opencode-onboard 0.1.8 → 0.1.10

package/content/.agents/agents/back-engineer.md

@@ -72,11 +72,3 @@ Rules:
 **Files changed:** <list>
 **Blockers:** none | <description>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory, do it before any other work.
-
-- On start: `| {ISO timestamp} | back-engineer | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | back-engineer | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | back-engineer | completed | {files changed count} files, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/devops-manager.md

@@ -56,7 +56,7 @@ Rules:
 1. Verify all changes are on a feature branch, never `main`
 2. Load the matching pullrequest skill
 3. Capture screenshots of local running app if UI changes exist
-4. Read `.agents/session-log.md` if it exists, include a "Session Activity" section in the PR description with agent names, task counts, and total duration
+4. Read `.agents/session-log.json` if it exists, parse the JSON array and include a "Session Activity" section in the PR description with agent names, task counts, and skills used
 5. Commit and push the feature branch
 6. Create the PR following the skill instructions
 7. Post PR comment with screenshots and change summary
@@ -74,7 +74,7 @@ Rules:
 - Does not merge PRs, human-only
 - Does not approve PRs, human-only
 - Does not force push
-- ALL GitHub and Azure DevOps data MUST come from `gh` or `az` CLI — NEVER use webfetch or HTTP requests to fetch platform URLs, even as a fallback. If CLI is unavailable, report as a blocker.
+- ALL GitHub and Azure DevOps data MUST come from `gh` or `az` CLI, NEVER use webfetch or HTTP requests to fetch platform URLs, even as a fallback. If CLI is unavailable, report as a blocker.
 - Browser MCP tools permitted only for screenshots of local app on `localhost` URLs, never for navigating GitHub or Azure DevOps
 
 ## Output Format
@@ -108,11 +108,3 @@ Rules:
 **Questions for human:** <count>, <list>
 **Acknowledged only:** <count>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory — do it before any other work.
-
-- On start: `| {ISO timestamp} | devops-manager | started | {mode} mode |`
-- On skill load: `| {ISO timestamp} | devops-manager | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | devops-manager | completed | {summary}, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/front-engineer.md

@@ -71,11 +71,3 @@ Rules:
 **Files changed:** <list>
 **Blockers:** none | <description>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory, do it before any other work.
-
-- On start: `| {ISO timestamp} | front-engineer | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | front-engineer | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | front-engineer | completed | {files changed count} files, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/infra-engineer.md

@@ -72,11 +72,3 @@ Rules:
 **Resources affected:** <list>
 **Blockers:** none | <description>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory — do it before any other work.
-
-- On start: `| {ISO timestamp} | infra-engineer | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | infra-engineer | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | infra-engineer | completed | {files changed count} files, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/quality-engineer.md

@@ -72,11 +72,3 @@ Rules:
 **Acceptance criteria:** met | <unmet items>
 **Blockers:** none | <description>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory — do it before any other work.
-
-- On start: `| {ISO timestamp} | quality-engineer | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | quality-engineer | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | quality-engineer | completed | {tests added count} tests, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/security-auditor.md

@@ -82,11 +82,3 @@ Rules:
 
 **Blockers:** none | <critical findings that must be resolved before PR>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory — do it before any other work.
-
-- On start: `| {ISO timestamp} | security-auditor | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | security-auditor | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | security-auditor | completed | {findings count} findings, skills: {comma-separated skill names or none} |`

package/content/.agents/skills/ob-pullrequest-gh/SKILL.md

@@ -18,8 +18,8 @@ Use `rtk` wrapper for ALL CLI commands:
 - `rtk gh pr comment` NOT `gh pr comment`
 - `rtk gh api` NOT `gh api`
 
-**Browser MCP tools are FORBIDDEN for all GitHub operations.**
-Browser tools are ONLY permitted for screenshots of the LOCAL running app on `localhost` URLs.
+**ALL GitHub data MUST come from `gh` CLI. NEVER use webfetch, HTTP requests, or browser MCP tools for GitHub operations, even if gh CLI fails. If `gh` is unavailable, report as a blocker.**
+Always pass `--repo {owner}/{repo}` explicitly, never rely on git context to resolve the repo.
 
 ---
 
@@ -85,13 +85,13 @@ Triggered when user says "I've added comments to the PR" or "check PR feedback".
 
 If PR link provided, extract number from URL. Otherwise:
 ```bash
-rtk gh pr list --state open --limit 1
+rtk gh pr list --repo {owner}/{repo} --state open --limit 1
 ```
 
 ### Step 2: Read comment threads
 
 ```bash
-rtk gh pr view {pr-number} --comments
+rtk gh pr view {pr-number} --repo {owner}/{repo} --comments
 # Or structured output:
 rtk gh api repos/{owner}/{repo}/pulls/{pr-number}/comments
 rtk gh api repos/{owner}/{repo}/pulls/{pr-number}/reviews
@@ -132,9 +132,10 @@ rtk gh pr comment {pr-number} --body "Updated design.md to reflect feedback."
 ## Guardrails
 
 - ✅ Commit and push to feature branches only
-- ✅ Create and comment on PRs via gh CLI
+- ✅ Create and comment on PRs via gh CLI with explicit `--repo {owner}/{repo}`
 - ✅ Screenshots of localhost only via browser_screenshot
 - ❌ Commit or push to `main`, FORBIDDEN
 - ❌ Force push, FORBIDDEN
 - ❌ Merge or approve PRs, human-only
 - ❌ Navigate browser to github.com, FORBIDDEN
+- ❌ webfetch or HTTP requests to GitHub URLs, FORBIDDEN

package/content/.agents/skills/ob-userstory-az/SKILL.md

@@ -156,17 +156,17 @@ https://dev.azure.com/{org}/{project}/_git/{repo}/pullrequest/{pr-id}
 **State:** {state}
 
 **Change Created:** us-{id}-{slug}
-
-### Next Steps
-1. Review the proposal
-2. Say "implement the plan" to start implementation
 ```
 
+After outputting the above, the lead MUST run `/opsx-propose` to generate the proposal, specs, and tasks. After `/opsx-propose` completes, STOP and ask the user: **"Ready to implement? (yes/no)"**, do NOT proceed to `/opsx-apply` until confirmed.
+
 ---
 
 ## Guardrails
 
 - ✅ Parse Azure DevOps URL and create OpenSpec change
 - ✅ Use `rtk` for all Azure CLI operations
+- ✅ Always run `/opsx-propose` after parsing, never skip to implementation
+- ✅ Always stop and confirm with user after propose, before running `/opsx-apply`
 - ❌ Browser MCP tools for Azure DevOps operations, FORBIDDEN
-- ❌ Implementation, this skill only parses and proposes
+- ❌ Jump to implementation without user confirmation, FORBIDDEN

package/content/.agents/skills/ob-userstory-gh/SKILL.md

@@ -16,7 +16,7 @@ Use `rtk` wrapper for ALL CLI commands:
 - `rtk gh issue edit` NOT `gh issue edit`
 - `rtk openspec new change` NOT `openspec new change`
 
-**ALL GitHub data MUST come from `gh` CLI. NEVER use webfetch, HTTP requests, or browser MCP tools to fetch GitHub URLs — even if gh CLI fails. If `gh` is unavailable, report it as a blocker.**
+**ALL GitHub data MUST come from `gh` CLI. NEVER use webfetch, HTTP requests, or browser MCP tools to fetch GitHub URLs, even if gh CLI fails. If `gh` is unavailable, report it as a blocker.**
 
 ---
 
@@ -36,13 +36,14 @@ gh auth status
 
 ## Steps
 
-1. **Extract Issue Number** from URL
-   - `https://github.com/{owner}/{repo}/issues/42` → number: 42
+1. **Extract owner, repo, and issue number** from URL
+   - `https://github.com/{owner}/{repo}/issues/42` → owner: `{owner}`, repo: `{repo}`, number: `42`
 
-2. **Fetch Issue**
+2. **Fetch Issue**, always pass `--repo` explicitly, never rely on git context:
    ```bash
-   rtk gh issue view 42 --json number,title,body,labels,milestone,state
+   rtk gh issue view 42 --repo {owner}/{repo} --json number,title,body,labels,milestone,state
    ```
+   If this returns an auth error or 404, report as a blocker, do NOT fall back to webfetch or web search.
 
 3. **Extract Key Fields** from JSON response:
    - `number` → Issue number
@@ -61,18 +62,18 @@ gh auth status
 
 ## Full GitHub CLI Reference
 
-Use these for ALL GitHub operations, browser MCP is FORBIDDEN.
+Use these for ALL GitHub operations, browser MCP and webfetch are FORBIDDEN. Always pass `--repo {owner}/{repo}`, never rely on git context.
 
 ### Issues
 ```bash
 # Read issue
-rtk gh issue view <number>
+rtk gh issue view <number> --repo {owner}/{repo}
 
 # List open issues
-rtk gh issue list --state open --limit 10
+rtk gh issue list --repo {owner}/{repo} --state open --limit 10
 
 # Update issue
-rtk gh issue edit <number> --add-label "in-progress"
+rtk gh issue edit <number> --repo {owner}/{repo} --add-label "in-progress"
 ```
 
 ---
@@ -119,18 +120,18 @@ https://raw.githubusercontent.com/{owner}/{repo}/{branch}/{path}
 **Milestone:** {milestone}
 
 **Change Created:** gh-{number}-{slug}
-
-### Next Steps
-1. Review the proposal
-2. Say "implement the plan" to start implementation
 ```
 
+After outputting the above, the lead MUST run `/opsx-propose` to generate the proposal, specs, and tasks. After `/opsx-propose` completes, STOP and ask the user: **"Ready to implement? (yes/no)"**, do NOT proceed to `/opsx-apply` until confirmed.
+
 ---
 
 ## Guardrails
 
 - ✅ Parse GitHub Issue URL and create OpenSpec change
 - ✅ Use `rtk gh` for all GitHub CLI operations
-- ❌ `webfetch` or HTTP requests to GitHub URLs, FORBIDDEN — use `gh` CLI only
+- ✅ Always run `/opsx-propose` after parsing, never skip to implementation
+- ✅ Always stop and confirm with user after propose, before running `/opsx-apply`
+- ❌ `webfetch` or HTTP requests to GitHub URLs, FORBIDDEN, use `gh` CLI only
 - ❌ Browser MCP tools for GitHub operations, FORBIDDEN
-- ❌ Implementation, this skill only parses and proposes
+- ❌ Jump to implementation without user confirmation, FORBIDDEN

package/content/.opencode/ensemble.json

@@ -3,10 +3,6 @@
   "mergeOnCleanup": true,
   "timeoutMs": 1800000,
   "stallThresholdMs": 300000,
-  "defaultModel": "anthropic/claude-sonnet-4-6",
-  "modelsByAgent": {
-    "build": "anthropic/claude-sonnet-4-6",
-    "explore": "anthropic/claude-haiku-4.5"
-  },
+  "modelsByAgent": {},
   "modelAssignment": "default"
 }

package/content/.opencode/opencode.json

@@ -3,6 +3,6 @@
   "plugin": [
     "opencode-plugin-openspec",
     "@different-ai/opencode-browser",
-    "@hueyexe/opencode-ensemble@0.13.1"
+    "@hueyexe/opencode-ensemble@0.13.2"
   ]
-}
+}

package/content/.opencode/plugins/session-log.js

@@ -1,8 +1,7 @@
 import fs from "node:fs"
 import path from "node:path"
 
-const LOG_FILE = ".agents/session-log.md"
-const LOG_HEADER = "# Session Log\n\n| Timestamp | Agent | Action | Detail |\n|-----------|-------|--------|--------|\n"
+const LOG_FILE = ".agents/session-log.json"
 
 // Per-session state: editCount and skills loaded
 const sessionState = new Map()
@@ -11,99 +10,81 @@ function ts() {
   return new Date().toISOString()
 }
 
-function appendLog(directory, row) {
+function appendEntry(directory, entry) {
   const logPath = path.join(directory, LOG_FILE)
   const dir = path.dirname(logPath)
   if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true })
-  if (!fs.existsSync(logPath)) fs.writeFileSync(logPath, LOG_HEADER, "utf8")
-  fs.appendFileSync(logPath, row + "\n", "utf8")
+
+  let entries = []
+  if (fs.existsSync(logPath)) {
+    try { entries = JSON.parse(fs.readFileSync(logPath, "utf8")) } catch (_) {}
+  }
+  entries.push(entry)
+  fs.writeFileSync(logPath, JSON.stringify(entries, null, 2), "utf8")
 }
 
 function resolveAgentName(session) {
-  // session.agent is the path to the agent .md file, e.g. ".agents/agents/back-engineer.md"
   const agentPath = session?.agent
   if (agentPath) {
     const base = path.basename(agentPath, ".md")
     if (base) return base
   }
-  // Fall back to session title (ensemble sets it to agent name)
-  const title = session?.title
-  if (title) return title
   return "lead"
 }
 
 export const SessionLogPlugin = async ({ client, directory }) => {
   return {
-    "session.created": async ({ event }) => {
+    event: async ({ event }) => {
       try {
-        const sessionId = event.properties?.sessionID
-        if (!sessionId) return
+        if (event?.type === "session.created") {
+          const sessionId = event.properties?.id ?? event.properties?.sessionID
+          if (!sessionId) return
 
-        const res = await client.session.get({ path: { id: sessionId } })
-        const session = res?.data
-        const agentName = resolveAgentName(session)
+          const res = await client.session.get({ path: { id: sessionId } })
+          const session = res?.data
+          const agentName = resolveAgentName(session)
 
-        sessionState.set(sessionId, { agentName, editCount: 0, skills: [] })
-
-        appendLog(
-          directory,
-          `| ${ts()} | ${agentName} | started | session ${sessionId.slice(0, 8)} |`
-        )
-      } catch (_) {}
-    },
+          sessionState.set(sessionId, { agentName, editCount: 0, skills: [] })
+          appendEntry(directory, { ts: ts(), agent: agentName, action: "started", sessionId })
+        }
 
-    "tool.execute.after": async ({ event }) => {
-      try {
-        const { sessionID, tool, output } = event.properties ?? {}
-        if (!sessionID) return
+        if (event?.type === "file.edited") {
+          const sessionId = event.properties?.sessionID ?? event.properties?.id
+          if (!sessionId) return
+          const state = sessionState.get(sessionId)
+          if (state) state.editCount++
+        }
 
-        const state = sessionState.get(sessionID)
-        const agentName = state?.agentName ?? "unknown"
+        if (event?.type === "session.idle") {
+          const sessionId = event.properties?.id ?? event.properties?.sessionID
+          if (!sessionId) return
+          const state = sessionState.get(sessionId)
+          if (!state) return
 
-        // Skill detection: agent read a SKILL.md
-        if (tool === "read") {
-          const filePath = output?.args?.filePath ?? output?.input?.filePath ?? ""
-          const match = filePath.match(/[/\\]skills[/\\]([^/\\]+)[/\\]SKILL\.md$/i)
-          if (match) {
-            const skillName = match[1]
-            if (state && !state.skills.includes(skillName)) {
-              state.skills.push(skillName)
-            }
-            appendLog(
-              directory,
-              `| ${ts()} | ${agentName} | skill-loaded | ${skillName} |`
-            )
-          }
+          const { agentName, editCount, skills } = state
+          appendEntry(directory, { ts: ts(), agent: agentName, action: "completed", filesEdited: editCount, skills })
+          sessionState.delete(sessionId)
         }
       } catch (_) {}
     },
 
-    "file.edited": async ({ event }) => {
-      try {
-        const { sessionID } = event.properties ?? {}
-        if (!sessionID) return
-        const state = sessionState.get(sessionID)
-        if (state) state.editCount++
-      } catch (_) {}
-    },
-
-    "session.idle": async ({ event }) => {
+    "tool.execute.after": async (input, output) => {
       try {
-        const sessionId = event.properties?.sessionID
+        const sessionId = input?.sessionID ?? input?.session_id
         if (!sessionId) return
 
         const state = sessionState.get(sessionId)
         if (!state) return
 
-        const { agentName, editCount, skills } = state
-        const skillsSummary = skills.length > 0 ? skills.join(", ") : "none"
-
-        appendLog(
-          directory,
-          `| ${ts()} | ${agentName} | completed | ${editCount} files edited, skills: ${skillsSummary} |`
-        )
-
-        sessionState.delete(sessionId)
+        if (input?.tool === "read") {
+          const filePath = input?.args?.filePath ?? ""
+          const match = filePath.match(/[/\\]skills[/\\]([^/\\]+)[/\\]SKILL\.md$/i)
+          if (match) {
+            const skillName = match[1]
+            if (!state.skills.includes(skillName)) state.skills.push(skillName)
+            appendEntry(directory, { ts: ts(), agent: state.agentName, action: "skill-loaded", skill: skillName })
+          }
+        }
       } catch (_) {}
     },
   }

package/content/AGENTS.md

@@ -67,75 +67,6 @@ Replace the entire contents of this file (`AGENTS.md`) with everything below the
 
 ---
 
-### Step 4b, Patch opsx-apply for ensemble
-
-Read **both** `.opencode/commands/opsx-apply.md` AND `.opencode/skills/openspec-apply-change/SKILL.md`. They contain the same solo implementation loop. Patch both identically.
-
-In each file, find the step that instructs the agent to **implement tasks directly**, it will contain phrases like "make the code changes", "implement tasks", "loop until done or blocked". This step tells the agent to write code itself.
-
-**Replace that step and everything after it** (completion output, pause output, guardrails, fluid workflow) with the following:
-
-```markdown
-6. **Implement via ensemble team**
-
-   NEVER implement tasks directly. Always delegate to specialists via ensemble.
-
-   a. Create feature branch if not already on one: `feature/{id}-{slug}`
-   b. Create team:
-      ```
-      team_create "<change-name>"
-      ```
-      Announce: "Team running. Monitor at http://localhost:4747/"
-
-   c. Spawn only what the tasks require (in parallel):
-      ```
-      team_spawn name:front   agent:front-engineer  → UI/frontend tasks
-      team_spawn name:back    agent:back-engineer   → backend/API tasks
-      team_spawn name:infra   agent:infra-engineer  → infra/pipeline tasks
-      ```
-      Pass each specialist: their relevant tasks + all context file paths from step above.
-      Log each spawn to `.agents/session-log.md` (see Session Log section).
-
-   d. Wait for all → `team_results` → `team_shutdown` + `team_merge`
-
-7. **Quality check**
-
-   ```
-   team_spawn name:quality agent:quality-engineer
-   ```
-   Wait → `team_results` → fix blockers → `team_shutdown`
-
-8. **Mark tasks complete in openspec**
-
-   After specialists finish, update the tasks file: `- [ ]` → `- [x]` for each completed task.
-   Run `openspec status --change "<name>" --json` to confirm progress.
-
-9. **On completion or pause, show status**
-
-   Display:
-   - Tasks completed this session
-   - Overall progress: "N/M tasks complete"
-   - If all done: suggest archive with `/opsx-archive`
-   - If paused: explain why and wait for guidance
-
-   Then run `team_cleanup`.
-
-**Guardrails**
-- NEVER implement tasks directly, always use `team_create` + `team_spawn`, no exceptions
-- "Small feature", "faster to do it directly", "environment issues" are NOT valid reasons to skip ensemble, if you find yourself thinking this, stop and spawn anyway
-- Always read context files before spawning (from the apply instructions output)
-- Always pass context file paths and task list to spawned specialists
-- Mark tasks complete in openspec AFTER specialists finish, not before
-- If task is ambiguous, pause and ask before spawning
-- If implementation reveals issues, pause and suggest artifact updates
-- Pause on errors, blockers, or unclear requirements, don't guess
-- Use contextFiles from CLI output, don't assume specific file names
-```
-
-Keep all steps before the implementation step unchanged in both files, they are openspec's domain (select change, check status, get instructions, read context, show progress).
-
----
-
 ### Step 5, Confirm
 
 Tell the user:
@@ -245,9 +176,7 @@ devops-manager (ship mode)
 ### Phase 2, Implement
 
 ```
-1. Run /opsx-apply (or load skill openspec-apply-change)
-   The command handles context reading, ensemble orchestration, and task marking automatically.
-   DO NOT implement tasks directly, the command spawns specialists via ensemble.
+1. Run /opsx-apply, handles context reading, ensemble orchestration, and task marking.
 2. After /opsx-apply completes, proceed to quality check.
 ```
 
@@ -345,41 +274,6 @@ Example: `feature/42-add-user-auth`
 
 ---
 
-## Session Log
-
-<!-- session-logging: enabled -->
-
-All agents MUST log their activity to `.agents/session-log.md`.
-
-**Check before logging:** Read the `session-logging` comment above. If it says `disabled`, skip all logging.
-
-**Every agent MUST create or append to this file when it starts, no exceptions.** If the file does not exist, create it with this exact header first:
-
-```markdown
-# Session Log
-
-| Timestamp | Agent | Action | Detail |
-|-----------|-------|--------|--------|
-```
-
-Then immediately append a `started` row.
-
-**Log these events** by appending a row:
-- Lead spawns an agent → `| {ISO timestamp} | lead | spawned | {agent-name}, {purpose} |`
-- Agent starts → `| {ISO timestamp} | {agent-name} | started | {task summary} |`
-- Agent loads a skill → `| {ISO timestamp} | {agent-name} | skill-loaded | {skill-name} |`
-- Agent completes → `| {ISO timestamp} | {agent-name} | completed | {files changed count} files, skills: {comma-separated skill names or none} |`
-- Agent blocked → `| {ISO timestamp} | {agent-name} | blocked | {reason} |`
-
-**Rules:**
-- Creating the file and logging `started` is mandatory, do it before any other work
-- Append only, never overwrite previous entries
-- One row per event, keep detail column short
-- Use ISO 8601 timestamps
-- The file is gitignored, never commit it
-
----
-
 ## RTK
 
 Use `rtk` wrapper for ALL CLI commands. Never run git, az, gh, or openspec commands directly.
@@ -411,7 +305,7 @@ Agents CANNOT:
 
 ### Platform CLI
 
-ALL platform interactions via CLI only. Browser MCP and webfetch FORBIDDEN for any DevOps or GitHub operation — use `gh` or `az` CLI exclusively, never fall back to HTTP requests.
+ALL platform interactions via CLI only. Browser MCP and webfetch FORBIDDEN for any DevOps or GitHub operation, use `gh` or `az` CLI exclusively, never fall back to HTTP requests.
 
 | Operation | Azure DevOps | GitHub |
 |-----------|-------------|--------|

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-onboard",
-  "version": "0.1.8",
+  "version": "0.1.10",
   "description": "Prepare any brownfield codebase for AI agent workflows using OpenCode, OpenSpec, and ensemble orchestration.",
   "keywords": [
     "opencode",

package/src/steps/choose-models.js

@@ -132,7 +132,22 @@ export async function chooseModels() {
     const config = await fse.readJson(opencodeJsonPath)
     config.model = planModel
     await fse.writeJson(opencodeJsonPath, config, { spaces: 2 })
-    success(`plan model → ${planModel} (written to .opencode/opencode.json)`)
+    success(`plan model -> ${planModel} (written to .opencode/opencode.json)`)
+  }
+
+  // Write build and fast models to ensemble.json
+  const ensembleJsonPath = path.join(process.cwd(), '.opencode', 'ensemble.json')
+  if (await fse.pathExists(ensembleJsonPath)) {
+    const ensemble = await fse.readJson(ensembleJsonPath)
+    delete ensemble.defaultModel
+    ensemble.modelsByAgent = {
+      ...ensemble.modelsByAgent,
+      build: buildModel,
+      explore: fastModel,
+    }
+    await fse.writeJson(ensembleJsonPath, ensemble, { spaces: 2 })
+    success(`build model -> ${buildModel} (written to .opencode/ensemble.json)`)
+    success(`fast model -> ${fastModel} (written to .opencode/ensemble.json)`)
   }
 
   console.log()

package/src/steps/clean-ai-files.js

@@ -3,25 +3,45 @@ import path from 'path'
 import { findAiFiles } from '../utils/copy.js'
 import { header, info, prompt, success, warn } from '../utils/exec.js'
 
+/**
+ * Enumerate immediate children of a directory, returning their absolute paths.
+ * Skips any entry named 'skills' at any level to preserve user-installed skills.
+ */
+async function childrenExcludingSkills(dir) {
+  const results = []
+  if (!await fse.pathExists(dir)) return results
+  const entries = await fse.readdir(dir)
+  for (const entry of entries) {
+    if (entry === 'skills') continue
+    results.push(path.join(dir, entry))
+  }
+  return results
+}
+
 export async function cleanAiFiles() {
   header('Step 2, Existing AI config files')
 
   const cwd = process.cwd()
-  const found = await findAiFiles(cwd)
-
-  // Also find .agents contents except skills/ (preserve user skills)
-  const agentsDir = path.join(cwd, '.agents')
-  const agentsEntries = []
-  if (await fse.pathExists(agentsDir)) {
-    const entries = await fse.readdir(agentsDir)
-    for (const entry of entries) {
-      if (entry !== 'skills') {
-        agentsEntries.push(path.join(agentsDir, entry))
-      }
-    }
+
+  // Flat AI config files (not directories)
+  const flatFiles = await findAiFiles(cwd)
+
+  // For directory targets (.opencode, .agents), enumerate children and skip skills/
+  const dirTargets = ['.opencode', '.agents']
+  const dirEntries = []
+  for (const dirName of dirTargets) {
+    const dirPath = path.join(cwd, dirName)
+    const children = await childrenExcludingSkills(dirPath)
+    dirEntries.push(...children)
   }
 
-  const allFiles = [...found, ...agentsEntries]
+  // Remove the directory targets themselves from flat list (we handle them via children)
+  const filteredFlat = flatFiles.filter(f => {
+    const rel = path.relative(cwd, f)
+    return !dirTargets.includes(rel)
+  })
+
+  const allFiles = [...filteredFlat, ...dirEntries]
 
   if (allFiles.length === 0) {
     success('No existing AI config files found')
@@ -33,7 +53,7 @@ export async function cleanAiFiles() {
     info(f.replace(cwd, '.'))
   }
   console.log()
-  prompt('Press Enter to remove them all (your .agents/skills/ will be kept)')
+  prompt('Press Enter to remove them all (skills/ folders will be kept)')
   console.log()
 
   await new Promise(resolve => {

package/src/steps/init-openspec.js

@@ -1,6 +1,114 @@
 import { execa } from 'execa'
+import fs from 'node:fs'
+import path from 'node:path'
 import { error, header, success, warn } from '../utils/exec.js'
 
+const ENSEMBLE_PATCH = `6. **Implement via ensemble team**
+
+   NEVER implement tasks directly. Always delegate to specialists via ensemble.
+   Do NOT touch any source files before the team is running, not even a single edit.
+
+   a. Create feature branch if not already on one: \`feature/{id}-{slug}\`
+
+   b. Clean up any stale team state, then create the team:
+      \`\`\`
+      team_cleanup force:true acknowledge_uncommitted:true   (ignore "not in a team" errors)
+      team_create "<change-name>"
+      \`\`\`
+      Announce: "Team running. Monitor at http://localhost:4747/"
+
+   c. Add all tasks to the shared board so progress is visible in the dashboard.
+      Tasks take { content, priority } only, no assignee field:
+      \`\`\`
+      team_tasks_add tasks:[
+        { content: "1.1 <task description>", priority: "high" },
+        { content: "1.2 <task description>", priority: "high" },
+        ...one entry per task from the tasks.md checklist...
+      ]
+      \`\`\`
+      team_tasks_add returns the task IDs, save them to pass to each agent.
+
+   d. Spawn specialists one at a time (wait for each team_spawn result before calling the next,
+      this avoids git worktree contention). Include the FULL task list,
+      ALL context file paths, and the task IDs for their assigned tasks directly in each spawn prompt.
+      Agents must call team_claim on each task ID before starting it, then team_tasks_complete when done:
+      \`\`\`
+      team_spawn name:back   agent:back-engineer   prompt:"<full task list + context file paths + architecture notes + task IDs for your tasks + call team_claim before each task, team_tasks_complete after + report back when done or blocked>"
+      team_spawn name:front  agent:front-engineer  prompt:"<full task list + context file paths + architecture notes + task IDs for your tasks + call team_claim before each task, team_tasks_complete after + report back when done or blocked>"
+      team_spawn name:infra  agent:infra-engineer  prompt:"<full task list + context file paths + architecture notes + task IDs for your tasks + call team_claim before each task, team_tasks_complete after + report back when done or blocked>"
+      \`\`\`
+
+   e. Wait for all → \`team_results\` → \`team_shutdown\` + \`team_merge\`
+
+7. **Quality check**
+
+   \`\`\`
+   team_spawn name:quality agent:quality-engineer prompt:"<task list, context files, run tests + build + lint + verify acceptance criteria, call team_claim before each task, team_tasks_complete after, report back when done>"
+   \`\`\`
+   Wait → \`team_results\` → fix blockers → \`team_shutdown\`
+
+8. **Mark tasks complete in openspec**
+
+   After specialists finish, update the tasks file: \`- [ ]\` → \`- [x]\` for each completed task.
+   Run \`openspec status --change "<name>" --json\` to confirm progress.
+
+9. **On completion or pause, show status**
+
+   Display:
+   - Tasks completed this session
+   - Overall progress: "N/M tasks complete"
+   - If all done: suggest archive with \`/opsx-archive\`
+   - If paused: explain why and wait for guidance
+
+   Then run \`team_cleanup\`.
+
+**Guardrails**
+- NEVER implement tasks directly. Always use \`team_create\` + \`team_spawn\`, no exceptions
+- NEVER touch source files before \`team_create\` is called, not even one edit
+- ALWAYS run \`team_cleanup force:true\` before \`team_create\` to clear stale state from previous runs
+- ALWAYS add tasks to the board with \`team_tasks_add tasks:[{content, priority}]\` before spawning. No assignee field exists.
+- ALWAYS pass the task IDs returned by team_tasks_add to each agent in their spawn prompt so they can call team_claim
+- NEVER claim or complete tasks yourself as lead. Only subagents call team_claim and team_tasks_complete
+- Spawn teammates ONE AT A TIME, waiting for each team_spawn result before calling the next (avoids git worktree contention)
+- "Small feature", "faster to do it directly", "environment issues", "teammates not responding" are NOT valid reasons to implement directly. If teammates are stuck, use \`team_message\` to resend tasks, then wait
+- Always read context files before spawning (from the apply instructions output)
+- Mark tasks complete in openspec AFTER specialists finish, not before
+- If task is ambiguous, pause and ask before spawning
+- If implementation reveals issues, pause and suggest artifact updates
+- Pause on errors, blockers, or unclear requirements. Do not guess
+- Use contextFiles from CLI output, do not assume specific file names
+`
+
+// Patterns that identify the solo implementation step in openspec-generated files
+const SOLO_IMPL_PATTERNS = [
+  /^#{1,3}\s+\d+\..*(implement|loop until|make the code changes|for each (pending )?task)/im,
+  /\*\*Implement tasks.*loop until/im,
+  /^6\.\s+\*\*Implement tasks/im,
+]
+
+function patchOpensxApply(filePath) {
+  if (!fs.existsSync(filePath)) return false
+
+  const content = fs.readFileSync(filePath, 'utf8')
+  const lines = content.split('\n')
+
+  // Find the line index where the solo implementation step starts
+  let cutLine = -1
+  for (let i = 0; i < lines.length; i++) {
+    if (SOLO_IMPL_PATTERNS.some(p => p.test(lines[i]))) {
+      cutLine = i
+      break
+    }
+  }
+
+  if (cutLine === -1) return false // Pattern not found, skip
+
+  const preamble = lines.slice(0, cutLine).join('\n').trimEnd()
+  const patched = preamble + '\n\n' + ENSEMBLE_PATCH
+  fs.writeFileSync(filePath, patched, 'utf8')
+  return true
+}
+
 export async function initOpenspec() {
   header('Step 6, Initializing OpenSpec')
 
@@ -19,4 +127,20 @@ export async function initOpenspec() {
   } catch (err) {
     error(`Failed to run openspec init: ${err.message}`)
   }
+
+  // Patch opsx-apply.md to use ensemble orchestration instead of solo implementation
+  const targets = [
+    path.join(process.cwd(), '.opencode', 'commands', 'opsx-apply.md'),
+    path.join(process.cwd(), '.opencode', 'skills', 'openspec-apply-change', 'SKILL.md'),
+  ]
+
+  for (const target of targets) {
+    try {
+      const patched = patchOpensxApply(target)
+      if (patched) success(`Patched ${path.relative(process.cwd(), target)} for ensemble`)
+    } catch (err) {
+      warn(`Could not patch ${path.relative(process.cwd(), target)}: ${err.message}`)
+    }
+  }
 }
+

package/src/utils/copy.js

@@ -40,6 +40,8 @@ const AI_FILES = [
   'copilot-instructions.md',
   '.aider.conf.yml',
   '.aider',
+  '.opencode',
+  '.agents'
 ]
 
 export async function findAiFiles(dir) {