pi-mono-all 1.0.0

package/node_modules/pi-mono-sentinel/specs/2026/04/sentinel/001-permission-gate.md

@@ -0,0 +1,145 @@
+# Sentinel Extension — Permission Gate Guard
+
+Stage: `Implemented`
+Last Updated: 2026-04-25
+
+## High-Level Objective
+
+Add a proactive permission-gate guard to the `sentinel` extension that intercepts `bash`, `write`, and `edit` tool calls before they perform system-level or out-of-scope operations (e.g., `sudo`, `curl | bash`, modifying shell configs, writing to `/usr/local/bin`, `brew install`, `rm -rf` on system paths). This closes the gap where the current `execution-tracker` only guards *session-written scripts* and misses dangerous commands issued directly as raw `bash` strings or out-of-project writes.
+
+<!-- FEEDBACK: high_level_objective
+Status: OPEN
+-->
+
+## Mid-Level Objectives
+
+- [ ] Create a new `permission-gate.ts` guard that subscribes to `tool_call` events for `bash`, `write`, and `edit`.
+- [ ] Implement `bash` command pattern matching for high-risk operations (piped remote execution, sudo, privileged-path rm -rf, brew install, persistence hooks).
+- [ ] Implement path classification logic to detect writes/edits targeting outside the current project root, system directories (`/usr/*`, `/Library/*`, `/System/*`, `/opt/*`), and shell config files (`~/.zshrc`, `~/.bashrc`, etc.).
+- [ ] Provide a consistent escalation UX: `ctx.ui.confirm` when UI is available; fail-safe block with a descriptive `reason` when UI is unavailable.
+- [ ] Register the new guard in `index.ts` alongside `output-scanner` and `execution-tracker`.
+- [ ] Add unit tests for pattern matching and path classification helpers.
+- [ ] Update the `sentinel` README to document the new guard and its behavior matrix.
+- [ ] Bump the sentinel package version and update `CHANGELOG.md`.
+
+<!-- FEEDBACK: mid_level_objectives
+Questions or feedback about the requirements and milestones.
+Status: OPEN
+-->
+
+## Context
+
+The `sentinel` extension currently provides two guards:
+
+1. **`output-scanner`** — Pre-reads files before `read` tool calls and scans them for secrets/credentials. Blocks or asks based on scan results.
+2. **`execution-tracker`** — Tracks files written via `write`/`edit` and scans them for dangerous patterns; later correlates those files with `bash` executions. If a script written in the session is executed and contains dangerous patterns, it asks/denies.
+
+**The gap:** `execution-tracker` does **not** intercept raw `bash` commands that themselves contain dangerous operations (e.g., `curl -Ls https://mise.run | bash`). It only acts when a *file written earlier in the session* is executed. Similarly, neither guard prevents writes to system paths or shell config files.
+
+The incident report from 2026-04-24 documents seven classes of ungated operations that should have required explicit user confirmation:
+
+| Operation | Current behavior |
+|-----------|----------------|
+| `curl … \| bash` raw command | **Not blocked** |
+| `wget … \| bash` raw command | **Not blocked** |
+| `sudo …` raw command | **Not blocked** |
+| `brew install …` raw command | **Not blocked** |
+| `rm -rf /Library/…` raw command | **Not blocked** by sentinel (only `rm -rf` in session-written scripts) |
+| Write to `~/.zshrc`, `~/.bashrc` | **Not blocked** |
+| Write to `/usr/local/bin`, `/usr/*`, `/Library/*`, `/opt/*` | **Not blocked** |
+
+The pi extension API supports blocking via returning `{ block: true, reason: string }` from `pi.on("tool_call", …)` handlers, and user confirmation via `ctx.ui.confirm(title, message)` when `ctx.hasUI` is true.
+
+There are already example extensions (`permission-gate.ts`, `confirm-destructive.ts`, `protected-paths.ts`) demonstrating this pattern.
+
+<!-- FEEDBACK: context
+Questions or feedback about the technical context and background.
+Status: OPEN
+-->
+
+## Proposed Solution
+
+Introduce a third sentinel guard named **`permission-gate`** (file: `guards/permission-gate.ts`).
+
+### Bash permission gating
+
+On every `bash` `tool_call`, scan `event.input.command` against a curated list of dangerous patterns grouped by risk class:
+
+| Risk class | Patterns | Escalation |
+|------------|----------|------------|
+| **Remote pipe execution** | `curl \| (bash\|sh\|zsh)`, `wget \| (bash\|sh\|zsh)` | Confirm (or block if no UI) |
+| **Privilege escalation** | `\bsudo\b` | Confirm (showing full command) |
+| **Destructive recursive delete** | `rm\s+-[a-zA-Z]*rf?.*(/(usr\|Library\|System\|opt)\|~/)` | Double-confirm or block (system paths); confirm for project-local paths |
+| **Package manager system install** | `\bbrew\s+(install\|upgrade\|update)\b` | Confirm |
+| **Persistence** | `crontab`, `systemctl enable`, `launchctl load` | Confirm |
+| **Shell config modification (via bash)** | Appending to `~/.zshrc`, `~/.bashrc`, etc. | Confirm |
+| **Binary installation outside project** | `cp\s+.*\s+/usr/local/bin/`, `mv\s+.*\s+/usr/local/bin/` | Confirm |
+
+### Write/Edit permission gating
+
+On every `write` and `edit` `tool_call`, resolve the absolute target path and classify it:
+
+| Path category | Example | Action |
+|---------------|---------|--------|
+| **Shell config files** | `~/.zshrc`, `~/.bashrc`, `~/.profile` | Confirm |
+| **System directories** | `/usr/*`, `/Library/*`, `/System/*`, `/opt/*`, `/usr/local/bin` | Confirm |
+| **Outside project root** | Any path not under `ctx.cwd` or the resolved project root | Confirm (with path shown) |
+
+When a `write`/`edit` targets a shell config file, the confirmation dialog should show the target path and warn that this is a persistent system change.
+
+### Decision matrix
+
+```
+UI available + user allows  → return undefined (proceed)
+UI available + user denies    → return { block: true, reason }
+No UI + dangerous detected    → return { block: true, reason }
+No dangerous patterns         → return undefined (proceed)
+```
+
+### Scope boundaries
+
+- This guard does **not** replace `output-scanner` or `execution-tracker`; it complements them.
+- This guard does **not** block reads; only writes, edits, and bash executions.
+- This guard intentionally does **not** block every `rm -rf` in the project directory (that would be overly restrictive); it only escalates `rm -rf` on known system/privileged paths.
+
+<!-- FEEDBACK: proposed_solution
+Questions or feedback about the proposed approach and scope.
+Status: OPEN
+-->
+
+## Implementation Notes
+
+_No phases defined yet. Use `/dev:pair plan extensions/sentinel/specs/2026/04/sentinel/001-permission-gate.md` to generate the implementation plan._
+
+<!-- FEEDBACK: implementation_approach
+Questions or feedback about the overall implementation approach before diving into phases.
+Status: OPEN
+-->
+
+## Success Criteria
+
+- [ ] A `bash` command containing `curl … | bash` is intercepted and escalated to the user (or blocked without UI).
+- [ ] A `bash` command containing `sudo …` is intercepted and escalated.
+- [ ] A `bash` command running `brew install` is intercepted and escalated.
+- [ ] A `write` or `edit` targeting `~/.zshrc` is intercepted and escalated.
+- [ ] A `write` or `edit` targeting `/usr/local/bin/` is intercepted and escalated.
+- [ ] A `bash` command running `rm -rf /Library/Developer/CommandLineTools` is blocked or double-confirmed.
+- [ ] When UI is unavailable, all matched dangerous operations fail-safe (block with a clear reason).
+- [ ] Safe operations (e.g., `echo "hello"`, writing to project-local files) are not blocked and incur minimal overhead.
+- [ ] The sentinel README and CHANGELOG are updated.
+
+<!-- FEEDBACK: success_criteria
+Questions or feedback about the completion criteria and validation approach.
+Status: OPEN
+-->
+
+## Notes
+
+- Consider whether `sudo rm -rf` should trigger a single combined confirmation for both the `sudo` and the `rm -rf` risk classes, or if they should stack. A single confirmation with all matched labels is simpler and less noisy.
+- Path resolution must handle `~` expansion and `ctx.cwd`-relative paths correctly.
+- The guard should share the same notification style as existing guards (`[sentinel] …` prefix).
+
+<!-- FEEDBACK: general
+General questions, concerns, or suggestions for the entire implementation plan.
+Status: OPEN
+-->

package/node_modules/pi-mono-sentinel/types.ts

@@ -0,0 +1,39 @@
+/** Tri-state guard decision. */
+export type Decision =
+	| { action: "allow" }
+	| { action: "deny"; reason: string }
+	| { action: "ask"; title: string; message: string };
+
+/** A single secret match found during content scanning. */
+export type ScanMatch = {
+	/** Human-readable label, e.g. "AWS Access Key". */
+	label: string;
+	/** 1-based line number where the match was found. */
+	line: number;
+	/** Masked excerpt of the matched value. */
+	snippet: string;
+};
+
+/** Aggregated result of scanning content for secrets. */
+export type ScanResult = {
+	hasSecrets: boolean;
+	matches: ScanMatch[];
+};
+
+/** A dangerous-content pattern detected in written file content (Gap 3). */
+export type DangerousPattern = {
+	label: string;
+	pattern: RegExp;
+};
+
+/** Entry in the session write registry (Gap 3). */
+export type WriteEntry = {
+	/** Absolute path of the written file. */
+	path: string;
+	/** Timestamp (Date.now()) of the write. */
+	timestamp: number;
+	/** Whether dangerous execution patterns were detected in the content. */
+	hasDangerousContent: boolean;
+	/** Labels of detected dangerous patterns. */
+	dangerousPatterns: string[];
+};

package/node_modules/pi-mono-sentinel/whitelist.ts

@@ -0,0 +1,86 @@
+/**
+ * Whitelist persistence for sentinel permission gate.
+ *
+ * Stores user-approved paths in ~/.pi/agent/sentinel-whitelist.json
+ * so that repeated write/edit operations to the same outside-project
+ * path do not trigger confirmation dialogs every session.
+ */
+
+import { existsSync, readFileSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+
+const WHITELIST_FILENAME = "sentinel-whitelist.json";
+const AGENT_DIR_ENV = "PI_CODING_AGENT_DIR";
+
+function getAgentDir(): string {
+	const envDir = process.env[AGENT_DIR_ENV];
+	if (envDir) {
+		if (envDir === "~") return homedir();
+		if (envDir.startsWith("~/")) return join(homedir(), envDir.slice(2));
+		return envDir;
+	}
+	return join(homedir(), ".pi", "agent");
+}
+
+function getWhitelistPath(): string {
+	return join(getAgentDir(), WHITELIST_FILENAME);
+}
+
+export function loadWhitelist(): Set<string> {
+	return loadWhitelistKey("paths");
+}
+
+export function saveWhitelist(paths: Iterable<string>): void {
+	saveWhitelistKey("paths", paths);
+}
+
+export function loadReadWhitelist(): Set<string> {
+	return loadWhitelistKey("readPaths");
+}
+
+export function saveReadWhitelist(paths: Iterable<string>): void {
+	saveWhitelistKey("readPaths", paths);
+}
+
+function loadWhitelistKey(key: "paths" | "readPaths"): Set<string> {
+	const filePath = getWhitelistPath();
+	if (!existsSync(filePath)) {
+		return new Set();
+	}
+	try {
+		const raw = readFileSync(filePath, "utf-8");
+		const parsed = JSON.parse(raw) as {
+			paths?: string[];
+			readPaths?: string[];
+		};
+		const values = parsed[key];
+		return new Set(Array.isArray(values) ? values : []);
+	} catch {
+		return new Set();
+	}
+}
+
+function saveWhitelistKey(
+	key: "paths" | "readPaths",
+	paths: Iterable<string>,
+): void {
+	const filePath = getWhitelistPath();
+	try {
+		let data: { paths?: string[]; readPaths?: string[] } = {};
+		if (existsSync(filePath)) {
+			try {
+				data = JSON.parse(readFileSync(filePath, "utf-8")) as {
+					paths?: string[];
+					readPaths?: string[];
+				};
+			} catch {
+				data = {};
+			}
+		}
+		data[key] = [...paths];
+		writeFileSync(filePath, JSON.stringify(data, null, 2) + "\n", "utf-8");
+	} catch {
+		// silently fail if we can't write; the user still gets their operation
+	}
+}

package/node_modules/pi-mono-simplify/CHANGELOG.md

@@ -0,0 +1,163 @@
+# pi-mono-simplify
+
+## 1.7.2
+
+### Patch Changes
+
+### Fixed: ask-user-question
+
+- Remove unused `StringEnum` import from `@mariozechner/pi-ai`.
+
+
+## 1.7.1
+
+### Patch Changes
+
+### Fixed: team-mode
+
+- Widget no longer mislabels blocked or approval-pending teams as "running smoothly" — blockers and pending approvals are now detected via team summaries.
+- Preserve in-flight work on re-emitted `session_start` events instead of tearing the runtime down and SIGTERM-ing live teammates.
+- Auto-relaunch leaders for `running` teams after a session reset; surface failures as both a team signal and a UI notification.
+- `createTeam` now defaults `repoRoots` to `[process.cwd()]` when the caller passes an empty array.
+- Archive `process.json` into `history/` before a new task reuses the same role slot, so the prior task's final state is no longer silently clobbered.
+
+### Enhanced: team-mode
+
+- Durable intent queue for subprocess handoff: `team_spawn_teammate` calls made from a teammate subprocess are written to disk and executed by the main session's `LeaderRuntime` instead of spawning orphaned grand-children.
+- New tool `team_task_create_batch` lets the leader emit the full initial task DAG in one call, removing per-task LLM round-trips during bootstrap.
+- `team_create` / `launchLeader` accept an `awaitBootstrap` option so the user sees the task graph before the tool returns; leader launch retries up to 3 times on transient failures.
+- Persist per-turn debug artifacts (prompt, invocation, stderr, raw event stream) for both leader and teammate subprocesses, exposed via `TeammateSummary.debugArtifacts`.
+- Track `exitCode`, `exitSignal`, `terminationReason`, `stderrTail`, `toolExecutions`, `model` and `modelProvider` on every `TeammateProcess` record.
+- Provider detection now consults pi's `settings.json` and `auth.json` in addition to env vars; default model IDs aligned with the provider/model scheme.
+- `collectPiOutput` supports `AbortSignal` cancellation.
+
+### Tests
+
+- New `intent-queue` and `model-config` suites; expanded coverage across `leader-runtime`, `team-manager`, `team-query-tool` and `formatters`.
+
+
+## 1.7.0
+
+### Minor Changes
+
+### Enhanced: status-line
+
+- Improved progress rendering and colors in expert mode
+
+### Enhanced: team-mode
+
+- **LLM-driven leader** — replaced the hardcoded `research → synthesis → implementation → verification` state machine with a pi subprocess coordinator that authors the task graph via tool calls
+- **New tool `team_task_create`** so the leader can author tasks at runtime
+- **New tool `team_handoff`** for explicit teammate → teammate context handoffs (replaces regex-scraping of `Handoffs:` output sections)
+- **File-based teammate specs** — drop `.claude/teammates/<role>.md` frontmatter files (`name`, `description`, `needsWorktree`, `hasMemory`, `modelTier`) to extend or override the seven built-in roles
+- **Event-driven leader wakes** — mailbox messages addressed to the leader (or broadcast) trigger a debounced (~200ms) cycle instead of waiting for the 20s polling tick
+- **Templates accept any string** — `fullstack` / `research` / `refactor` remain as built-ins, but unknown template keys are accepted and no-op gracefully
+- **Provider config per team** — per-team model overrides via `/team models`
+- Reduced leader overhead and parent-session token churn
+- `spawnTeammate` now always appends the full runtime-built context (signals, mailbox, dependencies, team memory) so teammates get the richer snapshot even when the caller's `context` argument is brief
+
+### Breaking changes: team-mode
+
+- Removed `LeaderPhase` enum and `currentPhase` field from `TeamRecord` / `TeamSummary`
+- Removed `parseExplicitHandoffs` export and the legacy `Handoffs:` output parser — peer handoffs must go through the `team_handoff` tool
+- Removed the deterministic auto-spawn loop (`ensureBootstrapTasks`) — all task authoring and teammate spawning is now the LLM leader's responsibility
+- Removed `StringEnum` gate on `team_create`'s `template` parameter (now plain string)
+
+### Fixed: review
+
+- Annotate diff lines so the model picks correct line numbers
+- Fix slice chunk around lines for comments in the reviewer TUI
+
+### Documentation
+
+- Updated root README and sentinel extension README
+- Documented the new file-based teammate spec format and event-driven leader wake in the team-mode README
+
+## 1.6.0
+
+### Minor Changes
+
+### New Extension: sentinel
+
+Replaced the `grep` extension with a new security-focused `sentinel` extension for monitoring and guarding sensitive operations.
+
+### Enhanced: team-mode
+
+- Added comprehensive test suite with integration tests
+- New mock helpers for subprocess testing
+- Improved signal manager with better error handling
+- Leader runtime refactoring for stability
+- Team query tool with dedicated tests
+
+### Enhanced: status-line
+
+- Added basic and expert mode displays
+- Improved index.ts with better state management
+
+### Enhanced: clear
+
+- Updated keyboard shortcut to `Ctrl+Shift+L`
+- Better busy-state handling for shortcuts
+- Added warning/cancel handling and error notifications
+
+### Enhanced: context-guard
+
+- Improved read deduplication across sessions
+- Added `context-guard:file-modified` event for cache eviction
+
+### Documentation
+
+- Added dedicated README for `clear` extension
+- Added dedicated README for `context-guard` extension
+- Updated main README with improved extension descriptions
+
+## 1.5.0
+
+### Minor Changes
+
+- ### `multi-edit` — diverge from upstream fork
+
+  The extension was originally derived from [mitsuhiko/agent-stuff](https://github.com/mitsuhiko/agent-stuff)'s `pi-extensions/multi-edit.ts`. This release rewrites the largest unmodified subsystems so the implementation is structurally distinct from upstream while keeping the public contract intact.
+
+  - **Modularized layout** — the 953-line `index.ts` is split into purpose-scoped modules: `types.ts`, `workspace.ts`, `classic.ts`, `patch.ts`, `diff.ts`, and a slim `index.ts` (~180 lines of registration + dispatch wiring).
+  - **New patch engine** — `patch.ts` is now a recursive-descent parser over a `LineCursor` class with `indexOf`-based hunk anchoring. Hunks are stored as `{ oldBlock, newBlock }` raw strings (previously `{ oldLines[], newLines[] }` arrays), letting the applier splice content directly instead of reconstructing line arrays per apply.
+  - **Two-pass diff renderer** — `diff.ts` now walks `diffLines` parts into a typed `Entry[]` stream and makes all gutter / context-collapse decisions in a second pass, replacing the prior single-loop state-flag design.
+  - **Polished classic edits** — extracted `groupEditsByPath`, `sortGroupByPosition`, `applyGroupToContent`, and `rollbackSnapshots` helpers; formalized the quote-fallback as an ordered `MATCH_PASSES` array so new normalizers (dashes, NBSP, etc.) can be added by appending one entry.
+  - **First contract test suite** — 34 tests under `__tests__/` cover classic edits (positional reordering, redundant-pair skip, quote fallback, atomic rollback, read-only preflight), patch operations (Add/Delete/Update round-trips, move-rejection, multi-op batches), and diff rendering (line-number gutter, context collapse, add/remove-only cases). Runs via `npm test` (`tsx --test`).
+  - **Dropped Codex apply_patch edge cases** (documented in `README.md` → "Codex apply_patch compatibility"): `*** End of File` sentinel hunks, 4-pass fuzzy `seekSequence` matching, implicit first hunk without `@@`, whitespace-tolerant anchoring. Common paths (Add/Delete/Update-single-chunk, Update with multiple hunks, Add+Update+Delete batches) are fully tested and preserved.
+  - **README attribution** — new "Origins" section crediting `mitsuhiko/agent-stuff` as the original source.
+
+## 1.4.0
+
+### Minor Changes
+
+- Add teammate progress heartbeats and widget refresh improvements to team mode.
+
+## 1.3.0
+
+### Minor Changes
+
+- ### New Extensions
+
+  #### `loop`
+
+  New extension that runs a prompt or slash command on a recurring interval. Useful for periodic tasks, polling, and automated repeated actions within a pi session.
+
+  #### `simplify`
+
+  New extension that reviews changed code for reuse, quality, and efficiency, then automatically fixes any issues found. Integrates with `git diff` to scope the review to recent changes.
+
+  ***
+
+  ### Bug Fixes
+
+  #### `multi-edit`
+
+  - **Broader unicode normalization**: `findActualString` now handles the full range of Unicode single-quote variants (`‘’‚‛`) and double-quote variants (`“”„‟`) when falling back from exact match — fixes more curly-quote mismatch cases
+  - **Parallel write-access preflight**: `checkWriteAccess` calls are now issued concurrently via `Promise.all` instead of sequentially — faster batch preflight on large edit sets
+  - **Removed redundant `editOrder` array**: `Map` insertion order is now relied upon directly, simplifying the grouping loop
+
+  #### `team-mode`
+
+  - **Stall detection hardened**: introduced `STALL_BLOCKER_MARKER` / `STALL_BLOCKER_MESSAGE` constants so the marker used to detect and record abnormal process exits stays in sync — prevents duplicate stall reports
+  - **Leader cycle guard comment clarified**: `cycleRunning` guard comment now explicitly calls out the race between the poll interval and teammate-completion handlers

package/node_modules/pi-mono-simplify/README.md

@@ -0,0 +1,56 @@
+# Simplify Extension
+
+Registers a `/simplify` command that reviews all git-changed files for code reuse, quality, and efficiency — then fixes any issues found.
+
+Ported from the [`simplify` skill](https://github.com/emanuelcasco/claude-code/blob/main/src/skills/bundled/simplify.ts) for Claude Code.
+
+## Usage
+
+```
+/simplify
+/simplify <additional focus>
+```
+
+**Examples:**
+
+```
+/simplify
+/simplify focus on performance and memory usage
+/simplify pay extra attention to React re-renders
+```
+
+## Structure
+
+- `index.ts` — extension entrypoint, registers the `/simplify` command
+
+## How It Works
+
+Running `/simplify` injects a structured prompt into the conversation that drives a three-phase review:
+
+### Phase 1 — Identify Changes
+
+Runs `git diff` (or `git diff HEAD` for staged changes) to get the full diff. Falls back to recently modified files if no git changes are present.
+
+### Phase 2 — Parallel Review (3 agents)
+
+Three sub-agents run concurrently, each receiving the full diff:
+
+| Agent | Focus |
+|-------|-------|
+| **Code Reuse** | Flags duplicated logic, hand-rolled utilities that shadow existing helpers, and inline patterns that should use shared abstractions |
+| **Code Quality** | Detects redundant state, parameter sprawl, copy-paste blocks, leaky abstractions, stringly-typed code, unnecessary JSX nesting, and low-value comments |
+| **Efficiency** | Catches unnecessary work, missed concurrency, hot-path bloat, recurring no-op updates, TOCTOU existence checks, memory leaks, and overly broad data fetches |
+
+### Phase 3 — Fix & Summarize
+
+Aggregates findings from all three agents, applies fixes directly, skips false positives, and prints a brief summary of what changed (or confirms the code was already clean).
+
+## Optional Focus
+
+Pass extra instructions after the command to steer the review:
+
+```
+/simplify pay close attention to SQL query efficiency
+```
+
+This appends an **Additional Focus** section to the prompt, which all agents will take into account.

package/node_modules/pi-mono-simplify/index.ts

@@ -0,0 +1,78 @@
+/**
+ * Simplify — reviews changed code for reuse, quality, and efficiency,
+ * then fixes any issues found.
+ *
+ * Ported from: https://github.com/emanuelcasco/claude-code/blob/main/src/skills/bundled/simplify.ts
+ *
+ * Usage:
+ *   /simplify                    — review all git-changed files
+ *   /simplify focus on perf      — review with additional focus
+ */
+
+import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
+
+const SIMPLIFY_PROMPT = `# Simplify: Code Review and Cleanup
+
+Review all changed files for reuse, quality, and efficiency. Fix any issues found.
+
+## Phase 1: Identify Changes
+
+Run \`git diff\` (or \`git diff HEAD\` if there are staged changes) to see what changed. If there are no git changes, review the most recently modified files that the user mentioned or that you edited earlier in this conversation.
+
+## Phase 2: Launch Three Review Agents in Parallel
+
+Use the agent tool to launch all three agents concurrently in a single message. Pass each agent the full diff so it has the complete context.
+
+### Agent 1: Code Reuse Review
+
+For each change:
+
+1. **Search for existing utilities and helpers** that could replace newly written code. Look for similar patterns elsewhere in the codebase — common locations are utility directories, shared modules, and files adjacent to the changed ones.
+2. **Flag any new function that duplicates existing functionality.** Suggest the existing function to use instead.
+3. **Flag any inline logic that could use an existing utility** — hand-rolled string manipulation, manual path handling, custom environment checks, ad-hoc type guards, and similar patterns are common candidates.
+
+### Agent 2: Code Quality Review
+
+Review the same changes for hacky patterns:
+
+1. **Redundant state**: state that duplicates existing state, cached values that could be derived, observers/effects that could be direct calls
+2. **Parameter sprawl**: adding new parameters to a function instead of generalizing or restructuring existing ones
+3. **Copy-paste with slight variation**: near-duplicate code blocks that should be unified with a shared abstraction
+4. **Leaky abstractions**: exposing internal details that should be encapsulated, or breaking existing abstraction boundaries
+5. **Stringly-typed code**: using raw strings where constants, enums (string unions), or branded types already exist in the codebase
+6. **Unnecessary JSX nesting**: wrapper Boxes/elements that add no layout value — check if inner component props (flexShrink, alignItems, etc.) already provide the needed behavior
+7. **Unnecessary comments**: comments explaining WHAT the code does (well-named identifiers already do that), narrating the change, or referencing the task/caller — delete; keep only non-obvious WHY (hidden constraints, subtle invariants, workarounds)
+
+### Agent 3: Efficiency Review
+
+Review the same changes for efficiency:
+
+1. **Unnecessary work**: redundant computations, repeated file reads, duplicate network/API calls, N+1 patterns
+2. **Missed concurrency**: independent operations run sequentially when they could run in parallel
+3. **Hot-path bloat**: new blocking work added to startup or per-request/per-render hot paths
+4. **Recurring no-op updates**: state/store updates inside polling loops, intervals, or event handlers that fire unconditionally — add a change-detection guard so downstream consumers aren't notified when nothing changed. Also: if a wrapper function takes an updater/reducer callback, verify it honors same-reference returns (or whatever the "no change" signal is) — otherwise callers' early-return no-ops are silently defeated
+5. **Unnecessary existence checks**: pre-checking file/resource existence before operating (TOCTOU anti-pattern) — operate directly and handle the error
+6. **Memory**: unbounded data structures, missing cleanup, event listener leaks
+7. **Overly broad operations**: reading entire files when only a portion is needed, loading all items when filtering for one
+
+## Phase 3: Fix Issues
+
+Wait for all three agents to complete. Aggregate their findings and fix each issue directly. If a finding is a false positive or not worth addressing, note it and move on — do not argue with the finding, just skip it.
+
+When done, briefly summarize what was fixed (or confirm the code was already clean).
+`;
+
+export default function simplifyExtension(pi: ExtensionAPI): void {
+	pi.registerCommand("simplify", {
+		description: "Review changed code for reuse, quality, and efficiency, then fix any issues found.",
+		handler: async (args, ctx) => {
+			let prompt = SIMPLIFY_PROMPT;
+
+			if (args?.trim()) {
+				prompt += `\n\n## Additional Focus\n\n${args.trim()}`;
+			}
+
+			pi.sendUserMessage(prompt);
+		},
+	});
+}

package/node_modules/pi-mono-simplify/package.json

@@ -0,0 +1,29 @@
+{
+  "name": "pi-mono-simplify",
+  "version": "1.7.2",
+  "description": "Pi extension that reviews changed code for reuse, quality, and efficiency, then fixes any issues found",
+  "keywords": [
+    "pi-package",
+    "pi-extension"
+  ],
+  "peerDependencies": {
+    "@mariozechner/pi-ai": "*",
+    "@mariozechner/pi-coding-agent": "*",
+    "@mariozechner/pi-tui": "*",
+    "@sinclair/typebox": "*"
+  },
+  "pi": {
+    "extensions": [
+      "./index.ts"
+    ]
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/emanuelcasco/pi-mono-extensions.git",
+    "directory": "extensions/simplify"
+  },
+  "bugs": {
+    "url": "https://github.com/emanuelcasco/pi-mono-extensions/issues"
+  },
+  "homepage": "https://github.com/emanuelcasco/pi-mono-extensions#readme"
+}