sneakoscope 2.0.1 → 2.0.2

package/dist/core/agents/ollama-worker-config.js

@@ -0,0 +1,118 @@
+import os from 'node:os';
+import path from 'node:path';
+import { ensureDir, exists, nowIso, readJson, writeJsonAtomic } from '../fsx.js';
+export const LOCAL_MODEL_CONFIG_SCHEMA = 'sks.local-model-config.v1';
+export const OLLAMA_WORKER_CONFIG_SCHEMA = 'sks.ollama-worker-config.v1';
+export const DEFAULT_OLLAMA_CODER_MODEL = 'rafw007/qwen36-a3b-claude-coder:q4_K_M';
+export const DEFAULT_OLLAMA_BASE_URL = 'http://127.0.0.1:11434';
+export const DEFAULT_OLLAMA_KEEP_ALIVE = '30m';
+export const DEFAULT_OLLAMA_TIMEOUT_MS = 120_000;
+export const DEFAULT_OLLAMA_THINK = false;
+export function localModelConfigPath() {
+    return process.env.SKS_LOCAL_MODEL_CONFIG
+        ? path.resolve(process.env.SKS_LOCAL_MODEL_CONFIG)
+        : path.join(os.homedir(), '.sneakoscope', 'local-model.json');
+}
+export async function readLocalModelConfig() {
+    const raw = await readJson(localModelConfigPath(), null);
+    return normalizeLocalModelConfig(raw || {});
+}
+export async function writeLocalModelConfig(patch) {
+    const current = await readLocalModelConfig();
+    const next = normalizeLocalModelConfig({ ...current, ...patch, updated_at: nowIso() });
+    await ensureDir(path.dirname(localModelConfigPath()));
+    await writeJsonAtomic(localModelConfigPath(), next);
+    return next;
+}
+export async function resolveOllamaWorkerConfig(input = {}) {
+    const configExists = await exists(localModelConfigPath());
+    const stored = await readLocalModelConfig();
+    const explicitDisable = boolEnv(process.env.SKS_OLLAMA_WORKERS) === false;
+    const explicitEnable = boolEnv(process.env.SKS_OLLAMA_WORKERS) === true || input.ollamaEnabled === true || input.backend === 'ollama';
+    const enabled = explicitDisable ? false : explicitEnable || stored.enabled === true;
+    const model = firstText(process.env.SKS_OLLAMA_MODEL, input.model, stored.model, DEFAULT_OLLAMA_CODER_MODEL);
+    const baseUrl = trimTrailingSlash(firstText(process.env.SKS_OLLAMA_BASE_URL, input.baseUrl, stored.base_url, DEFAULT_OLLAMA_BASE_URL));
+    const keepAlive = firstText(process.env.SKS_OLLAMA_KEEP_ALIVE, input.keepAlive, stored.keep_alive, DEFAULT_OLLAMA_KEEP_ALIVE);
+    const timeoutMs = positiveNumber(process.env.SKS_OLLAMA_TIMEOUT_MS, input.timeoutMs, stored.timeout_ms, DEFAULT_OLLAMA_TIMEOUT_MS);
+    const temperature = finiteNumber(process.env.SKS_OLLAMA_TEMPERATURE, input.temperature, stored.temperature, 0.1);
+    const think = boolEnv(process.env.SKS_OLLAMA_THINK) ?? input.think ?? stored.think ?? DEFAULT_OLLAMA_THINK;
+    const blockers = [
+        ...(enabled ? [] : ['ollama_workers_disabled']),
+        ...(!model ? ['ollama_model_missing'] : []),
+        ...(!baseUrl ? ['ollama_base_url_missing'] : [])
+    ];
+    return {
+        schema: OLLAMA_WORKER_CONFIG_SCHEMA,
+        ok: blockers.length === 0,
+        enabled,
+        provider: 'ollama',
+        model,
+        base_url: baseUrl,
+        keep_alive: keepAlive,
+        timeout_ms: timeoutMs,
+        temperature,
+        think,
+        config_path: localModelConfigPath(),
+        explicit_disable: explicitDisable,
+        explicit_enable: explicitEnable,
+        blockers
+    };
+}
+export function normalizeLocalModelConfig(raw = {}) {
+    return {
+        schema: LOCAL_MODEL_CONFIG_SCHEMA,
+        ...(raw.generated_at ? { generated_at: String(raw.generated_at) } : { generated_at: nowIso() }),
+        ...(raw.updated_at ? { updated_at: String(raw.updated_at) } : {}),
+        enabled: raw.enabled === true,
+        provider: 'ollama',
+        model: firstText(raw.model, DEFAULT_OLLAMA_CODER_MODEL),
+        base_url: trimTrailingSlash(firstText(raw.base_url, raw.baseUrl, DEFAULT_OLLAMA_BASE_URL)),
+        keep_alive: firstText(raw.keep_alive, raw.keepAlive, DEFAULT_OLLAMA_KEEP_ALIVE),
+        timeout_ms: positiveNumber(raw.timeout_ms, raw.timeoutMs, DEFAULT_OLLAMA_TIMEOUT_MS),
+        temperature: finiteNumber(raw.temperature, 0.1),
+        think: typeof raw.think === 'boolean' ? raw.think : DEFAULT_OLLAMA_THINK,
+        policy: {
+            worker_only: true,
+            no_strategy_planning_design: true,
+            allowed_work: ['simple_code_patch_envelopes', 'read_only_collection']
+        }
+    };
+}
+export function boolEnv(value) {
+    const text = String(value ?? '').trim().toLowerCase();
+    if (!text)
+        return null;
+    if (['1', 'true', 'on', 'yes', 'enable', 'enabled'].includes(text))
+        return true;
+    if (['0', 'false', 'off', 'no', 'disable', 'disabled'].includes(text))
+        return false;
+    return null;
+}
+function firstText(...values) {
+    for (const value of values) {
+        const text = String(value ?? '').trim();
+        if (text)
+            return text;
+    }
+    return '';
+}
+function trimTrailingSlash(value) {
+    return value.replace(/\/+$/, '');
+}
+function positiveNumber(...values) {
+    for (const value of values) {
+        const n = Number(value);
+        if (Number.isFinite(n) && n > 0)
+            return Math.floor(n);
+    }
+    return DEFAULT_OLLAMA_TIMEOUT_MS;
+}
+function finiteNumber(...values) {
+    for (const value of values) {
+        const n = Number(value);
+        if (Number.isFinite(n))
+            return n;
+    }
+    return 0;
+}
+//# sourceMappingURL=ollama-worker-config.js.map

package/dist/core/auto-review.js

@@ -108,7 +108,7 @@ export const SKS_CONFIG_PROFILES = [
     { name: 'sks-research-xhigh', stripTable: true, block: sksProfileFileBlock({ effort: 'xhigh' }) },
     { name: 'sks-research', stripTable: true, block: sksProfileFileBlock({ effort: 'xhigh', approvalPolicy: 'never' }) },
     { name: 'sks-team', stripTable: true, block: sksProfileFileBlock({ effort: 'medium' }) },
-    { name: MAD_HIGH_PROFILE, stripTable: true, block: sksProfileFileBlock({ effort: 'high', approvalPolicy: 'never', sandboxMode: 'danger-full-access', reviewer: AUTO_REVIEW_REVIEWER }) },
+    { name: MAD_HIGH_PROFILE, stripTable: true, block: sksProfileFileBlock({ effort: 'xhigh', approvalPolicy: 'never', sandboxMode: 'danger-full-access', reviewer: AUTO_REVIEW_REVIEWER }) },
     { name: 'sks-default', stripTable: true, block: sksProfileFileBlock({ effort: 'high' }) }
 ];
 function sksProfileFileBlock(opts = {}) {
@@ -146,7 +146,32 @@ export async function migrateSksProfilesToPerFile(opts = {}) {
         tables_stripped: SKS_CONFIG_PROFILES.filter((profile) => profile.stripTable).map((profile) => profile.name)
     };
 }
-export async function enableMadHighProfile(opts = {}) {
+export function buildMadHighLaunchProfileNoWrite(opts = {}) {
+    const env = opts.env || process.env;
+    const profileName = String(opts.profileName || MAD_HIGH_PROFILE);
+    return {
+        config_path: codexConfigPath(env),
+        profile_config_path: codexProfileConfigPath(profileName, env),
+        profile_name: profileName,
+        launch_args: [
+            '--sandbox',
+            'danger-full-access',
+            '--ask-for-approval',
+            'never',
+            '-c',
+            'service_tier=fast',
+            '-c',
+            'model_reasoning_effort=xhigh'
+        ],
+        sandbox_mode: 'danger-full-access',
+        approval_policy: 'never',
+        model_reasoning_effort: 'xhigh',
+        service_tier: 'fast',
+        scope: 'explicit_launch_only',
+        writes_user_codex_config: false
+    };
+}
+export async function ensureMadHighProfileForSetupOrRepair(opts = {}) {
     const configPath = opts.configPath || codexConfigPath(opts.env || process.env);
     const env = opts.env || process.env;
     await ensureDir(path.dirname(configPath));
@@ -160,7 +185,7 @@ export async function enableMadHighProfile(opts = {}) {
     // selectors so Codex stops warning about the legacy config profile on launch.
     await migrateSksProfilesToPerFile({ configPath, env });
     await writeProfileConfig(configPath, MAD_HIGH_PROFILE, profileConfigBlock({
-        effort: 'high',
+        effort: 'xhigh',
         approvalPolicy: 'never',
         sandboxMode: 'danger-full-access'
     }));
@@ -168,14 +193,22 @@ export async function enableMadHighProfile(opts = {}) {
         config_path: configPath,
         profile_config_path: path.join(path.dirname(configPath), `${MAD_HIGH_PROFILE}.config.toml`),
         profile_name: MAD_HIGH_PROFILE,
-        launch_args: ['--profile', MAD_HIGH_PROFILE, '--sandbox', 'danger-full-access', '--ask-for-approval', 'never', '-c', 'service_tier=fast'],
+        launch_args: ['--profile', MAD_HIGH_PROFILE, '--sandbox', 'danger-full-access', '--ask-for-approval', 'never', '-c', 'service_tier=fast', '-c', 'model_reasoning_effort=xhigh'],
         sandbox_mode: 'danger-full-access',
         approval_policy: 'never',
         approvals_reviewer: AUTO_REVIEW_REVIEWER,
-        model_reasoning_effort: 'high',
-        scope: 'explicit_launch_only'
+        model_reasoning_effort: 'xhigh',
+        service_tier: 'fast',
+        scope: 'setup_or_repair_only',
+        writes_user_codex_config: true
     };
 }
+export async function enableMadHighProfile(opts = {}) {
+    if (opts.allowUserConfigWrite !== true) {
+        throw new Error('enableMadHighProfile writes Codex user config; use buildMadHighLaunchProfileNoWrite for sks --mad');
+    }
+    return ensureMadHighProfileForSetupOrRepair(opts);
+}
 export function madHighProfileName() {
     return MAD_HIGH_PROFILE;
 }

package/dist/core/codex-app/codex-app-fast-ui-repair.js

@@ -16,6 +16,9 @@ export async function repairCodexAppFastUi(root = process.cwd(), input = {}) {
         { scope: 'codex_home', file: path.join(home, 'config.toml'), mode: 'sks_caused_host_owned_keys' }
     ];
     const actions = [];
+    const detectedProjectLocalForbiddenKeys = [];
+    const unsafeReasons = [];
+    let detectedSksCausedMutation = false;
     for (const candidate of candidates) {
         const text = await readText(candidate.file, null);
         if (text == null) {
@@ -25,8 +28,16 @@ export async function repairCodexAppFastUi(root = process.cwd(), input = {}) {
         const repaired = candidate.mode === 'project_forbidden_keys'
             ? stripProjectLocalForbiddenKeys(text)
             : stripSksCausedHostOwnedLines(text);
+        if (candidate.mode === 'project_forbidden_keys')
+            detectedProjectLocalForbiddenKeys.push(...repaired.removedKeys);
+        if (candidate.mode === 'sks_caused_host_owned_keys') {
+            const unsafe = detectUnsafeFastUiRepair(text);
+            unsafeReasons.push(...unsafe);
+            if (repaired.text !== text)
+                detectedSksCausedMutation = true;
+        }
         if (repaired.text === text) {
-            actions.push({ scope: candidate.scope, file: displayPath(candidate.file), status: 'ok', changed: false, removed_keys: repaired.removedKeys });
+            actions.push({ scope: candidate.scope, file: displayPath(candidate.file), status: unsafeReasons.length && candidate.mode === 'sks_caused_host_owned_keys' ? 'requires_confirmation' : 'ok', changed: false, removed_keys: repaired.removedKeys });
             continue;
         }
         const backupPath = `${candidate.file}.codex-app-ui-repair-${Date.now().toString(36)}.bak`;
@@ -49,9 +60,12 @@ export async function repairCodexAppFastUi(root = process.cwd(), input = {}) {
     }
     const after = await snapshotCodexAppUiState(resolvedRoot, { codexHome: home });
     const changed = actions.some((action) => action.changed);
+    const requiresConfirmation = unsafeReasons.length > 0 && input.force !== true;
+    const safeAutoApply = changed && !requiresConfirmation;
     const manual = changed && !input.apply;
     const blockers = [
-        ...(manual ? ['codex_app_fast_ui_repair_requires_explicit_apply'] : []),
+        ...(requiresConfirmation ? ['codex_app_fast_ui_repair_requires_confirmation'] : []),
+        ...(manual && !safeAutoApply ? ['codex_app_fast_ui_repair_requires_explicit_apply'] : []),
         ...(after.indicators.secret_leak_suspected ? ['codex_app_ui_repair_secret_leak_suspected'] : [])
     ];
     const report = {
@@ -59,19 +73,44 @@ export async function repairCodexAppFastUi(root = process.cwd(), input = {}) {
         generated_at: nowIso(),
         ok: blockers.length === 0,
         apply: input.apply === true,
+        safe_auto_apply: safeAutoApply,
+        requires_confirmation: requiresConfirmation,
+        detected_sks_caused_mutation: detectedSksCausedMutation,
+        detected_project_local_forbidden_keys: [...new Set(detectedProjectLocalForbiddenKeys)],
+        unsafe_repair_reasons: [...new Set(unsafeReasons)],
         fast_selector: changed ? (input.apply ? 'repaired' : 'manual_action_required') : before.indicators.fast_selector === 'maybe_hidden_or_locked' ? 'manual_action_required' : 'ok',
         provider_selector: 'ok',
         host_owned_config: input.apply && changed ? 'repaired_with_backup' : changed ? 'preserved_until_explicit_apply' : 'preserved',
         actions,
         before_fast_selector: before.indicators.fast_selector,
         after_fast_selector: after.indicators.fast_selector,
-        next_action: manual ? 'Run `sks doctor --fix --repair-codex-app-ui` after reviewing the repair plan.' : changed ? 'Restart Codex App if the selector was already hidden.' : 'No Codex App UI repair needed.',
+        next_action: requiresConfirmation ? 'Run `sks doctor --fix --repair-codex-app-ui` after reviewing the repair plan.' : manual && safeAutoApply ? 'Run `sks doctor --fix` to apply the safe Codex App UI repair.' : manual ? 'Run `sks doctor --fix --repair-codex-app-ui` after reviewing the repair plan.' : changed ? 'Restart Codex App if the selector was already hidden.' : 'No Codex App UI repair needed.',
         blockers
     };
     if (input.reportPath)
         await writeJsonAtomic(input.reportPath, report);
     return report;
 }
+function detectUnsafeFastUiRepair(text) {
+    const reasons = [];
+    const lines = text.split(/\r?\n/);
+    for (let i = 0; i < lines.length; i += 1) {
+        const line = lines[i] || '';
+        const serviceTier = line.match(/^\s*service_tier\s*=\s*"(standard|flex)"\s*(?:#.*)?$/i)?.[1];
+        const sksMarked = SKS_CAUSED_RE.test(line) || SKS_CAUSED_RE.test(lines[i - 1] || '') || SKS_CAUSED_RE.test(lines[i + 1] || '');
+        if (serviceTier && !sksMarked)
+            reasons.push(`user_selected_service_tier_${serviceTier.toLowerCase()}`);
+    }
+    if (hasOddUnescapedQuotes(text))
+        reasons.push('unparseable_config_requires_manual_review');
+    return [...new Set(reasons)];
+}
+function hasOddUnescapedQuotes(text) {
+    return text.split(/\r?\n/).some((line) => {
+        const stripped = line.replace(/\\"/g, '');
+        return (stripped.match(/"/g) || []).length % 2 === 1;
+    });
+}
 function stripProjectLocalForbiddenKeys(text) {
     const forbidden = scanProjectLocalForbiddenKeys(text);
     if (!forbidden.length)

package/dist/core/commands/basic-cli.js

@@ -10,7 +10,7 @@ import { buildFeatureRegistry, validateFeatureRegistry } from '../feature-regist
 import { hooksExplainReport } from '../../cli/feature-commands.js';
 import { writeSelftestRouteProof } from '../proof/selftest-proof-fixtures.js';
 import { createMission } from '../mission.js';
-import { formatSksUpdateCheckText, runSksUpdateCheck } from '../update-check.js';
+import { formatSksUpdateCheckText, runSksUpdateCheck, runSksUpdateNow } from '../update-check.js';
 export async function helpCommand(args = []) {
     const topic = args[0];
     if (topic)
@@ -109,6 +109,34 @@ export async function updateCheckCommand(args = []) {
         return printJson(result);
     console.log(`${sksTextLogo()}\n\n${formatSksUpdateCheckText(result)}`);
 }
+export async function updateCommand(sub = 'check', args = []) {
+    const action = String(sub || 'check').toLowerCase();
+    if (action === 'check' || action === 'status')
+        return updateCheckCommand(args);
+    if (action !== 'now') {
+        console.error('Usage: sks update check|now [--version <version>] [--json] [--dry-run]');
+        process.exitCode = 1;
+        return;
+    }
+    const result = await runSksUpdateNow({
+        version: valueAfter(args, '--version') || valueAfter(args, '-v'),
+        dryRun: flag(args, '--dry-run'),
+        timeoutMs: 10 * 60 * 1000,
+        maxOutputBytes: 128 * 1024
+    });
+    if (flag(args, '--json'))
+        return printJson(result);
+    console.log(`${sksTextLogo()}\n`);
+    console.log(`SKS update ${result.status}`);
+    if (result.command)
+        console.log(`Command: ${result.command}`);
+    if (result.global_root)
+        console.log(`Global root: ${result.global_root}`);
+    if (result.error)
+        console.log(`Error: ${result.error}`);
+    if (!result.ok)
+        process.exitCode = 1;
+}
 export async function setupCommand(args = []) {
     const root = await projectRoot();
     const installScope = installScopeFromArgs(args);
@@ -327,4 +355,11 @@ function whichSync(command) {
     });
     return result.status === 0 ? String(result.stdout || '').trim().split(/\r?\n/)[0] : null;
 }
+function valueAfter(args = [], name) {
+    const index = args.findIndex((arg) => String(arg) === name);
+    if (index < 0)
+        return null;
+    const value = args[index + 1];
+    return value === undefined ? null : String(value);
+}
 //# sourceMappingURL=basic-cli.js.map

package/dist/core/commands/local-model-command.js

@@ -0,0 +1,105 @@
+import { resolveOllamaWorkerConfig, writeLocalModelConfig, readLocalModelConfig } from '../agents/ollama-worker-config.js';
+export async function localModelCommand(args = []) {
+    const action = normalizeLocalModelAction(args[0]);
+    if (action === 'enable')
+        return emit(await enable(args.slice(1)), args);
+    if (action === 'disable')
+        return emit(await disable(), args);
+    if (action === 'set-model')
+        return emit(await setModel(args.slice(1)), args);
+    if (action === 'status')
+        return emit(await status(), args);
+    const result = { schema: 'sks.local-model-command.v1', ok: false, action, blockers: ['unknown_local_model_action'] };
+    process.exitCode = 1;
+    return emit(result, args);
+}
+function normalizeLocalModelAction(value) {
+    const text = String(value || 'status').trim().toLowerCase();
+    if (['on', 'enable', 'enabled', 'with-local-llm-on', '켜', '켜기'].includes(text))
+        return 'enable';
+    if (['off', 'disable', 'disabled', 'with-local-llm-off', '꺼', '끄기'].includes(text))
+        return 'disable';
+    if (['model', 'set', 'set-model'].includes(text))
+        return 'set-model';
+    if (['', 'status', 'state', 'check'].includes(text))
+        return 'status';
+    return text;
+}
+async function enable(args) {
+    const model = readOption(args, '--model', args[0] || '');
+    const baseUrl = readOption(args, '--base-url', '');
+    const think = readBoolFlag(args, '--think', '--no-think');
+    const patch = { enabled: true, provider: 'ollama' };
+    if (model)
+        patch.model = model;
+    if (baseUrl)
+        patch.base_url = baseUrl;
+    if (think !== null)
+        patch.think = think;
+    const config = await writeLocalModelConfig(patch);
+    return { schema: 'sks.local-model-command.v1', ok: true, action: 'enable', config };
+}
+async function disable() {
+    const config = await writeLocalModelConfig({ enabled: false });
+    return { schema: 'sks.local-model-command.v1', ok: true, action: 'disable', config };
+}
+async function setModel(args) {
+    const model = String(args[0] || '').trim();
+    if (!model) {
+        process.exitCode = 1;
+        return { schema: 'sks.local-model-command.v1', ok: false, action: 'set-model', blockers: ['model_missing'] };
+    }
+    const config = await writeLocalModelConfig({ model });
+    return { schema: 'sks.local-model-command.v1', ok: true, action: 'set-model', config };
+}
+async function status() {
+    const config = await readLocalModelConfig();
+    const resolved = await resolveOllamaWorkerConfig();
+    const api = await probeOllama(resolved.base_url);
+    return { schema: 'sks.local-model-command.v1', ok: true, action: 'status', config, resolved, api };
+}
+async function probeOllama(baseUrl) {
+    try {
+        const response = await fetch(`${baseUrl}/api/version`, { signal: AbortSignal.timeout(3000) });
+        const text = await response.text();
+        return { ok: response.ok, status: response.status, data: response.ok ? JSON.parse(text) : null };
+    }
+    catch (error) {
+        return { ok: false, error: error instanceof Error ? error.message : String(error) };
+    }
+}
+function emit(result, args) {
+    if (args.includes('--json')) {
+        console.log(JSON.stringify(result, null, 2));
+        return result;
+    }
+    if (result.ok !== true) {
+        console.log(`Local model: blocked (${(result.blockers || []).join(', ') || 'unknown'})`);
+        return result;
+    }
+    const config = result.config || result.resolved || {};
+    console.log(`Local model: ${config.enabled ? 'enabled' : 'disabled'}`);
+    console.log(`Provider: ollama`);
+    console.log(`Model: ${config.model || 'unknown'}`);
+    console.log(`Base URL: ${config.base_url || config.baseUrl || 'unknown'}`);
+    if (typeof config.think === 'boolean')
+        console.log(`Think: ${config.think ? 'enabled' : 'disabled'}`);
+    if (result.api)
+        console.log(`Ollama API: ${result.api.ok ? 'ok' : 'not reachable'}`);
+    return result;
+}
+function readOption(args, name, fallback) {
+    const index = args.indexOf(name);
+    if (index >= 0 && args[index + 1] && !String(args[index + 1]).startsWith('--'))
+        return String(args[index + 1]);
+    const prefixed = args.find((arg) => String(arg).startsWith(`${name}=`));
+    return prefixed ? prefixed.slice(name.length + 1) : fallback;
+}
+function readBoolFlag(args, trueName, falseName) {
+    if (args.includes(trueName))
+        return true;
+    if (args.includes(falseName))
+        return false;
+    return null;
+}
+//# sourceMappingURL=local-model-command.js.map

package/dist/core/commands/mad-sks-command.js

@@ -4,7 +4,7 @@ import { spawn } from 'node:child_process';
 import { appendJsonlBounded, exists, nowIso, packageRoot, readJson, sksRoot, writeJsonAtomic } from '../fsx.js';
 import { initProject } from '../init.js';
 import { createMission, setCurrent } from '../mission.js';
-import { enableMadHighProfile, madHighProfileName } from '../auto-review.js';
+import { buildMadHighLaunchProfileNoWrite, madHighProfileName } from '../auto-review.js';
 import { permissionGateSummary } from '../permission-gates.js';
 import { attachZellijSessionInteractive, launchMadZellijUi, sanitizeZellijSessionName } from '../zellij/zellij-launcher.js';
 import { createMadSksAuthorizationManifest, validateMadSksAuthorizationManifest } from '../mad-sks/authorization-manifest.js';
@@ -17,13 +17,14 @@ import { runMadSksExecutor } from '../mad-sks/executors/index.js';
 import { applyMadSksRollbackPlan } from '../mad-sks/rollback-apply.js';
 import { repairCodexConfigEperm } from '../codex/codex-config-eperm-repair.js';
 import { runCodexLaunchPreflight } from '../preflight/parallel-preflight-engine.js';
+import { diffCodexAppUiSnapshots, writeCodexAppUiSnapshot } from '../codex-app/codex-app-ui-state-snapshot.js';
 export async function madHighCommand(args = [], deps = {}) {
     const subcommand = firstSubcommand(args);
     if (subcommand)
         return madSksSubcommand(subcommand, args.filter((arg) => String(arg) !== subcommand));
     const cleanArgs = stripMadLaunchOnlyArgs(args);
     if (args.includes('--json')) {
-        const profile = await enableMadHighProfile();
+        const profile = buildMadHighLaunchProfileNoWrite();
         return console.log(JSON.stringify(profile, null, 2));
     }
     const update = deps.maybePromptSksUpdateForLaunch ? await deps.maybePromptSksUpdateForLaunch(args, { label: 'MAD launch' }) : { status: 'skipped' };
@@ -55,16 +56,28 @@ export async function madHighCommand(args = [], deps = {}) {
         process.exitCode = 1;
         return;
     }
-    const profile = await enableMadHighProfile();
+    const profile = buildMadHighLaunchProfileNoWrite();
     const launchRoot = process.cwd();
     if (!(await exists(path.join(launchRoot, '.sneakoscope'))))
         await initProject(launchRoot, {});
+    const uiSnapshotId = Date.now().toString(36);
+    const beforeUi = await writeCodexAppUiSnapshot(launchRoot, `mad-before-${uiSnapshotId}`).catch(() => null);
     // launchFast skips the redundant live-`codex exec` config probe (up to ~20s, run
     // up to 3x via repair re-inspections): the real codex profile is exercised moments
     // later when the Zellij session opens. All filesystem/permission/EPERM/symlink/ACL
     // readability + repair checks still run. SKS_LAUNCH_FULL_CODEX_PROBE=1 restores the
     // old behavior.
-    const launchPreflight = await runCodexLaunchPreflight(launchRoot, { fix: true, launchFast: process.env.SKS_LAUNCH_FULL_CODEX_PROBE !== '1', profile: profile.profile_name, sandbox: 'danger-full-access', serviceTier: 'fast' });
+    const rawArgs = (args || []).map((arg) => String(arg));
+    const allowMadRepair = rawArgs.includes('--repair-config') || rawArgs.includes('--fix') || rawArgs.includes('--yes-repair');
+    const launchPreflight = await runCodexLaunchPreflight(launchRoot, { fix: allowMadRepair, launchFast: process.env.SKS_LAUNCH_FULL_CODEX_PROBE !== '1', profile: profile.profile_name, sandbox: 'danger-full-access', serviceTier: 'fast' });
+    const afterPreflightUi = beforeUi ? await writeCodexAppUiSnapshot(launchRoot, `mad-after-preflight-${uiSnapshotId}`).catch(() => null) : null;
+    const preflightUiDiff = beforeUi && afterPreflightUi ? diffCodexAppUiSnapshots(beforeUi, afterPreflightUi) : null;
+    if (preflightUiDiff && !preflightUiDiff.ok) {
+        await writeJsonAtomic(path.join(launchRoot, '.sneakoscope', 'reports', 'mad-codex-app-ui-preflight-diff.json'), preflightUiDiff);
+        console.error('SKS MAD launch changed Codex App UI state during preflight. Run `sks doctor --fix`.');
+        process.exitCode = 1;
+        return preflightUiDiff;
+    }
     if (!launchPreflight.ok) {
         console.error('SKS MAD launch blocked by config preflight.');
         for (const blocker of launchPreflight.blockers || [])
@@ -83,16 +96,30 @@ export async function madHighCommand(args = [], deps = {}) {
         SKS_MAD_SKS_TARGET_ROOT: madLaunch.gate.cwd,
         SKS_MAD_SKS_PROTECTED_CORE_DIGEST: madLaunch.gate.protected_core_digest
     };
-    const madNativeSwarm = await startMadNativeSwarm(madLaunch.root, madLaunch, args, profile, {
-        env: madSksEnv
-    });
     const launchOpts = codexLbImmediateLaunchOpts(cleanArgs, launchLb, { codexArgs: profile.launch_args, conciseBlockers: true, madSksEnv, launchEnv: madSksEnv });
     const workspace = readOption(cleanArgs, '--workspace', readOption(cleanArgs, '--session', launchOpts.session || `sks-mad-${sanitizeZellijSessionName(process.cwd())}`));
-    const launch = await launchMadZellijUi([...cleanArgs, '--workspace', workspace], { ...launchOpts, missionId: madLaunch.mission_id, root: madLaunch.root, cwd: process.cwd(), ledgerRoot: path.join(madLaunch.dir, 'agents'), slotCount: madNativeSwarm.lane_count || 1, requireZellij: process.env.SKS_REQUIRE_ZELLIJ === '1' });
+    const launch = await launchMadZellijUi([...cleanArgs, '--workspace', workspace], { ...launchOpts, missionId: madLaunch.mission_id, root: madLaunch.root, cwd: process.cwd(), ledgerRoot: path.join(madLaunch.dir, 'agents'), slotCount: 0, requireZellij: process.env.SKS_REQUIRE_ZELLIJ === '1' });
+    const afterLaunchUi = beforeUi ? await writeCodexAppUiSnapshot(launchRoot, `mad-after-launch-${uiSnapshotId}`).catch(() => null) : null;
+    const launchUiDiff = beforeUi && afterLaunchUi ? diffCodexAppUiSnapshots(beforeUi, afterLaunchUi) : null;
+    if (launchUiDiff) {
+        await writeJsonAtomic(path.join(madLaunch.dir, 'codex-app-ui-diff.json'), launchUiDiff);
+        if (!launchUiDiff.ok) {
+            console.error('SKS MAD launch changed Codex App UI state. Run `sks doctor --fix`.');
+            process.exitCode = 1;
+            return launchUiDiff;
+        }
+    }
     if (!launch.ok) {
         console.log(`MAD Zellij action: ${formatMadZellijAction(launch)}`);
         return launch;
     }
+    const madNativeSwarm = await startMadNativeSwarm(madLaunch.root, madLaunch, args, profile, {
+        env: {
+            ...madSksEnv,
+            SKS_ZELLIJ_SESSION_NAME: launch.session_name
+        },
+        zellijSessionName: launch.session_name
+    });
     // The launcher only creates a detached background session. In an interactive
     // terminal, immediately attach so the session actually opens for the user
     // instead of leaving them to copy/paste the attach command by hand.
@@ -162,6 +189,11 @@ export async function startMadNativeSwarm(root, madLaunch, args = [], profile =
         '--fast',
         '--json'
     ];
+    if (swarm.backend === 'zellij') {
+        command.push('--real');
+        command.push('--zellij-session-name', opts.zellijSessionName || `sks-${madLaunch.mission_id}`);
+        command.push('--zellij-pane-worker');
+    }
     const baseReport = {
         schema: 'sks.mad-sks-native-swarm.v1',
         ok: true,
@@ -176,6 +208,7 @@ export async function startMadNativeSwarm(root, madLaunch, args = [], profile =
         target_active_slots: swarm.agents,
         work_items: swarm.workItems,
         backend: swarm.backend,
+        zellij_session_name: opts.zellijSessionName || null,
         readonly: true,
         command,
         stdout_log: path.relative(root, stdoutLog),
@@ -228,7 +261,7 @@ export function resolveMadNativeSwarmOptions(args = [], profile = {}, opts = {})
     const disabled = list.includes('--no-swarm') || list.includes('--no-mad-swarm') || process.env.SKS_MAD_NATIVE_SWARM === '0';
     const agents = clampInt(readOption(list, '--mad-agents', readOption(list, '--mad-swarm-agents', process.env.SKS_MAD_SWARM_AGENTS || opts.agents || 5)), 1, 20);
     const workItems = clampInt(readOption(list, '--mad-swarm-work-items', process.env.SKS_MAD_SWARM_WORK_ITEMS || opts.workItems || agents), agents, 100);
-    const backend = String(readOption(list, '--mad-swarm-backend', process.env.SKS_MAD_SWARM_BACKEND || opts.backend || 'codex-sdk'));
+    const backend = defaultMadSwarmBackend(list, opts);
     return {
         enabled: !disabled,
         disabled_reason: disabled ? 'operator_disabled_mad_native_swarm' : null,
@@ -405,6 +438,9 @@ function madLaunchOnlyFlags() {
         '--mad-swarm-work-items',
         '--mad-swarm-backend',
         '--mad-swarm-prompt',
+        '--repair-config',
+        '--fix',
+        '--yes-repair',
         '--yes',
         '-y',
         '--dry-run',
@@ -420,6 +456,19 @@ function madLaunchValueFlags() {
         '--mad-swarm-prompt'
     ]);
 }
+export function defaultMadSwarmBackend(args = [], opts = {}) {
+    const list = (args || []).map((arg) => String(arg));
+    const explicit = readOption(list, '--mad-swarm-backend', null);
+    if (explicit)
+        return String(explicit);
+    if (process.env.SKS_MAD_SWARM_BACKEND)
+        return String(process.env.SKS_MAD_SWARM_BACKEND);
+    if (opts.backend)
+        return String(opts.backend);
+    if (list.includes('--json') || list.includes('--no-attach') || opts.nonInteractive === true)
+        return 'codex-sdk';
+    return 'zellij';
+}
 function stripMadLaunchOnlyArgs(args = []) {
     const flags = madLaunchOnlyFlags();
     const valueFlags = madLaunchValueFlags();

package/dist/core/commands/run-command.js

@@ -231,7 +231,7 @@ async function executeRouteCommand(root, route, prompt, { auto = false } = {}) {
     return routeExecutionResult(route, ['sks', ...commandArgs].join(' '), result, {
         okStatus: 'completed',
         trustStatus: 'verified_partial',
-        executionKind: route.command === '$DB' || route.command === '$Wiki' || route.command === '$Fast-Mode' ? 'safe_deterministic' : 'mock_safe',
+        executionKind: route.command === '$DB' || route.command === '$Wiki' || route.command === '$Fast-Mode' || route.command === '$with-local-llm-on' ? 'safe_deterministic' : 'mock_safe',
     });
 }
 async function runAutoVerification(root, missionId) {
@@ -346,6 +346,8 @@ function safeRouteExecutionArgs(route, prompt, { auto = false } = {}) {
         return ['wiki', 'refresh', '--json'];
     if (route.command === '$Fast-Mode')
         return ['fast-mode', fastModeActionFromPrompt(prompt), '--json'];
+    if (route.command === '$with-local-llm-on')
+        return ['with-local-llm', localModelActionFromPrompt(prompt), '--json'];
     return ['team', prompt, '--mock', '--json', ...(auto ? ['--no-open-zellij'] : [])];
 }
 function fastModeActionFromPrompt(prompt = '') {
@@ -372,6 +374,32 @@ function fastModeActionFromPrompt(prompt = '') {
         return 'clear';
     return 'status';
 }
+function localModelActionFromPrompt(prompt = '') {
+    const text = String(prompt || '');
+    const lower = text.toLowerCase();
+    if (/\$with-local-llm-off\b/.test(lower))
+        return 'disable';
+    if (/\$with-local-llm-on\b/.test(lower))
+        return 'enable';
+    const routeMatch = /\$with-local-llm\b/i.exec(text);
+    if (!routeMatch)
+        return 'status';
+    const afterRoute = text
+        .slice(routeMatch.index + routeMatch[0].length)
+        .replace(/^[\s:=\-]+/, '')
+        .trimStart()
+        .toLowerCase();
+    const token = afterRoute.match(/^[^\s?!.,;:()"'`]+/)?.[0] || '';
+    if (['off', 'disable', 'disabled', '끄기', '꺼', '꺼줘'].includes(token) || token.startsWith('끄') || token.startsWith('꺼'))
+        return 'disable';
+    if (['on', 'enable', 'enabled', '켜기', '켜', '켜줘'].includes(token) || token.startsWith('켜'))
+        return 'enable';
+    if (['model', 'set-model', 'set'].includes(token))
+        return 'set-model';
+    if (['status', 'state', 'check', '확인', '상태'].includes(token))
+        return 'status';
+    return 'status';
+}
 function destructiveDbPrompt(prompt = '') {
     return /\b(drop|truncate|delete\s+from|update\s+\w+\s+set|reset|db\s+push|disable\s+rls)\b/i.test(prompt);
 }