinal >= PROVIDER_CAPABILITY_ORDINAL["auth_valid"] ? 1.0 : authOrdinal / PROVIDER_CAPABILITY_ORDINAL["auth_valid"];
     const readScore = vector.supportsRead ? 1.0 : 0.0;
     const writeScore = vector.supportsWrite ? 1.0 : 0.0;

package/docs/2026-06-10/critical-issues.md

@@ -0,0 +1,20 @@
+# 2026-06-10 Critical Issues
+
+## Critical Init Status
+- No critical init artifacts were missing when this daily file was generated.
+### Missing critical artifacts
+- None detected.
+
+
+## Critical Artifacts Present
+- ✅ `AGENTS.md` — top-level operating contract
+- ✅ `.kimi/AGENTS.md` — Kimi-specific operating rules
+- ✅ `.omk/config.toml` — OMK project runtime settings
+- ✅ `.omk/agents/root.yaml` — root coordinator agent
+- ✅ `.kimi/mcp.json` — Kimi project MCP registry
+- ✅ `.omk/hooks/pre-shell-guard.sh` — destructive shell guard
+- ✅ `.omk/hooks/protect-secrets.sh` — secret write guard
+- ✅ `.omk/memory/graph-state.json` — local ontology graph database
+
+## Escalation Rule
+- Treat missing shell/secret guards, root agent config, MCP registry, or ontology graph as critical until restored.

package/docs/2026-06-10/improvements.md

@@ -0,0 +1,14 @@
+# 2026-06-10 Improvements
+
+## Current Improvement Backlog
+### Optional init/support artifacts to add or refresh
+- None detected.
+
+### Critical init artifacts currently blocking reliable chat startup
+- None detected.
+
+
+## Suggested Focus
+- Keep `omk chat` startup idempotent and non-destructive.
+- Prefer local graph memory for default ontology state.
+- Keep generated daily docs small, dated, and safe to edit by hand.

package/docs/2026-06-10/init-checklist.md

@@ -0,0 +1,25 @@
+# 2026-06-10 Required Init Checklist
+
+**Run ID:** chat-2026-06-09T17-45-36-041Z-4951
+**Ontology graph:** `.omk/memory/graph-state.json`
+
+## Required Artifacts
+- ✅ `AGENTS.md` — critical; top-level operating contract
+- ✅ `.kimi/AGENTS.md` — critical; Kimi-specific operating rules
+- ✅ `DESIGN.md` — support; design/brand source of truth
+- ✅ `.omk/config.toml` — critical; OMK project runtime settings
+- ✅ `.omk/agents/root.yaml` — critical; root coordinator agent
+- ✅ `.kimi/mcp.json` — critical; Kimi project MCP registry
+- ✅ `.omk/mcp.json` — support; legacy OMK MCP fallback
+- ✅ `.omk/lsp.json` — support; bundled TypeScript/Python LSP config
+- ✅ `.omk/hooks/pre-shell-guard.sh` — critical; destructive shell guard
+- ✅ `.omk/hooks/protect-secrets.sh` — critical; secret write guard
+- ✅ `.omk/memory/graph-state.json` — critical; local ontology graph database
+- ✅ `.kimi/skills` — support; Kimi skill directory
+- ✅ `.agents/skills` — support; portable skill directory
+
+## Recovery Command
+```bash
+omk init
+omk doctor
+```

package/docs/2026-06-10/plan.md

@@ -0,0 +1,20 @@
+# 2026-06-10 OMK Chat Plan
+
+**Run ID:** chat-2026-06-09T17-45-36-041Z-4951
+**Generated by:** omk chat bootstrap
+
+## Purpose
+- Start every chat with a dated workspace for planning, issue triage, and verification evidence.
+- Keep ontology-backed memory available before the root coordinator starts.
+- Make required init state visible without overwriting user-authored docs.
+
+## Today Plan
+1. Review `init-checklist.md` and resolve missing critical init artifacts first.
+2. Use `improvements.md` as the active improvement backlog.
+3. Use `critical-issues.md` for blocking defects, safety risks, and verification gaps.
+4. Record command evidence before claiming work is complete.
+
+## Stop Condition
+- Critical init artifacts are present.
+- Ontology graph exists at `.omk/memory/graph-state.json`.
+- Any new code/docs changes have explicit verification evidence.

package/docs/getting-started.md

@@ -1,6 +1,6 @@
 # Getting Started
 
-Source release target: `open-multi-agent-kit@0.78.1` (`pre-1.0`).
+Source release target: `open-multi-agent-kit@0.78.6` (`pre-1.0`).
 
 ## Prerequisites
 

package/docs/provider-maturity.md

@@ -4,7 +4,7 @@ This page documents provider status for the current source tree.
 
 ## Current source target
 
-- Package version: `0.78.1`
+- Package version: `0.78.6`
 - Runtime contract family: `v1.2`
 - Release channel: `pre-1.0`
 

package/docs/versioning.md

@@ -4,11 +4,11 @@ OMK uses two version fields in release artifacts:
 
 | Field | Current value | Source | Meaning |
 | --- | --- | --- | --- |
-| Package version | `0.78.1` | `package.json`, `package-lock.json` | npm/package source version. |
+| Package version | `0.78.6` | `package.json`, `package-lock.json` | npm/package source version. |
 | Runtime version | `v1.2` | `src/version.ts`, JSON schemas | Contract/runtime family used by OMK envelopes. |
 | Release channel | `pre-1.0` | `src/version.ts` | Pre-1.0 package channel. |
 
-`0.78.1` is the package source version for the `v1.2` runtime contract family.
+`0.78.6` is the package source version for the `v1.2` runtime contract family.
 Use `v1.2` only for runtime contracts; do not substitute it for the package version.
 
 ## Contract versions
@@ -44,6 +44,6 @@ The `version --json` command emits one `omk.contract.v1` envelope whose data pay
 
 ## Documentation rules
 
-- Use `0.78.1` when referring to the current package source version.
+- Use `0.78.6` when referring to the current package source version.
 - Use `v1.2` only for the runtime contract family.
 - Keep historical changelog entries unchanged unless the text is not clearly historical.

package/package.json

@@ -1,9 +1,10 @@
 {
   "name": "open-multi-agent-kit",
-  "version": "0.78.3",
+  "version": "0.78.6",
   "description": "Provider-neutral multi-agent control plane for coding workflows: route agents, verify evidence, orchestrate MCP-aware DAGs, and control the loop from the omk CLI.",
   "type": "module",
   "bin": {
+    "omk": "dist/cli.js",
     "omk-project-mcp": "dist/mcp/omk-project-server.js",
     "omk-acp": "dist/mcp/acp-server.js",
     "omk-mcp-host": "dist/mcp/host.js"
@@ -32,10 +33,10 @@
     "version:check": "node scripts/check-version-consistency.mjs",
     "contract:check": "npm run build:clean && npm run schema:check && node scripts/check-json-stdout.mjs",
     "verify:contracts": "npm run contract:check",
-    "release:check": "node scripts/release-gate.mjs",
-    "release:full": "npm run verify && npm run verify:no-kimi && npm run contract:check && npm run schema:check && npm run version:check && npm run proof:check && npm run smoke:execution && npm run native:build && npm run pack:dry && npm run audit:package && npm run smoke:pack",
+    "release:check": "npm run verify:no-kimi && npm run contract:check && npm run schema:check && npm run version:check && npm run proof:check && npm run smoke:execution && npm run native:build && npm run pack:dry && npm run audit:package && npm run smoke:pack && OMK_RELEASE_DEMO=1 node scripts/release-gate.mjs",
+    "release:full": "npm run verify && npm run verify:no-kimi && npm run contract:check && npm run schema:check && npm run version:check && npm run proof:check && npm run smoke:execution && npm run native:build && npm run pack:dry && npm run audit:package && npm run smoke:pack && OMK_RELEASE_DEMO=1 node scripts/release-gate.mjs",
     "regression:matrix": "node scripts/regression-proof-matrix.mjs",
-    "release:rc": "npm run verify && npm run verify:no-kimi && npm run contract:check && npm run schema:check && npm run version:check && npm run proof:check && npm run smoke:execution && npm run native:build && npm run pack:dry && npm run audit:package && npm run smoke:pack",
+    "release:rc": "npm run verify && npm run verify:no-kimi && npm run contract:check && npm run schema:check && npm run version:check && npm run proof:check && npm run smoke:execution && npm run native:build && npm run pack:dry && npm run audit:package && npm run smoke:pack && OMK_RELEASE_DEMO=1 node scripts/release-gate.mjs",
     "smoke:no-kimi:chat": "OMK_MCP_PREFLIGHT=off OMK_PROJECT_ROOT=\"$PWD\" node dist/cli.js chat --provider auto --mode agent --execution ask --layout plain --mcp-scope none --smoke --json",
     "smoke:no-kimi:codex": "OMK_MCP_PREFLIGHT=off OMK_PROJECT_ROOT=\"$PWD\" node dist/cli.js chat --provider codex --mode agent --execution ask --layout plain --mcp-scope none --smoke --json",
     "smoke:no-kimi:doctor": "OMK_PROJECT_ROOT=\"$PWD\" node dist/cli.js doctor --json",

package/templates/skills/agents/omk-adaptorch-orchestration-review/SKILL.md

@@ -1,52 +0,0 @@
----
-name: omk-adaptorch-orchestration-review
-description: Review AdaptOrch, OMK, and similar DAG multi-agent orchestration frameworks. Use when assessing DAG node responsibility, dependency edges, worker write authority, fallback/retry/timeout/evidence gates, review/merge boundaries, or reproducible decision traces.
----
-
-## Orchestration Review
-
-Use this for read-only architecture review of DAG runtimes, multi-agent pipelines, worktree teams, schedulers, and evidence-gated repair loops.
-
-## Checklist
-
-### DAG node contract
-
-- Verify each node has one responsibility, one owner role, and one observable outcome.
-- Verify inputs, outputs, side effects, and acceptance evidence are explicit.
-- Flag nodes that mix planning, implementation, review, and merge authority without a gate.
-
-### Dependency edges
-
-- Confirm each edge represents a real data dependency, verification dependency, or authority handoff.
-- Flag ordering-only edges that do not protect correctness or safety.
-- Check that failed evidence blocks dependent nodes or routes them to repair.
-
-### Worker authority
-
-- Confirm each worker has bounded write scope and cannot overwrite unrelated lanes.
-- Check shared-file ownership, merge points, and escalation paths.
-- Require reviewer/merger separation for risky or cross-cutting changes.
-
-### Resilience and gates
-
-- Look for explicit retry limits, timeout presets, fallback routes, stop conditions, and evidence gates.
-- Confirm fallback does not silently weaken acceptance criteria.
-- Check that blocked, skipped, failed, and complete states are distinct.
-
-### Decision trace
-
-- Confirm routing, scheduler decisions, tool calls, evidence, retries, and final verdict are replayable.
-- Flag missing timestamps, inputs, outputs, or rationale needed to reproduce a run.
-
-## Output
-
-```txt
-Verdict:
-DAG node issues:
-Dependency edge issues:
-Worker authority risks:
-Missing gates:
-Decision trace gaps:
-Recommended fixes:
-Files/artifacts reviewed:
-```

package/templates/skills/kimi/mcp-install/SKILL.md

@@ -1,66 +0,0 @@
----
-name: mcp-install
-description: Install, validate, and manage MCP servers for OMK using the curated catalog and parallel processing.
----
-
-# MCP Server Installation Skill
-
-Guide for adding MCP servers to an OMK project using the built-in catalog and parallel orchestration.
-
-## Commands
-
-```bash
-# List configured MCP servers
-omk mcp list
-
-# Diagnose all MCP servers
-omk mcp doctor
-
-# Diagnose a specific server
-omk mcp doctor <server-name>
-
-# Install a single MCP server
-omk mcp install <name> <command> [args...]
-
-# Remove a server from project-local config
-omk mcp remove <name>
-
-# Sync global MCP servers into project
-omk mcp sync-global
-```
-
-## Curated Catalog
-
-OMK ships with a verified catalog in `src/mcp/server-catalog.ts` (or accessible via the runtime).
-Recommended categories:
-
-- **reasoning**: `sequential-thinking` — structured problem solving
-- **memory**: `memory` — persistent knowledge graph
-- **docs**: `pdf` — PDF text extraction
-- **web**: `puppeteer` — browser automation
-- **devtools**: `filesystem`, `sqlite` — file and database access
-- **ops**: `railway` — remote Railway MCP; `supabase` — database management and edge functions
-
-## Parallel Installation
-
-When installing multiple servers (e.g., during `omk init`), OMK uses `Promise.all` for parallel setup.
-Agents and hooks can also trigger bulk installs:
-
-1. **Agent lane**: explorer validates which servers are needed
-2. **Coder lane**: writes the MCP JSON entries
-3. **QA lane**: runs `omk mcp doctor` to verify each server
-4. **Hook**: `post-init-mcp.sh` runs non-blocking validation after init
-
-## Rules
-
-1. Prefer `npx -y <package>` so no global install is required.
-2. Use `${PROJECT_ROOT}` and `${DB_PATH}` placeholders in catalog entries; they are resolved at install time.
-3. Do not commit secrets in `mcp.json` env values.
-4. Run `omk mcp doctor` after adding servers to confirm they start.
-5. If a server fails to start, check `startup_timeout_sec` and network access.
-
-## When to Use
-
-- During `omk init` when selecting additional MCP servers.
-- When a task requires a new capability (browser, PDF, database).
-- Before reporting an MCP issue, run `omk mcp doctor --json` for structured evidence.

package/templates/skills/kimi/omk-adaptorch-orchestration-review/SKILL.md

@@ -1,52 +0,0 @@
----
-name: omk-adaptorch-orchestration-review
-description: Review AdaptOrch, OMK, and similar DAG multi-agent orchestration frameworks. Use when assessing DAG node responsibility, dependency edges, worker write authority, fallback/retry/timeout/evidence gates, review/merge boundaries, or reproducible decision traces.
----
-
-## Orchestration Review
-
-Use this for read-only architecture review of DAG runtimes, multi-agent pipelines, worktree teams, schedulers, and evidence-gated repair loops.
-
-## Checklist
-
-### DAG node contract
-
-- Verify each node has one responsibility, one owner role, and one observable outcome.
-- Verify inputs, outputs, side effects, and acceptance evidence are explicit.
-- Flag nodes that mix planning, implementation, review, and merge authority without a gate.
-
-### Dependency edges
-
-- Confirm each edge represents a real data dependency, verification dependency, or authority handoff.
-- Flag ordering-only edges that do not protect correctness or safety.
-- Check that failed evidence blocks dependent nodes or routes them to repair.
-
-### Worker authority
-
-- Confirm each worker has bounded write scope and cannot overwrite unrelated lanes.
-- Check shared-file ownership, merge points, and escalation paths.
-- Require reviewer/merger separation for risky or cross-cutting changes.
-
-### Resilience and gates
-
-- Look for explicit retry limits, timeout presets, fallback routes, stop conditions, and evidence gates.
-- Confirm fallback does not silently weaken acceptance criteria.
-- Check that blocked, skipped, failed, and complete states are distinct.
-
-### Decision trace
-
-- Confirm routing, scheduler decisions, tool calls, evidence, retries, and final verdict are replayable.
-- Flag missing timestamps, inputs, outputs, or rationale needed to reproduce a run.
-
-## Output
-
-```txt
-Verdict:
-DAG node issues:
-Dependency edge issues:
-Worker authority risks:
-Missing gates:
-Decision trace gaps:
-Recommended fixes:
-Files/artifacts reviewed:
-```