sneakoscope 1.19.0 → 1.20.3

package/README.md

@@ -16,7 +16,15 @@ Set up this agent project with Sneakoscope Codex. Use [[mandarange/Sneakoscope-C
 
 ## Current Release
 
-SKS **1.19.0** is the MAD Zellij dependency repair release: bootstrap/deps repair and `sks --mad --yes` now install or repair required CLI tooling, including Zellij on macOS/Homebrew, before opening the interactive runtime. npm postinstall still bootstraps and reports missing tools, but it does not silently mutate Homebrew/npm global tools unless `SKS_POSTINSTALL_AUTO_INSTALL_CLI_TOOLS=1` is set. MAD and Team layouts now use Zellij's documented background-layout launch form, and launch failures surface labeled Zellij stderr/stdout tails instead of only `zellij_command_failed`.
+SKS **1.20.3** is a targeted patch for `sks --mad` / codex-lb sessions on macOS and project-local Fast mode control. SKS now supplies a short per-user `ZELLIJ_SOCKET_DIR` by default, caps generated session names safely, records `*_command_with_env` attach commands, and classifies `IPC socket path is too long` as `zellij_socket_path_too_long` instead of a generic launch failure. It also adds `sks fast-mode on|off|status|clear`, `$Fast-On`, `$Fast-Off`, and `$Fast-Mode`; saved project preferences are used only when no explicit `--fast`, `--no-fast`, or `--service-tier` flag is present.
+
+It carries forward the **1.20.2** stabilization layer: **Mutation Guard** routes genuinely-risky global/config/permission/package mutations through the Requested-Scope Contract + Mutation Ledger (`safety:mutation-callsite-coverage` fails any unguarded, unallowlisted risky call site); `release:check:dynamic:execute` is the real **caching gate runner** (schema v2, real/heavy gates deferred to `release:real-check`, dynamic-only cannot authorize publish); the **Core Skill** deployed snapshot is read by the route runtime and recorded in `agent-proof-evidence.json` (`selected_core_skill`), with promotions written to the mutation ledger; and `sks doctor` exposes an explicit **`zellij_readiness`** block (`zellij:doctor-readiness`). See `docs/dynamic-release-pipeline.md`.
+
+SKS **1.20.1** introduces the **SKS Core Skill Engine** — a SkillOpt-style self-evolving skill layer — while locking the harness into a deploy-ready stable build. Skills are the agent's *external, versioned state* (Core Skill Cards): an optimizer proposes **bounded** add/delete/replace edits to a single skill document under a **textual edit budget**, edits are accepted **only on strict held-out improvement**, rejected edits are buffered so they are never retried, and the **deployed snapshot is immutable**. Critically, the optimizer runs only in training/evaluation — the **deployment/inference path reads the deployed snapshot and never makes an extra model call**, and a skill patch can never mutate code/config/package/global files.
+
+1.20.1 also adds a **Requested-Scope Contract + Mutation Ledger** so SKS performs **no side effect the user did not request** (deny-by-default; global/destructive mutations require explicit `--yes`/env opt-in and a backup or no-op reason), and a **dynamic, risk-based release pipeline** (`release:gate-planner` builds `release-gates.json`; `release:check:dynamic` runs only P0 always-on gates plus gates whose files changed; `release:gate-budget` reports the slowest gates) so unrelated heavy gates are skipped during incremental checks while publish never skips a required gate.
+
+It carries forward the 1.19.x hardening unchanged: legacy 1.18.x/1.19.x→1.20.1 **zero-break upgrade** (user `model`/`service_tier`/`model_reasoning_effort` and user-disabled Codex App flags never overwritten; existing skill cards preserved), the **migration transaction journal** (`.sneakoscope/reports/migration-1.20.1-journal.jsonl`), **Zellij launch-command truth** + real-session **heartbeat-timeout blocker** + the redesigned **Zellij lane UI**, **packlist/publish-performance** gates, a **postinstall safe-side-effects** gate, and the **TS source-of-truth / Rust optional-accelerator** boundary (publish never compiles Rust). `sks zellij status`/`repair` inspects the Zellij runtime without auto-installing anything.
 
 ```bash
 sks mad-sks plan --target-root <path> --json
@@ -134,7 +142,7 @@ The cleanup contract is policy-backed in `.sneakoscope/policy.json`, but the def
 - Agent patch queue: [docs/agent-patch-queue.md](docs/agent-patch-queue.md)
 - Native CLI Session Swarm: [docs/native-cli-session-swarm.md](docs/native-cli-session-swarm.md)
 - No-subagent scaling: [docs/no-subagent-scaling.md](docs/no-subagent-scaling.md)
-- Fast mode default: [docs/fast-mode-default.md](docs/fast-mode-default.md)
+- Fast mode default and `$Fast-On`/`$Fast-Off` toggles: [docs/fast-mode-default.md](docs/fast-mode-default.md)
 - Migration 1.18.7 to 1.18.8: [docs/migration-1.18.7-to-1.18.8.md](docs/migration-1.18.7-to-1.18.8.md)
 - Codex official Goal mode: [docs/codex-official-goal-mode.md](docs/codex-official-goal-mode.md)
 - Release parallel full coverage: [docs/release-parallel-full-coverage.md](docs/release-parallel-full-coverage.md)
@@ -725,7 +733,7 @@ npm run release:check
 npm run publish:dry
 ```
 
-`release:check` runs the 1.19.0 Zellij dependency-repair closure DAG, writes a source digest stamp under `.sneakoscope/reports/`, then refreshes release readiness so publish commands can verify the same stamp. The DAG preserves the 1.18 baseline gates and adds patch swarm runtime truth, transaction journaling, serial conflict rebase, strict strategy-to-patch proof, rollback command proof, Native CLI Session Swarm 5/10/20-process proof, Real Worker Backend Router proof, Codex child overlap proof, model-authored patch-envelope separation, Zellij layout/pane/screen proof, no-subagent-scaling proof, Fast mode default/worker/Codex/MAD propagation proof, Appshots attachment provenance, MCP runtime overlap evidence, Codex 0.134/0.135 runner truth, task graph expansion, schema-bound follow-up work, actual Agent/Team/Research/QA route blackboxes, scheduler proof hardening, Source Intelligence propagation, and Goal mode propagation checks. Broader live gates remain explicit scripts such as `release:real-check`; real Codex patch smoke, real Codex parallel worker proof, and real Zellij proof are optional unless their `SKS_REQUIRE_REAL_*` or `SKS_REQUIRE_ZELLIJ=1` environment variables are set. Generate the human-readable registry with `sks features inventory --write-docs`. Plain `npm publish` uses the `latest` dist-tag. npm's `prepublishOnly` verifies the fresh release stamp instead of rerunning the full gate, and `prepack` only rebuilds `dist`; publish no longer repeats the expensive release suite during packaging. `npm run publish:dry` remains the explicit dry-run helper.
+`release:check` runs the current 1.20.x release-closure DAG, writes a source digest stamp under `.sneakoscope/reports/`, then refreshes release readiness so publish commands can verify the same stamp. The DAG preserves the 1.18 baseline gates and adds patch swarm runtime truth, transaction journaling, serial conflict rebase, strict strategy-to-patch proof, rollback command proof, Native CLI Session Swarm 5/10/20-process proof, Real Worker Backend Router proof, Codex child overlap proof, model-authored patch-envelope separation, Zellij layout/pane/screen/socket-dir proof, no-subagent-scaling proof, Fast mode default/worker/Codex/MAD propagation proof, Appshots attachment provenance, MCP runtime overlap evidence, Codex 0.134/0.135 runner truth, task graph expansion, schema-bound follow-up work, actual Agent/Team/Research/QA route blackboxes, scheduler proof hardening, Source Intelligence propagation, and Goal mode propagation checks. Broader live gates remain explicit scripts such as `release:real-check`; real Codex patch smoke, real Codex parallel worker proof, and real Zellij proof are optional unless their `SKS_REQUIRE_REAL_*` or `SKS_REQUIRE_ZELLIJ=1` environment variables are set. Generate the human-readable registry with `sks features inventory --write-docs`. Plain `npm publish` uses the `latest` dist-tag. npm's `prepublishOnly` verifies the fresh release stamp instead of rerunning the full gate, and `prepack` only rebuilds `dist`; publish no longer repeats the expensive release suite during packaging. `npm run publish:dry` remains the explicit dry-run helper.
 
 Version bumps are manual. Run `sks versioning bump` only when preparing release metadata; SKS will not create `.git/hooks/pre-commit` or auto-bump during ordinary commits.
 

package/crates/sks-core/Cargo.lock

@@ -76,7 +76,7 @@ dependencies = [
 
 [[package]]
 name = "sks-core"
-version = "1.19.0"
+version = "1.20.3"
 dependencies = [
  "serde_json",
 ]

package/crates/sks-core/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "sks-core"
-version = "1.19.0"
+version = "1.20.3"
 edition = "2021"
 
 [dependencies]

package/crates/sks-core/src/main.rs

@@ -4,7 +4,7 @@ use std::io::{self, Read, Seek, SeekFrom};
 fn main() {
     let mut args = std::env::args().skip(1);
     match args.next().as_deref() {
-        Some("--version") => println!("sks-rs 1.19.0"),
+        Some("--version") => println!("sks-rs 1.20.3"),
         Some("compact-info") => {
             let mut input = String::new();
             let _ = io::stdin().read_to_string(&mut input);

package/dist/.sks-build-stamp.json

@@ -1,8 +1,8 @@
 {
   "schema": "sks.dist-build-stamp.v1",
   "package_name": "sneakoscope",
-  "package_version": "1.19.0",
-  "source_digest": "5eecdb85fa4e3cd359035b49803cd3e9ea0174810596807caf55b2507fb33d18",
-  "source_file_count": 1690,
-  "built_at_source_time": 1780116105711
+  "package_version": "1.20.3",
+  "source_digest": "c76562a39aaa8ecf01128ce5cda509ad6f8883d1f8c6203c73ddad1d243e54e5",
+  "source_file_count": 1743,
+  "built_at_source_time": 1780267464746
 }

package/dist/bin/sks.js

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-const FAST_PACKAGE_VERSION = '1.19.0';
+const FAST_PACKAGE_VERSION = '1.20.3';
 const args = process.argv.slice(2);
 try {
     if (args[0] === '--agent' && args[1] === 'worker') {

package/dist/build-manifest.json

@@ -1,16 +1,16 @@
 {
   "schema": "sks.dist-build.v2",
-  "version": "1.19.0",
-  "package_version": "1.19.0",
+  "version": "1.20.3",
+  "package_version": "1.20.3",
   "typescript": true,
   "mjs_runtime_files": 0,
-  "compiled_file_count": 974,
-  "compiled_js_count": 487,
-  "compiled_dts_count": 487,
-  "source_digest": "5eecdb85fa4e3cd359035b49803cd3e9ea0174810596807caf55b2507fb33d18",
-  "source_file_count": 1690,
-  "source_files_hash": "c2267339884b83e1bfed20e6979b80f8a7abc07a05860d74c249d7684cb1c92d",
-  "source_list_hash": "c2267339884b83e1bfed20e6979b80f8a7abc07a05860d74c249d7684cb1c92d",
+  "compiled_file_count": 1018,
+  "compiled_js_count": 509,
+  "compiled_dts_count": 509,
+  "source_digest": "c76562a39aaa8ecf01128ce5cda509ad6f8883d1f8c6203c73ddad1d243e54e5",
+  "source_file_count": 1743,
+  "source_files_hash": "b1db64d16ef4e7f980de40d7c8c78b3280d95e78c5583092368dd283aeb367af",
+  "source_list_hash": "b1db64d16ef4e7f980de40d7c8c78b3280d95e78c5583092368dd283aeb367af",
   "src_mjs_runtime_files": 0,
   "dist_stamp_schema": "sks.dist-build-stamp.v1",
   "files": [
@@ -186,6 +186,8 @@
     "commands/wiki.js",
     "commands/zellij-lane.d.ts",
     "commands/zellij-lane.js",
+    "commands/zellij.d.ts",
+    "commands/zellij.js",
     "core/agents/agent-central-ledger.d.ts",
     "core/agents/agent-central-ledger.js",
     "core/agents/agent-cleanup-executor.d.ts",
@@ -440,6 +442,8 @@
     "core/commands/dfix-command.js",
     "core/commands/eval-command.d.ts",
     "core/commands/eval-command.js",
+    "core/commands/fast-mode-command.d.ts",
+    "core/commands/fast-mode-command.js",
     "core/commands/gc-command.d.ts",
     "core/commands/gc-command.js",
     "core/commands/git-command.d.ts",
@@ -616,6 +620,8 @@
     "core/image-ux-review.js",
     "core/image-ux-review/callout-extraction.d.ts",
     "core/image-ux-review/callout-extraction.js",
+    "core/image-ux-review/codex-app-generated-image-discovery.d.ts",
+    "core/image-ux-review/codex-app-generated-image-discovery.js",
     "core/image-ux-review/fix-loop.d.ts",
     "core/image-ux-review/fix-loop.js",
     "core/image-ux-review/fix-task-planner.d.ts",
@@ -630,6 +636,8 @@
     "core/image-ux-review/recapture.js",
     "core/imagegen/gpt-image-2-request-validator.d.ts",
     "core/imagegen/gpt-image-2-request-validator.js",
+    "core/imagegen/imagegen-auth-readiness.d.ts",
+    "core/imagegen/imagegen-auth-readiness.js",
     "core/imagegen/imagegen-capability.d.ts",
     "core/imagegen/imagegen-capability.js",
     "core/init.d.ts",
@@ -690,6 +698,8 @@
     "core/memory-governor.js",
     "core/memory-summary.d.ts",
     "core/memory-summary.js",
+    "core/migration/migration-transaction-journal.d.ts",
+    "core/migration/migration-transaction-journal.js",
     "core/mission.d.ts",
     "core/mission.js",
     "core/mistake-memory.d.ts",
@@ -829,6 +839,10 @@
     "core/recallpulse.js",
     "core/release-parallel-full-coverage.d.ts",
     "core/release-parallel-full-coverage.js",
+    "core/release/gate-cache.d.ts",
+    "core/release/gate-cache.js",
+    "core/release/gate-manifest.d.ts",
+    "core/release/gate-manifest.js",
     "core/reporting/markdown-table.d.ts",
     "core/reporting/markdown-table.js",
     "core/research.d.ts",
@@ -841,12 +855,40 @@
     "core/routes.js",
     "core/rust-accelerator.d.ts",
     "core/rust-accelerator.js",
+    "core/safety/mutation-guard.d.ts",
+    "core/safety/mutation-guard.js",
+    "core/safety/mutation-ledger.d.ts",
+    "core/safety/mutation-ledger.js",
+    "core/safety/requested-scope-contract.d.ts",
+    "core/safety/requested-scope-contract.js",
     "core/secret-redaction.d.ts",
     "core/secret-redaction.js",
     "core/session/project-namespace.d.ts",
     "core/session/project-namespace.js",
     "core/skill-forge.d.ts",
     "core/skill-forge.js",
+    "core/skills/core-rollout-trace.d.ts",
+    "core/skills/core-rollout-trace.js",
+    "core/skills/core-skill-card.d.ts",
+    "core/skills/core-skill-card.js",
+    "core/skills/core-skill-deployment.d.ts",
+    "core/skills/core-skill-deployment.js",
+    "core/skills/core-skill-epoch.d.ts",
+    "core/skills/core-skill-epoch.js",
+    "core/skills/core-skill-patch-apply.d.ts",
+    "core/skills/core-skill-patch-apply.js",
+    "core/skills/core-skill-patch.d.ts",
+    "core/skills/core-skill-patch.js",
+    "core/skills/core-skill-runtime.d.ts",
+    "core/skills/core-skill-runtime.js",
+    "core/skills/core-skill-scorer.d.ts",
+    "core/skills/core-skill-scorer.js",
+    "core/skills/core-skill-types.d.ts",
+    "core/skills/core-skill-types.js",
+    "core/skills/core-skill-validation.d.ts",
+    "core/skills/core-skill-validation.js",
+    "core/skills/rejected-skill-patch-buffer.d.ts",
+    "core/skills/rejected-skill-patch-buffer.js",
     "core/source-intelligence/appshots-evidence.d.ts",
     "core/source-intelligence/appshots-evidence.js",
     "core/source-intelligence/codex-history-search.d.ts",
@@ -875,6 +917,8 @@
     "core/team-review-policy.js",
     "core/triwiki-attention.d.ts",
     "core/triwiki-attention.js",
+    "core/triwiki-runtime.d.ts",
+    "core/triwiki-runtime.js",
     "core/triwiki-wrongness/avoidance-rules.d.ts",
     "core/triwiki-wrongness/avoidance-rules.js",
     "core/triwiki-wrongness/image-wrongness.d.ts",

package/dist/cli/command-registry.d.ts

@@ -50,6 +50,7 @@ export declare const COMMANDS: {
     hermes: CommandEntry;
     tmux: CommandEntry;
     'zellij-lane': CommandEntry;
+    zellij: CommandEntry;
     mad: CommandEntry;
     'mad-sks': CommandEntry;
     'auto-review': CommandEntry;
@@ -57,6 +58,7 @@ export declare const COMMANDS: {
     'dollar-commands': CommandEntry;
     dollars: CommandEntry;
     $: CommandEntry;
+    'fast-mode': CommandEntry;
     commit: CommandEntry;
     'commit-and-push': CommandEntry;
     dfix: CommandEntry;
@@ -137,6 +139,7 @@ export declare const TYPED_COMMANDS: {
     hermes: CommandEntry;
     tmux: CommandEntry;
     'zellij-lane': CommandEntry;
+    zellij: CommandEntry;
     mad: CommandEntry;
     'mad-sks': CommandEntry;
     'auto-review': CommandEntry;
@@ -144,6 +147,7 @@ export declare const TYPED_COMMANDS: {
     'dollar-commands': CommandEntry;
     dollars: CommandEntry;
     $: CommandEntry;
+    'fast-mode': CommandEntry;
     commit: CommandEntry;
     'commit-and-push': CommandEntry;
     dfix: CommandEntry;

package/dist/cli/command-registry.js

@@ -103,6 +103,7 @@ export const COMMANDS = {
     hermes: entry('labs', 'Create Hermes Agent skill package', 'dist/commands/hermes.js', directCommand(() => import('../commands/hermes.js'), 'dist/commands/hermes.js')),
     tmux: entry('beta', 'Show removed-runtime migration notice', 'dist/commands/tmux.js', directCommand(() => import('../commands/tmux.js'), 'dist/commands/tmux.js')),
     'zellij-lane': entry('beta', 'Render a Zellij lane frame for SKS sessions', 'dist/commands/zellij-lane.js', directCommand(() => import('../commands/zellij-lane.js'), 'dist/commands/zellij-lane.js')),
+    zellij: entry('beta', 'Inspect Zellij runtime status and explain repair (no auto-install)', 'dist/commands/zellij.js', directCommand(() => import('../commands/zellij.js'), 'dist/commands/zellij.js')),
     mad: entry('beta', 'MAD-SKS Zellij permission launcher', 'dist/commands/mad-sks.js', directCommand(() => import('../commands/mad-sks.js'), 'dist/commands/mad-sks.js')),
     'mad-sks': entry('beta', 'MAD-SKS scoped permission modifier', 'dist/commands/mad-sks.js', directCommand(() => import('../commands/mad-sks.js'), 'dist/commands/mad-sks.js')),
     'auto-review': entry('beta', 'Manage auto-review profile', 'dist/commands/auto-review.js', directCommand(() => import('../commands/auto-review.js'), 'dist/commands/auto-review.js')),
@@ -110,6 +111,7 @@ export const COMMANDS = {
     'dollar-commands': entry('stable', 'List Codex App dollar commands', 'dist/core/commands/basic-cli.js', basicArgs('dollarCommandsCommand')),
     dollars: entry('stable', 'Alias for dollar-commands', 'dist/core/commands/basic-cli.js', basicArgs('dollarCommandsCommand')),
     '$': entry('stable', 'Alias for dollar-commands', 'dist/core/commands/basic-cli.js', basicArgs('dollarCommandsCommand')),
+    'fast-mode': entry('stable', 'Toggle SKS Fast mode default for dollar-command routes', 'dist/core/commands/fast-mode-command.js', argsCommand(() => import('../core/commands/fast-mode-command.js'), 'fastModeCommand', 'dist/core/commands/fast-mode-command.js')),
     commit: entry('stable', 'Create a simple git commit', 'dist/commands/commit.js', directCommand(() => import('../commands/commit.js'), 'dist/commands/commit.js')),
     'commit-and-push': entry('stable', 'Create a simple git commit and push', 'dist/commands/commit-and-push.js', directCommand(() => import('../commands/commit-and-push.js'), 'dist/commands/commit-and-push.js')),
     dfix: entry('stable', 'Run DFix diagnose/plan/patch/verify loop', 'dist/core/commands/dfix-command.js', commandArgsCommand(() => import('../core/commands/dfix-command.js'), 'dfixCommand', 'dist/core/commands/dfix-command.js')),

package/dist/cli/install-helpers.js

@@ -4,6 +4,8 @@ import fsp from 'node:fs/promises';
 import readline from 'node:readline/promises';
 import { stdin as input, stdout as output } from 'node:process';
 import { ensureDir, exists, globalSksRoot, packageRoot, PACKAGE_VERSION, readText, runProcess, tmpdir, which, writeTextAtomic } from '../core/fsx.js';
+import { createRequestedScopeContract } from '../core/safety/requested-scope-contract.js';
+import { guardedPackageInstall, guardContextForRoute } from '../core/safety/mutation-guard.js';
 import { EMPTY_CODEX_INFO, getCodexInfo } from '../core/codex-adapter.js';
 import { formatHarnessConflictReport, llmHarnessCleanupPrompt, scanHarnessConflicts } from '../core/harness-conflicts.js';
 import { initProject, installSkills } from '../core/init.js';
@@ -2124,10 +2126,14 @@ export async function ensureCodexCliTool({ skip = false, args = [] } = {}) {
     if (!await confirmInstallYesDefault(`Codex CLI is missing. Install latest Codex CLI with ${command}?`, args)) {
         return { status: 'needs_approval', command, error: 'Codex CLI not found on PATH.' };
     }
-    const install = await runProcess(npmBin, ['i', '-g', '@openai/codex@latest'], {
-        timeoutMs: 120000,
-        maxOutputBytes: 128 * 1024
-    }).catch((err) => ({ code: 1, stdout: '', stderr: err.message }));
+    // Global package install is a confirmation-required mutation: route it through
+    // the mutation guard so it is scope-checked and recorded in the ledger. The
+    // user already approved via confirmInstallYesDefault above (confirmed:true).
+    const installRoot = globalSksRoot();
+    const installContract = createRequestedScopeContract({
+        route: 'install', userRequest: command, projectRoot: installRoot, overrides: { package_install: true }
+    });
+    const install = await guardedPackageInstall(guardContextForRoute(installRoot, installContract, command), '@openai/codex@latest', { confirmed: true, command: npmBin, args: ['i', '-g', '@openai/codex@latest'], timeoutMs: 120000 }).catch((err) => ({ code: 1, stdout: '', stderr: err.message }));
     if (install.code !== 0) {
         return { status: 'failed', error: `${install.stderr || install.stdout || 'npm i -g @openai/codex@latest failed'}`.trim() };
     }
@@ -2159,7 +2165,11 @@ export async function ensureZellijCliTool(args = [], opts = {}) {
     if (!await confirmInstallYesDefault(question, args))
         return { target: 'zellij', status: 'needs_approval', command: repairCommand, error: before.blockers[0] || before.warnings[0] || null };
     const brewArgs = hasInstalledZellij ? ['upgrade', 'zellij'] : ['install', 'zellij'];
-    const install = await runProcess(brew, brewArgs, { timeoutMs: 180000, maxOutputBytes: 128 * 1024 }).catch((err) => ({ code: 1, stdout: '', stderr: err.message }));
+    const zellijRoot = globalSksRoot();
+    const zellijContract = createRequestedScopeContract({
+        route: 'install', userRequest: repairCommand, projectRoot: zellijRoot, overrides: { package_install: true, zellij_install: true }
+    });
+    const install = await guardedPackageInstall(guardContextForRoute(zellijRoot, zellijContract, repairCommand), 'zellij', { confirmed: true, command: brew, args: brewArgs, timeoutMs: 180000 }).catch((err) => ({ code: 1, stdout: '', stderr: err.message }));
     if (install.code !== 0)
         return { target: 'zellij', status: 'failed', command: repairCommand, error: `${install.stderr || install.stdout || repairCommand + ' failed'}`.trim() };
     const after = await checkZellijCapability({ require: false, writeReport: false });

package/dist/commands/doctor.js

@@ -13,9 +13,14 @@ import { writeDoctorReadinessMatrix } from '../core/doctor/doctor-readiness-matr
 import { runCodexDoctorBridge, compareCodexDoctorBridge } from '../core/doctor/codex-doctor-bridge.js';
 import { checkZellijCapability } from '../core/zellij/zellij-capability.js';
 import { inventoryCodexPermissionProfiles } from '../core/codex/codex-permission-profiles.js';
+import { appendMigrationEvents, hashConfigText } from '../core/migration/migration-transaction-journal.js';
 export async function run(_command, args = []) {
     let setupRepair = null;
+    let migrationPreFix = null;
     if (flag(args, '--fix')) {
+        // Snapshot config content before ANY mutation so the migration journal can
+        // record real before/after hashes for the whole --fix transaction.
+        migrationPreFix = await captureCodexConfigSnapshot();
         const { setupCommand } = await import('../core/commands/basic-cli.js');
         const installScope = installScopeFromArgs(args);
         // Back up the existing managed project config before --force regeneration so a
@@ -44,6 +49,9 @@ export async function run(_command, args = []) {
     };
     const codexDoctorBefore = flag(args, '--fix') ? await runCodexDoctorBridge({ codexBin: codexBin || null, cwd: root, required: flag(args, '--require-actual-codex') }).catch(() => null) : null;
     const configRepair = flag(args, '--fix') ? await repairCodexConfigEperm(root, { fix: true, ...configProbeOpts }) : null;
+    const migrationJournal = flag(args, '--fix')
+        ? await writeFixMigrationJournal(root, migrationPreFix, configRepair, setupRepair).catch(() => null)
+        : null;
     const codexConfig = configRepair?.after || await inspectCodexConfigReadability(root, configProbeOpts);
     const codexDoctor = await runCodexDoctorBridge({ codexBin: codexBin || null, cwd: root, required: flag(args, '--require-actual-codex') });
     const codexDoctorDiff = compareCodexDoctorBridge(codexDoctorBefore, codexDoctor);
@@ -61,6 +69,8 @@ export async function run(_command, args = []) {
     const codexLb = codexLbMetrics(await readCodexLbCircuit(root).catch(() => ({})));
     const zellij = await checkZellijCapability({ root, require: process.env.SKS_REQUIRE_ZELLIJ === '1' });
     const permissionProfiles = await inventoryCodexPermissionProfiles(root, { writeReport: true });
+    const { detectImagegenCapability } = await import('../core/imagegen/imagegen-capability.js');
+    const imagegen = await detectImagegenCapability({ codexBin: codexBin || undefined }).catch((err) => ({ ok: false, error: err.message, auth_readiness: null }));
     const pkgBytes = await dirSize(root).catch(() => 0);
     const ready = await writeDoctorReadinessMatrix(root, {
         codex,
@@ -77,6 +87,7 @@ export async function run(_command, args = []) {
             ...(configRepair?.operator_actions || [])
         ]
     });
+    const zellijReadiness = buildZellijReadiness(root, zellij, ready);
     const result = {
         schema: 'sks.doctor-status.v1',
         ok: ready.ready,
@@ -90,11 +101,17 @@ export async function run(_command, args = []) {
         codex_doctor: codexDoctor,
         codex_doctor_diff: codexDoctorDiff,
         zellij,
+        zellij_readiness: zellijReadiness,
         codex_permission_profiles: permissionProfiles,
+        imagegen: {
+            ok: imagegen.auth_readiness?.available_paths?.length > 0,
+            auth_readiness: imagegen.auth_readiness || null,
+            codex_app_builtin_available: imagegen.codex_app?.available === true
+        },
         ready,
         sneakoscope: { ok: await exists(`${root}/.sneakoscope`) },
         package: { bytes: pkgBytes, human: formatBytes(pkgBytes) },
-        repair: { setup: setupRepair, codex_config: configRepair }
+        repair: { setup: setupRepair, codex_config: configRepair, migration_journal: migrationJournal }
     };
     if (flag(args, '--json')) {
         printJson(result);
@@ -110,11 +127,26 @@ export async function run(_command, args = []) {
     console.log('Project config:');
     console.log(`  node read:       ${ready.codex_config_readable_by_node ? 'ok' : 'failed'}`);
     console.log(`  codex cli read:  ${ready.codex_config_readable_by_codex_cli ? 'ok' : (actual?.status || 'failed')}`);
-    console.log(`  Zellij:          ${zellij.status}`);
     console.log(`  removed runtime: tmux`);
+    console.log('Zellij:');
+    console.log(`  binary:      ${zellijReadiness.binary} ${zellijReadiness.version || ''} ${zellijReadiness.status === 'ok' ? 'ok' : zellijReadiness.status}`);
+    console.log(`  required_for: ${zellijReadiness.required_for.join(', ')}`);
+    console.log(`  layout:      ${zellijReadiness.layout_proof}`);
+    console.log(`  pane proof:  ${zellijReadiness.pane_proof}`);
+    console.log(`  screen proof:${zellijReadiness.screen_proof}`);
+    console.log(`  tmux:        ${zellijReadiness.tmux_removed_runtime ? 'removed_runtime' : 'present'}`);
     console.log(`  codex doctor:    ${codexDoctor.available ? (codexDoctor.exit_code === 0 ? 'ok' : 'warning') : 'unavailable'}`);
     console.log(`Rust acc.: ${rust.mode || (rust.available ? 'rust_accelerated' : 'js_fallback')} ${rust.version || rust.status || ''}`);
     console.log(`Codex App: ${ready.codex_app_ready ? 'ok' : 'optional_missing'}`);
+    const imagegenReady = imagegen.auth_readiness;
+    if (imagegenReady) {
+        const paths = imagegenReady.available_paths?.length ? imagegenReady.available_paths.join(', ') : 'none';
+        console.log(`Image Gen: auth=${imagegenReady.auth_mode} | headless_auto=${imagegenReady.headless_auto_available ? 'available' : 'unavailable'} | paths: ${paths}`);
+        if (!imagegenReady.headless_auto_available) {
+            for (const action of imagegenReady.next_actions || [])
+                console.log(`  - ${action}`);
+        }
+    }
     console.log(`codex-lb:  ${codexLb.ok ? 'ok' : `warning ${codexLb.circuit?.state || 'unknown'}`}`);
     console.log(`Permissions: config profile and permission profile are tracked separately (${permissionProfiles.codex_config_profile_field}, ${permissionProfiles.codex_permission_profile_field})`);
     console.log('Ready:');
@@ -130,6 +162,9 @@ export async function run(_command, args = []) {
         for (const action of configRepair.repair_actions)
             console.log(`  - ${action.name}: ${action.ok ? 'ok' : 'failed'}`);
     }
+    if (migrationJournal?.journal_path) {
+        console.log(`Migration journal: ${migrationJournal.journal_path} (${migrationJournal.event_count} events, ${migrationJournal.mutations_without_rollback} without rollback)`);
+    }
     if (!ready.ready && ready.next_actions?.length) {
         console.log('What still needs you:');
         for (const action of ready.next_actions)
@@ -138,6 +173,103 @@ export async function run(_command, args = []) {
     if (!result.ok)
         process.exitCode = 1;
 }
+// Assemble the explicit Zellij readiness block for `doctor --json` from the
+// capability probe + readiness matrix. Proof statuses are availability-derived:
+// `verified` is reserved for a real environment run (SKS_REQUIRE_ZELLIJ=1 gates);
+// here they report `optional` when the binary is usable and `unavailable` when
+// Zellij is missing/too old. Zellij missing keeps mad_ready=false while cli_ready
+// can remain true (the matrix already enforces this).
+function buildZellijReadiness(root, zellij, ready) {
+    const status = String(zellij?.status || 'missing');
+    const usable = status === 'ok';
+    const proofStatus = usable ? 'optional' : 'unavailable';
+    const readiness = {
+        schema: 'sks.zellij-readiness.v1',
+        binary: zellij?.bin || 'zellij',
+        status,
+        min_version: zellij?.min_version || '0.41.0',
+        version: zellij?.version || null,
+        required_for: zellij?.required_for || ['sks --mad', 'interactive lane UI'],
+        layout_proof: proofStatus,
+        pane_proof: proofStatus,
+        screen_proof: proofStatus,
+        tmux_removed_runtime: true,
+        mad_ready: ready?.mad_ready === true,
+        cli_ready: ready?.cli_ready === true,
+        ready_for_interactive_runtime: ready?.codex_config_readable_in_zellij_context === true
+    };
+    return readiness;
+}
+async function codexHomeConfigPath() {
+    const path = await import('node:path');
+    const os = await import('node:os');
+    const home = process.env.CODEX_HOME || path.join(process.env.HOME || os.homedir(), '.codex');
+    return path.join(home, 'config.toml');
+}
+async function captureCodexConfigSnapshot() {
+    const fsp = await import('node:fs/promises');
+    const path = await import('node:path');
+    const read = async (p) => {
+        if (!p)
+            return null;
+        try {
+            return await fsp.readFile(p, 'utf8');
+        }
+        catch {
+            return null;
+        }
+    };
+    const root = await projectRoot();
+    const projectPath = root ? path.join(root, '.codex', 'config.toml') : null;
+    const homePath = await codexHomeConfigPath();
+    return {
+        project_path: projectPath,
+        project_text: await read(projectPath),
+        home_path: homePath,
+        home_text: await read(homePath)
+    };
+}
+// Build a migration journal for the --fix transaction with real before/after
+// content hashes and the backup paths produced by setup/structure/split repair.
+async function writeFixMigrationJournal(root, preFix, configRepair, setupRepair) {
+    if (!preFix)
+        return null;
+    const fsp = await import('node:fs/promises');
+    const read = async (p) => {
+        if (!p)
+            return null;
+        try {
+            return await fsp.readFile(p, 'utf8');
+        }
+        catch {
+            return null;
+        }
+    };
+    const projectAfter = await read(preFix.project_path);
+    const homeAfter = await read(preFix.home_path);
+    const structureRepairs = Array.isArray(configRepair?.structure_repairs) ? configRepair.structure_repairs : [];
+    const projectStructure = structureRepairs.find((repair) => repair.scope === 'project');
+    const homeStructure = structureRepairs.find((repair) => repair.scope === 'codex_home');
+    const events = [
+        {
+            step: 'doctor_fix_project_config',
+            target: preFix.project_path || '.codex/config.toml',
+            beforeHash: preFix.project_text != null ? hashConfigText(preFix.project_text) : null,
+            afterHash: projectAfter != null ? hashConfigText(projectAfter) : null,
+            backupPath: setupRepair?.config_backup_path || projectStructure?.backup_path || configRepair?.policy?.backup_path || null
+        },
+        {
+            step: 'doctor_fix_codex_home_config',
+            target: preFix.home_path || '~/.codex/config.toml',
+            beforeHash: preFix.home_text != null ? hashConfigText(preFix.home_text) : null,
+            afterHash: homeAfter != null ? hashConfigText(homeAfter) : null,
+            backupPath: homeStructure?.backup_path || null
+        }
+    ].filter((event) => event.beforeHash != null || event.afterHash != null);
+    if (!events.length)
+        return null;
+    return appendMigrationEvents(root, events);
+}
 async function backupProjectConfigBeforeFix() {
     try {
         const fsp = await import('node:fs/promises');

package/dist/commands/image-ux-review.d.ts

@@ -914,6 +914,7 @@ export declare function run(command: any, args?: any): Promise<void | {
                 backend: string;
                 route: string;
                 route_command: string;
+                selected_core_skill: any;
                 route_blackbox_kind: string;
                 real_route_command_used: boolean;
                 native_cli_session_proof: string | null;
@@ -1039,6 +1040,12 @@ export declare function run(command: any, args?: any): Promise<void | {
                 janitor_ok: boolean;
                 trust_report: string;
                 wrongness_records: string;
+                triwiki_context: string;
+                triwiki_context_consulted: boolean;
+                context_pack_hash: any;
+                triwiki_use_first_count: number;
+                triwiki_hydrate_first_count: number;
+                triwiki_claim_count: number;
                 changed_files_lease_checked: boolean;
                 dependency_collision_risk: any;
                 blockers: any[];

package/dist/commands/mad-sks.d.ts

@@ -12,8 +12,13 @@ export declare function run(_command: any, args?: any): Promise<void | {
     layout_artifact: string;
     command: string[];
     launch_command: string[];
+    launch_command_with_env: string;
     background_command: string[];
+    background_command_with_env: string;
     attach_command: string;
+    attach_command_with_env: string;
+    zellij_socket_dir: string | null;
+    zellij_socket_dir_source: import("../core/zellij/zellij-command.js").ZellijSocketDirSource;
     pane_proof_path: string;
     pane_proof: {
         schema: string;

package/dist/commands/ppt.d.ts

@@ -763,6 +763,7 @@ export declare function run(command: any, args?: any): Promise<void | {
                 backend: string;
                 route: string;
                 route_command: string;
+                selected_core_skill: any;
                 route_blackbox_kind: string;
                 real_route_command_used: boolean;
                 native_cli_session_proof: string | null;
@@ -888,6 +889,12 @@ export declare function run(command: any, args?: any): Promise<void | {
                 janitor_ok: boolean;
                 trust_report: string;
                 wrongness_records: string;
+                triwiki_context: string;
+                triwiki_context_consulted: boolean;
+                context_pack_hash: any;
+                triwiki_use_first_count: number;
+                triwiki_hydrate_first_count: number;
+                triwiki_claim_count: number;
                 changed_files_lease_checked: boolean;
                 dependency_collision_risk: any;
                 blockers: any[];

package/dist/commands/zellij.d.ts

@@ -0,0 +1,4 @@
+export declare const ZELLIJ_COMMAND_SCHEMA = "sks.zellij-command.v1";
+export declare const ZELLIJ_REPAIR_SCHEMA = "sks.zellij-repair.v1";
+export declare function run(_command?: string, args?: string[]): Promise<void>;
+//# sourceMappingURL=zellij.d.ts.map