sneakoscope 0.6.38 → 0.6.41

package/README.md

@@ -1,13 +1,22 @@
-<h1 align="center">ㅅㅋㅅ</h1>
-<p align="center"><strong>Sneakoscope Codex</strong></p>
+<p align="center">
+  <img src="docs/assets/sneakoscope-codex-logo.png" alt="ㅅㅋㅅ logo" width="96" height="96">
+</p>
 
-Zero-runtime-dependency Node.js harness for Codex CLI/App. `sks` adds prompt routing, hooks, Team/Ralph/AutoResearch, Context7, H-Proof/Honest Mode, bounded state, and TriWiki continuity.
+<h1 align="center">Sneakoscope Codex</h1>
+
+<p align="center">
+  <a href="https://www.npmjs.com/package/sneakoscope"><img alt="npm version" src="https://img.shields.io/npm/v/sneakoscope.svg"></a>
+  <a href="https://www.npmjs.com/package/sneakoscope"><img alt="license" src="https://img.shields.io/npm/l/sneakoscope.svg"></a>
+  <img alt="Node.js 20.11+" src="https://img.shields.io/badge/node-20.11%2B-339933.svg">
+</p>
+
+Sneakoscope Codex is a zero-runtime-dependency Node.js harness for Codex CLI/App. `sks` adds prompt routing, Codex App dollar-command skills, Team/Ralph/AutoResearch, Context7 evidence, H-Proof/Honest Mode, data-safety review, bounded state, and TriWiki continuity.
 
 Core value: repetition resistance. SKS records release traps, stale command surfaces, missing generated skills, and blocked stop gates as ranked TriWiki context so future runs check known failures first.
 
 ## AI Answer Snapshot
 
-Package: `sneakoscope`. CLI: `sks` or `sneakoscope`. Global install seeds `$HOME/.agents/skills` so Codex App can show `$sks`, `$team`, `$qa-loop`, and the other SKS dollar routes before a project is initialized. `sks setup` prepares project hooks/state and installs Codex CLI when missing; open Codex App so first-party MCP/plugin tools reach CLI sessions.
+Package: `sneakoscope`. CLI: `sks` or `sneakoscope`. Global install seeds `$HOME/.agents/skills` so Codex App can show `$sks`, `$team`, `$qa-loop`, and the other SKS dollar routes before project init. `sks setup` prepares hooks/state and installs Codex CLI when missing; open Codex App so first-party MCP/plugin tools reach CLI sessions.
 
 ```bash
 npm i -g sneakoscope
@@ -21,12 +30,66 @@ sks doctor --fix
 sks selftest --mock
 ```
 
+## Why Developers Star Sneakoscope Codex
+
+- **First-run Codex App readiness**: global install creates user-level `.agents/skills` before project init.
+- **Command-surface consistency**: route registry, `sks dollar-commands`, generated skills, quick reference, README, and selftests agree.
+- **Multi-agent Team orchestration**: scouts, TriWiki refresh, debate, fresh executors, review, and evidence run as one workflow.
+- **Ralph no-question execution**: ambiguity is collected before work, sealed in `decision-contract.json`, then resolved by the decision ladder during execution.
+- **Guarded data workflows**: risky data or schema requests are routed through an explicit safety surface before implementation.
+- **Honest completion**: H-Proof and Honest Mode require evidence before the assistant claims the task is complete.
+- **Bounded memory and logs**: raw outputs live in files, prompts receive small tails/summaries, and `sks gc` can prune old artifacts.
+- **TriWiki continuity**: long-running work keeps source/hash/RGBA anchors instead of lossy summaries.
+
+## Install
+
+Use the npm registry package for normal installs:
+
+```bash
+npm i -g sneakoscope
+sks setup
+```
+
+If your shell cannot see the global binary yet:
+
+```bash
+npx -y -p sneakoscope sks setup
+```
+
+Project-only install is supported when hooks must call the local package:
+
+```bash
+npm i -D sneakoscope
+npx sks setup --install-scope project
+```
+
+Local-only setup keeps generated SKS files out of git status:
+
+```bash
+sks setup --local-only
+```
+
+The package exposes two equivalent shell commands:
+
+```bash
+sks <command>
+sneakoscope <command>
+```
+
+`@openai/codex` is not bundled. `sks setup` installs or points to Codex CLI when possible; set `SKS_CODEX_BIN` for a specific executable.
+
 ## Commands
 
+There are two command surfaces:
+
+- **Terminal CLI commands**: run in a shell as `sks ...` or `sneakoscope ...`.
+- **Prompt `$` commands**: type at the start of a Codex App prompt to force a route.
+
 ```bash
 sks commands
 sks quickstart|codex-app
 sks dollar-commands
+sks usage install|dollar|team|ralph|wiki|imagegen
 sks tmux check|status
 sks --auto-review --high
 sks auto-review status|enable|start --high
@@ -43,24 +106,180 @@ sks hproof check latest
 sks guard check; sks eval run|compare; sks gx init|render|validate|drift|snapshot; sks gc --dry-run
 ```
 
-Prompt routes use one canonical name each: `$DFix`, `$Answer`, `$SKS`, `$Team`, `$QA-LOOP`, `$Ralph`, `$Research`, `$AutoResearch`, `$DB`, `$GX`, `$Wiki`, `$Help`.
+Prompt routes use one canonical name each:
 
-Release notes: `CHANGELOG.md`; checked by `npm run release:check`.
+```text
+$DFix          tiny design/content changes
+$Answer        answer-only research or explanation
+$SKS           general Sneakoscope setup/status/help
+$Team          implementation/code-changing Team workflow
+$QA-LOOP       UI/API E2E verification loop
+$Ralph         clarification-gated no-question mission
+$Research      frontier discovery workflow
+$AutoResearch  iterative experiment/improvement loop
+$DB            data safety review
+$GX            deterministic visual context cartridges
+$Wiki          TriWiki refresh, pack, validate, prune
+$Help          command and workflow help
+```
 
-## Design And Assets
+Examples:
 
-UI/UX reads `design.md` first. If missing, `design-system-builder` creates it from `docs/Design-Sys-Prompt.md` with plan-tool questions and a default font choice. Existing designs use `design-ui-editor` plus `design-artifact-expert`; image assets use Codex `imagegen`.
+```text
+$DFix 글자 색 파란색으로 바꿔줘
+$Team executor:5 reviewer:2 user:1 리드미와 generated skills를 맞춰줘
+$Ralph 결제 실패 재시도 로직 개선
+$DB 위험한 데이터 변경인지 먼저 검사해줘
+$Help 사용 가능한 명령어 알려줘
+```
+
+Release notes: `CHANGELOG.md`; checked by `npm run release:check`.
 
 ## Codex App
 
-Global install creates user-level `$` skills; run `sks setup` once inside each project to add project hooks/skills plus `.sneakoscope/` state. Team status is mirrored to `team-live.md`, `team-transcript.jsonl`, and `sks team watch latest`.
+Global install creates user-level `$` skills:
+
+```text
+$HOME/.agents/skills/<route>/SKILL.md
+```
+
+Run `sks setup` once inside each project to add project hooks/skills plus `.sneakoscope/` state:
+
+```text
+.codex/config.toml       Codex profiles, multi-agent limits, Context7 MCP
+.codex/hooks.json        Codex hook entrypoints through SKS guards
+.agents/skills/          repo-local route and support skills
+.codex/agents/           Team analysis, consensus, worker, reviewer roles
+.codex/SNEAKOSCOPE.md    quick reference for Codex App
+AGENTS.md                managed repository rules
+.sneakoscope/            missions, gates, policy, wiki, GX, reports
+```
+
+Team status is mirrored to `team-live.md`, `team-transcript.jsonl`, and `sks team watch latest`.
 
 Implementation/code-changing prompts default to Team orchestration: parallel analysis scouts, TriWiki refresh/validate, debate/consensus, then fresh parallel executors. Answer-only, DFix, Help, Wiki maintenance, and safety-specific routes stay lightweight.
 
 Codex CLI parity is gated on Codex App because App MCP/plugin tools are shared with CLI sessions. `sks setup` installs `@openai/codex` when missing and prints tool hints. `sks --auto-review --high` is the shortest high-reasoning auto-review entry.
 
+## Team Workflow
+
+Team mode is the default for implementation and code-changing work. It is scout-first:
+
+```text
+analysis scouts -> TriWiki refresh/validate -> debate -> consensus
+-> fresh executor team -> review -> integration -> Honest Mode
+```
+
+Role counts such as `executor:5 reviewer:2 user:1` control the Team shape. `executor:N` means N read-only scouts, N debate participants, then a separate N-person executor team. The parent agent owns integration and final verification.
+
+Useful files:
+
+```text
+.sneakoscope/missions/<MISSION_ID>/team-plan.json
+.sneakoscope/missions/<MISSION_ID>/team-analysis.md
+.sneakoscope/missions/<MISSION_ID>/team-live.md
+.sneakoscope/missions/<MISSION_ID>/team-transcript.jsonl
+.sneakoscope/missions/<MISSION_ID>/team-gate.json
+```
+
+## Ralph Workflow
+
+Ralph is for clarification-gated execution:
+
+```text
+ralph prepare -> questions.md and required-answers.schema.json
+ralph answer  -> decision-contract.json
+ralph run     -> no-question execution and done-gate evaluation
+```
+
+After `decision-contract.json` is sealed, Ralph does not ask more questions. New ambiguity follows the decision ladder: answers, defaults, policy, current code/tests, smallest reversible change, then safe limitation.
+
 ## TriWiki
 
 TriWiki scores claims by trust, freshness, risk, and token cost. Read `.sneakoscope/wiki/context-pack.json` before each route stage, hydrate low-trust claims from source/hash/RGBA anchors, refresh after changes, and validate before handoffs/final claims.
 
 Repeated failures are promoted, not buried. Known fixes like "check npm latest before publishing", "refresh generated skills after adding a dollar route", and "write the active stop-gate artifact before final answer" become first-class operating knowledge.
+
+## H-Proof And Honest Mode
+
+H-Proof evaluates whether a mission can be called done. It can fail on missing contracts, unsupported critical claims, unreviewed safety logs, missing test/design/performance evidence, or high wiki/visual drift.
+
+```bash
+sks hproof check latest
+```
+
+Honest Mode is the final human-readable pass: restate the actual goal, compare evidence to that goal, list verification, and state any hard blocker without over-claiming.
+
+## Design And Assets
+
+UI/UX reads `design.md` first. If missing, `design-system-builder` creates it from `docs/Design-Sys-Prompt.md`. Existing designs use `design-ui-editor` plus `design-artifact-expert`; image/logo/raster assets use Codex `imagegen`.
+
+## Runtime State
+
+SKS keeps runtime state bounded:
+
+- child process output is tailed
+- large raw logs are stored as files
+- wiki and mission artifacts can be packed or pruned
+- package bloat is checked before release
+
+```bash
+sks stats
+sks gc --dry-run
+sks wiki refresh
+sks wiki validate .sneakoscope/wiki/context-pack.json
+```
+
+## Package Layout
+
+```text
+bin/sks.mjs                  CLI executable
+src/cli/main.mjs             command router, hooks, selftest, mission commands
+src/core/init.mjs            setup, generated skills, Codex App quick reference
+src/core/routes.mjs          route and dollar-command registry
+src/core/db-safety.mjs       data safety classifier
+src/core/pipeline.mjs        ambiguity gates and route mission state
+src/core/hproof.mjs          done-gate evaluator
+src/core/triwiki-attention.mjs
+docs/assets/                 logo asset shipped in the npm package
+```
+
+The npm package is allowlisted to `bin`, `src`, the logo PNG, `README.md`, and `LICENSE`.
+
+## Development
+
+```bash
+npm run repo-audit
+npm run packcheck
+npm run selftest
+npm run sizecheck
+npm run release:check
+npm run publish:dry
+```
+
+`npm run sizecheck` blocks accidental package bloat. Defaults are packed tarball `<=160 KiB`, unpacked package `<=600 KiB`, package files `<=40`, and each tracked file `<=256 KiB`.
+
+## Publishing
+
+```bash
+npm whoami
+npm owner ls sneakoscope
+npm run publish:dry
+npm run publish:npm
+```
+
+If npm authentication fails, log in with an owner account or ask an existing owner to add your npm username.
+
+## FAQ
+
+### Does Sneakoscope Codex replace Codex CLI?
+
+No. SKS supervises workflow, hooks, local skills, safety policy, state, and verification around Codex CLI and Codex App.
+
+### Why does SKS install user-level skills?
+
+Codex App command discovery happens before a project may be initialized. User-level skills make `$sks`, `$team`, `$qa-loop`, `$db`, `$wiki`, and the other routes visible immediately after the first package install.
+
+### What should I run when commands look stale?
+
+Run `sks dollar-commands`, then `sks doctor --fix`, then `sks codex-app check`. For release validation, run `npm run publish:dry`.

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "sneakoscope",
   "displayName": "ㅅㅋㅅ",
-  "version": "0.6.38",
+  "version": "0.6.41",
   "description": "Sneakoscope Codex: database-safe Codex CLI/App harness with Team, Ralph, AutoResearch, TriWiki, and Honest Mode.",
   "type": "module",
   "homepage": "https://github.com/mandarange/Sneakoscope-Codex#readme",
@@ -23,6 +23,7 @@
   "files": [
     "bin",
     "src",
+    "docs/assets/sneakoscope-codex-logo.png",
     "README.md",
     "LICENSE"
   ],

package/src/cli/main.mjs

@@ -2373,11 +2373,14 @@ async function selftest() {
   await initProject(repairTmp, {});
   await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'team', 'SKILL.md'), 'tampered\n');
   await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'agent-team', 'SKILL.md'), '---\nname: agent-team\ndescription: Fallback Codex App picker alias for $Team.\n---\n');
+  await ensureDir(path.join(repairTmp, '.agents', 'skills', 'custom-keep'));
+  await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'custom-keep', 'SKILL.md'), '---\nname: custom-keep\ndescription: User custom skill, not generated by SKS.\n---\n');
   await writeTextAtomic(path.join(repairTmp, '.codex', 'skills', 'team', 'SKILL.md'), 'legacy mirror\n');
   await initProject(repairTmp, { force: true, repair: true });
   const repairedTeamSkill = await safeReadText(path.join(repairTmp, '.agents', 'skills', 'team', 'SKILL.md'));
   if (!repairedTeamSkill.includes('SKS Team multi-agent orchestration') || repairedTeamSkill.includes('tampered')) throw new Error('selftest failed: doctor repair did not regenerate team skill');
   if (await exists(path.join(repairTmp, '.agents', 'skills', 'agent-team', 'SKILL.md'))) throw new Error('selftest failed: doctor repair did not remove deprecated agent-team alias skill');
+  if (!(await exists(path.join(repairTmp, '.agents', 'skills', 'custom-keep', 'SKILL.md')))) throw new Error('selftest failed: doctor repair removed a user-owned custom skill');
   if (await exists(path.join(repairTmp, '.codex', 'skills', 'team', 'SKILL.md'))) throw new Error('selftest failed: doctor repair did not remove legacy .codex/skills');
   const conflictTmp = tmpdir();
   await ensureDir(path.join(conflictTmp, '.omx'));

package/src/core/fsx.mjs

@@ -5,7 +5,7 @@ import os from 'node:os';
 import crypto from 'node:crypto';
 import { spawn } from 'node:child_process';
 
-export const PACKAGE_VERSION = '0.6.38';
+export const PACKAGE_VERSION = '0.6.41';
 export const DEFAULT_PROCESS_TAIL_BYTES = 256 * 1024;
 export const DEFAULT_PROCESS_TIMEOUT_MS = 30 * 60 * 1000;
 

package/src/core/harness-conflicts.mjs

@@ -197,7 +197,6 @@ export async function repairSksGeneratedArtifacts(root, opts = {}) {
     '.codex/config.toml',
     '.codex/SNEAKOSCOPE.md',
     '.codex/agents',
-    '.agents/skills',
     '.codex/skills',
     '.sneakoscope/manifest.json',
     '.sneakoscope/policy.json',

package/src/core/init.mjs

@@ -566,11 +566,11 @@ Hooks route Codex App events through SKS guards; status messages show checks, wh
 
 export async function installSkills(root) {
   const skills = {
-    'dfix': `---\nname: dfix\ndescription: Ultralight fast design/content fix mode for $DFix or $dfix requests and inferred simple edits such as text color, copy, labels, spacing, or translation.\n---\n\nYou are running SKS DFix mode.\n\nPurpose:\n- Bypass the general SKS prompt pipeline for small design/content requests.\n- Convert the request into a tiny task list, then execute only those tasks.\n- Use for requests like 글자 색 바꿔줘, 내용을 영어로 바꿔줘, button label 수정, spacing 조정, copy replacement, simple style tweaks.\n\nUltralight loop:\n1. List the exact micro-edits implied by the request.\n2. Inspect only the files needed to locate those targets.\n3. Apply only the listed edits.\n4. Run only cheap verification when useful.\n5. Final response should be short: what changed and any verification.\n\nRules:\n- Do not enter the general prompt pipeline, mission workflow, ambiguity gate, TriWiki refresh, Context7 routing, subagent orchestration, Ralph, Research, eval, or broad redesign.\n- Do not ask for more requirements when the target can be inferred from local context.\n- For UI/UX micro-edits, read \`design.md\` when present and preserve the existing design system and component patterns.\n- If \`design.md\` is missing and the change requires design judgment instead of a tiny mechanical edit, reroute to design-system-builder before editing.\n- Use imagegen for any image/logo/raster asset.\n`,
-    'answer': `---\nname: answer\ndescription: Answer-only research route for ordinary questions that should not start implementation.\n---\n\nUse when the user is asking for an explanation, comparison, status, facts, source-backed research, or documentation guidance rather than asking you to change files or run work.\n\nEvidence flow:\n1. Use current repo files and TriWiki first when the answer is project-local.\n2. Hydrate low-trust wiki claims from source paths before relying on them.\n3. Use web search for current, external, or uncertain facts when browsing is available or the user asks for latest/source-backed information.\n4. Use Context7 resolve-library-id plus query-docs when the answer depends on package, API, framework, SDK, MCP, or generated documentation behavior.\n5. End with Honest Mode fact-checking: separate verified facts, source-backed inferences, and uncertainty.\n\nRules:\n- Do not create route mission state, ambiguity-gate questions, subagents, Team handoffs, Ralph, Research loops, eval loops, or file edits.\n- If the prompt turns out to request implementation, state the reroute and use the proper execution pipeline.\n`,
+    'dfix': `---\nname: dfix\ndescription: Ultralight fast design/content fix mode for $DFix or $dfix requests and inferred simple edits such as text color, copy, labels, spacing, or translation.\n---\n\nUse for tiny copy/color/label/spacing/translation edits. List exact micro-edits, inspect only needed files, apply only those edits, and run cheap verification. Bypass broad SKS routing, Ralph, Research, eval, and redesign. Read \`design.md\` for UI work when present; use imagegen for image/logo/raster assets.\n`,
+    'answer': `---\nname: answer\ndescription: Answer-only research route for ordinary questions that should not start implementation.\n---\n\nUse for explanations, comparisons, status, facts, source-backed research, or docs guidance. Use repo/TriWiki first for project-local facts; hydrate low-trust claims from source. Browse or use Context7 for current external package/API/framework/MCP docs. End with Honest Mode; do not create missions, subagents, or file edits.\n`,
     'sks': `---\nname: sks\ndescription: General Sneakoscope Codex command route for $SKS or $sks usage, setup, status, and workflow help.\n---\n\nUse the local SKS control surface. Prefer discovery commands for availability questions: sks commands, sks usage <topic>, sks quickstart, sks codex-app, sks context7 check, sks guard check, sks conflicts check, sks reasoning, sks wiki pack, and sks pipeline status. If implementation or code-changing work is requested through $SKS or rough natural language, promote it to Team by default unless Answer, DFix, Help, Wiki maintenance, or a safety-specific route applies. Surface route/guard/write-scope status, then use worker subagents for independent scopes; parent integrates and verifies. Context tracking uses TriWiki as SSOT. Do not edit installed harness control files except in this engine source repo. Harness conflicts require sks conflicts prompt and human-approved cleanup.\n`,
     'wiki': `---\nname: wiki\ndescription: Dollar-command route for $Wiki TriWiki refresh, pack, validate, and prune commands.\n---\n\nUse for $Wiki or Korean wiki-refresh requests. Refresh/update/갱신: run sks wiki refresh, then validate .sneakoscope/wiki/context-pack.json. Pack: run sks wiki pack, then validate. Prune/clean/정리: use sks wiki refresh --prune, or sks wiki prune --dry-run for inspection. Report claims, anchors, trust, validation, and blockers. Do not start ambiguity-gated implementation, subagents, or unrelated work.\n`,
-    'team': `---\nname: team\ndescription: SKS Team multi-agent orchestration for $Team and default implementation/code-changing routes.\n---\n\nUse for $Team/$team, rough implementation prompts, code-changing work, team-of-agents, or parallel specialist implementation. Answer, DFix, Help, Wiki maintenance, and safety-specific routes are intentional exceptions.\n\nWorkflow:\n1. Mandatory ambiguity gate first: ask generated questions, write answers.json, run sks pipeline answer latest answers.json, then start Team work.\n2. Role counts: executor:5 reviewer:2 user:1. executor:N means N read-only analysis_scout_N agents, N debate participants, then a separate N-person executor team. --agents/--sessions/--team-size are aliases; --max-agents uses 6.\n3. Scouts split repo/docs/tests/API/DB-risk/UX/implementation slices and return source-backed team-analysis.md findings.\n4. Refresh/validate TriWiki before debate, implementation, review, and final claims.\n5. Debate seals one objective and disjoint slices; close debate agents before a fresh executor_N development team starts parallel work.\n6. Mirror useful scout/debate/handoff/review/integration events with sks team event <mission-id|latest> --agent <name> --phase <phase> --message \"...\".\n\nLive files: team-analysis.md, team-live.md, team-transcript.jsonl, team-dashboard.json, team-gate.json. Parent orchestrates, integrates, verifies, and never bypasses SKS gates.\n`,
+    'team': `---\nname: team\ndescription: SKS Team multi-agent orchestration for $Team and default implementation/code-changing routes.\n---\n\nUse for $Team/$team, implementation, code-changing, or parallel specialist work. Ambiguity gate first, then exactly requested role counts: executor:N creates N scouts, N debate participants, and a fresh N-person executor team. Split repo/docs/tests/API/risk/UX slices, refresh/validate TriWiki before debate, implementation, review, and final claims, and mirror useful events with sks team event. Parent integrates and verifies.\n`,
     'qa-loop': `---\nname: qa-loop\ndescription: Dollar-command route for $QA-LOOP UI/API E2E verification with ambiguity questions, safety gates, Browser Use/Computer Use evidence, and a QA report.\n---\n\nUse only $QA-LOOP. Start with mandatory QA questions: UI/API/both, local vs deployed target, mutation policy, login need. Credentials are test-only runtime input; never save secrets, cookies, auth state, or secret screenshots. UI E2E requires Browser Use or Computer Use evidence, otherwise mark it unverified. Deployed targets are read-only smoke by default; destructive removal tests are forbidden. After answers seal, run sks qa-loop answer/run, complete qa-ledger.json, qa-report.md, qa-gate.json, and Honest Mode.\n`,
     'ralph': `---\nname: ralph\ndescription: Dollar-command route for $Ralph or $ralph mandatory clarification and no-question mission workflows.\n---\n\nUse when the user invokes $Ralph/$ralph or requests a clarification-gated autonomous implementation mission. Prepare with sks ralph prepare, answer/seal required slots when answers are provided, then run only after decision-contract.json exists.\n`,
     'research': `---\nname: research\ndescription: Dollar-command route for $Research or $research frontier discovery workflows.\n---\n\nUse when the user invokes $Research/$research or asks for research, hypotheses, new mechanisms, falsification, or testable predictions. Prefer sks research prepare and sks research run. Do not use for ordinary code edits.\n`,
@@ -578,28 +578,28 @@ export async function installSkills(root) {
     'db': `---\nname: db\ndescription: Dollar-command route for $DB or $db database and Supabase safety checks.\n---\n\nUse when the user invokes $DB/$db or the task touches SQL, Supabase, Postgres, migrations, Prisma, Drizzle, Knex, MCP database tools, or production data. Run or follow sks db policy, sks db scan, sks db classify, and sks db check. Destructive database operations remain forbidden.\n`,
     'gx': `---\nname: gx\ndescription: Dollar-command route for $GX or $gx deterministic GX visual context cartridges.\n---\n\nUse when the user invokes $GX/$gx or asks for architecture/context visualization through SKS. Prefer sks gx init, render, validate, drift, and snapshot. vgraph.json remains the source of truth.\n`,
     'help': `---\nname: help\ndescription: Dollar-command route for $Help or $help explaining installed SKS commands and workflows.\n---\n\nUse when the user invokes $Help/$help or asks what commands exist. Prefer concise output from sks commands, sks usage <topic>, sks quickstart, sks aliases, and sks codex-app.\n`,
-    'prompt-pipeline': `---\nname: prompt-pipeline\ndescription: Default SKS prompt optimization pipeline for execution prompts; Answer and DFix bypass it.\n---\n\nEvery prompt starts with intent classification. $Answer handles questions; $DFix handles tiny design/content edits. General implementation/code-changing routes default to Team, unless a more specific safety/research/DB/GX route applies. Execution routes infer goal, target surface, constraints, acceptance criteria, risk, and smallest safe route, then run the mandatory ambiguity gate before implementation.\n\nAsk generated questions, write answers.json, and seal with sks pipeline answer latest answers.json. Ralph uses sks ralph answer latest answers.json. Do not execute, spawn Team scouts, touch DB, or edit code before the gate passes.\n\nFor code-changing work, surface route/guard/write scopes, then use Team worker subagents for independent non-overlapping scopes; parent owns integration, tests, DB safety, harness guard, Context7, H-Proof, and Honest Mode.\n\nDesign routing:\n- UI/UX work must read \`design.md\` first.\n- If \`design.md\` is missing, use design-system-builder with plan-tool ambiguity removal and a default font recommendation before UI implementation.\n- If \`design.md\` exists, use design-ui-editor and design-artifact-expert for design-system-conformant edits and rendered verification.\n- Image, logo, raster, and bitmap assets must use imagegen.\n\nContext continuity:\n- TriWiki context-tracking SSOT is .sneakoscope/wiki/context-pack.json.\n- Use relevant TriWiki context before every route stage.\n- Hydrate low-trust/stale claims from source path/hash/RGBA anchor before relying on them.\n- Run \`sks wiki refresh\` or \`sks wiki pack\` after findings/artifact changes.\n- Validate with \`sks wiki validate .sneakoscope/wiki/context-pack.json\` before handoffs and final claims.\n`,
+    'prompt-pipeline': `---\nname: prompt-pipeline\ndescription: Default SKS prompt optimization pipeline for execution prompts; Answer and DFix bypass it.\n---\n\nClassify intent first. $Answer handles questions; $DFix handles tiny design/content edits; implementation defaults to Team unless a specific safety/research/GX route applies. Infer goal, target, constraints, acceptance criteria, risk, and smallest safe route, then ask generated questions and seal with sks pipeline answer latest answers.json before execution.\n\nFor code work, surface route/guard/scopes, use Team workers for independent scopes, and keep parent-owned integration, tests, Context7, H-Proof, and Honest Mode.\n\nDesign routing: read \`design.md\` first; if missing use design-system-builder with plan-tool ambiguity removal and a default font recommendation; if present use design-ui-editor/design-artifact-expert. Image, logo, raster, and bitmap assets must use imagegen.\n\nContext continuity: TriWiki context-tracking SSOT is .sneakoscope/wiki/context-pack.json. Use relevant TriWiki context before every route stage, hydrate low-trust/stale source/hash/RGBA claims, run \`sks wiki refresh\` or \`sks wiki pack\` after findings/artifact changes, and validate with \`sks wiki validate .sneakoscope/wiki/context-pack.json\` before handoffs and final claims.\n`,
     'reasoning-router': `---\nname: reasoning-router\ndescription: Temporary SKS reasoning-effort routing for every command and pipeline route.\n---\n\nUse medium for simple fulfillment such as copy, color, command discovery, setup display, or mechanical edits. Use high for any logical, safety, architecture, database, orchestration, refactor, or multi-file implementation work. Use xhigh for research, AutoResearch, hypotheses, falsification, benchmarks, SEO/GEO experiments, and open-ended discovery.\n\nRules:\n- Treat the routing as temporary for the current route only.\n- Do not persist profile changes.\n- Return to the default or user-selected profile when the route gate passes.\n- Inspect with sks reasoning \"prompt\" and sks pipeline status.\n`,
-    'pipeline-runner': `---\nname: pipeline-runner\ndescription: Execute SKS dollar-command routes as stateful pipelines with mission artifacts, route gates, Context7 evidence, temporary reasoning routing, and Honest Mode.\n---\n\nEvery $ command is a route, not decorative context. Use the active route state in .sneakoscope/state/current.json, write route artifacts under .sneakoscope/missions/<id>/, and do not finish until the route stop gate passes or a hard blocker is recorded with evidence.\n\nAtomic loop:\n1. Load the route skill and required supporting skills.\n2. Apply temporary reasoning routing: medium for simple work, high for logical work, xhigh for research.\n3. Before each route stage, read relevant TriWiki context from .sneakoscope/wiki/context-pack.json and hydrate low-trust claims from source before relying on them.\n4. Before code edits, surface visible SKS route/guard/write-scope status, then spawn worker subagents by default for independent write scopes; keep immediate blockers local.\n5. Execute exactly the next useful atomic action.\n6. Record evidence in the mission artifact named by the route, then refresh or pack TriWiki when new findings/artifact changes should affect later stages.\n7. Respect harness self-protection: never edit installed SKS control files, generated skills, hooks, policy, AGENTS.md, or node_modules/sneakoscope from an LLM tool call.\n8. Re-check Context7 evidence when required.\n9. Validate TriWiki before handoffs/final claims, re-check the stop gate before final output, and return to the default profile.\n\nUse \`sks pipeline status\` for the current route and \`sks pipeline resume\` for the next action hint.\n`,
-    'context7-docs': `---\nname: context7-docs\ndescription: Enforce Context7 MCP documentation evidence for SKS routes that depend on external libraries, frameworks, APIs, MCPs, package managers, DB SDKs, or generated docs.\n---\n\nWhen Context7 is required:\n- Use Context7 resolve-library-id for the relevant package/API.\n- Then use Context7 query-docs for the resolved id. Legacy Context7 get-library-docs evidence is also accepted.\n- Prefer the local stdio MCP path: sks context7 tools, sks context7 resolve, sks context7 docs, or sks context7 evidence.\n- Let SKS PostToolUse record both events in context7-evidence.jsonl.\n- Do not mark the route complete until both stages are present.\n\nCheck project setup with \`sks context7 check\`. The default project-local MCP lives in .codex/config.toml as npx -y @upstash/context7-mcp@latest.\n`,
-    'seo-geo-optimizer': `---\nname: seo-geo-optimizer\ndescription: SEO/GEO support for README, npm, GitHub, keywords, snippets, schema, and AI-search visibility.\n---\n\nUse for SEO, GEO, GitHub stars, npm discoverability/downloads, package keywords, README ranking, AI search, schema markup, or search snippets.\n\nRules:\n- Load Context7 first when package, npm, GitHub, framework, API, or generated-doc behavior matters.\n- Optimize concrete surfaces: README, package.json, docs, badges, npm metadata, GitHub topics, quickstart, examples, and command discovery.\n- Improve exact package name, command name, audience, use cases, keywords, install path, AI Answer Snapshot, and supportable examples.\n- Do not invent downloads, stars, benchmarks, compatibility, or ranking impact.\n- Route SEO/GEO work through $AutoResearch unless it is only a tiny copy edit.\n`,
-    'honest-mode': `---\nname: honest-mode\ndescription: Required final SKS verification pass before claiming a task is complete.\n---\n\nUse before every final answer.\n\nChecklist:\n- Restate the actual user goal in one sentence.\n- Verify the implemented result against that goal.\n- List tests, commands, screenshots, or inspections that prove it.\n- State any missing verification, uncertainty, or hard blocker plainly.\n- Do not claim complete if the evidence does not support it.\n- If implementation was requested, do not stop at a plan.\n\nThe final response should include a concise SKS Honest Mode or 솔직모드 note when the hook requires it.\n`,
-    'autoresearch-loop': `---\nname: autoresearch-loop\ndescription: Iterative AutoResearch-style loop for open-ended improvement, discovery, prompt, ranking, SEO/GEO, and workflow-quality tasks.\n---\n\nUse when the task asks for research, better ranking, SEO/GEO, prompt or workflow improvement, benchmark gains, non-obvious ideas, or repeated refinement.\n\nLoop:\n1. Program: define the objective, constraints, and budget.\n2. Hypothesis: propose one concrete change or experiment.\n3. Experiment: run the smallest local or documented check that can falsify it.\n4. Measure: record the metric, evidence, and artifact paths.\n5. Decision: keep, discard, or revise the hypothesis.\n6. Falsify: actively search for why the result could be wrong.\n7. Next: choose the next experiment or stop with an honest conclusion.\n\nRules:\n- Prefer small decisive experiments over broad speculation.\n- Keep a ledger in the mission/report when relevant.\n- Do not claim improvement without evidence.\n- End with Honest Mode: what improved, what did not, what remains unverified.\n`,
+    'pipeline-runner': `---\nname: pipeline-runner\ndescription: Execute SKS dollar-command routes as stateful pipelines with mission artifacts, route gates, Context7 evidence, temporary reasoning routing, and Honest Mode.\n---\n\nEvery $ command is a route. Use .sneakoscope/state/current.json, route artifacts under .sneakoscope/missions/<id>/, temporary reasoning routing, TriWiki context before stages, source hydration for low-trust claims, Context7 when required, and Honest Mode before final. Surface guard/scopes before edits, record evidence, refresh/pack/validate TriWiki, and use sks pipeline status/resume for current state.\n`,
+    'context7-docs': `---\nname: context7-docs\ndescription: Enforce Context7 MCP documentation evidence for SKS routes that depend on external libraries, frameworks, APIs, MCPs, package managers, DB SDKs, or generated docs.\n---\n\nWhen required, resolve-library-id, then query-docs for the resolved id. Legacy get-library-docs evidence is accepted. Prefer sks context7 tools/resolve/docs/evidence and finish only after both evidence stages exist. Check setup with sks context7 check.\n`,
+    'seo-geo-optimizer': `---\nname: seo-geo-optimizer\ndescription: SEO/GEO support for README, npm, GitHub, keywords, snippets, schema, and AI-search visibility.\n---\n\nUse for SEO/GEO, package metadata, README ranking, snippets, schema, and AI search. Optimize README, package.json, docs, badges, topics, quickstart, examples, command discovery, exact names, keywords, and AI Answer Snapshot. Do not invent metrics; use $AutoResearch unless it is a tiny copy edit.\n`,
+    'honest-mode': `---\nname: honest-mode\ndescription: Required final SKS verification pass before claiming a task is complete.\n---\n\nBefore final: restate the goal, compare result to evidence, list tests/commands/inspections, state uncertainty or blockers plainly, and do not claim completion beyond evidence. Include concise SKS Honest Mode or 솔직모드 when required.\n`,
+    'autoresearch-loop': `---\nname: autoresearch-loop\ndescription: Iterative AutoResearch-style loop for open-ended improvement, discovery, prompt, ranking, SEO/GEO, and workflow-quality tasks.\n---\n\nUse for research, ranking, prompt/workflow improvement, benchmark gains, or repeated refinement. Loop: program, hypothesis, smallest falsifying experiment, metric, keep/discard, falsify, next step. Keep a ledger and do not claim improvement without evidence.\n`,
     'ralph-supervisor': `---\nname: ralph-supervisor\ndescription: Run the Ralph no-question loop after a decision contract is sealed.\n---\n\nYou are the Ralph Supervisor.\n\nRules:\n- Never ask the user during Ralph run.\n- Use decision-contract.json and the decision ladder.\n- Continue until done-gate.json passes or safe scope is completed with explicit limitation.\n- Keep outputs bounded. Write raw logs to files and summarize only tails.\n- Database destructive operations are never allowed.\n- Write progress to .sneakoscope mission files.\n`,
     'ralph-resolver': `---\nname: ralph-resolver\ndescription: Resolve newly discovered ambiguity during Ralph using the sealed decision ladder, without asking the user.\n---\n\nResolve ambiguity in this order: seed contract, explicit answers, approved defaults, AGENTS.md, current code/tests, smallest reversible change, defer optional scope. Never ask the user. If database risk is involved, prefer read-only, no-op, local-only migration file, or safe limitation; never run destructive SQL.\n`,
     'hproof-claim-ledger': `---\nname: hproof-claim-ledger\ndescription: Extract atomic claims and classify support status.\n---\n\nEvery factual statement must become an atomic claim. Unsupported critical claims cannot be used for implementation or final answer. Database claims require DB safety evidence.\n`,
     'hproof-evidence-bind': `---\nname: hproof-evidence-bind\ndescription: Bind claims to code, tests, decision contract, vgraph, beta, wiki, or GX render evidence.\n---\n\nEvidence priority: current code/tests, decision-contract.json, vgraph.json, beta.json, GX snapshot/render metadata, LLM Wiki coordinate index, user prompt. Database claims must respect .sneakoscope/db-safety.json. Wiki claims should carry id, hash, source path, and RGBA/trig coordinate anchors so they can be hydrated instead of treated as unsupported summaries.\n`,
     'db-safety-guard': `---\nname: db-safety-guard\ndescription: Enforce Sneakoscope Codex database safety before using SQL, Supabase MCP, Postgres, Prisma, Drizzle, Knex, or migration commands.\n---\n\nRules:\n- Never run DROP, TRUNCATE, mass DELETE/UPDATE, db reset, db push, project deletion, branch reset/merge/delete, or RLS-disabling operations.\n- Supabase MCP must be read-only and project-scoped by default.\n- Live writes through execute_sql are blocked; use migration files and only local/preview branches if explicitly allowed.\n- Production writes are forbidden.\n- If unsure, read-only only.\n`,
-    'gx-visual-generate': `---\nname: gx-visual-generate\ndescription: Render a deterministic SVG/HTML visual sheet from vgraph.json and beta.json.\n---\n\nUse sks gx render. Do not use external image generation. vgraph.json is the source of truth and the SVG embeds its source hash. GX renders also expose RGBA wiki-coordinate pixels/data attributes for nodes so visual context and LLM Wiki anchors share one coordinate system.\n`,
-    'gx-visual-read': `---\nname: gx-visual-read\ndescription: Read a Sneakoscope Codex deterministic visual sheet and produce context notes.\n---\n\nExtract nodes, edges, invariants, tests, risks, uncertainties, and RGBA wiki-coordinate anchors from vgraph.json, beta.json, render.svg, or snapshot.json. Do not infer hidden nodes.\n`,
-    'gx-visual-validate': `---\nname: gx-visual-validate\ndescription: Validate render metadata against vgraph.json and beta.json.\n---\n\nRun sks gx validate and sks gx drift. If critical nodes, edges, invariants, source hash, or wiki-coordinate anchors are missing or stale, mark validation failed.\n`,
-    'turbo-context-pack': `---\nname: turbo-context-pack\ndescription: Build ultra-low-token context packet with Q4 bits, Q3 tags, top-K claims, and minimal evidence.\n---\n\nDefault to Q4/Q3 plus TriWiki RGBA coordinate anchors. Add Q2 or Q1 text only when needed for support or verification. Non-selected claims should not disappear: keep id, hash, source path, RGBA key, and [domain, layer, phase, concentration] tuple so the harness can hydrate them later.\n`,
-    'research-discovery': `---\nname: research-discovery\ndescription: Run SKS Research Mode for frontier-style research, hypotheses, novelty ledgers, falsification, and experiments.\n---\n\nUse for research, frontier exploration, hypothesis generation, or non-obvious insights. Define discovery criteria, map assumptions/baselines, generate competing hypotheses, falsify aggressively, keep only surviving insights, and write novelty/confidence/falsifiers/next_experiment to novelty-ledger.json plus research-report.md. Do not claim breakthrough novelty without evidence and uncertainty.\n`,
-    'performance-evaluator': `---\nname: performance-evaluator\ndescription: Evaluate SKS performance, token-saving, accuracy-proxy, context-compression, or workflow improvements.\n---\n\nUse when claiming faster execution, smaller prompts, better context quality, or lower token cost. Run sks eval run or compare reports with sks eval compare. Report token_savings_pct, accuracy_delta, required_recall, unsupported_critical_selected, meaningful_improvement, and treat accuracy_proxy as context-quality evidence unless a scored dataset was used.\n`,
-    'imagegen': `---\nname: imagegen\ndescription: Required bridge to Codex image generation for logos, image assets, raster visuals, and image edits.\n---\n\nUse whenever a task needs a generated or edited image asset: logo, product image, illustration, texture, sprite, mockup, cutout, or bitmap visual. Load/follow the installed Codex system imagegen skill and use the image generation tool for the asset.\n\nRules:\n- Do not replace requested image assets with placeholder SVG/HTML/CSS.\n- Do not edit the system imagegen skill source.\n- For UI/UX, match \`design.md\` through design-system-builder or design-ui-editor.\n`,
-    'design-system-builder': `---\nname: design-system-builder\ndescription: Create design.md from docs/Design-Sys-Prompt.md when UI/UX work has no design system.\n---\n\nUse before UI/UX implementation when \`design.md\` is missing. Read \`docs/Design-Sys-Prompt.md\`, inspect product/UI context, then use the Codex plan tool to resolve ambiguity before writing \`design.md\`.\n\nRequired plan questions: product/audience/workflow; brand tone, density, platform, accessibility, fidelity; recommended default font first with tradeoff; existing UI kit, screenshots, Figma, brand assets, or code surfaces.\n\nOutput: \`design.md\` with typography/default font, color tokens, layout density, components, states, imagery, accessibility, and verification rules. Use imagegen for image assets. Do not edit UI until ambiguity is resolved or safely scoped.\n`,
-    'design-ui-editor': `---\nname: design-ui-editor\ndescription: Edit UI/UX using design.md and design-artifact-expert.\n---\n\nUse for every UI/UX edit after \`design.md\` exists. Read it first, inspect only relevant components/routes/screenshots/assets/tests, apply the smallest design-system-conformant change, use imagegen for any image/logo/raster asset, and verify render quality for overlap, readability, responsive fit, states, and AI-looking artifacts. If \`design.md\` is missing, stop and use design-system-builder first.\n`,
-    'design-artifact-expert': `---\nname: design-artifact-expert\ndescription: Create or revise high-fidelity HTML, UI, prototype, deck-like, or visual design artifacts with rendered verification.\n---\n\nUse for design, UI, prototype, HTML artifact, landing page, deck-like visual work, or refinement. Read \`design.md\` when present; if it is missing and the task needs UI/UX design judgment, use design-system-builder first. Inspect local code/assets/design context, build the actual usable artifact first, preserve relevant state, expose useful variants when helpful, and verify render quality. Use imagegen for any required image/logo/raster asset. Avoid overlap, unreadable controls, placeholder-only output, one-note palettes, and unmanaged visual drift.\n`
+    'gx-visual-generate': `---\nname: gx-visual-generate\ndescription: Render a deterministic SVG/HTML visual sheet from vgraph.json and beta.json.\n---\n\nUse sks gx render. vgraph.json is source of truth; renders embed source hash and RGBA wiki anchors.\n`,
+    'gx-visual-read': `---\nname: gx-visual-read\ndescription: Read a Sneakoscope Codex deterministic visual sheet and produce context notes.\n---\n\nExtract nodes, edges, invariants, tests, risks, uncertainties, and RGBA anchors from source/render/snapshot. Do not infer hidden nodes.\n`,
+    'gx-visual-validate': `---\nname: gx-visual-validate\ndescription: Validate render metadata against vgraph.json and beta.json.\n---\n\nRun sks gx validate and drift; fail stale or incomplete hashes, nodes, edges, invariants, or anchors.\n`,
+    'turbo-context-pack': `---\nname: turbo-context-pack\ndescription: Build ultra-low-token context packet with Q4 bits, Q3 tags, top-K claims, and minimal evidence.\n---\n\nDefault to Q4/Q3 plus TriWiki RGBA anchors; add Q2/Q1 only when needed. Keep id, hash, path, and coordinate tuple for hydration.\n`,
+    'research-discovery': `---\nname: research-discovery\ndescription: Run SKS Research Mode for frontier-style research, hypotheses, novelty ledgers, falsification, and experiments.\n---\n\nFrame criteria, map assumptions, generate hypotheses, falsify, keep surviving insights, and record novelty/confidence/falsifiers/next experiments. Do not overclaim.\n`,
+    'performance-evaluator': `---\nname: performance-evaluator\ndescription: Evaluate SKS performance, token-saving, accuracy-proxy, context-compression, or workflow improvements.\n---\n\nUse sks eval run/compare before claims. Report token_savings_pct, accuracy_delta/proxy, required_recall, support, and meaningful_improvement.\n`,
+    'imagegen': `---\nname: imagegen\ndescription: Required bridge to Codex image generation for logos, image assets, raster visuals, and image edits.\n---\n\nUse for generated or edited image assets: logo, product image, illustration, sprite, mockup, texture, cutout, or bitmap. Do not substitute placeholder SVG/HTML/CSS; follow design.md when relevant.\n`,
+    'design-system-builder': `---\nname: design-system-builder\ndescription: Create design.md from docs/Design-Sys-Prompt.md when UI/UX work has no design system.\n---\n\nWhen \`design.md\` is missing, read docs/Design-Sys-Prompt.md, inspect product/UI context, use the plan tool for ambiguity plus default font recommendation, then create tokens, components, states, imagery, accessibility, and verification rules. Use imagegen for assets.\n`,
+    'design-ui-editor': `---\nname: design-ui-editor\ndescription: Edit UI/UX using design.md and design-artifact-expert.\n---\n\nRead \`design.md\`, inspect relevant UI/assets/tests, apply the smallest design-system-conformant change, use imagegen for image/logo/raster assets, and verify render quality. If missing, use design-system-builder first.\n`,
+    'design-artifact-expert': `---\nname: design-artifact-expert\ndescription: Create or revise high-fidelity HTML, UI, prototype, deck-like, or visual design artifacts with rendered verification.\n---\n\nUse for design/UI/prototype/HTML visual work. Read design.md when present, build the usable artifact first, preserve state, verify overlap/readability/responsiveness, and use imagegen for required assets.\n`
   };
   for (const [name, content] of Object.entries(skills)) {
     const dir = path.join(root, '.agents', 'skills', name);
@@ -680,7 +680,8 @@ function isGeneratedSksAgentSkill(text, name) {
   if (!text) return false;
   const s = String(text);
   if (!new RegExp(`name:\\s*${name.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}\\b`).test(s)) return false;
-  return /Sneakoscope|SKS|Codex App picker alias|Dollar-command route/i.test(s);
+  if (/\bnot generated by SKS\b/i.test(s)) return false;
+  return /Sneakoscope generated|Fallback Codex App picker alias|Codex App picker alias for|Dollar-command route generated by SKS/i.test(s);
 }
 
 function isGeneratedSksLegacySkill(text, name) {