sneakoscope 0.6.35 → 0.6.36

package/README.md

@@ -45,7 +45,7 @@ Prompt routes use one canonical name each: `$DFix`, `$Answer`, `$SKS`, `$Team`,
 
 Run `sks setup` once. SKS creates hooks/skills plus `.sneakoscope/` mission/wiki/policy state. Hooks inject context/status or block a turn; Team status is mirrored to `team-live.md`, `team-transcript.jsonl`, and `sks team watch latest`.
 
-Codex CLI parity is gated on Codex App because App-provisioned MCP/plugin tools are shared with CLI sessions. `sks` opens the tmux runtime after `sks codex-app check` and `sks tmux check` pass. `sks --Auto-review --high` enables Codex `auto_review` approval review and launches the ㅅㅋㅅ tmux runtime with a high-reasoning profile. QA-LOOP prioritizes Browser Use for local browser targets and Computer Use for desktop/browser evidence.
+Codex CLI parity is gated on Codex App because App-provisioned MCP/plugin tools are shared with CLI sessions. `sks` opens the tmux runtime after `sks codex-app check` and `sks tmux check` pass. `sks --Auto-review --high` enables the Codex `guardian_subagent` approvals reviewer and launches the ㅅㅋㅅ tmux runtime with a high-reasoning profile. QA-LOOP prioritizes Browser Use for local browser targets and Computer Use for desktop/browser evidence.
 
 ## TriWiki
 

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "sneakoscope",
   "displayName": "Sneakoscope Codex",
-  "version": "0.6.35",
+  "version": "0.6.36",
   "description": "Sneakoscope Codex: update-aware, database-safe Codex CLI harness with multi-agent Team orchestration, Ralph no-question execution, autoresearch-style loops, and H-Proof gates.",
   "type": "module",
   "homepage": "https://github.com/mandarange/Sneakoscope-Codex#readme",

package/src/cli/main.mjs

@@ -1149,7 +1149,7 @@ Inspect or disable:
   sks auto-review disable
 
 Effect:
-  Writes approvals_reviewer = "auto_review" to Codex config and creates sks-auto-review / sks-auto-review-high profiles.
+  Writes approvals_reviewer = "guardian_subagent" to Codex config and creates sks-auto-review / sks-auto-review-high profiles.
   Automatic review applies only to approval prompts that are already interactive under approval_policy = "on-request" or granular approval policies.
 `,
     team: `Team Workflow
@@ -2517,9 +2517,11 @@ async function selftest() {
   const autoReviewEnabled = await enableAutoReview({ env: autoReviewEnv, high: true });
   if (!autoReviewEnabled.enabled || autoReviewEnabled.profile_name !== 'sks-auto-review-high' || !autoReviewEnabled.high_profile) throw new Error('selftest failed: auto-review high profile was not enabled');
   const autoReviewConfig = await safeReadText(path.join(autoReviewHome, '.codex', 'config.toml'));
-  if (!autoReviewConfig.includes('approvals_reviewer = "auto_review"') || !autoReviewConfig.includes('[profiles.sks-auto-review-high]')) throw new Error('selftest failed: auto-review config not written');
+  if (!autoReviewConfig.includes('approvals_reviewer = "guardian_subagent"') || autoReviewConfig.includes('approvals_reviewer = "auto_review"') || !autoReviewConfig.includes('[profiles.sks-auto-review-high]')) throw new Error('selftest failed: auto-review config not written');
   const autoReviewDisabled = await disableAutoReview({ env: autoReviewEnv });
   if (autoReviewDisabled.enabled || autoReviewDisabled.approvals_reviewer !== 'user') throw new Error('selftest failed: auto-review disable did not restore user reviewer');
+  const autoReviewDisabledConfig = await safeReadText(path.join(autoReviewHome, '.codex', 'config.toml'));
+  if (autoReviewDisabledConfig.includes('approvals_reviewer = "auto_review"')) throw new Error('selftest failed: auto-review disable left legacy invalid reviewer values');
   const analysisAgentExists = await exists(path.join(tmp, '.codex', 'agents', 'analysis-scout.toml'));
   if (!analysisAgentExists) throw new Error('selftest failed: analysis scout agent not installed');
   const teamAgentExists = await exists(path.join(tmp, '.codex', 'agents', 'team-consensus.toml'));

package/src/core/auto-review.mjs

@@ -2,7 +2,8 @@ import os from 'node:os';
 import path from 'node:path';
 import { ensureDir, exists, readText, writeTextAtomic } from './fsx.mjs';
 
-export const AUTO_REVIEW_REVIEWER = 'auto_review';
+export const AUTO_REVIEW_REVIEWER = 'guardian_subagent';
+export const LEGACY_AUTO_REVIEW_REVIEWER = 'auto_review';
 export const AUTO_REVIEW_PROFILE = 'sks-auto-review';
 export const AUTO_REVIEW_HIGH_PROFILE = 'sks-auto-review-high';
 
@@ -21,13 +22,17 @@ export function autoReviewProfileName(opts = {}) {
 export async function autoReviewStatus(opts = {}) {
   const configPath = opts.configPath || codexConfigPath(opts.env || process.env);
   const text = await readText(configPath, '');
+  const approvalsReviewer = readTomlString(text, 'approvals_reviewer');
+  const profileReviewer = readTableString(text, `profiles.${AUTO_REVIEW_PROFILE}`, 'approvals_reviewer');
+  const highProfileReviewer = readTableString(text, `profiles.${AUTO_REVIEW_HIGH_PROFILE}`, 'approvals_reviewer');
   return {
     config_path: configPath,
     exists: await exists(configPath),
-    approvals_reviewer: readTomlString(text, 'approvals_reviewer'),
-    enabled: readTomlString(text, 'approvals_reviewer') === AUTO_REVIEW_REVIEWER,
-    profile: tableHasString(text, `profiles.${AUTO_REVIEW_PROFILE}`, 'approvals_reviewer', AUTO_REVIEW_REVIEWER),
-    high_profile: tableHasString(text, `profiles.${AUTO_REVIEW_HIGH_PROFILE}`, 'approvals_reviewer', AUTO_REVIEW_REVIEWER),
+    approvals_reviewer: approvalsReviewer,
+    enabled: approvalsReviewer === AUTO_REVIEW_REVIEWER,
+    profile: profileReviewer === AUTO_REVIEW_REVIEWER,
+    high_profile: highProfileReviewer === AUTO_REVIEW_REVIEWER,
+    legacy_invalid: [approvalsReviewer, profileReviewer, highProfileReviewer].includes(LEGACY_AUTO_REVIEW_REVIEWER),
     policy: readTableString(text, 'auto_review', 'policy') || ''
   };
 }
@@ -55,6 +60,8 @@ export async function disableAutoReview(opts = {}) {
   const configPath = opts.configPath || codexConfigPath(opts.env || process.env);
   const current = await readText(configPath, '');
   let next = upsertTopLevelString(current, 'approvals_reviewer', 'user');
+  if (tableBody(next, `profiles.${AUTO_REVIEW_PROFILE}`)) next = upsertProfile(next, AUTO_REVIEW_PROFILE, 'medium', 'user');
+  if (tableBody(next, `profiles.${AUTO_REVIEW_HIGH_PROFILE}`)) next = upsertProfile(next, AUTO_REVIEW_HIGH_PROFILE, 'high', 'user');
   if (!next.endsWith('\n')) next += '\n';
   await writeTextAtomic(configPath, next);
   return autoReviewStatus({ configPath });
@@ -74,6 +81,9 @@ export function autoReviewSummary(status = {}) {
     lines.push('', 'Enable with: sks auto-review enable');
     lines.push('Launch high mode with: sks --Auto-review --high');
   }
+  if (status.legacy_invalid) {
+    lines.push('', 'Legacy invalid reviewer value found: run sks auto-review enable or sks auto-review disable to rewrite Codex config.');
+  }
   return lines.join('\n');
 }
 
@@ -123,12 +133,12 @@ function upsertTopLevelString(text, key, value) {
   return lines.join('\n').replace(/^\n+/, '').replace(/\n{3,}/g, '\n\n');
 }
 
-function upsertProfile(text, profile, effort) {
+function upsertProfile(text, profile, effort, reviewer = AUTO_REVIEW_REVIEWER) {
   const block = [
     `[profiles.${profile}]`,
     'model = "gpt-5.5"',
     'approval_policy = "on-request"',
-    'approvals_reviewer = "auto_review"',
+    `approvals_reviewer = "${reviewer}"`,
     'sandbox_mode = "workspace-write"',
     `model_reasoning_effort = "${effort}"`
   ].join('\n');

package/src/core/codex-app.mjs

@@ -111,17 +111,21 @@ export async function codexAppIntegrationStatus(opts = {}) {
       computer_use_cache: computerUsePath,
       browser_use_cache: browserUsePath
     },
-    guidance: codexAppGuidance({ appInstalled, codex, computerUseReady, browserUseReady })
+    guidance: codexAppGuidance({ appInstalled, codex, mcpList, computerUseReady, browserUseReady })
   };
 }
 
-export function codexAppGuidance({ appInstalled, codex, computerUseReady, browserUseReady }) {
+export function codexAppGuidance({ appInstalled, codex, mcpList, computerUseReady, browserUseReady }) {
   const lines = [];
   if (!appInstalled) {
     lines.push('Install and open Codex App first. SKS CLI blocks tmux launch until Codex App is present because first-party MCP/plugin tools are App-provisioned.');
     lines.push(`Docs: ${CODEX_APP_DOCS_URL}`);
   }
   if (!codex?.bin) lines.push('Install Codex CLI too: npm i -g @openai/codex, or set SKS_CODEX_BIN.');
+  if (mcpList?.checked && !mcpList.ok) {
+    lines.push(`Codex MCP/config check failed: ${summarizeCodexMcpError(mcpList.stderr || mcpList.stdout)}`);
+    lines.push('Verify with: codex mcp list');
+  }
   if (appInstalled && (!computerUseReady || !browserUseReady)) {
     lines.push('Open Codex App settings, enable recommended MCP/plugin tools, then restart Codex CLI sessions.');
     lines.push('Required for SKS QA-LOOP priority order: Browser Use for local browser targets, Computer Use for desktop/app/browser evidence.');
@@ -146,3 +150,15 @@ export function formatCodexAppStatus(status, { includeRaw = false } = {}) {
   if (includeRaw && status.mcp.stdout) lines.push('', status.mcp.stdout.trim());
   return lines.join('\n');
 }
+
+function summarizeCodexMcpError(text) {
+  const cleanLines = String(text || '')
+    .split(/\r?\n/)
+    .map((line) => line.trim())
+    .filter(Boolean)
+    .filter((line) => !line.startsWith('WARNING: proceeding'));
+  const variantLine = cleanLines.find((line) => line.includes('unknown variant'));
+  const errorLine = cleanLines.find((line) => line.startsWith('Error:'));
+  if (errorLine && variantLine && errorLine !== variantLine) return `${errorLine}; ${variantLine}`;
+  return variantLine || errorLine || cleanLines[0] || 'codex mcp list failed';
+}

package/src/core/fsx.mjs

@@ -5,7 +5,7 @@ import os from 'node:os';
 import crypto from 'node:crypto';
 import { spawn } from 'node:child_process';
 
-export const PACKAGE_VERSION = '0.6.35';
+export const PACKAGE_VERSION = '0.6.36';
 export const DEFAULT_PROCESS_TAIL_BYTES = 256 * 1024;
 export const DEFAULT_PROCESS_TIMEOUT_MS = 30 * 60 * 1000;