skalpel 3.0.25 → 3.0.27

package/INSTALL.md

@@ -37,19 +37,19 @@ All three paths produce identical binaries — same SHAs, same cosign signatures
 
 ## First-run flow
 
-The first-run flow assumes the user has obtained an `sk-skalpel-*` API key on Web (per the Auth handoff section of `../../design-dockets/cross-surface-contract.md`). The flow is:
+Post-W4 (OAuth port): the first-run flow is a single browser-loopback Cognito sign-in. The historical `sk-skalpel-*` API-key paste path is gone — the daemon no longer persists or sends api_keys on any code path. The flow is:
 
-1. The user runs `npx skalpel` (or `skalpel` after a global install). The npm package is materialized; both binaries are present.
-2. The TUI detects the absence of `auth.json` and enters the install wizard. The wizard prompts the user to paste the API key copied from Web. The plaintext value is shown on Web exactly once at creation time; the user pastes it here.
-3. The wizard writes `auth.json` to the per-OS configuration directory (per `SPEC.md` §7). The file is owned by the user with `0600` permissions.
-4. The wizard invokes `skalpeld` to start the daemon. The TUI shows the `Starting skalpeld…` splash for up to three seconds (per spec §8.5).
+1. The user runs `npx skalpel login` (or `skalpel login` after a global install). The npm package is materialized; both binaries are present.
+2. `skalpel login` opens a browser to the Skalpel hosted-UI sign-in page (Cognito), waits on a loopback HTTP callback, and validates the signed envelope returned by the callback.
+3. On a verified envelope, the daemon writes `auth.json` to the per-OS configuration directory (per `SPEC.md` §7). The file is owned by the user with `0600` permissions and carries the Cognito JWT bundle (access_token, refresh_token, expires_at).
+4. The user runs `skalpel` (or `npx skalpel`). The TUI detects a usable `auth.json`, invokes `skalpeld` to start the daemon, and shows the `Starting skalpeld…` splash for up to three seconds (per spec §8.5).
 5. Once the daemon is reachable, the TUI lands the user on the Engines tab. The matrix renders for whatever agents the daemon has detected so far. If no agents have been opened since installation, the empty-state message from spec §3.2 is shown.
 
 This flow corresponds to Journey 1 — First launch, fresh authentication — in `SPEC.md`. That narrative describes what the user feels at each step; this document describes what the install machinery actually does.
 
-If the user runs `skalpel` without first obtaining an API key, the TUI exits per spec §8.4 with a stderr pointer at `skalpel login`. The wizard above is the path for users who arrived through the post-signup install hub on Web; users with broken or missing auth state are returned to the shell. To sign out of an existing account on this machine, run `skalpel logout` from a shell — the CLI revokes the backend session (best-effort) and removes `auth.json` via `internal/auth.Delete`.
+If the user runs `skalpel` without first running `skalpel login`, the TUI exits per spec §8.4 with a stderr pointer at `skalpel login`. To sign out of an existing account on this machine, run `skalpel logout` from a shell — the CLI revokes the backend session (best-effort) and removes `auth.json` via `internal/auth.Delete`.
 
-An alternative first-run flow uses `skalpel login` from the shell directly. That command runs a device-code flow against Cognito (per the Auth handoff section of the cross-surface contract) and writes `auth.json` without the user having to paste an API key. The two flows produce equivalent on-disk state; the API-key-paste flow is the one a user lands in when arriving from the Web post-signup install hub, and the device-code flow is the one a user runs when reauthenticating an account that has already been signed in on this machine before.
+Historical note: prior versions of skalpel supported pasting a `sk-skalpel-*` API key copied from the web dashboard as an alternative to `skalpel login`. The W4 OAuth-port grep-delete removed both the api_key-paste wizard and the daemon-side api_key sending path. Users on stale auth.json files (api_key-only, no Cognito bundle) need to run `skalpel login` once to refresh.
 
 ## Daemon lifecycle on subsequent launches
 
@@ -123,7 +123,7 @@ The handshake is also where the TUI reads the daemon's engine list and the daemo
 A small set of bundling questions are recorded here for the build phase. Each will be resolved before v1 ships; none affect the design commitments above.
 
 - **`npx` cache eviction and version-pinning UX.** `npx skalpel` caches per-version; a user who runs `npx skalpel@1.2.3` after `1.2.4` has shipped continues to execute `1.2.3` until npm's cache resolves. The auto-update notice surfaces in the TUI, but the underlying npx semantics are an open ergonomic question.
-- **Signed-link pre-population of the API key.** Whether the post-signup install path emits a signed link that pre-populates the `npx skalpel` wizard with the user's API key, or whether the user pastes the key by hand, is recorded in `../../design-dockets/cross-surface-contract.md` as an open question. The latter is the safer default; the former would shorten the first-run flow by one step.
+- ~~**Signed-link pre-population of the API key.**~~ Obsolete post-W4 (OAuth-port grep-delete): the api_key-paste wizard the question referred to is gone. The first-run flow is browser-loopback Cognito sign-in via `skalpel login`. Left here as a historical breadcrumb for anyone tracing the pre-W4 design dockets.
 - **Bundle size budget.** The two binaries together set a download-size budget for first-time `npx` users; whether to ship a slim TUI front-end and a separately-downloaded `skalpeld` payload via a `postinstall` fetch (still in the same npm transaction) or to ship both in the package tarball directly is a build-phase decision. Either approach preserves the bundling commitment because both binaries are still resolved and authenticated within the same install operation.
 - **Install-time telemetry.** Whether the install path emits any telemetry event (e.g., "first install completed") is open. The TUI itself does not phone home in v1 (per the privacy stance in `SPEC.md` §05); whether the install wizard shares that posture or whether anonymous install counts are acceptable for release-quality measurement is a build-phase decision.
 - **Windows install ergonomics.** Whether `npx skalpel` on Windows requires Windows Terminal or a recent PowerShell to render the Bubble Tea TUI's adaptive colours and key bindings cleanly, and whether a fallback message should explain the requirement, is open. The bundling commitment is platform-agnostic; the first-run experience may not be.

package/README.md

@@ -4,13 +4,13 @@ Skalpel is the local proxy and terminal UI for coding agents — Cursor, Claude
 
 ## Install and first run
 
-After signing up at [skalpel.ai](https://skalpel.ai) and copying your `sk-skalpel-*` API key:
+After signing up at [skalpel.ai](https://skalpel.ai):
 
 ```
-npx skalpel
+npx skalpel login
 ```
 
-`npx` materializes both binaries, walks you through pasting the API key, starts `skalpeld`, and lands you on the Engines tab. To install persistently:
+`npx skalpel login` materializes both binaries and runs a browser-loopback sign-in against Cognito; the daemon writes the Cognito JWT bundle to `auth.json` and the next `skalpel` launch lands you on the Engines tab. To install persistently:
 
 ```
 npm install -g skalpel

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "skalpel",
-  "version": "3.0.25",
+  "version": "3.0.27",
   "description": "Skalpel — local proxy and TUI for coding agents (skalpel + skalpeld bundle).",
   "license": "Apache-2.0",
   "homepage": "https://skalpel.ai",
@@ -31,7 +31,8 @@
     "postinstall": "node postinstall/index.js",
     "preuninstall": "node postinstall/uninstall.js",
     "test": "echo 'no top-level tests; run make test or npm run test:rc-edit' && exit 0",
-    "test:rc-edit": "node postinstall/lib/rc-edit.test.js"
+    "test:rc-edit": "node postinstall/lib/rc-edit.test.js",
+    "test:postinstall": "node --test postinstall/index.test.js"
   },
   "files": [
     "npm-bin/",
@@ -54,10 +55,10 @@
     "x64"
   ],
   "optionalDependencies": {
-    "@skalpelai/skalpel-darwin-arm64": "3.0.25",
-    "@skalpelai/skalpel-darwin-x64": "3.0.25",
-    "@skalpelai/skalpel-linux-arm64": "3.0.25",
-    "@skalpelai/skalpel-linux-x64": "3.0.25",
-    "@skalpelai/skalpel-win32-x64": "3.0.25"
+    "@skalpelai/skalpel-darwin-arm64": "3.0.27",
+    "@skalpelai/skalpel-darwin-x64": "3.0.27",
+    "@skalpelai/skalpel-linux-arm64": "3.0.27",
+    "@skalpelai/skalpel-linux-x64": "3.0.27",
+    "@skalpelai/skalpel-win32-x64": "3.0.27"
   }
 }

package/postinstall/index.test.js

@@ -0,0 +1,147 @@
+#!/usr/bin/env node
+// Postinstall wizard regression — exercises the entry-point shipped
+// to every `npm install skalpel` user. Tests run under Node's built-in
+// `node --test` runner (stdlib only; matches the convention set by
+// postinstall/lib/rc-edit.test.js).
+//
+// Scope (closes GAP-5):
+//   - parseArgs maps flags, env-var dry-run, and help correctly
+//   - dry-run install completes with exit 0 and writes nothing
+//   - re-running dry-run install is idempotent (no observable drift)
+//   - --help returns 0 and prints usage
+//
+// We exercise the wizard as a child process so the existing entry-
+// point IIFE in index.js does not need to be refactored; tests stay
+// hermetic by setting SKALPEL_INSTALL_DRY_RUN=1 and forcing all
+// service / rc paths to writable t.TempDir() so a regression cannot
+// touch a developer's real shell rc.
+
+'use strict';
+
+const { test } = require('node:test');
+const assert = require('node:assert/strict');
+const { spawnSync } = require('node:child_process');
+const fs = require('node:fs');
+const os = require('node:os');
+const path = require('node:path');
+
+const indexPath = path.join(__dirname, 'index.js');
+
+function mkTempEnv() {
+  const home = fs.mkdtempSync(path.join(os.tmpdir(), 'skalpel-postinstall-test-'));
+  const xdgConfig = path.join(home, '.config');
+  fs.mkdirSync(xdgConfig, { recursive: true });
+  return {
+    HOME: home,
+    USERPROFILE: home,
+    XDG_CONFIG_HOME: xdgConfig,
+    SKALPEL_INSTALL_DRY_RUN: '1',
+    SKALPEL_BIN_DIR: path.join(home, 'bin'),
+    NO_COLOR: '1',
+    PATH: process.env.PATH || '',
+    // Force npx detection off so the wizard reaches its full step
+    // sequence rather than short-circuiting.
+    npm_config_user_agent: 'npm/test',
+  };
+}
+
+function runWizard(extraArgs = []) {
+  const env = mkTempEnv();
+  return spawnSync(process.execPath, [indexPath, ...extraArgs], {
+    env,
+    encoding: 'utf8',
+    timeout: 15_000,
+  });
+}
+
+test('parseArgs maps short and long flags', () => {
+  // require()-time evaluation must not run the IIFE: index.js gates
+  // it with `if (require.main === module)`, so require() is safe.
+  const mod = require('./index');
+  assert.equal(typeof mod.parseArgs, 'function', 'parseArgs export missing');
+  const dry = mod.parseArgs(['node', 'index.js', '--dry-run']);
+  assert.equal(dry.dryRun, true);
+  const help = mod.parseArgs(['node', 'index.js', '-h']);
+  assert.equal(help.help, true);
+  const verbose = mod.parseArgs(['node', 'index.js', '--verbose']);
+  assert.equal(verbose.verbose, true);
+  const skipBundle = mod.parseArgs(['node', 'index.js', '--skip-bundle']);
+  assert.equal(skipBundle.skipBundle, true);
+});
+
+test('SKALPEL_INSTALL_DRY_RUN=1 forces dry-run even without --dry-run', () => {
+  const prev = process.env.SKALPEL_INSTALL_DRY_RUN;
+  process.env.SKALPEL_INSTALL_DRY_RUN = '1';
+  try {
+    const mod = require('./index');
+    const opts = mod.parseArgs(['node', 'index.js']);
+    assert.equal(opts.dryRun, true);
+  } finally {
+    if (prev === undefined) delete process.env.SKALPEL_INSTALL_DRY_RUN;
+    else process.env.SKALPEL_INSTALL_DRY_RUN = prev;
+  }
+});
+
+test('--help exits 0 and prints usage', () => {
+  const r = runWizard(['--help']);
+  assert.equal(r.status, 0, `stderr: ${r.stderr}`);
+  assert.match(r.stdout, /postinstall wizard/i);
+  assert.match(r.stdout, /usage:/i);
+});
+
+test('dry-run install completes with exit 0', () => {
+  const r = runWizard(['--dry-run']);
+  // Wizard contract: even on critical step failure, return 0 so npm
+  // install never aborts. Tests assert the *invariant*, not the path.
+  assert.equal(r.status, 0, `non-zero exit: stderr=${r.stderr}\nstdout=${r.stdout}`);
+});
+
+test('dry-run install is idempotent: second run mirrors first', () => {
+  // Same temp HOME both runs; the wizard should not leave behind
+  // state that perturbs the second run. We compare exit codes; output
+  // diffs are tolerated because timestamps / random suffixes vary.
+  const env = mkTempEnv();
+  function once() {
+    return spawnSync(process.execPath, [indexPath, '--dry-run'], {
+      env,
+      encoding: 'utf8',
+      timeout: 15_000,
+    });
+  }
+  const r1 = once();
+  const r2 = once();
+  assert.equal(r1.status, 0, `first run: stderr=${r1.stderr}`);
+  assert.equal(r2.status, 0, `second run: stderr=${r2.stderr}`);
+});
+
+test('dry-run install does not write to HOME', () => {
+  const env = mkTempEnv();
+  const home = env.HOME;
+  // Capture initial file inventory.
+  function snapshot(dir) {
+    const acc = [];
+    (function walk(p) {
+      let entries;
+      try { entries = fs.readdirSync(p, { withFileTypes: true }); }
+      catch { return; }
+      for (const e of entries) {
+        const full = path.join(p, e.name);
+        acc.push(full);
+        if (e.isDirectory()) walk(full);
+      }
+    })(dir);
+    return acc.sort();
+  }
+  const before = snapshot(home);
+  spawnSync(process.execPath, [indexPath, '--dry-run'], {
+    env,
+    encoding: 'utf8',
+    timeout: 15_000,
+  });
+  const after = snapshot(home);
+  // Dry-run must not create *new* files in HOME beyond what mkTempEnv
+  // pre-seeded (.config). Any drift is a regression on the dry-run
+  // contract.
+  const added = after.filter((p) => !before.includes(p));
+  assert.deepEqual(added, [], `dry-run wrote files: ${added.join(', ')}`);
+});

package/postinstall/lib/integrations.js

@@ -0,0 +1,178 @@
+'use strict';
+
+function envBlockValues(port) {
+  const p = String(port || 7878);
+  const root = `http://127.0.0.1:${p}`;
+  return {
+    ANTHROPIC_API_URL: root,
+    ANTHROPIC_BASE_URL: root,
+    OPENAI_BASE_URL: `${root}/v1`,
+    OPENAI_API_BASE: `${root}/v1`,
+    SKALPEL_PROXY_URL: root,
+    SKALPEL_CODEX_OPENAI_BASE_URL: `${root}/v1`,
+    SKALPEL_CODEX_CHATGPT_BASE_URL: `${root}/backend-api`,
+  };
+}
+
+const claudeCode = {
+  name: 'claude-code',
+  wrappers: {
+    posix: `
+# Pre-launch status hint + fail-open for Claude Code.
+# Set SKALPEL_NO_AGENT_WRAP=1 to disable.
+if [ -z "\${SKALPEL_NO_AGENT_WRAP:-}" ] && ! alias claude >/dev/null 2>&1 && command -v skalpel >/dev/null 2>&1; then
+  claude() {
+    if skalpel status >&2; then
+      command claude "$@"
+    else
+      ANTHROPIC_API_URL= ANTHROPIC_BASE_URL= OPENAI_BASE_URL= OPENAI_API_BASE= SKALPEL_PROXY_URL= SKALPEL_CODEX_OPENAI_BASE_URL= SKALPEL_CODEX_CHATGPT_BASE_URL= command claude "$@"
+    fi
+  }
+fi`,
+    fish: `
+# Pre-launch status hint + fail-open for Claude Code.
+# Set SKALPEL_NO_AGENT_WRAP=1 to disable.
+if not set -q SKALPEL_NO_AGENT_WRAP; and not functions -q claude; and command -q skalpel
+    function claude
+        if skalpel status 1>&2
+            command claude $argv
+        else
+            env -u ANTHROPIC_API_URL -u ANTHROPIC_BASE_URL -u OPENAI_BASE_URL -u OPENAI_API_BASE -u SKALPEL_PROXY_URL -u SKALPEL_CODEX_OPENAI_BASE_URL -u SKALPEL_CODEX_CHATGPT_BASE_URL command claude $argv
+        end
+    end
+end`,
+    powershell: `
+# Pre-launch status hint + fail-open for Claude Code.
+# Set $env:SKALPEL_NO_AGENT_WRAP=1 to disable.
+$_skalpelOrigClaude = Get-Command claude.exe -CommandType Application -ErrorAction SilentlyContinue | Select-Object -First 1
+$_skalpelStatusBin = Get-Command skalpel -CommandType Application -ErrorAction SilentlyContinue | Select-Object -First 1
+if (-not $env:SKALPEL_NO_AGENT_WRAP -and $_skalpelOrigClaude -and $_skalpelStatusBin) {
+    function global:claude {
+        & $script:_skalpelStatusBin.Source status 1>&2
+        if ($LASTEXITCODE -eq 0) {
+            & $script:_skalpelOrigClaude.Source @args
+        } else {
+            $_savedAnthropicApi = $env:ANTHROPIC_API_URL
+            $_savedAnthropicBase = $env:ANTHROPIC_BASE_URL
+            $_savedOpenAiBase = $env:OPENAI_BASE_URL
+            $_savedOpenAiApiBase = $env:OPENAI_API_BASE
+            $_savedSkalpelProxy = $env:SKALPEL_PROXY_URL
+            $_savedCodexOpenAi = $env:SKALPEL_CODEX_OPENAI_BASE_URL
+            $_savedCodexChatGPT = $env:SKALPEL_CODEX_CHATGPT_BASE_URL
+            $env:ANTHROPIC_API_URL = ''
+            $env:ANTHROPIC_BASE_URL = ''
+            $env:OPENAI_BASE_URL = ''
+            $env:OPENAI_API_BASE = ''
+            $env:SKALPEL_PROXY_URL = ''
+            $env:SKALPEL_CODEX_OPENAI_BASE_URL = ''
+            $env:SKALPEL_CODEX_CHATGPT_BASE_URL = ''
+            try { & $script:_skalpelOrigClaude.Source @args }
+            finally {
+                $env:ANTHROPIC_API_URL = $_savedAnthropicApi
+                $env:ANTHROPIC_BASE_URL = $_savedAnthropicBase
+                $env:OPENAI_BASE_URL = $_savedOpenAiBase
+                $env:OPENAI_API_BASE = $_savedOpenAiApiBase
+                $env:SKALPEL_PROXY_URL = $_savedSkalpelProxy
+                $env:SKALPEL_CODEX_OPENAI_BASE_URL = $_savedCodexOpenAi
+                $env:SKALPEL_CODEX_CHATGPT_BASE_URL = $_savedCodexChatGPT
+            }
+        }
+    }
+}`,
+  },
+};
+
+const codex = {
+  name: 'codex',
+  wrappers: {
+    posix: `
+# Codex CLI/App integration. Config overrides are native Codex -c knobs.
+# Set SKALPEL_NO_AGENT_WRAP=1 to disable.
+if [ -z "\${SKALPEL_NO_AGENT_WRAP:-}" ] && ! alias codex >/dev/null 2>&1 && command -v codex >/dev/null 2>&1 && command -v skalpel >/dev/null 2>&1; then
+  codex() {
+    if skalpel status >&2; then
+      _skalpel_codex_home="\${CODEX_HOME:-$HOME/.codex}"
+      _skalpel_codex_auth_mode="$(awk -F'"' '/"auth_mode"/ { print $4; exit }' "\${_skalpel_codex_home}/auth.json" 2>/dev/null)"
+      case "\${_skalpel_codex_auth_mode}" in
+        apikey|api_key|api)
+          command codex -c "openai_base_url='\${SKALPEL_CODEX_OPENAI_BASE_URL}'" "$@"
+          ;;
+        *)
+          command codex -c "chatgpt_base_url='\${SKALPEL_CODEX_CHATGPT_BASE_URL}'" "$@"
+          ;;
+      esac
+    else
+      command codex "$@"
+    fi
+  }
+fi`,
+    fish: `
+# Codex CLI/App integration. Config overrides are native Codex -c knobs.
+# Set SKALPEL_NO_AGENT_WRAP=1 to disable.
+if not set -q SKALPEL_NO_AGENT_WRAP; and not functions -q codex; and command -q codex; and command -q skalpel
+    function codex
+        if skalpel status 1>&2
+            set -l _skalpel_codex_home "$HOME/.codex"
+            if set -q CODEX_HOME
+                set _skalpel_codex_home "$CODEX_HOME"
+            end
+            set -l _skalpel_codex_auth_mode (awk -F'"' '/"auth_mode"/ { print $4; exit }' "$_skalpel_codex_home/auth.json" 2>/dev/null)
+            switch "$_skalpel_codex_auth_mode"
+                case apikey api_key api
+                    command codex -c "openai_base_url='$SKALPEL_CODEX_OPENAI_BASE_URL'" $argv
+                case '*'
+                    command codex -c "chatgpt_base_url='$SKALPEL_CODEX_CHATGPT_BASE_URL'" $argv
+            end
+        else
+            command codex $argv
+        end
+    end
+end`,
+    powershell: `
+# Codex CLI/App integration. Config overrides are native Codex -c knobs.
+# Set $env:SKALPEL_NO_AGENT_WRAP=1 to disable.
+$_skalpelOrigCodex = Get-Command codex.exe -CommandType Application -ErrorAction SilentlyContinue | Select-Object -First 1
+$_skalpelStatusBin = Get-Command skalpel -CommandType Application -ErrorAction SilentlyContinue | Select-Object -First 1
+if (-not $env:SKALPEL_NO_AGENT_WRAP -and $_skalpelOrigCodex -and $_skalpelStatusBin) {
+    function global:codex {
+        & $script:_skalpelStatusBin.Source status 1>&2
+        if ($LASTEXITCODE -eq 0) {
+            $_skalpelCodexHome = if ($env:CODEX_HOME) { $env:CODEX_HOME } else { Join-Path $HOME '.codex' }
+            $_skalpelCodexAuthMode = ''
+            try {
+                $_skalpelCodexAuthPath = Join-Path $_skalpelCodexHome 'auth.json'
+                if (Test-Path $_skalpelCodexAuthPath) {
+                    $_skalpelCodexAuthMode = (Get-Content -Raw $_skalpelCodexAuthPath | ConvertFrom-Json).auth_mode
+                }
+            } catch {}
+            if ($_skalpelCodexAuthMode -in @('apikey', 'api_key', 'api')) {
+                & $script:_skalpelOrigCodex.Source -c "openai_base_url='$env:SKALPEL_CODEX_OPENAI_BASE_URL'" @args
+            } else {
+                & $script:_skalpelOrigCodex.Source -c "chatgpt_base_url='$env:SKALPEL_CODEX_CHATGPT_BASE_URL'" @args
+            }
+        } else {
+            & $script:_skalpelOrigCodex.Source @args
+        }
+    }
+}`,
+  },
+};
+
+const registry = [claudeCode, codex];
+
+function wrapperBlock(shell) {
+  const key = shell === 'fish'
+    ? 'fish'
+    : shell === 'powershell' || shell === 'powershell-legacy'
+      ? 'powershell'
+      : 'posix';
+  return registry.map((integration) => integration.wrappers[key]).join('\n');
+}
+
+module.exports = {
+  claudeCode,
+  codex,
+  envBlockValues,
+  registry,
+  wrapperBlock,
+};

package/postinstall/lib/rc-edit.js

@@ -10,6 +10,7 @@
 
 const fs = require('fs');
 const path = require('path');
+const integrations = require('./integrations');
 
 // Decision D260 / B30 — vendor-prefixed fence format:
 //   # >>> @skalpelai/skalpel begin (managed)
@@ -20,15 +21,7 @@ const FENCE_BEGIN_PS = '# >>> @skalpelai/skalpel begin (managed) >>>';
 const FENCE_END_PS = '# <<< @skalpelai/skalpel end (managed) <<<';
 
 function envBlockValues(port) {
-  const p = String(port || 7878);
-  const root = `http://127.0.0.1:${p}`;
-  return {
-    ANTHROPIC_API_URL: root,
-    ANTHROPIC_BASE_URL: root,
-    OPENAI_BASE_URL: `${root}/v1`,
-    OPENAI_API_BASE: `${root}/v1`,
-    SKALPEL_PROXY_URL: root,
-  };
+  return integrations.envBlockValues(port);
 }
 
 function fenceFor(shell) {
@@ -48,96 +41,6 @@ function shellEscapePsSQ(v) {
   return String(v).replace(/'/g, "''");
 }
 
-// agentWrapPosix is a tiny bash/zsh-portable shim that prints a
-// one-line "skalpel active/inactive" hint right before launching
-// `claude`. The status is computed by `skalpel status` which checks
-// both the daemon socket AND the compressor toggle in config.toml so
-// the line accurately reflects whether anything will happen on the
-// next request.
-//
-// Fail-open: if `skalpel status` exits non-zero (daemon down /
-// compressor off / config corrupt), we run claude with the proxy env
-// vars unset so requests reach Anthropic directly. Without this, a
-// crashed daemon would leave ANTHROPIC_BASE_URL pointing at a closed
-// port and every claude invocation would hang on connection refused.
-//
-// Self-disabling knobs:
-//   - SKALPEL_NO_AGENT_WRAP=1   → operator opt-out (env var, anywhere).
-//   - existing `claude` alias   → we don't override aliases.
-//   - `skalpel` not on PATH     → wrapper installs nothing.
-const agentWrapPosix = `
-# Pre-launch status hint + fail-open for coding agents in this shell.
-# Status comes from \`skalpel status\` (checks daemon + engine config);
-# non-zero exit ⇒ unset proxy env vars so claude reaches Anthropic
-# directly instead of hanging on a closed proxy port.
-# Set SKALPEL_NO_AGENT_WRAP=1 to disable.
-if [ -z "\${SKALPEL_NO_AGENT_WRAP:-}" ] && ! alias claude >/dev/null 2>&1 && command -v skalpel >/dev/null 2>&1; then
-  claude() {
-    if skalpel status >&2; then
-      command claude "$@"
-    else
-      ANTHROPIC_API_URL= ANTHROPIC_BASE_URL= OPENAI_BASE_URL= OPENAI_API_BASE= SKALPEL_PROXY_URL= command claude "$@"
-    fi
-  }
-fi`;
-
-// agentWrapFish is the fish-shell port of agentWrapPosix.
-const agentWrapFish = `
-# Pre-launch status hint + fail-open for coding agents in this shell.
-# Status comes from \`skalpel status\` (checks daemon + engine config);
-# non-zero exit ⇒ unset proxy env vars so claude reaches Anthropic
-# directly instead of hanging on a closed proxy port.
-# Set SKALPEL_NO_AGENT_WRAP=1 to disable.
-if not set -q SKALPEL_NO_AGENT_WRAP; and not functions -q claude; and command -q skalpel
-    function claude
-        if skalpel status 1>&2
-            command claude $argv
-        else
-            env -u ANTHROPIC_API_URL -u ANTHROPIC_BASE_URL -u OPENAI_BASE_URL -u OPENAI_API_BASE -u SKALPEL_PROXY_URL command claude $argv
-        end
-    end
-end`;
-
-// agentWrapPosh is the PowerShell port. Same delegation: ask the
-// `skalpel` binary for the status, write it to stderr, then forward.
-// On non-zero exit, scrub the proxy env vars from the child's
-// environment for the one invocation (Remove-Item Env:… inside a
-// scoped script block), so claude reaches Anthropic directly.
-const agentWrapPosh = `
-# Pre-launch status hint + fail-open for coding agents in this shell.
-# Status comes from \`skalpel status\` (checks daemon + engine config);
-# non-zero exit ⇒ unset proxy env vars for the one claude invocation.
-# Set $env:SKALPEL_NO_AGENT_WRAP=1 to disable.
-$_skalpelOrigClaude = Get-Command claude.exe -CommandType Application -ErrorAction SilentlyContinue | Select-Object -First 1
-$_skalpelStatusBin = Get-Command skalpel -CommandType Application -ErrorAction SilentlyContinue | Select-Object -First 1
-if (-not $env:SKALPEL_NO_AGENT_WRAP -and $_skalpelOrigClaude -and $_skalpelStatusBin) {
-    function global:claude {
-        & $script:_skalpelStatusBin.Source status 1>&2
-        if ($LASTEXITCODE -eq 0) {
-            & $script:_skalpelOrigClaude.Source @args
-        } else {
-            $_savedAnthropicApi = $env:ANTHROPIC_API_URL
-            $_savedAnthropicBase = $env:ANTHROPIC_BASE_URL
-            $_savedOpenAiBase = $env:OPENAI_BASE_URL
-            $_savedOpenAiApiBase = $env:OPENAI_API_BASE
-            $_savedSkalpelProxy = $env:SKALPEL_PROXY_URL
-            $env:ANTHROPIC_API_URL = ''
-            $env:ANTHROPIC_BASE_URL = ''
-            $env:OPENAI_BASE_URL = ''
-            $env:OPENAI_API_BASE = ''
-            $env:SKALPEL_PROXY_URL = ''
-            try { & $script:_skalpelOrigClaude.Source @args }
-            finally {
-                $env:ANTHROPIC_API_URL = $_savedAnthropicApi
-                $env:ANTHROPIC_BASE_URL = $_savedAnthropicBase
-                $env:OPENAI_BASE_URL = $_savedOpenAiBase
-                $env:OPENAI_API_BASE = $_savedOpenAiApiBase
-                $env:SKALPEL_PROXY_URL = $_savedSkalpelProxy
-            }
-        }
-    }
-}`;
-
 function bodyFor(shell, env) {
   const note =
     'This block is managed by skalpel install. Do not edit by hand;\n' +
@@ -162,7 +65,7 @@ function bodyFor(shell, env) {
         ...Object.entries(env).map(
           ([k, v]) => `    set -gx ${k} "${shellEscapePosixDQ(v)}"`
         ),
-        agentWrapFish.replace(/^/gm, '    ').replace(/^    $/gm, ''),
+        integrations.wrapperBlock(shell).replace(/^/gm, '    ').replace(/^    $/gm, ''),
         'end',
       ].join('\n');
     case 'powershell':
@@ -175,7 +78,7 @@ function bodyFor(shell, env) {
         ...Object.entries(env).map(
           ([k, v]) => `    $env:${k} = '${shellEscapePsSQ(v)}'`
         ),
-        agentWrapPosh.replace(/^/gm, '    ').replace(/^    $/gm, ''),
+        integrations.wrapperBlock(shell).replace(/^/gm, '    ').replace(/^    $/gm, ''),
         '}',
       ].join('\n');
     default:
@@ -187,7 +90,7 @@ function bodyFor(shell, env) {
         ...Object.entries(env).map(
           ([k, v]) => `  export ${k}="${shellEscapePosixDQ(v)}"`
         ),
-        agentWrapPosix.replace(/^/gm, '  ').replace(/^  $/gm, ''),
+        integrations.wrapperBlock(shell).replace(/^/gm, '  ').replace(/^  $/gm, ''),
         'fi',
       ].join('\n');
   }
@@ -257,6 +160,7 @@ module.exports = {
   shellEscapePosixDQ,
   shellEscapePsSQ,
   xmlEscape,
+  integrations,
   FENCE_BEGIN_POSIX,
   FENCE_END_POSIX,
   FENCE_BEGIN_PS,

package/postinstall/lib/rc-edit.test.js

@@ -187,6 +187,17 @@ function run() {
     }
   });
 
+  test('TestRcEdit_Body_Has_Codex_Wrapper', () => {
+    const env = rc.envBlockValues(7878);
+    const block = rc.buildBlock('bash', env);
+    assert.ok(block.includes('codex()'), 'missing codex wrapper');
+    assert.ok(block.includes('openai_base_url'), 'missing Codex OpenAI base config');
+    assert.ok(block.includes('chatgpt_base_url'), 'missing Codex ChatGPT base config');
+    assert.ok(block.includes('auth_mode'), 'missing Codex auth-mode routing');
+    assert.ok(block.includes('http://127.0.0.1:7878/backend-api'), 'missing Codex ChatGPT backend base');
+    assert.ok(!block.includes('network.proxy_url'), 'Codex wrapper should not generic-proxy metadata routes');
+  });
+
   process.stdout.write(`\n  pass=${pass} fail=${fail}\n`);
   return fail === 0 ? 0 : 1;
 }