sneakoscope 0.6.37 → 0.6.41

package/README.md

@@ -1,13 +1,22 @@
-<h1 align="center">ㅅㅋㅅ</h1>
-<p align="center"><strong>Sneakoscope Codex</strong></p>
+<p align="center">
+  <img src="docs/assets/sneakoscope-codex-logo.png" alt="ㅅㅋㅅ logo" width="96" height="96">
+</p>
 
-Zero-runtime-dependency Node.js harness for Codex CLI/App. `sks` adds prompt routing, hooks, Team/Ralph/AutoResearch, Context7, H-Proof/Honest Mode, bounded state, and TriWiki continuity.
+<h1 align="center">Sneakoscope Codex</h1>
+
+<p align="center">
+  <a href="https://www.npmjs.com/package/sneakoscope"><img alt="npm version" src="https://img.shields.io/npm/v/sneakoscope.svg"></a>
+  <a href="https://www.npmjs.com/package/sneakoscope"><img alt="license" src="https://img.shields.io/npm/l/sneakoscope.svg"></a>
+  <img alt="Node.js 20.11+" src="https://img.shields.io/badge/node-20.11%2B-339933.svg">
+</p>
+
+Sneakoscope Codex is a zero-runtime-dependency Node.js harness for Codex CLI/App. `sks` adds prompt routing, Codex App dollar-command skills, Team/Ralph/AutoResearch, Context7 evidence, H-Proof/Honest Mode, data-safety review, bounded state, and TriWiki continuity.
 
 Core value: repetition resistance. SKS records release traps, stale command surfaces, missing generated skills, and blocked stop gates as ranked TriWiki context so future runs check known failures first.
 
 ## AI Answer Snapshot
 
-Package: `sneakoscope`. CLI: `sks` or `sneakoscope`. `sks setup` prepares the project and installs Codex CLI when missing; open Codex App so first-party MCP/plugin tools reach CLI sessions.
+Package: `sneakoscope`. CLI: `sks` or `sneakoscope`. Global install seeds `$HOME/.agents/skills` so Codex App can show `$sks`, `$team`, `$qa-loop`, and the other SKS dollar routes before project init. `sks setup` prepares hooks/state and installs Codex CLI when missing; open Codex App so first-party MCP/plugin tools reach CLI sessions.
 
 ```bash
 npm i -g sneakoscope
@@ -21,12 +30,66 @@ sks doctor --fix
 sks selftest --mock
 ```
 
+## Why Developers Star Sneakoscope Codex
+
+- **First-run Codex App readiness**: global install creates user-level `.agents/skills` before project init.
+- **Command-surface consistency**: route registry, `sks dollar-commands`, generated skills, quick reference, README, and selftests agree.
+- **Multi-agent Team orchestration**: scouts, TriWiki refresh, debate, fresh executors, review, and evidence run as one workflow.
+- **Ralph no-question execution**: ambiguity is collected before work, sealed in `decision-contract.json`, then resolved by the decision ladder during execution.
+- **Guarded data workflows**: risky data or schema requests are routed through an explicit safety surface before implementation.
+- **Honest completion**: H-Proof and Honest Mode require evidence before the assistant claims the task is complete.
+- **Bounded memory and logs**: raw outputs live in files, prompts receive small tails/summaries, and `sks gc` can prune old artifacts.
+- **TriWiki continuity**: long-running work keeps source/hash/RGBA anchors instead of lossy summaries.
+
+## Install
+
+Use the npm registry package for normal installs:
+
+```bash
+npm i -g sneakoscope
+sks setup
+```
+
+If your shell cannot see the global binary yet:
+
+```bash
+npx -y -p sneakoscope sks setup
+```
+
+Project-only install is supported when hooks must call the local package:
+
+```bash
+npm i -D sneakoscope
+npx sks setup --install-scope project
+```
+
+Local-only setup keeps generated SKS files out of git status:
+
+```bash
+sks setup --local-only
+```
+
+The package exposes two equivalent shell commands:
+
+```bash
+sks <command>
+sneakoscope <command>
+```
+
+`@openai/codex` is not bundled. `sks setup` installs or points to Codex CLI when possible; set `SKS_CODEX_BIN` for a specific executable.
+
 ## Commands
 
+There are two command surfaces:
+
+- **Terminal CLI commands**: run in a shell as `sks ...` or `sneakoscope ...`.
+- **Prompt `$` commands**: type at the start of a Codex App prompt to force a route.
+
 ```bash
 sks commands
 sks quickstart|codex-app
 sks dollar-commands
+sks usage install|dollar|team|ralph|wiki|imagegen
 sks tmux check|status
 sks --auto-review --high
 sks auto-review status|enable|start --high
@@ -43,24 +106,180 @@ sks hproof check latest
 sks guard check; sks eval run|compare; sks gx init|render|validate|drift|snapshot; sks gc --dry-run
 ```
 
-Prompt routes use one canonical name each: `$DFix`, `$Answer`, `$SKS`, `$Team`, `$QA-LOOP`, `$Ralph`, `$Research`, `$AutoResearch`, `$DB`, `$GX`, `$Wiki`, `$Help`.
+Prompt routes use one canonical name each:
 
-Release notes: `CHANGELOG.md`; checked by `npm run release:check`.
+```text
+$DFix          tiny design/content changes
+$Answer        answer-only research or explanation
+$SKS           general Sneakoscope setup/status/help
+$Team          implementation/code-changing Team workflow
+$QA-LOOP       UI/API E2E verification loop
+$Ralph         clarification-gated no-question mission
+$Research      frontier discovery workflow
+$AutoResearch  iterative experiment/improvement loop
+$DB            data safety review
+$GX            deterministic visual context cartridges
+$Wiki          TriWiki refresh, pack, validate, prune
+$Help          command and workflow help
+```
 
-## Design And Assets
+Examples:
 
-UI/UX reads `design.md` first. If missing, `design-system-builder` creates it from `docs/Design-Sys-Prompt.md` with plan-tool questions and a default font choice. Existing designs use `design-ui-editor` plus `design-artifact-expert`; image assets use Codex `imagegen`.
+```text
+$DFix 글자 색 파란색으로 바꿔줘
+$Team executor:5 reviewer:2 user:1 리드미와 generated skills를 맞춰줘
+$Ralph 결제 실패 재시도 로직 개선
+$DB 위험한 데이터 변경인지 먼저 검사해줘
+$Help 사용 가능한 명령어 알려줘
+```
+
+Release notes: `CHANGELOG.md`; checked by `npm run release:check`.
 
 ## Codex App
 
-Run `sks setup` once. SKS creates hooks/skills plus `.sneakoscope/` state. Team status is mirrored to `team-live.md`, `team-transcript.jsonl`, and `sks team watch latest`.
+Global install creates user-level `$` skills:
+
+```text
+$HOME/.agents/skills/<route>/SKILL.md
+```
+
+Run `sks setup` once inside each project to add project hooks/skills plus `.sneakoscope/` state:
+
+```text
+.codex/config.toml       Codex profiles, multi-agent limits, Context7 MCP
+.codex/hooks.json        Codex hook entrypoints through SKS guards
+.agents/skills/          repo-local route and support skills
+.codex/agents/           Team analysis, consensus, worker, reviewer roles
+.codex/SNEAKOSCOPE.md    quick reference for Codex App
+AGENTS.md                managed repository rules
+.sneakoscope/            missions, gates, policy, wiki, GX, reports
+```
+
+Team status is mirrored to `team-live.md`, `team-transcript.jsonl`, and `sks team watch latest`.
 
 Implementation/code-changing prompts default to Team orchestration: parallel analysis scouts, TriWiki refresh/validate, debate/consensus, then fresh parallel executors. Answer-only, DFix, Help, Wiki maintenance, and safety-specific routes stay lightweight.
 
 Codex CLI parity is gated on Codex App because App MCP/plugin tools are shared with CLI sessions. `sks setup` installs `@openai/codex` when missing and prints tool hints. `sks --auto-review --high` is the shortest high-reasoning auto-review entry.
 
+## Team Workflow
+
+Team mode is the default for implementation and code-changing work. It is scout-first:
+
+```text
+analysis scouts -> TriWiki refresh/validate -> debate -> consensus
+-> fresh executor team -> review -> integration -> Honest Mode
+```
+
+Role counts such as `executor:5 reviewer:2 user:1` control the Team shape. `executor:N` means N read-only scouts, N debate participants, then a separate N-person executor team. The parent agent owns integration and final verification.
+
+Useful files:
+
+```text
+.sneakoscope/missions/<MISSION_ID>/team-plan.json
+.sneakoscope/missions/<MISSION_ID>/team-analysis.md
+.sneakoscope/missions/<MISSION_ID>/team-live.md
+.sneakoscope/missions/<MISSION_ID>/team-transcript.jsonl
+.sneakoscope/missions/<MISSION_ID>/team-gate.json
+```
+
+## Ralph Workflow
+
+Ralph is for clarification-gated execution:
+
+```text
+ralph prepare -> questions.md and required-answers.schema.json
+ralph answer  -> decision-contract.json
+ralph run     -> no-question execution and done-gate evaluation
+```
+
+After `decision-contract.json` is sealed, Ralph does not ask more questions. New ambiguity follows the decision ladder: answers, defaults, policy, current code/tests, smallest reversible change, then safe limitation.
+
 ## TriWiki
 
 TriWiki scores claims by trust, freshness, risk, and token cost. Read `.sneakoscope/wiki/context-pack.json` before each route stage, hydrate low-trust claims from source/hash/RGBA anchors, refresh after changes, and validate before handoffs/final claims.
 
 Repeated failures are promoted, not buried. Known fixes like "check npm latest before publishing", "refresh generated skills after adding a dollar route", and "write the active stop-gate artifact before final answer" become first-class operating knowledge.
+
+## H-Proof And Honest Mode
+
+H-Proof evaluates whether a mission can be called done. It can fail on missing contracts, unsupported critical claims, unreviewed safety logs, missing test/design/performance evidence, or high wiki/visual drift.
+
+```bash
+sks hproof check latest
+```
+
+Honest Mode is the final human-readable pass: restate the actual goal, compare evidence to that goal, list verification, and state any hard blocker without over-claiming.
+
+## Design And Assets
+
+UI/UX reads `design.md` first. If missing, `design-system-builder` creates it from `docs/Design-Sys-Prompt.md`. Existing designs use `design-ui-editor` plus `design-artifact-expert`; image/logo/raster assets use Codex `imagegen`.
+
+## Runtime State
+
+SKS keeps runtime state bounded:
+
+- child process output is tailed
+- large raw logs are stored as files
+- wiki and mission artifacts can be packed or pruned
+- package bloat is checked before release
+
+```bash
+sks stats
+sks gc --dry-run
+sks wiki refresh
+sks wiki validate .sneakoscope/wiki/context-pack.json
+```
+
+## Package Layout
+
+```text
+bin/sks.mjs                  CLI executable
+src/cli/main.mjs             command router, hooks, selftest, mission commands
+src/core/init.mjs            setup, generated skills, Codex App quick reference
+src/core/routes.mjs          route and dollar-command registry
+src/core/db-safety.mjs       data safety classifier
+src/core/pipeline.mjs        ambiguity gates and route mission state
+src/core/hproof.mjs          done-gate evaluator
+src/core/triwiki-attention.mjs
+docs/assets/                 logo asset shipped in the npm package
+```
+
+The npm package is allowlisted to `bin`, `src`, the logo PNG, `README.md`, and `LICENSE`.
+
+## Development
+
+```bash
+npm run repo-audit
+npm run packcheck
+npm run selftest
+npm run sizecheck
+npm run release:check
+npm run publish:dry
+```
+
+`npm run sizecheck` blocks accidental package bloat. Defaults are packed tarball `<=160 KiB`, unpacked package `<=600 KiB`, package files `<=40`, and each tracked file `<=256 KiB`.
+
+## Publishing
+
+```bash
+npm whoami
+npm owner ls sneakoscope
+npm run publish:dry
+npm run publish:npm
+```
+
+If npm authentication fails, log in with an owner account or ask an existing owner to add your npm username.
+
+## FAQ
+
+### Does Sneakoscope Codex replace Codex CLI?
+
+No. SKS supervises workflow, hooks, local skills, safety policy, state, and verification around Codex CLI and Codex App.
+
+### Why does SKS install user-level skills?
+
+Codex App command discovery happens before a project may be initialized. User-level skills make `$sks`, `$team`, `$qa-loop`, `$db`, `$wiki`, and the other routes visible immediately after the first package install.
+
+### What should I run when commands look stale?
+
+Run `sks dollar-commands`, then `sks doctor --fix`, then `sks codex-app check`. For release validation, run `npm run publish:dry`.

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "sneakoscope",
   "displayName": "ㅅㅋㅅ",
-  "version": "0.6.37",
+  "version": "0.6.41",
   "description": "Sneakoscope Codex: database-safe Codex CLI/App harness with Team, Ralph, AutoResearch, TriWiki, and Honest Mode.",
   "type": "module",
   "homepage": "https://github.com/mandarange/Sneakoscope-Codex#readme",
@@ -23,6 +23,7 @@
   "files": [
     "bin",
     "src",
+    "docs/assets/sneakoscope-codex-logo.png",
     "README.md",
     "LICENSE"
   ],

package/src/cli/main.mjs

@@ -1,9 +1,10 @@
 import path from 'node:path';
+import os from 'node:os';
 import fsp from 'node:fs/promises';
 import readline from 'node:readline/promises';
 import { stdin as input, stdout as output } from 'node:process';
 import { projectRoot, readJson, writeJsonAtomic, writeTextAtomic, appendJsonlBounded, nowIso, exists, ensureDir, tmpdir, packageRoot, dirSize, formatBytes, which, runProcess, PACKAGE_VERSION } from '../core/fsx.mjs';
-import { initProject, normalizeInstallScope, sksCommandPrefix } from '../core/init.mjs';
+import { initProject, installSkills, normalizeInstallScope, sksCommandPrefix } from '../core/init.mjs';
 import { getCodexInfo, runCodexExec } from '../core/codex-adapter.mjs';
 import { createMission, loadMission, findLatestMission, missionDir, setCurrent, stateFile } from '../core/mission.mjs';
 import { buildQuestionSchema, writeQuestions } from '../core/questions.mjs';
@@ -209,6 +210,11 @@ async function postinstall() {
   else if (context7Install.status === 'codex_missing') console.log('Context7 MCP: Codex CLI missing. Install @openai/codex or set SKS_CODEX_BIN, then run `sks context7 setup --scope global` or `sks setup` in a project.');
   else if (context7Install.status === 'skipped') console.log(`Context7 MCP: skipped (${context7Install.reason}).`);
   else if (context7Install.status === 'failed') console.log(`Context7 MCP: auto setup failed. Run \`sks context7 setup --scope global\` or \`sks setup\`. ${context7Install.error || ''}`.trim());
+  const globalSkills = await ensureGlobalCodexSkillsDuringInstall();
+  if (globalSkills.status === 'installed') console.log(`Codex App global $ skills: installed in ${globalSkills.root} (${globalSkills.installed_count} skills).`);
+  else if (globalSkills.status === 'partial') console.log(`Codex App global $ skills: partial in ${globalSkills.root}; missing ${globalSkills.missing_skills.join(', ')}. Run \`sks doctor --fix\`.`);
+  else if (globalSkills.status === 'skipped') console.log(`Codex App global $ skills: skipped (${globalSkills.reason}).`);
+  else if (globalSkills.status === 'failed') console.log(`Codex App global $ skills: auto setup failed. Run \`sks doctor --fix\`. ${globalSkills.error || ''}`.trim());
   const appSetup = await ensureCodexAppProjectDuringInstall(installRoot, { shim });
   if (appSetup.status === 'installed') console.log(`Codex App project setup: installed in ${appSetup.root} (${appSetup.install_scope}; canonical picker skills include ${appSetup.aliases.join(', ')}).`);
   else if (appSetup.status === 'partial') console.log(`Codex App project setup: repaired with missing skill warning (${appSetup.missing_skills.join(', ')}). Run \`sks doctor --fix\`.`);
@@ -323,6 +329,20 @@ async function ensureGlobalContext7DuringInstall() {
   return { status: 'failed', error: `${add.stderr || add.stdout || 'codex mcp add failed'}`.trim() };
 }
 
+async function ensureGlobalCodexSkillsDuringInstall(opts = {}) {
+  if (process.env.SKS_SKIP_POSTINSTALL_GLOBAL_SKILLS === '1' && !opts.force) return { status: 'skipped', reason: 'SKS_SKIP_POSTINSTALL_GLOBAL_SKILLS=1' };
+  const home = opts.home || process.env.HOME || os.homedir();
+  if (!home) return { status: 'skipped', reason: 'home directory unavailable' };
+  const root = globalCodexSkillsRoot(home);
+  try {
+    const install = await installSkills(home);
+    const skills = await checkRequiredSkills(home, root);
+    return { status: skills.ok ? 'installed' : 'partial', root, installed_count: install.installed_skills.length, removed_aliases: install.removed_agent_skill_aliases, missing_skills: skills.missing };
+  } catch (err) {
+    return { status: 'failed', root, error: err.message };
+  }
+}
+
 async function ensureRelatedCliTools(args = []) {
   const skip = flag(args, '--skip-cli-tools') || process.env.SKS_SKIP_CLI_TOOLS === '1';
   const codex = await ensureCodexCliTool({ skip });
@@ -1046,9 +1066,15 @@ async function codexAppHelp(args = []) {
   const action = args[0] || 'help';
   if (action === 'check' || action === 'status') {
     const status = await codexAppIntegrationStatus();
-    if (flag(args, '--json')) return console.log(JSON.stringify(status, null, 2));
+    const skills = await codexAppSkillReadiness();
+    const readiness = { ...status, ok: status.ok && skills.ok, runtime_ok: status.ok, skills };
+    if (flag(args, '--json')) return console.log(JSON.stringify(readiness, null, 2));
     console.log(formatCodexAppStatus(status, { includeRaw: flag(args, '--verbose') }));
-    if (!status.ok) process.exitCode = 1;
+    console.log('');
+    console.log(`Project $ skills: ${skills.project.ok ? 'ok' : `missing ${skills.project.missing.length}`} ${skills.project.root}`);
+    console.log(`Global $ skills:  ${skills.global.ok ? 'ok' : `missing ${skills.global.missing.length}`} ${skills.global.root}`);
+    if (!skills.ok) console.log('Run: sks setup, or reinstall/repair with npm i -g sneakoscope && sks doctor --fix');
+    if (!readiness.ok) process.exitCode = 1;
     return;
   }
   if (action === 'open') {
@@ -1059,10 +1085,15 @@ async function codexAppHelp(args = []) {
     return;
   }
   const status = await codexAppIntegrationStatus();
+  const skills = await codexAppSkillReadiness();
   console.log(`ㅅㅋㅅ App Usage
 
 ${formatCodexAppStatus(status)}
 
+Dollar-command skills:
+  Project: ${skills.project.ok ? 'ok' : `missing ${skills.project.missing.length}`} ${skills.project.root}
+  Global:  ${skills.global.ok ? 'ok' : `missing ${skills.global.missing.length}`} ${skills.global.root}
+
 Run once in the project:
   sks setup
 
@@ -1619,6 +1650,9 @@ async function setup(args) {
   const cliTools = await ensureRelatedCliTools(args);
   const globalCommand = await globalSksCommand();
   const res = await initProject(root, { force: flag(args, '--force'), installScope, globalCommand, localOnly });
+  const globalSkills = localOnly
+    ? { status: 'skipped', reason: '--local-only', root: globalCodexSkillsRoot() }
+    : await ensureGlobalCodexSkillsDuringInstall({ force: flag(args, '--force') });
   const install = await installStatus(root, installScope, { globalCommand });
   const versioningInfo = await versioningStatus(root);
   const appRuntime = await codexAppIntegrationStatus();
@@ -1632,11 +1666,13 @@ async function setup(args) {
       config: path.join(root, '.codex', 'config.toml'),
       hooks: hooksPath,
       skills: path.join(root, '.agents', 'skills'),
+      global_skills: globalSkills.root,
       agents: path.join(root, '.codex', 'agents'),
       quick_reference: path.join(root, '.codex', 'SNEAKOSCOPE.md'),
       agents_rules: path.join(root, 'AGENTS.md')
     },
     codex_app_runtime: appRuntime,
+    global_skills: globalSkills,
     created: res.created,
     versioning: versioningInfo,
     local_only: localOnly,
@@ -1651,6 +1687,7 @@ async function setup(args) {
   console.log(`Version:   ${versioningInfo.enabled ? (versioningInfo.hook_installed ? 'auto-bump enabled' : 'auto-bump hook missing') : 'not enabled'}${versioningInfo.package_version ? ` (${versioningInfo.package_version})` : ''}`);
   if (localOnly) console.log('Git:       local-only (.git/info/exclude; user AGENTS preserved, SKS managed block refreshed)');
   console.log(`Codex App: .codex/config.toml, .codex/hooks.json, .agents/skills, .codex/agents, .codex/SNEAKOSCOPE.md`);
+  console.log(`Global $:  ${globalSkills.status === 'installed' ? 'ok' : globalSkills.status} ${globalSkills.root || ''}`.trimEnd());
   console.log(`App tools: ${appRuntime.ok ? 'ok' : 'needs setup'} Codex App=${appRuntime.app.installed ? 'ok' : 'missing'} Browser Use=${appRuntime.mcp.has_browser_use ? 'ok' : 'missing'} Computer Use=${appRuntime.mcp.has_computer_use ? 'ok' : 'missing'}`);
   console.log(`Prompt:    intent-first routing, $Answer fact-check route, $DFix ultralight design/content route, Context7 gate`);
   console.log(`Skills:    .agents/skills`);
@@ -1706,10 +1743,12 @@ async function doctor(args) {
     : null;
   let conflictScan = await scanHarnessConflicts(root);
   let repairApplied = false;
+  let globalSkillsRepair = null;
   if (flag(args, '--fix') && !conflictScan.hard_block) {
     const fixScope = requestedScope || 'global';
     const existingManifest = await readJson(path.join(root, '.sneakoscope', 'manifest.json'), null);
     await initProject(root, { installScope: fixScope, globalCommand: await globalSksCommand(), localOnly: flag(args, '--local-only') || Boolean(existingManifest?.git?.local_only), force: true, repair: true });
+    if (!flag(args, '--local-only')) globalSkillsRepair = await ensureGlobalCodexSkillsDuringInstall({ force: true });
     repairApplied = true;
     conflictScan = await scanHarnessConflicts(root);
   }
@@ -1726,6 +1765,7 @@ async function doctor(args) {
   const context7Status = await checkContext7(root);
   const appRuntime = await codexAppIntegrationStatus({ codex });
   const skillStatus = await checkRequiredSkills(root);
+  const globalSkillStatus = await checkRequiredSkills(null, globalCodexSkillsRoot());
   const guardStatus = await harnessGuardStatus(root);
   const versioningInfo = await versioningStatus(root);
   const codexApp = {
@@ -1733,6 +1773,7 @@ async function doctor(args) {
     hooks: { ok: await exists(path.join(root, '.codex', 'hooks.json')) },
     versioning: versioningInfo,
     skills: skillStatus,
+    global_skills: globalSkillStatus,
     agents: { ok: await exists(path.join(root, '.codex', 'agents')) },
     quick_reference: { ok: await exists(path.join(root, '.codex', 'SNEAKOSCOPE.md')) },
     agents_rules: { ok: await exists(path.join(root, 'AGENTS.md')) }
@@ -1740,7 +1781,7 @@ async function doctor(args) {
   const result = {
     node: { ok: nodeOk, version: process.version }, root, codex, rust,
     install,
-    repair: { applied: repairApplied, blocked_by_other_harness: flag(args, '--fix') && conflictScan.hard_block },
+    repair: { applied: repairApplied, global_skills: globalSkillsRepair, blocked_by_other_harness: flag(args, '--fix') && conflictScan.hard_block },
     harness_conflicts: {
       ok: conflictScan.ok,
       hard_block: conflictScan.hard_block,
@@ -1755,14 +1796,15 @@ async function doctor(args) {
     versioning: versioningInfo,
     db_guard: { ok: dbPolicyExists && dbScan.ok, policy: dbPolicyExists ? await loadDbSafetyPolicy(root) : null, scan: dbScan },
     hooks: { ok: await exists(path.join(root, '.codex', 'hooks.json')) },
-    skills: { ok: await exists(path.join(root, '.agents', 'skills')) },
+    skills: skillStatus,
+    global_skills: globalSkillStatus,
     codex_app: {
       ...codexApp,
       ok: codexApp.config.ok && codexApp.hooks.ok && codexApp.skills.ok && codexApp.agents.ok && codexApp.quick_reference.ok && codexApp.agents_rules.ok
     },
     package: { bytes: pkgBytes, human: formatBytes(pkgBytes) }, storage
   };
-  result.ready = !result.harness_conflicts.hard_block && nodeOk && Boolean(codex.bin) && install.ok && result.sneakoscope.ok && result.context7.ok && appRuntime.ok && result.harness_guard.ok && result.versioning.ok && result.db_guard.ok && result.codex_app.ok && result.skills.ok;
+  result.ready = !result.harness_conflicts.hard_block && nodeOk && Boolean(codex.bin) && install.ok && result.sneakoscope.ok && result.context7.ok && appRuntime.ok && result.harness_guard.ok && result.versioning.ok && result.db_guard.ok && result.codex_app.ok && result.skills.ok && result.global_skills.ok;
   if (result.harness_conflicts.hard_block) process.exitCode = 1;
   if (flag(args, '--json')) return console.log(JSON.stringify(result, null, 2));
   console.log('ㅅㅋㅅ Doctor\n');
@@ -1772,6 +1814,7 @@ async function doctor(args) {
   console.log(`Install:   ${install.ok ? 'ok' : 'missing'} ${install.scope} (${install.command_prefix})`);
   console.log(`Conflicts: ${result.harness_conflicts.hard_block ? 'blocked' : 'ok'} ${result.harness_conflicts.conflicts.length} finding(s)`);
   if (repairApplied) console.log('Repair:    regenerated SKS managed files from the installed package template');
+  if (globalSkillsRepair) console.log(`Global $ repair: ${globalSkillsRepair.status} ${globalSkillsRepair.root || ''}`.trimEnd());
   if (flag(args, '--fix') && result.harness_conflicts.hard_block) console.log('Repair:    skipped because another Codex harness needs human-approved removal first');
   console.log(`Rust acc.: ${rust.available ? rust.version : 'optional-missing'}`);
   console.log(`State:     ${result.sneakoscope.ok ? 'ok' : 'missing .sneakoscope'}`);
@@ -1783,6 +1826,7 @@ async function doctor(args) {
   console.log(`Hooks:     ${result.hooks.ok ? 'ok' : 'missing .codex/hooks.json'}`);
   console.log(`Codex App: ${result.codex_app.ok ? 'ok' : 'missing app files'} .codex/config.toml .codex/hooks.json .agents/skills .codex/agents .codex/SNEAKOSCOPE.md`);
   console.log(`Skills:    ${result.skills.ok ? 'ok' : `missing ${result.skills.missing.length} skill(s)`}`);
+  console.log(`Global $:  ${result.global_skills.ok ? 'ok' : `missing ${result.global_skills.missing.length} skill(s)`} ${result.global_skills.root}`);
   console.log(`Package:   ${result.package.human}`);
   console.log(`Storage:   ${storage.total_human || '0 B'}`);
   console.log(`Ready:     ${result.ready ? 'yes' : 'no'}`);
@@ -1795,19 +1839,31 @@ async function doctor(args) {
   if (!result.harness_guard.ok) console.log('Harness guard failed. Run: sks setup from a real terminal, then sks guard check.');
   if (!result.versioning.ok) console.log('Versioning hook missing. Run: sks versioning hook, or sks doctor --fix.');
   if (!result.skills.ok) console.log(`Missing skills: ${result.skills.missing.join(', ')}. Run: sks setup`);
+  if (!result.global_skills.ok) console.log(`Missing global $ skills: ${result.global_skills.missing.join(', ')}. Run: npm i -g sneakoscope, or sks setup from a non-local-only run.`);
   if (!result.ready && !flag(args, '--fix')) console.log('Run: sks doctor --fix');
 }
 
-async function checkRequiredSkills(root) {
+async function checkRequiredSkills(root, skillRoot = path.join(root, '.agents', 'skills')) {
   const expected = Array.from(new Set([
     ...DOLLAR_SKILL_NAMES,
     ...RECOMMENDED_SKILLS
   ])).sort();
   const missing = [];
   for (const name of expected) {
-    if (!(await exists(path.join(root, '.agents', 'skills', name, 'SKILL.md')))) missing.push(name);
+    if (!(await exists(path.join(skillRoot, name, 'SKILL.md')))) missing.push(name);
   }
-  return { ok: missing.length === 0, expected, missing };
+  return { ok: missing.length === 0, root: skillRoot, expected, missing };
+}
+
+async function codexAppSkillReadiness(root = null) {
+  root ||= await projectRoot();
+  const project = await checkRequiredSkills(root);
+  const global = await checkRequiredSkills(null, globalCodexSkillsRoot());
+  return { ok: project.ok || global.ok, project, global };
+}
+
+function globalCodexSkillsRoot(home = process.env.HOME || os.homedir()) {
+  return path.join(home, '.agents', 'skills');
 }
 
 async function init(args) {
@@ -2317,11 +2373,14 @@ async function selftest() {
   await initProject(repairTmp, {});
   await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'team', 'SKILL.md'), 'tampered\n');
   await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'agent-team', 'SKILL.md'), '---\nname: agent-team\ndescription: Fallback Codex App picker alias for $Team.\n---\n');
+  await ensureDir(path.join(repairTmp, '.agents', 'skills', 'custom-keep'));
+  await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'custom-keep', 'SKILL.md'), '---\nname: custom-keep\ndescription: User custom skill, not generated by SKS.\n---\n');
   await writeTextAtomic(path.join(repairTmp, '.codex', 'skills', 'team', 'SKILL.md'), 'legacy mirror\n');
   await initProject(repairTmp, { force: true, repair: true });
   const repairedTeamSkill = await safeReadText(path.join(repairTmp, '.agents', 'skills', 'team', 'SKILL.md'));
   if (!repairedTeamSkill.includes('SKS Team multi-agent orchestration') || repairedTeamSkill.includes('tampered')) throw new Error('selftest failed: doctor repair did not regenerate team skill');
   if (await exists(path.join(repairTmp, '.agents', 'skills', 'agent-team', 'SKILL.md'))) throw new Error('selftest failed: doctor repair did not remove deprecated agent-team alias skill');
+  if (!(await exists(path.join(repairTmp, '.agents', 'skills', 'custom-keep', 'SKILL.md')))) throw new Error('selftest failed: doctor repair removed a user-owned custom skill');
   if (await exists(path.join(repairTmp, '.codex', 'skills', 'team', 'SKILL.md'))) throw new Error('selftest failed: doctor repair did not remove legacy .codex/skills');
   const conflictTmp = tmpdir();
   await ensureDir(path.join(conflictTmp, '.omx'));
@@ -2339,6 +2398,11 @@ async function selftest() {
   if (postinstallSetup.code !== 0) throw new Error(`selftest failed: postinstall setup exited ${postinstallSetup.code}: ${postinstallSetup.stderr}`);
   if (await exists(path.join(postinstallSetupTmp, '.agents', 'skills', 'agent-team', 'SKILL.md'))) throw new Error('selftest failed: postinstall installed deprecated agent-team fallback skill');
   if (!String(postinstallSetup.stdout || '').includes('Codex App project setup: installed')) throw new Error('selftest failed: postinstall did not report automatic Codex App setup');
+  if (!String(postinstallSetup.stdout || '').includes('Codex App global $ skills: installed')) throw new Error('selftest failed: postinstall did not report automatic global Codex App skills');
+  for (const { command } of DOLLAR_COMMANDS) {
+    const skillName = command.slice(1).toLowerCase();
+    if (!(await exists(path.join(postinstallSetupTmp, 'home', '.agents', 'skills', skillName, 'SKILL.md')))) throw new Error(`selftest failed: postinstall global ${command} skill not installed`);
+  }
   const guardBlocked = await checkHarnessModification(tmp, { tool_name: 'apply_patch', command: '*** Update File: .agents/skills/team/SKILL.md\n+tamper\n' });
   if (guardBlocked.action !== 'block') throw new Error('selftest failed: harness guard allowed skill tampering');
   const setupBlocked = await checkHarnessModification(tmp, { command: 'sks setup --force' });
@@ -2454,6 +2518,11 @@ async function selftest() {
   const shimDir = path.join(shimTmp, 'bin');
   const shimResult = await ensureSksCommandDuringInstall({ force: true, pathEnv: shimDir, home: shimTmp, target: path.join(packageRoot(), 'bin', 'sks.mjs'), nodeBin: process.execPath });
   if (shimResult.status !== 'created' || !(await exists(path.join(shimDir, process.platform === 'win32' ? 'sks.cmd' : 'sks')))) throw new Error('selftest failed: sks command shim not created');
+  const globalSkillsTmp = tmpdir();
+  const globalSkillsResult = await ensureGlobalCodexSkillsDuringInstall({ force: true, home: globalSkillsTmp });
+  if (globalSkillsResult.status !== 'installed') throw new Error(`selftest failed: global Codex App skills not installed: ${globalSkillsResult.status}`);
+  const globalSkillStatus = await checkRequiredSkills(globalSkillsTmp, path.join(globalSkillsTmp, '.agents', 'skills'));
+  if (!globalSkillStatus.ok) throw new Error(`selftest failed: global Codex App skills missing: ${globalSkillStatus.missing.join(', ')}`);
   const codexSkillMirrorExists = await exists(path.join(tmp, '.codex', 'skills', 'research-discovery', 'SKILL.md'));
   if (codexSkillMirrorExists) throw new Error('selftest failed: generated .codex/skills mirror still installed');
   const codexAppSkillExists = await exists(path.join(tmp, '.agents', 'skills', 'research-discovery', 'SKILL.md'));

package/src/core/fsx.mjs

@@ -5,7 +5,7 @@ import os from 'node:os';
 import crypto from 'node:crypto';
 import { spawn } from 'node:child_process';
 
-export const PACKAGE_VERSION = '0.6.37';
+export const PACKAGE_VERSION = '0.6.41';
 export const DEFAULT_PROCESS_TAIL_BYTES = 256 * 1024;
 export const DEFAULT_PROCESS_TIMEOUT_MS = 30 * 60 * 1000;
 

package/src/core/harness-conflicts.mjs

@@ -197,7 +197,6 @@ export async function repairSksGeneratedArtifacts(root, opts = {}) {
     '.codex/config.toml',
     '.codex/SNEAKOSCOPE.md',
     '.codex/agents',
-    '.agents/skills',
     '.codex/skills',
     '.sneakoscope/manifest.json',
     '.sneakoscope/policy.json',

package/src/core/init.mjs

@@ -83,109 +83,7 @@ function isSksManagedHook(hook) {
   return hook.type === 'command' && /\bhook\s+(?:user-prompt-submit|pre-tool|post-tool|permission-request|stop)\b/.test(command) && /\b(?:sks|sneakoscope|sks\.mjs)\b/.test(command);
 }
 
-const AGENTS_BLOCK = `
-# Sneakoscope Codex Managed Rules
-
-This repository uses Sneakoscope Codex.
-
-## Ralph No-Question Rule
-
-Ralph may ask questions only during prepare. After decision-contract.json is sealed and Ralph run starts, the assistant must not ask the user questions, request confirmation, or present choices. Resolve using the decision ladder.
-
-## Performance and Retention
-
-Sneakoscope Codex keeps runtime state bounded. Do not write large raw logs into prompts. Store raw outputs in files, keep only tails/summaries in JSON, and allow sks gc to remove old arenas, temp files, and stale mission logs.
-
-## Update Check Before Work
-
-Before any substantive work, SKS hooks check whether the installed SKS package is behind the latest published package. If an update is available, ask the user to choose between updating now and skipping the update for this conversation only. If the user skips, continue the current conversation without asking again, but check again in the next conversation. If the user accepts, update SKS, rerun setup/doctor, then continue the original task.
-
-## Project Versioning
-
-SKS manages the worker project's package version through a managed Git pre-commit hook. Every commit in a project with \`package.json\` gets a patch version bump in the same commit, with \`package-lock.json\` and \`npm-shrinkwrap.json\` kept in sync when present. The version guard uses a lock in the Git common directory so parallel workers or multiple worktrees do not reuse the same version. Check with \`sks versioning status\`; bypass only for exceptional maintenance with \`SKS_DISABLE_VERSIONING=1\`.
-
-## Harness Self-Protection
-
-After setup, installed Sneakoscope harness control files are immutable to LLM tool edits. Do not edit \`.codex/hooks.json\`, \`.codex/config.toml\`, \`.codex/SNEAKOSCOPE.md\`, \`.agents/skills/\`, \`.codex/agents/\`, \`.sneakoscope/manifest.json\`, \`.sneakoscope/policy.json\`, \`.sneakoscope/db-safety.json\`, \`.sneakoscope/harness-guard.json\`, \`AGENTS.md\`, or \`node_modules/sneakoscope\` from the agent. SKS hooks block direct writes and SKS maintenance commands from LLM tool calls. The only automatic exception is the Sneakoscope engine source repository itself, detected by \`package.json\` name \`sneakoscope\` plus \`bin/sks.mjs\` and \`src/core/*\`.
-
-## Other Harness Conflict Gate
-
-Before installing, setting up, or repairing SKS, check for incompatible Codex harnesses such as OMX or DCodex. OMX is a hard blocker. If another harness is found, SKS setup/doctor must stop and show \`sks conflicts prompt\`. Cleanup requires explicit human approval and should be performed by an LLM operator in Codex App using GPT-5.5 high mode. If the human does not approve cleanup, SKS cannot be installed in that environment.
-
-## Honest Mode Completion
-
-Do not stop at a plan when implementation was requested. Continue until the stated goal is actually handled or a hard blocker is explicitly reported. Before the final answer, run SKS Honest Mode: re-check the goal, evidence, tests, risk boundaries, and remaining gaps. The final answer must be honest about what passed, what was not verified, and whether the goal is genuinely complete.
-
-## Evaluation
-
-When a task claims performance, token, accuracy, context-compression, or workflow improvement, produce evidence with sks eval run or sks eval compare. Do not claim live model accuracy unless the run used an explicitly scored task dataset; otherwise call it an evidence-weighted accuracy proxy.
-
-## Research Mode
-
-When the user asks for research, new discoveries, hypothesis generation, frontier exploration, or deep investigation, use SKS Research Mode. Research must produce candidate insights, falsification attempts, a novelty ledger, and testable next experiments. Do not present a breakthrough claim unless it is explicitly marked with evidence, confidence, falsifiers, and uncertainty.
-
-## AutoResearch Loop
-
-For open-ended improvement, discovery, prompt, evaluation, ranking, SEO/GEO, or workflow-quality tasks, use the SKS AutoResearch loop inspired by iterative hypothesis search: define a program, choose a metric, run the smallest useful experiment, keep or discard the result, record the ledger, falsify the best candidate, and repeat within budget. Do not claim an improvement without evidence.
-
-## Team Orchestration
-
-When the user invokes Team mode, \`$Team\`, or a general implementation/code-changing prompt, default to Codex multi-agent orchestration: parallel analysis scouts, TriWiki refresh, read-only debate, then a fresh parallel executor team. Answer, DFix, Help, Wiki maintenance, and safety-specific routes are lightweight exceptions. TriWiki is not one-time setup: before each stage read \`.sneakoscope/wiki/context-pack.json\`; hydrate low-trust claims from source/hash/RGBA anchors; refresh or pack after scout, debate, consensus, implementation, review, or blockers; validate before handoff/final claims. Role counts like \`executor:5 reviewer:2 user:1\` create exactly N \`analysis_scout_N\`, N debate participants, and a separate N-person \`executor_N\` team. Scouts split repo, docs, tests, API, DB-risk, UX-friction, and implementation surfaces. Debate is read-only and includes stubborn users, capable executors, strict reviewers, and planners. Close debate agents once the objective is sealed, refresh/validate TriWiki, then launch disjoint executor slices in parallel. The parent orchestrates, integrates, verifies, and records useful scout/debate/handoff/review lines with \`sks team event <mission-id|latest> --agent <name> --phase <phase> --message "..."\`. Do not let subagents bypass SKS hooks or destructive DB safety.
-
-## Code-Changing Execution
-
-For code-changing work, first surface SKS route, guard, write scopes, and verification. General implementation prompts route to Team by default, then split independent write scopes across worker subagents. The parent assigns ownership, keeps urgent blockers local, integrates, and verifies. Subagents must not bypass DB safety, harness guard, Ralph, Context7, H-Proof, or Honest Mode.
-
-## Design Execution
-
-When creating or editing UI/UX, always look for \`design.md\` first. If it does not exist, use the local design-system-builder skill to create it from \`docs/Design-Sys-Prompt.md\`; that flow must use the Codex plan tool to remove ambiguity and recommend a default font choice before implementation. When \`design.md\` exists, use the design-ui-editor skill plus the local design artifact skill, follow the design guidelines exactly, and verify the rendered result. Any image, logo, raster, or bitmap asset generation must use the Codex \`imagegen\` skill.
-
-## Prompt Optimization Pipeline
-
-Every prompt starts with intent classification. Answer-only uses TriWiki/web/Context7 when useful plus Honest Mode, then direct reply. DFix uses its ultralight task list. General execution/code-changing prompts default to Team unless a more specific safety/research/DB/GX route applies. Extract intent, target surface, constraints, acceptance criteria, risks, and the smallest safe path before acting.
-
-## Intent Inference And Clarification
-
-The default stance is strong intent inference: when the user speaks roughly, infer the likely goal from local context, repo conventions, current route state, and prior artifacts. Do not ask lazy discovery questions. However, ambiguity removal is mandatory when a missing answer can change the target, scope, safety boundary, data risk, irreversible operation, user-facing behavior, or acceptance criteria. Ask the smallest set of concrete questions, then seal the inferred contract before implementation.
-
-## Reasoning Effort Routing
-
-Use temporary route-specific reasoning only. Simple fulfillment uses medium, any logical/safety/orchestration work uses high, and research or experiment loops use xhigh. Do not persist profile changes; return to the default or user-selected profile when the route gate passes.
-
-## Context7 MCP Requirement
-
-When work depends on external libraries, frameworks, APIs, MCPs, package managers, DB SDKs, or generated documentation, use Context7 MCP before completion. The required evidence flow is resolve-library-id followed by query-docs (or legacy get-library-docs). SKS PostToolUse records these calls in context7-evidence.jsonl, and Stop hooks block required routes until evidence exists. Pure command discovery and simple $DFix copy/color/spacing edits do not require Context7.
-
-## LLM Wiki Continuity
-
-TriWiki is the context-tracking SSOT for long-running missions, Team handoffs, and context-pressure recovery. It is anchor-first, not lossy-summary-first. Use relevant TriWiki context at every work stage, not only at the beginning: read the pack before a stage, hydrate low-trust claims during the stage, refresh after new findings or artifact changes, and validate before handoffs/final claims. Important claims, visual nodes, policy facts, and evidence pointers should receive deterministic RGBA wiki coordinates: R maps to domain angle, G maps to layer radius through sine, B maps to phase angle, and A maps to concentration/confidence. Use those trigonometric coordinates to preserve stable retrieval anchors across turns. Selected claims may be pasted as text, but non-selected claims must remain hydratable through id, hash, source path, and RGBA coordinate anchors instead of disappearing from the workflow. Refresh with \`sks wiki refresh\` or \`sks wiki pack\` and validate with \`sks wiki validate .sneakoscope/wiki/context-pack.json\` whenever route continuity, stage context, source evidence, or handoff context changes.
-
-## Dollar Commands
-
-Codex App users may invoke local SKS modes with skill-style dollar commands. \`$DFix\` is the fast design/content fix route for small changes such as text color, copy edits, label changes, spacing tweaks, or translating visible text. \`$DFix\` bypasses the general SKS prompt pipeline and runs an ultralight task-list path: list the exact micro-edits, inspect only needed files, apply only those edits, and run only cheap verification when useful.
-
-## Codex App Usage
-
-When this repository is opened in Codex App, use the local Sneakoscope files as the app control surface. Read \`.codex/SNEAKOSCOPE.md\` for the quick reference, load project skills from \`.agents/skills\` when applicable, and use the generated \`.codex/hooks.json\` hooks for DB safety, no-question Ralph runs, retention, and done-gate enforcement.
-
-## Source Priority
-
-1. Current code, tests, config
-2. decision-contract.json
-3. vgraph.json
-4. beta.json
-5. GX render/snapshot metadata
-6. LLM Wiki coordinate index
-7. model knowledge only if explicitly allowed
-
-## Database Safety
-
-Sneakoscope Codex treats database access as high risk. Destructive database operations are never allowed: DROP, TRUNCATE, mass DELETE/UPDATE, reset, push, repair, project deletion, branch reset/merge/delete, RLS disabling, broad grants/revokes, and any operation that could erase or overwrite data. Supabase/Postgres MCP should be read-only and project-scoped by default. Live database writes must not be performed through direct execute_sql; schema changes must be migration-file based and allowed only for local or preview/branch environments by the sealed contract.
-
-## Done Means
-
-A task is not done until relevant tests are run or justified, unsupported critical claims are zero, database safety violations are zero, visual/wiki drift is low or explicitly accepted, and final output includes evidence.
-`;
+const AGENTS_BLOCK = "\n# Sneakoscope Codex Managed Rules\n\nThis repository uses Sneakoscope Codex.\n\n## Core Rules\n\n- Ralph asks only during prepare. After `decision-contract.json` is sealed, do not ask the user; resolve with the decision ladder.\n- Keep runtime state bounded: raw logs go to files, prompts get tails/summaries, and `sks gc` may prune stale artifacts.\n- Before substantive work, SKS checks npm for a newer package. If newer, ask update-now vs skip-for-this-conversation.\n- Versioning is managed by the SKS pre-commit hook; check `sks versioning status`. Bypass only with `SKS_DISABLE_VERSIONING=1`.\n- Installed harness files are immutable to LLM edits: `.codex/*`, `.agents/skills/`, `.codex/agents/`, `.sneakoscope/*policy*.json`, `AGENTS.md`, and `node_modules/sneakoscope`. The Sneakoscope engine source repo is the only automatic exception.\n- OMX/DCodex conflicts block setup/doctor. Show `sks conflicts prompt`; cleanup requires explicit human approval.\n- Do not stop at a plan when implementation was requested. Finish, verify, or report the hard blocker.\n\n## Routes\n\n- General execution/code-changing prompts default to `$Team`: analysis scouts, TriWiki refresh/validate, read-only debate, consensus, fresh executor team, review, integration, Honest Mode.\n- `$DFix` is only for tiny design/content edits and bypasses the main pipeline. `$Answer`, `$Help`, and `$Wiki` stay lightweight.\n- For code work, surface route/guard/write scopes first, split independent worker scopes when available, and keep parent-owned integration and verification.\n- Design work reads `design.md`; if missing, use `design-system-builder`. Image/logo/raster assets use `imagegen`.\n- Research, AutoResearch, performance, token, accuracy, SEO/GEO, or workflow-improvement claims need experiment/eval evidence. Do not claim live model accuracy without a scored dataset.\n\n## Evidence And Context\n\n- Context7 is required for external libraries, APIs, MCPs, package managers, DB SDKs, and generated docs: resolve-library-id then query-docs.\n- TriWiki is the context-tracking SSOT for long-running missions, Team handoffs, and context-pressure recovery. Read `.sneakoscope/wiki/context-pack.json` before each stage, hydrate low-trust claims from source/hash/RGBA anchors, refresh after findings or artifact changes, and validate before handoffs/final claims.\n- Source priority: current code/tests/config, decision contract, vgraph, beta, GX render/snapshot metadata, LLM Wiki coordinate index, then model knowledge only if allowed.\n- Honest Mode before final: re-check goal, evidence, tests, risk boundaries, and remaining gaps. Say what passed and what was not verified.\n\n## Safety\n\n- Database access is high risk. Use read-only inspection by default; live data mutation is out of scope unless a sealed contract allows local or branch-only migration files.\n- Task completion requires relevant tests or justification, zero unsupported critical claims, accepted visual/wiki drift, and final evidence.\n\n## Codex App\n\nUse `.codex/SNEAKOSCOPE.md`, generated `.agents/skills`, `.codex/hooks.json`, and SKS dollar commands (`$sks`, `$team`, `$dfix`, `$qa-loop`, etc.) as the app control surface.\n";
 
 export async function initProject(root, opts = {}) {
   const created = [];
@@ -666,13 +564,13 @@ Hooks route Codex App events through SKS guards; status messages show checks, wh
 `;
 }
 
-async function installSkills(root) {
+export async function installSkills(root) {
   const skills = {
-    'dfix': `---\nname: dfix\ndescription: Ultralight fast design/content fix mode for $DFix or $dfix requests and inferred simple edits such as text color, copy, labels, spacing, or translation.\n---\n\nYou are running SKS DFix mode.\n\nPurpose:\n- Bypass the general SKS prompt pipeline for small design/content requests.\n- Convert the request into a tiny task list, then execute only those tasks.\n- Use for requests like 글자 색 바꿔줘, 내용을 영어로 바꿔줘, button label 수정, spacing 조정, copy replacement, simple style tweaks.\n\nUltralight loop:\n1. List the exact micro-edits implied by the request.\n2. Inspect only the files needed to locate those targets.\n3. Apply only the listed edits.\n4. Run only cheap verification when useful.\n5. Final response should be short: what changed and any verification.\n\nRules:\n- Do not enter the general prompt pipeline, mission workflow, ambiguity gate, TriWiki refresh, Context7 routing, subagent orchestration, Ralph, Research, eval, or broad redesign.\n- Do not ask for more requirements when the target can be inferred from local context.\n- For UI/UX micro-edits, read \`design.md\` when present and preserve the existing design system and component patterns.\n- If \`design.md\` is missing and the change requires design judgment instead of a tiny mechanical edit, reroute to design-system-builder before editing.\n- Use imagegen for any image/logo/raster asset.\n`,
-    'answer': `---\nname: answer\ndescription: Answer-only research route for ordinary questions that should not start implementation.\n---\n\nUse when the user is asking for an explanation, comparison, status, facts, source-backed research, or documentation guidance rather than asking you to change files or run work.\n\nEvidence flow:\n1. Use current repo files and TriWiki first when the answer is project-local.\n2. Hydrate low-trust wiki claims from source paths before relying on them.\n3. Use web search for current, external, or uncertain facts when browsing is available or the user asks for latest/source-backed information.\n4. Use Context7 resolve-library-id plus query-docs when the answer depends on package, API, framework, SDK, MCP, or generated documentation behavior.\n5. End with Honest Mode fact-checking: separate verified facts, source-backed inferences, and uncertainty.\n\nRules:\n- Do not create route mission state, ambiguity-gate questions, subagents, Team handoffs, Ralph, Research loops, eval loops, or file edits.\n- If the prompt turns out to request implementation, state the reroute and use the proper execution pipeline.\n`,
+    'dfix': `---\nname: dfix\ndescription: Ultralight fast design/content fix mode for $DFix or $dfix requests and inferred simple edits such as text color, copy, labels, spacing, or translation.\n---\n\nUse for tiny copy/color/label/spacing/translation edits. List exact micro-edits, inspect only needed files, apply only those edits, and run cheap verification. Bypass broad SKS routing, Ralph, Research, eval, and redesign. Read \`design.md\` for UI work when present; use imagegen for image/logo/raster assets.\n`,
+    'answer': `---\nname: answer\ndescription: Answer-only research route for ordinary questions that should not start implementation.\n---\n\nUse for explanations, comparisons, status, facts, source-backed research, or docs guidance. Use repo/TriWiki first for project-local facts; hydrate low-trust claims from source. Browse or use Context7 for current external package/API/framework/MCP docs. End with Honest Mode; do not create missions, subagents, or file edits.\n`,
     'sks': `---\nname: sks\ndescription: General Sneakoscope Codex command route for $SKS or $sks usage, setup, status, and workflow help.\n---\n\nUse the local SKS control surface. Prefer discovery commands for availability questions: sks commands, sks usage <topic>, sks quickstart, sks codex-app, sks context7 check, sks guard check, sks conflicts check, sks reasoning, sks wiki pack, and sks pipeline status. If implementation or code-changing work is requested through $SKS or rough natural language, promote it to Team by default unless Answer, DFix, Help, Wiki maintenance, or a safety-specific route applies. Surface route/guard/write-scope status, then use worker subagents for independent scopes; parent integrates and verifies. Context tracking uses TriWiki as SSOT. Do not edit installed harness control files except in this engine source repo. Harness conflicts require sks conflicts prompt and human-approved cleanup.\n`,
     'wiki': `---\nname: wiki\ndescription: Dollar-command route for $Wiki TriWiki refresh, pack, validate, and prune commands.\n---\n\nUse for $Wiki or Korean wiki-refresh requests. Refresh/update/갱신: run sks wiki refresh, then validate .sneakoscope/wiki/context-pack.json. Pack: run sks wiki pack, then validate. Prune/clean/정리: use sks wiki refresh --prune, or sks wiki prune --dry-run for inspection. Report claims, anchors, trust, validation, and blockers. Do not start ambiguity-gated implementation, subagents, or unrelated work.\n`,
-    'team': `---\nname: team\ndescription: SKS Team multi-agent orchestration for $Team and default implementation/code-changing routes.\n---\n\nUse for $Team/$team, rough implementation prompts, code-changing work, team-of-agents, or parallel specialist implementation. Answer, DFix, Help, Wiki maintenance, and safety-specific routes are intentional exceptions.\n\nWorkflow:\n1. Mandatory ambiguity gate first: ask generated questions, write answers.json, run sks pipeline answer latest answers.json, then start Team work.\n2. Role counts: executor:5 reviewer:2 user:1. executor:N means N read-only analysis_scout_N agents, N debate participants, then a separate N-person executor team. --agents/--sessions/--team-size are aliases; --max-agents uses 6.\n3. Scouts split repo/docs/tests/API/DB-risk/UX/implementation slices and return source-backed team-analysis.md findings.\n4. Refresh/validate TriWiki before debate, implementation, review, and final claims.\n5. Debate seals one objective and disjoint slices; close debate agents before a fresh executor_N development team starts parallel work.\n6. Mirror useful scout/debate/handoff/review/integration events with sks team event <mission-id|latest> --agent <name> --phase <phase> --message \"...\".\n\nLive files: team-analysis.md, team-live.md, team-transcript.jsonl, team-dashboard.json, team-gate.json. Parent orchestrates, integrates, verifies, and never bypasses SKS gates.\n`,
+    'team': `---\nname: team\ndescription: SKS Team multi-agent orchestration for $Team and default implementation/code-changing routes.\n---\n\nUse for $Team/$team, implementation, code-changing, or parallel specialist work. Ambiguity gate first, then exactly requested role counts: executor:N creates N scouts, N debate participants, and a fresh N-person executor team. Split repo/docs/tests/API/risk/UX slices, refresh/validate TriWiki before debate, implementation, review, and final claims, and mirror useful events with sks team event. Parent integrates and verifies.\n`,
     'qa-loop': `---\nname: qa-loop\ndescription: Dollar-command route for $QA-LOOP UI/API E2E verification with ambiguity questions, safety gates, Browser Use/Computer Use evidence, and a QA report.\n---\n\nUse only $QA-LOOP. Start with mandatory QA questions: UI/API/both, local vs deployed target, mutation policy, login need. Credentials are test-only runtime input; never save secrets, cookies, auth state, or secret screenshots. UI E2E requires Browser Use or Computer Use evidence, otherwise mark it unverified. Deployed targets are read-only smoke by default; destructive removal tests are forbidden. After answers seal, run sks qa-loop answer/run, complete qa-ledger.json, qa-report.md, qa-gate.json, and Honest Mode.\n`,
     'ralph': `---\nname: ralph\ndescription: Dollar-command route for $Ralph or $ralph mandatory clarification and no-question mission workflows.\n---\n\nUse when the user invokes $Ralph/$ralph or requests a clarification-gated autonomous implementation mission. Prepare with sks ralph prepare, answer/seal required slots when answers are provided, then run only after decision-contract.json exists.\n`,
     'research': `---\nname: research\ndescription: Dollar-command route for $Research or $research frontier discovery workflows.\n---\n\nUse when the user invokes $Research/$research or asks for research, hypotheses, new mechanisms, falsification, or testable predictions. Prefer sks research prepare and sks research run. Do not use for ordinary code edits.\n`,
@@ -680,28 +578,28 @@ async function installSkills(root) {
     'db': `---\nname: db\ndescription: Dollar-command route for $DB or $db database and Supabase safety checks.\n---\n\nUse when the user invokes $DB/$db or the task touches SQL, Supabase, Postgres, migrations, Prisma, Drizzle, Knex, MCP database tools, or production data. Run or follow sks db policy, sks db scan, sks db classify, and sks db check. Destructive database operations remain forbidden.\n`,
     'gx': `---\nname: gx\ndescription: Dollar-command route for $GX or $gx deterministic GX visual context cartridges.\n---\n\nUse when the user invokes $GX/$gx or asks for architecture/context visualization through SKS. Prefer sks gx init, render, validate, drift, and snapshot. vgraph.json remains the source of truth.\n`,
     'help': `---\nname: help\ndescription: Dollar-command route for $Help or $help explaining installed SKS commands and workflows.\n---\n\nUse when the user invokes $Help/$help or asks what commands exist. Prefer concise output from sks commands, sks usage <topic>, sks quickstart, sks aliases, and sks codex-app.\n`,
-    'prompt-pipeline': `---\nname: prompt-pipeline\ndescription: Default SKS prompt optimization pipeline for execution prompts; Answer and DFix bypass it.\n---\n\nEvery prompt starts with intent classification. $Answer handles questions; $DFix handles tiny design/content edits. General implementation/code-changing routes default to Team, unless a more specific safety/research/DB/GX route applies. Execution routes infer goal, target surface, constraints, acceptance criteria, risk, and smallest safe route, then run the mandatory ambiguity gate before implementation.\n\nAsk generated questions, write answers.json, and seal with sks pipeline answer latest answers.json. Ralph uses sks ralph answer latest answers.json. Do not execute, spawn Team scouts, touch DB, or edit code before the gate passes.\n\nFor code-changing work, surface route/guard/write scopes, then use Team worker subagents for independent non-overlapping scopes; parent owns integration, tests, DB safety, harness guard, Context7, H-Proof, and Honest Mode.\n\nDesign routing:\n- UI/UX work must read \`design.md\` first.\n- If \`design.md\` is missing, use design-system-builder with plan-tool ambiguity removal and a default font recommendation before UI implementation.\n- If \`design.md\` exists, use design-ui-editor and design-artifact-expert for design-system-conformant edits and rendered verification.\n- Image, logo, raster, and bitmap assets must use imagegen.\n\nContext continuity:\n- TriWiki context-tracking SSOT is .sneakoscope/wiki/context-pack.json.\n- Use relevant TriWiki context before every route stage.\n- Hydrate low-trust/stale claims from source path/hash/RGBA anchor before relying on them.\n- Run \`sks wiki refresh\` or \`sks wiki pack\` after findings/artifact changes.\n- Validate with \`sks wiki validate .sneakoscope/wiki/context-pack.json\` before handoffs and final claims.\n`,
+    'prompt-pipeline': `---\nname: prompt-pipeline\ndescription: Default SKS prompt optimization pipeline for execution prompts; Answer and DFix bypass it.\n---\n\nClassify intent first. $Answer handles questions; $DFix handles tiny design/content edits; implementation defaults to Team unless a specific safety/research/GX route applies. Infer goal, target, constraints, acceptance criteria, risk, and smallest safe route, then ask generated questions and seal with sks pipeline answer latest answers.json before execution.\n\nFor code work, surface route/guard/scopes, use Team workers for independent scopes, and keep parent-owned integration, tests, Context7, H-Proof, and Honest Mode.\n\nDesign routing: read \`design.md\` first; if missing use design-system-builder with plan-tool ambiguity removal and a default font recommendation; if present use design-ui-editor/design-artifact-expert. Image, logo, raster, and bitmap assets must use imagegen.\n\nContext continuity: TriWiki context-tracking SSOT is .sneakoscope/wiki/context-pack.json. Use relevant TriWiki context before every route stage, hydrate low-trust/stale source/hash/RGBA claims, run \`sks wiki refresh\` or \`sks wiki pack\` after findings/artifact changes, and validate with \`sks wiki validate .sneakoscope/wiki/context-pack.json\` before handoffs and final claims.\n`,
     'reasoning-router': `---\nname: reasoning-router\ndescription: Temporary SKS reasoning-effort routing for every command and pipeline route.\n---\n\nUse medium for simple fulfillment such as copy, color, command discovery, setup display, or mechanical edits. Use high for any logical, safety, architecture, database, orchestration, refactor, or multi-file implementation work. Use xhigh for research, AutoResearch, hypotheses, falsification, benchmarks, SEO/GEO experiments, and open-ended discovery.\n\nRules:\n- Treat the routing as temporary for the current route only.\n- Do not persist profile changes.\n- Return to the default or user-selected profile when the route gate passes.\n- Inspect with sks reasoning \"prompt\" and sks pipeline status.\n`,
-    'pipeline-runner': `---\nname: pipeline-runner\ndescription: Execute SKS dollar-command routes as stateful pipelines with mission artifacts, route gates, Context7 evidence, temporary reasoning routing, and Honest Mode.\n---\n\nEvery $ command is a route, not decorative context. Use the active route state in .sneakoscope/state/current.json, write route artifacts under .sneakoscope/missions/<id>/, and do not finish until the route stop gate passes or a hard blocker is recorded with evidence.\n\nAtomic loop:\n1. Load the route skill and required supporting skills.\n2. Apply temporary reasoning routing: medium for simple work, high for logical work, xhigh for research.\n3. Before each route stage, read relevant TriWiki context from .sneakoscope/wiki/context-pack.json and hydrate low-trust claims from source before relying on them.\n4. Before code edits, surface visible SKS route/guard/write-scope status, then spawn worker subagents by default for independent write scopes; keep immediate blockers local.\n5. Execute exactly the next useful atomic action.\n6. Record evidence in the mission artifact named by the route, then refresh or pack TriWiki when new findings/artifact changes should affect later stages.\n7. Respect harness self-protection: never edit installed SKS control files, generated skills, hooks, policy, AGENTS.md, or node_modules/sneakoscope from an LLM tool call.\n8. Re-check Context7 evidence when required.\n9. Validate TriWiki before handoffs/final claims, re-check the stop gate before final output, and return to the default profile.\n\nUse \`sks pipeline status\` for the current route and \`sks pipeline resume\` for the next action hint.\n`,
-    'context7-docs': `---\nname: context7-docs\ndescription: Enforce Context7 MCP documentation evidence for SKS routes that depend on external libraries, frameworks, APIs, MCPs, package managers, DB SDKs, or generated docs.\n---\n\nWhen Context7 is required:\n- Use Context7 resolve-library-id for the relevant package/API.\n- Then use Context7 query-docs for the resolved id. Legacy Context7 get-library-docs evidence is also accepted.\n- Prefer the local stdio MCP path: sks context7 tools, sks context7 resolve, sks context7 docs, or sks context7 evidence.\n- Let SKS PostToolUse record both events in context7-evidence.jsonl.\n- Do not mark the route complete until both stages are present.\n\nCheck project setup with \`sks context7 check\`. The default project-local MCP lives in .codex/config.toml as npx -y @upstash/context7-mcp@latest.\n`,
-    'seo-geo-optimizer': `---\nname: seo-geo-optimizer\ndescription: SEO/GEO support for README, npm, GitHub, keywords, snippets, schema, and AI-search visibility.\n---\n\nUse for SEO, GEO, GitHub stars, npm discoverability/downloads, package keywords, README ranking, AI search, schema markup, or search snippets.\n\nRules:\n- Load Context7 first when package, npm, GitHub, framework, API, or generated-doc behavior matters.\n- Optimize concrete surfaces: README, package.json, docs, badges, npm metadata, GitHub topics, quickstart, examples, and command discovery.\n- Improve exact package name, command name, audience, use cases, keywords, install path, AI Answer Snapshot, and supportable examples.\n- Do not invent downloads, stars, benchmarks, compatibility, or ranking impact.\n- Route SEO/GEO work through $AutoResearch unless it is only a tiny copy edit.\n`,
-    'honest-mode': `---\nname: honest-mode\ndescription: Required final SKS verification pass before claiming a task is complete.\n---\n\nUse before every final answer.\n\nChecklist:\n- Restate the actual user goal in one sentence.\n- Verify the implemented result against that goal.\n- List tests, commands, screenshots, or inspections that prove it.\n- State any missing verification, uncertainty, or hard blocker plainly.\n- Do not claim complete if the evidence does not support it.\n- If implementation was requested, do not stop at a plan.\n\nThe final response should include a concise SKS Honest Mode or 솔직모드 note when the hook requires it.\n`,
-    'autoresearch-loop': `---\nname: autoresearch-loop\ndescription: Iterative AutoResearch-style loop for open-ended improvement, discovery, prompt, ranking, SEO/GEO, and workflow-quality tasks.\n---\n\nUse when the task asks for research, better ranking, SEO/GEO, prompt or workflow improvement, benchmark gains, non-obvious ideas, or repeated refinement.\n\nLoop:\n1. Program: define the objective, constraints, and budget.\n2. Hypothesis: propose one concrete change or experiment.\n3. Experiment: run the smallest local or documented check that can falsify it.\n4. Measure: record the metric, evidence, and artifact paths.\n5. Decision: keep, discard, or revise the hypothesis.\n6. Falsify: actively search for why the result could be wrong.\n7. Next: choose the next experiment or stop with an honest conclusion.\n\nRules:\n- Prefer small decisive experiments over broad speculation.\n- Keep a ledger in the mission/report when relevant.\n- Do not claim improvement without evidence.\n- End with Honest Mode: what improved, what did not, what remains unverified.\n`,
+    'pipeline-runner': `---\nname: pipeline-runner\ndescription: Execute SKS dollar-command routes as stateful pipelines with mission artifacts, route gates, Context7 evidence, temporary reasoning routing, and Honest Mode.\n---\n\nEvery $ command is a route. Use .sneakoscope/state/current.json, route artifacts under .sneakoscope/missions/<id>/, temporary reasoning routing, TriWiki context before stages, source hydration for low-trust claims, Context7 when required, and Honest Mode before final. Surface guard/scopes before edits, record evidence, refresh/pack/validate TriWiki, and use sks pipeline status/resume for current state.\n`,
+    'context7-docs': `---\nname: context7-docs\ndescription: Enforce Context7 MCP documentation evidence for SKS routes that depend on external libraries, frameworks, APIs, MCPs, package managers, DB SDKs, or generated docs.\n---\n\nWhen required, resolve-library-id, then query-docs for the resolved id. Legacy get-library-docs evidence is accepted. Prefer sks context7 tools/resolve/docs/evidence and finish only after both evidence stages exist. Check setup with sks context7 check.\n`,
+    'seo-geo-optimizer': `---\nname: seo-geo-optimizer\ndescription: SEO/GEO support for README, npm, GitHub, keywords, snippets, schema, and AI-search visibility.\n---\n\nUse for SEO/GEO, package metadata, README ranking, snippets, schema, and AI search. Optimize README, package.json, docs, badges, topics, quickstart, examples, command discovery, exact names, keywords, and AI Answer Snapshot. Do not invent metrics; use $AutoResearch unless it is a tiny copy edit.\n`,
+    'honest-mode': `---\nname: honest-mode\ndescription: Required final SKS verification pass before claiming a task is complete.\n---\n\nBefore final: restate the goal, compare result to evidence, list tests/commands/inspections, state uncertainty or blockers plainly, and do not claim completion beyond evidence. Include concise SKS Honest Mode or 솔직모드 when required.\n`,
+    'autoresearch-loop': `---\nname: autoresearch-loop\ndescription: Iterative AutoResearch-style loop for open-ended improvement, discovery, prompt, ranking, SEO/GEO, and workflow-quality tasks.\n---\n\nUse for research, ranking, prompt/workflow improvement, benchmark gains, or repeated refinement. Loop: program, hypothesis, smallest falsifying experiment, metric, keep/discard, falsify, next step. Keep a ledger and do not claim improvement without evidence.\n`,
     'ralph-supervisor': `---\nname: ralph-supervisor\ndescription: Run the Ralph no-question loop after a decision contract is sealed.\n---\n\nYou are the Ralph Supervisor.\n\nRules:\n- Never ask the user during Ralph run.\n- Use decision-contract.json and the decision ladder.\n- Continue until done-gate.json passes or safe scope is completed with explicit limitation.\n- Keep outputs bounded. Write raw logs to files and summarize only tails.\n- Database destructive operations are never allowed.\n- Write progress to .sneakoscope mission files.\n`,
     'ralph-resolver': `---\nname: ralph-resolver\ndescription: Resolve newly discovered ambiguity during Ralph using the sealed decision ladder, without asking the user.\n---\n\nResolve ambiguity in this order: seed contract, explicit answers, approved defaults, AGENTS.md, current code/tests, smallest reversible change, defer optional scope. Never ask the user. If database risk is involved, prefer read-only, no-op, local-only migration file, or safe limitation; never run destructive SQL.\n`,
     'hproof-claim-ledger': `---\nname: hproof-claim-ledger\ndescription: Extract atomic claims and classify support status.\n---\n\nEvery factual statement must become an atomic claim. Unsupported critical claims cannot be used for implementation or final answer. Database claims require DB safety evidence.\n`,
     'hproof-evidence-bind': `---\nname: hproof-evidence-bind\ndescription: Bind claims to code, tests, decision contract, vgraph, beta, wiki, or GX render evidence.\n---\n\nEvidence priority: current code/tests, decision-contract.json, vgraph.json, beta.json, GX snapshot/render metadata, LLM Wiki coordinate index, user prompt. Database claims must respect .sneakoscope/db-safety.json. Wiki claims should carry id, hash, source path, and RGBA/trig coordinate anchors so they can be hydrated instead of treated as unsupported summaries.\n`,
     'db-safety-guard': `---\nname: db-safety-guard\ndescription: Enforce Sneakoscope Codex database safety before using SQL, Supabase MCP, Postgres, Prisma, Drizzle, Knex, or migration commands.\n---\n\nRules:\n- Never run DROP, TRUNCATE, mass DELETE/UPDATE, db reset, db push, project deletion, branch reset/merge/delete, or RLS-disabling operations.\n- Supabase MCP must be read-only and project-scoped by default.\n- Live writes through execute_sql are blocked; use migration files and only local/preview branches if explicitly allowed.\n- Production writes are forbidden.\n- If unsure, read-only only.\n`,
-    'gx-visual-generate': `---\nname: gx-visual-generate\ndescription: Render a deterministic SVG/HTML visual sheet from vgraph.json and beta.json.\n---\n\nUse sks gx render. Do not use external image generation. vgraph.json is the source of truth and the SVG embeds its source hash. GX renders also expose RGBA wiki-coordinate pixels/data attributes for nodes so visual context and LLM Wiki anchors share one coordinate system.\n`,
-    'gx-visual-read': `---\nname: gx-visual-read\ndescription: Read a Sneakoscope Codex deterministic visual sheet and produce context notes.\n---\n\nExtract nodes, edges, invariants, tests, risks, uncertainties, and RGBA wiki-coordinate anchors from vgraph.json, beta.json, render.svg, or snapshot.json. Do not infer hidden nodes.\n`,
-    'gx-visual-validate': `---\nname: gx-visual-validate\ndescription: Validate render metadata against vgraph.json and beta.json.\n---\n\nRun sks gx validate and sks gx drift. If critical nodes, edges, invariants, source hash, or wiki-coordinate anchors are missing or stale, mark validation failed.\n`,
-    'turbo-context-pack': `---\nname: turbo-context-pack\ndescription: Build ultra-low-token context packet with Q4 bits, Q3 tags, top-K claims, and minimal evidence.\n---\n\nDefault to Q4/Q3 plus TriWiki RGBA coordinate anchors. Add Q2 or Q1 text only when needed for support or verification. Non-selected claims should not disappear: keep id, hash, source path, RGBA key, and [domain, layer, phase, concentration] tuple so the harness can hydrate them later.\n`,
-    'research-discovery': `---\nname: research-discovery\ndescription: Run SKS Research Mode for frontier-style research, hypotheses, novelty ledgers, falsification, and experiments.\n---\n\nUse for research, frontier exploration, hypothesis generation, or non-obvious insights. Define discovery criteria, map assumptions/baselines, generate competing hypotheses, falsify aggressively, keep only surviving insights, and write novelty/confidence/falsifiers/next_experiment to novelty-ledger.json plus research-report.md. Do not claim breakthrough novelty without evidence and uncertainty.\n`,
-    'performance-evaluator': `---\nname: performance-evaluator\ndescription: Evaluate SKS performance, token-saving, accuracy-proxy, context-compression, or workflow improvements.\n---\n\nUse when claiming faster execution, smaller prompts, better context quality, or lower token cost. Run sks eval run or compare reports with sks eval compare. Report token_savings_pct, accuracy_delta, required_recall, unsupported_critical_selected, meaningful_improvement, and treat accuracy_proxy as context-quality evidence unless a scored dataset was used.\n`,
-    'imagegen': `---\nname: imagegen\ndescription: Required bridge to Codex image generation for logos, image assets, raster visuals, and image edits.\n---\n\nUse whenever a task needs a generated or edited image asset: logo, product image, illustration, texture, sprite, mockup, cutout, or bitmap visual. Load/follow the installed Codex system imagegen skill and use the image generation tool for the asset.\n\nRules:\n- Do not replace requested image assets with placeholder SVG/HTML/CSS.\n- Do not edit the system imagegen skill source.\n- For UI/UX, match \`design.md\` through design-system-builder or design-ui-editor.\n`,
-    'design-system-builder': `---\nname: design-system-builder\ndescription: Create design.md from docs/Design-Sys-Prompt.md when UI/UX work has no design system.\n---\n\nUse before UI/UX implementation when \`design.md\` is missing. Read \`docs/Design-Sys-Prompt.md\`, inspect product/UI context, then use the Codex plan tool to resolve ambiguity before writing \`design.md\`.\n\nRequired plan questions: product/audience/workflow; brand tone, density, platform, accessibility, fidelity; recommended default font first with tradeoff; existing UI kit, screenshots, Figma, brand assets, or code surfaces.\n\nOutput: \`design.md\` with typography/default font, color tokens, layout density, components, states, imagery, accessibility, and verification rules. Use imagegen for image assets. Do not edit UI until ambiguity is resolved or safely scoped.\n`,
-    'design-ui-editor': `---\nname: design-ui-editor\ndescription: Edit UI/UX using design.md and design-artifact-expert.\n---\n\nUse for every UI/UX edit after \`design.md\` exists. Read it first, inspect only relevant components/routes/screenshots/assets/tests, apply the smallest design-system-conformant change, use imagegen for any image/logo/raster asset, and verify render quality for overlap, readability, responsive fit, states, and AI-looking artifacts. If \`design.md\` is missing, stop and use design-system-builder first.\n`,
-    'design-artifact-expert': `---\nname: design-artifact-expert\ndescription: Create or revise high-fidelity HTML, UI, prototype, deck-like, or visual design artifacts with rendered verification.\n---\n\nUse for design, UI, prototype, HTML artifact, landing page, deck-like visual work, or refinement. Read \`design.md\` when present; if it is missing and the task needs UI/UX design judgment, use design-system-builder first. Inspect local code/assets/design context, build the actual usable artifact first, preserve relevant state, expose useful variants when helpful, and verify render quality. Use imagegen for any required image/logo/raster asset. Avoid overlap, unreadable controls, placeholder-only output, one-note palettes, and unmanaged visual drift.\n`
+    'gx-visual-generate': `---\nname: gx-visual-generate\ndescription: Render a deterministic SVG/HTML visual sheet from vgraph.json and beta.json.\n---\n\nUse sks gx render. vgraph.json is source of truth; renders embed source hash and RGBA wiki anchors.\n`,
+    'gx-visual-read': `---\nname: gx-visual-read\ndescription: Read a Sneakoscope Codex deterministic visual sheet and produce context notes.\n---\n\nExtract nodes, edges, invariants, tests, risks, uncertainties, and RGBA anchors from source/render/snapshot. Do not infer hidden nodes.\n`,
+    'gx-visual-validate': `---\nname: gx-visual-validate\ndescription: Validate render metadata against vgraph.json and beta.json.\n---\n\nRun sks gx validate and drift; fail stale or incomplete hashes, nodes, edges, invariants, or anchors.\n`,
+    'turbo-context-pack': `---\nname: turbo-context-pack\ndescription: Build ultra-low-token context packet with Q4 bits, Q3 tags, top-K claims, and minimal evidence.\n---\n\nDefault to Q4/Q3 plus TriWiki RGBA anchors; add Q2/Q1 only when needed. Keep id, hash, path, and coordinate tuple for hydration.\n`,
+    'research-discovery': `---\nname: research-discovery\ndescription: Run SKS Research Mode for frontier-style research, hypotheses, novelty ledgers, falsification, and experiments.\n---\n\nFrame criteria, map assumptions, generate hypotheses, falsify, keep surviving insights, and record novelty/confidence/falsifiers/next experiments. Do not overclaim.\n`,
+    'performance-evaluator': `---\nname: performance-evaluator\ndescription: Evaluate SKS performance, token-saving, accuracy-proxy, context-compression, or workflow improvements.\n---\n\nUse sks eval run/compare before claims. Report token_savings_pct, accuracy_delta/proxy, required_recall, support, and meaningful_improvement.\n`,
+    'imagegen': `---\nname: imagegen\ndescription: Required bridge to Codex image generation for logos, image assets, raster visuals, and image edits.\n---\n\nUse for generated or edited image assets: logo, product image, illustration, sprite, mockup, texture, cutout, or bitmap. Do not substitute placeholder SVG/HTML/CSS; follow design.md when relevant.\n`,
+    'design-system-builder': `---\nname: design-system-builder\ndescription: Create design.md from docs/Design-Sys-Prompt.md when UI/UX work has no design system.\n---\n\nWhen \`design.md\` is missing, read docs/Design-Sys-Prompt.md, inspect product/UI context, use the plan tool for ambiguity plus default font recommendation, then create tokens, components, states, imagery, accessibility, and verification rules. Use imagegen for assets.\n`,
+    'design-ui-editor': `---\nname: design-ui-editor\ndescription: Edit UI/UX using design.md and design-artifact-expert.\n---\n\nRead \`design.md\`, inspect relevant UI/assets/tests, apply the smallest design-system-conformant change, use imagegen for image/logo/raster assets, and verify render quality. If missing, use design-system-builder first.\n`,
+    'design-artifact-expert': `---\nname: design-artifact-expert\ndescription: Create or revise high-fidelity HTML, UI, prototype, deck-like, or visual design artifacts with rendered verification.\n---\n\nUse for design/UI/prototype/HTML visual work. Read design.md when present, build the usable artifact first, preserve state, verify overlap/readability/responsiveness, and use imagegen for required assets.\n`
   };
   for (const [name, content] of Object.entries(skills)) {
     const dir = path.join(root, '.agents', 'skills', name);
@@ -710,9 +608,11 @@ async function installSkills(root) {
     await writeTextAtomic(path.join(dir, 'SKILL.md'), `${skillContent.trim()}\n`);
     await writeSkillMetadata(dir, name);
   }
+  const skillNames = Object.keys(skills);
   return {
-    removed_agent_skill_aliases: await removeGeneratedAgentSkillAliases(root, Object.keys(skills)),
-    removed_codex_skill_mirrors: await removeGeneratedCodexSkillMirrors(root, Object.keys(skills))
+    installed_skills: skillNames,
+    removed_agent_skill_aliases: await removeGeneratedAgentSkillAliases(root, skillNames),
+    removed_codex_skill_mirrors: await removeGeneratedCodexSkillMirrors(root, skillNames)
   };
 }
 
@@ -780,7 +680,8 @@ function isGeneratedSksAgentSkill(text, name) {
   if (!text) return false;
   const s = String(text);
   if (!new RegExp(`name:\\s*${name.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}\\b`).test(s)) return false;
-  return /Sneakoscope|SKS|Codex App picker alias|Dollar-command route/i.test(s);
+  if (/\bnot generated by SKS\b/i.test(s)) return false;
+  return /Sneakoscope generated|Fallback Codex App picker alias|Codex App picker alias for|Dollar-command route generated by SKS/i.test(s);
 }
 
 function isGeneratedSksLegacySkill(text, name) {