opencode-ultra 0.5.1 → 0.6.1

package/README.md

@@ -1,27 +1,28 @@
 # opencode-ultra
 
 [oh-my-opencode](https://github.com/code-yeongyu/oh-my-opencode) をベースに、micode / opencode-skillful の良い部分を取り込んだ OpenCode 1.2.x プラグイン。
-マルチエージェントオーケストレーション・キーワード駆動モード切替・ルール注入・セッション継続・AST検索を軽量な単一プラグインで実現する。
+マルチエージェントオーケストレーション・キーワード駆動モード切替・ルール注入・セッション継続・AST検索・自己改善 (evolve) を軽量な単一プラグインで実現する。
 
 ## 機能一覧
 
-### ツール (7)
+### ツール (8)
 
 | ツール | 説明 |
 |--------|------|
-| `spawn_agent` | 並列エージェント実行 (ConcurrencyPool 制御付き) |
-| `ralph_loop` | 自律ループ実行 (`<promise>DONE</promise>` で完了検知) |
+| `spawn_agent` | 並列エージェント実行 (ConcurrencyPool + spawn limit + timeout + sanitizer) |
+| `ralph_loop` | 自律ループ実行 (`<promise>DONE</promise>` で完了検知, per-iteration timeout) |
 | `cancel_ralph` | 実行中の Ralph Loop をキャンセル |
 | `batch_read` | 複数ファイル並列読み込み (最大20) |
 | `ledger_save` | Continuity Ledger の保存 (.opencode/ledgers/) |
 | `ledger_load` | Continuity Ledger の読み込み (名前指定 or 最新) |
 | `ast_search` | AST-aware コード検索 (ast-grep/sg バイナリ使用、未インストール時は自動スキップ) |
+| `evolve_apply` | プラグイン推薦の信頼度スコア評価 + OpenCode 設定への自動適用 (dry-run/backup 対応) |
 
 ### フック (9)
 
 | フック | hook ポイント | 説明 |
 |--------|-------------|------|
-| `keyword-detector` | chat.message | ultrawork/search/analyze/think キーワード検知 |
+| `keyword-detector` | chat.message | ultrawork/search/analyze/think/evolve キーワード検知 |
 | `rules-injector` | system.transform | .opencode/rules.md を system prompt に注入 |
 | `context-injector` | system.transform | ARCHITECTURE.md / CODE_STYLE.md を自動注入 |
 | `fragment-injector` | system.transform | エージェント毎のカスタムプロンプト断片注入 |
@@ -31,6 +32,45 @@
 | `todo-enforcer` | event (session.idle) | 未完了 TODO を検知して強制継続 |
 | `session-compaction` | experimental.session.compacting | セッション圧縮時に structured summary 生成 |
 
+### Safety
+
+| 機能 | 説明 |
+|------|------|
+| **Prompt Injection Sanitizer** | エージェント出力から注入パターンを検知・無害化 (17パターン, 6カテゴリ) |
+| **Spawn Limit** | 同時実行セッション上限 (default: 15) — エージェント爆発防止 |
+| **Agent Timeout** | per-agent タイムアウト (default: 180s) — ハング防止 |
+| **Trust Score** | npm パッケージの信頼度スコア (0-100) — evolve 推薦の品質ゲート |
+
+### Evolve (自己改善)
+
+| キーワード | 効果 |
+|-----------|------|
+| `evolve` / `self-improve` / `自己改善` / `進化` | evolve モード起動 |
+
+evolve モードでは:
+1. **scout** エージェントが npm/GitHub を検索し、プラグインのメタデータを収集
+2. **explore** エージェントが opencode-ultra 自身の機能をカタログ化
+3. 発見されたプラグインに **Trust Score** (0-100) を自動計算
+4. ギャップ分析と改善提案を生成
+5. ユーザー承認後、`evolve_apply` で設定に自動適用 (バックアップ付き)
+
+Trust Score 評価基準:
+
+| カテゴリ | 配点 | チェック項目 |
+|----------|------|-------------|
+| Recency | 25 | 最終 publish からの日数 |
+| Popularity | 25 | 週間 DL 数 + GitHub stars |
+| Quality | 20 | ライセンス, README, メンテナ数, description |
+| Repository | 15 | GitHub/GitLab リポジトリの存在 |
+| Safety | 15 | typosquat 検知, 依存数, 既知スコープ |
+
+| スコア | レベル | 自動インストール |
+|--------|--------|----------------|
+| 90-100 | HIGH | 可 |
+| 70-89 | MEDIUM | レビュー推奨 |
+| 40-69 | LOW | 要注意 |
+| 0-39 | RISKY | ブロック |
+
 ### その他
 
 | 機能 | 説明 |
@@ -46,7 +86,7 @@
 ```
 User
   │
-  │  "ultrawork" / "ulw" / "think hard" キーワード
+  │  "ultrawork" / "ulw" / "evolve" / "think hard" キーワード
   │
   ▼
 ┌──────────────────────────────────────────────┐
@@ -54,7 +94,7 @@ User
 │                                              │
 │  chat.message hook                           │
 │  ├─ keyword-detector                         │
-│  │  └─ ultrawork / search / analyze / think  │
+│  │  └─ ultrawork/search/analyze/think/evolve │
 │  └─ ultrawork → variant: "max"               │
 │                                              │
 │  system.transform hook                       │
@@ -80,11 +120,20 @@ User
 │  └─ demote built-in agents to subagent       │
 │                                              │
 │  tools                                       │
-│  ├─ spawn_agent (並列実行 + 並列制御)         │
+│  ├─ spawn_agent (並列実行 + 安全制御)         │
+│  │  ├─ ConcurrencyPool                       │
+│  │  ├─ Spawn limit (max 15)                  │
+│  │  ├─ Agent timeout (180s)                  │
+│  │  └─ Prompt injection sanitizer            │
 │  ├─ ralph_loop / cancel_ralph                │
 │  ├─ batch_read (複数ファイル並列読み込み)     │
 │  ├─ ledger_save / ledger_load (文脈継続)     │
-│  └─ ast_search (構文木検索, optional)        │
+│  ├─ ast_search (構文木検索, optional)        │
+│  └─ evolve_apply (信頼度スコア + 設定適用)   │
+│                                              │
+│  safety                                      │
+│  ├─ sanitizer (17 injection patterns)        │
+│  └─ trust-score (5-factor, 0-100)            │
 │                                              │
 │  MCP registration                            │
 │  └─ context7 (自動登録)                       │
@@ -119,6 +168,7 @@ Sisyphus (オーケストレーター) が直接コードを読み、実装は
 | **momus** | コードレビュー・品質チェック | anthropic/claude-sonnet-4-5 | subagent |
 | **atlas** | タスク管理・進捗追跡 | anthropic/claude-sonnet-4-5 | subagent |
 | **multimodal-looker** | 画像・スクリーンショット解析 | anthropic/claude-sonnet-4-5 | subagent |
+| **scout** | プラグインエコシステム調査・信頼度メタデータ収集 | anthropic/claude-sonnet-4-5 | subagent |
 
 全てのモデルは `oh-my-opencode.json` でオーバーライド可能。
 
@@ -190,6 +240,7 @@ ledger_load({})
 | `search` / `find` / `探して` 等 | search | 網羅的検索 |
 | `analyze` / `調査` / `debug` 等 | analyze | コンテキスト収集 |
 | `think hard` / `じっくり` / `熟考` 等 | think | Extended thinking 有効化 |
+| `evolve` / `self-improve` / `自己改善` 等 | evolve | 自己改善サイクル起動 |
 
 日本語・中国語キーワードにも対応。
 
@@ -231,8 +282,8 @@ ledger_load({})
   "disabled_hooks": [],   // keyword-detector, rules-injector, context-injector,
                           // fragment-injector, prompt-renderer, comment-checker,
                           // token-truncation, todo-enforcer, session-compaction
-  "disabled_tools": [],   // spawn_agent, ralph_loop, cancel_ralph,
-                          // batch_read, ledger_save, ledger_load, ast_search
+  "disabled_tools": [],   // spawn_agent, ralph_loop, cancel_ralph, batch_read,
+                          // ledger_save, ledger_load, ast_search, evolve_apply
   "disabled_mcps": [],    // context7
 
   // Built-in Agent Demotion (default: true)
@@ -245,6 +296,12 @@ ledger_load({})
     "modelConcurrency": { "openai/gpt-5.2": 2 }
   },
 
+  // Safety
+  "safety": {
+    "maxTotalSpawned": 15,    // 同時実行セッション上限
+    "agentTimeoutMs": 180000  // per-agent タイムアウト (ms)
+  },
+
   // Token Truncation
   "token_truncation": { "maxChars": 30000 },
 
@@ -270,7 +327,7 @@ opencode-ultra/
 │   │   ├── types.ts                # AgentDef 型定義
 │   │   └── index.ts                # ビルトインエージェント + 動的プロンプト生成
 │   ├── hooks/
-│   │   ├── keyword-detector.ts     # ultrawork/search/analyze/think 検知
+│   │   ├── keyword-detector.ts     # ultrawork/search/analyze/think/evolve 検知
 │   │   ├── rules-injector.ts       # rules.md + ARCHITECTURE.md + CODE_STYLE.md 注入
 │   │   ├── fragment-injector.ts    # エージェント毎の断片注入
 │   │   ├── prompt-renderer.ts      # モデル別フォーマット変換
@@ -279,16 +336,18 @@ opencode-ultra/
 │   │   ├── todo-enforcer.ts        # 未完了 TODO 強制継続
 │   │   └── session-compaction.ts   # セッション圧縮サマリ生成
 │   ├── tools/
-│   │   ├── spawn-agent.ts          # 並列エージェント実行
+│   │   ├── spawn-agent.ts          # 並列エージェント実行 + 安全制御
 │   │   ├── ralph-loop.ts           # 自律ループ実行
 │   │   ├── batch-read.ts           # 複数ファイル並列読み込み
 │   │   ├── continuity-ledger.ts    # セッション間文脈継続
-│   │   └── ast-search.ts           # AST-aware コード検索
+│   │   ├── ast-search.ts           # AST-aware コード検索
+│   │   └── evolve-apply.ts         # 信頼度スコア評価 + 設定適用
 │   ├── concurrency/                # Semaphore + ConcurrencyPool
 │   ├── categories/                 # ビルトインカテゴリ
+│   ├── safety/                     # sanitizer + trust-score
 │   ├── mcp/                        # MCP サーバー登録
 │   └── shared/                     # ユーティリティ
-├── __test__/                       # Bun テスト (92 tests, 20 files)
+├── __test__/                       # Bun テスト
 ├── package.json
 ├── tsconfig.json
 └── .gitignore

package/dist/index.js

@@ -13552,6 +13552,9 @@ import { join } from "path";
 function getConfigDir() {
   return process.env.XDG_CONFIG_HOME ? join(process.env.XDG_CONFIG_HOME, "opencode") : join(homedir(), ".config", "opencode");
 }
+function getCacheDir() {
+  return process.env.XDG_CACHE_HOME ? join(process.env.XDG_CACHE_HOME, "opencode") : join(homedir(), ".cache", "opencode");
+}
 // node_modules/jsonc-parser/lib/esm/impl/scanner.js
 function createScanner(text, ignoreTrivia = false) {
   const len = text.length;
@@ -14640,35 +14643,50 @@ var BUILTIN_AGENTS = {
   },
   scout: {
     model: "anthropic/claude-sonnet-4-5",
-    description: "Plugin ecosystem researcher \u2014 finds, analyzes, and compares OpenCode plugins for self-improvement",
+    description: "Plugin ecosystem researcher \u2014 discovers features and techniques from other OpenCode plugins",
     prompt: `You are Scout, an OpenCode plugin ecosystem researcher.
 
 ## YOUR MISSION
-Search the web (npm, GitHub, OpenCode community) for OpenCode plugins and extensions.
-Analyze their features, architecture, and quality. Compare with opencode-ultra.
+Search for OpenCode plugins and analyze WHAT THEY DO and HOW THEY DO IT.
+The goal is to find features and techniques that opencode-ultra can learn from \u2014 NOT to recommend installing them.
 
 ## SEARCH STRATEGY
 1. Search npm for "opencode-plugin", "opencode-ai", "@opencode" packages
 2. Search GitHub for "opencode plugin", "opencode extension", "oh-my-opencode"
 3. Look at package.json dependencies on @opencode-ai/plugin or @opencode-ai/sdk
-4. Read README files and source code of discovered plugins
+4. Read README files and SOURCE CODE of discovered plugins \u2014 understand their implementation
+
+## WHAT TO ANALYZE PER PLUGIN
+- **name**: package name + repo URL
+- **description**: what it does
+- **features**: detailed list of capabilities
+- **hooks used**: which OpenCode hooks (chat.message, tool.execute.after, etc.)
+- **tools provided**: custom tools and what they do
+- **techniques**: interesting implementation patterns (e.g. caching strategies, prompt engineering, API usage)
+- **unique ideas**: features/approaches NOT in opencode-ultra
+
+## WHAT TO SKIP
+- Auth plugins (opencode-*-auth) \u2014 domain-specific, not relevant
+- Abandoned/empty repos (no commits in 6+ months, no README)
+- Trivial wrappers (just re-exports or single-function plugins)
 
 ## OUTPUT FORMAT
-For each plugin found, report:
-- **Name**: package name + repo URL
-- **Version**: latest version
-- **Features**: bullet list of capabilities
-- **Architecture**: hook types used, tool count, agent count
-- **Quality signals**: test count, TypeScript, last updated, download count
-- **Unique ideas**: features that opencode-ultra does NOT have
+For each INTERESTING plugin (skip the trivial ones):
 
-## COMPARISON
-After listing plugins, generate a structured gap analysis:
-- Features others have that opencode-ultra lacks
-- Features opencode-ultra has that others lack (competitive advantages)
-- Improvement priority list (high/medium/low impact)
+### [plugin-name]
+- **What**: one-line description
+- **Repo**: URL
+- **Features**: bullet list
+- **Hooks**: which hooks and how they use them
+- **Tools**: custom tools and purpose
+- **Interesting technique**: what they do that's clever or useful
+- **Applicable to opencode-ultra**: YES/NO + what we could adapt
 
-Be thorough but focused. Skip abandoned or trivial plugins.`,
+End with a summary section:
+## Features opencode-ultra could adopt
+(Ranked by impact \u2014 high/medium/low)
+
+Be thorough but focused on QUALITY over quantity. 5 well-analyzed plugins beats 20 superficial listings.`,
     mode: "subagent",
     maxTokens: 32000
   }
@@ -14906,30 +14924,70 @@ var THINK_MESSAGE = `Extended thinking enabled. Take your time to reason thoroug
 var EVOLVE_MESSAGE = `[evolve-mode] SELF-IMPROVEMENT CYCLE ACTIVATED.
 
 ## MISSION
-Search the OpenCode plugin ecosystem, find what others have built, and identify gaps in opencode-ultra.
+Discover what other OpenCode plugins do well, compare with opencode-ultra's current capabilities, and propose concrete improvements to opencode-ultra itself.
+
+This is NOT about installing other plugins. This is about LEARNING from the ecosystem and making opencode-ultra better.
 
-## STEPS
-1. **SCOUT** \u2014 Spawn the **scout** agent to search npm/GitHub for OpenCode plugins
-2. **READ SELF** \u2014 Read opencode-ultra's own README.md and key source files to know current capabilities
-3. **COMPARE** \u2014 Generate a structured gap analysis (what we have vs what we're missing)
-4. **PRIORITIZE** \u2014 Rank missing features by impact (high/medium/low)
-5. **PROPOSE** \u2014 Present improvement plan to the user
-6. **SAVE** \u2014 Save findings to a continuity ledger via ledger_save for future reference
+## TOOLS AVAILABLE
+- **spawn_agent** \u2014 run scout + explore agents in parallel for data gathering
+- **ledger_save** \u2014 persist improvement proposals for future implementation
 
-## EXECUTION
+## PHASE 1: GATHER (parallel)
 \`\`\`
 spawn_agent({
   agents: [
-    {agent: "scout", prompt: "Search npm and GitHub for OpenCode 1.2.x plugins. Find all published plugins, analyze features, compare with opencode-ultra.", description: "Plugin ecosystem scan"},
-    {agent: "explore", prompt: "Read opencode-ultra's README.md, src/index.ts, src/agents/index.ts to catalog current features", description: "Self-analysis"}
+    {agent: "scout", prompt: "Search npm and GitHub for OpenCode 1.2.x plugins. For EACH plugin, analyze: what features does it provide? What hooks, tools, or techniques does it use? Focus on UNIQUE capabilities that are genuinely useful. Return a structured feature inventory per plugin.", description: "Ecosystem feature scan"},
+    {agent: "explore", prompt: "Read opencode-ultra's source: src/index.ts, src/tools/*.ts, src/hooks/*.ts, src/safety/*.ts, src/agents/index.ts, README.md. Catalog every feature, tool, hook, and capability. Be exhaustive.", description: "Self-analysis"}
   ]
 })
 \`\`\`
 
-After gathering results, synthesize into a gap analysis and present to the user.
-Save the analysis via: ledger_save({name: "evolve-scan-YYYY-MM-DD", content: "..."})
+## PHASE 2: COMPARE
+After gathering results, build a structured gap analysis:
+
+### Feature Matrix
+| Feature | opencode-ultra | Other plugin(s) | Gap? |
+|---------|---------------|-----------------|------|
+| (feature) | Yes/No | Which plugin has it | Missing / Partial / Covered |
+
+Focus on features that are:
+- **Genuinely useful** (not gimmicks)
+- **Feasible to implement** (not requiring external infrastructure)
+- **Complementary** to existing capabilities (not duplicate)
+
+### What to IGNORE
+- Auth plugins (opencode-antigravity-auth etc.) \u2014 domain-specific, not relevant
+- oh-my-opencode features we already ported \u2014 mark as "Covered"
+- Trivial wrappers or abandoned projects
+
+## PHASE 3: PROPOSE
+For each identified gap, produce a concrete improvement proposal:
+
+\`\`\`
+## Improvement: [Feature Name]
+**Inspiration**: [Plugin name] \u2014 [what it does]
+**Why**: [Why opencode-ultra needs this]
+**How**: [Implementation sketch \u2014 which file to modify, what to add]
+**Effort**: Low / Medium / High
+**Priority**: P0 (critical) / P1 (important) / P2 (nice-to-have)
+\`\`\`
+
+Sort proposals by Priority then Effort (P0-Low first, P2-High last).
+
+## PHASE 4: SAVE
+Save the full analysis to the continuity ledger:
+\`\`\`
+ledger_save({
+  name: "evolve-scan-YYYY-MM-DD",
+  content: "# Evolve Scan Results\\n\\n## Feature Matrix\\n...\\n## Improvement Proposals\\n..."
+})
+\`\`\`
 
-**This is how opencode-ultra gets better \u2014 by knowing what it doesn't know.**`;
+## IMPORTANT
+- The goal is to make opencode-ultra BETTER, not to install other plugins.
+- Other plugins are REFERENCE MATERIAL \u2014 study their approach, then design our own implementation.
+- Every proposal must include a concrete "How" section with file paths and implementation direction.
+- Present the final proposals to the user for approval before any implementation.`;
 
 // src/hooks/rules-injector.ts
 import * as fs2 from "fs";
@@ -27489,6 +27547,182 @@ function sanitizeSpawnResult(result) {
   return banner + `
 ` + text;
 }
+// src/safety/trust-score.ts
+var KNOWN_SCOPES = [
+  "@opencode-ai/",
+  "opencode-",
+  "@tarquinen/",
+  "@azumag/",
+  "@hoangp8/",
+  "@gitlab/"
+];
+var TYPOSQUAT_PATTERNS = [
+  /^0pencode/i,
+  /^opencodd/i,
+  /^openc0de/i,
+  /^opencodee/i,
+  /^opeencode/i,
+  /^opemcode/i,
+  /^opencode-.{1,3}$/i
+];
+function computeTrustScore(meta3) {
+  const factors = [];
+  factors.push(scoreRecency(meta3));
+  factors.push(scorePopularity(meta3));
+  factors.push(scoreQuality(meta3));
+  factors.push(scoreRepository(meta3));
+  factors.push(scoreSafety(meta3));
+  const totalScore = Math.min(100, factors.reduce((sum, f) => sum + f.score, 0));
+  const level = classifyLevel(totalScore);
+  const summary = buildSummary(meta3.name, totalScore, level, factors);
+  log("Trust score computed", { package: meta3.name, score: totalScore, level });
+  return { score: totalScore, level, factors, summary };
+}
+function scoreRecency(meta3) {
+  const maxScore = 25;
+  if (!meta3.lastPublished) {
+    return { name: "recency", score: 0, maxScore, detail: "No publish date available" };
+  }
+  const daysAgo = daysSince(meta3.lastPublished);
+  if (daysAgo < 30)
+    return { name: "recency", score: 25, maxScore, detail: `Updated ${daysAgo}d ago` };
+  if (daysAgo < 90)
+    return { name: "recency", score: 20, maxScore, detail: `Updated ${daysAgo}d ago` };
+  if (daysAgo < 180)
+    return { name: "recency", score: 15, maxScore, detail: `Updated ${daysAgo}d ago` };
+  if (daysAgo < 365)
+    return { name: "recency", score: 10, maxScore, detail: `Updated ${daysAgo}d ago \u2014 getting stale` };
+  return { name: "recency", score: 3, maxScore, detail: `Updated ${daysAgo}d ago \u2014 likely abandoned` };
+}
+function scorePopularity(meta3) {
+  const maxScore = 25;
+  let score = 0;
+  const details = [];
+  const dl = meta3.weeklyDownloads ?? 0;
+  if (dl > 1e4) {
+    score += 15;
+    details.push(`${dl.toLocaleString()} weekly DL`);
+  } else if (dl > 1000) {
+    score += 12;
+    details.push(`${dl.toLocaleString()} weekly DL`);
+  } else if (dl > 100) {
+    score += 8;
+    details.push(`${dl} weekly DL`);
+  } else if (dl > 10) {
+    score += 4;
+    details.push(`${dl} weekly DL \u2014 low`);
+  } else {
+    score += 0;
+    details.push(`${dl} weekly DL \u2014 very low`);
+  }
+  const stars = meta3.stars ?? 0;
+  if (stars > 100) {
+    score += 10;
+    details.push(`${stars} stars`);
+  } else if (stars > 20) {
+    score += 7;
+    details.push(`${stars} stars`);
+  } else if (stars > 5) {
+    score += 4;
+    details.push(`${stars} stars`);
+  } else {
+    score += 0;
+    details.push(`${stars} stars`);
+  }
+  return { name: "popularity", score: Math.min(maxScore, score), maxScore, detail: details.join(", ") };
+}
+function scoreQuality(meta3) {
+  const maxScore = 20;
+  let score = 0;
+  const details = [];
+  if (meta3.license && meta3.license !== "NONE" && meta3.license !== "UNLICENSED") {
+    score += 7;
+    details.push(`License: ${meta3.license}`);
+  } else {
+    details.push("No license");
+  }
+  if (meta3.hasReadme !== false) {
+    score += 5;
+    details.push("Has README");
+  } else {
+    details.push("No README");
+  }
+  const maintainers = meta3.maintainerCount ?? 0;
+  if (maintainers >= 2) {
+    score += 5;
+    details.push(`${maintainers} maintainers`);
+  } else if (maintainers === 1) {
+    score += 3;
+    details.push("1 maintainer");
+  } else {
+    details.push("No maintainer info");
+  }
+  if (meta3.description && meta3.description.length > 20) {
+    score += 3;
+  } else {
+    details.push("Weak description");
+  }
+  return { name: "quality", score: Math.min(maxScore, score), maxScore, detail: details.join(", ") };
+}
+function scoreRepository(meta3) {
+  const maxScore = 15;
+  if (!meta3.repository) {
+    return { name: "repository", score: 0, maxScore, detail: "No repository link \u2014 suspicious" };
+  }
+  if (meta3.repository.includes("github.com")) {
+    return { name: "repository", score: 15, maxScore, detail: `Repo: ${meta3.repository}` };
+  }
+  if (meta3.repository.includes("gitlab.com") || meta3.repository.includes("bitbucket.org")) {
+    return { name: "repository", score: 12, maxScore, detail: `Repo: ${meta3.repository}` };
+  }
+  return { name: "repository", score: 5, maxScore, detail: `Repo: ${meta3.repository} (unknown host)` };
+}
+function scoreSafety(meta3) {
+  const maxScore = 15;
+  let score = 15;
+  const details = [];
+  if (isTyposquatSuspect(meta3.name)) {
+    score -= 15;
+    details.push("TYPOSQUAT SUSPECT");
+  } else {
+    details.push("Name OK");
+  }
+  if (KNOWN_SCOPES.some((s) => meta3.name.startsWith(s))) {
+    score = Math.min(maxScore, score + 3);
+    details.push("Known scope");
+  }
+  const deps = meta3.dependencyCount ?? 0;
+  if (deps > 50) {
+    score = Math.max(0, score - 5);
+    details.push(`${deps} deps \u2014 heavy`);
+  } else if (deps > 20) {
+    score = Math.max(0, score - 2);
+    details.push(`${deps} deps`);
+  }
+  return { name: "safety", score: Math.max(0, score), maxScore, detail: details.join(", ") };
+}
+function isTyposquatSuspect(name) {
+  return TYPOSQUAT_PATTERNS.some((p) => p.test(name));
+}
+function classifyLevel(score) {
+  if (score >= 90)
+    return "high";
+  if (score >= 70)
+    return "medium";
+  if (score >= 40)
+    return "low";
+  return "risky";
+}
+function daysSince(isoDate) {
+  const then = new Date(isoDate).getTime();
+  const now = Date.now();
+  return Math.floor((now - then) / (1000 * 60 * 60 * 24));
+}
+function buildSummary(name, score, level, factors) {
+  const icon = level === "high" ? "V" : level === "medium" ? "~" : level === "low" ? "!" : "X";
+  const weakest = [...factors].sort((a, b) => a.score / a.maxScore - b.score / b.maxScore)[0];
+  return `[${icon}] ${name}: ${score}/100 (${level}) \u2014 weakest: ${weakest.name} (${weakest.score}/${weakest.maxScore}: ${weakest.detail})`;
+}
 // src/tools/spawn-agent.ts
 var DEFAULT_MAX_TOTAL_SPAWNED = 15;
 var DEFAULT_AGENT_TIMEOUT_MS = 180000;
@@ -28086,6 +28320,199 @@ function createAstSearchTool(ctx, binaryPath) {
   });
 }
 
+// src/tools/evolve-apply.ts
+import * as fs7 from "fs";
+import * as path7 from "path";
+function readJson(filePath) {
+  try {
+    return JSON.parse(fs7.readFileSync(filePath, "utf-8"));
+  } catch {
+    return null;
+  }
+}
+function writeJson(filePath, data) {
+  fs7.writeFileSync(filePath, JSON.stringify(data, null, 2) + `
+`, "utf-8");
+}
+function createBackup(configDir) {
+  const ts = new Date().toISOString().replace(/[:.]/g, "-").slice(0, 19);
+  const backupDir = path7.join(configDir, "backups", `pre-evolve-${ts}`);
+  fs7.mkdirSync(backupDir, { recursive: true });
+  const configPath = path7.join(configDir, "opencode.json");
+  const pkgPath = path7.join(configDir, "package.json");
+  const cachePkgPath = path7.join(getCacheDir(), "package.json");
+  if (fs7.existsSync(configPath)) {
+    fs7.copyFileSync(configPath, path7.join(backupDir, "opencode.json"));
+  }
+  if (fs7.existsSync(pkgPath)) {
+    fs7.copyFileSync(pkgPath, path7.join(backupDir, "package.json"));
+  }
+  if (fs7.existsSync(cachePkgPath)) {
+    fs7.copyFileSync(cachePkgPath, path7.join(backupDir, "cache-package.json"));
+  }
+  log("Evolve backup created", { path: backupDir });
+  return backupDir;
+}
+function createEvolveApplyTool(ctx) {
+  return tool({
+    description: `Apply evolve scan recommendations to OpenCode configuration.
+Takes a list of plugin recommendations (from evolve scan), computes trust scores,
+creates a backup, and adds approved plugins to opencode.json and package.json.
+
+IMPORTANT: Only plugins with trust score >= 40 (low or above) are added.
+Risky plugins (score < 40) are skipped with a warning.
+
+Use dryRun: true to preview changes without applying them.
+
+Example:
+evolve_apply({
+  plugins: [
+    {name: "opencode-supermemory", version: "latest", reason: "Persistent memory across sessions"},
+    {name: "@azumag/opencode-rate-limit-fallback", version: "^1.0.0", reason: "Rate limit handling"}
+  ],
+  dryRun: false
+})`,
+    args: {
+      plugins: tool.schema.array(tool.schema.object({
+        name: tool.schema.string().describe("npm package name"),
+        version: tool.schema.string().optional().describe("Version spec (default: latest)"),
+        reason: tool.schema.string().describe("Why this plugin is recommended"),
+        metadata: tool.schema.object({
+          name: tool.schema.string(),
+          lastPublished: tool.schema.string().optional(),
+          weeklyDownloads: tool.schema.number().optional(),
+          stars: tool.schema.number().optional(),
+          repository: tool.schema.string().optional(),
+          license: tool.schema.string().optional(),
+          hasReadme: tool.schema.boolean().optional(),
+          maintainerCount: tool.schema.number().optional(),
+          dependencyCount: tool.schema.number().optional()
+        }).optional().describe("Package metadata for trust scoring (if available)")
+      })).describe("Plugins to evaluate and potentially install"),
+      dryRun: tool.schema.boolean().optional().describe("Preview changes without applying (default: false)"),
+      minTrustScore: tool.schema.number().optional().describe("Minimum trust score to auto-install (default: 40)")
+    },
+    execute: async (args) => {
+      const { plugins } = args;
+      const dryRun = args.dryRun ?? false;
+      const minScore = args.minTrustScore ?? 40;
+      if (!plugins || plugins.length === 0) {
+        return "No plugins specified.";
+      }
+      const configDir = getConfigDir();
+      const configPath = path7.join(configDir, "opencode.json");
+      const cachePkgPath = path7.join(getCacheDir(), "package.json");
+      const config3 = readJson(configPath);
+      if (!config3) {
+        return `Error: Cannot read ${configPath}`;
+      }
+      const currentPlugins = config3.plugin ?? [];
+      const cachePkg = readJson(cachePkgPath);
+      const currentDeps = cachePkg?.dependencies ?? {};
+      const added = [];
+      const skipped = [];
+      const trustLines = [];
+      for (const rec of plugins) {
+        const alreadyInConfig = currentPlugins.some((p) => p === rec.name || p.startsWith(rec.name + "@"));
+        const alreadyInDeps = rec.name in currentDeps;
+        if (alreadyInConfig || alreadyInDeps) {
+          skipped.push({ name: rec.name, reason: "Already installed" });
+          trustLines.push(`  SKIP ${rec.name} \u2014 already installed`);
+          continue;
+        }
+        const meta3 = rec.metadata ?? { name: rec.name };
+        const trustResult = computeTrustScore(meta3);
+        const scoreTag = `[${trustResult.score}/100 ${trustResult.level}]`;
+        trustLines.push(`  ${scoreTag} ${rec.name} \u2014 ${rec.reason}`);
+        for (const f of trustResult.factors) {
+          trustLines.push(`    ${f.name}: ${f.score}/${f.maxScore} (${f.detail})`);
+        }
+        if (trustResult.score < minScore) {
+          skipped.push({
+            name: rec.name,
+            reason: `Trust score ${trustResult.score} < ${minScore} (${trustResult.level})`
+          });
+          trustLines.push(`    -> REJECTED (below threshold ${minScore})`);
+          continue;
+        }
+        added.push(rec.name);
+        trustLines.push(`    -> APPROVED`);
+      }
+      const trustReport = trustLines.join(`
+`);
+      if (added.length === 0) {
+        log("Evolve apply: nothing to add", { skipped: skipped.length });
+        return formatResult({
+          added: [],
+          skipped,
+          dryRun,
+          trustReport
+        });
+      }
+      if (dryRun) {
+        log("Evolve apply: dry run", { wouldAdd: added });
+        return formatResult({ added, skipped, dryRun: true, trustReport });
+      }
+      const backupDir = createBackup(configDir);
+      const pluginEntry = (name, version3) => version3 && version3 !== "latest" ? `${name}@${version3}` : name;
+      for (const name of added) {
+        const rec = plugins.find((p) => p.name === name);
+        const entry = pluginEntry(name, rec.version);
+        if (!currentPlugins.includes(entry)) {
+          currentPlugins.push(entry);
+        }
+      }
+      config3.plugin = currentPlugins;
+      writeJson(configPath, config3);
+      log("Evolve apply: updated opencode.json", { plugins: currentPlugins });
+      if (cachePkg) {
+        const deps = cachePkg.dependencies ?? {};
+        for (const name of added) {
+          const rec = plugins.find((p) => p.name === name);
+          deps[name] = rec.version ?? "latest";
+        }
+        cachePkg.dependencies = deps;
+        writeJson(cachePkgPath, cachePkg);
+        log("Evolve apply: updated cache/package.json");
+      }
+      return formatResult({ added, skipped, backup: backupDir, dryRun: false, trustReport });
+    }
+  });
+}
+function formatResult(result) {
+  const lines = [];
+  lines.push(result.dryRun ? "## Evolve Apply (DRY RUN)" : "## Evolve Apply Results");
+  lines.push("");
+  if (result.backup) {
+    lines.push(`**Backup**: \`${result.backup}\``);
+    lines.push("");
+  }
+  lines.push("### Trust Score Report");
+  lines.push("```");
+  lines.push(result.trustReport);
+  lines.push("```");
+  lines.push("");
+  if (result.added.length > 0) {
+    lines.push(result.dryRun ? "### Would Add" : "### Added");
+    for (const name of result.added) {
+      lines.push(`- ${name}`);
+    }
+    lines.push("");
+  }
+  if (result.skipped.length > 0) {
+    lines.push("### Skipped");
+    for (const { name, reason } of result.skipped) {
+      lines.push(`- ${name} \u2014 ${reason}`);
+    }
+    lines.push("");
+  }
+  if (!result.dryRun && result.added.length > 0) {
+    lines.push("> **Note**: Run `bun install` in `~/.cache/opencode/` to install the new packages, then restart OpenCode.");
+  }
+  return lines.join(`
+`);
+}
+
 // src/hooks/todo-enforcer.ts
 var DEFAULT_MAX_ENFORCEMENTS = 5;
 var sessionState = new Map;
@@ -28168,7 +28595,7 @@ ${unfinished.map((t) => `- [ ] ${t.text}`).join(`
 }
 
 // src/hooks/comment-checker.ts
-import * as fs7 from "fs";
+import * as fs8 from "fs";
 var AI_SLOP_PATTERNS = [
   /\/\/ .{80,}/,
   /\/\/ (This|The|We|Here|Note:)/i,
@@ -28247,7 +28674,7 @@ function createCommentCheckerHook(internalSessions, maxRatio = 0.3, slopThreshol
     if (!filePath || !isCodeFile(filePath))
       return;
     try {
-      const content = fs7.readFileSync(filePath, "utf-8");
+      const content = fs8.readFileSync(filePath, "utf-8");
       const result = checkComments(content, filePath, maxRatio, slopThreshold);
       if (result.shouldWarn) {
         output.output += `
@@ -28555,6 +28982,7 @@ var OpenCodeUltra = async (ctx) => {
   const ledgerLoad = createLedgerLoadTool(ctx);
   const astGrepBin = findAstGrepBinary();
   const astSearch = astGrepBin ? createAstSearchTool(ctx, astGrepBin) : null;
+  const evolveApply = createEvolveApplyTool(ctx);
   const todoEnforcer = createTodoEnforcer(ctx, internalSessions, pluginConfig.todo_enforcer?.maxEnforcements);
   const commentCheckerHook = createCommentCheckerHook(internalSessions, pluginConfig.comment_checker?.maxRatio, pluginConfig.comment_checker?.slopThreshold);
   const tokenTruncationHook = createTokenTruncationHook(internalSessions, pluginConfig.token_truncation?.maxChars);
@@ -28593,6 +29021,9 @@ var OpenCodeUltra = async (ctx) => {
   if (!disabledTools.has("ast_search") && astSearch) {
     toolRegistry.ast_search = astSearch;
   }
+  if (!disabledTools.has("evolve_apply")) {
+    toolRegistry.evolve_apply = evolveApply;
+  }
   return {
     tool: toolRegistry,
     config: async (config3) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-ultra",
-  "version": "0.5.1",
+  "version": "0.6.1",
   "description": "Lightweight OpenCode 1.2.x plugin — ultrawork mode, multi-agent orchestration, rules injection",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",