opencodekit 0.23.3 → 0.23.4

package/dist/template/.opencode/command/audit.md

@@ -0,0 +1,65 @@
+---
+description: Audit codebase for a specific pattern
+argument-hint: "<pattern>"
+agent: build
+---
+
+# Audit: $ARGUMENTS
+
+Find all occurrences of a code pattern in the codebase, review each for issues, and produce prioritized remediation recommendations.
+
+> Use for cross-cutting concerns like auth checks, error handling, API patterns, or security vulnerabilities.
+
+## Parse Arguments
+
+| Argument | Default  | Description                          |
+| -------- | -------- | ------------------------------------ |
+| Pattern  | required | Code pattern to search for           |
+
+**Examples:**
+- `/audit console.log` — Find all console.log statements
+- `/audit app.use(` — Find all middleware registrations
+- `/audit fetch(` — Find all fetch calls
+- `/audit try {` — Find all try-catch blocks
+
+## Execution
+
+This command invokes the `audit-pattern` workflow for multi-agent parallel execution.
+
+### Workflow Execution
+
+1. **Read the workflow:** `.opencode/workflows/audit-pattern.md`
+2. **Execute all phases:**
+   - Phase 1: Spawn 1 @explore agent to discover all occurrences
+   - Phase 2: Spawn multiple @review agents (dynamic count based on occurrences)
+   - Phase 3: Spawn 1 @general agent to synthesize findings
+3. **Replace placeholders:**
+   - `{pattern}` → the pattern from $ARGUMENTS
+   - `{phase_N_output}` → actual output from completed phases
+4. **Aggregate results** between phases
+5. **Write final report** to `.opencode/artifacts/$(cat .opencode/artifacts/.active)/audit.md`
+
+**Announce:** "Auditing codebase for pattern: [pattern]. Invoking audit-pattern workflow."
+
+## Output
+
+Report:
+
+1. **Pattern:** [pattern searched]
+2. **Occurrences found:** [count]
+3. **Files affected:** [count]
+4. **Issues by severity:**
+   - Critical: [N]
+   - Important: [N]
+   - Minor: [N]
+5. **Recommended fixes:** [list with file:line refs]
+6. **Correct patterns:** [list of occurrences that are already correct]
+
+## Related Commands
+
+| Need              | Command       |
+| ----------------- | ------------- |
+| Research a topic  | `/research`   |
+| Create feature    | `/create`     |
+| Ship feature      | `/ship`       |
+| Verify gates      | `/verify`     |

package/dist/template/.opencode/command/init.md

@@ -9,7 +9,7 @@ agent: build
 Initialize project setup. Run once per project.
 
 > **Next step for fresh projects:** `/plan` to create first implementation plan.  
-> **Next step for existing codebases:** `/review-codebase` for deep codebase analysis.
+> **Next step for existing codebases:** `/research` for deep codebase analysis, or just start describing what you want to build.
 
 ## Idempotency Rules
 
@@ -293,4 +293,21 @@ Report what was created:
 2. tech-stack.md (if core setup ran)
 3. roadmap.md + state.md (if `--context`)
 4. user.md (if `--user`)
-5. Recommended next command: `/plan`, `/review-codebase`, or `/resume`
+5. Recommended next command: `/plan` to start planning, `/research` to explore the codebase, or just describe what you want to build.
+
+---
+
+### Skill Installation
+
+If you use a platform-specific technology, install the matching skill:
+
+```
+.opencode/scripts/install-skill.sh cloudflare
+.opencode/scripts/install-skill.sh react-best-practices
+.opencode/scripts/install-skill.sh supabase-postgres-best-practices
+.opencode/scripts/install-skill.sh swiftui-expert-skill
+.opencode/scripts/install-skill.sh swift-concurrency
+.opencode/scripts/install-skill.sh core-data-expert
+```
+
+Run `.opencode/scripts/install-skill.sh --list` to see all available. Skills are on-demand — only install what your project actually needs.

package/dist/template/.opencode/command/research.md

@@ -10,7 +10,56 @@ Gather information before implementation. Find answers, document findings, stop
 
 > Research can happen at any phase when you need external information or codebase understanding.
 
-## Parse Arguments
+## Complexity Detection
+
+Before starting, analyze the research topic complexity:
+
+**Simple research** (execute directly):
+- Single factual question
+- One specific API or library
+- Narrow scope with clear boundaries
+- Example: "How does React useEffect work?"
+
+**Complex research** (invoke workflow):
+- Multi-angle topic requiring cross-checking
+- Broad scope with multiple perspectives
+- Requires verification from multiple sources
+- Example: "What are the best practices for authentication in 2026?"
+
+### Decision Logic
+
+1. **Parse the topic** from $ARGUMENTS
+2. **Assess complexity:**
+   - Contains "best practices", "compare", "approaches", "strategies" → Complex
+   - Contains "how does", "what is", "explain" → Simple
+   - Topic spans multiple domains or technologies → Complex
+   - Topic is narrow and specific → Simple
+3. **Route accordingly:**
+   - Simple → Execute directly (see "Direct Execution" below)
+   - Complex → Invoke `deep-research` workflow (see "Workflow Execution" below)
+
+## Workflow Execution (Complex Research)
+
+If complexity is detected as complex:
+
+1. **Read the workflow:** `.opencode/workflows/deep-research.md`
+2. **Execute all phases:**
+   - Phase 1: Spawn multiple @scout agents (dynamic count based on angles)
+   - Phase 2: Spawn @review agents to cross-check findings
+   - Phase 3: Spawn 1 @general agent to synthesize report
+3. **Replace placeholders:**
+   - `{question}` → the research topic from $ARGUMENTS
+   - `{phase_N_output}` → actual output from completed phases
+4. **Aggregate results** between phases
+5. **Write final report** to `.opencode/artifacts/$(cat .opencode/artifacts/.active)/research.md`
+
+**Announce:** "This is complex research requiring multi-angle analysis. Invoking deep-research workflow."
+
+## Direct Execution (Simple Research)
+
+If complexity is simple, execute directly:
+
+### Parse Arguments
 
 | Argument         | Default  | Description                         |
 | ---------------- | -------- | ----------------------------------- |
@@ -20,7 +69,7 @@ Gather information before implementation. Find answers, document findings, stop
 
 Default depth: ~30 tool calls for moderate exploration.
 
-## Before You Research
+### Before You Research
 
 - **Be certain**: Only research what you need for implementation
 - **Don't over-research**: Stop when you have enough to proceed
@@ -28,7 +77,7 @@ Default depth: ~30 tool calls for moderate exploration.
 - **Verify confidence**: Medium+ confidence required before stopping
 - **Document findings**: Write to `.opencode/artifacts/$(cat .opencode/artifacts/.active)/research.md` or report directly
 
-## Available Tools
+### Available Tools
 
 | Tool         | Use When                        |
 | ------------ | ------------------------------- |
@@ -39,17 +88,17 @@ Default depth: ~30 tool calls for moderate exploration.
 | `codesearch` | Real-world usage examples       |
 | `grepsearch` | GitHub code search              |
 
-## Phase 1: Load Context
+### Phase 1: Load Context
 
 Read `.opencode/artifacts/$(cat .opencode/artifacts/.active)/spec.md` if it exists and extract questions that need answering.
 
-### Memory Search (Required)
+#### Memory Search (Required)
 
 Search memory for existing findings. Use them to: skip already-answered questions, narrow scope to gaps only, avoid contradicting prior decisions without justification.
 
-## Phase 2: Research
+### Phase 2: Research
 
-### Source Priority
+#### Source Priority
 
 1. **Codebase patterns** — delegate to `explore` agent for LSP analysis
 2. **Official docs** — `context7` for API references
@@ -57,7 +106,7 @@ Search memory for existing findings. Use them to: skip already-answered question
 4. **GitHub examples** — `codesearch` / `grepsearch` for real-world patterns
 5. **Web search** — only if tiers 1-4 don't answer
 
-### Delegation
+#### Delegation
 
 | What              | Agent                        | When                                   |
 | ----------------- | ---------------------------- | -------------------------------------- |
@@ -65,20 +114,20 @@ Search memory for existing findings. Use them to: skip already-answered question
 | External docs     | `scout` (this agent)         | Library APIs, best practices           |
 | Multiple domains  | Parallel `explore` + `scout` | 3+ independent questions               |
 
-### Confidence Levels
+#### Confidence Levels
 
 - **High**: Multiple authoritative sources agree, verified in codebase
 - **Medium**: Single good source, plausible but unverified
 - **Low**: Conflicting info, speculation — discard without corroboration
 
-## Phase 3: Stop When
+### Phase 3: Stop When
 
 - All questions answered with medium+ confidence
 - Tool budget exhausted for depth level
 - Last 5 tool calls yielded no new insights
 - Blocked and need human input
 
-## Phase 4: Document
+### Phase 4: Document
 
 Write findings to `.opencode/artifacts/$(cat .opencode/artifacts/.active)/research.md` (if plan exists) or report directly (if topic):
 
@@ -91,11 +140,12 @@ Write findings to `.opencode/artifacts/$(cat .opencode/artifacts/.active)/resear
 
 Report:
 
-1. Depth level and tool call count
-2. Questions with answer status and confidence
-3. Key insights (bullet points)
-4. Open items remaining
-5. Next step suggestion
+1. **Execution mode:** Direct or Workflow
+2. Depth level and tool call count (if direct)
+3. Questions with answer status and confidence
+4. Key insights (bullet points)
+5. Open items remaining
+6. Next step suggestion
 
 ## Related Commands
 
@@ -104,3 +154,4 @@ Report:
 | Create + start | `/create`    |
 | Plan details   | `/plan <id>` |
 | Pick up work   | `/ship <id>` |
+| Audit codebase | `/audit`     |

package/dist/template/.opencode/command/ship.md

@@ -56,6 +56,53 @@ Set up the workspace: create branch, install deps if needed.
 
 ## Phase 2: Route to Execution
 
+### Complexity Detection
+
+Before routing, analyze the plan complexity:
+
+**Direct execution** (use existing logic):
+- Plan has <5 tasks
+- Tasks have dependencies (not fully independent)
+- Tasks require sequential execution
+- User explicitly requests sequential execution
+
+**Workflow execution** (invoke `batch-implement`):
+- Plan has ≥5 independent tasks
+- Tasks have no file conflicts
+- Tasks can run in parallel
+- User wants maximum parallelism
+
+### Decision Logic
+
+1. **Parse the plan** from `.opencode/artifacts/$(cat .opencode/artifacts/.active)/plan.md` or `tasks.json`
+2. **Count independent tasks** (tasks with no dependencies)
+3. **Check for file conflicts** (do any tasks edit the same files?)
+4. **Route accordingly:**
+   - <5 tasks OR has dependencies OR has file conflicts → Direct execution (see "Direct Execution" below)
+   - ≥5 independent tasks AND no file conflicts → Invoke `batch-implement` workflow (see "Workflow Execution" below)
+
+### Workflow Execution (Parallel Implementation)
+
+If complexity is detected as parallel:
+
+1. **Read the workflow:** `.opencode/workflows/batch-implement.md`
+2. **Execute all phases:**
+   - Phase 1: Spawn 1 @review agent to review plan for task independence
+   - Phase 2: Spawn multiple @general agents (1 per task, dynamic count)
+   - Phase 3: Spawn multiple @review agents to verify implementations
+   - Phase 4: Spawn 1 @general agent to merge results
+3. **Replace placeholders:**
+   - `{plan}` → the implementation plan
+   - `{phase_N_output}` → actual output from completed phases
+4. **Aggregate results** between phases
+5. **Continue to Phase 4: Verification** (skip Phase 3 below)
+
+**Announce:** "This plan has [N] independent tasks. Invoking batch-implement workflow for parallel execution."
+
+### Direct Execution
+
+If complexity is simple or tasks have dependencies, use the existing execution logic below.
+
 | Artifact exists in `.opencode/artifacts/$(cat .opencode/artifacts/.active)/` | Action                                                   |
 | --------------- | -------------------------------------------------------- |
 | `plan.md`       | Parse plan header + dependency graph, execute wave-by-wave |
@@ -436,13 +483,16 @@ Report:
    - Overall assessment: [pass/needs work]
 
 6. **Next Steps:**
-   - `/pr` to create pull request
+   - **Ask user** if they want a PR created from the current branch — always ask, never push without confirmation
    - Manual commits if not already done
    - Note deferred work in `.opencode/artifacts/todo.md`
 
 ## Related Commands
 
-| Need        | Command   |
-| ----------- | --------- |
-| Create spec | `/create` |
-| Create PR   | `/pr`     |
+| Need              | Command       |
+| ----------------- | ------------- |
+| Create feature    | `/create`     |
+| Plan execution    | `/plan`       |
+| Research a topic  | `/research`   |
+| Fix a bug         | `/fix`        |
+| Verify gate       | `/verify`     |

package/dist/template/.opencode/command/verify.md

@@ -158,8 +158,8 @@ observation({
 
 ## Related Commands
 
-| Need              | Command            |
-| ----------------- | ------------------ |
-| Ship after verify | `/ship <id>`       |
-| Review code       | `/review-codebase` |
-| Check status      | `/status`          |
+| Need              | Command       |
+| ----------------- | ------------- |
+| Ship after verify | `/ship <id>`  |
+| Plan a feature    | `/plan`       |
+| Fix a bug         | `/fix`        |

package/dist/template/.opencode/opencode.json

@@ -413,6 +413,18 @@
           },
           "reasoning": true,
           "tool_call": true
+        },
+        "qwen3.7-plus": {
+          "limit": {
+            "context": 300000,
+            "output": 64000
+          },
+          "modalities": {
+            "input": ["text", "image", "video"],
+            "output": ["text"]
+          },
+          "reasoning": true,
+          "tool_call": true
         }
       }
     },

package/dist/template/.opencode/plugin/README.md

@@ -10,7 +10,6 @@ plugin/
 ├── sessions.ts         # Session search tools (find/read)
 ├── copilot-auth.ts     # GitHub Copilot provider/auth integration
 ├── prompt-leverage.ts  # Prompt pre-processing with structured execution framing
-├── rtk.ts              # Optional RTK command-output compression hook
 ├── session-summary.ts  # Structured persistent session summary (artifact trail, decisions, anchored merge)
 ├── skill-mcp.ts        # Skill-scoped MCP bridge (skill_mcp tools)
 └── lib/
@@ -65,11 +64,6 @@ plugin/
   - Upgrades user prompts with objective, context, tool rules, verification, and done criteria
   - Runs through `experimental.chat.messages.transform`
 
-- `rtk.ts`
-  - Optional OpenCode hook for RTK command-output compression
-  - Rewrites low-risk `bash`/`shell` commands through `rtk rewrite`
-  - Keeps an idempotency guard for symlinked global/project config double-loading
-
 - `session-summary.ts`
   - Maintains a structured, incrementally-updated session summary that survives DCP compression cycles
   - **File-artifact tracking**: intercepts `read`, `edit`, `write`, `srcwalk_read` via `tool.execute.before` to track which files were read, modified, or created

package/dist/template/.opencode/skill/defense-in-depth/SKILL.md

@@ -172,5 +172,3 @@ All four layers were necessary. During testing, each layer caught bugs the other
 - Remove one validation layer — the next layer should still catch the error.
 
 ## See Also
-
-- **structured-edit** - Reliable read/verify/edit workflow when changing validation code across layers

package/dist/template/.opencode/skill/development-lifecycle/SKILL.md

@@ -1,8 +1,8 @@
 ---
 name: development-lifecycle
-description: Orchestrates the full feature development lifecycle from ideation through verification. Guides through phases (brainstorm → design → specify → plan → implement → verify) and loads appropriate sub-skills at each stage.
-version: 1.0.0
-tags: [workflow, planning]
+description: Single-agent guide through the full feature development lifecycle (brainstorm → design → specify → plan → implement → verify). For parallel multi-agent execution, use the development-lifecycle-workflow instead.
+version: 1.1.0
+tags: [planning, single-agent]
 dependencies:
   [
     brainstorming,
@@ -17,25 +17,27 @@ dependencies:
 
 ---
 
-# Development Lifecycle Orchestration
+# Development Lifecycle Guide (Single-Agent)
 
 ## When to Use
 
-- Starting a new feature, migration, or refactor and need the full end-to-end workflow
-- You want phase-by-phase guidance with the correct sub-skill at each stage
+- Starting a new feature, migration, or refactor and need phase-by-phase guidance
+- Working alone or with a single agent through the full lifecycle
+- You want to load appropriate sub-skills at each stage
 
 ## When NOT to Use
 
+- You need parallel multi-agent execution (use `development-lifecycle-workflow` instead)
 - You are already mid-phase and only need a specific sub-skill
 - The change is trivial and can skip the full lifecycle
 
 ## Overview
 
-This skill orchestrates the complete feature development workflow, guiding you through each phase and loading the appropriate sub-skills automatically.
+This skill guides a single agent through the complete feature development workflow, loading the appropriate sub-skills at each phase.
 
-**Note:** For quick skill routing by intent, see the Intent → Skill Mapping table in `AGENTS.md`. This skill is for full end-to-end orchestration when you need phase-by-phase guidance.
+**Note:** For parallel multi-agent execution with specialized agents (scouts, reviewers, planners), use the `development-lifecycle-workflow` in `.opencode/workflows/`.
 
-**Use when:** Starting any new feature, migration, refactor, or significant change.
+**Use when:** Starting any new feature, migration, refactor, or significant change with a single agent.
 
 **Announce at start:** "I'm using development-lifecycle to guide this work through all phases."
 

package/dist/template/.opencode/skill/manifest.json

@@ -0,0 +1,77 @@
+{
+  "version": 1,
+  "description": "OpenCodeKit skill tier classification. Tiers determine visibility and loading strategy.",
+  "tiers": {
+    "1": {
+      "label": "Essential",
+      "description": "Always available — referenced in AGENTS.md, agents should consider these first for every task. Small, general-purpose skills that shape execution discipline.",
+      "skills": [
+        "behavioral-kernel",
+        "defense-in-depth",
+        "incremental-implementation",
+        "verification-before-completion"
+      ]
+    },
+    "2": {
+      "label": "On-Demand",
+      "description": "Shipped with the template, loaded via `skill()` when relevant. Covers most domains — UI, testing, debugging, design, workflow, platform integration.",
+      "skills": [
+        "accessibility-audit",
+        "agent-code-quality-gate",
+        "api-and-interface-design",
+        "brainstorming",
+        "browser-testing-with-devtools",
+        "chrome-devtools",
+        "ci-cd-and-automation",
+        "cloudflare",
+        "code-cleanup",
+        "code-review-and-quality",
+        "core-data-expert",
+        "debugging-and-error-recovery",
+        "deep-module-design",
+        "deprecation-and-migration",
+        "design-system-audit",
+        "design-taste-frontend",
+        "development-lifecycle",
+        "documentation-and-adrs",
+        "fallow",
+        "figma",
+        "frontend-design",
+        "gemini-large-context",
+        "git-workflow-and-versioning",
+        "grill-me",
+        "high-end-visual-design",
+        "industrial-brutalist-ui",
+        "jira",
+        "minimalist-ui",
+        "mockup-to-code",
+        "opensrc",
+        "pdf-extract",
+        "performance-optimization",
+        "planning-and-task-breakdown",
+        "playwright",
+        "polar",
+        "react-best-practices",
+        "redesign-existing-projects",
+        "resend",
+        "root-cause-tracing",
+        "security-and-hardening",
+        "shipping-and-launch",
+        "source-driven-development",
+        "spec-driven-development",
+        "srcwalk",
+        "subagent-driven-development",
+        "supabase",
+        "supabase-postgres-best-practices",
+        "swift-concurrency",
+        "swiftui-expert-skill",
+        "test-driven-development",
+        "testing-anti-patterns",
+        "using-git-worktrees",
+        "vercel-deploy-claimable",
+        "webclaw",
+        "writing-skills"
+      ]
+    }
+  }
+}

package/dist/template/.opencode/workflows/audit-pattern.md

@@ -0,0 +1,51 @@
+# audit-pattern
+
+Find all occurrences of a code pattern in the codebase, review each match for correctness/security/edge-cases, and produce prioritized remediation recommendations. Use for cross-cutting concerns like auth checks, error handling, or API patterns.
+
+## Args
+
+- `pattern` (required) — The code pattern to search for
+
+## Phases
+
+### Phase 1: discover
+
+- **Agent:** @explore
+- **Concurrency:** 1
+- **Prompt:**
+
+Search the codebase for the pattern: {pattern}. Use grep or csearch to find every occurrence. List each file with line numbers, grouped by subdirectory. If the pattern has common variations, include those too. Return results in this format:
+
+## Directory: [path]
+- `file.ts:42` — [brief context]
+- `file.ts:87` — [brief context]
+
+Keep each entry under 50 words.
+
+### Phase 2: audit
+
+- **Depends on:** Phase 1
+- **Agent:** @review
+- **Concurrency:** Dynamic (estimate ~10 occurrences per agent, min 2, max 15)
+- **Prompt:**
+
+Review the following files for the pattern '{pattern}': {phase_1_output}. For each occurrence check: correctness, edge cases, security implications, error handling, and adherence to project conventions. Return findings in this format:
+
+## File: [path:line]
+- **Severity:** [critical/important/minor]
+- **Issue:** [description]
+- **Recommendation:** [fix suggestion]
+
+Keep each finding under 100 words.
+
+## Final Synthesis (Main Agent)
+
+After Phase 2 completes, synthesize the audit findings directly from {phase_2_output}.
+
+Produce:
+1. **Issues ranked by severity** — Critical, important, minor with file:line references
+2. **Affected scope** — Count of files and occurrences
+3. **Recommended fixes** — Specific fix suggestions per issue
+4. **Correct patterns** — Patterns that are already correct and should be preserved
+
+Group findings by subdirectory. Keep the report under 1500 words.

package/dist/template/.opencode/workflows/batch-implement.md

@@ -0,0 +1,82 @@
+# batch-implement
+
+Take a plan with independent tasks and dispatch one subagent per task in parallel. Each task result is reviewed, then merged. Use for multi-file feature implementation where tasks don't share file dependencies.
+
+## Args
+
+- `plan` (required) — The implementation plan or PRD
+
+## Phases
+
+### Phase 1: plan-review
+
+- **Agent:** @review
+- **Concurrency:** 1
+- **Prompt:**
+
+Review this implementation plan for task independence: {plan}. Verify that the tasks don't edit the same files. If any tasks have overlapping file dependencies, flag them as conflicts. Return the list of tasks grouped by dependency in this format:
+
+## Independent Tasks (can run in parallel)
+- **Task 1:** [description]
+  - Files: [list]
+- **Task 2:** [description]
+  - Files: [list]
+
+## Dependent Tasks (must run sequentially)
+- **Task 3:** [description]
+  - Depends on: [task names]
+  - Files: [list]
+
+Keep each task description under 100 words.
+
+### Phase 2: implement
+
+- **Depends on:** Phase 1
+- **Agent:** @general
+- **Concurrency:** Dynamic (1 agent per task, min 2, max 10)
+- **Prompt:**
+
+Implement the following task from the plan: {phase_1_output}. Write production-quality code following project conventions. Include type definitions, error handling, and unit tests. Keep changes scoped to the task — do not refactor unrelated code. Return a summary in this format:
+
+## Task: [name]
+- **Files modified:** [list]
+- **Tests added:** [list]
+- **Key changes:** [brief summary]
+
+Keep the summary under 200 words.
+
+### Phase 3: verify
+
+- **Depends on:** Phase 2
+- **Agent:** @review
+- **Concurrency:** Dynamic (~3 implementations per agent, min 2, max 8)
+- **Prompt:**
+
+Review this implementation: {phase_2_output}. Check: correctness against the task requirements, test coverage, edge case handling, type safety, and lint compliance. Return findings in this format:
+
+## Task: [name]
+- **Status:** [pass/fail]
+- **Issues:** [list with file:line refs]
+- **Recommendations:** [list]
+
+Keep each finding under 100 words.
+
+## Final Merge (Main Agent)
+
+After Phase 3 completes, merge the verified implementations directly from {phase_3_output}.
+
+Ensure:
+- No duplicate imports
+- Consistent naming conventions
+- Proper module boundaries
+- No broken imports between modules
+
+Report any merge conflicts or integration issues. Return a summary:
+
+## Merge Summary
+- **Tasks merged:** [count]
+- **Files modified:** [list]
+- **Integration issues:** [list or 'none']
+- **Next steps:** [list]
+
+Keep the summary under 500 words.