opencode-swarm 7.63.0 → 7.64.0

package/.opencode/skills/swarm-pr-review/SKILL.md

@@ -114,6 +114,130 @@ Before launching explorers (Phase 3), confirm the PR branch refs are available:
 
 If refs cannot be fetched or checked out, state the limitation in the context pack.
 
+## Phase 0A: Existing PR Comment Ingestion
+
+When reviewing a PR that already has comments, reviews, or bot findings,
+ingest and triage them BEFORE starting Phase 0. These are pre-existing signals
+that must be validated, not ignored.
+
+### Step 1 — Fetch all PR feedback surfaces
+
+```bash
+# Issue comments (general PR thread)
+gh pr view <PR_NUMBER> --json comments
+
+# Review comments (inline code comments)
+gh api repos/{owner}/{repo}/pulls/{PR_NUMBER}/comments
+
+# Review summaries (approve/request-changes/comment events)
+gh pr view <PR_NUMBER> --json reviews
+
+# Bot/automated reviews (Copilot, Codex, CodeRabbit, etc.)
+# Inline review comments — use REST API for reliable bot detection via user.type
+gh api repos/{owner}/{repo}/pulls/{PR_NUMBER}/comments --jq '.[] | select((.user.type // "") == "Bot" or (.user.login // "" | test("bot|copilot|coderabbit|codex"; "i")))'
+```
+
+For general PR comments (not inline), use the issue comments endpoint:
+```bash
+gh api repos/{owner}/{repo}/issues/{PR_NUMBER}/comments --jq '.[] | select((.user.type // "") == "Bot" or (.user.login // "" | test("bot|copilot|coderabbit|codex"; "i")))'
+```
+
+### Step 2 — Classify each comment
+
+| Category | Action |
+|----------|--------|
+| **Human review with file:line evidence** | Add as candidate finding with `source: existing-review` — still needs reviewer validation |
+| **Bot/automated finding with specific code reference** | Add as candidate finding with `source: bot-review` — high false-positive rate, treat as unverified |
+| **General feedback / style preference** | Add as advisory obligation |
+| **Resolved/outdated comment** | Skip — note in report under "Ingested Resolved Comments" |
+| **Requested changes not yet addressed** | Add as HIGH-priority obligation |
+
+### Step 3 — Merge into review pipeline
+
+All ingested comments become candidate findings or obligations. They follow the
+same Phase 3-8 pipeline as freshly discovered findings. Ingested findings are
+NOT pre-confirmed — they still require independent reviewer validation per the
+Anti-Self-Review Rule.
+
+**Comment-ledger output:**
+```
+[INGESTED] | source | category | file:line (if applicable) | original_author | status: PENDING_VALIDATION / SKIPPED_OUTDATED / ADVISORY
+```
+
+### Anti-patterns
+- ✗ Ignoring bot reviews because "bots produce false positives" — they also catch real issues
+- ✗ Pre-confirming human review comments without independent validation — even senior reviewers make mistakes
+- ✗ Skipping inline review comments and only reading the summary — inline comments contain the evidence
+
+## Phase 0B: Merge Conflict Detection and Resolution
+
+Before investing effort in review lanes, verify the PR is mergeable. A
+conflicted PR cannot merge regardless of review quality.
+
+### Step 1 — Check merge state
+
+```bash
+gh pr view <PR_NUMBER> --json mergeable,mergeStateStatus
+```
+
+The response has two independent fields. Handle each:
+
+**`mergeable` field** — whether GitHub can compute mergeability:
+| Value | Meaning | Action |
+|-------|---------|--------|
+| `MERGEABLE` | No conflicts detected | Proceed — check `mergeStateStatus` below |
+| `CONFLICTING` | Merge conflicts exist | Resolve before reviewing |
+| `UNKNOWN` | GitHub still computing | Wait 30s, re-check |
+
+**`mergeStateStatus` field** — overall branch state:
+| Value | Action |
+|-------|--------|
+| `CLEAN` | All checks pass, no conflicts — proceed to Phase 0 |
+| `BEHIND` | Branch behind base — note in report; non-blocking if merge queue handles it |
+| `DIRTY` | Merge conflicts exist — resolve before reviewing |
+| `BLOCKED` | External blocker (branch protection, failing required check) — investigate |
+
+### Step 2 — Resolve conflicts (when CONFLICTING or DIRTY)
+
+When the PR has merge conflicts:
+
+1. **Determine the PR's base branch and fetch:**
+   ```bash
+   BASE_REF=$(gh pr view <PR_NUMBER> --json baseRefName --jq '.baseRefName')
+   git fetch origin $BASE_REF
+   git checkout <pr-branch>
+   git merge origin/$BASE_REF --no-commit --no-ff
+   git diff --name-only --diff-filter=U  # list conflicted files
+   ```
+
+2. **Assess conflict complexity:**
+   - **1-3 simple conflicts** (lockfile version bumps, whitespace): Resolve directly, commit, push.
+   - **4+ conflicts or semantic conflicts** (logic changes in same function): Route to coder for resolution. Do NOT guess at semantic merge resolutions.
+
+3. **Resolve and push:**
+   ```bash
+   # For simple conflicts (after resolving markers):
+   git add -A
+   git commit -m "merge: resolve conflicts with main"
+   git push origin <pr-branch>
+   ```
+
+4. **Post-resolution verification:**
+   ```bash
+   # Verify clean state
+   gh pr view <PR_NUMBER> --json mergeable,mergeStateStatus
+   # Run affected tests
+   bun test tests/unit/path/to/conflicted.test.ts --timeout 30000
+   ```
+
+5. **Document in report:** List all conflicted files, resolution approach, and whether semantic judgment was required.
+
+### Conflict resolution anti-patterns
+- ✗ Accepting "ours" or "theirs" for all conflicts without reading them
+- ✗ Resolving semantic conflicts without understanding both sides
+- ✗ Pushing resolution without running tests on the merged result
+- ✗ Reviewing a conflicted PR without resolving first — review effort is wasted if the merge changes the code
+
 ---
 
 # Default Review Workflow

package/README.md

@@ -35,6 +35,7 @@ Most AI coding tools let one model write code and ask that same model whether th
 - 🏗️ **Specialized core, optional, and conditional agents** — architect, coder, reviewer, test_engineer, critic, explorer, sme, docs, designer, critic_oversight, critic_sounding_board, critic_drift_verifier, critic_hallucination_verifier, curator_init, curator_phase, council_generalist, council_skeptic, council_domain_expert. Run `/swarm agents` for the live roster — that is the source of truth, not this list.
 - 🔒 **Gated pipeline** — code never ships without reviewer + test engineer approval
 - 🔍 **DEEP_DIVE Protocol** — High-rigor, on-demand read-only codebase audit via specialized skills
+- 🔬 **External Skill Curation Pipeline** — Opt-in discovery, quarantine, evaluation, and promotion of external skill candidates from configured sources (disabled by default; enable via `external_skills.curation_enabled: true` in config). Includes 7 tools: `external_skill_discover`, `external_skill_list`, `external_skill_inspect`, `external_skill_promote`, `external_skill_reject`, `external_skill_delete`, `external_skill_revoke`. Candidates pass through a 3-gate validation pipeline before evaluation: **prompt injection scan** (12 regex patterns), **unsafe instruction scan** (25 patterns), and **provenance integrity check** (SHA-256, timestamp, URL, publisher, and hash verification).
 - 🔄 **Phase completion gates** — completion-verify and drift verifier gates enforced before phase completion
 - 🔁 **Resumable sessions** — all state saved to `.swarm/`; pick up any project any day
 - 🌐 **20 languages** — TypeScript, Python, Go, Rust, Java, Kotlin, C/C++, C#, Ruby, Swift, Dart, PHP, JavaScript, CSS, Bash, PowerShell, INI, Regex (extending: see [docs/adding-a-language.md](docs/adding-a-language.md))
@@ -624,6 +625,62 @@ Swarm provides tools for managing generated skill lifecycles:
 
 - **Proposal cleanup** — When a draft skill proposal is activated via `skill_apply`, the source proposal file is deleted as part of the activation process (best-effort; permission errors are logged but do not block activation).
 
+### External Skill Curation
+
+Swarm provides an opt-in, quarantine-first pipeline for discovering, validating, and promoting external skills. Disabled by default — no network calls are made until explicitly enabled.
+
+#### Enabling
+
+```yaml
+external_skills:
+  curation_enabled: true
+  sources:
+    - type: url
+      location: https://example.com/skills/
+      trust_level: medium
+```
+
+#### Validation Pipeline
+
+Every candidate passes a 3-gate pipeline before entering quarantine:
+
+| Gate | Name | Description |
+|------|------|-------------|
+| 1 | Prompt Injection Scan | 12 regex patterns plus oversized field, invisible character, and suspicious formatting checks detect system instruction injection, role hijacking, and instruction override attempts |
+| 2 | Unsafe Instruction Scan | 25 patterns detect shell commands, file system attacks, network exfiltration, and privilege escalation |
+| 3 | Provenance Integrity | SHA-256 content hash, timestamp validation, URL format checks, and publisher presence validation |
+
+**Trust level modulation**: `low` trust promotes warning-severity findings to errors (stricter); `medium` and `high` trust levels keep warnings advisory. Error-severity findings always block regardless of trust level.
+
+#### Tool Reference
+
+| Tool | Description |
+|------|-------------|
+| `external_skill_discover` | Fetch and validate a skill from a configured source |
+| `external_skill_list` | List candidates with status filters |
+| `external_skill_inspect` | View full candidate details |
+| `external_skill_promote` | Promote validated candidate to active skill (user approval required) |
+| `external_skill_reject` | Reject candidate with reason |
+| `external_skill_delete` | Remove candidate from quarantine store |
+| `external_skill_revoke` | Retire a previously promoted skill |
+
+#### Security Guarantees
+
+- Disabled by default — no network calls until explicitly enabled
+- All candidates quarantined until human review and promotion
+- TOCTOU re-validation at promotion time
+- Content hash verification prevents tampering
+- Bounded concurrent fetches (5 simultaneous) and discovery limits (50 candidates per invocation)
+- Max candidate size and count bounds
+- Source origin validation (URLs must match configured sources)
+
+#### Limitations
+
+- Static regex patterns only (no LLM-based detection)
+- No cryptographic signing (deferred)
+- No batch import (deferred)
+- No auto-promotion (human approval always required)
+
 ### Configuration Reference
 
 | Key | Type | Default | Description |

package/dist/agents/architect.d.ts

@@ -70,4 +70,4 @@ export declare function buildCouncilWorkflow(council?: CouncilWorkflowConfig): s
  * BRAINSTORM, and PLAN inline paths stay in lockstep.
  */
 export declare function buildQaGateSelectionDialogue(modeLabel: 'BRAINSTORM' | 'SPECIFY' | 'PLAN'): string;
-export declare function createArchitectAgent(model: string, customPrompt?: string, customAppendPrompt?: string, adversarialTesting?: AdversarialTestingConfig, council?: CouncilWorkflowConfig, uiReview?: UIReviewConfig, memoryEnabled?: boolean, architecturalSupervision?: ArchitectureSupervisionWorkflowConfig, designDocsEnabled?: boolean): AgentDefinition;
+export declare function createArchitectAgent(model: string, customPrompt?: string, customAppendPrompt?: string, adversarialTesting?: AdversarialTestingConfig, council?: CouncilWorkflowConfig, uiReview?: UIReviewConfig, memoryEnabled?: boolean, architecturalSupervision?: ArchitectureSupervisionWorkflowConfig, designDocsEnabled?: boolean, externalSkillsEnabled?: boolean): AgentDefinition;

package/dist/cli/index.js

@@ -52,7 +52,7 @@ var package_default;
 var init_package = __esm(() => {
   package_default = {
     name: "opencode-swarm",
-    version: "7.63.0",
+    version: "7.64.0",
     description: "Architect-centric agentic swarm plugin for OpenCode - hub-and-spoke orchestration with SME consultation, code generation, and QA review",
     main: "dist/index.js",
     types: "dist/index.d.ts",
@@ -17629,6 +17629,34 @@ var init_tool_metadata = __esm(() => {
     apply_patch: {
       description: "Apply a unified diff patch to workspace files with exact context matching, atomic writes, and path validation",
       agents: ["coder"]
+    },
+    external_skill_discover: {
+      description: "Discover external skill candidates from configured sources. Returns a disabled message when external_skills.curation_enabled is false.",
+      agents: []
+    },
+    external_skill_list: {
+      description: "List external skill candidates in the quarantine store. Returns a disabled message when external_skills.curation_enabled is false.",
+      agents: []
+    },
+    external_skill_inspect: {
+      description: "Inspect a specific external skill candidate by ID. Returns a disabled message when external_skills.curation_enabled is false.",
+      agents: []
+    },
+    external_skill_promote: {
+      description: "Promote a validated external skill candidate to an active generated skill. Returns a disabled message when external_skills.curation_enabled is false.",
+      agents: []
+    },
+    external_skill_reject: {
+      description: "Reject an external skill candidate after evaluation. Returns a disabled message when external_skills.curation_enabled is false.",
+      agents: []
+    },
+    external_skill_delete: {
+      description: "Delete an external skill candidate from the quarantine store. Returns a disabled message when external_skills.curation_enabled is false.",
+      agents: []
+    },
+    external_skill_revoke: {
+      description: "Revoke a previously promoted external skill. Returns a disabled message when external_skills.curation_enabled is false.",
+      agents: []
     }
   };
   TOOL_NAMES = Object.keys(TOOL_METADATA);
@@ -17682,7 +17710,7 @@ function freezeSet(items) {
   });
   return proxy;
 }
-var OPENCODE_NATIVE_AGENTS, CLAUDE_CODE_NATIVE_COMMANDS, DEFAULT_AGENT_CONFIGS;
+var OPENCODE_NATIVE_AGENTS, CLAUDE_CODE_NATIVE_COMMANDS, EXTERNAL_SKILL_TOOL_NAMES, EXTERNAL_SKILL_AGENT_TOOL_MAP, DEFAULT_AGENT_CONFIGS;
 var init_constants = __esm(() => {
   init_agent_names();
   init_tool_metadata();
@@ -17803,6 +17831,18 @@ var init_constants = __esm(() => {
     "team-onboarding",
     "bashes"
   ]);
+  EXTERNAL_SKILL_TOOL_NAMES = [
+    "external_skill_discover",
+    "external_skill_list",
+    "external_skill_inspect",
+    "external_skill_promote",
+    "external_skill_reject",
+    "external_skill_delete",
+    "external_skill_revoke"
+  ];
+  EXTERNAL_SKILL_AGENT_TOOL_MAP = {
+    architect: [...EXTERNAL_SKILL_TOOL_NAMES]
+  };
   DEFAULT_AGENT_CONFIGS = {
     coder: {
       model: "opencode/minimax-m2.5-free",
@@ -17908,7 +17948,26 @@ function getCanonicalAgentRole(agentName, generatedAgentNames) {
 function stripKnownSwarmPrefix(agentName) {
   return getCanonicalAgentRole(agentName);
 }
-var SEPARATORS, CANONICAL_ROLES_LONGEST_FIRST, CANONICAL_ROLES_SET, AgentOverrideConfigSchema, SwarmConfigSchema, HooksConfigSchema, ScoringWeightsSchema, DecisionDecaySchema, TokenRatiosSchema, ScoringConfigSchema, ContextBudgetConfigSchema, EvidenceConfigSchema, GateFeatureSchema, PlaceholderScanConfigSchema, QualityBudgetConfigSchema, GateConfigSchema, PipelineConfigSchema, PhaseCompleteConfigSchema, SummaryConfigSchema, ReviewPassesConfigSchema, AdversarialDetectionConfigSchema, AdversarialTestingConfigSchemaBase, AdversarialTestingConfigSchema, IntegrationAnalysisConfigSchema, DocsConfigSchema, DesignDocsConfigSchema, UIReviewConfigSchema, CompactionAdvisoryConfigSchema, LintConfigSchema, SecretscanConfigSchema, GuardrailsProfileSchema, DEFAULT_AGENT_PROFILES, DEFAULT_ARCHITECT_PROFILE, GuardrailsConfigSchema, WatchdogConfigSchema, SelfReviewConfigSchema, ToolFilterConfigSchema, PlanCursorConfigSchema, ContextMapConfigSchema, CheckpointConfigSchema, AutomationModeSchema, AutomationCapabilitiesSchema, AutomationConfigSchemaBase, AutomationConfigSchema, KnowledgeConfigSchema, MemoryConfigSchema, CuratorConfigSchema, ArchitecturalSupervisionConfigSchema, KnowledgeApplicationConfigSchema, SkillPropagationConfigSchema, SkillImproverConfigSchema, SpecWriterConfigSchema, SlopDetectorConfigSchema, IncrementalVerifyConfigSchema, CompactionConfigSchema, PrmConfigSchema, AgentAuthorityRuleSchema, AuthorityConfigSchema, GeneralCouncilMemberConfigSchema, GeneralCouncilConfigSchema, CouncilConfigSchema, ParallelizationConfigSchema, WorktreeIsolationConfigSchema, LeanTurboConfigSchema, StandardTurboConfigSchema, LeanTurboStrategyConfigSchema, TurboConfigSchema, PluginConfigSchema;
+function resolveExternalSkillsConfig(input) {
+  if (input === undefined || input === null || typeof input !== "object" || Array.isArray(input)) {
+    return { ...DEFAULT_EXTERNAL_SKILLS_CONFIG };
+  }
+  const config2 = input;
+  const merged = {
+    curation_enabled: config2.curation_enabled ?? DEFAULT_EXTERNAL_SKILLS_CONFIG.curation_enabled,
+    max_candidates: config2.max_candidates ?? DEFAULT_EXTERNAL_SKILLS_CONFIG.max_candidates,
+    max_bytes_per_candidate: config2.max_bytes_per_candidate ?? DEFAULT_EXTERNAL_SKILLS_CONFIG.max_bytes_per_candidate,
+    eviction_policy: config2.eviction_policy ?? DEFAULT_EXTERNAL_SKILLS_CONFIG.eviction_policy,
+    ttl_days: config2.ttl_days ?? DEFAULT_EXTERNAL_SKILLS_CONFIG.ttl_days,
+    evaluation_enabled: config2.evaluation_enabled ?? DEFAULT_EXTERNAL_SKILLS_CONFIG.evaluation_enabled,
+    sources: Array.isArray(config2.sources) ? config2.sources : [],
+    max_candidates_per_discovery: config2.max_candidates_per_discovery ?? DEFAULT_EXTERNAL_SKILLS_CONFIG.max_candidates_per_discovery,
+    max_concurrent_fetches: config2.max_concurrent_fetches ?? DEFAULT_EXTERNAL_SKILLS_CONFIG.max_concurrent_fetches,
+    fetch_timeout_ms: config2.fetch_timeout_ms ?? DEFAULT_EXTERNAL_SKILLS_CONFIG.fetch_timeout_ms
+  };
+  return merged;
+}
+var SEPARATORS, CANONICAL_ROLES_LONGEST_FIRST, CANONICAL_ROLES_SET, AgentOverrideConfigSchema, SwarmConfigSchema, HooksConfigSchema, ScoringWeightsSchema, DecisionDecaySchema, TokenRatiosSchema, ScoringConfigSchema, ContextBudgetConfigSchema, EvidenceConfigSchema, GateFeatureSchema, PlaceholderScanConfigSchema, QualityBudgetConfigSchema, GateConfigSchema, PipelineConfigSchema, PhaseCompleteConfigSchema, SummaryConfigSchema, ReviewPassesConfigSchema, AdversarialDetectionConfigSchema, AdversarialTestingConfigSchemaBase, AdversarialTestingConfigSchema, IntegrationAnalysisConfigSchema, DocsConfigSchema, DesignDocsConfigSchema, UIReviewConfigSchema, CompactionAdvisoryConfigSchema, LintConfigSchema, SecretscanConfigSchema, GuardrailsProfileSchema, DEFAULT_AGENT_PROFILES, DEFAULT_ARCHITECT_PROFILE, GuardrailsConfigSchema, WatchdogConfigSchema, SelfReviewConfigSchema, ToolFilterConfigSchema, PlanCursorConfigSchema, ContextMapConfigSchema, CheckpointConfigSchema, AutomationModeSchema, AutomationCapabilitiesSchema, AutomationConfigSchemaBase, AutomationConfigSchema, KnowledgeConfigSchema, MemoryConfigSchema, CuratorConfigSchema, ArchitecturalSupervisionConfigSchema, KnowledgeApplicationConfigSchema, SkillPropagationConfigSchema, SkillImproverConfigSchema, SpecWriterConfigSchema, SlopDetectorConfigSchema, IncrementalVerifyConfigSchema, CompactionConfigSchema, PrmConfigSchema, AgentAuthorityRuleSchema, AuthorityConfigSchema, GeneralCouncilMemberConfigSchema, GeneralCouncilConfigSchema, CouncilConfigSchema, ParallelizationConfigSchema, WorktreeIsolationConfigSchema, LeanTurboConfigSchema, StandardTurboConfigSchema, LeanTurboStrategyConfigSchema, TurboConfigSchema, ExternalSkillCandidateSourceTypeSchema, ExternalSkillCandidateEvaluationVerdictSchema, DiscoverySourceSchema, ExternalSkillCandidateSchema, ExternalSkillsConfigSchema, DEFAULT_EXTERNAL_SKILLS_CONFIG, PluginConfigSchema;
 var init_schema = __esm(() => {
   init_zod();
   init_constants();
@@ -18624,6 +18683,93 @@ var init_schema = __esm(() => {
     StandardTurboConfigSchema,
     LeanTurboStrategyConfigSchema
   ]);
+  ExternalSkillCandidateSourceTypeSchema = exports_external.enum([
+    "github",
+    "url",
+    "collection",
+    "manual_import"
+  ]);
+  ExternalSkillCandidateEvaluationVerdictSchema = exports_external.enum([
+    "pending",
+    "in_review",
+    "quarantined",
+    "passed",
+    "rejected",
+    "promoted",
+    "revoked"
+  ]);
+  DiscoverySourceSchema = exports_external.object({
+    type: ExternalSkillCandidateSourceTypeSchema,
+    location: exports_external.string().min(1),
+    enabled: exports_external.boolean().default(true),
+    trust_level: exports_external.enum(["low", "medium", "high"]).default("low").optional()
+  });
+  ExternalSkillCandidateSchema = exports_external.object({
+    id: exports_external.string().uuid(),
+    source_url: exports_external.string().url(),
+    source_type: ExternalSkillCandidateSourceTypeSchema,
+    publisher: exports_external.string().min(1),
+    sha256: exports_external.string().regex(/^[a-f0-9]{64}$/),
+    fetched_at: exports_external.string().datetime(),
+    skill_name: exports_external.string().optional(),
+    skill_description: exports_external.string().optional(),
+    skill_body: exports_external.string(),
+    risk_flags: exports_external.array(exports_external.string()).default([]),
+    evaluation_verdict: ExternalSkillCandidateEvaluationVerdictSchema.default("pending"),
+    evaluation_history: exports_external.array(exports_external.object({
+      verdict: ExternalSkillCandidateEvaluationVerdictSchema,
+      timestamp: exports_external.string().datetime(),
+      actor: exports_external.string(),
+      reason: exports_external.string().optional(),
+      candidate_id: exports_external.string().optional(),
+      original_verdict: ExternalSkillCandidateEvaluationVerdictSchema.optional(),
+      gate_results: exports_external.array(exports_external.object({
+        gate: exports_external.string(),
+        verdict: exports_external.string()
+      })).optional(),
+      risk_assessment: exports_external.object({
+        total_flags: exports_external.number().int().nonnegative(),
+        findings: exports_external.array(exports_external.object({
+          severity: exports_external.enum(["error", "warning"]),
+          category: exports_external.string()
+        }))
+      }).optional(),
+      risk_flags_count: exports_external.number().int().nonnegative().optional(),
+      provenance_snapshot: exports_external.object({
+        sha256: exports_external.string(),
+        source_url: exports_external.string(),
+        publisher: exports_external.string(),
+        fetched_at: exports_external.string().datetime().optional()
+      }).optional(),
+      target_path: exports_external.string().optional(),
+      promoted_content_hash: exports_external.string().regex(/^[a-f0-9]{64}$/).optional(),
+      original_evaluation: exports_external.record(exports_external.string(), exports_external.unknown()).optional()
+    })).default([])
+  });
+  ExternalSkillsConfigSchema = exports_external.object({
+    curation_enabled: exports_external.boolean().default(false),
+    max_candidates: exports_external.number().int().min(1).max(1e4).default(500),
+    max_bytes_per_candidate: exports_external.number().int().min(1024).max(10485760).default(1048576),
+    eviction_policy: exports_external.enum(["fifo"]).default("fifo"),
+    ttl_days: exports_external.number().int().min(1).max(3650).default(90),
+    evaluation_enabled: exports_external.boolean().default(false),
+    sources: exports_external.array(DiscoverySourceSchema).default([]),
+    max_candidates_per_discovery: exports_external.number().int().min(1).max(1000).default(50),
+    max_concurrent_fetches: exports_external.number().int().min(1).max(20).default(5),
+    fetch_timeout_ms: exports_external.number().int().min(1000).max(300000).default(30000)
+  });
+  DEFAULT_EXTERNAL_SKILLS_CONFIG = {
+    curation_enabled: false,
+    max_candidates: 500,
+    max_bytes_per_candidate: 1048576,
+    eviction_policy: "fifo",
+    ttl_days: 90,
+    evaluation_enabled: false,
+    sources: [],
+    max_candidates_per_discovery: 50,
+    max_concurrent_fetches: 5,
+    fetch_timeout_ms: 30000
+  };
   PluginConfigSchema = exports_external.object({
     agents: exports_external.record(exports_external.string(), AgentOverrideConfigSchema).optional(),
     default_agent: exports_external.string().optional().transform((v) => {
@@ -18842,7 +18988,8 @@ var init_schema = __esm(() => {
         every_architect_turns: 5,
         every_minutes: 20
       }
-    }))
+    })),
+    external_skills: ExternalSkillsConfigSchema.optional()
   });
 });
 
@@ -18981,6 +19128,24 @@ function migratePresetsConfig(raw) {
   }
   return raw;
 }
+function sanitizeExternalSkillsConfig(raw) {
+  if (!("external_skills" in raw) || raw.external_skills === undefined) {
+    return raw;
+  }
+  const esResult = ExternalSkillsConfigSchema.safeParse(raw.external_skills);
+  if (esResult.success) {
+    return {
+      ...raw,
+      external_skills: resolveExternalSkillsConfig(esResult.data)
+    };
+  }
+  console.warn("[opencode-swarm] external_skills config validation failed:");
+  console.warn(esResult.error.format());
+  console.warn("[opencode-swarm] External skills curation disabled due to invalid config. Fix the external_skills section to enable it.");
+  const cleaned = { ...raw };
+  delete cleaned.external_skills;
+  return cleaned;
+}
 function loadPluginConfig(directory) {
   const userConfigPath = path7.join(getUserConfigDir(), "opencode", CONFIG_FILENAME);
   const projectConfigPath = path7.join(directory, ".opencode", CONFIG_FILENAME);
@@ -18995,10 +19160,11 @@ function loadPluginConfig(directory) {
     mergedRaw = deepMerge(mergedRaw, rawProjectConfig);
   }
   mergedRaw = migratePresetsConfig(mergedRaw);
+  mergedRaw = sanitizeExternalSkillsConfig(mergedRaw);
   const result = PluginConfigSchema.safeParse(mergedRaw);
   if (!result.success) {
     if (rawUserConfig) {
-      const userParseResult = PluginConfigSchema.safeParse(rawUserConfig);
+      const userParseResult = PluginConfigSchema.safeParse(sanitizeExternalSkillsConfig(rawUserConfig ?? {}));
       if (userParseResult.success) {
         console.warn("[opencode-swarm] Project config ignored due to validation errors. Using user config.");
         return userParseResult.data;
@@ -37648,7 +37814,8 @@ var init_knowledge_validator = __esm(() => {
   SOURCE_REF_FORBIDDEN = /(\.\.\/|\.\.\\|\0|[\x00-\x1f\x7f])/;
   ALLOWED_SKILL_PATH_PREFIXES = [
     ".opencode/skills/generated/",
-    ".swarm/skills/proposals/"
+    ".swarm/skills/proposals/",
+    ".swarm/skills/candidates/"
   ];
   VALID_DIRECTIVE_PRIORITIES = new Set([
     "low",

package/dist/config/constants.d.ts

@@ -7,6 +7,8 @@ export declare const OPENCODE_NATIVE_AGENTS: Set<"compaction" | "title" | "build
 export declare const CLAUDE_CODE_NATIVE_COMMANDS: ReadonlySet<string>;
 export declare const MEMORY_TOOL_NAMES: readonly ["swarm_memory_recall", "swarm_memory_propose"];
 export declare const MEMORY_AGENT_TOOL_MAP: Partial<Record<AgentName, ToolName[]>>;
+export declare const EXTERNAL_SKILL_TOOL_NAMES: readonly ["external_skill_discover", "external_skill_list", "external_skill_inspect", "external_skill_promote", "external_skill_reject", "external_skill_delete", "external_skill_revoke"];
+export declare const EXTERNAL_SKILL_AGENT_TOOL_MAP: Partial<Record<AgentName, ToolName[]>>;
 /**
  * Human-readable descriptions for tools shown in the architect Available Tools block.
  * Used to generate the Available Tools section of the architect prompt at construction time.