sneakoscope 1.14.0 → 1.15.0

package/README.md

@@ -10,15 +10,15 @@ SKS does not try to clone every other harness. It focuses on one thing: making C
 
 ## Current Release
 
-SKS **1.14.0** focuses on Codex hook trust parity and real imagegen route hardening: hooks now prefer managed installs when official hashes are unavailable, `trust-doctor --actual` reports real config state, and UX/PPT image routes validate gpt-image-2 requests before generation while fake blackbox checks stay explicitly mock-like.
+SKS **1.15.0** promotes MAD-SKS into explicit user-authorized full-system authority while keeping the SKS harness itself immutable. It also closes the 1.14.1 freshness gaps: release gates check for stale `dist`, Codex exec output-schema syntax is verified for both fresh `exec` and `exec resume`, Scout engine-run lookup covers status/consensus/handoff/validate plus opt-in real smoke, and flagship proof graph v3 binds MAD-SKS audit, rollback, immutable guard, Hook, UX/PPT, DFix, and Scout evidence.
 
 ```bash
+sks mad-sks plan --target-root <path> --json
+sks mad-sks permissions --json
+sks mad-sks proof --json
 sks features complete --json
-sks ux-review run --image <path> --generate-callouts --json
-sks ppt fixture --mock --json
-sks dfix fixture --json
-sks hooks trust-doctor --actual --json
-sks hooks install --managed --json
+sks scouts status latest --engine-runs --json
+npm run release:readiness
 ```
 
 Detailed release history lives in [CHANGELOG.md](CHANGELOG.md). Current release gate status lives in [docs/release-readiness.md](docs/release-readiness.md).
@@ -38,6 +38,9 @@ Detailed release history lives in [CHANGELOG.md](CHANGELOG.md). Current release
 - Package boundary: [docs/package-boundary.md](docs/package-boundary.md)
 - Black-box package tests: [docs/black-box-package-tests.md](docs/black-box-package-tests.md)
 - Codex CLI compatibility: [docs/codex-cli-compat.md](docs/codex-cli-compat.md)
+- MAD-SKS: [docs/mad-sks.md](docs/mad-sks.md)
+- Permission kernel: [docs/permission-kernel.md](docs/permission-kernel.md)
+- Immutable harness guard: [docs/immutable-harness-guard.md](docs/immutable-harness-guard.md)
 - Codex App: [docs/codex-app.md](docs/codex-app.md)
 - Core dominance: [docs/core-dominance.md](docs/core-dominance.md)
 - Performance budgets: [docs/performance-budgets.md](docs/performance-budgets.md)

package/crates/sks-core/Cargo.lock

@@ -76,7 +76,7 @@ dependencies = [
 
 [[package]]
 name = "sks-core"
-version = "1.14.0"
+version = "1.15.0"
 dependencies = [
  "serde_json",
 ]

package/crates/sks-core/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "sks-core"
-version = "1.14.0"
+version = "1.15.0"
 edition = "2021"
 
 [dependencies]

package/crates/sks-core/src/main.rs

@@ -4,7 +4,7 @@ use std::io::{self, Read, Seek, SeekFrom};
 fn main() {
     let mut args = std::env::args().skip(1);
     match args.next().as_deref() {
-        Some("--version") => println!("sks-rs 1.14.0"),
+        Some("--version") => println!("sks-rs 1.15.0"),
         Some("compact-info") => {
             let mut input = String::new();
             let _ = io::stdin().read_to_string(&mut input);

package/dist/.sks-build-stamp.json

@@ -0,0 +1,8 @@
+{
+  "schema": "sks.dist-build-stamp.v1",
+  "package_name": "sneakoscope",
+  "package_version": "1.15.0",
+  "source_digest": "0edaa5eb690818f453a1c1fdc205d0edda1766ad38fdf0ce69ecbc472e6bd23e",
+  "source_file_count": 1428,
+  "built_at_source_time": 1779511366988
+}

package/dist/bin/sks.js

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-const FAST_PACKAGE_VERSION = '1.14.0';
+const FAST_PACKAGE_VERSION = '1.15.0';
 const args = process.argv.slice(2);
 try {
     if (args[0] === '--version' || args[0] === '-v' || args[0] === 'version') {

package/dist/build-manifest.json

@@ -1,8 +1,12 @@
 {
   "schema": "sks.dist-build.v2",
-  "version": "1.14.0",
+  "version": "1.15.0",
+  "package_version": "1.15.0",
   "typescript": true,
   "mjs_runtime_files": 0,
+  "source_digest": "0edaa5eb690818f453a1c1fdc205d0edda1766ad38fdf0ce69ecbc472e6bd23e",
+  "source_file_count": 1428,
+  "dist_stamp_schema": "sks.dist-build-stamp.v1",
   "files": [
     "bin/sks.d.ts",
     "bin/sks.js",
@@ -226,6 +230,8 @@
     "core/codex-hooks/codex-hook-hash.js",
     "core/codex-hooks/codex-hook-managed-install.d.ts",
     "core/codex-hooks/codex-hook-managed-install.js",
+    "core/codex-hooks/codex-hook-official-hash-oracle.d.ts",
+    "core/codex-hooks/codex-hook-official-hash-oracle.js",
     "core/codex-hooks/codex-hook-official-parity.d.ts",
     "core/codex-hooks/codex-hook-official-parity.js",
     "core/codex-hooks/codex-hook-state-writer.d.ts",
@@ -370,6 +376,8 @@
     "core/evidence/evidence-schema.js",
     "core/evidence/evidence-store.d.ts",
     "core/evidence/evidence-store.js",
+    "core/evidence/flagship-proof-graph-validator.d.ts",
+    "core/evidence/flagship-proof-graph-validator.js",
     "core/feature-fixture-runner.d.ts",
     "core/feature-fixture-runner.js",
     "core/feature-fixtures.d.ts",
@@ -452,6 +460,20 @@
     "core/language-preference.js",
     "core/loop-blocker.d.ts",
     "core/loop-blocker.js",
+    "core/mad-sks/audit-ledger.d.ts",
+    "core/mad-sks/audit-ledger.js",
+    "core/mad-sks/authorization-manifest.d.ts",
+    "core/mad-sks/authorization-manifest.js",
+    "core/mad-sks/immutable-harness-guard.d.ts",
+    "core/mad-sks/immutable-harness-guard.js",
+    "core/mad-sks/permission-model.d.ts",
+    "core/mad-sks/permission-model.js",
+    "core/mad-sks/proof-evidence.d.ts",
+    "core/mad-sks/proof-evidence.js",
+    "core/mad-sks/rollback-plan.d.ts",
+    "core/mad-sks/rollback-plan.js",
+    "core/mad-sks/write-guard.d.ts",
+    "core/mad-sks/write-guard.js",
     "core/managed-paths.d.ts",
     "core/managed-paths.js",
     "core/memory-governor.d.ts",

package/dist/cli/feature-commands.js

@@ -151,6 +151,41 @@ export async function hooksCommand(sub = 'explain', args = []) {
             process.exitCode = 1;
         return;
     }
+    if (action === 'repair') {
+        if (flag(args, '--trusted')) {
+            const parity = await writeCodexHookOfficialParityReport(root);
+            if (!parity.official_hash_available) {
+                const blocked = {
+                    schema: 'sks.codex-hooks-repair.v1',
+                    ok: false,
+                    mode: 'trusted',
+                    status: 'blocked',
+                    blocker: 'official_hash_oracle_unavailable',
+                    next_command: 'sks hooks repair --managed --json',
+                    parity
+                };
+                if (flag(args, '--json'))
+                    return console.log(JSON.stringify(blocked, null, 2));
+                console.log('Hooks trusted repair blocked: official hash oracle unavailable. Run `sks hooks repair --managed --json`.');
+                process.exitCode = 1;
+                return;
+            }
+        }
+        const report = await installManagedCodexHooks(root);
+        const result = {
+            ...report,
+            schema: 'sks.codex-hooks-repair.v1',
+            mode: 'managed',
+            next_command: 'sks hooks trust-doctor --actual --json',
+            actions: ['requirements_toml_managed_install_default']
+        };
+        if (flag(args, '--json'))
+            return console.log(JSON.stringify(result, null, 2));
+        console.log(`Hooks managed repair: ${report.ok ? 'ok' : 'blocked'}`);
+        if (!report.ok)
+            process.exitCode = 1;
+        return;
+    }
     if (action === 'install') {
         const report = flag(args, '--managed')
             ? await installManagedCodexHooks(root)
@@ -162,7 +197,7 @@ export async function hooksCommand(sub = 'explain', args = []) {
             process.exitCode = 1;
         return;
     }
-    if (action === 'actual-parity' || action === 'official-parity') {
+    if (action === 'actual-parity' || action === 'official-parity' || (action === 'parity' && flag(args, '--official'))) {
         const report = await writeCodexHookOfficialParityReport(root);
         if (flag(args, '--json'))
             return console.log(JSON.stringify(report, null, 2));
@@ -220,7 +255,7 @@ export async function hooksCommand(sub = 'explain', args = []) {
         return;
     }
     if (action !== 'explain') {
-        console.error('Usage: sks hooks explain|status|doctor|trust-report|trust-state|trust-doctor|trust-fix|install|actual-parity|official-parity|replay <fixture.json>|codex-schema|codex-validate|warning-check|replay-codex-fixtures [--json]');
+        console.error('Usage: sks hooks explain|status|doctor|trust-report|trust-state|trust-doctor|trust-fix|install|repair|actual-parity|official-parity|parity --official|replay <fixture.json>|codex-schema|codex-validate|warning-check|replay-codex-fixtures [--json]');
         process.exitCode = 1;
         return;
     }

package/dist/commands/image-ux-review.d.ts

@@ -49,7 +49,8 @@ export declare function run(command: any, args?: any): Promise<void | {
                 privacy: string;
             };
             image_generation_review: {
-                required_for_gate: boolean;
+                required_for_gate: string;
+                missing_generated_image_closeout: string;
                 model: string;
                 preferred_surface: string;
                 codex_app_imagegen_doc: string;
@@ -122,12 +123,17 @@ export declare function run(command: any, args?: any): Promise<void | {
                 gpt_image_2_model_doc: string;
             };
             required: boolean;
+            required_for_full_verification: boolean;
+            reference_closeout_allowed_when_unavailable: boolean;
             generated_review_images: any;
             planned_reviews: any;
             generated_count: any;
             real_generated_count: any;
             required_count: any;
             text_only_count: any;
+            generated_image_file_evidence_checked: boolean;
+            evidence_verified: boolean;
+            reference_closeout_eligible: boolean;
             blockers: string[];
             passed: boolean;
             imagegen_blocker: {
@@ -260,6 +266,7 @@ export declare function run(command: any, args?: any): Promise<void | {
             }[];
             stopped: boolean;
             stop_reason: string;
+            reference_only: boolean;
             passed: boolean;
         };
         output_schema: import("../core/codex-exec-output-schema.js").CodexExecResumeOutputSchemaAvailability | {
@@ -267,8 +274,24 @@ export declare function run(command: any, args?: any): Promise<void | {
             status: string;
             warnings: any[];
         };
+        honest_mode_evidence: {
+            schema: string;
+            ok: boolean;
+            artifact: string;
+            validation: {
+                schema: any;
+                ok: boolean;
+                errors: any;
+                warnings: any;
+                checked_at: string;
+            };
+        };
         gate: {
-            passed: boolean;
+            passed: any;
+            status: string;
+            verified_level: string;
+            full_review_passed: boolean;
+            reference_only: any;
             schema: string;
             schema_version: number;
             created_at: string;
@@ -282,15 +305,26 @@ export declare function run(command: any, args?: any): Promise<void | {
             p0_p1_zero_after_fix: boolean;
             fix_loop_executed_or_not_needed: boolean;
             changed_screens_rechecked: boolean;
+            image_voxel_reference_anchor_created: boolean;
             image_voxel_relations_created: boolean;
             wrongness_checked: boolean;
             honest_mode_complete: boolean;
             required_artifacts: string[];
             blockers: any[];
+            full_verification_blockers: any[];
+            reference_closeout: {
+                eligible: any;
+                reason: string | null;
+                cap: string;
+                cannot_claim: string[];
+            };
+            source_reference_evidence: any;
+            honest_mode_evidence: any;
             verification_caps: {
                 text_only_review: string;
                 mock_fixture: string;
                 codex_less_than_0_132_fallback: string;
+                missing_generated_image_reference_closeout: string;
             };
             notes: string[];
         };
@@ -397,7 +431,11 @@ export declare function run(command: any, args?: any): Promise<void | {
         contract_hash: any;
     };
     gate: {
-        passed: boolean;
+        passed: any;
+        status: string;
+        verified_level: string;
+        full_review_passed: boolean;
+        reference_only: any;
         schema: string;
         schema_version: number;
         created_at: string;
@@ -411,15 +449,26 @@ export declare function run(command: any, args?: any): Promise<void | {
         p0_p1_zero_after_fix: boolean;
         fix_loop_executed_or_not_needed: boolean;
         changed_screens_rechecked: boolean;
+        image_voxel_reference_anchor_created: boolean;
         image_voxel_relations_created: boolean;
         wrongness_checked: boolean;
         honest_mode_complete: boolean;
         required_artifacts: string[];
         blockers: any[];
+        full_verification_blockers: any[];
+        reference_closeout: {
+            eligible: any;
+            reason: string | null;
+            cap: string;
+            cannot_claim: string[];
+        };
+        source_reference_evidence: any;
+        honest_mode_evidence: any;
         verification_caps: {
             text_only_review: string;
             mock_fixture: string;
             codex_less_than_0_132_fallback: string;
+            missing_generated_image_reference_closeout: string;
         };
         notes: string[];
     };
@@ -466,6 +515,15 @@ export declare function run(command: any, args?: any): Promise<void | {
         blockers: string[];
         passed: boolean;
     };
+} | {
+    schema: string;
+    ok: boolean;
+    mission_id: any;
+    status: any;
+    verified_level: any;
+    reference_only: boolean;
+    blockers: any;
+    next_action: string;
 } | {
     schema: string;
     ok: boolean;

package/dist/commands/wiki.d.ts

@@ -15,7 +15,7 @@ export declare function run(_command: any, args?: any): Promise<void | {
     };
     active_records: {
         id: string;
-        kind: "callout_extraction_schema_failed" | "missing_evidence" | "incorrect_claim" | "overconfident_claim" | "stale_evidence" | "test_failure" | "route_misclassification" | "scout_error" | "visual_anchor_error" | "image_bbox_error" | "db_safety_false_positive" | "db_safety_false_negative" | "hook_policy_mismatch" | "hook_semantic_mismatch" | "hook_strict_subset_misclassified" | "codex_lb_health_misread" | "codex_lb_missing_env_raw_message" | "codex_lb_setup_choice_drift" | "codex_lb_env_persistence_failure" | "computer_use_policy_misclassification" | "computer_use_live_smoke_mismatch" | "computer_use_external_block_overclaimed" | "mock_real_confusion" | "user_intent_misread" | "artifact_schema_error" | "trust_status_overclaim" | "ux_review_text_only_fallback" | "ux_generated_image_not_real" | "ux_fake_generic_callout_detected" | "ux_callout_ocr_uncertain" | "gpt_image_2_callout_generation_failed" | "callout_bbox_out_of_bounds" | "ux_patch_applied_without_recheck" | "ux_after_recheck_regression" | "ux_image_fidelity_mismatch" | "ux_output_schema_unavailable_fallback" | "fix_loop_noop_patch" | "visual_fix_not_rechecked" | "post_fix_regression_detected" | "ppt_text_only_review_fallback" | "ppt_slide_export_failed" | "ppt_imagegen_callout_generation_failed" | "ppt_slide_callout_extraction_failed" | "ppt_slide_bbox_out_of_bounds" | "ppt_deck_patch_noop" | "ppt_fix_not_reexported" | "ppt_slide_not_rechecked" | "ppt_post_fix_regression_detected" | "dfix_diagnosis_missing" | "dfix_root_cause_missing" | "dfix_patch_plan_missing" | "dfix_verification_missing" | "dfix_noop_patch" | "repeated_blocker_stop";
+        kind: "callout_extraction_schema_failed" | "missing_evidence" | "incorrect_claim" | "overconfident_claim" | "stale_evidence" | "test_failure" | "route_misclassification" | "scout_error" | "visual_anchor_error" | "image_bbox_error" | "db_safety_false_positive" | "db_safety_false_negative" | "hook_policy_mismatch" | "hook_semantic_mismatch" | "hook_strict_subset_misclassified" | "codex_lb_health_misread" | "codex_lb_missing_env_raw_message" | "codex_lb_setup_choice_drift" | "codex_lb_env_persistence_failure" | "computer_use_policy_misclassification" | "computer_use_live_smoke_mismatch" | "computer_use_external_block_overclaimed" | "mock_real_confusion" | "user_intent_misread" | "artifact_schema_error" | "trust_status_overclaim" | "ux_review_text_only_fallback" | "ux_generated_image_not_real" | "ux_fake_generic_callout_detected" | "ux_callout_ocr_uncertain" | "gpt_image_2_callout_generation_failed" | "callout_bbox_out_of_bounds" | "ux_patch_applied_without_recheck" | "ux_after_recheck_regression" | "ux_image_fidelity_mismatch" | "ux_output_schema_unavailable_fallback" | "fix_loop_noop_patch" | "visual_fix_not_rechecked" | "post_fix_regression_detected" | "ppt_text_only_review_fallback" | "ppt_slide_export_failed" | "ppt_imagegen_callout_generation_failed" | "ppt_slide_callout_extraction_failed" | "ppt_slide_bbox_out_of_bounds" | "ppt_deck_patch_noop" | "ppt_fix_not_reexported" | "ppt_slide_not_rechecked" | "ppt_post_fix_regression_detected" | "dfix_diagnosis_missing" | "dfix_root_cause_missing" | "dfix_patch_plan_missing" | "dfix_verification_missing" | "dfix_noop_patch" | "mad_sks_protected_core_write_attempt" | "mad_sks_symlink_escape_attempt" | "mad_sks_unapproved_system_access" | "mad_sks_missing_rollback_plan" | "mad_sks_secret_leak_detected" | "mad_sks_unverified_system_change" | "mad_sks_db_write_without_snapshot" | "mad_sks_service_control_without_previous_state" | "repeated_blocker_stop";
         severity: "high" | "low" | "medium" | "critical";
         route: string | null;
         claim: string;

package/dist/core/codex-exec-output-schema.d.ts

@@ -8,6 +8,26 @@ export interface CodexExecResumeOutputSchemaAvailability {
     output_last_message_supported: boolean;
     warnings: string[];
 }
+export interface CodexExecOutputSchemaSyntaxAvailability {
+    schema: 'sks.codex-exec-output-schema-syntax.v1';
+    ok: boolean;
+    status: 'available' | 'integration_optional' | 'degraded_supported';
+    codex_bin: string | null;
+    version: string | null;
+    exec: {
+        output_schema_supported: boolean;
+        output_last_message_supported: boolean;
+        help_checked: boolean;
+    };
+    resume: {
+        output_schema_supported: boolean;
+        output_last_message_supported: boolean;
+        help_checked: boolean;
+    };
+    parity: boolean;
+    blockers: string[];
+    warnings: string[];
+}
 export interface CodexResumeOutputSchemaCommandInput {
     sessionId: string;
     prompt?: string;
@@ -16,6 +36,14 @@ export interface CodexResumeOutputSchemaCommandInput {
     json?: boolean;
     extraArgs?: readonly string[];
 }
+export interface CodexExecOutputSchemaCommandInput {
+    prompt: string;
+    outputSchemaPath: string;
+    outputFile?: string | null;
+    json?: boolean;
+    extraArgs?: readonly string[];
+}
+export declare function detectCodexExecOutputSchemaSyntax(opts?: any): Promise<CodexExecOutputSchemaSyntaxAvailability>;
 export interface CodexExecResumeOutputSchemaRunResult {
     schema: 'sks.codex-exec-output-schema-run.v1';
     ok: boolean;
@@ -35,6 +63,7 @@ export interface CodexExecResumeOutputSchemaRunResult {
     exit_code: number | null;
 }
 export declare function detectCodexExecResumeOutputSchema(opts?: any): Promise<CodexExecResumeOutputSchemaAvailability>;
+export declare function buildCodexExecOutputSchemaArgs(input: CodexExecOutputSchemaCommandInput): Promise<string[]>;
 export declare function codexSchemaPath(name: string): Promise<string>;
 export declare function assertCodexSchemaFile(schemaPath: string): Promise<{
     ok: boolean;

package/dist/core/codex-exec-output-schema.js

@@ -3,6 +3,72 @@ import fsp from 'node:fs/promises';
 import { ensureDir, exists, packageRoot, readJson, runProcess, which } from './fsx.js';
 import { codexVersionPolicy, compareSemverLike, parseCodexVersionText } from './codex-compat/codex-version-policy.js';
 import { validateJsonSchemaRecursive } from './json-schema-validator.js';
+export async function detectCodexExecOutputSchemaSyntax(opts = {}) {
+    const codexBin = opts.codexBin || await which('codex').catch(() => null);
+    if (!codexBin) {
+        return {
+            schema: 'sks.codex-exec-output-schema-syntax.v1',
+            ok: true,
+            status: 'integration_optional',
+            codex_bin: null,
+            version: null,
+            exec: { output_schema_supported: false, output_last_message_supported: false, help_checked: false },
+            resume: { output_schema_supported: false, output_last_message_supported: false, help_checked: false },
+            parity: false,
+            blockers: [],
+            warnings: ['codex binary not detected; output-schema syntax check is integration_optional']
+        };
+    }
+    const versionResult = opts.versionText
+        ? { code: 0, stdout: String(opts.versionText), stderr: '' }
+        : await runProcess(codexBin, ['--version'], { timeoutMs: opts.timeoutMs || 3000, maxOutputBytes: 16 * 1024 });
+    const execHelpResult = opts.execHelpText
+        ? { code: 0, stdout: String(opts.execHelpText), stderr: '' }
+        : await runProcess(codexBin, ['exec', '--help'], { timeoutMs: opts.timeoutMs || 5000, maxOutputBytes: 64 * 1024 });
+    const resumeHelpResult = opts.resumeHelpText
+        ? { code: 0, stdout: String(opts.resumeHelpText), stderr: '' }
+        : await runProcess(codexBin, ['exec', 'resume', '--help'], { timeoutMs: opts.timeoutMs || 5000, maxOutputBytes: 64 * 1024 });
+    const rawVersion = `${versionResult.stdout || ''}\n${versionResult.stderr || ''}`;
+    const version = parseCodexVersionText(rawVersion);
+    const execHelp = `${execHelpResult.stdout || ''}\n${execHelpResult.stderr || ''}`;
+    const resumeHelp = `${resumeHelpResult.stdout || ''}\n${resumeHelpResult.stderr || ''}`;
+    const execSupported = /--output-schema\b/.test(execHelp);
+    const resumeSupported = /--output-schema\b/.test(resumeHelp) || Boolean(version && compareSemverLike(version, '0.132.0') >= 0 && /--output-schema\b/.test(resumeHelp));
+    const execLastMessage = /--output-last-message\b|-o,/.test(execHelp);
+    const resumeLastMessage = /--output-last-message\b|-o,/.test(resumeHelp);
+    const policy = codexVersionPolicy({ available: Boolean(version), version, source: 'codex --version' });
+    const blockers = [
+        ...(execHelpResult.code === 0 ? [] : ['codex_exec_help_failed']),
+        ...(resumeHelpResult.code === 0 ? [] : ['codex_exec_resume_help_failed'])
+    ];
+    const status = policy.status === 'integration_optional'
+        ? 'integration_optional'
+        : execSupported || resumeSupported ? 'available' : 'degraded_supported';
+    return {
+        schema: 'sks.codex-exec-output-schema-syntax.v1',
+        ok: blockers.length === 0,
+        status,
+        codex_bin: codexBin,
+        version,
+        exec: {
+            output_schema_supported: execSupported,
+            output_last_message_supported: execLastMessage,
+            help_checked: execHelpResult.code === 0
+        },
+        resume: {
+            output_schema_supported: resumeSupported,
+            output_last_message_supported: resumeLastMessage,
+            help_checked: resumeHelpResult.code === 0
+        },
+        parity: execSupported === resumeSupported,
+        blockers,
+        warnings: [
+            ...policy.warnings,
+            ...(execSupported ? [] : ['codex exec --output-schema unavailable']),
+            ...(resumeSupported ? [] : ['codex exec resume --output-schema unavailable'])
+        ]
+    };
+}
 export async function detectCodexExecResumeOutputSchema(opts = {}) {
     const codexBin = opts.codexBin || await which('codex').catch(() => null);
     if (!codexBin) {
@@ -47,6 +113,21 @@ export async function detectCodexExecResumeOutputSchema(opts = {}) {
         warnings
     };
 }
+export async function buildCodexExecOutputSchemaArgs(input) {
+    const schemaPath = path.resolve(input.outputSchemaPath);
+    const schema = await assertCodexSchemaFile(schemaPath);
+    if (!schema.ok)
+        throw new Error(`Invalid output schema: ${schema.issues.join(', ')}`);
+    const args = ['exec'];
+    if (input.json !== false)
+        args.push('--json');
+    args.push('--output-schema', schemaPath);
+    if (input.outputFile)
+        args.push('--output-last-message', path.resolve(input.outputFile));
+    args.push(...Array.from(input.extraArgs || []));
+    args.push(String(input.prompt || ''));
+    return args;
+}
 export async function codexSchemaPath(name) {
     const clean = String(name || '').replace(/[^A-Za-z0-9_.-]+/g, '');
     const file = clean.endsWith('.json') ? clean : `${clean}.schema.json`;

package/dist/core/codex-hooks/codex-hook-official-hash-oracle.d.ts

@@ -0,0 +1,19 @@
+import { type CodexHookEventName } from '../codex-compat/codex-hook-events.js';
+import { type CodexCommandHookIdentity } from './codex-hook-hash.js';
+export declare const CODEX_HOOK_HASH_ORACLE_SCHEMA = "sks.codex-hook-hash-oracle.v1";
+export type CodexHookHashOracleMode = 'cli' | 'rust-helper' | 'golden-fixture' | 'unavailable';
+export interface CodexHookHashOracleResult {
+    schema: typeof CODEX_HOOK_HASH_ORACLE_SCHEMA;
+    ok: boolean;
+    mode: CodexHookHashOracleMode;
+    event_name: CodexHookEventName | null;
+    official_hash_available: boolean;
+    official_hash_proven: boolean;
+    official_hash: string | null;
+    sks_computed_hash: string | null;
+    source: string | null;
+    blocker: string | null;
+    generated_at: string;
+}
+export declare function resolveCodexHookHashOracle(root: string, identity: CodexCommandHookIdentity, opts?: any): Promise<CodexHookHashOracleResult>;
+//# sourceMappingURL=codex-hook-official-hash-oracle.d.ts.map

package/dist/core/codex-hooks/codex-hook-official-hash-oracle.js

@@ -0,0 +1,96 @@
+import path from 'node:path';
+import { exists, nowIso, readJson, runProcess, which } from '../fsx.js';
+import {} from '../codex-compat/codex-hook-events.js';
+import { codexCommandHookCurrentHash } from './codex-hook-hash.js';
+export const CODEX_HOOK_HASH_ORACLE_SCHEMA = 'sks.codex-hook-hash-oracle.v1';
+export async function resolveCodexHookHashOracle(root, identity, opts = {}) {
+    const sksHash = codexCommandHookCurrentHash(identity);
+    const cli = await readCliOracle(identity, opts).catch((err) => unavailable(identity, sksHash, `cli_oracle_failed:${errorMessage(err)}`));
+    if (cli.mode === 'cli' && cli.official_hash_available)
+        return cli;
+    const rust = await readRustOracle(root, identity, opts).catch((err) => unavailable(identity, sksHash, `rust_oracle_failed:${errorMessage(err)}`));
+    if (rust.mode === 'rust-helper' && rust.official_hash_available)
+        return rust;
+    const fixture = await readGoldenFixtureOracle(root, identity, opts).catch((err) => unavailable(identity, sksHash, `golden_fixture_failed:${errorMessage(err)}`));
+    if (fixture.mode === 'golden-fixture' && fixture.official_hash_available)
+        return fixture;
+    return unavailable(identity, sksHash, cli.blocker || rust.blocker || fixture.blocker || 'official_hash_oracle_unavailable');
+}
+async function readCliOracle(identity, opts = {}) {
+    const codexBin = opts.codexBin || await which('codex').catch(() => null);
+    const sksHash = codexCommandHookCurrentHash(identity);
+    if (!codexBin)
+        return unavailable(identity, sksHash, 'codex_binary_missing');
+    const run = await runProcess(codexBin, ['hooks', 'hash', '--json'], {
+        input: `${JSON.stringify(identity)}\n`,
+        timeoutMs: 5000,
+        maxOutputBytes: 64 * 1024
+    }).catch((err) => ({ code: 1, stdout: '', stderr: errorMessage(err) }));
+    if (run.code !== 0)
+        return unavailable(identity, sksHash, 'codex_hooks_hash_json_unavailable');
+    const parsed = JSON.parse(run.stdout || '{}');
+    const officialHash = parsed.official_hash || parsed.hash || parsed.current_hash || null;
+    return oracleResult('cli', identity, sksHash, officialHash, `${codexBin} hooks hash --json`);
+}
+async function readRustOracle(root, identity, opts = {}) {
+    const sksRs = opts.rustHelper || await which('sks-rs').catch(() => null);
+    const sksHash = codexCommandHookCurrentHash(identity);
+    if (!sksRs)
+        return unavailable(identity, sksHash, 'rust_helper_missing');
+    const run = await runProcess(sksRs, ['codex-hook-hash', '--json'], {
+        cwd: root,
+        input: `${JSON.stringify(identity)}\n`,
+        timeoutMs: 5000,
+        maxOutputBytes: 64 * 1024
+    }).catch((err) => ({ code: 1, stdout: '', stderr: errorMessage(err) }));
+    if (run.code !== 0)
+        return unavailable(identity, sksHash, 'rust_helper_hash_unavailable');
+    const parsed = JSON.parse(run.stdout || '{}');
+    const officialHash = parsed.official_hash || parsed.hash || null;
+    return oracleResult('rust-helper', identity, sksHash, officialHash, `${sksRs} codex-hook-hash --json`);
+}
+async function readGoldenFixtureOracle(root, identity, opts = {}) {
+    const fixturePath = opts.fixturePath || path.join(root, 'test', 'fixtures', 'codex-hooks', 'official-hash-oracle.json');
+    const sksHash = codexCommandHookCurrentHash(identity);
+    if (!(await exists(fixturePath)))
+        return unavailable(identity, sksHash, 'golden_fixture_missing');
+    const fixture = await readJson(fixturePath, {});
+    const rows = Array.isArray(fixture?.entries) ? fixture.entries : [];
+    const match = rows.find((row) => row.event_name === identity.event && String(row.command || '') === String(identity.command || '') && String(row.matcher || '') === String(identity.matcher || ''));
+    const officialHash = match?.official_hash || match?.hash || null;
+    return oracleResult('golden-fixture', identity, sksHash, officialHash, fixturePath);
+}
+function oracleResult(mode, identity, sksHash, officialHash, source) {
+    return {
+        schema: CODEX_HOOK_HASH_ORACLE_SCHEMA,
+        ok: Boolean(officialHash) && officialHash === sksHash,
+        mode,
+        event_name: identity.event,
+        official_hash_available: Boolean(officialHash),
+        official_hash_proven: Boolean(officialHash) && officialHash === sksHash,
+        official_hash: officialHash,
+        sks_computed_hash: sksHash,
+        source,
+        blocker: officialHash ? (officialHash === sksHash ? null : 'official_hash_mismatch') : 'official_hash_missing',
+        generated_at: nowIso()
+    };
+}
+function unavailable(identity, sksHash, blocker) {
+    return {
+        schema: CODEX_HOOK_HASH_ORACLE_SCHEMA,
+        ok: true,
+        mode: 'unavailable',
+        event_name: identity.event || null,
+        official_hash_available: false,
+        official_hash_proven: false,
+        official_hash: null,
+        sks_computed_hash: sksHash,
+        source: null,
+        blocker,
+        generated_at: nowIso()
+    };
+}
+function errorMessage(err) {
+    return err instanceof Error ? err.message : String(err);
+}
+//# sourceMappingURL=codex-hook-official-hash-oracle.js.map