sneakoscope 2.0.1 → 2.0.4

package/dist/core/agents/native-worker-backend-router.js

@@ -2,6 +2,8 @@ import path from 'node:path';
 import { nowIso, readJson, writeJsonAtomic } from '../fsx.js';
 import { buildFixturePatchEnvelopes } from './agent-runner-fake.js';
 import { runProcessAgent } from './agent-runner-process.js';
+import { classifyOllamaWorkerSlice, runOllamaAgent } from './agent-runner-ollama.js';
+import { resolveOllamaWorkerConfig } from './ollama-worker-config.js';
 import { runZellijAgent } from './agent-runner-zellij.js';
 import { validateAgentWorkerResult } from './agent-worker-pipeline.js';
 import { normalizeAgentPatchEnvelope } from './agent-patch-schema.js';
@@ -11,7 +13,8 @@ export const NATIVE_WORKER_BACKEND_ROUTER_SCHEMA = 'sks.native-worker-backend-ro
 export async function runNativeWorkerBackendRouter(input) {
     const root = path.resolve(input.agentRoot);
     const requestedBackend = String(input.backend || '');
-    const backend = normalizeBackend(requestedBackend);
+    let backend = normalizeBackend(requestedBackend);
+    backend = await maybeAutoSelectOllamaBackend(backend, input);
     const reportRel = path.join(input.workerDirRel, 'worker-backend-router-report.json');
     const startedAt = nowIso();
     let result;
@@ -61,6 +64,28 @@ export async function runNativeWorkerBackendRouter(input) {
             verification: { status: processRun.status === 'done' ? 'passed' : 'failed', checks: [...(processRun.verification?.checks || []), 'native-worker-backend-router', 'process-child-execution'] }
         });
     }
+    else if (backend === 'ollama') {
+        const ollamaRun = await runOllamaAgent(input.agent, input.slice, {
+            ...input.intake,
+            missionId: input.intake.mission_id || input.intake.parent_mission_id || '',
+            agentRoot: root,
+            workerDirRel: input.workerDirRel,
+            cwd: input.intake.cwd || root,
+            route: input.intake.route || '$Agent',
+            fastMode: input.fastModePolicy.fast_mode,
+            serviceTier: input.fastModePolicy.service_tier
+        });
+        patchEnvelopes = Array.isArray(ollamaRun.patch_envelopes) ? ollamaRun.patch_envelopes : [];
+        proofLevel = ollamaRun.status === 'done' ? (patchEnvelopes.length ? 'model_authored' : 'ollama_worker_proven') : 'blocked';
+        result = validateAgentWorkerResult({
+            ...ollamaRun,
+            backend: 'ollama',
+            patch_envelopes: patchEnvelopes,
+            model_authored_patch_envelopes: patchEnvelopes.length > 0,
+            fixture_patch_envelopes: false,
+            verification: { status: ollamaRun.status === 'done' ? 'passed' : 'failed', checks: [...(ollamaRun.verification?.checks || []), 'native-worker-backend-router', 'ollama-api-generate'] }
+        });
+    }
     else if (backend === 'codex-sdk' || backend === 'zellij') {
         const sdkTask = await runCodexTask({
             route: String(input.intake.route || '$Agent'),
@@ -155,6 +180,7 @@ export async function runNativeWorkerBackendRouter(input) {
         finished_at: nowIso(),
         ok: result.status === 'done',
         selected_backend: backend || input.backend,
+        requested_backend: requestedBackend,
         agent_id: input.agent.id,
         session_id: input.agent.session_id,
         worker_process_id: process.pid,
@@ -170,6 +196,7 @@ export async function runNativeWorkerBackendRouter(input) {
         sdk_run_id: childReports.find((report) => report?.sdk_run_id)?.sdk_run_id || null,
         stream_event_count: Number(childReports.find((report) => report?.stream_event_count)?.stream_event_count || 0),
         structured_output_valid: childReports.some((report) => report?.structured_output_valid === true),
+        ollama_request_ids: patchEnvelopes.map((envelope) => envelope.backend_ollama_request_id).filter(Boolean),
         blockers: result.blockers || []
     };
     await writeJsonAtomic(path.join(root, reportRel), report);
@@ -184,8 +211,23 @@ export async function runNativeWorkerBackendRouter(input) {
         patchEnvelopes
     };
 }
+async function maybeAutoSelectOllamaBackend(backend, input) {
+    if (backend !== 'codex-sdk')
+        return backend;
+    if (input.intake?.backend_explicit === true || input.intake?.no_ollama === true)
+        return backend;
+    const config = await resolveOllamaWorkerConfig({
+        ollamaEnabled: input.intake?.ollama_enabled === true,
+        model: input.intake?.ollama_model || null,
+        baseUrl: input.intake?.ollama_base_url || null
+    }).catch(() => null);
+    if (!config?.ok || config.enabled !== true)
+        return backend;
+    const policy = classifyOllamaWorkerSlice(input.slice, { route: input.intake?.route, agent: input.agent });
+    return policy.ok ? 'ollama' : backend;
+}
 function normalizeBackend(value) {
-    return value === 'fake' || value === 'process' || value === 'codex-sdk' || value === 'zellij' ? value : null;
+    return value === 'fake' || value === 'process' || value === 'codex-sdk' || value === 'zellij' || value === 'ollama' ? value : null;
 }
 function envelopeOpts(input, source, childPid) {
     return {

package/dist/core/agents/ollama-worker-config.js

@@ -0,0 +1,118 @@
+import os from 'node:os';
+import path from 'node:path';
+import { ensureDir, exists, nowIso, readJson, writeJsonAtomic } from '../fsx.js';
+export const LOCAL_MODEL_CONFIG_SCHEMA = 'sks.local-model-config.v1';
+export const OLLAMA_WORKER_CONFIG_SCHEMA = 'sks.ollama-worker-config.v1';
+export const DEFAULT_OLLAMA_CODER_MODEL = 'rafw007/qwen36-a3b-claude-coder:q4_K_M';
+export const DEFAULT_OLLAMA_BASE_URL = 'http://127.0.0.1:11434';
+export const DEFAULT_OLLAMA_KEEP_ALIVE = '30m';
+export const DEFAULT_OLLAMA_TIMEOUT_MS = 120_000;
+export const DEFAULT_OLLAMA_THINK = false;
+export function localModelConfigPath() {
+    return process.env.SKS_LOCAL_MODEL_CONFIG
+        ? path.resolve(process.env.SKS_LOCAL_MODEL_CONFIG)
+        : path.join(os.homedir(), '.sneakoscope', 'local-model.json');
+}
+export async function readLocalModelConfig() {
+    const raw = await readJson(localModelConfigPath(), null);
+    return normalizeLocalModelConfig(raw || {});
+}
+export async function writeLocalModelConfig(patch) {
+    const current = await readLocalModelConfig();
+    const next = normalizeLocalModelConfig({ ...current, ...patch, updated_at: nowIso() });
+    await ensureDir(path.dirname(localModelConfigPath()));
+    await writeJsonAtomic(localModelConfigPath(), next);
+    return next;
+}
+export async function resolveOllamaWorkerConfig(input = {}) {
+    const configExists = await exists(localModelConfigPath());
+    const stored = await readLocalModelConfig();
+    const explicitDisable = boolEnv(process.env.SKS_OLLAMA_WORKERS) === false;
+    const explicitEnable = boolEnv(process.env.SKS_OLLAMA_WORKERS) === true || input.ollamaEnabled === true || input.backend === 'ollama';
+    const enabled = explicitDisable ? false : explicitEnable || stored.enabled === true;
+    const model = firstText(process.env.SKS_OLLAMA_MODEL, input.model, stored.model, DEFAULT_OLLAMA_CODER_MODEL);
+    const baseUrl = trimTrailingSlash(firstText(process.env.SKS_OLLAMA_BASE_URL, input.baseUrl, stored.base_url, DEFAULT_OLLAMA_BASE_URL));
+    const keepAlive = firstText(process.env.SKS_OLLAMA_KEEP_ALIVE, input.keepAlive, stored.keep_alive, DEFAULT_OLLAMA_KEEP_ALIVE);
+    const timeoutMs = positiveNumber(process.env.SKS_OLLAMA_TIMEOUT_MS, input.timeoutMs, stored.timeout_ms, DEFAULT_OLLAMA_TIMEOUT_MS);
+    const temperature = finiteNumber(process.env.SKS_OLLAMA_TEMPERATURE, input.temperature, stored.temperature, 0.1);
+    const think = boolEnv(process.env.SKS_OLLAMA_THINK) ?? input.think ?? stored.think ?? DEFAULT_OLLAMA_THINK;
+    const blockers = [
+        ...(enabled ? [] : ['ollama_workers_disabled']),
+        ...(!model ? ['ollama_model_missing'] : []),
+        ...(!baseUrl ? ['ollama_base_url_missing'] : [])
+    ];
+    return {
+        schema: OLLAMA_WORKER_CONFIG_SCHEMA,
+        ok: blockers.length === 0,
+        enabled,
+        provider: 'ollama',
+        model,
+        base_url: baseUrl,
+        keep_alive: keepAlive,
+        timeout_ms: timeoutMs,
+        temperature,
+        think,
+        config_path: localModelConfigPath(),
+        explicit_disable: explicitDisable,
+        explicit_enable: explicitEnable,
+        blockers
+    };
+}
+export function normalizeLocalModelConfig(raw = {}) {
+    return {
+        schema: LOCAL_MODEL_CONFIG_SCHEMA,
+        ...(raw.generated_at ? { generated_at: String(raw.generated_at) } : { generated_at: nowIso() }),
+        ...(raw.updated_at ? { updated_at: String(raw.updated_at) } : {}),
+        enabled: raw.enabled === true,
+        provider: 'ollama',
+        model: firstText(raw.model, DEFAULT_OLLAMA_CODER_MODEL),
+        base_url: trimTrailingSlash(firstText(raw.base_url, raw.baseUrl, DEFAULT_OLLAMA_BASE_URL)),
+        keep_alive: firstText(raw.keep_alive, raw.keepAlive, DEFAULT_OLLAMA_KEEP_ALIVE),
+        timeout_ms: positiveNumber(raw.timeout_ms, raw.timeoutMs, DEFAULT_OLLAMA_TIMEOUT_MS),
+        temperature: finiteNumber(raw.temperature, 0.1),
+        think: typeof raw.think === 'boolean' ? raw.think : DEFAULT_OLLAMA_THINK,
+        policy: {
+            worker_only: true,
+            no_strategy_planning_design: true,
+            allowed_work: ['simple_code_patch_envelopes', 'read_only_collection']
+        }
+    };
+}
+export function boolEnv(value) {
+    const text = String(value ?? '').trim().toLowerCase();
+    if (!text)
+        return null;
+    if (['1', 'true', 'on', 'yes', 'enable', 'enabled'].includes(text))
+        return true;
+    if (['0', 'false', 'off', 'no', 'disable', 'disabled'].includes(text))
+        return false;
+    return null;
+}
+function firstText(...values) {
+    for (const value of values) {
+        const text = String(value ?? '').trim();
+        if (text)
+            return text;
+    }
+    return '';
+}
+function trimTrailingSlash(value) {
+    return value.replace(/\/+$/, '');
+}
+function positiveNumber(...values) {
+    for (const value of values) {
+        const n = Number(value);
+        if (Number.isFinite(n) && n > 0)
+            return Math.floor(n);
+    }
+    return DEFAULT_OLLAMA_TIMEOUT_MS;
+}
+function finiteNumber(...values) {
+    for (const value of values) {
+        const n = Number(value);
+        if (Number.isFinite(n))
+            return n;
+    }
+    return 0;
+}
+//# sourceMappingURL=ollama-worker-config.js.map

package/dist/core/auto-review.js

@@ -108,7 +108,7 @@ export const SKS_CONFIG_PROFILES = [
     { name: 'sks-research-xhigh', stripTable: true, block: sksProfileFileBlock({ effort: 'xhigh' }) },
     { name: 'sks-research', stripTable: true, block: sksProfileFileBlock({ effort: 'xhigh', approvalPolicy: 'never' }) },
     { name: 'sks-team', stripTable: true, block: sksProfileFileBlock({ effort: 'medium' }) },
-    { name: MAD_HIGH_PROFILE, stripTable: true, block: sksProfileFileBlock({ effort: 'high', approvalPolicy: 'never', sandboxMode: 'danger-full-access', reviewer: AUTO_REVIEW_REVIEWER }) },
+    { name: MAD_HIGH_PROFILE, stripTable: true, block: sksProfileFileBlock({ effort: 'xhigh', approvalPolicy: 'never', sandboxMode: 'danger-full-access', reviewer: AUTO_REVIEW_REVIEWER }) },
     { name: 'sks-default', stripTable: true, block: sksProfileFileBlock({ effort: 'high' }) }
 ];
 function sksProfileFileBlock(opts = {}) {
@@ -146,7 +146,32 @@ export async function migrateSksProfilesToPerFile(opts = {}) {
         tables_stripped: SKS_CONFIG_PROFILES.filter((profile) => profile.stripTable).map((profile) => profile.name)
     };
 }
-export async function enableMadHighProfile(opts = {}) {
+export function buildMadHighLaunchProfileNoWrite(opts = {}) {
+    const env = opts.env || process.env;
+    const profileName = String(opts.profileName || MAD_HIGH_PROFILE);
+    return {
+        config_path: codexConfigPath(env),
+        profile_config_path: codexProfileConfigPath(profileName, env),
+        profile_name: profileName,
+        launch_args: [
+            '--sandbox',
+            'danger-full-access',
+            '--ask-for-approval',
+            'never',
+            '-c',
+            'service_tier=fast',
+            '-c',
+            'model_reasoning_effort=xhigh'
+        ],
+        sandbox_mode: 'danger-full-access',
+        approval_policy: 'never',
+        model_reasoning_effort: 'xhigh',
+        service_tier: 'fast',
+        scope: 'explicit_launch_only',
+        writes_user_codex_config: false
+    };
+}
+export async function ensureMadHighProfileForSetupOrRepair(opts = {}) {
     const configPath = opts.configPath || codexConfigPath(opts.env || process.env);
     const env = opts.env || process.env;
     await ensureDir(path.dirname(configPath));
@@ -160,7 +185,7 @@ export async function enableMadHighProfile(opts = {}) {
     // selectors so Codex stops warning about the legacy config profile on launch.
     await migrateSksProfilesToPerFile({ configPath, env });
     await writeProfileConfig(configPath, MAD_HIGH_PROFILE, profileConfigBlock({
-        effort: 'high',
+        effort: 'xhigh',
         approvalPolicy: 'never',
         sandboxMode: 'danger-full-access'
     }));
@@ -168,14 +193,22 @@ export async function enableMadHighProfile(opts = {}) {
         config_path: configPath,
         profile_config_path: path.join(path.dirname(configPath), `${MAD_HIGH_PROFILE}.config.toml`),
         profile_name: MAD_HIGH_PROFILE,
-        launch_args: ['--profile', MAD_HIGH_PROFILE, '--sandbox', 'danger-full-access', '--ask-for-approval', 'never', '-c', 'service_tier=fast'],
+        launch_args: ['--profile', MAD_HIGH_PROFILE, '--sandbox', 'danger-full-access', '--ask-for-approval', 'never', '-c', 'service_tier=fast', '-c', 'model_reasoning_effort=xhigh'],
         sandbox_mode: 'danger-full-access',
         approval_policy: 'never',
         approvals_reviewer: AUTO_REVIEW_REVIEWER,
-        model_reasoning_effort: 'high',
-        scope: 'explicit_launch_only'
+        model_reasoning_effort: 'xhigh',
+        service_tier: 'fast',
+        scope: 'setup_or_repair_only',
+        writes_user_codex_config: true
     };
 }
+export async function enableMadHighProfile(opts = {}) {
+    if (opts.allowUserConfigWrite !== true) {
+        throw new Error('enableMadHighProfile writes Codex user config; use buildMadHighLaunchProfileNoWrite for sks --mad');
+    }
+    return ensureMadHighProfileForSetupOrRepair(opts);
+}
 export function madHighProfileName() {
     return MAD_HIGH_PROFILE;
 }

package/dist/core/codex-app/codex-app-fast-ui-repair.js

@@ -16,6 +16,9 @@ export async function repairCodexAppFastUi(root = process.cwd(), input = {}) {
         { scope: 'codex_home', file: path.join(home, 'config.toml'), mode: 'sks_caused_host_owned_keys' }
     ];
     const actions = [];
+    const detectedProjectLocalForbiddenKeys = [];
+    const unsafeReasons = [];
+    let detectedSksCausedMutation = false;
     for (const candidate of candidates) {
         const text = await readText(candidate.file, null);
         if (text == null) {
@@ -25,8 +28,16 @@ export async function repairCodexAppFastUi(root = process.cwd(), input = {}) {
         const repaired = candidate.mode === 'project_forbidden_keys'
             ? stripProjectLocalForbiddenKeys(text)
             : stripSksCausedHostOwnedLines(text);
+        if (candidate.mode === 'project_forbidden_keys')
+            detectedProjectLocalForbiddenKeys.push(...repaired.removedKeys);
+        if (candidate.mode === 'sks_caused_host_owned_keys') {
+            const unsafe = detectUnsafeFastUiRepair(text);
+            unsafeReasons.push(...unsafe);
+            if (repaired.text !== text)
+                detectedSksCausedMutation = true;
+        }
         if (repaired.text === text) {
-            actions.push({ scope: candidate.scope, file: displayPath(candidate.file), status: 'ok', changed: false, removed_keys: repaired.removedKeys });
+            actions.push({ scope: candidate.scope, file: displayPath(candidate.file), status: unsafeReasons.length && candidate.mode === 'sks_caused_host_owned_keys' ? 'requires_confirmation' : 'ok', changed: false, removed_keys: repaired.removedKeys });
             continue;
         }
         const backupPath = `${candidate.file}.codex-app-ui-repair-${Date.now().toString(36)}.bak`;
@@ -49,9 +60,12 @@ export async function repairCodexAppFastUi(root = process.cwd(), input = {}) {
     }
     const after = await snapshotCodexAppUiState(resolvedRoot, { codexHome: home });
     const changed = actions.some((action) => action.changed);
+    const requiresConfirmation = unsafeReasons.length > 0 && input.force !== true;
+    const safeAutoApply = changed && !requiresConfirmation;
     const manual = changed && !input.apply;
     const blockers = [
-        ...(manual ? ['codex_app_fast_ui_repair_requires_explicit_apply'] : []),
+        ...(requiresConfirmation ? ['codex_app_fast_ui_repair_requires_confirmation'] : []),
+        ...(manual && !safeAutoApply ? ['codex_app_fast_ui_repair_requires_explicit_apply'] : []),
         ...(after.indicators.secret_leak_suspected ? ['codex_app_ui_repair_secret_leak_suspected'] : [])
     ];
     const report = {
@@ -59,19 +73,44 @@ export async function repairCodexAppFastUi(root = process.cwd(), input = {}) {
         generated_at: nowIso(),
         ok: blockers.length === 0,
         apply: input.apply === true,
+        safe_auto_apply: safeAutoApply,
+        requires_confirmation: requiresConfirmation,
+        detected_sks_caused_mutation: detectedSksCausedMutation,
+        detected_project_local_forbidden_keys: [...new Set(detectedProjectLocalForbiddenKeys)],
+        unsafe_repair_reasons: [...new Set(unsafeReasons)],
         fast_selector: changed ? (input.apply ? 'repaired' : 'manual_action_required') : before.indicators.fast_selector === 'maybe_hidden_or_locked' ? 'manual_action_required' : 'ok',
         provider_selector: 'ok',
         host_owned_config: input.apply && changed ? 'repaired_with_backup' : changed ? 'preserved_until_explicit_apply' : 'preserved',
         actions,
         before_fast_selector: before.indicators.fast_selector,
         after_fast_selector: after.indicators.fast_selector,
-        next_action: manual ? 'Run `sks doctor --fix --repair-codex-app-ui` after reviewing the repair plan.' : changed ? 'Restart Codex App if the selector was already hidden.' : 'No Codex App UI repair needed.',
+        next_action: requiresConfirmation ? 'Run `sks doctor --fix --repair-codex-app-ui` after reviewing the repair plan.' : manual && safeAutoApply ? 'Run `sks doctor --fix` to apply the safe Codex App UI repair.' : manual ? 'Run `sks doctor --fix --repair-codex-app-ui` after reviewing the repair plan.' : changed ? 'Restart Codex App if the selector was already hidden.' : 'No Codex App UI repair needed.',
         blockers
     };
     if (input.reportPath)
         await writeJsonAtomic(input.reportPath, report);
     return report;
 }
+function detectUnsafeFastUiRepair(text) {
+    const reasons = [];
+    const lines = text.split(/\r?\n/);
+    for (let i = 0; i < lines.length; i += 1) {
+        const line = lines[i] || '';
+        const serviceTier = line.match(/^\s*service_tier\s*=\s*"(standard|flex)"\s*(?:#.*)?$/i)?.[1];
+        const sksMarked = SKS_CAUSED_RE.test(line) || SKS_CAUSED_RE.test(lines[i - 1] || '') || SKS_CAUSED_RE.test(lines[i + 1] || '');
+        if (serviceTier && !sksMarked)
+            reasons.push(`user_selected_service_tier_${serviceTier.toLowerCase()}`);
+    }
+    if (hasOddUnescapedQuotes(text))
+        reasons.push('unparseable_config_requires_manual_review');
+    return [...new Set(reasons)];
+}
+function hasOddUnescapedQuotes(text) {
+    return text.split(/\r?\n/).some((line) => {
+        const stripped = line.replace(/\\"/g, '');
+        return (stripped.match(/"/g) || []).length % 2 === 1;
+    });
+}
 function stripProjectLocalForbiddenKeys(text) {
     const forbidden = scanProjectLocalForbiddenKeys(text);
     if (!forbidden.length)

package/dist/core/codex-control/codex-fake-sdk-adapter.js

@@ -1,4 +1,5 @@
 import { nowIso, randomId } from '../fsx.js';
+import { GPT_FINAL_ARBITER_RESULT_SCHEMA_ID } from './gpt-final-review-schema.js';
 export function fakeCodexSdkAllowed() {
     return process.env.NODE_ENV === 'test'
         || process.env.SKS_CODEX_SDK_FAKE === '1'
@@ -25,6 +26,25 @@ export async function runFakeCodexSdkTask(input) {
     };
 }
 function fakeStructuredOutput(input) {
+    if (input.outputSchemaId === GPT_FINAL_ARBITER_RESULT_SCHEMA_ID) {
+        const unsafe = /\b(truncate|delete all|drop table|credential)\b/i.test(input.prompt || '');
+        return {
+            schema: GPT_FINAL_ARBITER_RESULT_SCHEMA_ID,
+            status: unsafe ? 'rejected' : 'approved',
+            summary: unsafe
+                ? 'Fake Codex SDK GPT final arbiter rejected an unsafe candidate for hermetic verification.'
+                : 'Fake Codex SDK GPT final arbiter approved the candidate for hermetic verification.',
+            gpt_review_findings: unsafe ? [{ severity: 'high', message: 'unsafe candidate rejected' }] : [],
+            accepted_patch_envelopes: unsafe ? [] : [],
+            modified_patch_envelopes: [],
+            rejected_patch_envelopes: unsafe ? [{ reason: 'unsafe candidate' }] : [],
+            required_followup_work: unsafe ? [{ blocker: 'unsafe_candidate_patch' }] : [],
+            verification_plan: ['schema validation', 'local collaboration final gate'],
+            rollback_notes: [],
+            blockers: unsafe ? ['unsafe_candidate_patch'] : [],
+            confidence: unsafe ? 'medium' : 'high'
+        };
+    }
     return {
         status: 'done',
         summary: `Fake Codex SDK task completed for ${input.workItemId || input.route}.`,

package/dist/core/codex-control/codex-output-schemas.js

@@ -1,4 +1,5 @@
 import { CODEX_AGENT_WORKER_RESULT_SCHEMA_ID, codexAgentWorkerResultSchema } from './schemas/agent-worker-result.schema.js';
+import { GPT_FINAL_ARBITER_RESULT_SCHEMA_ID, gptFinalArbiterResultSchema } from './gpt-final-review-schema.js';
 export const CODEX_OUTPUT_SCHEMA_IDS = [
     CODEX_AGENT_WORKER_RESULT_SCHEMA_ID,
     'sks.patch-envelope-result.v1',
@@ -6,11 +7,14 @@ export const CODEX_OUTPUT_SCHEMA_IDS = [
     'sks.research-digest.v1',
     'sks.release-failure-analysis.v1',
     'sks.ux-ppt-review-result.v1',
-    'sks.core-skill-heldout-validation.v1'
+    'sks.core-skill-heldout-validation.v1',
+    GPT_FINAL_ARBITER_RESULT_SCHEMA_ID
 ];
 export function resolveCodexOutputSchema(schemaId, fallback) {
     if (schemaId === CODEX_AGENT_WORKER_RESULT_SCHEMA_ID)
         return codexAgentWorkerResultSchema;
+    if (schemaId === GPT_FINAL_ARBITER_RESULT_SCHEMA_ID)
+        return gptFinalArbiterResultSchema;
     if (fallback && typeof fallback === 'object')
         return fallback;
     return {

package/dist/core/codex-control/gpt-final-arbiter.js

@@ -0,0 +1,160 @@
+import path from 'node:path';
+import { nowIso, readJson, writeJsonAtomic } from '../fsx.js';
+import { validateJsonSchemaRecursive } from '../json-schema-validator.js';
+import { evaluateLocalCollaborationFinalGate, resolveLocalCollaborationPolicy } from '../local-llm/local-collaboration-policy.js';
+import { runCodexTask } from './codex-control-plane.js';
+import { GPT_FINAL_ARBITER_INPUT_SCHEMA, GPT_FINAL_ARBITER_RESULT_SCHEMA_ID, gptFinalArbiterResultSchema, normalizeGptFinalArbiterResult } from './gpt-final-review-schema.js';
+import { compressGptFinalContext } from './gpt-final-context-compressor.js';
+export const GPT_FINAL_ARBITER_RUN_SCHEMA = 'sks.gpt-final-arbiter-run.v1';
+export async function runGptFinalArbiter(input, opts = {}) {
+    const started = Date.now();
+    const cwd = path.resolve(opts.cwd || process.cwd());
+    const root = path.resolve(opts.mutationLedgerRoot || path.join(cwd, '.sneakoscope', 'tmp', 'gpt-final-arbiter', safeName(input.mission_id || 'mission')));
+    const policy = resolveLocalCollaborationPolicy({ mode: input.local_mode });
+    const compressed = compressGptFinalContext(input);
+    if (policy.local_only_draft) {
+        return finalize(root, input, policy, compressed, blockedResult('needs_gpt_final_review', 'Local-only draft mode cannot produce final accepted proof.'), started, opts);
+    }
+    if (opts.forceUnavailable || process.env.SKS_GPT_FINAL_ARBITER_UNAVAILABLE === '1') {
+        return finalize(root, input, policy, compressed, blockedResult('gpt_final_arbiter_unavailable', 'GPT final arbiter backend is unavailable.'), started, opts);
+    }
+    let codexTask = null;
+    let parsed = null;
+    try {
+        codexTask = await runCodexTask({
+            route: String(input.route || '$Pipeline'),
+            tier: 'orchestrator',
+            missionId: String(input.mission_id || ''),
+            workItemId: 'gpt-final-arbiter',
+            slotId: 'gpt-final-arbiter',
+            generationIndex: 1,
+            sessionId: `gpt-final-${safeName(input.mission_id || 'mission')}`,
+            cwd,
+            prompt: buildArbiterPrompt(input, compressed),
+            inputFiles: [],
+            inputImages: [],
+            outputSchemaId: GPT_FINAL_ARBITER_RESULT_SCHEMA_ID,
+            outputSchema: gptFinalArbiterResultSchema,
+            sandboxPolicy: 'read-only',
+            requestedScopeContract: {
+                id: `gpt-final:${input.mission_id || 'mission'}`,
+                route: String(input.route || '$Pipeline'),
+                read_only: true,
+                allowed_paths: [],
+                write_paths: [],
+                user_confirmed_full_access: false,
+                mad_sks_authorized: process.env.SKS_MAD_SKS_ACTIVE === '1'
+            },
+            mutationLedgerRoot: root,
+            reliabilityPolicy: {
+                maxEmptyResultRetries: 1,
+                timeoutClass: 'standard'
+            }
+        });
+        parsed = parseFinalResponse(codexTask.finalResponse);
+    }
+    catch (error) {
+        return finalize(root, input, policy, compressed, blockedResult('gpt_final_arbiter_unavailable', error instanceof Error ? error.message : String(error)), started, opts);
+    }
+    const normalized = normalizeGptFinalArbiterResult(parsed);
+    const validation = validateJsonSchemaRecursive(normalized, gptFinalArbiterResultSchema);
+    const taskBlockers = Array.isArray(codexTask?.blockers) ? codexTask.blockers.map(String) : [];
+    const result = {
+        ...normalized,
+        blockers: [
+            ...normalized.blockers,
+            ...(codexTask?.ok === true ? [] : ['gpt_final_arbiter_unavailable']),
+            ...taskBlockers,
+            ...(validation.ok ? [] : ['gpt_final_result_schema_invalid', ...validation.issues.map((issue) => `schema:${issue}`)])
+        ]
+    };
+    return finalize(root, input, policy, compressed, result, started, opts, codexTask);
+}
+function finalize(root, input, policy, compressed, result, started, opts, codexTask) {
+    const latencyMs = Math.max(0, Date.now() - started);
+    const gate = evaluateLocalCollaborationFinalGate({
+        policy,
+        localParticipated: true,
+        gptFinalStatus: result.status,
+        gptFinalAvailable: !result.blockers.includes('gpt_final_arbiter_unavailable'),
+        gptFinalBackend: codexTask ? 'codex-sdk' : null,
+        applyPatches: false
+    });
+    const artifact = {
+        schema: GPT_FINAL_ARBITER_RUN_SCHEMA,
+        generated_at: nowIso(),
+        ok: gate.ok && result.blockers.length === 0,
+        input_schema: input.schema || GPT_FINAL_ARBITER_INPUT_SCHEMA,
+        route: input.route,
+        mission_id: input.mission_id,
+        local_mode: policy.mode,
+        backend: codexTask ? 'codex-sdk' : 'unavailable',
+        backend_family: codexTask ? 'remote-gpt' : 'none',
+        local_outputs_count: Array.isArray(input.local_outputs) ? input.local_outputs.length : 0,
+        proof_pack: compressed.proof_pack,
+        latency_budget: {
+            ...compressed.latency_budget,
+            latency_ms: latencyMs
+        },
+        result,
+        final_gate: gate,
+        codex_task: codexTask ? {
+            ok: codexTask.ok === true,
+            sdk_thread_id: codexTask.sdkThreadId || null,
+            sdk_run_id: codexTask.sdkRunId || null,
+            stream_event_count: codexTask.streamEventCount || 0,
+            structured_output_valid: codexTask.structuredOutputValid === true,
+            worker_result_path: codexTask.workerResultPath || null,
+            blockers: codexTask.blockers || []
+        } : null,
+        blockers: [
+            ...result.blockers,
+            ...gate.blockers,
+            ...compressed.blockers
+        ]
+    };
+    artifact.ok = artifact.blockers.length === 0 && (result.status === 'approved' || result.status === 'modified');
+    if (opts.writeArtifact !== false)
+        return writeArtifact(root, artifact);
+    return artifact;
+}
+async function writeArtifact(root, artifact) {
+    await writeJsonAtomic(path.join(root, 'gpt-final-arbiter.json'), artifact);
+    return artifact;
+}
+function blockedResult(blocker, summary) {
+    return normalizeGptFinalArbiterResult({
+        status: 'needs_more_work',
+        summary,
+        blockers: [blocker],
+        confidence: 'low',
+        required_followup_work: [{ blocker }]
+    });
+}
+function parseFinalResponse(value) {
+    if (typeof value !== 'string')
+        return value || {};
+    try {
+        return JSON.parse(value);
+    }
+    catch {
+        return {};
+    }
+}
+function buildArbiterPrompt(input, compressed) {
+    return [
+        'You are the GPT Final Arbiter for an SKS local collaboration run.',
+        'Local model outputs are drafts only. Review the proof pack, candidate diff, patch envelopes, verification results, side effects, mutation ledger, and rollback plan.',
+        'Approve or modify only when the candidate is safe and supported. Reject unsafe local patches. Return only the requested structured JSON schema.',
+        JSON.stringify({
+            route: input.route,
+            mission_id: input.mission_id,
+            local_mode: input.local_mode,
+            proof_pack: compressed.proof_pack
+        })
+    ].join('\n');
+}
+function safeName(value) {
+    return String(value || 'unknown').replace(/[^a-zA-Z0-9_.-]+/g, '-').slice(0, 80);
+}
+//# sourceMappingURL=gpt-final-arbiter.js.map

package/dist/core/codex-control/gpt-final-context-compressor.js

@@ -0,0 +1,17 @@
+import { buildGptFinalLatencyBudgetReport, buildGptFinalProofPack } from './gpt-final-proof-pack.js';
+export function compressGptFinalContext(input, opts = {}) {
+    const proofPack = buildGptFinalProofPack(input, opts);
+    const latencyBudget = buildGptFinalLatencyBudgetReport({
+        workerCount: proofPack.worker_count,
+        tokenBudgetEstimate: proofPack.token_budget_estimate,
+        latencyMs: opts.latencyMs ?? null
+    });
+    return {
+        schema: 'sks.gpt-final-context-compressor.v1',
+        ok: latencyBudget.ok,
+        proof_pack: proofPack,
+        latency_budget: latencyBudget,
+        blockers: latencyBudget.ok ? [] : ['gpt_final_context_budget_exceeded']
+    };
+}
+//# sourceMappingURL=gpt-final-context-compressor.js.map