opencodekit 0.18.7 → 0.18.8

package/dist/index.js

@@ -18,7 +18,7 @@ var __require = /* @__PURE__ */ createRequire(import.meta.url);
 
 //#endregion
 //#region package.json
-var version = "0.18.7";
+var version = "0.18.8";
 
 //#endregion
 //#region src/utils/errors.ts

package/dist/template/.opencode/AGENTS.md

@@ -100,6 +100,14 @@ If a lookup, search, or tool call returns empty, partial, or suspiciously narrow
 - For lists, batches, or paginated results: determine expected scope, track processed items, confirm full coverage
 - If any item is blocked by missing data, mark it `[blocked]` and state exactly what is missing
 
+### Plan Quality Gate
+
+Before approving or executing any implementation plan:
+
+1. Plan MUST contain a `## Discovery` section with substantive research findings (>100 characters)
+2. Plans without documented discovery skip the research phase and produce worse implementations
+3. If discovery is missing or boilerplate, reject the plan and research first
+
 ---
 
 ## Hard Constraints (Never Violate)
@@ -157,6 +165,74 @@ Use specialist agents by intent:
 
 **Parallelism rule**: Use parallel subagents for 3+ independent tasks; otherwise work sequentially.
 
+### Worker Distrust Protocol
+
+Subagent self-reports are **approximately 50% accurate**. After every `task()` returns:
+
+1. **Read changed files directly** — don't trust the summary; `git diff` or read modified files
+2. **Run verification on modified files** — typecheck + lint at minimum; tests if the change touches behavior
+3. **Check acceptance criteria** — compare actual output against the original task spec, not the agent's claims
+4. **Verify nothing was broken** — check that files outside the agent's scope weren't unexpectedly modified
+
+```
+✅ Agent reports success → Read diff → Run verification → Confirm criteria → Accept
+❌ Agent reports success → Trust it → Move on
+❌ Agent reports success → Skim summary → Accept
+```
+
+This applies to ALL subagent types (`@general`, `@explore`, `@review`, `@scout`), not just implementation agents.
+
+### Structured Termination Contract
+
+Every subagent task MUST return a structured response. When dispatching, include this in the prompt:
+
+```
+Return your results in this exact format:
+
+## Result
+- **Status:** completed | blocked | failed
+- **Files Modified:** [list of file paths]
+- **Files Read:** [list of file paths consulted]
+
+## Verification
+- [What you verified and how]
+- [Command output or evidence]
+
+## Summary
+[2-5 sentences: what was done, key decisions, anything unexpected]
+
+## Blockers (if status is blocked/failed)
+- [What's blocking]
+- [What was tried]
+- [Recommended next step]
+```
+
+When a subagent returns WITHOUT this structure, treat the response with extra skepticism — unstructured reports are more likely to omit failures or exaggerate completion.
+
+### Context File Pattern
+
+For complex delegations, write context to a file instead of inlining it in the `task()` prompt:
+
+```typescript
+// ❌ Token-expensive: inlining large context
+task({
+  prompt: `Here is the full plan:\n${longPlanContent}\n\nImplement task 3...`
+});
+
+// ✅ Token-efficient: reference by path
+// Write context file first:
+write('.beads/artifacts/<id>/worker-context.md', contextContent);
+// Then reference it:
+task({
+  prompt: `Read the context file at .beads/artifacts/<id>/worker-context.md\n\nImplement task 3 as described in that file.`
+});
+```
+
+Use this pattern when:
+- Context exceeds ~500 tokens
+- Multiple subagents need the same context
+- Plan content, research findings, or specs need to be passed to workers
+
 ---
 
 ## Question Policy

package/dist/template/.opencode/agent/build.md

@@ -350,6 +350,15 @@ task({ subagent_type: "general", description: "...", prompt: "..." });
 
 Then synthesize results, verify locally, and report with file-level evidence.
 
+**Mandatory post-delegation steps** (Worker Distrust Protocol):
+
+1. Read changed files directly — don't trust the agent summary
+2. Run verification on modified files (typecheck + lint minimum)
+3. Check acceptance criteria against the original task spec
+4. Only then accept the work
+
+Include the **Structured Termination Contract** in every subagent prompt (Result/Verification/Summary/Blockers format). See AGENTS.md delegation policy for the template.
+
 ## Output
 
 Report in this order:

package/dist/template/.opencode/dcp.jsonc

@@ -6,12 +6,17 @@
 	"pruneNotification": "detailed",
 	// "chat" (in-conversation) or "toast" (system notification)
 	"pruneNotificationType": "toast",
-	// Commands: /dcp context, /dcp stats, /dcp sweep, /dcp decompress, /dcp recompress
+	// Commands: /dcp context, /dcp stats, /dcp sweep, /dcp compress, /dcp decompress, /dcp recompress
 	"commands": {
 		"enabled": true,
 		// Protect these from /dcp sweep
 		"protectedTools": ["observation", "memory-update", "memory-search"]
 	},
+	// Manual mode: disables autonomous context management
+	"manualMode": {
+		"enabled": false,
+		"automaticStrategies": true
+	},
 	"turnProtection": {
 		"enabled": true,
 		"turns": 4
@@ -27,32 +32,26 @@
 		"**/biome.json"
 	],
 	"compress": {
-		// v2.2.x beta: compress is the primary context management tool
+		// v3.0.0: single compress tool replaces the old 3-tool system
 		"permission": "allow",
 		"showCompression": false,
 		"maxContextLimit": "80%",
 		"minContextLimit": 30000,
+		"nudgeFrequency": 5,
+		"iterationNudgeThreshold": 15,
+		"nudgeForce": "soft",
 		"flatSchema": false,
 		"protectUserMessages": true,
-		"protectedTools": [
-			"write",
-			"edit",
-			"memory-*",
-			"observation",
-			"skill",
-			"skill_mcp",
-			"task",
-			"batch",
-			"todowrite",
-			"todoread",
-			"tilth_*"
-		]
+		// v3.0.0 auto-protects: task, skill, todowrite, todoread, compress, batch, plan_enter, plan_exit
+		// Only list additional tools here
+		"protectedTools": ["write", "edit", "memory-*", "observation", "tilth_*"]
 	},
-	// v2.2.5-beta0: experimental subagent support
+	// Experimental features
 	"experimental": {
-		"allowSubAgents": true
+		"allowSubAgents": true,
+		"customPrompts": false
 	},
-	// Auto strategies - TOP LEVEL, not under tools
+	// Auto strategies
 	"strategies": {
 		// Dedup = zero LLM cost, high impact - always enable
 		"deduplication": {

package/dist/template/.opencode/opencode.json

@@ -151,7 +151,7 @@
 		}
 	},
 	"plugin": [
-		"@tarquinen/opencode-dcp@beta",
+		"@tarquinen/opencode-dcp@latest",
 		"@franlol/opencode-md-table-formatter@0.0.3",
 		"openslimedit@latest"
 	],

package/dist/template/.opencode/package.json

@@ -11,7 +11,7 @@
     "type-check": "tsc --noEmit"
   },
   "dependencies": {
-    "@opencode-ai/plugin": "1.2.22"
+    "@opencode-ai/plugin": "1.2.24"
   },
   "devDependencies": {
     "@types/node": "^25.3.0",

package/dist/template/.opencode/skill/dispatching-parallel-agents/SKILL.md

@@ -82,6 +82,7 @@ Good agent prompts are:
 1. **Focused** - One clear problem domain
 2. **Self-contained** - All context needed to understand the problem
 3. **Specific about output** - What should the agent return?
+4. **Structured termination** - Include the Structured Termination Contract from AGENTS.md (Result/Verification/Summary/Blockers format)
 
 ```markdown
 Fix the 3 failing tests in src/agents/agent-tool-abort.test.ts:
@@ -101,9 +102,11 @@ These are timing/race condition issues. Your task:
 
 Do NOT just increase timeouts - find the real issue.
 
-Return: Summary of what you found and what you fixed.
+[Include Structured Termination Contract here]
 ```
 
+For large investigations (context >500 tokens), use the **Context File Pattern** from AGENTS.md — write context to `.beads/artifacts/<id>/investigation-context.md` and reference by path in the dispatch prompt.
+
 ## Common Mistakes
 
 **❌ Too broad:** "Fix all the tests" - agent gets lost

package/dist/template/.opencode/skill/requesting-code-review/SKILL.md

@@ -94,6 +94,36 @@ Choose the smallest review depth that still covers the risk.
 
 Do **not** dispatch 5 reviewers by reflex for every tiny change. That produces noise, not rigor.
 
+## Review Scope Self-Check
+
+Before writing ANY review finding, the reviewer MUST ask:
+
+> **"Am I questioning APPROACH or DOCUMENTATION/CORRECTNESS?"**
+
+| Answer | Action |
+| --- | --- |
+| **APPROACH** — "I would have done it differently" | **Stay silent.** The approach was decided during planning. Review doesn't re-litigate design. |
+| **DOCUMENTATION** — "A new developer couldn't execute this" | **Raise it.** Missing file paths, vague acceptance criteria, assumed context. |
+| **CORRECTNESS** — "This will break at runtime" | **Raise it.** Bugs, security holes, type errors, logic flaws. |
+
+### Red Flags for Scope Creep
+
+- Suggesting alternative libraries or frameworks → **out of scope** (approach)
+- "I would rename this to..." without a concrete bug → **out of scope** (style preference)
+- "Consider adding feature X" that wasn't in requirements → **out of scope** (scope inflation)
+- "This could be more performant" without evidence of a real problem → **out of scope** (premature optimization)
+
+### What Reviewers SHOULD Flag
+
+- Missing error handling that will crash in production → **correctness**
+- Vague acceptance criteria that workers can't verify → **documentation**
+- Hardcoded values with no explanation → **documentation**
+- Missing file paths for tasks that require edits → **documentation**
+- "Use the existing pattern" without specifying which pattern → **documentation**
+- Security vulnerabilities (injection, auth bypass, secrets) → **correctness**
+
+Include this self-check instruction in EVERY review dispatch prompt to prevent bikeshedding.
+
 ## Step 1: Get Git Context
 
 ### Setup Checklist

package/dist/template/.opencode/skill/subagent-driven-development/SKILL.md

@@ -35,6 +35,8 @@ dependencies: [executing-plans]
 
 Read plan file, create TodoWrite with all tasks.
 
+**Context file pattern:** If the plan exceeds ~500 tokens, write it to `.beads/artifacts/<id>/plan-context.md` and reference by path in subagent prompts instead of inlining. This saves tokens when dispatching multiple subagents from the same plan.
+
 ### 2. Execute Task with Subagent
 
 For each task:
@@ -56,10 +58,15 @@ Task tool (general-purpose):
 
     Work from: [directory]
 
-    Report: What you implemented, what you tested, test results, files changed, any issues
+    [Include Structured Termination Contract from AGENTS.md]
 ```
 
-**Subagent reports back** with summary of work.
+**After subagent reports back** — follow the **Worker Distrust Protocol** from AGENTS.md:
+
+1. Read changed files directly (don't trust the report)
+2. Run verification on modified files (typecheck + lint minimum)
+3. Check acceptance criteria against original task spec
+4. Only then mark the task as complete
 
 ### 3. Review Subagent's Work
 

package/dist/template/.opencode/skill/verification-before-completion/SKILL.md

@@ -168,6 +168,37 @@ If you just verified and nothing changed, don't re-verify:
 
 This matters when other commands need verification (e.g., closing beads, `/ship`). If you verified 30 seconds ago and made no changes, the cache lets you skip.
 
+## Enforcement Gates
+
+Prompt-level rules get ignored under pressure. These gates are **hard blocks** — they must be checked at the tool/action level, not just remembered.
+
+### Gate 1: Completion Claims Require verify.log
+
+Before ANY completion claim (bead close, PR creation, `/ship`, task completion):
+
+1. Check `.beads/verify.log` exists and contains a recent `PASS` stamp
+2. If verify.log is missing or stale (older than last file change) → **BLOCK** — run verification first
+3. If verify.log shows `FAIL` → **BLOCK** — do not proceed
+
+```
+✅ verify.log exists, PASS within last edit window → proceed
+❌ verify.log missing → STOP: "Run verification first"
+❌ verify.log shows FAIL → STOP: "Verification failed, fix before claiming complete"
+❌ verify.log stale (files changed since last PASS) → STOP: "Re-run verification"
+```
+
+### Gate 2: Agent Delegation Requires Post-Verification
+
+After ANY `task()` subagent returns with "success", follow the **Worker Distrust Protocol** from AGENTS.md — read changed files, run verification, check acceptance criteria. Do not trust agent self-reports.
+
+### Enforcement Principle
+
+> **Prompt rules fail under pressure. Gates fail safe.**
+>
+> When a constraint matters enough to be an iron law, enforce it at the action level:
+> check a file, verify a condition, reject if unmet. Don't rely on the agent
+> "remembering" to follow the rule.
+
 ## Why This Matters
 
 From 24 failure memories:

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "opencodekit",
-	"version": "0.18.7",
+	"version": "0.18.8",
 	"description": "CLI tool for bootstrapping and managing OpenCodeKit projects",
 	"keywords": [
 		"agents",