sneakoscope 0.7.21 → 0.7.25

package/README.md

@@ -46,7 +46,7 @@ sks selftest --mock
 | CLI runtime | `sks tmux open` and `sks --mad` explicitly launch Codex CLI with tmux; bare `sks` only prints help/readiness surfaces. |
 | Codex App commands | Installs generated skills so `$Team`, `$From-Chat-IMG`, `$DFix`, `$QA-LOOP`, `$PPT`, `$Goal`, `$DB`, `$Wiki`, `$Help`, and related routes are visible in prompt workflows. |
 | Pipeline plans | Writes `pipeline-plan.json` for stateful routes so the runtime lane, kept stages, skipped stages, verification commands, and no-unrequested-fallback invariant are visible with `sks pipeline plan`. |
-| Team orchestration | Runs substantial work through ambiguity handling, scouts, TriWiki refresh, debate, runtime task graphs, worker inboxes, implementation, review, cleanup, reflection, and Honest Mode; narrow work should use Proof Field evidence to skip unrelated pipeline work instead of expanding Team. |
+| Team orchestration | Runs substantial work through score-based ambiguity handling, scouts, TriWiki refresh, debate, runtime task graphs, worker inboxes, implementation, review, cleanup, reflection, and Honest Mode; narrow work should use Proof Field evidence to skip unrelated pipeline work instead of expanding Team. |
 | Skill dreaming | Records cheap generated-skill usage counters in JSON and only periodically scans `.agents/skills` for keep, merge, prune, and improvement candidates. Reports are recommendation-only and never delete skills automatically. |
 | From-Chat-IMG | Turns chat screenshots plus original attachments into source-bound work orders, then requires scoped QA evidence before completion. |
 | QA loop | Dogfoods UI/API behavior with safety gates, Codex Computer Use-only UI evidence, safe fixes, and rechecks. |
@@ -95,7 +95,7 @@ sks bootstrap
 
 `sks` commands work even when no project root is present. Project-aware commands use the nearest `.sneakoscope`, `.dcodex`, or `.git` root; if none exists, SKS uses a per-user global runtime root. `sks bootstrap` still initializes the current project when you want project-local hooks, skills, and TriWiki state.
 
-Project setup writes shared `.gitignore` entries for generated SKS files: `.sneakoscope/`, `.codex/`, `.agents/`, and managed `AGENTS.md`. Use `sks setup --local-only` when you want those excludes kept only in `.git/info/exclude`.
+Project setup writes shared `.gitignore` entries for generated SKS files: `.sneakoscope/`, `.codex/`, `.agents/`, and managed `AGENTS.md`. Setup, doctor repair, and npm postinstall refreshes also compare the previous SKS generated-file manifest with the current package templates and prune stale SKS-generated legacy skills or agent files while preserving user-owned custom skills. Use `sks setup --local-only` when you want those excludes kept only in `.git/info/exclude`.
 
 During npm postinstall, SKS also installs generated Codex App skills and tries the official getdesign Codex skill command, `skills add MohtashamMurshid/getdesign`, when the `skills` CLI is available. If that CLI is missing, setup still installs the generated `getdesign-reference` skill. Design work still flows through one authority: `design.md`. When `design.md` is missing, `docs/Design-Sys-Prompt.md` is the builder prompt and getdesign plus curated DESIGN.md examples such as [VoltAgent/awesome-design-md](https://github.com/VoltAgent/awesome-design-md) are inputs to fuse into that SSOT or into route-local `$PPT` style tokens.
 
@@ -236,6 +236,12 @@ sks code-structure scan --json
 
 `sks proof-field scan` is SKS's lightweight outcome rubric: it maps the goal to proof cones, records unrelated work that can be skipped with evidence, reports a simplicity score, and names escalation triggers for when the route must return to the full Team/Honest proof path. The rubric embeds Hyperplan-style adversarial pressure as compact lenses instead of a new command: challenge framing, subtract surface, demand evidence, test integration risk, and consider one simpler alternative. When `execution_lane.lane` is `proof_field_fast_lane`, SKS can keep the parent-owned minimal patch plus listed verification and skip Team debate, fresh executor teams, broad route rework, and unrelated checks. Database, security, visual-forensic, unknown, broad, failed, or unsupported-claim signals fail closed to the normal Team/Honest path. Use `sks pipeline plan --proof-field` after changed files are known to bind that Proof Field decision to the mission plan.
 
+### Ambiguity Questions
+
+SKS no longer starts from a fixed checklist such as `GOAL_PRECISE` and `ACCEPTANCE_CRITERIA`. The clarification gate first scores goal clarity, constraint clarity, success-criteria clarity, and codebase-context clarity, then asks only the lowest-clarity item that can change execution. Predictable UI defaults, DB safety defaults, test scope, fallback policy, and ordinary implementation acceptance criteria are inferred and sealed automatically.
+
+The design borrows two useful ideas from external planning systems without copying their route weight: Ouroboros-style ambiguity thresholds decide whether the prompt is clear enough to proceed, while Prometheus/Hyperplan-style adversarial lenses challenge framing, remove unnecessary surface, demand evidence, test integration risk, and consider a simpler alternative before Team work starts.
+
 `sks skill-dream` keeps generated skill complexity bounded without doing a heavy evaluation on every prompt. Route use writes compact counters to `.sneakoscope/skills/dream-state.json`; after the configured count/cooldown threshold, or when you run `sks skill-dream run`, SKS scans `.agents/skills` and writes `.sneakoscope/reports/skill-dream-latest.json` with keep, merge, prune, and improvement candidates. The report is intentionally advisory: deleting or merging skills requires explicit approval.
 
 `sks goal` and `$Goal` only prepare/control the native `/goal` persistence bridge. They do not replace Team, QA, DB, or other implementation routes; use the selected execution route for the actual work and verification. Context7 is only needed for Goal when external API/library documentation becomes relevant.

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "sneakoscope",
   "displayName": "ㅅㅋㅅ",
-  "version": "0.7.21",
+  "version": "0.7.25",
   "description": "Sneakoscope Codex: database-safe Codex CLI/App harness with Team, Goal, AutoResearch, TriWiki, and Honest Mode.",
   "type": "module",
   "homepage": "https://github.com/mandarange/Sneakoscope-Codex#readme",

package/src/cli/install-helpers.mjs

@@ -186,7 +186,14 @@ export async function ensureGlobalCodexSkillsDuringInstall(opts = {}) {
   try {
     const install = await installSkills(home);
     const skills = await checkRequiredSkills(home, root);
-    return { status: skills.ok ? 'installed' : 'partial', root, installed_count: install.installed_skills.length, removed_aliases: install.removed_agent_skill_aliases, missing_skills: skills.missing };
+    return {
+      status: skills.ok ? 'installed' : 'partial',
+      root,
+      installed_count: install.installed_skills.length,
+      removed_aliases: install.removed_agent_skill_aliases,
+      removed_stale_generated_skills: install.removed_stale_generated_skills,
+      missing_skills: skills.missing
+    };
   } catch (err) {
     return { status: 'failed', root, error: err.message };
   }

package/src/cli/main.mjs

@@ -83,54 +83,17 @@ export async function main(args) {
   if (!cmd) return help();
   if (cmd === '--help' || cmd === '-h') return help();
   if (cmd === '--version' || cmd === '-v' || cmd === 'version') return version();
-  if (cmd === 'postinstall') return postinstall({ bootstrap });
-  if (cmd === 'wizard' || cmd === 'ui') return wizard(tail);
   if (cmd === 'tmux') return !sub || String(sub).startsWith('--') ? tmuxCommand('check', tail) : tmuxCommand(sub, rest);
   if (cmd === 'auto-review' || cmd === 'autoreview') return autoReviewCommand(sub, rest);
-  if (cmd === 'update-check') return updateCheck(tail);
-  if (cmd === 'help') return help(tail);
-  if (cmd === 'commands') return commands(tail);
-  if (cmd === 'usage') return usage(tail);
-  if (cmd === 'root') return rootCommand(tail);
-  if (cmd === 'quickstart') return quickstartCommand();
-  if (cmd === 'codex-app') return codexAppHelp(tail);
-  if (cmd === 'bootstrap') return bootstrap(tail);
-  if (cmd === 'deps') return deps(sub, rest);
   if (cmd === 'dollar-commands' || cmd === 'dollars' || cmd === '$') return dollarCommands(tail);
   if (String(cmd).toLowerCase() === 'dfix') return dfixHelp();
-  if (cmd === 'qa-loop') return qaLoopCommand(sub, rest);
-  if (cmd === 'ppt') return pptCommand(sub, rest);
-  if (cmd === 'context7') return context7Command(sub, rest);
-  if (cmd === 'pipeline') return pipeline(sub, rest);
-  if (cmd === 'guard') return guard(sub, rest);
-  if (cmd === 'conflicts') return conflicts(sub, rest);
-  if (cmd === 'versioning') return versioning(sub, rest);
-  if (cmd === 'reasoning') return reasoningCommand(tail);
-  if (cmd === 'aliases') return aliases();
-  if (cmd === 'setup') return setup(tail);
-  if (cmd === 'fix-path') return fixPath(tail);
-  if (cmd === 'doctor') return doctor(tail);
-  if (cmd === 'init') return init(tail);
-  if (cmd === 'selftest') return selftest(tail);
-  if (cmd === 'goal') return goalCommand(sub, rest);
-  if (cmd === 'research') return researchCommand(sub, rest);
-  if (cmd === 'hook') return emitHook(sub);
-  if (cmd === 'profile') return profileCommand(sub, rest);
-  if (cmd === 'hproof') return hproofCommand(sub, rest);
-  if (cmd === 'validate-artifacts') return validateArtifactsCommand(tail);
-  if (cmd === 'perf') return perfCommand(sub, rest);
-  if (cmd === 'proof-field') return proofFieldCommand(sub, rest);
-  if (cmd === 'skill-dream') return skillDreamCommand(sub, rest);
-  if (cmd === 'code-structure') return codeStructureCommand(sub, rest);
-  if (cmd === 'memory') return memoryCommand(sub, rest);
-  if (cmd === 'gx') return gxCommand(sub, rest);
-  if (cmd === 'team') return team(tail);
-  if (cmd === 'db') return dbCommand(sub, rest);
-  if (cmd === 'eval') return evalCommand(sub, rest);
-  if (cmd === 'harness') return harnessCommand(sub, rest);
-  if (cmd === 'wiki') return wikiCommand(sub, rest);
-  if (cmd === 'gc') return gcCommand(tail);
-  if (cmd === 'stats') return statsCommand(tail);
+  const handlers = {
+    postinstall: () => postinstall({ bootstrap }), wizard: () => wizard(tail), ui: () => wizard(tail), 'update-check': () => updateCheck(tail), help: () => help(tail), commands: () => commands(tail), usage: () => usage(tail), root: () => rootCommand(tail), quickstart: () => quickstartCommand(), 'codex-app': () => codexAppHelp(tail), bootstrap: () => bootstrap(tail), deps: () => deps(sub, rest),
+    'qa-loop': () => qaLoopCommand(sub, rest), ppt: () => pptCommand(sub, rest), context7: () => context7Command(sub, rest), pipeline: () => pipeline(sub, rest), guard: () => guard(sub, rest), conflicts: () => conflicts(sub, rest), versioning: () => versioning(sub, rest), reasoning: () => reasoningCommand(tail), aliases: () => aliases(), setup: () => setup(tail), 'fix-path': () => fixPath(tail), doctor: () => doctor(tail), init: () => init(tail), selftest: () => selftest(tail),
+    goal: () => goalCommand(sub, rest), research: () => researchCommand(sub, rest), hook: () => emitHook(sub), profile: () => profileCommand(sub, rest), hproof: () => hproofCommand(sub, rest), 'validate-artifacts': () => validateArtifactsCommand(tail), perf: () => perfCommand(sub, rest), 'proof-field': () => proofFieldCommand(sub, rest), 'skill-dream': () => skillDreamCommand(sub, rest), 'code-structure': () => codeStructureCommand(sub, rest), memory: () => memoryCommand(sub, rest), gx: () => gxCommand(sub, rest),
+    team: () => team(tail), db: () => dbCommand(sub, rest), eval: () => evalCommand(sub, rest), harness: () => harnessCommand(sub, rest), wiki: () => wikiCommand(sub, rest), gc: () => gcCommand(tail), stats: () => statsCommand(tail)
+  };
+  if (handlers[cmd]) return handlers[cmd]();
   console.error(`Unknown command: ${cmd}`);
   process.exitCode = 1;
 }
@@ -1433,11 +1396,12 @@ async function doctor(args) {
   let conflictScan = await scanHarnessConflicts(root);
   let repairApplied = false;
   let globalSkillsRepair = null;
+  let projectRepair = null;
   const globalCommand = await globalSksCommand();
   if (flag(args, '--fix') && !conflictScan.hard_block) {
     const existingManifest = await readJson(path.join(root, '.sneakoscope', 'manifest.json'), null);
     const fixScope = requestedScope || normalizeInstallScope(existingManifest?.installation?.scope || 'global');
-    await initProject(root, { installScope: fixScope, globalCommand, localOnly: flag(args, '--local-only') || Boolean(existingManifest?.git?.local_only), force: true, repair: true });
+    projectRepair = await initProject(root, { installScope: fixScope, globalCommand, localOnly: flag(args, '--local-only') || Boolean(existingManifest?.git?.local_only), force: true, repair: true });
     if (!flag(args, '--local-only')) globalSkillsRepair = await ensureGlobalCodexSkillsDuringInstall({ force: true });
     repairApplied = true;
     conflictScan = await scanHarnessConflicts(root);
@@ -1464,7 +1428,7 @@ async function doctor(args) {
   const result = {
     node: { ok: nodeOk, version: process.version }, root, codex, rust,
     install,
-    repair: { applied: repairApplied, global_skills: globalSkillsRepair, blocked_by_other_harness: flag(args, '--fix') && conflictScan.hard_block },
+    repair: { applied: repairApplied, project: projectRepair, global_skills: globalSkillsRepair, blocked_by_other_harness: flag(args, '--fix') && conflictScan.hard_block },
     harness_conflicts: {
       ok: conflictScan.ok,
       hard_block: conflictScan.hard_block,
@@ -1780,6 +1744,26 @@ async function selftest() {
   await initProject(repairTmp, { installScope: 'project', localOnly: true });
   await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'team', 'SKILL.md'), 'tampered\n');
   await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'agent-team', 'SKILL.md'), '---\nname: agent-team\ndescription: Fallback Codex App picker alias for $Team.\n---\n');
+  await ensureDir(path.join(repairTmp, '.agents', 'skills', 'stale-sks-generated'));
+  await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'stale-sks-generated', 'SKILL.md'), '---\nname: stale-sks-generated\ndescription: Old SKS generated skill that should disappear on update.\n---\n');
+  await writeJsonAtomic(path.join(repairTmp, '.agents', 'skills', '.sks-generated.json'), {
+    schema_version: 1,
+    generated_by: 'sneakoscope',
+    version: '0.0.1',
+    skills: ['team', 'stale-sks-generated'],
+    files: ['.agents/skills/team/SKILL.md', '.agents/skills/stale-sks-generated/SKILL.md']
+  });
+  const staleCodexAgentRel = '.codex/agents/stale-generated.toml';
+  await writeTextAtomic(path.join(repairTmp, staleCodexAgentRel), 'name = "stale_generated"\n');
+  const staleManifest = await readJson(path.join(repairTmp, '.sneakoscope', 'manifest.json'));
+  staleManifest.version = '0.0.1';
+  staleManifest.generated_files = {
+    schema_version: 1,
+    generated_by: 'sneakoscope',
+    prune_policy: 'remove_previous_sks_generated_paths_absent_from_current_manifest',
+    files: [...(staleManifest.generated_files?.files || []), '.agents/skills/stale-sks-generated/SKILL.md', staleCodexAgentRel]
+  };
+  await writeJsonAtomic(path.join(repairTmp, '.sneakoscope', 'manifest.json'), staleManifest);
   await ensureDir(path.join(repairTmp, '.agents', 'skills', 'custom-keep'));
   await writeTextAtomic(path.join(repairTmp, '.agents', 'skills', 'custom-keep', 'SKILL.md'), '---\nname: custom-keep\ndescription: User custom skill, not generated by SKS.\n---\n');
   await writeTextAtomic(path.join(repairTmp, '.codex', 'skills', 'team', 'SKILL.md'), 'legacy mirror\n');
@@ -1802,6 +1786,11 @@ async function selftest() {
   const repairedTeamSkill = await safeReadText(path.join(repairTmp, '.agents', 'skills', 'team', 'SKILL.md'));
   if (!repairedTeamSkill.includes('SKS Team orchestration') || repairedTeamSkill.includes('tampered')) throw new Error('selftest failed: doctor repair did not regenerate team skill');
   if (await exists(path.join(repairTmp, '.agents', 'skills', 'agent-team', 'SKILL.md'))) throw new Error('selftest failed: doctor repair did not remove deprecated agent-team alias skill');
+  if (await exists(path.join(repairTmp, '.agents', 'skills', 'stale-sks-generated', 'SKILL.md'))) throw new Error('selftest failed: doctor repair did not prune stale generated skill from previous SKS manifest');
+  if (await exists(path.join(repairTmp, staleCodexAgentRel))) throw new Error('selftest failed: doctor repair did not prune stale generated agent file from previous SKS manifest');
+  if (!doctorRepairJson.repair?.project?.skill_install?.removed_stale_generated_skills?.includes('.agents/skills/stale-sks-generated')) throw new Error('selftest failed: doctor repair did not report stale generated skill pruning');
+  const generatedCleanupReport = doctorRepairJson.repair?.project?.generated_cleanup || {};
+  if (![...(generatedCleanupReport.pruned || []), ...(generatedCleanupReport.already_absent || [])].includes(staleCodexAgentRel)) throw new Error('selftest failed: doctor repair did not report stale generated file pruning');
   if (!(await exists(path.join(repairTmp, '.agents', 'skills', 'custom-keep', 'SKILL.md')))) throw new Error('selftest failed: doctor repair removed a user-owned custom skill');
   if (await exists(path.join(repairTmp, '.codex', 'skills', 'team', 'SKILL.md'))) throw new Error('selftest failed: doctor repair did not remove legacy .codex/skills');
   const repairedQuickReference = await safeReadText(path.join(repairTmp, '.codex', 'SNEAKOSCOPE.md'));
@@ -2792,8 +2781,13 @@ async function selftest() {
   const buttonUxSchema = buildQuestionSchema('$Team 버튼 UX 수정');
   const buttonUxSlotIds = buttonUxSchema.slots.map((s) => s.id);
   if (buttonUxSlotIds.includes('UI_STATE_BEHAVIOR') || buttonUxSlotIds.includes('VISUAL_REGRESSION_REQUIRED')) throw new Error('selftest failed: predictable UI defaults should be inferred, not asked');
+  if (buttonUxSlotIds.length) throw new Error(`selftest failed: clear small UI work should auto-seal, got ${buttonUxSlotIds.join(',')}`);
   if (buttonUxSchema.inferred_answers.UI_STATE_BEHAVIOR !== 'infer_from_task_context_and_existing_design_system; preserve existing loading/error/empty/retry behavior unless explicitly requested; add only standard states required by the touched surface') throw new Error('selftest failed: UI state default inference missing');
   if (buttonUxSchema.inferred_answers.VISUAL_REGRESSION_REQUIRED !== 'yes_if_available') throw new Error('selftest failed: visual regression default inference missing');
+  const vagueSchema = buildQuestionSchema('뭔가 개선해줘');
+  const vagueSlotIds = vagueSchema.slots.map((s) => s.id);
+  if (!vagueSlotIds.includes('INTENT_TARGET') || vagueSlotIds.includes('GOAL_PRECISE') || vagueSlotIds.includes('ACCEPTANCE_CRITERIA')) throw new Error(`selftest failed: vague work should ask dynamic intent questions only, got ${vagueSlotIds.join(',')}`);
+  if (vagueSchema.ambiguity_assessment?.method !== 'weighted_clarity_interview' || !vagueSchema.ambiguity_assessment?.adversarial_lenses?.includes('challenge_framing')) throw new Error('selftest failed: ambiguity schema missing weighted clarity / planning lenses');
   const pptRoute = routePrompt('$PPT 투자자용 피치덱 만들어줘');
   if (pptRoute?.id !== 'PPT') throw new Error('selftest failed: $PPT did not route to presentation pipeline');
   if (JSON.stringify(pptRoute.requiredSkills) !== JSON.stringify(PPT_PIPELINE_SKILL_ALLOWLIST)) throw new Error(`selftest failed: PPT route required skills are not allowlisted: ${pptRoute.requiredSkills.join(',')}`);

package/src/core/fsx.mjs

@@ -5,7 +5,7 @@ import os from 'node:os';
 import crypto from 'node:crypto';
 import { spawn } from 'node:child_process';
 
-export const PACKAGE_VERSION = '0.7.21';
+export const PACKAGE_VERSION = '0.7.25';
 export const DEFAULT_PROCESS_TAIL_BYTES = 256 * 1024;
 export const DEFAULT_PROCESS_TIMEOUT_MS = 30 * 60 * 1000;
 

package/src/core/init.mjs

@@ -11,6 +11,8 @@ import { SKILL_DREAM_POLICY, skillDreamPolicyText } from './skill-forge.mjs';
 
 const REFLECTION_MEMORY_PATH = '.sneakoscope/memory/q2_facts/post-route-reflection.md';
 const SKS_GENERATED_GIT_PATTERNS = ['.sneakoscope/', '.codex/', '.agents/', 'AGENTS.md'];
+const SKS_SKILL_MANIFEST_FILE = '.sks-generated.json';
+const GENERATED_PRUNE_POLICY = 'remove_previous_sks_generated_paths_absent_from_current_manifest';
 
 function reflectionInstructionText(commandPrefix = 'sks') {
   return `Post-route reflection: full routes load \`reflection\` after work/tests and before final; DFix/Answer/Help/Wiki/SKS discovery are exempt. Write reflection.md; record only real misses/gaps, or no_issue_acknowledged. For lessons, append TriWiki claim rows to ${REFLECTION_MEMORY_PATH}. Run "${commandPrefix} wiki refresh" or pack, validate, then pass reflection-gate.json.`;
@@ -101,6 +103,8 @@ export async function initProject(root, opts = {}) {
   const requestedHookCommandPrefix = opts.hookCommandPrefix || sksCommandPrefix(installScope, { globalCommand: opts.globalCommand });
   const hookCommandPrefix = sourceProject ? 'node ./bin/sks.mjs' : requestedHookCommandPrefix;
   const sine = path.join(root, '.sneakoscope');
+  const manifestPath = path.join(sine, 'manifest.json');
+  const previousManifest = await readJson(manifestPath, null);
   if (opts.repair) {
     const repair = await repairSksGeneratedArtifacts(root, { resetState: Boolean(opts.resetState) });
     if (repair.removed.length) created.push(`repaired generated SKS files (${repair.removed.length})`);
@@ -114,7 +118,7 @@ export async function initProject(root, opts = {}) {
   if (localExclude?.path) created.push(`${path.relative(root, localExclude.path)} local-only excludes`);
   if (sharedIgnore?.changed) created.push(`${path.relative(root, sharedIgnore.path)} SKS generated files ignore`);
 
-  await writeJsonAtomic(path.join(sine, 'manifest.json'), {
+  const manifest = {
     package: 'sneakoscope',
     version: PACKAGE_VERSION,
     initialized_at: nowIso(),
@@ -197,7 +201,8 @@ export async function initProject(root, opts = {}) {
     },
     database_safety: 'destructive_db_operations_denied_always',
     gx_renderer: 'deterministic_svg_html'
-  });
+  };
+  await writeJsonAtomic(manifestPath, manifest);
   created.push('.sneakoscope/manifest.json');
 
   const dbSafetyPath = path.join(sine, 'db-safety.json');
@@ -467,16 +472,36 @@ policy = "Deny destructive database operations, credential exfiltration, persist
 
   const skillInstall = await installSkills(root);
   created.push('.agents/skills/*');
+  if (skillInstall.removed_stale_generated_skills.length) created.push(`stale generated skills removed (${skillInstall.removed_stale_generated_skills.length})`);
+  if (skillInstall.removed_agent_skill_aliases.length) created.push(`deprecated generated skill aliases removed (${skillInstall.removed_agent_skill_aliases.length})`);
   if (skillInstall.removed_codex_skill_mirrors.length) created.push(`.codex/skills generated mirrors removed (${skillInstall.removed_codex_skill_mirrors.length})`);
-  await installCodexAgents(root);
+  const agentInstall = await installCodexAgents(root);
   created.push('.codex/agents/*');
+  const generatedFiles = currentGeneratedFileInventory(skillInstall, agentInstall);
+  const generatedCleanup = await pruneStaleGeneratedFiles(root, previousManifest, generatedFiles);
+  if (generatedCleanup.pruned.length) created.push(`stale generated files pruned (${generatedCleanup.pruned.length})`);
+  manifest.generated_files = {
+    schema_version: 1,
+    generated_by: 'sneakoscope',
+    prune_policy: GENERATED_PRUNE_POLICY,
+    files: generatedFiles
+  };
+  manifest.generated_cleanup = {
+    schema_version: 1,
+    last_run_at: nowIso(),
+    previous_version: previousManifest?.version || null,
+    current_version: PACKAGE_VERSION,
+    pruned: generatedCleanup.pruned,
+    already_absent: generatedCleanup.already_absent || []
+  };
+  await writeJsonAtomic(manifestPath, manifest);
   await writeHarnessGuardPolicy(root);
   created.push('.sneakoscope/harness-guard.json');
   const versionHookCommand = sourceProject ? 'node ./bin/sks.mjs' : hookCommandPrefix;
   const versionHook = await installVersionGitHook(root, versionHookCommand);
   if (versionHook.installed) created.push('.git/hooks/pre-commit SKS version guard');
   else created.push(`version guard skipped (${versionHook.reason})`);
-  return { created };
+  return { created, generated_cleanup: generatedCleanup, skill_install: skillInstall };
 }
 
 async function ensureSharedGitIgnore(root) {
@@ -556,7 +581,7 @@ export async function installSkills(root) {
     'answer': `---\nname: answer\ndescription: Answer-only research route for ordinary questions that should not start implementation.\n---\n\nUse for explanations, comparisons, status, facts, source-backed research, or docs guidance. Use repo/TriWiki first for project-local facts; hydrate low-trust claims from source. Browse or use Context7 for current external package/API/framework/MCP docs. End with a concise answer summary plus Honest Mode; do not create missions, subagents, or file edits.\n`,
     'sks': `---\nname: sks\ndescription: General Sneakoscope Codex command route for $SKS or $sks usage, setup, status, and workflow help.\n---\n\nUse local SKS commands: bootstrap, deps, commands, quickstart, codex-app, context7, guard, conflicts, reasoning, wiki, pipeline status, pipeline plan, skill-dream. Promote code-changing work to Team unless Answer/DFix/Help/Wiki/safety route fits. Surface route/guard/scope, use TriWiki, do not edit installed harness files outside this engine repo, and require human-approved conflict cleanup. ${skillDreamPolicyText()}\n`,
     'wiki': `---\nname: wiki\ndescription: Dollar-command route for $Wiki TriWiki refresh, pack, validate, and prune commands.\n---\n\nUse for $Wiki or Korean wiki-refresh requests. Refresh/update/갱신: run sks wiki refresh, then validate .sneakoscope/wiki/context-pack.json. Pack: run sks wiki pack, then validate. Prune/clean/정리: use sks wiki refresh --prune, or sks wiki prune --dry-run for inspection. Report claims, anchors, trust, attention.use_first/hydrate_first, validation, and blockers. Do not start ambiguity-gated implementation, subagents, or unrelated work.\n`,
-    'team': `---\nname: team\ndescription: SKS Team orchestration for $Team/code work; $From-Chat-IMG is the explicit chat-image alias.\n---\n\nUse for $Team/code work. Ambiguity gate first. Read pipeline-plan.json or run sks pipeline plan to see the runtime lane, kept/skipped stages, and verification before implementation. Write team-roster.json; team-gate.json needs team_roster_confirmed=true. executor:N means N scouts, N debate voices, then fresh N executors. After consensus, compile team-graph.json, team-runtime-tasks.json, team-decomposition-report.json, and team-inbox/ so worker handoff uses concrete runtime task ids with role/path/domain/lane hints. Refresh/validate TriWiki before debate, implementation, review, and final; consume attention.use_first and hydrate attention.hydrate_first before risky decisions. ${outcomeRubricPolicyText()} ${speedLanePolicyText()} ${skillDreamPolicyText()} Log events and use sks team message for bounded inter-agent communication in transcript/lane panes. Color-coded tmux lanes distinguish overview/scout/planning/execution/review/safety sessions. End with cleanup-tmux or a cleanup event so follow panes show cleanup and stop; pass team-session-cleanup.json, then reflection and Honest Mode. Parent integrates/verifies.\n\n${chatCaptureIntakeText()}\n`,
+    'team': `---\nname: team\ndescription: SKS Team orchestration for $Team/code work; $From-Chat-IMG is the explicit chat-image alias.\n---\n\nUse for $Team/code work. Ambiguity gate first, but score goal, constraints, success criteria, and codebase context before asking; ask only the lowest-clarity scope/safety/behavior/acceptance question(s), otherwise auto-seal inferred answers. Read pipeline-plan.json or run sks pipeline plan to see the runtime lane, kept/skipped stages, and verification before implementation. Write team-roster.json; team-gate.json needs team_roster_confirmed=true. executor:N means N scouts, N debate voices, then fresh N executors. After consensus, compile team-graph.json, team-runtime-tasks.json, team-decomposition-report.json, and team-inbox/ so worker handoff uses concrete runtime task ids with role/path/domain/lane hints. Refresh/validate TriWiki before debate, implementation, review, and final; consume attention.use_first and hydrate attention.hydrate_first before risky decisions. ${outcomeRubricPolicyText()} ${speedLanePolicyText()} ${skillDreamPolicyText()} Log events and use sks team message for bounded inter-agent communication in transcript/lane panes. Color-coded tmux lanes distinguish overview/scout/planning/execution/review/safety sessions. End with cleanup-tmux or a cleanup event so follow panes show cleanup and stop; pass team-session-cleanup.json, then reflection and Honest Mode. Parent integrates/verifies.\n\n${chatCaptureIntakeText()}\n`,
     'from-chat-img': `---\nname: from-chat-img\ndescription: Explicit $From-Chat-IMG Team alias for chat screenshot plus attachment analysis.\n---\n\nUse only for From-Chat-IMG/$From-Chat-IMG. It enters the normal Team pipeline. Treat uploads as chat screenshot plus originals. Use Codex Computer Use visual inspection when available, list requirements first, match regions to attachments with confidence, write ${FROM_CHAT_IMG_COVERAGE_ARTIFACT}, ${FROM_CHAT_IMG_CHECKLIST_ARTIFACT}, ${FROM_CHAT_IMG_TEMP_TRIWIKI_ARTIFACT}, and ${FROM_CHAT_IMG_QA_LOOP_ARTIFACT}, then continue Team gates, review, reflection, and Honest Mode. ${CODEX_COMPUTER_USE_ONLY_POLICY} The ledger must account for every visible customer request, screenshot image region, and separate attachment; ${FROM_CHAT_IMG_CHECKLIST_ARTIFACT} must have a checked item for each request, image-region/attachment match, work item, scoped QA-LOOP, and verification step; ${FROM_CHAT_IMG_TEMP_TRIWIKI_ARTIFACT} stores temporary TriWiki-backed session context with expires_after_sessions=${FROM_CHAT_IMG_TEMP_TRIWIKI_SESSIONS}. ${FROM_CHAT_IMG_QA_LOOP_ARTIFACT} must prove QA-LOOP ran over the exact customer-request work-order range after implementation, with every work item covered, post-fix verification complete, and zero unresolved findings. team-gate.json cannot pass From-Chat-IMG completion until unresolved_items is empty, every checklist box is checked, and scoped_qa_loop_completed=true.\n`,
     'qa-loop': `---\nname: qa-loop\ndescription: $QA-LOOP dogfoods UI/API as human proxy with safety gates, Codex Computer Use-only UI evidence, safe fixes, rechecks, and a QA report.\n---\n\nUse only $QA-LOOP. Ask scope, target, mutation, login. Credentials are runtime-only; never save secrets. UI-level E2E needs Codex Computer Use evidence or must be marked unverified; Chrome MCP, Browser Use, Playwright, Selenium, Puppeteer, and other browser automation do not satisfy UI/browser verification. Deployed targets are read-only; destructive removal is forbidden. After answer/run, dogfood real flows, apply safe contract-allowed code/test/docs fixes, recheck, and do not pass qa-gate.json with unresolved findings or without post_fix_verification_complete. Finish qa-ledger, date/version report, gate, completion summary, and Honest Mode.\n`,
     'ppt': `---\nname: ppt\ndescription: $PPT information-first HTML/PDF presentation pipeline with STP, audience, pain-point, format, research, design-system, and verification questions.\n---\n\nUse only when the user invokes $PPT or asks to create a presentation, deck, slides, pitch deck, proposal deck, HTML presentation, or PDF presentation artifact. Before artifact work, seal presentation-specific ambiguity answers: delivery context, target audience profile including role/average age/job/industry/topic familiarity/decision power, STP strategy, decision context and objections, and 3+ pain-point to solution mappings with expected aha moments. Presentation design must be simple, restrained, and information-first: avoid over-designed decoration, ornamental gradients, nested cards, and effects that compete with the message. Design detail should be embedded through typography hierarchy, spacing, alignment, thin rules, source clarity, and subtle accents. ${pptPipelineAllowlistPolicyText()} Use design.md as the only design decision SSOT. If design.md is missing, use docs/Design-Sys-Prompt.md plus getdesign-reference and curated DESIGN.md examples from ${AWESOME_DESIGN_MD_REFERENCE.url} only as source inputs, then fuse them into route-local PPT style tokens with a recorded design_ssot instead of treating references as parallel authorities. If generated image assets are needed, use imagegen only when that asset need is explicitly sealed in the $PPT contract and prefer Codex App built-in image generation (${CODEX_APP_IMAGE_GENERATION_DOC_URL}) before API generation. Use web or Context7 evidence only when external facts/libraries/current docs are required by the PPT contract, then create the PDF plus editable source HTML under source-html/, keep independent strategy/render/file-write phases parallel where inputs allow, record ppt-parallel-report.json, and verify readability, overlap, format fit, source coverage, export state, and temporary build files cleanup. Finish with reflection and Honest Mode; do not skip STP/audience questions for presentation artifacts.\n`,
@@ -570,7 +595,7 @@ export async function installSkills(root) {
     'mad-sks': `---\nname: mad-sks\ndescription: Explicit high-risk authorization modifier for $MAD-SKS scoped Supabase MCP DB permission widening.\n---\n\nUse only when the user explicitly invokes $MAD-SKS. It can be combined with another route, such as $MAD-SKS $Team or $DB ... $MAD-SKS; in that case the other command remains the primary workflow and MAD-SKS is only the temporary permission grant. The widened DB permission applies only while the active mission gate is open, must be deactivated when the task ends, and opens Supabase MCP column/schema cleanup, direct execute SQL, and normal DB write permissions. Keep only catastrophic database-wipe safeguards: whole database/table removal, all-row delete/update, reset, and dangerous project/branch management remain blocked. Do not carry MAD-SKS permission into later prompts or routes.\n`,
     'gx': `---\nname: gx\ndescription: Dollar-command route for $GX or $gx deterministic GX visual context cartridges.\n---\n\nUse when the user invokes $GX/$gx or asks for architecture/context visualization through SKS. Prefer sks gx init, render, validate, drift, and snapshot. vgraph.json remains the source of truth.\n`,
     'help': `---\nname: help\ndescription: Dollar-command route for $Help or $help explaining installed SKS commands and workflows.\n---\n\nUse when the user invokes $Help/$help or asks what commands exist. Prefer concise output from sks commands, sks usage <topic>, sks quickstart, sks aliases, and sks codex-app.\n`,
-    'prompt-pipeline': `---\nname: prompt-pipeline\ndescription: Default SKS prompt optimization pipeline for execution prompts; Answer and DFix bypass it.\n---\n\nClassify intent: Answer only for real questions; question-shaped implicit instructions, complaints, and mandatory-policy statements route to Team. DFix handles tiny design/content; code defaults to Team unless safety/research/GX route fits. Infer goal, target, constraints, acceptance, risk, and smallest safe route. Ask only scope/safety/behavior/acceptance-changing questions; otherwise seal inferred answers. Materialize pipeline-plan.json for the runtime lane, kept/skipped stages, no-fallback invariant, and verification; inspect with sks pipeline plan, adding --proof-field when changed files are known. Code work surfaces route/guard/scopes, materializes team-roster.json from default or explicit counts before implementation, compiles concrete Team runtime graph/inbox artifacts after consensus, and parent owns integration/tests/Context7/Honest Mode. ${outcomeRubricPolicyText()} ${speedLanePolicyText()} ${skillDreamPolicyText()}\n\n${chatCaptureIntakeText()}\n\nDesign: non-PPT UI/UX reads design.md; if missing use design-system-builder; use imagegen for image/logo/raster, and imagegen must prefer Codex App built-in image generation (${CODEX_APP_IMAGE_GENERATION_DOC_URL}) before API generation. For $PPT, ${pptPipelineAllowlistPolicyText()} ${getdesignReferencePolicyText()} TriWiki context-tracking SSOT: .sneakoscope/wiki/context-pack.json; read only the latest coordinate+voxel overlay pack before every route stage, run sks wiki refresh/pack after changes, validate before handoffs/final.\n`,
+    'prompt-pipeline': `---\nname: prompt-pipeline\ndescription: Default SKS prompt optimization pipeline for execution prompts; Answer and DFix bypass it.\n---\n\nClassify intent: Answer only for real questions; question-shaped implicit instructions, complaints, and mandatory-policy statements route to Team. DFix handles tiny design/content; code defaults to Team unless safety/research/GX route fits. Infer goal, target, constraints, acceptance, risk, and smallest safe route. Score ambiguity first using goal, constraints, success criteria, and codebase context; ask only the lowest-clarity scope/safety/behavior/acceptance-changing questions within a small question budget, otherwise seal inferred answers. Materialize pipeline-plan.json for the runtime lane, kept/skipped stages, no-fallback invariant, and verification; inspect with sks pipeline plan, adding --proof-field when changed files are known. Code work surfaces route/guard/scopes, materializes team-roster.json from default or explicit counts before implementation, compiles concrete Team runtime graph/inbox artifacts after consensus, and parent owns integration/tests/Context7/Honest Mode. ${outcomeRubricPolicyText()} ${speedLanePolicyText()} ${skillDreamPolicyText()}\n\n${chatCaptureIntakeText()}\n\nDesign: non-PPT UI/UX reads design.md; if missing use design-system-builder; use imagegen for image/logo/raster, and imagegen must prefer Codex App built-in image generation (${CODEX_APP_IMAGE_GENERATION_DOC_URL}) before API generation. For $PPT, ${pptPipelineAllowlistPolicyText()} ${getdesignReferencePolicyText()} TriWiki context-tracking SSOT: .sneakoscope/wiki/context-pack.json; read only the latest coordinate+voxel overlay pack before every route stage, run sks wiki refresh/pack after changes, validate before handoffs/final.\n`,
     'reasoning-router': `---\nname: reasoning-router\ndescription: Temporary SKS reasoning-effort routing for every command and pipeline route.\n---\n\nmedium: simple copy/color/discovery/setup/mechanical edits. high: logic, safety, architecture, DB, orchestration, refactor, multi-file work. xhigh: research, AutoResearch, falsification, benchmarks, SEO/GEO, open-ended discovery, and From-Chat-IMG image work-order analysis. Routing is temporary; return to default after the gate. Inspect with sks reasoning and sks pipeline status.\n`,
     'pipeline-runner': `---\nname: pipeline-runner\ndescription: Execute SKS dollar-command routes as stateful pipelines with mission artifacts, route gates, Context7 evidence, temporary reasoning routing, reflection, and Honest Mode.\n---\n\nEvery $ command is a route. Use current.json, mission artifacts, and pipeline-plan.json as the execution plan: it records the lane, skipped stages, kept stages, verification, and no-unrequested-fallback invariant. Use temporary reasoning, TriWiki before stages, source hydration, Context7 when required, Team cleanup before reflection, reflection for full routes, and completion summary plus Honest Mode before final. Surface guard/scopes, record evidence, refresh/pack/validate TriWiki, and check sks pipeline status/resume/plan. ${speedLanePolicyText()} ${skillDreamPolicyText()}\n`,
     'context7-docs': `---\nname: context7-docs\ndescription: Enforce Context7 MCP documentation evidence for SKS routes that depend on external libraries, frameworks, APIs, MCPs, package managers, DB SDKs, or generated docs.\n---\n\nWhen required, resolve-library-id, then query-docs for the resolved id. Legacy get-library-docs evidence is accepted. Prefer sks context7 tools/resolve/docs/evidence and finish only after both evidence stages exist. Check setup with sks context7 check.\n`,
@@ -601,13 +626,57 @@ export async function installSkills(root) {
     await writeSkillMetadata(dir, name);
   }
   const skillNames = Object.keys(skills);
+  const removedStaleGeneratedSkills = await removeStaleGeneratedSkillsFromManifest(root, skillNames);
+  await writeGeneratedSkillManifest(root, skillNames);
   return {
     installed_skills: skillNames,
+    generated_files: generatedSkillFiles(skillNames),
+    removed_stale_generated_skills: removedStaleGeneratedSkills,
     removed_agent_skill_aliases: await removeGeneratedAgentSkillAliases(root, skillNames),
     removed_codex_skill_mirrors: await removeGeneratedCodexSkillMirrors(root, skillNames)
   };
 }
 
+function generatedSkillFiles(skillNames) {
+  return skillNames.flatMap((name) => [
+    `.agents/skills/${name}/SKILL.md`,
+    `.agents/skills/${name}/agents/openai.yaml`
+  ]).sort();
+}
+
+function generatedSkillManifestPath(root) {
+  return path.join(root, '.agents', 'skills', SKS_SKILL_MANIFEST_FILE);
+}
+
+async function writeGeneratedSkillManifest(root, skillNames) {
+  const manifestPath = generatedSkillManifestPath(root);
+  await writeJsonAtomic(manifestPath, {
+    schema_version: 1,
+    generated_by: 'sneakoscope',
+    version: PACKAGE_VERSION,
+    prune_policy: GENERATED_PRUNE_POLICY,
+    skills: [...skillNames].sort(),
+    files: generatedSkillFiles(skillNames)
+  });
+}
+
+async function removeStaleGeneratedSkillsFromManifest(root, skillNames) {
+  const previous = await readJson(generatedSkillManifestPath(root), null);
+  const previousSkills = Array.isArray(previous?.skills) ? previous.skills : [];
+  if (!previousSkills.length) return [];
+  const current = new Set(skillNames);
+  const removed = [];
+  for (const name of previousSkills) {
+    const skillName = String(name || '').trim();
+    if (!skillName || current.has(skillName) || !/^[a-z0-9-]+$/.test(skillName)) continue;
+    const dir = path.join(root, '.agents', 'skills', skillName);
+    if (!(await exists(dir))) continue;
+    await fsp.rm(dir, { recursive: true, force: true });
+    removed.push(path.relative(root, dir));
+  }
+  return removed.sort();
+}
+
 function enrichSkillContent(name, content) {
   if (!['sks', 'answer', 'wiki', 'team', 'qa-loop', 'ppt', 'computer-use', 'computer-use-fast', 'cu', 'goal', 'research', 'autoresearch', 'db', 'gx', 'reflection', 'prompt-pipeline', 'pipeline-runner', 'context7-docs', 'turbo-context-pack', 'hproof-evidence-bind'].includes(name)) return content;
   const text = String(content || '').trimEnd();
@@ -704,4 +773,89 @@ async function installCodexAgents(root) {
   for (const [file, content] of Object.entries(agents)) {
     await writeTextAtomic(path.join(dir, file), content);
   }
+  return {
+    installed_agents: Object.keys(agents),
+    generated_files: Object.keys(agents).map((file) => `.codex/agents/${file}`).sort()
+  };
+}
+
+function currentGeneratedFileInventory(skillInstall = {}, agentInstall = {}) {
+  return Array.from(new Set([
+    '.codex/config.toml',
+    '.codex/SNEAKOSCOPE.md',
+    '.codex/hooks.json',
+    '.sneakoscope/harness-guard.json',
+    '.sneakoscope/db-safety.json',
+    '.sneakoscope/policy.json',
+    '.agents/skills/.sks-generated.json',
+    ...(Array.isArray(skillInstall.generated_files) ? skillInstall.generated_files : []),
+    ...(Array.isArray(agentInstall.generated_files) ? agentInstall.generated_files : [])
+  ])).sort();
+}
+
+async function pruneStaleGeneratedFiles(root, previousManifest, currentFiles) {
+  const previousFiles = Array.isArray(previousManifest?.generated_files?.files) ? previousManifest.generated_files.files : [];
+  if (!previousFiles.length) return { pruned: [] };
+  const current = new Set(currentFiles);
+  const pruned = [];
+  const already_absent = [];
+  for (const rel of previousFiles) {
+    const relPath = normalizeGeneratedRelPath(rel);
+    if (!relPath || current.has(relPath) || !isPrunableGeneratedPath(relPath)) continue;
+    const removed = await removeGeneratedRelPath(root, relPath);
+    if (removed) pruned.push(removed);
+    else already_absent.push(relPath);
+  }
+  return { pruned: pruned.sort(), already_absent: already_absent.sort() };
+}
+
+function normalizeGeneratedRelPath(value) {
+  const rel = String(value || '').trim().replaceAll('\\', '/');
+  if (!rel || rel.startsWith('/') || rel.includes('\0')) return null;
+  if (rel.split('/').some((part) => part === '..')) return null;
+  return rel;
+}
+
+function isPrunableGeneratedPath(rel) {
+  if (rel.startsWith('.agents/skills/')) return true;
+  if (rel.startsWith('.codex/agents/')) return true;
+  if (rel.startsWith('.codex/skills/')) return true;
+  return new Set([
+    '.codex/config.toml',
+    '.codex/SNEAKOSCOPE.md',
+    '.codex/hooks.json',
+    '.sneakoscope/harness-guard.json',
+    '.sneakoscope/db-safety.json',
+    '.sneakoscope/policy.json'
+  ]).has(rel);
+}
+
+async function removeGeneratedRelPath(root, rel) {
+  const absRoot = path.resolve(root);
+  const abs = path.resolve(absRoot, rel);
+  if (abs !== absRoot && !abs.startsWith(`${absRoot}${path.sep}`)) return null;
+  if (!(await exists(abs))) return null;
+  await fsp.rm(abs, { recursive: true, force: true });
+  await removeEmptyGeneratedParents(root, rel);
+  return rel;
+}
+
+async function removeEmptyGeneratedParents(root, rel) {
+  const parts = rel.split('/');
+  if (parts.length <= 1) return;
+  const stopDirs = new Set([
+    path.resolve(root, '.agents', 'skills'),
+    path.resolve(root, '.codex', 'agents'),
+    path.resolve(root, '.codex', 'skills'),
+    path.resolve(root, '.codex'),
+    path.resolve(root, '.sneakoscope')
+  ]);
+  let dir = path.resolve(root, ...parts.slice(0, -1));
+  while (!stopDirs.has(dir) && dir.startsWith(path.resolve(root))) {
+    await removeDirIfEmpty(dir);
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  if (rel.startsWith('.codex/skills/')) await removeDirIfEmpty(path.join(root, '.codex', 'skills'));
 }

package/src/core/questions.mjs

@@ -60,6 +60,134 @@ function hasAnswer(value) {
   return true;
 }
 
+const AMBIGUITY_READY_THRESHOLD = 0.2;
+const CLARITY_FLOORS = {
+  goal: 0.75,
+  constraints: 0.65,
+  success: 0.7,
+  context: 0.6
+};
+const CLARITY_WEIGHTS = {
+  goal: 0.35,
+  constraints: 0.25,
+  success: 0.25,
+  context: 0.15
+};
+
+function clamp01(n) {
+  if (!Number.isFinite(n)) return 0;
+  return Math.max(0, Math.min(1, n));
+}
+
+function hasAny(re, text) {
+  return re.test(text);
+}
+
+function scoreComponent(name, clarity, weight, justification) {
+  return {
+    name,
+    clarity_score: Number(clamp01(clarity).toFixed(2)),
+    weight,
+    ambiguity_contribution: Number(((1 - clamp01(clarity)) * weight).toFixed(3)),
+    justification
+  };
+}
+
+function summarizeAnswer(value) {
+  if (Array.isArray(value)) return value.map((v) => String(v || '').trim()).filter(Boolean).join('; ');
+  return String(value || '').trim();
+}
+
+function promptedGoalFromAnswers(explicitAnswers = {}) {
+  const target = summarizeAnswer(explicitAnswers.INTENT_TARGET);
+  const outcome = summarizeAnswer(explicitAnswers.REQUIRED_OUTCOME || explicitAnswers.SUCCESS_CRITERIA_OR_ACCEPTANCE);
+  if (target && outcome) return `${target}: ${outcome}`;
+  return target || outcome || '';
+}
+
+function promptHasExplicitAcceptance(lower) {
+  return /완료\s*기준|성공\s*기준|acceptance|criteria|definition of done|검증|테스트|pass|green|확인|완성도|완전히|처음부터|바로\s*보이|노출|표시|end[- ]?to[- ]?end/.test(lower);
+}
+
+function promptHasTarget(text, lower) {
+  return /[`'"][^`'"]+[`'"]/.test(text)
+    || /(?:^|\s)(?:src|bin|scripts|docs|README|CHANGELOG|package\.json|\.sneakoscope|\.agents|\.codex|[A-Za-z0-9_.-]+\/)[^\s,)]*/.test(text)
+    || /\$[A-Za-z0-9_-]+/.test(text)
+    || /(모호성|질문|파이프라인|게이트|라우트|화면|버튼|모달|디자인|레이아웃|컴포넌트|프론트|리드미|코덱스|결제|로그인|인증|세션|codex|route|pipeline|ambiguity|clarification|question|decision[- ]?contract|hyperplan|prometheus|ouroboros|openagent|payment|billing|auth|session|팀|team|qa|ppt|db|ui|ux|설치|버전|readme|changelog)/.test(lower);
+}
+
+function promptHasAction(lower) {
+  return /(구현|수정|개선|고쳐|만들|추가|삭제|정리|리팩터|바꿔|교체|재설계|처음부터|알려|보이게|보여|노출|표시|rebuild|rewrite|implement|fix|improve|add|remove|refactor|change|replace|redesign|reverse engineer)/.test(lower);
+}
+
+function promptIsUnderspecified(lower) {
+  const trimmed = lower.trim();
+  return trimmed.length < 12
+    || /^(이거|저거|그거|뭔가|문제|고쳐줘|수정해줘|개선해줘|해줘|fix this|improve this|do it)\s*[.!?。]*$/.test(trimmed)
+    || /^(이거|저거|그거)\s+(고쳐|수정|개선|해줘)/.test(trimmed);
+}
+
+function promptHasRisk(lower) {
+  return /(운영|production|prod|live|배포|publish|release|결제|payment|billing|auth|인증|보안|security|db|database|supabase|postgres|sql|schema|migration|마이그레이션|삭제|delete|drop|truncate|reset|권한|permission|credential|secret)/.test(lower);
+}
+
+function promptHasContextTarget(text, lower) {
+  return promptHasTarget(text, lower)
+    || /https?:\/\/\S+/.test(text)
+    || /(프로젝트|repo|repository|codebase|코드베이스|현재 코드|current code|기존|existing|local|로컬)/.test(lower);
+}
+
+export function buildAmbiguityAssessment(prompt, explicitAnswers = {}) {
+  const text = String(prompt || '');
+  const lower = text.toLowerCase();
+  const target = promptHasTarget(text, lower) || hasAnswer(explicitAnswers.INTENT_TARGET) || hasAnswer(explicitAnswers.GOAL_PRECISE);
+  const action = promptHasAction(lower) || hasAnswer(explicitAnswers.REQUIRED_OUTCOME) || hasAnswer(explicitAnswers.GOAL_PRECISE);
+  const underspecified = promptIsUnderspecified(lower);
+  const acceptance = promptHasExplicitAcceptance(lower) || hasAnswer(explicitAnswers.ACCEPTANCE_CRITERIA) || hasAnswer(explicitAnswers.SUCCESS_CRITERIA_OR_ACCEPTANCE);
+  const risk = promptHasRisk(lower);
+  const contextTarget = promptHasContextTarget(text, lower) || hasAnswer(explicitAnswers.CODEBASE_CONTEXT_TARGET);
+  const predictableSafetyDefault = /(재시도|retry|세션\s*만료|session\s*expired|session\s*expiry|token\s*expired)/.test(lower);
+  const hasPolicy = hasAnswer(explicitAnswers.RISK_BOUNDARY) || hasAnswer(explicitAnswers.RISK_AND_BOUNDARY) || predictableSafetyDefault || /(하지\s*마|금지|no\s+|never|묻지|보존|preserve|safe|안전|검증|approval|승인|알아서|판단|추론|infer|default|기본)/.test(lower);
+  const hasMultipleChoiceRisk = /(\bor\b|또는|아니면|선택|둘 중|여러|multiple|대안)/.test(lower) && !/(알아서|판단|infer|추론|default|기본)/.test(lower);
+
+  const goalClarity = underspecified ? (target || action ? 0.45 : 0.2) : (target && action ? 0.9 : target || action ? 0.62 : 0.25);
+  const constraintClarity = risk ? (hasPolicy ? 0.78 : 0.64) : 0.82;
+  const successClarity = acceptance ? 0.86 : (target && action && !risk ? 0.73 : target && action ? 0.66 : 0.38);
+  const contextClarity = contextTarget ? 0.82 : (underspecified ? 0.35 : 0.62);
+  const components = {
+    goal: scoreComponent('goal_clarity', goalClarity, CLARITY_WEIGHTS.goal, target && action ? 'target and action are present' : 'target or action is missing'),
+    constraints: scoreComponent('constraint_clarity', constraintClarity, CLARITY_WEIGHTS.constraints, risk ? (hasPolicy ? 'risk cues include a policy boundary' : 'risk cues need a boundary') : 'no high-risk cue detected'),
+    success: scoreComponent('success_criteria_clarity', successClarity, CLARITY_WEIGHTS.success, acceptance ? 'success or verification language is explicit' : 'success criteria can be inferred only if goal/risk are clear enough'),
+    context: scoreComponent('context_clarity', contextClarity, CLARITY_WEIGHTS.context, contextTarget ? 'target context is named or discoverable' : 'target context is not discoverable from prompt')
+  };
+  const overall = Object.values(components).reduce((sum, item) => sum + item.ambiguity_contribution, 0);
+  const floorFailures = [];
+  if (components.goal.clarity_score < CLARITY_FLOORS.goal) floorFailures.push('goal_clarity');
+  if (components.constraints.clarity_score < CLARITY_FLOORS.constraints) floorFailures.push('constraint_clarity');
+  if (components.success.clarity_score < CLARITY_FLOORS.success) floorFailures.push('success_criteria_clarity');
+  if (components.context.clarity_score < CLARITY_FLOORS.context) floorFailures.push('context_clarity');
+  const unresolved = [];
+  if (components.goal.clarity_score < CLARITY_FLOORS.goal) unresolved.push('intent_target_or_required_outcome');
+  if (components.success.clarity_score < CLARITY_FLOORS.success && (!target || !action || risk)) unresolved.push('success_criteria_or_acceptance');
+  if (components.constraints.clarity_score < CLARITY_FLOORS.constraints || hasMultipleChoiceRisk) unresolved.push('risk_boundary_or_choice');
+  if (components.context.clarity_score < CLARITY_FLOORS.context) unresolved.push('codebase_context_target');
+  const uniqueUnresolved = [...new Set(unresolved)];
+  return {
+    schema_version: 1,
+    method: 'weighted_clarity_interview',
+    inspired_by: ['ouroboros_ambiguity_threshold', 'prometheus_interview_plan_first', 'hyperplan_adversarial_lenses'],
+    threshold: AMBIGUITY_READY_THRESHOLD,
+    overall_score: Number(overall.toFixed(3)),
+    ready_for_contract: overall <= AMBIGUITY_READY_THRESHOLD && floorFailures.length === 0,
+    component_floors_passed: floorFailures.length === 0,
+    floor_failures: floorFailures,
+    components,
+    unresolved_dimensions: uniqueUnresolved,
+    question_budget: risk ? 3 : 2,
+    adversarial_lenses: ['challenge_framing', 'subtract_unneeded_surface', 'demand_evidence', 'test_integration_risk', 'consider_simpler_alternative']
+  };
+}
+
 function addInferred(out, notes, id, value, note) {
   if (!hasAnswer(value) && !(Array.isArray(value) && value.length === 0)) return;
   out[id] = value;
@@ -78,6 +206,7 @@ function looksLikePresentationArtifactPrompt(lower) {
 export function inferAnswersForPrompt(prompt, explicitAnswers = {}) {
   const text = `${prompt || ''}\n${explicitAnswers.GOAL_PRECISE || ''}`;
   const lower = text.toLowerCase();
+  const ambiguity = buildAmbiguityAssessment(prompt, explicitAnswers);
   const inferred = {};
   const notes = {};
   const normalizedPrompt = String(prompt || '')
@@ -122,26 +251,30 @@ export function inferAnswersForPrompt(prompt, explicitAnswers = {}) {
     presentation: ['audience profile and STP strategy are explicit before artifact creation', 'target pain points map to proposed solution moments', 'decision context and likely objections are sealed before storyboarding', 'presentation format, device, and delivery context are fixed before design work'],
     install: ['bootstrap/deps initialize readiness', 'missing runtime deps show repair actions', 'readiness output is concrete']
   };
-  if (!hasAnswer(explicitAnswers.GOAL_PRECISE)) {
+  const explicitPromptedGoal = promptedGoalFromAnswers(explicitAnswers);
+  const canInferCoreGoal = explicitPromptedGoal || !ambiguity.unresolved_dimensions.includes('intent_target_or_required_outcome');
+  if (!hasAnswer(explicitAnswers.GOAL_PRECISE) && canInferCoreGoal) {
     addInferred(
       inferred,
       notes,
       'GOAL_PRECISE',
-      presentationWork ? goals.presentation : (kind ? goals[kind] : (normalizedPrompt ? `사용자 요청을 현재 코드 기준으로 구현한다: ${normalizedPrompt}` : '사용자 요청을 현재 코드 기준으로 구현한다')),
-      presentationWork ? 'presentation' : (kind || 'prompt-derived-goal')
+      explicitPromptedGoal || (presentationWork ? goals.presentation : (kind ? goals[kind] : (normalizedPrompt ? `사용자 요청을 현재 코드 기준으로 구현한다: ${normalizedPrompt}` : '사용자 요청을 현재 코드 기준으로 구현한다'))),
+      explicitPromptedGoal ? 'user-answered-dynamic-intent' : (presentationWork ? 'presentation' : (kind || 'prompt-derived-goal'))
     );
   }
-  if (!hasAnswer(explicitAnswers.ACCEPTANCE_CRITERIA)) {
+  const explicitAcceptance = explicitAnswers.SUCCESS_CRITERIA_OR_ACCEPTANCE;
+  const canInferAcceptance = hasAnswer(explicitAcceptance) || Boolean(kind || presentationWork || paymentWork || authWork) || !ambiguity.unresolved_dimensions.includes('success_criteria_or_acceptance');
+  if (!hasAnswer(explicitAnswers.ACCEPTANCE_CRITERIA) && canInferAcceptance) {
     addInferred(
       inferred,
       notes,
       'ACCEPTANCE_CRITERIA',
-      presentationWork ? criteria.presentation : (kind ? criteria[kind] : [
+      hasAnswer(explicitAcceptance) ? explicitAcceptance : (presentationWork ? criteria.presentation : (kind ? criteria[kind] : [
         'requested behavior is implemented in the relevant code path',
         'relevant tests/checks pass or any unavailable check is explicitly justified',
         'final response states what was changed, verified, and left unverified'
-      ]),
-      presentationWork ? 'presentation' : (kind || 'default-implementation-criteria')
+      ])),
+      hasAnswer(explicitAcceptance) ? 'user-answered-dynamic-acceptance' : (presentationWork ? 'presentation' : (kind || 'default-implementation-criteria'))
     );
   }
 
@@ -157,11 +290,12 @@ export function inferAnswersForPrompt(prompt, explicitAnswers = {}) {
   }
   if (!hasAnswer(explicitAnswers.RISK_BOUNDARY)) {
     addInferred(inferred, notes, 'RISK_BOUNDARY', [
+      ...(hasAnswer(explicitAnswers.RISK_AND_BOUNDARY) ? [summarizeAnswer(explicitAnswers.RISK_AND_BOUNDARY)] : []),
       'no npm publish unless explicitly requested',
       'do not revert unrelated changes',
       'no destructive commands or live data writes',
       'no unrequested fallback implementation code'
-    ], 'safety');
+    ], hasAnswer(explicitAnswers.RISK_AND_BOUNDARY) ? 'user-answered-dynamic-risk-boundary' : 'safety');
   }
   if (uiuxWork) {
     if (!hasAnswer(explicitAnswers.UI_STATE_BEHAVIOR)) {
@@ -257,36 +391,47 @@ export function buildQuestionSchema(prompt) {
   if (/\b(ui|modal|screen|button|visual|design|layout|component|prototype|frontend)\b|화면|버튼|모달|디자인|레이아웃|컴포넌트|프론트|시각|발표자료|디자인\s*시스템/.test(lower)) domainHints.push('uiux');
   if (looksLikePresentationArtifactPrompt(lower)) domainHints.push('presentation');
   if (/db|database|schema|migration|테이블|마이그레이션|supabase|postgres|sql/.test(lower)) domainHints.push('db');
-  const slots = [
-    { id: 'GOAL_PRECISE', question: '이번 작업의 최종 목표를 한 문장으로 정확히 정의해주세요.', required: true, type: 'string' },
-    { id: 'ACCEPTANCE_CRITERIA', question: '완료 기준을 항목으로 적어주세요. 최소 2개 이상 권장합니다.', required: true, type: 'array_or_string' },
-    { id: 'NON_GOALS', question: '이번 작업에서 제외할 범위가 있나요? 없으면 빈 배열로 답해주세요.', required: true, type: 'array_or_string', allow_empty: true },
-    { id: 'PUBLIC_API_CHANGE_ALLOWED', question: 'public API 또는 외부 계약 변경을 허용하나요?', required: true, type: 'enum', options: ['no', 'yes_if_needed', 'yes'] },
-    { id: 'DB_SCHEMA_CHANGE_ALLOWED', question: 'DB schema 또는 migration 변경을 허용하나요?', required: true, type: 'enum', options: ['no', 'yes_if_needed', 'yes_with_migration'] },
-    { id: 'DEPENDENCY_CHANGE_ALLOWED', question: '새 dependency 추가를 허용하나요?', required: true, type: 'enum', options: ['no', 'yes_if_already_approved', 'yes'] },
-    { id: 'TEST_SCOPE', question: '완료 전 실행 또는 정당화해야 할 테스트 범위를 지정해주세요.', required: true, type: 'array_or_string', examples: ['unit', 'integration', 'e2e', 'lint', 'typecheck'] },
-    { id: 'MID_RUN_UNKNOWN_POLICY', question: '실행 중 새 모호성이 생기면 사용자에게 묻지 않고 어떤 해결 순서로 판단할까요? 이 항목은 대체 구현 또는 fallback 코드를 새로 만드는 허가가 아닙니다.', required: true, type: 'array', options: ['preserve_existing_behavior', 'smallest_reversible_change', 'defer_optional_scope', 'block_only_if_no_safe_path'] },
-    { id: 'RISK_BOUNDARY', question: '보안, 결제, 데이터 손상, 권한, 인증 등 절대 넘으면 안 되는 위험 경계를 적어주세요.', required: true, type: 'array_or_string' },
-
-    { id: 'DATABASE_TARGET_ENVIRONMENT', question: 'DB 관련 작업의 대상 환경을 지정해주세요. production write는 Sneakoscope Codex가 허용하지 않습니다.', required: true, type: 'enum', options: ['no_database', 'local_dev', 'preview_branch', 'supabase_branch', 'production_read_only'] },
-    { id: 'DATABASE_WRITE_MODE', question: 'DB 쓰기 정책을 선택해주세요. Supabase/Postgres MCP live write는 기본 차단됩니다.', required: true, type: 'enum', options: ['read_only_only', 'migration_files_only', 'non_destructive_writes_to_local_or_branch_only'] },
-    { id: 'SUPABASE_MCP_POLICY', question: 'Supabase MCP를 사용한다면 어떤 안전 정책을 적용할까요?', required: true, type: 'enum', options: ['not_used', 'read_only_project_scoped_only', 'branch_only_no_live_writes'] },
-    { id: 'DESTRUCTIVE_DB_OPERATIONS_ALLOWED', question: 'DROP/TRUNCATE/DB reset/mass DELETE/branch reset/project delete 같은 파괴적 DB 작업을 허용하나요? Sneakoscope Codex는 never만 허용합니다.', required: true, type: 'enum', options: ['never'] },
-    { id: 'DB_BACKUP_OR_BRANCH_REQUIRED', question: 'DB 쓰기가 필요한 경우 local/preview branch 또는 백업이 있어야만 진행하도록 할까요?', required: true, type: 'enum', options: ['yes_for_any_write'] },
-    { id: 'DB_MAX_BLAST_RADIUS', question: 'DML이 꼭 필요한 경우 허용 가능한 최대 영향 범위를 적어주세요. 기본 권장값은 no_live_dml입니다.', required: true, type: 'string' }
-  ];
-  if (domainHints.includes('payment')) {
+  const ambiguity = buildAmbiguityAssessment(prompt);
+  const slots = [];
+  const presentationSpecific = domainHints.includes('presentation');
+  if (!presentationSpecific && ambiguity.unresolved_dimensions.includes('intent_target_or_required_outcome')) {
     slots.push(
-      { id: 'PAYMENT_SUCCESS_INVARIANT', question: '이미 성공 처리된 결제에 대해서는 어떤 invariant를 보존해야 하나요?', required: true, type: 'string' },
-      { id: 'PAYMENT_RETRY_POLICY', question: '재시도 횟수, backoff, 실패 최종 상태 정책을 지정해주세요.', required: true, type: 'string' }
+      { id: 'INTENT_TARGET', question: '실제로 바꿀 대상과 원하는 결과를 한 문장으로만 적어주세요. 파일/화면/기능명이 있으면 같이 적어주세요.', required: true, type: 'string' }
     );
   }
-  if (domainHints.includes('auth')) {
+  if (!presentationSpecific && ambiguity.unresolved_dimensions.includes('success_criteria_or_acceptance')) {
     slots.push(
-      { id: 'AUTH_SESSION_EXPIRED_BEHAVIOR', question: '세션/토큰 만료 시 사용자가 보게 될 UX 또는 API 동작을 지정해주세요.', required: true, type: 'string' },
-      { id: 'AUTH_PROTOCOL_CHANGE_ALLOWED', question: '인증 프로토콜 변경을 허용하나요?', required: true, type: 'enum', options: ['no', 'yes_if_needed', 'yes'] }
+      { id: 'SUCCESS_CRITERIA_OR_ACCEPTANCE', question: '완료라고 판단할 수 있는 관찰 가능한 기준을 1~3개만 적어주세요. 모르면 “현재 코드 기준으로 판단”이라고 적어도 됩니다.', required: true, type: 'array_or_string' }
     );
   }
+  if (ambiguity.unresolved_dimensions.includes('risk_boundary_or_choice')) {
+    slots.push(
+      { id: 'RISK_AND_BOUNDARY', question: '여러 선택지가 있거나 위험한 변경이 있다면 반드시 지켜야 할 경계만 적어주세요. 없으면 “기존 동작 보존, 파괴적 작업 금지”라고 답해주세요.', required: true, type: 'string' }
+    );
+  }
+  if (ambiguity.unresolved_dimensions.includes('codebase_context_target')) {
+    slots.push(
+      { id: 'CODEBASE_CONTEXT_TARGET', question: '이 요청이 가리키는 repo/브랜치/화면/파일/최근 오류 맥락을 알려주세요.', required: true, type: 'string' }
+    );
+  }
+  if (domainHints.includes('payment')) {
+    const inferred = inferAnswersForPrompt(prompt);
+    if (!hasAnswer(inferred.answers.PAYMENT_SUCCESS_INVARIANT)) {
+      slots.push({ id: 'PAYMENT_SUCCESS_INVARIANT', question: '이미 성공 처리된 결제에 대해서는 어떤 invariant를 보존해야 하나요?', required: true, type: 'string' });
+    }
+    if (!hasAnswer(inferred.answers.PAYMENT_RETRY_POLICY)) {
+      slots.push({ id: 'PAYMENT_RETRY_POLICY', question: '재시도 횟수, backoff, 실패 최종 상태 정책을 지정해주세요.', required: true, type: 'string' });
+    }
+  }
+  if (domainHints.includes('auth')) {
+    const inferred = inferAnswersForPrompt(prompt);
+    if (!hasAnswer(inferred.answers.AUTH_SESSION_EXPIRED_BEHAVIOR)) {
+      slots.push({ id: 'AUTH_SESSION_EXPIRED_BEHAVIOR', question: '세션/토큰 만료 시 사용자가 보게 될 UX 또는 API 동작을 지정해주세요.', required: true, type: 'string' });
+    }
+    if (!hasAnswer(inferred.answers.AUTH_PROTOCOL_CHANGE_ALLOWED)) {
+      slots.push({ id: 'AUTH_PROTOCOL_CHANGE_ALLOWED', question: '인증 프로토콜 변경을 허용하나요?', required: true, type: 'enum', options: ['no', 'yes_if_needed', 'yes'] });
+    }
+  }
   if (domainHints.includes('uiux')) {
     slots.push(
       { id: 'UI_STATE_BEHAVIOR', question: '로딩, 에러, 빈 상태, 재시도 등 UI 상태별 기대 동작을 지정해주세요.', required: true, type: 'string' },
@@ -308,15 +453,22 @@ export function buildQuestionSchema(prompt) {
       { id: 'DB_READ_ONLY_QUERY_LIMIT', question: 'MCP/SQL read-only 조회 시 기본 LIMIT를 몇으로 둘까요?', required: true, type: 'string' }
     );
   }
-  const skippedByDefault = new RegExp('^(D' + 'B_|D' + 'ATABASE_|D' + 'ESTRUCTIVE_D' + 'B_|SUPA' + 'BASE_)');
   const inferred = inferAnswersForPrompt(prompt);
-  const inferredSlots = new Set(['MID_RUN_UNKNOWN_POLICY', ...Object.keys(inferred.answers)]);
-  const askedSlots = slots.filter((s) => !inferredSlots.has(s.id) && (domainHints.includes('db') || !skippedByDefault.test(s.id)));
+  const inferredSlots = new Set(Object.keys(inferred.answers));
+  const askedSlots = slots
+    .filter((s) => {
+      if (inferredSlots.has(s.id)) return false;
+      if (s.id === 'INTENT_TARGET' && hasAnswer(inferred.answers.GOAL_PRECISE)) return false;
+      if (s.id === 'SUCCESS_CRITERIA_OR_ACCEPTANCE' && hasAnswer(inferred.answers.ACCEPTANCE_CRITERIA)) return false;
+      return true;
+    })
+    .slice(0, domainHints.includes('presentation') ? slots.length : ambiguity.question_budget);
   return {
-    schema_version: 1,
-    description: 'Only slots that can change scope, safety, behavior, or acceptance are asked. The rest is inferred from TriWiki/current code defaults. After the contract is sealed, SKS resolves with the decision ladder instead of asking mid-run questions.',
+    schema_version: 2,
+    description: 'SKS scores goal, constraints, success criteria, and codebase context first, then asks only the lowest-clarity questions that can change execution. The rest is inferred from the prompt, TriWiki/current-code defaults, and conservative SKS safety policy. After the contract is sealed, SKS resolves with the decision ladder instead of asking mid-run questions.',
     prompt,
     domain_hints: domainHints,
+    ambiguity_assessment: ambiguity,
     inferred_answers: inferred.answers,
     inference_notes: inferred.notes,
     slots: askedSlots
@@ -339,6 +491,15 @@ export function questionsMarkdown(schema) {
     lines.push('사용자 의도가 실제로 모호한 항목만 묻고, 나머지는 TriWiki/current-code 기본값으로 추론합니다.');
   }
   if (schema.description) lines.push(schema.description);
+  if (schema.ambiguity_assessment) {
+    lines.push('');
+    lines.push('## Ambiguity Assessment');
+    lines.push('');
+    lines.push(`- method: ${schema.ambiguity_assessment.method}`);
+    lines.push(`- score: ${schema.ambiguity_assessment.overall_score} (ready threshold <= ${schema.ambiguity_assessment.threshold})`);
+    lines.push(`- unresolved dimensions: ${(schema.ambiguity_assessment.unresolved_dimensions || []).join(', ') || 'none'}`);
+    lines.push(`- question budget: ${schema.ambiguity_assessment.question_budget}`);
+  }
   if (schema.inferred_answers && Object.keys(schema.inferred_answers).length) {
     lines.push('');
     lines.push('## Inferred Answers');