opencode-onboard 0.1.8 → 0.1.12

package/content/.agents/agents/back-engineer.md

@@ -72,11 +72,3 @@ Rules:
 **Files changed:** <list>
 **Blockers:** none | <description>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory, do it before any other work.
-
-- On start: `| {ISO timestamp} | back-engineer | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | back-engineer | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | back-engineer | completed | {files changed count} files, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/devops-manager.md

@@ -56,7 +56,7 @@ Rules:
 1. Verify all changes are on a feature branch, never `main`
 2. Load the matching pullrequest skill
 3. Capture screenshots of local running app if UI changes exist
-4. Read `.agents/session-log.md` if it exists, include a "Session Activity" section in the PR description with agent names, task counts, and total duration
+4. Read `.agents/session-log.json` if it exists, parse the JSON array and include a "Session Activity" section in the PR description with agent names, task counts, and skills used
 5. Commit and push the feature branch
 6. Create the PR following the skill instructions
 7. Post PR comment with screenshots and change summary
@@ -74,7 +74,7 @@ Rules:
 - Does not merge PRs, human-only
 - Does not approve PRs, human-only
 - Does not force push
-- ALL GitHub and Azure DevOps data MUST come from `gh` or `az` CLI — NEVER use webfetch or HTTP requests to fetch platform URLs, even as a fallback. If CLI is unavailable, report as a blocker.
+- ALL GitHub and Azure DevOps data MUST come from `gh` or `az` CLI, NEVER use webfetch or HTTP requests to fetch platform URLs, even as a fallback. If CLI is unavailable, report as a blocker.
 - Browser MCP tools permitted only for screenshots of local app on `localhost` URLs, never for navigating GitHub or Azure DevOps
 
 ## Output Format
@@ -108,11 +108,3 @@ Rules:
 **Questions for human:** <count>, <list>
 **Acknowledged only:** <count>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory — do it before any other work.
-
-- On start: `| {ISO timestamp} | devops-manager | started | {mode} mode |`
-- On skill load: `| {ISO timestamp} | devops-manager | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | devops-manager | completed | {summary}, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/front-engineer.md

@@ -71,11 +71,3 @@ Rules:
 **Files changed:** <list>
 **Blockers:** none | <description>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory, do it before any other work.
-
-- On start: `| {ISO timestamp} | front-engineer | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | front-engineer | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | front-engineer | completed | {files changed count} files, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/infra-engineer.md

@@ -72,11 +72,3 @@ Rules:
 **Resources affected:** <list>
 **Blockers:** none | <description>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory — do it before any other work.
-
-- On start: `| {ISO timestamp} | infra-engineer | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | infra-engineer | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | infra-engineer | completed | {files changed count} files, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/quality-engineer.md

@@ -72,11 +72,3 @@ Rules:
 **Acceptance criteria:** met | <unmet items>
 **Blockers:** none | <description>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory — do it before any other work.
-
-- On start: `| {ISO timestamp} | quality-engineer | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | quality-engineer | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | quality-engineer | completed | {tests added count} tests, skills: {comma-separated skill names or none} |`

package/content/.agents/agents/security-auditor.md

@@ -82,11 +82,3 @@ Rules:
 
 **Blockers:** none | <critical findings that must be resolved before PR>
 ```
-
-## Session Log
-
-Append to `.agents/session-log.md`. Create the file with header if it does not exist (see AGENTS.md Session Log section). This is mandatory — do it before any other work.
-
-- On start: `| {ISO timestamp} | security-auditor | started | {task summary} |`
-- On skill load: `| {ISO timestamp} | security-auditor | skill-loaded | {skill-name} |`
-- On done: `| {ISO timestamp} | security-auditor | completed | {findings count} findings, skills: {comma-separated skill names or none} |`

package/content/.agents/skills/ob-pullrequest-gh/SKILL.md

@@ -18,8 +18,8 @@ Use `rtk` wrapper for ALL CLI commands:
 - `rtk gh pr comment` NOT `gh pr comment`
 - `rtk gh api` NOT `gh api`
 
-**Browser MCP tools are FORBIDDEN for all GitHub operations.**
-Browser tools are ONLY permitted for screenshots of the LOCAL running app on `localhost` URLs.
+**ALL GitHub data MUST come from `gh` CLI. NEVER use webfetch, HTTP requests, or browser MCP tools for GitHub operations, even if gh CLI fails. If `gh` is unavailable, report as a blocker.**
+Always pass `--repo {owner}/{repo}` explicitly, never rely on git context to resolve the repo.
 
 ---
 
@@ -85,13 +85,13 @@ Triggered when user says "I've added comments to the PR" or "check PR feedback".
 
 If PR link provided, extract number from URL. Otherwise:
 ```bash
-rtk gh pr list --state open --limit 1
+rtk gh pr list --repo {owner}/{repo} --state open --limit 1
 ```
 
 ### Step 2: Read comment threads
 
 ```bash
-rtk gh pr view {pr-number} --comments
+rtk gh pr view {pr-number} --repo {owner}/{repo} --comments
 # Or structured output:
 rtk gh api repos/{owner}/{repo}/pulls/{pr-number}/comments
 rtk gh api repos/{owner}/{repo}/pulls/{pr-number}/reviews
@@ -132,9 +132,10 @@ rtk gh pr comment {pr-number} --body "Updated design.md to reflect feedback."
 ## Guardrails
 
 - ✅ Commit and push to feature branches only
-- ✅ Create and comment on PRs via gh CLI
+- ✅ Create and comment on PRs via gh CLI with explicit `--repo {owner}/{repo}`
 - ✅ Screenshots of localhost only via browser_screenshot
 - ❌ Commit or push to `main`, FORBIDDEN
 - ❌ Force push, FORBIDDEN
 - ❌ Merge or approve PRs, human-only
 - ❌ Navigate browser to github.com, FORBIDDEN
+- ❌ webfetch or HTTP requests to GitHub URLs, FORBIDDEN

package/content/.agents/skills/ob-userstory-az/SKILL.md

@@ -156,17 +156,17 @@ https://dev.azure.com/{org}/{project}/_git/{repo}/pullrequest/{pr-id}
 **State:** {state}
 
 **Change Created:** us-{id}-{slug}
-
-### Next Steps
-1. Review the proposal
-2. Say "implement the plan" to start implementation
 ```
 
+After outputting the above, the lead MUST run `/opsx-propose` to generate the proposal, specs, and tasks. After `/opsx-propose` completes, STOP and ask the user: **"Ready to implement? (yes/no)"**, do NOT proceed to `/opsx-apply` until confirmed.
+
 ---
 
 ## Guardrails
 
 - ✅ Parse Azure DevOps URL and create OpenSpec change
 - ✅ Use `rtk` for all Azure CLI operations
+- ✅ Always run `/opsx-propose` after parsing, never skip to implementation
+- ✅ Always stop and confirm with user after propose, before running `/opsx-apply`
 - ❌ Browser MCP tools for Azure DevOps operations, FORBIDDEN
-- ❌ Implementation, this skill only parses and proposes
+- ❌ Jump to implementation without user confirmation, FORBIDDEN

package/content/.agents/skills/ob-userstory-gh/SKILL.md

@@ -16,7 +16,7 @@ Use `rtk` wrapper for ALL CLI commands:
 - `rtk gh issue edit` NOT `gh issue edit`
 - `rtk openspec new change` NOT `openspec new change`
 
-**ALL GitHub data MUST come from `gh` CLI. NEVER use webfetch, HTTP requests, or browser MCP tools to fetch GitHub URLs — even if gh CLI fails. If `gh` is unavailable, report it as a blocker.**
+**ALL GitHub data MUST come from `gh` CLI. NEVER use webfetch, HTTP requests, or browser MCP tools to fetch GitHub URLs, even if gh CLI fails. If `gh` is unavailable, report it as a blocker.**
 
 ---
 
@@ -36,13 +36,14 @@ gh auth status
 
 ## Steps
 
-1. **Extract Issue Number** from URL
-   - `https://github.com/{owner}/{repo}/issues/42` → number: 42
+1. **Extract owner, repo, and issue number** from URL
+   - `https://github.com/{owner}/{repo}/issues/42` → owner: `{owner}`, repo: `{repo}`, number: `42`
 
-2. **Fetch Issue**
+2. **Fetch Issue**, always pass `--repo` explicitly, never rely on git context:
    ```bash
-   rtk gh issue view 42 --json number,title,body,labels,milestone,state
+   rtk gh issue view 42 --repo {owner}/{repo} --json number,title,body,labels,milestone,state
    ```
+   If this returns an auth error or 404, report as a blocker, do NOT fall back to webfetch or web search.
 
 3. **Extract Key Fields** from JSON response:
    - `number` → Issue number
@@ -61,18 +62,18 @@ gh auth status
 
 ## Full GitHub CLI Reference
 
-Use these for ALL GitHub operations, browser MCP is FORBIDDEN.
+Use these for ALL GitHub operations, browser MCP and webfetch are FORBIDDEN. Always pass `--repo {owner}/{repo}`, never rely on git context.
 
 ### Issues
 ```bash
 # Read issue
-rtk gh issue view <number>
+rtk gh issue view <number> --repo {owner}/{repo}
 
 # List open issues
-rtk gh issue list --state open --limit 10
+rtk gh issue list --repo {owner}/{repo} --state open --limit 10
 
 # Update issue
-rtk gh issue edit <number> --add-label "in-progress"
+rtk gh issue edit <number> --repo {owner}/{repo} --add-label "in-progress"
 ```
 
 ---
@@ -119,18 +120,18 @@ https://raw.githubusercontent.com/{owner}/{repo}/{branch}/{path}
 **Milestone:** {milestone}
 
 **Change Created:** gh-{number}-{slug}
-
-### Next Steps
-1. Review the proposal
-2. Say "implement the plan" to start implementation
 ```
 
+After outputting the above, the lead MUST run `/opsx-propose` to generate the proposal, specs, and tasks. After `/opsx-propose` completes, STOP and ask the user: **"Ready to implement? (yes/no)"**, do NOT proceed to `/opsx-apply` until confirmed.
+
 ---
 
 ## Guardrails
 
 - ✅ Parse GitHub Issue URL and create OpenSpec change
 - ✅ Use `rtk gh` for all GitHub CLI operations
-- ❌ `webfetch` or HTTP requests to GitHub URLs, FORBIDDEN — use `gh` CLI only
+- ✅ Always run `/opsx-propose` after parsing, never skip to implementation
+- ✅ Always stop and confirm with user after propose, before running `/opsx-apply`
+- ❌ `webfetch` or HTTP requests to GitHub URLs, FORBIDDEN, use `gh` CLI only
 - ❌ Browser MCP tools for GitHub operations, FORBIDDEN
-- ❌ Implementation, this skill only parses and proposes
+- ❌ Jump to implementation without user confirmation, FORBIDDEN

package/content/.opencode/ensemble.json

@@ -3,10 +3,6 @@
   "mergeOnCleanup": true,
   "timeoutMs": 1800000,
   "stallThresholdMs": 300000,
-  "defaultModel": "anthropic/claude-sonnet-4-6",
-  "modelsByAgent": {
-    "build": "anthropic/claude-sonnet-4-6",
-    "explore": "anthropic/claude-haiku-4.5"
-  },
+  "modelsByAgent": {},
   "modelAssignment": "default"
 }

package/content/.opencode/opencode.json

@@ -3,6 +3,6 @@
   "plugin": [
     "opencode-plugin-openspec",
     "@different-ai/opencode-browser",
-    "@hueyexe/opencode-ensemble@0.13.1"
+    "@hueyexe/opencode-ensemble@0.13.2"
   ]
-}
+}

package/content/.opencode/plugins/session-log.js

@@ -1,8 +1,7 @@
 import fs from "node:fs"
 import path from "node:path"
 
-const LOG_FILE = ".agents/session-log.md"
-const LOG_HEADER = "# Session Log\n\n| Timestamp | Agent | Action | Detail |\n|-----------|-------|--------|--------|\n"
+const LOG_FILE = ".agents/session-log.json"
 
 // Per-session state: editCount and skills loaded
 const sessionState = new Map()
@@ -11,99 +10,81 @@ function ts() {
   return new Date().toISOString()
 }
 
-function appendLog(directory, row) {
+function appendEntry(directory, entry) {
   const logPath = path.join(directory, LOG_FILE)
   const dir = path.dirname(logPath)
   if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true })
-  if (!fs.existsSync(logPath)) fs.writeFileSync(logPath, LOG_HEADER, "utf8")
-  fs.appendFileSync(logPath, row + "\n", "utf8")
+
+  let entries = []
+  if (fs.existsSync(logPath)) {
+    try { entries = JSON.parse(fs.readFileSync(logPath, "utf8")) } catch (_) {}
+  }
+  entries.push(entry)
+  fs.writeFileSync(logPath, JSON.stringify(entries, null, 2), "utf8")
 }
 
 function resolveAgentName(session) {
-  // session.agent is the path to the agent .md file, e.g. ".agents/agents/back-engineer.md"
   const agentPath = session?.agent
   if (agentPath) {
     const base = path.basename(agentPath, ".md")
     if (base) return base
   }
-  // Fall back to session title (ensemble sets it to agent name)
-  const title = session?.title
-  if (title) return title
   return "lead"
 }
 
 export const SessionLogPlugin = async ({ client, directory }) => {
   return {
-    "session.created": async ({ event }) => {
+    event: async ({ event }) => {
       try {
-        const sessionId = event.properties?.sessionID
-        if (!sessionId) return
+        if (event?.type === "session.created") {
+          const sessionId = event.properties?.id ?? event.properties?.sessionID
+          if (!sessionId) return
 
-        const res = await client.session.get({ path: { id: sessionId } })
-        const session = res?.data
-        const agentName = resolveAgentName(session)
+          const res = await client.session.get({ path: { id: sessionId } })
+          const session = res?.data
+          const agentName = resolveAgentName(session)
 
-        sessionState.set(sessionId, { agentName, editCount: 0, skills: [] })
-
-        appendLog(
-          directory,
-          `| ${ts()} | ${agentName} | started | session ${sessionId.slice(0, 8)} |`
-        )
-      } catch (_) {}
-    },
+          sessionState.set(sessionId, { agentName, editCount: 0, skills: [] })
+          appendEntry(directory, { ts: ts(), agent: agentName, action: "started", sessionId })
+        }
 
-    "tool.execute.after": async ({ event }) => {
-      try {
-        const { sessionID, tool, output } = event.properties ?? {}
-        if (!sessionID) return
+        if (event?.type === "file.edited") {
+          const sessionId = event.properties?.sessionID ?? event.properties?.id
+          if (!sessionId) return
+          const state = sessionState.get(sessionId)
+          if (state) state.editCount++
+        }
 
-        const state = sessionState.get(sessionID)
-        const agentName = state?.agentName ?? "unknown"
+        if (event?.type === "session.idle") {
+          const sessionId = event.properties?.id ?? event.properties?.sessionID
+          if (!sessionId) return
+          const state = sessionState.get(sessionId)
+          if (!state) return
 
-        // Skill detection: agent read a SKILL.md
-        if (tool === "read") {
-          const filePath = output?.args?.filePath ?? output?.input?.filePath ?? ""
-          const match = filePath.match(/[/\\]skills[/\\]([^/\\]+)[/\\]SKILL\.md$/i)
-          if (match) {
-            const skillName = match[1]
-            if (state && !state.skills.includes(skillName)) {
-              state.skills.push(skillName)
-            }
-            appendLog(
-              directory,
-              `| ${ts()} | ${agentName} | skill-loaded | ${skillName} |`
-            )
-          }
+          const { agentName, editCount, skills } = state
+          appendEntry(directory, { ts: ts(), agent: agentName, action: "completed", filesEdited: editCount, skills })
+          sessionState.delete(sessionId)
         }
       } catch (_) {}
     },
 
-    "file.edited": async ({ event }) => {
-      try {
-        const { sessionID } = event.properties ?? {}
-        if (!sessionID) return
-        const state = sessionState.get(sessionID)
-        if (state) state.editCount++
-      } catch (_) {}
-    },
-
-    "session.idle": async ({ event }) => {
+    "tool.execute.after": async (input, output) => {
       try {
-        const sessionId = event.properties?.sessionID
+        const sessionId = input?.sessionID ?? input?.session_id
         if (!sessionId) return
 
         const state = sessionState.get(sessionId)
         if (!state) return
 
-        const { agentName, editCount, skills } = state
-        const skillsSummary = skills.length > 0 ? skills.join(", ") : "none"
-
-        appendLog(
-          directory,
-          `| ${ts()} | ${agentName} | completed | ${editCount} files edited, skills: ${skillsSummary} |`
-        )
-
-        sessionState.delete(sessionId)
+        if (input?.tool === "read") {
+          const filePath = input?.args?.filePath ?? ""
+          const match = filePath.match(/[/\\]skills[/\\]([^/\\]+)[/\\]SKILL\.md$/i)
+          if (match) {
+            const skillName = match[1]
+            if (!state.skills.includes(skillName)) state.skills.push(skillName)
+            appendEntry(directory, { ts: ts(), agent: state.agentName, action: "skill-loaded", skill: skillName })
+          }
+        }
       } catch (_) {}
     },
   }

package/content/AGENTS.md

@@ -67,75 +67,6 @@ Replace the entire contents of this file (`AGENTS.md`) with everything below the
 
 ---
 
-### Step 4b, Patch opsx-apply for ensemble
-
-Read **both** `.opencode/commands/opsx-apply.md` AND `.opencode/skills/openspec-apply-change/SKILL.md`. They contain the same solo implementation loop. Patch both identically.
-
-In each file, find the step that instructs the agent to **implement tasks directly**, it will contain phrases like "make the code changes", "implement tasks", "loop until done or blocked". This step tells the agent to write code itself.
-
-**Replace that step and everything after it** (completion output, pause output, guardrails, fluid workflow) with the following:
-
-```markdown
-6. **Implement via ensemble team**
-
-   NEVER implement tasks directly. Always delegate to specialists via ensemble.
-
-   a. Create feature branch if not already on one: `feature/{id}-{slug}`
-   b. Create team:
-      ```
-      team_create "<change-name>"
-      ```
-      Announce: "Team running. Monitor at http://localhost:4747/"
-
-   c. Spawn only what the tasks require (in parallel):
-      ```
-      team_spawn name:front   agent:front-engineer  → UI/frontend tasks
-      team_spawn name:back    agent:back-engineer   → backend/API tasks
-      team_spawn name:infra   agent:infra-engineer  → infra/pipeline tasks
-      ```
-      Pass each specialist: their relevant tasks + all context file paths from step above.
-      Log each spawn to `.agents/session-log.md` (see Session Log section).
-
-   d. Wait for all → `team_results` → `team_shutdown` + `team_merge`
-
-7. **Quality check**
-
-   ```
-   team_spawn name:quality agent:quality-engineer
-   ```
-   Wait → `team_results` → fix blockers → `team_shutdown`
-
-8. **Mark tasks complete in openspec**
-
-   After specialists finish, update the tasks file: `- [ ]` → `- [x]` for each completed task.
-   Run `openspec status --change "<name>" --json` to confirm progress.
-
-9. **On completion or pause, show status**
-
-   Display:
-   - Tasks completed this session
-   - Overall progress: "N/M tasks complete"
-   - If all done: suggest archive with `/opsx-archive`
-   - If paused: explain why and wait for guidance
-
-   Then run `team_cleanup`.
-
-**Guardrails**
-- NEVER implement tasks directly, always use `team_create` + `team_spawn`, no exceptions
-- "Small feature", "faster to do it directly", "environment issues" are NOT valid reasons to skip ensemble, if you find yourself thinking this, stop and spawn anyway
-- Always read context files before spawning (from the apply instructions output)
-- Always pass context file paths and task list to spawned specialists
-- Mark tasks complete in openspec AFTER specialists finish, not before
-- If task is ambiguous, pause and ask before spawning
-- If implementation reveals issues, pause and suggest artifact updates
-- Pause on errors, blockers, or unclear requirements, don't guess
-- Use contextFiles from CLI output, don't assume specific file names
-```
-
-Keep all steps before the implementation step unchanged in both files, they are openspec's domain (select change, check status, get instructions, read context, show progress).
-
----
-
 ### Step 5, Confirm
 
 Tell the user:
@@ -245,9 +176,7 @@ devops-manager (ship mode)
 ### Phase 2, Implement
 
 ```
-1. Run /opsx-apply (or load skill openspec-apply-change)
-   The command handles context reading, ensemble orchestration, and task marking automatically.
-   DO NOT implement tasks directly, the command spawns specialists via ensemble.
+1. Run /opsx-apply, handles context reading, ensemble orchestration, and task marking.
 2. After /opsx-apply completes, proceed to quality check.
 ```
 
@@ -345,41 +274,6 @@ Example: `feature/42-add-user-auth`
 
 ---
 
-## Session Log
-
-<!-- session-logging: enabled -->
-
-All agents MUST log their activity to `.agents/session-log.md`.
-
-**Check before logging:** Read the `session-logging` comment above. If it says `disabled`, skip all logging.
-
-**Every agent MUST create or append to this file when it starts, no exceptions.** If the file does not exist, create it with this exact header first:
-
-```markdown
-# Session Log
-
-| Timestamp | Agent | Action | Detail |
-|-----------|-------|--------|--------|
-```
-
-Then immediately append a `started` row.
-
-**Log these events** by appending a row:
-- Lead spawns an agent → `| {ISO timestamp} | lead | spawned | {agent-name}, {purpose} |`
-- Agent starts → `| {ISO timestamp} | {agent-name} | started | {task summary} |`
-- Agent loads a skill → `| {ISO timestamp} | {agent-name} | skill-loaded | {skill-name} |`
-- Agent completes → `| {ISO timestamp} | {agent-name} | completed | {files changed count} files, skills: {comma-separated skill names or none} |`
-- Agent blocked → `| {ISO timestamp} | {agent-name} | blocked | {reason} |`
-
-**Rules:**
-- Creating the file and logging `started` is mandatory, do it before any other work
-- Append only, never overwrite previous entries
-- One row per event, keep detail column short
-- Use ISO 8601 timestamps
-- The file is gitignored, never commit it
-
----
-
 ## RTK
 
 Use `rtk` wrapper for ALL CLI commands. Never run git, az, gh, or openspec commands directly.
@@ -411,7 +305,7 @@ Agents CANNOT:
 
 ### Platform CLI
 
-ALL platform interactions via CLI only. Browser MCP and webfetch FORBIDDEN for any DevOps or GitHub operation — use `gh` or `az` CLI exclusively, never fall back to HTTP requests.
+ALL platform interactions via CLI only. Browser MCP and webfetch FORBIDDEN for any DevOps or GitHub operation, use `gh` or `az` CLI exclusively, never fall back to HTTP requests.
 
 | Operation | Azure DevOps | GitHub |
 |-----------|-------------|--------|

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-onboard",
-  "version": "0.1.8",
+  "version": "0.1.12",
   "description": "Prepare any brownfield codebase for AI agent workflows using OpenCode, OpenSpec, and ensemble orchestration.",
   "keywords": [
     "opencode",

package/src/index.js

@@ -10,7 +10,6 @@ import { chooseSkillsProvider } from './steps/choose-skills-provider.js'
 import { cleanAiFiles } from './steps/clean-ai-files.js'
 import { copyContentStep } from './steps/copy-content.js'
 import { initOpenspec } from './steps/init-openspec.js'
-import { installBrowser } from './steps/install-browser.js'
 
 if (process.stdout.isTTY) console.clear()
 console.log()

package/src/steps/choose-models.js

@@ -132,7 +132,22 @@ export async function chooseModels() {
     const config = await fse.readJson(opencodeJsonPath)
     config.model = planModel
     await fse.writeJson(opencodeJsonPath, config, { spaces: 2 })
-    success(`plan model → ${planModel} (written to .opencode/opencode.json)`)
+    success(`plan model -> ${planModel} (written to .opencode/opencode.json)`)
+  }
+
+  // Write build and fast models to ensemble.json
+  const ensembleJsonPath = path.join(process.cwd(), '.opencode', 'ensemble.json')
+  if (await fse.pathExists(ensembleJsonPath)) {
+    const ensemble = await fse.readJson(ensembleJsonPath)
+    delete ensemble.defaultModel
+    ensemble.modelsByAgent = {
+      ...ensemble.modelsByAgent,
+      build: buildModel,
+      explore: fastModel,
+    }
+    await fse.writeJson(ensembleJsonPath, ensemble, { spaces: 2 })
+    success(`build model -> ${buildModel} (written to .opencode/ensemble.json)`)
+    success(`fast model -> ${fastModel} (written to .opencode/ensemble.json)`)
   }
 
   console.log()

package/src/steps/clean-ai-files.js

@@ -3,25 +3,45 @@ import path from 'path'
 import { findAiFiles } from '../utils/copy.js'
 import { header, info, prompt, success, warn } from '../utils/exec.js'
 
+/**
+ * Enumerate immediate children of a directory, returning their absolute paths.
+ * Skips any entry named 'skills' at any level to preserve user-installed skills.
+ */
+async function childrenExcludingSkills(dir) {
+  const results = []
+  if (!await fse.pathExists(dir)) return results
+  const entries = await fse.readdir(dir)
+  for (const entry of entries) {
+    if (entry === 'skills') continue
+    results.push(path.join(dir, entry))
+  }
+  return results
+}
+
 export async function cleanAiFiles() {
   header('Step 2, Existing AI config files')
 
   const cwd = process.cwd()
-  const found = await findAiFiles(cwd)
-
-  // Also find .agents contents except skills/ (preserve user skills)
-  const agentsDir = path.join(cwd, '.agents')
-  const agentsEntries = []
-  if (await fse.pathExists(agentsDir)) {
-    const entries = await fse.readdir(agentsDir)
-    for (const entry of entries) {
-      if (entry !== 'skills') {
-        agentsEntries.push(path.join(agentsDir, entry))
-      }
-    }
+
+  // Flat AI config files (not directories)
+  const flatFiles = await findAiFiles(cwd)
+
+  // For directory targets (.opencode, .agents), enumerate children and skip skills/
+  const dirTargets = ['.opencode', '.agents']
+  const dirEntries = []
+  for (const dirName of dirTargets) {
+    const dirPath = path.join(cwd, dirName)
+    const children = await childrenExcludingSkills(dirPath)
+    dirEntries.push(...children)
   }
 
-  const allFiles = [...found, ...agentsEntries]
+  // Remove the directory targets themselves from flat list (we handle them via children)
+  const filteredFlat = flatFiles.filter(f => {
+    const rel = path.relative(cwd, f)
+    return !dirTargets.includes(rel)
+  })
+
+  const allFiles = [...filteredFlat, ...dirEntries]
 
   if (allFiles.length === 0) {
     success('No existing AI config files found')
@@ -33,7 +53,7 @@ export async function cleanAiFiles() {
     info(f.replace(cwd, '.'))
   }
   console.log()
-  prompt('Press Enter to remove them all (your .agents/skills/ will be kept)')
+  prompt('Press Enter to remove them all (skills/ folders will be kept)')
   console.log()
 
   await new Promise(resolve => {

package/src/steps/init-openspec.js

@@ -1,6 +1,130 @@
 import { execa } from 'execa'
+import fs from 'node:fs'
+import path from 'node:path'
 import { error, header, success, warn } from '../utils/exec.js'
 
+const ENSEMBLE_PATCH = `6. **Implement via ensemble team**
+
+   NEVER implement tasks directly. Always delegate to specialists via ensemble.
+   Do NOT touch any source files before the team is running, not even a single edit.
+
+   Steps MUST be followed in order. Do not skip any step.
+
+   **Step 6a.** Create feature branch if not already on one: \`feature/{id}-{slug}\`
+
+   **Step 6b.** Clean up stale state, then create the team:
+      \`\`\`
+      team_cleanup force:true acknowledge_uncommitted:true
+      team_create "<change-name>"
+      \`\`\`
+      "not in a team" error from team_cleanup is expected, ignore it.
+      Announce: "Team running. Monitor at http://localhost:4747/"
+
+   **Step 6c.** Add ALL tasks to the shared board BEFORE spawning anyone.
+      Schema: { content: string, priority: "high"|"medium"|"low" }. No other fields.
+      \`\`\`
+      team_tasks_add tasks:[
+        { content: "1.1 <exact task text from tasks.md>", priority: "high" },
+        { content: "1.2 <exact task text>", priority: "high" },
+        ...every task from tasks.md, one entry each...
+      ]
+      \`\`\`
+      Save the task IDs returned. You MUST pass them to agents in step 6d.
+      DO NOT proceed to 6d until team_tasks_add succeeds.
+
+   **Step 6d.** Spawn specialists ONE AT A TIME. Wait for each team_spawn result before calling the next.
+      Each team_spawn MUST include agent field (required, causes NOT NULL error if omitted).
+      Include: full task list, all context file paths, the task IDs for their tasks, and these instructions:
+      - call team_claim with the task ID before starting each task
+      - call team_tasks_complete with the task ID after finishing each task
+      - send results to lead via team_message when all done or blocked
+      \`\`\`
+      team_spawn name:"back" agent:"back-engineer" prompt:"..."
+      (wait for result)
+      team_spawn name:"front" agent:"front-engineer" prompt:"..."
+      (wait for result)
+      team_spawn name:"infra" agent:"infra-engineer" prompt:"..."
+      (wait for result)
+      \`\`\`
+
+   **Step 6e.** After all spawns, tell the user what is running, then STOP and wait.
+      Do NOT call team_results, team_status, or team_broadcast in a loop.
+      Teammates will message you when done or blocked. Wait for those messages.
+
+   **Step 6f.** When teammates message back: call team_results to get full output,
+      then team_shutdown + team_merge for each. Fix any blockers reported.
+
+7. **Quality check**
+
+   Spawn quality engineer, wait for message back:
+   \`\`\`
+   team_spawn name:"quality" agent:"quality-engineer" prompt:"<task list, context files, run tests + build + lint + verify acceptance criteria, call team_claim/team_tasks_complete per task, send results to lead when done>"
+   \`\`\`
+   Wait for message → team_results → fix blockers → team_shutdown + team_merge
+
+8. **Mark tasks complete in openspec**
+
+   Update tasks.md: \`- [ ]\` → \`- [x]\` for each completed task.
+   Run \`rtk openspec status --change "<name>" --json\` to confirm.
+
+9. **Show status, then cleanup**
+
+   Display:
+   - Tasks completed this session
+   - Overall progress: "N/M tasks complete"
+   - If all done: suggest archive with \`/opsx-archive\`
+   - If paused: explain why and wait for guidance
+
+   Then run \`team_cleanup\`.
+
+**Guardrails**
+- NEVER skip or reorder steps 6a-6f
+- NEVER implement tasks directly. Always use team_create + team_spawn, no exceptions
+- NEVER touch source files before team_create is called, not even one edit
+- NEVER call team_spawn without the agent field — it is required and will fail without it
+- NEVER call team_spawn before team_tasks_add — tasks must exist before agents are spawned
+- NEVER poll team_results or team_status in a loop — wait for teammates to message you
+- NEVER claim or complete tasks as lead — only subagents call team_claim and team_tasks_complete
+- ALWAYS run team_cleanup force:true before team_create to clear stale state
+- ALWAYS add every task from tasks.md to the board with team_tasks_add before spawning
+- ALWAYS pass the task IDs returned by team_tasks_add to each agent's spawn prompt
+- ALWAYS spawn one at a time, waiting for each result before the next (avoids worktree contention)
+- If teammates are stuck, use team_message to resend tasks, then wait — never implement directly
+- Mark tasks complete in openspec AFTER specialists finish, not before
+- Pause on errors, blockers, or unclear requirements. Do not guess
+- Use contextFiles from CLI output, do not assume specific file paths
+`
+
+// Patterns that identify the solo implementation step in openspec-generated files
+const SOLO_IMPL_PATTERNS = [
+  /^#{1,3}\s+\d+\..*(implement|loop until|make the code changes|for each (pending )?task)/im,
+  /\*\*Implement tasks.*loop until/im,
+  /^6\.\s+\*\*Implement tasks/im,
+]
+
+function patchOpensxApply(filePath) {
+  if (!fs.existsSync(filePath)) return false
+
+  const content = fs.readFileSync(filePath, 'utf8')
+  const lines = content.split('\n')
+
+  // Find the line index where the solo implementation step starts
+  let cutLine = -1
+  for (let i = 0; i < lines.length; i++) {
+    if (SOLO_IMPL_PATTERNS.some(p => p.test(lines[i]))) {
+      cutLine = i
+      break
+    }
+  }
+
+  if (cutLine === -1) return false // Pattern not found, skip
+
+  const preamble = lines.slice(0, cutLine).join('\n').trimEnd()
+  const patched = preamble + '\n\n' + ENSEMBLE_PATCH
+  fs.writeFileSync(filePath, patched, 'utf8')
+  return true
+}
+
 export async function initOpenspec() {
   header('Step 6, Initializing OpenSpec')
 
@@ -19,4 +143,20 @@ export async function initOpenspec() {
   } catch (err) {
     error(`Failed to run openspec init: ${err.message}`)
   }
+
+  // Patch opsx-apply.md to use ensemble orchestration instead of solo implementation
+  const targets = [
+    path.join(process.cwd(), '.opencode', 'commands', 'opsx-apply.md'),
+    path.join(process.cwd(), '.opencode', 'skills', 'openspec-apply-change', 'SKILL.md'),
+  ]
+
+  for (const target of targets) {
+    try {
+      const patched = patchOpensxApply(target)
+      if (patched) success(`Patched ${path.relative(process.cwd(), target)} for ensemble`)
+    } catch (err) {
+      warn(`Could not patch ${path.relative(process.cwd(), target)}: ${err.message}`)
+    }
+  }
 }
+

package/src/utils/copy.js

@@ -40,6 +40,8 @@ const AI_FILES = [
   'copilot-instructions.md',
   '.aider.conf.yml',
   '.aider',
+  '.opencode',
+  '.agents'
 ]
 
 export async function findAiFiles(dir) {