overlord-cli 4.6.0 → 4.8.0

package/bin/_cli/auth.mjs

@@ -9,8 +9,10 @@ import {
   buildAuthHeaders,
   clearCredentials,
   getDefaultOverlordUrl,
+  getAuthStatus,
   loadCredentials,
   loadRuntime,
+  repairCredentials,
   saveCredentials
 } from './credentials.mjs';
 
@@ -460,7 +462,30 @@ export async function authLogin() {
   console.log('Logged in successfully!');
 }
 
-export function authStatus() {
+function printVerboseAuthStatus() {
+  const status = getAuthStatus();
+  if (!status.isLoggedIn) {
+    console.log('Not logged in. Run: ovld auth login');
+  } else {
+    console.log('Logged in');
+  }
+  console.log(`  Platform URL: ${status.platformUrl}`);
+  console.log(`  Platform source: ${status.platformUrlSource}`);
+  console.log(`  Token source: ${status.tokenSource}`);
+  console.log(`  Token present: ${status.tokenPresent ? 'yes' : 'no'}`);
+  console.log(`  Local secret: ${status.hasLocalSecret ? 'yes' : 'no'}`);
+  console.log(`  credentials.json: ${status.credentialsFileExists ? 'present' : 'missing'}`);
+  console.log(
+    `  electron-credentials.json: ${status.electronCredentialsFileExists ? 'present' : 'missing'}`
+  );
+}
+
+export function authStatus(args = []) {
+  if (args.includes('--verbose') || args.includes('-v')) {
+    printVerboseAuthStatus();
+    return;
+  }
+
   const creds = loadCredentials();
   if (!creds) {
     console.log('Not logged in. Run: ovld auth login');
@@ -478,13 +503,24 @@ export function authLogout() {
   console.log('Logged out.');
 }
 
-export async function runAuthCommand(subcommand) {
+export function authRepair() {
+  const result = repairCredentials();
+  if (result.repaired) {
+    console.log('Credentials repaired.');
+  } else {
+    console.log(`Credentials not repaired: ${result.reason}`);
+  }
+  printVerboseAuthStatus();
+}
+
+export async function runAuthCommand(subcommand, args = []) {
   if (!subcommand || subcommand === 'help' || subcommand === '--help') {
     console.log(`ovld auth <subcommand>
 
 Subcommands:
   login    Authorize the CLI via browser (works locally or over SSH)
-  status   Show current login status
+  status   Show current login status (use --verbose for redacted diagnostics)
+  repair   Mirror and chmod shared Desktop/CLI credentials when possible
   logout   Remove stored credentials
 `);
     return;
@@ -496,7 +532,12 @@ Subcommands:
   }
 
   if (subcommand === 'status') {
-    authStatus();
+    authStatus(args);
+    return;
+  }
+
+  if (subcommand === 'repair') {
+    authRepair();
     return;
   }
 

package/bin/_cli/credentials.mjs

@@ -9,6 +9,7 @@ import { fileURLToPath } from 'node:url';
 
 const CREDENTIALS_DIR = path.join(os.homedir(), '.ovld');
 const CREDENTIALS_FILE = path.join(CREDENTIALS_DIR, 'credentials.json');
+const ELECTRON_CREDENTIALS_FILE = path.join(CREDENTIALS_DIR, 'electron-credentials.json');
 const RUNTIME_FILE_PATTERN = /^runtime\..+\.json$/;
 const HOSTED_OVERLORD_URL = 'https://www.ovld.ai';
 const LOCAL_DEV_OVERLORD_URL = 'http://localhost:3000';
@@ -18,30 +19,121 @@ const LOCAL_SECRET_HEADER = 'X-Overlord-Local-Secret';
  * @typedef {{ access_token: string, platform_url: string, user_email?: string }} Credentials
  */
 
-/** @returns {Credentials | null} */
-export function loadCredentials() {
+function ensureCredentialsDir() {
+  fs.mkdirSync(CREDENTIALS_DIR, { recursive: true, mode: 0o700 });
+  try {
+    fs.chmodSync(CREDENTIALS_DIR, 0o700);
+  } catch {
+    // Best-effort hardening for existing directories.
+  }
+}
+
+function readJsonFile(filePath) {
   try {
-    const raw = fs.readFileSync(CREDENTIALS_FILE, 'utf8');
+    const raw = fs.readFileSync(filePath, 'utf8');
     return JSON.parse(raw);
   } catch {
     return null;
   }
 }
 
+function fileExists(filePath) {
+  try {
+    return fs.statSync(filePath).isFile();
+  } catch {
+    return false;
+  }
+}
+
+function writeJsonFileAtomic(filePath, data) {
+  ensureCredentialsDir();
+  const tempFile = `${filePath}.tmp-${process.pid}-${Date.now()}`;
+  fs.writeFileSync(tempFile, JSON.stringify(data, null, 2), { mode: 0o600 });
+  fs.renameSync(tempFile, filePath);
+  fs.chmodSync(filePath, 0o600);
+}
+
+function parseStoredCredentialsData(parsed, { requireAccessToken = false } = {}) {
+  if (!parsed || typeof parsed !== 'object') return null;
+
+  const accessToken = normalizeAgentToken(parsed.access_token);
+  const platformUrl = typeof parsed.platform_url === 'string' ? parsed.platform_url.trim() : '';
+  if (requireAccessToken && !accessToken) return null;
+  if (!accessToken && !platformUrl) return null;
+
+  return {
+    access_token: accessToken,
+    platform_url: platformUrl,
+    ...(typeof parsed.user_email === 'string' && parsed.user_email.trim()
+      ? { user_email: parsed.user_email.trim() }
+      : {})
+  };
+}
+
+function normalizeCredentialsForSave(data) {
+  const parsed = parseStoredCredentialsData(data, { requireAccessToken: true });
+  if (!parsed) return null;
+
+  const platformUrl = normalizePlatformUrl(parsed.platform_url);
+  if (!platformUrl) return null;
+
+  return {
+    ...parsed,
+    platform_url: platformUrl
+  };
+}
+
+/** @returns {Credentials | null} */
+export function loadCredentials() {
+  return (
+    parseStoredCredentialsData(readJsonFile(ELECTRON_CREDENTIALS_FILE), {
+      requireAccessToken: true
+    }) ??
+    parseStoredCredentialsData(readJsonFile(CREDENTIALS_FILE))
+  );
+}
+
 /** @param {Credentials} data */
 export function saveCredentials(data) {
-  fs.mkdirSync(CREDENTIALS_DIR, { recursive: true });
-  fs.writeFileSync(CREDENTIALS_FILE, JSON.stringify(data, null, 2), { mode: 0o600 });
+  const credentials = normalizeCredentialsForSave(data);
+  if (!credentials) {
+    throw new Error('Cannot save empty Overlord credentials.');
+  }
+
+  writeJsonFileAtomic(CREDENTIALS_FILE, credentials);
+
+  // `electron-credentials.json` is now the shared desktop/CLI credential record.
+  // Preserve Electron-only encrypted fields when CLI login refreshes the agent token.
+  const existingElectronCredentials = readJsonFile(ELECTRON_CREDENTIALS_FILE);
+  const electronPayload =
+    existingElectronCredentials && typeof existingElectronCredentials === 'object'
+      ? { ...existingElectronCredentials, ...credentials }
+      : credentials;
+  writeJsonFileAtomic(ELECTRON_CREDENTIALS_FILE, electronPayload);
 }
 
 export function clearCredentials() {
-  try {
-    fs.unlinkSync(CREDENTIALS_FILE);
-  } catch {
-    // Already gone
+  for (const filePath of [CREDENTIALS_FILE, ELECTRON_CREDENTIALS_FILE]) {
+    try {
+      fs.unlinkSync(filePath);
+    } catch {
+      // Already gone
+    }
   }
 }
 
+function getCredentialFileSource() {
+  const electronCredentials = parseStoredCredentialsData(readJsonFile(ELECTRON_CREDENTIALS_FILE), {
+    requireAccessToken: true
+  });
+  if (electronCredentials) return 'electron-credentials.json';
+
+  const cliCredentials = parseStoredCredentialsData(readJsonFile(CREDENTIALS_FILE));
+  if (cliCredentials) return 'credentials.json';
+
+  return 'none';
+}
+
 function getRuntimeFilePath(targetUrl) {
   try {
     const parsed = new URL(targetUrl);
@@ -254,6 +346,55 @@ export function resolveAuth() {
   };
 }
 
+export function getAuthStatus() {
+  const creds = loadCredentials();
+  const resolved = resolveAuth();
+
+  let tokenSource = 'fallback';
+  if (normalizeAgentToken(process.env.AGENT_TOKEN)) {
+    tokenSource = 'AGENT_TOKEN';
+  } else if (normalizeAgentToken(creds?.access_token)) {
+    tokenSource = getCredentialFileSource();
+  }
+
+  let platformUrlSource = 'default';
+  if (normalizePlatformUrl(process.env.OVERLORD_URL)) {
+    platformUrlSource = 'OVERLORD_URL';
+  } else if (normalizeStoredPlatformUrl(creds?.platform_url)) {
+    platformUrlSource = getCredentialFileSource();
+  }
+
+  return {
+    isLoggedIn: tokenSource !== 'fallback',
+    platformUrl: resolved.platformUrl,
+    platformUrlSource,
+    tokenPresent: tokenSource !== 'fallback',
+    tokenSource,
+    hasLocalSecret: Boolean(resolved.localSecret),
+    credentialsFileExists: fileExists(CREDENTIALS_FILE),
+    electronCredentialsFileExists: fileExists(ELECTRON_CREDENTIALS_FILE)
+  };
+}
+
+export function repairCredentials() {
+  const creds = loadCredentials();
+  if (!creds || !normalizeAgentToken(creds.access_token)) {
+    ensureCredentialsDir();
+    return {
+      repaired: false,
+      reason: 'No valid stored credentials with an access token were found.',
+      status: getAuthStatus()
+    };
+  }
+
+  saveCredentials(creds);
+
+  return {
+    repaired: true,
+    status: getAuthStatus()
+  };
+}
+
 function normalizeAgentToken(value) {
   if (typeof value !== 'string') return '';
   return value.trim();

package/bin/_cli/index.mjs

@@ -31,7 +31,7 @@ Usage:
   ${primaryCommand} attach [ticketId] [agent]  Search tickets and launch an agent (interactive)
   ${primaryCommand} create "<objective>"       Create a ticket with numbered project selection
   ${primaryCommand} prompt "<objective>"       Create a ticket, then launch an agent on it
-  ${primaryCommand} auth <subcommand>          Login, logout, or check auth status
+  ${primaryCommand} auth <subcommand>          Login, logout, repair, or check auth status
   ${primaryCommand} tickets <subcommand>       Create or list tickets
   ${primaryCommand} ticket <subcommand>        Work with a single ticket
   ${primaryCommand} protocol <subcommand>      Agent workflow commands
@@ -46,10 +46,12 @@ Usage:
 
 Agents:
   Use ${primaryCommand} protocol help for ticket lifecycle commands.
+  Key protocol commands: auth-status, discover-project, spawn, attach, connect, load-context.
 
 Auth:
   ${primaryCommand} auth login               Authorize CLI via browser
   ${primaryCommand} auth status              Show login status
+  ${primaryCommand} auth repair              Repair shared Desktop/CLI credentials
   ${primaryCommand} auth logout              Remove stored credentials
 
 Tickets:

package/bin/_cli/protocol.mjs

@@ -5,7 +5,7 @@ import fs from 'node:fs';
 import os from 'node:os';
 import path from 'node:path';
 
-import { buildAuthHeaders, resolveAuth } from './credentials.mjs';
+import { buildAuthHeaders, getAuthStatus, resolveAuth } from './credentials.mjs';
 
 /**
  * Parse simple CLI flags: --key value or --key=value
@@ -51,6 +51,36 @@ export function resolveProtocolTicketDelegate(flags = {}, agentIdentifier = '')
   return resolvedAgent || null;
 }
 
+export function resolveProtocolModelIdentifier(flags = {}) {
+  const explicitModel = typeof flags.model === 'string' ? flags.model.trim() : '';
+  if (explicitModel) return explicitModel;
+
+  const envModel =
+    process.env.OVERLORD_MODEL_IDENTIFIER?.trim() ||
+    process.env.MODEL_IDENTIFIER?.trim() ||
+    process.env.AGENT_MODEL?.trim();
+  return envModel || null;
+}
+
+function resolveProtocolMetadata(flags = {}, base = {}) {
+  const metadata = { ...base };
+
+  if (flags['metadata-json']) {
+    const parsed = JSON.parse(String(flags['metadata-json']));
+    if (!parsed || typeof parsed !== 'object' || Array.isArray(parsed)) {
+      throw new Error('--metadata-json must be a JSON object');
+    }
+    Object.assign(metadata, parsed);
+  }
+
+  const modelIdentifier = resolveProtocolModelIdentifier(flags);
+  if (modelIdentifier) {
+    metadata.model = modelIdentifier;
+  }
+
+  return metadata;
+}
+
 /**
  * Default request timeout in milliseconds. Overridable via --timeout flag or
  * OVERLORD_TIMEOUT env var. A bounded timeout prevents indefinite spinner hangs
@@ -446,9 +476,7 @@ async function protocolAttach(args) {
     agentIdentifier: resolveProtocolAgentIdentifier(flags),
     connectionMethod: String(flags.method ?? 'cli'),
     ...(externalSessionId !== undefined ? { externalSessionId } : {}),
-    metadata: {
-      cwd: process.cwd()
-    }
+    metadata: resolveProtocolMetadata(flags, { cwd: process.cwd() })
   };
 
   const data = await apiPost(
@@ -589,6 +617,31 @@ async function protocolAsk(args) {
   console.log(JSON.stringify(data, null, 2));
 }
 
+// ---------------------------------------------------------------------------
+// permission-request
+// ---------------------------------------------------------------------------
+
+async function protocolPermissionRequest(args) {
+  const flags = parseFlags(args);
+  const ticketId = requireFlag(flags, 'ticket-id', 'TICKET_ID');
+  const payload = flags['payload-file']
+    ? await readJsonFileOrStdin(String(flags['payload-file']), '--payload-file')
+    : {};
+
+  const { platformUrl, agentToken, localSecret } = resolveAuth();
+  const timeoutMs = resolveTimeout(flags);
+
+  const data = await apiPost(
+    platformUrl,
+    agentToken,
+    localSecret,
+    `/api/protocol/permission-request?ticketId=${encodeURIComponent(ticketId)}`,
+    payload,
+    timeoutMs
+  );
+  console.log(JSON.stringify(data, null, 2));
+}
+
 // ---------------------------------------------------------------------------
 // read-context
 // ---------------------------------------------------------------------------
@@ -933,7 +986,7 @@ async function protocolConnect(args) {
     ticketId,
     agentIdentifier: resolveProtocolAgentIdentifier(flags),
     connectionMethod: String(flags.method ?? 'cli'),
-    metadata: {}
+    metadata: resolveProtocolMetadata(flags, { cwd: process.cwd() })
   };
 
   const data = await apiPost(
@@ -995,7 +1048,7 @@ async function protocolSpawn(args) {
     objective,
     agentIdentifier,
     connectionMethod: String(flags.method ?? 'cli'),
-    metadata: {},
+    metadata: resolveProtocolMetadata(flags, { cwd: process.cwd() }),
     ...(flags.title ? { title: String(flags.title) } : {}),
     ...(flags.priority ? { priority: String(flags.priority) } : {}),
     ...(flags['project-id'] ? { projectId: String(flags['project-id']) } : {}),
@@ -1029,6 +1082,34 @@ async function protocolSpawn(args) {
   }
 }
 
+// ---------------------------------------------------------------------------
+// auth-status (agent-friendly auth diagnostics)
+// ---------------------------------------------------------------------------
+
+async function protocolAuthStatus() {
+  const status = getAuthStatus();
+
+  console.log(
+    JSON.stringify(
+      {
+        ok: status.isLoggedIn,
+        authStatus: {
+          isLoggedIn: status.isLoggedIn,
+          platformUrl: status.platformUrl,
+          platformUrlSource: status.platformUrlSource,
+          tokenSource: status.tokenSource,
+          tokenPresent: status.tokenPresent,
+          hasLocalSecret: status.hasLocalSecret,
+          credentialsFileExists: status.credentialsFileExists,
+          electronCredentialsFileExists: status.electronCredentialsFileExists
+        }
+      },
+      null,
+      2
+    )
+  );
+}
+
 // ---------------------------------------------------------------------------
 // Router
 // ---------------------------------------------------------------------------
@@ -1053,6 +1134,7 @@ Project discovery:
   Use --project-id to override automatic resolution on spawn or ticket creation.
 
 Subcommands:
+  auth-status               Return machine-readable auth status for agent runtimes
   discover-project          Resolve a project from the current working directory
   attach                    Start a ticket session and return full working context
   connect                   Start a lightweight session without full context
@@ -1061,6 +1143,7 @@ Subcommands:
   update                    Post progress, activity events, and optional change rationales
   record-change-rationales  Persist structured change rationales without a progress update
   ask                       Post a blocking question and move the ticket to review
+  permission-request        Notify Overlord that the agent is requesting tool permission
   read-context              Read shared persistent context for this ticket
   write-context             Write shared persistent context for future sessions
   deliver                   Finish work, send artifacts, and move the ticket to review
@@ -1072,7 +1155,7 @@ Subcommands:
 Environment fallback:
   --session-key <- SESSION_KEY
   --ticket-id   <- TICKET_ID
-  auth/host     <- OVERLORD_URL, AGENT_TOKEN
+  auth/host     <- OVERLORD_URL, AGENT_TOKEN, or shared credentials from ovld auth/Desktop login
   --timeout     <- OVERLORD_TIMEOUT
 
 Common flags:
@@ -1080,8 +1163,15 @@ Common flags:
   --ticket-id <id>            Ticket id when the subcommand operates on an existing ticket
   --session-key <key>         Session key returned by attach/connect/spawn
   --agent <identifier>        Agent identifier sent to Overlord (default: AGENT_IDENTIFIER or claude-code)
+  --model <identifier>        Model identifier to snapshot on executing objectives
   --method <connectionMethod> Connection method sent to Overlord (default: cli)
 
+auth-status:
+  Purpose:
+    Check whether the local runtime has usable Overlord credentials.
+  Returns:
+    JSON with ok=true|false plus authStatus fields describing token and host sources.
+
 discover-project:
   Purpose:
     Resolve the Overlord project that corresponds to the current (or given) working directory.
@@ -1101,8 +1191,10 @@ attach:
     --ticket-id <id>
   Optional:
     --agent <identifier>
+    --model <identifier>
     --method <connectionMethod>
     --external-session-id <id|null>  Store the native agent thread/session id, or clear it with null
+    --metadata-json <json>     Extra session metadata object
   Returns:
     Full JSON including session.sessionKey, ticket, history, artifacts, sharedState, and promptContext
   Notes:
@@ -1115,7 +1207,9 @@ connect:
     --ticket-id <id>
   Optional:
     --agent <identifier>
+    --model <identifier>
     --method <connectionMethod>
+    --metadata-json <json>     Extra session metadata object
   Returns:
     Session JSON and SESSION_KEY on stderr when available
 
@@ -1167,6 +1261,15 @@ ask:
   Notes:
     After ask succeeds, stop working until the human responds
 
+permission-request:
+  Purpose:
+    Notify Overlord that the local agent runtime is requesting tool permission.
+    This is primarily used by installed permission hooks.
+  Required:
+    --ticket-id <id>
+  Optional:
+    --payload-file <path|->   Hook JSON payload, or stdin when "-"
+
 read-context:
   Purpose:
     Read persistent shared context written by earlier sessions
@@ -1226,7 +1329,9 @@ spawn:
     --parent-session-key <key>
     --parent-ticket-id <id>
     --agent <identifier>
+    --model <identifier>
     --method <connectionMethod>
+    --metadata-json <json>     Extra session metadata object
   Returns:
     New ticket/session JSON plus SESSION_KEY and TICKET_ID on stderr when available
 
@@ -1275,6 +1380,7 @@ artifact-upload-file:
     --metadata-json <json>
 
 Examples:
+  ovld protocol auth-status
   ovld protocol discover-project
   ovld protocol discover-project --working-directory /path/to/repo
   ovld protocol spawn --agent codex --objective "Implement feature X"   # auto-resolves project from cwd
@@ -1303,6 +1409,7 @@ Examples:
   }
 
   if (subcommand === 'discover-project') { await protocolDiscoverProject(args); return; }
+  if (subcommand === 'auth-status') { await protocolAuthStatus(); return; }
   if (subcommand === 'attach') { await protocolAttach(args); return; }
   if (subcommand === 'connect') { await protocolConnect(args); return; }
   if (subcommand === 'load-context') { await protocolLoadContext(args); return; }
@@ -1314,6 +1421,7 @@ Examples:
   if (subcommand === 'update') { await protocolUpdate(args); return; }
   if (subcommand === 'record-change-rationales') { await protocolRecordChangeRationales(args); return; }
   if (subcommand === 'ask') { await protocolAsk(args); return; }
+  if (subcommand === 'permission-request') { await protocolPermissionRequest(args); return; }
   if (subcommand === 'read-context') { await protocolReadContext(args); return; }
   if (subcommand === 'write-context') { await protocolWriteContext(args); return; }
   if (subcommand === 'deliver') { await protocolDeliver(args); return; }

package/bin/_cli/setup.mjs

@@ -195,13 +195,9 @@ ovld protocol artifact-upload-file --session-key <sessionKey> --ticket-id $TICKE
 const PERMISSION_HOOK_SCRIPT = `#!/bin/bash
 # Overlord PermissionRequest notification hook (managed by Overlord)
 BODY=$(cat -)
-if [ -n "$OVERLORD_URL" ] && [ -n "$AGENT_TOKEN" ] && [ -n "$TICKET_ID" ]; then
-  curl -sf -m 5 \\
-    -X POST "$OVERLORD_URL/api/protocol/permission-request?ticketId=$TICKET_ID" \\
-    -H "Authorization: Bearer $AGENT_TOKEN" \\
-    -H "X-Overlord-Local-Secret: $OVERLORD_LOCAL_SECRET" \\
-    -H "Content-Type: application/json" \\
-    -d "$BODY" \\
+if [ -n "$TICKET_ID" ] && command -v ovld >/dev/null 2>&1; then
+  { if [ -n "$BODY" ]; then printf '%s' "$BODY"; else printf '{}'; fi; } \\
+    | ovld protocol permission-request --ticket-id "$TICKET_ID" --payload-file - \\
     >/dev/null 2>&1 &
   disown
 fi
@@ -823,9 +819,7 @@ function installOpenCode() {
       bash: {
         '*': 'ask',
         ...existingBash,
-        'ovld protocol *': 'allow',
-        'curl -sS -X POST *': 'allow',
-        'curl -s -X POST *': 'allow'
+        'ovld protocol *': 'allow'
       }
     }
   });
@@ -904,8 +898,7 @@ function installCursor() {
   const mergedAllow = Array.from(
     new Set([
       ...asStringArray(permissions.allow),
-      'Shell(ovld protocol:*)',
-      'Shell(curl -sS -X POST:*)'
+      'Shell(ovld protocol:*)'
     ])
   );
   writeJsonFile(paths.settingsFile, {
@@ -939,12 +932,6 @@ function installGemini() {
     'commandPrefix = "ovld protocol"',
     'decision = "allow"',
     'priority = 900',
-    '',
-    '[[rule]]',
-    'toolName = "run_shell_command"',
-    'commandPrefix = "curl -sS -X POST"',
-    'decision = "allow"',
-    'priority = 900',
     ''
   ].join('\n');
   writeTextFile(paths.policyFile, policyContent);
@@ -1277,21 +1264,7 @@ function installClaudePermissions(platformUrl) {
     if (!Array.isArray(settings.permissions.allow)) settings.permissions.allow = [];
   }
 
-  const PROTOCOL_ENDPOINTS = [
-    'attach', 'update', 'ask', 'read-context', 'write-context', 'deliver',
-    'create-ticket', 'list-tickets', 'record-change-rationales', 'spawn',
-    'discover-project', 'load-context', 'artifact-upload-file', 'artifact-download-url'
-  ];
-
-  const entries = [];
-  for (const endpoint of PROTOCOL_ENDPOINTS) {
-    entries.push(`Bash(curl -s -X POST "${platformUrl}/api/protocol/${endpoint}":*)`);
-  }
-  entries.push(`Bash(curl -s -H 'Authorization::*)`);
-  for (const endpoint of PROTOCOL_ENDPOINTS) {
-    entries.push(`Bash(curl -s -X POST "$OVERLORD_URL/api/protocol/${endpoint}":*)`);
-  }
-  entries.push(`Bash(curl -s -H "Authorization::*)`);
+  const entries = ['Bash(ovld protocol:*)'];
 
   const existing = new Set(settings.permissions.allow);
   const toAdd = entries.filter((e) => !existing.has(e));
@@ -1353,9 +1326,7 @@ function installOpenCodePermissions(_platformUrl) {
       bash: {
         '*': 'ask',
         ...existingBash,
-        'ovld protocol *': 'allow',
-        'curl -sS -X POST *': 'allow',
-        'curl -s -X POST *': 'allow'
+        'ovld protocol *': 'allow'
       }
     }
   };
@@ -1374,21 +1345,12 @@ function installOpenCodePermissions(_platformUrl) {
   return true;
 }
 
-function installCodexPermissions(platformUrl) {
+function installCodexPermissions() {
   console.log(`--- Codex ---`);
   console.log('  Codex does not support file-based permission configuration.');
-  console.log('  To warm up permissions, run the following commands once inside a Codex session:');
-  console.log('  (Codex will prompt for approval; approve each one to persist the prefix.)\n');
-
-  const PROTOCOL_ENDPOINTS = [
-    'attach', 'update', 'ask', 'read-context', 'write-context', 'deliver',
-    'create-ticket', 'list-tickets'
-  ];
-
-  for (const endpoint of PROTOCOL_ENDPOINTS) {
-    console.log(`  curl -s -X POST "${platformUrl}/api/protocol/${endpoint}" -H "Content-Type: application/json" -H "Authorization: Bearer \\$AGENT_TOKEN" -d '{}'`);
-  }
-  console.log(`  curl -s -H "Authorization: Bearer \\$AGENT_TOKEN" "${platformUrl}/api/protocol/context/test"`);
+  console.log('  To warm up permissions, run the following command once inside a Codex session:');
+  console.log('  (Codex will prompt for approval; approve it to persist the prefix.)\n');
+  console.log('  ovld protocol help');
   console.log();
   return true;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "overlord-cli",
-  "version": "4.6.0",
+  "version": "4.8.0",
   "description": "Overlord CLI — launch AI agents on tickets from anywhere",
   "type": "module",
   "bin": {

package/plugins/claude/README.md

@@ -6,8 +6,8 @@ Claude Code plugin that exposes the Overlord local ticket workflow to any Claude
 
 - `skills/overlord-ticket/SKILL.md` — durable attach → update → ask → deliver workflow.
 - `commands/{connect,load,spawn}.md` — slash commands for session routing and ticket creation.
-- `hooks/hooks.json` + `scripts/permission-hook.sh` — PermissionRequest notifier that posts to `/api/protocol/permission-request` on the Overlord platform.
-- `userConfig` for `overlord_url` (non-sensitive) and `agent_token` (sensitive → OS keychain) so the hook and CLI know where to talk.
+- `hooks/hooks.json` + `scripts/permission-hook.sh` — PermissionRequest notifier that calls `ovld protocol permission-request`.
+- `userConfig` for legacy `overlord_url` and `agent_token` installs. Current installs should authenticate with `ovld auth login` or Overlord Desktop; env vars remain optional overrides for remote shells, CI, and explicit token injection.
 
 ## Requirements
 
@@ -29,7 +29,7 @@ claude plugin marketplace add cooperativ/overlord-marketplace
 claude plugin install overlord@cooperativ
 ```
 
-The plugin prompts for `overlord_url` and `agent_token` at install time. The token is persisted to the OS keychain; the URL is stored in `~/.claude/settings.json` under `pluginConfigs["overlord"].options`.
+Older plugin versions prompted for `overlord_url` and `agent_token` at install time. The current hook goes through `ovld protocol`, so the CLI resolves auth from env vars or the shared `~/.ovld` credentials written by CLI/Desktop login.
 
 ## Namespaced components
 

package/plugins/claude/skills/overlord-ticket/SKILL.md

@@ -1,46 +1,82 @@
 ---
 name: overlord-ticket
-description: Overlord local workflow protocol — attach, update, deliver lifecycle for ticket-driven work from Claude Code.
+description: Overlord local workflow protocol for Claude Code, covering both Overlord-launched tickets and chat-invoked Overlord work.
 ---
 
 # Overlord Ticket
 
-If you receive a prompt with a specified ticket ID, adhere to the following. If the prompt does not have a ticket ID, the user may choose to add one later, but otherwise, proceed without it.
-
-## Lifecycle
-
-1. **Attach first** — If there is a TICKET_ID, always call attach before doing any work:
-   ```bash
-   ovld protocol attach --ticket-id $TICKET_ID
-   ```
-   Store `session.sessionKey` from the response — it is required for all subsequent calls.
-
-2. **Update during work** — Post at least one progress update before delivering:
-   ```bash
-   ovld protocol update --session-key <sessionKey> --ticket-id $TICKET_ID --summary "What you did and why." --phase execute
-   ```
-   Phases: `draft`, `execute`, `review`, `deliver`, `complete`, `blocked`, `cancelled`.
-   Use `execute` while working.
-
-   Pass `--event-type <type>` to publish a specific activity event (default: `update`):
-   - `update` — standard progress update (default)
-   - `user_follow_up` — a message or question from the human user (EXCLUDING THE INITIAL TICKET)
-   - `alert` — surface a warning or non-blocking alert
-
-3. **Ask when blocked** — Stop working after calling:
-   ```bash
-   ovld protocol ask --session-key <sessionKey> --ticket-id $TICKET_ID --question "Specific question for the PM."
-   ```
-
-4. **Deliver last** — Always deliver when done:
-   ```bash
-   ovld protocol deliver --session-key <sessionKey> \
-     --ticket-id $TICKET_ID \
-     --summary "Narrative: what you did, next steps." \
-     --artifacts-json '[{"type":"next_steps","label":"Next steps","content":"..."}]' \
-     --change-rationales-json '[{"label":"Short reviewer title","file_path":"path/to/file.ts","summary":"What changed.","why":"Why it changed.","impact":"Behavioral impact.","hunks":[{"header":"@@ -10,6 +10,14 @@"}]}]'
-   ```
-   For larger delivery JSON, prefer `--payload-file -` and stream the full payload on stdin so no scratch file needs to be created or removed. If you use `--payload-file`, `--artifacts-file`, or `--change-rationales-file` with a real path, treat that file as ephemeral scratch data outside the repository and remove it after delivery. Do not leave delivery JSON checked into the worktree.
+Use this skill whenever Claude Code needs to work with Overlord, whether the session was launched by Overlord Desktop/CLI or the user asks from chat to engage with Overlord.
+
+## Mode 1: Launched From Overlord Desktop Or CLI
+
+Use this mode when the prompt already contains a ticket ID or explicitly says the session was launched by Overlord.
+
+1. Attach first with `ovld protocol attach --ticket-id <ticket-id>`.
+2. Keep the returned `session.sessionKey` for all follow-up calls.
+3. Treat the Overlord ticket prompt as authoritative for the objective, constraints, and delivery target.
+4. Post updates while working with `ovld protocol update --phase execute`.
+5. If the user sends a follow-up message after the initial ticket, publish it immediately with `--event-type user_follow_up`.
+6. If blocked, call `ovld protocol ask` and stop.
+7. Deliver last with `ovld protocol deliver`, including `changeRationales` for each meaningful behavioral file change.
+
+### Mode 1 Reference
+
+Attach:
+
+```bash
+ovld protocol attach --ticket-id $TICKET_ID
+```
+
+Update:
+
+```bash
+ovld protocol update --session-key <sessionKey> --ticket-id $TICKET_ID --summary "What you did and why." --phase execute
+```
+
+Supported `--phase` values:
+- `draft`
+- `execute`
+- `review`
+- `deliver`
+- `complete`
+- `blocked`
+- `cancelled`
+
+These are hardcoded CLI-supported values for the `--phase` flag. They are not user-defined phase types.
+
+Event types:
+- `update` for standard progress updates
+- `user_follow_up` for human follow-up messages after the initial ticket
+- `alert` for warnings or non-blocking issues
+
+Ask when blocked:
+
+```bash
+ovld protocol ask --session-key <sessionKey> --ticket-id $TICKET_ID --question "Specific question for the PM."
+```
+
+Deliver:
+
+```bash
+ovld protocol deliver --session-key <sessionKey> \
+  --ticket-id $TICKET_ID \
+  --summary "Narrative: what you did, next steps." \
+  --artifacts-json '[{"type":"next_steps","label":"Next steps","content":"..."}]' \
+  --change-rationales-json '[{"label":"Short reviewer title","file_path":"path/to/file.ts","summary":"What changed.","why":"Why it changed.","impact":"Behavioral impact.","hunks":[{"header":"@@ -10,6 +10,14 @@"}]}]'
+```
+
+For larger delivery payloads, prefer `--payload-file -` and stream the full JSON on stdin so no scratch file needs to be created or removed. If you use `--payload-file`, `--artifacts-file`, or `--change-rationales-file` with a real path, treat that file as ephemeral scratch data outside the repository and remove it after delivery.
+
+## Mode 2: Asked From Chat To Use Overlord
+
+Use this mode when the conversation starts normally and the user asks Claude to create, inspect, connect to, or otherwise use Overlord.
+
+1. If the user wants a new ticket, use `/overlord:spawn` or run `ovld protocol spawn --agent claude-code --objective "..."`.
+2. If the user already has a ticket ID and only wants to inspect it, use `/overlord:load` or run `ovld protocol load-context --ticket-id <ticket-id>`.
+3. If the user wants to route the current session onto an existing ticket by ID, use `/overlord:connect` or run `ovld protocol connect --ticket-id <ticket-id>`.
+4. If the user wants to find a ticket but does not know the ID, use `ovld attach` for interactive ticket search and agent launch, or ask the user for the ticket ID if staying strictly inside chat is the better fit.
+5. If you need other lifecycle commands or flags, run `ovld protocol help` and use the real subcommand list instead of guessing.
+6. Once you attach to a ticket, switch back to Mode 1 and follow the full ticket lifecycle.
 
 ## Change Rationales
 
@@ -62,19 +98,17 @@ ovld protocol update --session-key <sessionKey> --ticket-id $TICKET_ID \
   --change-rationales-json '[{"label":"Add backoff","file_path":"lib/api.ts","summary":"Added retry.","why":"Transient failures.","impact":"Retries 3x.","hunks":[{"header":"@@ -22,4 +22,18 @@"}]}]'
 ```
 
-Record only meaningful behavioral changes — skip formatting-only noise. Prefer 1–5 concise rationales per ticket, each tied to a specific file and diff hunk.
+Record only meaningful behavioral changes. Skip formatting-only noise.
 
-## Project Discovery & Ticket Spawning
+## Project Discovery And Ticket Creation
 
-When creating tickets from within a repository, `spawn` automatically resolves the
-correct project by matching your current working directory against each project's
-configured "Local working directory". No `--project-id` flag is needed:
+When creating tickets from within a repository, `spawn` automatically resolves the correct project from the current working directory. No `--project-id` flag is needed unless you want to override resolution.
 
 ```bash
 ovld protocol spawn --agent claude-code --objective "Implement feature X" --priority medium
 ```
 
-To discover which project maps to the current directory:
+To inspect project resolution explicitly:
 
 ```bash
 ovld protocol discover-project
@@ -82,7 +116,7 @@ ovld protocol discover-project
 
 You can override with `--project-id` or `--working-directory` if needed.
 
-## Context & Artifacts
+## Context And Artifacts
 
 ```bash
 ovld protocol read-context --session-key <sessionKey> --ticket-id $TICKET_ID
@@ -93,12 +127,10 @@ ovld protocol artifact-download-url --session-key <sessionKey> --ticket-id $TICK
 
 ## Rules
 
-- Always attach first; always deliver when done.
-- Always communicate with Overlord using the ovld protocol cli commands.
-- Post any substantial updates about your decisions or progress.
-- If blocked on human-only work, call `ask` and request a follow-up human ticket.
-- The `summary` in deliver is what the PM reads first — write it as a narrative, not a command list.
+- Always attach first and always deliver last once you are on a ticket.
+- Use `ovld protocol` commands and the plugin's slash commands instead of ad hoc scripts.
+- Do not invent protocol subcommands. Use `ovld protocol help` when unsure.
+- The `summary` in deliver is what the PM reads first, so write it as a narrative, not a command list.
 - Use `write-context` for facts a future agent session should know.
-- **If the user sends you a message during your session, immediately publish a `user_follow_up` activity event with the user's message recorded verbatim in the summary before doing anything else. This DOES NOT apply to the initial ticket.**
-- **Do not add or commit changes (git commit) unless the user explicitly asks you to commit.**
-- **Delivery is the concluding step.** After delivering, stop working. Do not continue unless the user follows up or the ticket is reopened.
+- Do not add or commit changes unless the user explicitly asks you to commit.
+- Delivery is the concluding step. After delivering, stop unless the user follows up or the ticket is reopened.

package/plugins/cursor/rules/overlord-local.mdc

@@ -5,4 +5,6 @@ alwaysApply: true
 
 # Overlord Local Workflow
 
-Attach first, update during work, ask when blocked, and deliver last using `ovld protocol` commands.
+- If the session was launched by Overlord Desktop or CLI, attach first with `ovld protocol attach --ticket-id $TICKET_ID`, update during work, ask when blocked, and deliver last.
+- If the user asks from chat to use Overlord, use `/spawn` for new tickets, `/load` for read-only context by ticket ID, `/connect` to route the session onto an existing ticket, and `search_tickets` to find tickets by keyword or status.
+- If you need other protocol commands or flags, run `ovld protocol help` instead of guessing.

package/plugins/cursor/skills/overlord-ticket/SKILL.md

@@ -1,8 +1,34 @@
 ---
 name: overlord-ticket
-description: Durable local workflow for Overlord tickets from Cursor.
+description: Overlord local workflow protocol for Cursor, covering both Overlord-launched tickets and chat-invoked Overlord work.
 ---
 
 # Overlord Ticket
 
-Attach first with `ovld protocol attach --ticket-id <ticket-id>`, keep the `sessionKey`, post updates during implementation, and deliver last with change rationales.
+Use this skill whenever Cursor needs to work with Overlord, whether the session was launched by Overlord Desktop/CLI or the user asks from chat to engage with Overlord.
+
+## Mode 1: Launched From Overlord Desktop Or CLI
+
+1. Attach first with `ovld protocol attach --ticket-id <ticket-id>`.
+2. Keep the returned `session.sessionKey` for all follow-up calls.
+3. Treat the Overlord ticket prompt as authoritative for the objective, constraints, and delivery target.
+4. Post updates while working with `ovld protocol update --phase execute`.
+5. If the user sends a follow-up message after the initial ticket, publish it immediately with `--event-type user_follow_up`.
+6. If blocked, call `ovld protocol ask` and stop.
+7. Deliver last with `ovld protocol deliver`, including `changeRationales` for each meaningful behavioral file change.
+
+## Mode 2: Asked From Chat To Use Overlord
+
+1. If the user wants a new ticket, use `/spawn` or run `ovld protocol spawn --agent cursor --objective "..."`.
+2. If the user already has a ticket ID and only wants to inspect it, use `/load` or run `ovld protocol load-context --ticket-id <ticket-id>`.
+3. If the user wants to route the current session onto an existing ticket by ID, use `/connect` or run `ovld protocol connect --ticket-id <ticket-id>`.
+4. If the user wants to search for tickets by keyword or status, use the `search_tickets` MCP tool.
+5. If you need other lifecycle commands or flags, run `ovld protocol help` and use the real subcommand list instead of guessing.
+6. Once you attach to a ticket, switch back to Mode 1 and follow the full ticket lifecycle.
+
+## Rules
+
+- Always attach first and always deliver last once you are on a ticket.
+- Use `ovld protocol` commands, the plugin commands, and the MCP tool instead of ad hoc scripts.
+- Do not invent protocol subcommands. Use `ovld protocol help` when unsure.
+- Include at least one progress update before delivering.

package/plugins/overlord/README.md

@@ -14,7 +14,7 @@ personal marketplace entry at `~/.agents/plugins/marketplace.json`.
 ## Requirements
 
 - Install the Overlord CLI so `ovld` is available on `PATH`.
-- Ensure `OVERLORD_URL` and `AGENT_TOKEN` are available when the target Overlord instance requires them.
+- Authenticate with `ovld auth login` or Overlord Desktop. `OVERLORD_URL` and `AGENT_TOKEN` are optional overrides, mainly for remote shells, CI, or explicit token injection.
 - Optionally set `OVLD_BIN` if the CLI lives at a non-standard path.
 
 ## Tool coverage

package/plugins/overlord/scripts/overlord-mcp.mjs

@@ -51,16 +51,20 @@ const tools = [
       properties: {
         ticket_id: { type: 'string', description: 'Target ticket ID' },
         agent: { type: 'string' },
+        model: { type: 'string' },
         method: { type: 'string' },
-        external_session_id: { type: ['string', 'null'] }
+        external_session_id: { type: ['string', 'null'] },
+        metadata: { type: 'object' }
       },
       required: ['ticket_id']
     },
     toCliFlags: args => ({
       'ticket-id': args.ticket_id,
       agent: args.agent,
+      model: args.model,
       method: args.method,
-      'external-session-id': args.external_session_id
+      'external-session-id': args.external_session_id,
+      'metadata-json': args.metadata
     }),
     subcommand: 'attach'
   },
@@ -116,6 +120,8 @@ const tools = [
         parent_session_key: { type: 'string' },
         parent_ticket_id: { type: 'string' },
         agent: { type: 'string' },
+        model: { type: 'string' },
+        metadata: { type: 'object' },
         method: { type: 'string' }
       },
       required: ['objective']
@@ -133,6 +139,8 @@ const tools = [
       'parent-session-key': args.parent_session_key,
       'parent-ticket-id': args.parent_ticket_id,
       agent: args.agent,
+      model: args.model,
+      'metadata-json': args.metadata,
       method: args.method
     }),
     subcommand: 'spawn'

package/plugins/overlord/skills/overlord-ticket/SKILL.md

@@ -1,27 +1,114 @@
+---
+name: overlord-ticket
+description: Durable local workflow for working Overlord tickets from Codex, covering both Overlord-launched tickets and chat-invoked Overlord work.
+---
+
 # Overlord Ticket
 
-Use this skill when the user wants to work on an Overlord ticket from Codex through the local
-Overlord plugin.
+Use this skill when Codex needs to work with Overlord, whether the session was launched by Overlord Desktop/CLI or the user asks from chat to engage with Overlord.
 
-## Workflow
+## Mode 1: Launched From Overlord Desktop Or CLI
 
 1. Attach first with `ovld protocol attach --ticket-id <ticket-id>`.
 2. Store the returned `SESSION_KEY` or `session.sessionKey`.
-3. While working, publish meaningful progress with:
-   `ovld protocol update --session-key <sessionKey> --ticket-id <ticket-id> --phase execute --summary "..."`
-4. If a later user message arrives during the ticket session, publish it immediately with
-   `--event-type user_follow_up` before doing anything else.
-5. If blocked on a human-only action, ask a precise blocking question with `ovld protocol ask`
-   and stop.
-6. Deliver last with `ovld protocol deliver`, including meaningful `changeRationales` for every
-   behavioral git-tracked change.
-   For larger delivery JSON, prefer `--payload-file -` and stream the full payload on stdin so no scratch file needs to be created or removed. If you need `--payload-file`, `--artifacts-file`, or `--change-rationales-file` with a real path, treat that JSON as ephemeral scratch data, not as a repository file. Remove it after delivery and never commit it.
+3. Treat the Overlord ticket prompt as authoritative for the specific objective and ticket-level constraints.
+4. While working, publish meaningful progress with `ovld protocol update --session-key <sessionKey> --ticket-id <ticket-id> --phase execute --summary "..."`.
+5. If a later user message arrives during the ticket session, publish it immediately with `--event-type user_follow_up` before doing anything else.
+6. If blocked on a human-only action, ask a precise blocking question with `ovld protocol ask` and stop.
+7. Deliver last with `ovld protocol deliver`, including meaningful `changeRationales` for every behavioral git-tracked change.
+
+### Mode 1 Reference
+
+Attach:
+
+```bash
+ovld protocol attach --ticket-id $TICKET_ID
+```
+
+Update:
+
+```bash
+ovld protocol update --session-key <sessionKey> --ticket-id $TICKET_ID --summary "What you did and why." --phase execute
+```
+
+Supported `--phase` values:
+- `draft`
+- `execute`
+- `review`
+- `deliver`
+- `complete`
+- `blocked`
+- `cancelled`
+
+These are hardcoded CLI-supported values for the `--phase` flag. They are not user-defined phase types.
+
+Event types:
+- `update` for standard progress updates
+- `user_follow_up` for human follow-up messages after the initial ticket
+- `alert` for warnings or non-blocking issues
+
+Ask when blocked:
+
+```bash
+ovld protocol ask --session-key <sessionKey> --ticket-id $TICKET_ID --question "Specific question for the PM."
+```
+
+Deliver:
+
+```bash
+ovld protocol deliver --session-key <sessionKey> \
+  --ticket-id $TICKET_ID \
+  --summary "Narrative: what you did, next steps." \
+  --artifacts-json '[{"type":"next_steps","label":"Next steps","content":"..."}]' \
+  --change-rationales-json '[{"label":"Short reviewer title","file_path":"path/to/file.ts","summary":"What changed.","why":"Why it changed.","impact":"Behavioral impact.","hunks":[{"header":"@@ -10,6 +10,14 @@"}]}]'
+```
+
+For larger delivery payloads, prefer `--payload-file -` and stream the full JSON on stdin so no scratch file needs to be created or removed. If you use `--payload-file`, `--artifacts-file`, or `--change-rationales-file` with a real path, treat that file as ephemeral scratch data outside the repository and remove it after delivery.
+
+## Mode 2: Asked From Chat To Use Overlord
+
+1. If the user wants a new ticket, use `ovld protocol spawn --objective "..."`. It creates the ticket and attaches immediately.
+2. If the user wants to inspect an existing ticket without starting work, use `ovld protocol load-context --ticket-id <ticket-id>`.
+3. If the user wants to work an existing ticket, attach with `ovld protocol attach --ticket-id <ticket-id>` and then switch to Mode 1.
+4. If the user wants to find existing tickets by keyword or workflow state, use the `search_tickets` tool.
+5. If you need to understand project routing before spawning, use `ovld protocol discover-project`.
+6. If you need other lifecycle commands or flags, run `ovld protocol help` and use the real subcommand list instead of guessing.
+
+## Change Rationales
+
+Always include `changeRationales` when delivering. Optionally include them on updates during long-running work.
+
+Before delivering, make sure every meaningful git-tracked file change is represented in `changeRationales`; do not send `file_changes` as an artifact.
+
+These are structured protocol payloads that Overlord stores as first-class rows in the `file_changes` table. Prefer inline JSON or the dedicated command below. For larger full delivery payloads, prefer `--payload-file -` so summary, artifacts, and change rationales stay in one JSON document without creating a temporary file. Ordinary deliver artifacts should use `next_steps`, `test_results`, `migration`, `note`, `url`, or `decision`.
+
+```bash
+ovld protocol record-change-rationales --session-key <sessionKey> --ticket-id $TICKET_ID \
+  --summary "Recorded rationale details for the latest code changes." --phase execute \
+  --change-rationales-json '[{"label":"Add backoff","file_path":"lib/api.ts","summary":"Added retry.","why":"Transient failures.","impact":"Retries 3x.","hunks":[{"header":"@@ -22,4 +22,18 @@"}]}]'
+```
+
+```bash
+ovld protocol update --session-key <sessionKey> --ticket-id $TICKET_ID \
+  --summary "Added retry logic." --phase execute \
+  --change-rationales-json '[{"label":"Add backoff","file_path":"lib/api.ts","summary":"Added retry.","why":"Transient failures.","impact":"Retries 3x.","hunks":[{"header":"@@ -22,4 +22,18 @@"}]}]'
+```
+
+Record only meaningful behavioral changes. Skip formatting-only noise. Prefer 1-5 concise rationales per ticket, each tied to a specific file and diff hunk.
+
+## Context And Artifacts
+
+```bash
+ovld protocol read-context --session-key <sessionKey> --ticket-id $TICKET_ID
+ovld protocol write-context --session-key <sessionKey> --ticket-id $TICKET_ID --key "key" --value '"json-value"'
+ovld protocol artifact-upload-file --session-key <sessionKey> --ticket-id $TICKET_ID --file ./spec.pdf --content-type application/pdf
+ovld protocol artifact-download-url --session-key <sessionKey> --ticket-id $TICKET_ID --artifact-id <artifact-id>
+```
 
 ## Rules
 
-- The authoritative lifecycle is the `ovld protocol` CLI.
-- Always attach first and always deliver last.
-- Do not create or rely on a local Codex `AGENTS.md` bundle for Overlord.
+- The authoritative lifecycle is the `ovld protocol` CLI once you are on a ticket.
+- Always attach first and always deliver last once you are working a ticket.
 - Prefer the installed `ovld` CLI and the plugin's MCP tools instead of ad hoc repo scripts.
-- When the ticket was launched by Overlord, the ticket prompt remains authoritative for the
-  specific task objective and any ticket-level constraints.
+- Do not create or rely on a local Codex `AGENTS.md` bundle for Overlord.
+- When the ticket was launched by Overlord, the ticket prompt remains authoritative for the specific task objective and ticket-level constraints.