sneakoscope 1.16.2 → 1.17.0

package/README.md

@@ -10,7 +10,7 @@ SKS does not try to clone every other harness. It focuses on one thing: making C
 
 ## Current Release
 
-SKS **1.16.2** carries forward the native multi-session agent kernel and adds Codex App prompt-side Team width control: `$Team 20:agents ...` / `$Team 20:agent ...` can request up to 20 native Team sessions. SKS **1.16.1** closed the kernel itself: `sks agent` and `sks --agent` create bounded agent rosters, non-overlapping leases, append-only ledgers, session lifecycle proof, recursion guards, dynamic per-agent effort routing, and native agent proof evidence. The old multi-agent command surface has been removed; native agents are the only release-supported route collaboration backend.
+SKS **1.17.0** makes TypeScript the only runtime source of truth, moves package execution to built `dist/**/*.js`, adds Codex App agent cockpit artifacts, parallelizes release verification with a dependency DAG, and namespaces agent sessions by project hash plus mission id.
 
 ```bash
 sks mad-sks plan --target-root <path> --json
@@ -352,7 +352,7 @@ sks gx render homepage --format html
 sks validate-artifacts latest --json
 sks pipeline plan latest --proof-field --json
 sks perf run --json
-sks perf workflow --json --intent "small CLI change" --changed src/cli/main.mjs,src/core/routes.mjs
+sks perf workflow --json --intent "small CLI change" --changed src/cli/main.ts,src/core/routes.ts
 sks proof-field scan --json --intent "small CLI change"
 sks skill-dream status
 sks skill-dream run --json
@@ -451,7 +451,7 @@ SKS_OPENCLAW=1 sks root
 SKS_OPENCLAW=1 sks commands
 SKS_OPENCLAW=1 sks dollar-commands
 SKS_OPENCLAW=1 sks deps check
-SKS_OPENCLAW=1 sks proof-field scan --intent "small CLI change" --changed src/cli/main.mjs
+SKS_OPENCLAW=1 sks proof-field scan --intent "small CLI change" --changed src/cli/main.ts
 ```
 
 If OpenClaw runs in a sandbox, grant shell execution only for trusted workspaces. Database, migration, and destructive work still follows SKS safety routes.
@@ -601,7 +601,7 @@ npm run release:check
 npm run publish:dry
 ```
 
-`release:check` runs audit, changelog, syntax, feature-registry coverage, all-features contract selftest, selftest, size, and registry checks, then writes a source digest stamp under `.sneakoscope/reports/`. Generate the human-readable registry with `sks features inventory --write-docs`. `1.0.0` is a stable release, so plain `npm publish` uses the `latest` dist-tag. npm's `prepublishOnly` verifies the fresh release stamp instead of rerunning the full gate, and `prepack` only rebuilds `dist`; publish no longer repeats the expensive release suite during packaging. `npm run publish:dry` remains the explicit dry-run helper.
+`release:check` runs the 1.17.0 parallel P0 DAG, writes a source digest stamp under `.sneakoscope/reports/`, then refreshes release readiness so publish commands can verify the same stamp. The DAG covers build, TS runtime source checks, dist parity, proof artifact structure, Codex App cockpit, janitor, multi-project isolation, parallel verification, typecheck, schema, release metadata, and release readiness. Broader live or historical gates remain explicit scripts such as `release:real-check`. Generate the human-readable registry with `sks features inventory --write-docs`. Plain `npm publish` uses the `latest` dist-tag. npm's `prepublishOnly` verifies the fresh release stamp instead of rerunning the full gate, and `prepack` only rebuilds `dist`; publish no longer repeats the expensive release suite during packaging. `npm run publish:dry` remains the explicit dry-run helper.
 
 Version bumps are manual. Run `sks versioning bump` only when preparing release metadata; SKS will not create `.git/hooks/pre-commit` or auto-bump during ordinary commits.
 

package/crates/sks-core/Cargo.lock

@@ -76,7 +76,7 @@ dependencies = [
 
 [[package]]
 name = "sks-core"
-version = "1.16.2"
+version = "1.17.0"
 dependencies = [
  "serde_json",
 ]

package/crates/sks-core/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "sks-core"
-version = "1.16.2"
+version = "1.17.0"
 edition = "2021"
 
 [dependencies]

package/crates/sks-core/src/main.rs

@@ -4,7 +4,7 @@ use std::io::{self, Read, Seek, SeekFrom};
 fn main() {
     let mut args = std::env::args().skip(1);
     match args.next().as_deref() {
-        Some("--version") => println!("sks-rs 1.16.2"),
+        Some("--version") => println!("sks-rs 1.17.0"),
         Some("compact-info") => {
             let mut input = String::new();
             let _ = io::stdin().read_to_string(&mut input);

package/dist/.sks-build-stamp.json

@@ -1,8 +1,8 @@
 {
   "schema": "sks.dist-build-stamp.v1",
   "package_name": "sneakoscope",
-  "package_version": "1.16.2",
-  "source_digest": "38a14936b463c4d5f6254412dbaa186a6f351f637dd5e5db82a6eb6b5eff43b9",
-  "source_file_count": 1475,
-  "built_at_source_time": 1779679969693
+  "package_version": "1.17.0",
+  "source_digest": "527177fcd408d00042f7263b37de99dd135af1fd2fdd0a8d79a220e747de03cb",
+  "source_file_count": 1515,
+  "built_at_source_time": 1779685135168
 }

package/dist/bin/sks.js

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-const FAST_PACKAGE_VERSION = '1.16.2';
+const FAST_PACKAGE_VERSION = '1.17.0';
 const args = process.argv.slice(2);
 try {
     if (args[0] === '--version' || args[0] === '-v' || args[0] === 'version') {

package/dist/build-manifest.json

@@ -1,11 +1,17 @@
 {
   "schema": "sks.dist-build.v2",
-  "version": "1.16.2",
-  "package_version": "1.16.2",
+  "version": "1.17.0",
+  "package_version": "1.17.0",
   "typescript": true,
   "mjs_runtime_files": 0,
-  "source_digest": "38a14936b463c4d5f6254412dbaa186a6f351f637dd5e5db82a6eb6b5eff43b9",
-  "source_file_count": 1475,
+  "compiled_file_count": 828,
+  "compiled_js_count": 414,
+  "compiled_dts_count": 414,
+  "source_digest": "527177fcd408d00042f7263b37de99dd135af1fd2fdd0a8d79a220e747de03cb",
+  "source_file_count": 1515,
+  "source_files_hash": "137bd4f96d0913bd90ab4e74364e959627dd8fd29576dae9d57c89c38b9b009f",
+  "source_list_hash": "137bd4f96d0913bd90ab4e74364e959627dd8fd29576dae9d57c89c38b9b009f",
+  "src_mjs_runtime_files": 0,
   "dist_stamp_schema": "sks.dist-build-stamp.v1",
   "files": [
     "bin/sks.d.ts",
@@ -182,6 +188,8 @@
     "core/agents/agent-central-ledger.js",
     "core/agents/agent-cleanup.d.ts",
     "core/agents/agent-cleanup.js",
+    "core/agents/agent-codex-cockpit.d.ts",
+    "core/agents/agent-codex-cockpit.js",
     "core/agents/agent-command-surface.d.ts",
     "core/agents/agent-command-surface.js",
     "core/agents/agent-conflict-graph.d.ts",
@@ -194,6 +202,8 @@
     "core/agents/agent-gate.js",
     "core/agents/agent-heartbeat.d.ts",
     "core/agents/agent-heartbeat.js",
+    "core/agents/agent-janitor.d.ts",
+    "core/agents/agent-janitor.js",
     "core/agents/agent-lease.d.ts",
     "core/agents/agent-lease.js",
     "core/agents/agent-ledger-schemas.d.ts",
@@ -226,6 +236,8 @@
     "core/agents/agent-runner-tmux.js",
     "core/agents/agent-schema.d.ts",
     "core/agents/agent-schema.js",
+    "core/agents/agent-session-rows.d.ts",
+    "core/agents/agent-session-rows.js",
     "core/agents/agent-task-slicer.d.ts",
     "core/agents/agent-task-slicer.js",
     "core/agents/agent-trust-report.d.ts",
@@ -715,6 +727,8 @@
     "core/rust-accelerator.js",
     "core/secret-redaction.d.ts",
     "core/secret-redaction.js",
+    "core/session/project-namespace.d.ts",
+    "core/session/project-namespace.js",
     "core/skill-forge.d.ts",
     "core/skill-forge.js",
     "core/structured-output-adapter.d.ts",
@@ -779,6 +793,16 @@
     "core/validators/trust-report-validator.js",
     "core/validators/validation-error.d.ts",
     "core/validators/validation-error.js",
+    "core/verification/verification-artifact-lock.d.ts",
+    "core/verification/verification-artifact-lock.js",
+    "core/verification/verification-dag.d.ts",
+    "core/verification/verification-dag.js",
+    "core/verification/verification-proof.d.ts",
+    "core/verification/verification-proof.js",
+    "core/verification/verification-result.d.ts",
+    "core/verification/verification-result.js",
+    "core/verification/verification-worker-pool.d.ts",
+    "core/verification/verification-worker-pool.js",
     "core/version-manager.d.ts",
     "core/version-manager.js",
     "core/version.d.ts",

package/dist/commands/image-ux-review.d.ts

@@ -566,6 +566,8 @@ export declare function run(command: any, args?: any): Promise<void | {
                 timeout_kill_report: string;
                 timeout_killed_sessions: any;
                 cleanup_report: string;
+                janitor_report: string;
+                janitor_ok: boolean;
                 trust_report: string;
                 wrongness_records: string;
                 changed_files_lease_checked: boolean;

package/dist/commands/ppt.d.ts

@@ -418,6 +418,8 @@ export declare function run(command: any, args?: any): Promise<void | {
                 timeout_kill_report: string;
                 timeout_killed_sessions: any;
                 cleanup_report: string;
+                janitor_report: string;
+                janitor_ok: boolean;
                 trust_report: string;
                 wrongness_records: string;
                 changed_files_lease_checked: boolean;

package/dist/core/agents/agent-codex-cockpit.d.ts

@@ -0,0 +1,53 @@
+export declare const AGENT_CODEX_DASHBOARD_MD = "agent-codex-dashboard.md";
+export declare const AGENT_CODEX_DASHBOARD_JSON = "agent-codex-dashboard.json";
+export declare const AGENT_SESSION_CARDS_MD = "agent-session-cards.md";
+export declare const AGENT_LIVE_SUMMARY_JSON = "agent-live-summary.json";
+export declare const AGENT_PROGRESS_TIMELINE_MD = "agent-progress-timeline.md";
+export declare const AGENT_CODEX_COCKPIT_EVENTS = "agent-codex-cockpit-events.jsonl";
+export type CodexCockpitHookPayload = {
+    hook_event_name: 'SubagentStart' | 'SubagentStop';
+    agent_id?: string;
+    agent_type?: string;
+    session_id?: string;
+    transcript_path?: string | null;
+    agent_transcript_path?: string | null;
+    last_assistant_message?: string | null;
+    stop_hook_active?: boolean;
+    turn_id?: string;
+    cwd?: string;
+    model?: string;
+    permission_mode?: string;
+};
+export interface AgentCodexCockpitState {
+    schema: 'sks.agent-codex-cockpit.v1';
+    generated_at: string;
+    mission_id: string | null;
+    project_hash: string | null;
+    backend: string | null;
+    agent_count: number;
+    concurrency: number | null;
+    all_sessions_closed: boolean | null;
+    janitor_ok: boolean | null;
+    proof_status: string | null;
+    blockers: string[];
+    agents: Array<Record<string, unknown>>;
+    recent_events: string[];
+    artifacts: Record<string, string>;
+}
+export declare function appendAgentCodexCockpitHookEvent(missionDir: string, payload: CodexCockpitHookPayload): Promise<void>;
+export declare function writeAgentCodexCockpitArtifacts(missionDir: string, opts?: {
+    missionId?: string | null;
+    projectHash?: string | null;
+}): Promise<{
+    ok: boolean;
+    issues: string[];
+    state: AgentCodexCockpitState;
+}>;
+export declare function buildAgentCodexCockpitState(missionDir: string, opts?: {
+    missionId?: string | null;
+    projectHash?: string | null;
+}): Promise<AgentCodexCockpitState>;
+export declare function renderAgentCodexDashboard(state: AgentCodexCockpitState): string;
+export declare function renderAgentSessionCards(state: AgentCodexCockpitState): string;
+export declare function renderAgentProgressTimeline(state: AgentCodexCockpitState): string;
+//# sourceMappingURL=agent-codex-cockpit.d.ts.map

package/dist/core/agents/agent-codex-cockpit.js

@@ -0,0 +1,168 @@
+import path from 'node:path';
+import { appendJsonl, exists, nowIso, readJson, readText, writeJsonAtomic, writeTextAtomic } from '../fsx.js';
+import { normalizeAgentSessionRows } from './agent-session-rows.js';
+export const AGENT_CODEX_DASHBOARD_MD = 'agent-codex-dashboard.md';
+export const AGENT_CODEX_DASHBOARD_JSON = 'agent-codex-dashboard.json';
+export const AGENT_SESSION_CARDS_MD = 'agent-session-cards.md';
+export const AGENT_LIVE_SUMMARY_JSON = 'agent-live-summary.json';
+export const AGENT_PROGRESS_TIMELINE_MD = 'agent-progress-timeline.md';
+export const AGENT_CODEX_COCKPIT_EVENTS = 'agent-codex-cockpit-events.jsonl';
+export async function appendAgentCodexCockpitHookEvent(missionDir, payload) {
+    await appendJsonl(path.join(agentRoot(missionDir), AGENT_CODEX_COCKPIT_EVENTS), {
+        schema: 'sks.agent-codex-cockpit-event.v1',
+        ts: nowIso(),
+        ...payload,
+    });
+}
+export async function writeAgentCodexCockpitArtifacts(missionDir, opts = {}) {
+    const state = await buildAgentCodexCockpitState(missionDir, opts);
+    const root = agentRoot(missionDir);
+    await writeJsonAtomic(path.join(root, AGENT_CODEX_DASHBOARD_JSON), state);
+    await writeJsonAtomic(path.join(root, AGENT_LIVE_SUMMARY_JSON), summarizeLiveState(state));
+    await writeTextAtomic(path.join(root, AGENT_CODEX_DASHBOARD_MD), renderAgentCodexDashboard(state));
+    await writeTextAtomic(path.join(root, AGENT_SESSION_CARDS_MD), renderAgentSessionCards(state));
+    await writeTextAtomic(path.join(root, AGENT_PROGRESS_TIMELINE_MD), renderAgentProgressTimeline(state));
+    return { ok: state.blockers.length === 0, issues: state.blockers, state };
+}
+export async function buildAgentCodexCockpitState(missionDir, opts = {}) {
+    const root = agentRoot(missionDir);
+    const sessions = await readJson(path.join(root, 'agent-sessions.json'), null);
+    const roster = await readJson(path.join(root, 'agent-roster.json'), null);
+    const leases = await readJson(path.join(root, 'agent-leases.json'), null);
+    const proof = await readJson(path.join(root, 'agent-proof-evidence.json'), null);
+    const consensus = await readJson(path.join(root, 'agent-consensus.json'), null);
+    const cleanup = await readJson(path.join(root, 'agent-cleanup.json'), null);
+    const janitor = await readJson(path.join(root, 'agent-janitor-report.json'), null);
+    const namespace = await readJson(path.join(missionDir, 'project-session-namespace.json'), null);
+    const eventsTail = await readTailLines(path.join(root, 'agent-events.jsonl'), 8);
+    const cockpitEventsTail = await readTailLines(path.join(root, AGENT_CODEX_COCKPIT_EVENTS), 8);
+    const teamTail = await readTailLines(path.join(missionDir, 'team-transcript.jsonl'), 8);
+    const sessionRows = normalizeAgentSessionRows(sessions);
+    const rosterRows = Array.isArray(roster?.roster) ? roster.roster : [];
+    const leaseRows = Array.isArray(leases?.leases) ? leases.leases : [];
+    const agents = mergeAgentRows(sessionRows, rosterRows, leaseRows, [...eventsTail, ...cockpitEventsTail]);
+    const blockers = [
+        ...(Array.isArray(proof?.blockers) ? proof.blockers : []),
+        ...(!sessions ? ['agent_sessions_missing'] : []),
+        ...(proof && proof.ok === false ? ['agent_proof_not_ok'] : []),
+        ...(janitor && janitor.ok === false ? ['agent_janitor_not_ok'] : []),
+    ].map(String);
+    return {
+        schema: 'sks.agent-codex-cockpit.v1',
+        generated_at: nowIso(),
+        mission_id: opts.missionId || namespace?.mission_id || proof?.mission_id || null,
+        project_hash: opts.projectHash || namespace?.root_hash || null,
+        backend: proof?.backend || null,
+        agent_count: Number(proof?.agent_count || roster?.agent_count || agents.length || 0),
+        concurrency: Number.isFinite(Number(roster?.concurrency)) ? Number(roster.concurrency) : null,
+        all_sessions_closed: proof?.all_sessions_closed ?? cleanup?.all_sessions_closed ?? null,
+        janitor_ok: janitor?.ok ?? null,
+        proof_status: proof?.status || (proof?.ok ? 'passed' : proof ? 'blocked' : null),
+        blockers,
+        agents,
+        recent_events: [...eventsTail, ...cockpitEventsTail, ...teamTail].slice(-12),
+        artifacts: {
+            markdown: path.join('agents', AGENT_CODEX_DASHBOARD_MD),
+            json: path.join('agents', AGENT_CODEX_DASHBOARD_JSON),
+            cards: path.join('agents', AGENT_SESSION_CARDS_MD),
+            live_summary: path.join('agents', AGENT_LIVE_SUMMARY_JSON),
+            timeline: path.join('agents', AGENT_PROGRESS_TIMELINE_MD),
+            event_stream: path.join('agents', AGENT_CODEX_COCKPIT_EVENTS),
+        },
+    };
+}
+export function renderAgentCodexDashboard(state) {
+    const header = [
+        '# Agent Codex Dashboard',
+        '',
+        `- Mission: ${state.mission_id || 'unknown'}`,
+        `- Project hash: ${state.project_hash || 'unknown'}`,
+        `- Backend: ${state.backend || 'unknown'}`,
+        `- Agents: ${state.agent_count}`,
+        `- Concurrency: ${state.concurrency ?? 'unknown'}`,
+        `- Proof: ${state.proof_status || 'unknown'}`,
+        `- All sessions closed: ${state.all_sessions_closed ?? 'unknown'}`,
+        '',
+        '| Agent | Persona | Task | State | Heartbeat age | Lease | Blockers | Artifact |',
+        '| --- | --- | --- | --- | --- | --- | --- | --- |',
+    ];
+    const rows = state.agents.map((agent) => {
+        const id = cell(agent.id);
+        const persona = cell(agent.persona || agent.persona_id);
+        const task = cell(agent.task || agent.task_slice_id || agent.slice_id);
+        const status = cell(agent.status || agent.lifecycle_state);
+        const heartbeat = cell(agent.heartbeat_age_ms === undefined ? '' : `${agent.heartbeat_age_ms}ms`);
+        const lease = cell(agent.lease || agent.lease_id || agent.write_policy);
+        const blockers = Array.isArray(agent.blockers) ? cell(agent.blockers.join(', ')) : cell(agent.blockers);
+        const artifact = cell(agent.output_artifact || agent.artifact || '');
+        return `| ${id} | ${persona} | ${task} | ${status} | ${heartbeat} | ${lease} | ${blockers} | ${artifact} |`;
+    });
+    return `${[...header, ...rows].join('\n')}\n`;
+}
+export function renderAgentSessionCards(state) {
+    const blocks = state.agents.map((agent) => [
+        `## ${cell(agent.id)}`,
+        '',
+        `- Persona: ${cell(agent.persona || agent.persona_id)}`,
+        `- Task: ${cell(agent.task || agent.task_slice_id || agent.slice_id)}`,
+        `- State: ${cell(agent.status || agent.lifecycle_state)}`,
+        `- Lease: ${cell(agent.lease || agent.lease_id || agent.write_policy)}`,
+        `- Artifact: ${cell(agent.output_artifact || agent.artifact || '')}`,
+    ].join('\n'));
+    return `# Agent Session Cards\n\n${blocks.join('\n\n')}\n`;
+}
+export function renderAgentProgressTimeline(state) {
+    return `# Agent Progress Timeline\n\n${state.recent_events.map((line) => `- ${line}`).join('\n')}\n`;
+}
+function summarizeLiveState(state) {
+    return {
+        schema: 'sks.agent-live-summary.v1',
+        generated_at: state.generated_at,
+        mission_id: state.mission_id,
+        project_hash: state.project_hash,
+        backend: state.backend,
+        agent_count: state.agent_count,
+        concurrency: state.concurrency,
+        active_agents: state.agents.filter((agent) => !['closed', 'done', 'completed'].includes(String(agent.status || ''))).length,
+        proof_status: state.proof_status,
+        blockers: state.blockers,
+    };
+}
+function mergeAgentRows(sessions, roster, leases, events) {
+    const byId = new Map();
+    for (const row of roster)
+        byId.set(String(row.id || row.agent_id), { ...row });
+    for (const row of sessions) {
+        const id = String(row.id || row.agent_id || row.session_id);
+        byId.set(id, { ...(byId.get(id) || {}), ...row, id });
+    }
+    for (const row of leases) {
+        const id = String(row.agent_id || row.id || '');
+        if (!id)
+            continue;
+        byId.set(id, { ...(byId.get(id) || {}), lease_id: row.lease_id || row.id, lease: row.scope || row.path || row.write_scope });
+    }
+    for (const [id, row] of byId) {
+        row.id = row.id || id;
+        row.recent_event_tail = events.filter((line) => line.includes(id)).slice(-3);
+        if (row.heartbeat_age_ms === undefined) {
+            const heartbeat = Date.parse(String(row.heartbeat_at || row.last_heartbeat_at || row.updated_at || ''));
+            if (Number.isFinite(heartbeat))
+                row.heartbeat_age_ms = Math.max(0, Date.now() - heartbeat);
+        }
+    }
+    return [...byId.values()];
+}
+async function readTailLines(file, count) {
+    if (!(await exists(file)))
+        return [];
+    const text = await readText(file, '');
+    return String(text).trim().split(/\n+/).filter(Boolean).slice(-count);
+}
+function agentRoot(missionDir) {
+    return path.join(missionDir, 'agents');
+}
+function cell(value) {
+    return String(value ?? '').replace(/\|/g, '\\|').replace(/\s+/g, ' ').trim();
+}
+//# sourceMappingURL=agent-codex-cockpit.js.map

package/dist/core/agents/agent-command-surface.d.ts

@@ -12,5 +12,6 @@ export declare function parseAgentCommandArgs(command: string, args?: string[]):
     json: boolean;
     missionId: string;
     lane: string;
+    codexApp: boolean;
 };
 //# sourceMappingURL=agent-command-surface.d.ts.map

package/dist/core/agents/agent-command-surface.js

@@ -1,7 +1,7 @@
 import { DEFAULT_AGENT_COUNT } from './agent-schema.js';
 export function parseAgentCommandArgs(command, args = []) {
     const first = args[0] && !String(args[0]).startsWith('--') ? String(args[0]) : '';
-    const actions = new Set(['run', 'status', 'plan', 'spawn', 'watch', 'lane', 'board', 'ledger', 'collect', 'consensus', 'close', 'cleanup', 'proof', 'explain']);
+    const actions = new Set(['run', 'status', 'plan', 'spawn', 'watch', 'dashboard', 'cockpit', 'lane', 'board', 'ledger', 'collect', 'consensus', 'close', 'cleanup', 'proof', 'explain']);
     const action = actions.has(first) ? first : 'run';
     const rest = action === first ? args.slice(1) : args;
     const json = hasFlag(args, '--json');
@@ -12,11 +12,15 @@ export function parseAgentCommandArgs(command, args = []) {
     const mock = hasFlag(args, '--mock') || backend === 'fake';
     const real = hasFlag(args, '--real');
     const readonly = hasFlag(args, '--readonly') || hasFlag(args, '--read-only');
+    const codexApp = hasFlag(args, '--codex-app');
+    const positionals = positionalArgs(rest, new Set(['--agents', '--concurrency', '--backend', '--route', '--mission', '--mission-id', '--agent', '--lane']));
     const missionDefault = action === 'run' || action === 'spawn' || action === 'plan' ? '' : 'latest';
-    const missionId = String(readOption(args, '--mission', readOption(args, '--mission-id', missionDefault)));
+    const positionalMission = action === 'run' || action === 'spawn' || action === 'plan' ? '' : (positionals[0] || '');
+    const missionId = String(readOption(args, '--mission', readOption(args, '--mission-id', positionalMission || missionDefault)));
     const lane = String(readOption(args, '--agent', readOption(args, '--lane', '')));
-    const prompt = positionalArgs(rest, new Set(['--agents', '--concurrency', '--backend', '--route', '--mission', '--mission-id', '--agent', '--lane'])).join(' ').trim() || 'Native agent run';
-    return { command, action, prompt, route, agents, concurrency, backend, mock, real, readonly, json, missionId, lane };
+    const promptPositionals = positionalMission ? positionals.slice(1) : positionals;
+    const prompt = promptPositionals.join(' ').trim() || 'Native agent run';
+    return { command, action, prompt, route, agents, concurrency, backend, mock, real, readonly, json, missionId, lane, codexApp };
 }
 function hasFlag(args, flag) {
     return args.includes(flag);

package/dist/core/agents/agent-gate.js

@@ -28,7 +28,21 @@ export async function readAgentGateStatus(root, missionId) {
     if (!(await exists(proofPath)))
         missing.push('agents/agent-proof-evidence.json');
     const blockers = [...(Array.isArray(proof?.blockers) ? proof.blockers : []), ...(Array.isArray(gate?.blockers) ? gate.blockers : [])];
-    const sessionsClosed = proof?.all_sessions_closed !== false && gate?.all_sessions_closed !== false;
+    if (proof?.ok !== true)
+        blockers.push('agent_proof_not_ok');
+    if (proof?.status !== 'passed')
+        blockers.push('agent_proof_status_not_passed');
+    if (Number(proof?.agent_count || 0) < 5)
+        blockers.push('agent_count_below_5');
+    if (proof?.no_overlap_ok !== true)
+        blockers.push('agent_no_overlap_not_ok');
+    if (proof?.ledger_hash_chain_ok !== true)
+        blockers.push('agent_ledger_hash_chain_not_ok');
+    if (proof?.consensus_ok !== true)
+        blockers.push('agent_consensus_not_ok');
+    if (proof?.janitor_ok !== true)
+        blockers.push('agent_janitor_missing_or_not_ok');
+    const sessionsClosed = proof?.all_sessions_closed === true && gate?.all_sessions_closed !== false;
     const ok = missing.length === 0 && blockers.length === 0 && sessionsClosed && proof?.schema === 'sks.agent-proof-evidence.v1';
     return {
         id: AGENT_INTAKE_STAGE_ID,

package/dist/core/agents/agent-janitor.d.ts

@@ -0,0 +1,23 @@
+export interface AgentJanitorReport {
+    schema: 'sks.agent-janitor-report.v1';
+    generated_at: string;
+    ok: boolean;
+    mission_id: string | null;
+    project_hash: string | null;
+    stale_heartbeat_sessions: string[];
+    zombie_process_sessions: string[];
+    stale_tmux_sessions: string[];
+    orphan_temp_dirs: string[];
+    stale_locks: string[];
+    cleaned: string[];
+    blockers: string[];
+}
+export declare function runAgentJanitor(input: {
+    missionDir: string;
+    missionId?: string | null;
+    projectHash?: string | null;
+    staleMs?: number;
+    cleanup?: boolean;
+}): Promise<AgentJanitorReport>;
+export declare function writeAgentJanitorReport(missionDir: string, report: AgentJanitorReport): Promise<void>;
+//# sourceMappingURL=agent-janitor.d.ts.map

package/dist/core/agents/agent-janitor.js

@@ -0,0 +1,147 @@
+import fsp from 'node:fs/promises';
+import path from 'node:path';
+import { exists, nowIso, readJson, writeJsonAtomic } from '../fsx.js';
+import { normalizeAgentSessionRows } from './agent-session-rows.js';
+export async function runAgentJanitor(input) {
+    const staleMs = input.staleMs ?? 30 * 60 * 1000;
+    const agentRoot = path.join(input.missionDir, 'agents');
+    const sessions = await readJson(path.join(agentRoot, 'agent-sessions.json'), null);
+    const namespace = await readJson(path.join(input.missionDir, 'project-session-namespace.json'), null);
+    const projectHash = input.projectHash || namespace?.root_hash || null;
+    const rows = normalizeAgentSessionRows(sessions);
+    const now = Date.now();
+    const staleHeartbeat = rows
+        .filter((row) => {
+        const status = String(row.status || row.lifecycle_state || '');
+        if (['closed', 'completed', 'done'].includes(status))
+            return false;
+        const heartbeat = Date.parse(String(row.heartbeat_at || row.last_heartbeat_at || row.updated_at || ''));
+        return !Number.isFinite(heartbeat) || now - heartbeat > staleMs;
+    })
+        .map((row) => String(row.session_id || row.id || row.agent_id));
+    const statusByAgent = new Map();
+    const statusBySession = new Map();
+    for (const row of rows) {
+        const status = String(row.status || row.lifecycle_state || '');
+        if (row.agent_id || row.id)
+            statusByAgent.set(String(row.agent_id || row.id), status);
+        if (row.session_id)
+            statusBySession.set(String(row.session_id), status);
+    }
+    const zombieProcesses = await detectZombieProcessSessions(agentRoot, statusByAgent, statusBySession);
+    const staleTmuxSessions = await detectStaleTmuxSessions(agentRoot, staleMs);
+    const orphanTempDirs = await scopedExistingPaths(Array.isArray(namespace?.orphan_temp_dirs) ? namespace.orphan_temp_dirs : [], projectHash);
+    const staleLocks = await scopedStaleLockPaths(namespace?.lock_dir ? [namespace.lock_dir] : [], projectHash, staleMs);
+    const cleaned = [];
+    if (input.cleanup) {
+        for (const dir of orphanTempDirs) {
+            await fsp.rm(dir, { recursive: true, force: true }).catch(() => { });
+            cleaned.push(dir);
+        }
+    }
+    const blockers = [
+        ...staleHeartbeat.map((id) => `stale_heartbeat:${id}`),
+        ...zombieProcesses.map((id) => `zombie_process:${id}`),
+        ...staleTmuxSessions.map((id) => `stale_tmux:${id}`),
+        ...staleLocks.map((id) => `stale_lock:${id}`),
+    ];
+    const report = {
+        schema: 'sks.agent-janitor-report.v1',
+        generated_at: nowIso(),
+        ok: blockers.length === 0,
+        mission_id: input.missionId || namespace?.mission_id || null,
+        project_hash: projectHash,
+        stale_heartbeat_sessions: staleHeartbeat,
+        zombie_process_sessions: zombieProcesses,
+        stale_tmux_sessions: staleTmuxSessions,
+        orphan_temp_dirs: orphanTempDirs,
+        stale_locks: staleLocks,
+        cleaned,
+        blockers,
+    };
+    await writeAgentJanitorReport(input.missionDir, report);
+    return report;
+}
+export async function writeAgentJanitorReport(missionDir, report) {
+    await writeJsonAtomic(path.join(missionDir, 'agents', 'agent-janitor-report.json'), report);
+}
+async function scopedExistingPaths(paths, projectHash) {
+    const out = [];
+    for (const candidate of paths) {
+        if (!candidate)
+            continue;
+        if (projectHash && !candidate.includes(projectHash))
+            continue;
+        if (await exists(candidate))
+            out.push(candidate);
+    }
+    return out;
+}
+async function scopedStaleLockPaths(paths, projectHash, staleMs) {
+    const out = [];
+    const now = Date.now();
+    for (const dir of paths) {
+        if (!dir || (projectHash && !dir.includes(projectHash)) || !(await exists(dir)))
+            continue;
+        for (const file of await listFiles(dir)) {
+            const stat = await fsp.stat(file).catch(() => null);
+            if (stat && now - stat.mtimeMs > staleMs)
+                out.push(file);
+        }
+    }
+    return out;
+}
+async function detectZombieProcessSessions(agentRoot, statusByAgent, statusBySession) {
+    const out = [];
+    for (const file of await listNamedFiles(path.join(agentRoot, 'sessions'), 'agent-process-report.json')) {
+        const report = await readJson(file, null);
+        const pid = Number(report?.pid || 0);
+        if (!pid || report?.exit_code !== null)
+            continue;
+        const id = String(report?.session_id || report?.agent_id || path.basename(path.dirname(file)));
+        const status = statusBySession.get(String(report?.session_id || '')) || statusByAgent.get(String(report?.agent_id || '')) || '';
+        const alive = processIsAlive(pid);
+        if ((!alive && !['closed', 'completed', 'done'].includes(status)) || (alive && ['closed', 'completed', 'done'].includes(status)))
+            out.push(id);
+    }
+    return out;
+}
+async function detectStaleTmuxSessions(agentRoot, staleMs) {
+    const out = [];
+    const now = Date.now();
+    for (const file of await listNamedFiles(path.join(agentRoot, 'sessions'), 'agent-tmux-report.json')) {
+        const report = await readJson(file, null);
+        if (!report || report.launch_mode === 'optional_not_launched')
+            continue;
+        const stat = await fsp.stat(file).catch(() => null);
+        if (stat && now - stat.mtimeMs > staleMs)
+            out.push(String(report.session_id || report.agent_id || path.basename(path.dirname(file))));
+    }
+    return out;
+}
+async function listNamedFiles(dir, name) {
+    return (await listFiles(dir)).filter((file) => path.basename(file) === name);
+}
+async function listFiles(dir) {
+    const out = [];
+    if (!(await exists(dir)))
+        return out;
+    for (const entry of await fsp.readdir(dir, { withFileTypes: true })) {
+        const file = path.join(dir, entry.name);
+        if (entry.isDirectory())
+            out.push(...await listFiles(file));
+        else if (entry.isFile())
+            out.push(file);
+    }
+    return out;
+}
+function processIsAlive(pid) {
+    try {
+        process.kill(pid, 0);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+//# sourceMappingURL=agent-janitor.js.map