sneakoscope 2.0.5 → 2.0.6

package/README.md

@@ -16,10 +16,13 @@ Set up this agent project with Sneakoscope Codex. Use [[mandarange/Sneakoscope-C
 
 ## Current Release
 
-SKS **2.0.5** is a P0 Codex App Fast UI and MAD Zellij worker-pane closure patch on top of the 2.0 execution layer. `sks --mad` now relies on launch-time Fast/high overrides instead of user-level Codex config rewrites, safe Fast UI repair runs through `sks doctor --fix`, provider badges read env/auth/config.toml consistently, and interactive MAD worker panes attach to the real Zellij session as scheduler slots spawn.
+SKS **2.0.6** wires Codex App Product Design into the design pipeline and hardens Naruto read-only routing on top of the 2.0 execution layer. Design routes can now discover, install, verify, and prefer the remote `product-design@openai-curated-remote` plugin, while read-only native worker runs keep write mode off and avoid treating pre-existing dirty files as generated patches.
 
 What changed:
 
+- Product Design plugin readiness now checks both local and remote Codex App catalogs, auto-installs the remote plugin when needed, and records the installed/enabled skill surface.
+- UI/design/PPT runtime routes prefer Product Design for research, ideation, audit, design QA, prototype, URL-to-code, image-to-code, share, and user-context steps.
+- Naruto read-only runs force write mode off, propagate no-patch reasons through worker proof, and skip changed-file lease checks when no write-capable patch envelope exists.
 - `codex-sdk` is the default native agent backend for Team, QA, Research, Naruto, MAD-SKS, and direct agent runs, with every runtime task entering through `runCodexTask`.
 - Codex App UI snapshot, preservation, clobber guard, and doctor repair checks protect host-owned Fast UI/profile settings around `sks --mad`.
 - Provider context resolves `openai`, `codex-lb`, and `codex-app` with badge/fallback surfaces while avoiding private Codex App UI mutation.
@@ -78,7 +81,7 @@ Broader release checks still live behind `npm run release:check`. Detailed relea
   sks xai docs
   ```
 
-- **Quieter update prompts.** The "update available" choice is shown once per conversation and then stays quiet for a short window (default 8 min, `SKS_UPDATE_OFFER_THROTTLE_MS`) instead of repeating on every prompt. The check compares npm latest against source metadata, PATH `sks --version`, and the global npm package, so a completed `npm i -g sneakoscope` clears stale pending/accepted offers.
+- **CLI-only SKS update notices.** Codex App hooks no longer stop normal work to ask for an SKS update. CLI launch surfaces such as `sks --mad` print a non-blocking latest-version notice, `sks update-check` / `sks update check` show the explicit status, and `sks doctor --fix` runs the guarded global SKS update path before repair.
 
 ## Retention And Cleanup
 
@@ -359,7 +362,7 @@ sks --mad --allow-package-install --allow-service-control --allow-network --yes
 
 This syncs existing codex-lb provider auth, creates/uses the `sks-mad-high` xhigh maintenance profile, opens the MAD-SKS permission gate for that Zellij run, starts a same-mission read-only native agent swarm, and launches a Codex CLI layout whose right-side lanes read that MAD ledger. Bare `sks --mad` grants target-project file and shell scope only; add explicit `--allow-*` flags for packages, services, network, Computer Use, browser use, generated assets, file permissions, DB writes, or other high-risk scopes. MAD-SKS is not a DB-only unlock: it is explicit user authorization to widen approved target-project scopes. Catastrophic database wipe/all-row/project-management safeguards remain active, and the pipeline contract still forbids unrequested fallback implementation code.
 
-Before launching, SKS checks npm for a newer `sneakoscope`; answer `y` to update or `n` to continue. Use `--yes` to approve missing dependency installs automatically. Tune MAD swarm startup with `--mad-agents <n>`, `--mad-swarm-work-items <n>`, and `--mad-swarm-backend <backend>`; `--no-mad-swarm` keeps only the cockpit UI if you need a temporary fallback.
+Before launching, SKS checks npm for a newer `sneakoscope` and prints a non-blocking update notice when one is available; use `sks update now` or `sks doctor --fix` when you want SKS to update itself. Use `--yes` to approve missing dependency installs automatically. Tune MAD swarm startup with `--mad-agents <n>`, `--mad-swarm-work-items <n>`, and `--mad-swarm-backend <backend>`; `--no-mad-swarm` keeps only the cockpit UI if you need a temporary fallback.
 
 ### Team Missions
 
@@ -659,7 +662,7 @@ npm ls -g sneakoscope --depth=0
 sks doctor --fix
 ```
 
-Update prompts compare npm latest against the effective installed version from source metadata, PATH `sks --version`, and global npm package metadata. `sks update now` installs through npm global mode instead of mutating the current project's dependencies. If a global update succeeded but an old shim remains earlier on PATH, `sks doctor --fix` can remove duplicate global installs and refresh the managed setup.
+CLI update checks compare npm latest against the effective installed version from source metadata, PATH `sks --version`, and global npm package metadata. Codex App hooks do not force update choices during ordinary work. `sks update now` installs through npm global mode instead of mutating the current project's dependencies, and `sks doctor --fix` runs that guarded global update path before setup/config repair. If a global update succeeded but an old shim remains earlier on PATH, `sks doctor --fix` can remove duplicate global installs and refresh the managed setup.
 
 ### Zellij is missing
 

package/crates/sks-core/Cargo.lock

@@ -76,7 +76,7 @@ dependencies = [
 
 [[package]]
 name = "sks-core"
-version = "2.0.5"
+version = "2.0.6"
 dependencies = [
  "serde_json",
 ]

package/crates/sks-core/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "sks-core"
-version = "2.0.5"
+version = "2.0.6"
 edition = "2021"
 
 [dependencies]

package/crates/sks-core/src/main.rs

@@ -4,7 +4,7 @@ use std::io::{self, Read, Seek, SeekFrom};
 fn main() {
     let mut args = std::env::args().skip(1);
     match args.next().as_deref() {
-        Some("--version") => println!("sks-rs 2.0.5"),
+        Some("--version") => println!("sks-rs 2.0.6"),
         Some("compact-info") => {
             let mut input = String::new();
             let _ = io::stdin().read_to_string(&mut input);

package/dist/.sks-build-stamp.json

@@ -1,8 +1,8 @@
 {
   "schema": "sks.dist-build-stamp.v1",
   "package_name": "sneakoscope",
-  "package_version": "2.0.5",
-  "source_digest": "696706cb9d175c4200c967130fbc5e680f4b6c905ec6e7fad5b1671827bcb4cb",
-  "source_file_count": 1948,
-  "built_at_source_time": 1780613485190
+  "package_version": "2.0.6",
+  "source_digest": "3947e39c47a565506e9ffd37568ae889bc7943f6dc342b5c357976b840770f94",
+  "source_file_count": 1953,
+  "built_at_source_time": 1780662014263
 }

package/dist/bin/sks.js

@@ -1,5 +1,5 @@
 #!/usr/bin/env node
-const FAST_PACKAGE_VERSION = '2.0.5';
+const FAST_PACKAGE_VERSION = '2.0.6';
 const args = process.argv.slice(2);
 try {
     if (args[0] === '--agent' && args[1] === 'worker') {

package/dist/build-manifest.json

@@ -1,16 +1,16 @@
 {
   "schema": "sks.dist-build.v2",
-  "version": "2.0.5",
-  "package_version": "2.0.5",
+  "version": "2.0.6",
+  "package_version": "2.0.6",
   "typescript": true,
   "mjs_runtime_files": 0,
-  "compiled_file_count": 1014,
-  "compiled_js_count": 1014,
+  "compiled_file_count": 1019,
+  "compiled_js_count": 1019,
   "compiled_dts_count": 0,
-  "source_digest": "696706cb9d175c4200c967130fbc5e680f4b6c905ec6e7fad5b1671827bcb4cb",
-  "source_file_count": 1948,
-  "source_files_hash": "50906865545a9076d7b2736ee379a428160a8869749b85ee79c4ddab8eab4b12",
-  "source_list_hash": "50906865545a9076d7b2736ee379a428160a8869749b85ee79c4ddab8eab4b12",
+  "source_digest": "3947e39c47a565506e9ffd37568ae889bc7943f6dc342b5c357976b840770f94",
+  "source_file_count": 1953,
+  "source_files_hash": "5d6f0e4186fc37279e1cf6de0c6b3c7230123c4a588966f8fda2a9324eb75192",
+  "source_list_hash": "5d6f0e4186fc37279e1cf6de0c6b3c7230123c4a588966f8fda2a9324eb75192",
   "src_mjs_runtime_files": 0,
   "dist_stamp_schema": "sks.dist-build-stamp.v1",
   "files": [
@@ -473,6 +473,8 @@
     "core/ppt-review/slide-issue-extraction.js",
     "core/ppt.js",
     "core/preflight/parallel-preflight-engine.js",
+    "core/product-design-app-server.js",
+    "core/product-design-plugin.js",
     "core/prompt-context-builder.js",
     "core/prompt/prompt-placeholder-guard.js",
     "core/proof-field.js",
@@ -886,6 +888,7 @@
     "scripts/naruto-concurrency-governor-check.js",
     "scripts/naruto-gpt-final-pack-check.js",
     "scripts/naruto-parallel-patch-apply-check.js",
+    "scripts/naruto-readonly-routing-check.js",
     "scripts/naruto-real-local-gpt-final-smoke.js",
     "scripts/naruto-role-distribution-check.js",
     "scripts/naruto-shadow-clone-swarm-check.js",
@@ -916,6 +919,8 @@
     "scripts/prepublish-fast-check.js",
     "scripts/prepublish-release-check-or-fast.js",
     "scripts/priority-full-closure-check.js",
+    "scripts/product-design-auto-install-check.js",
+    "scripts/product-design-plugin-routing-check.js",
     "scripts/prompt-placeholder-guard-check.js",
     "scripts/provider-badge-context-check.js",
     "scripts/provider-context-config-toml-check.js",

package/dist/cli/install-helpers.js

@@ -13,6 +13,7 @@ import { context7ConfigToml, DOLLAR_SKILL_NAMES, GETDESIGN_REFERENCE, hasContext
 import { checkZellijCapability } from '../core/zellij/zellij-capability.js';
 import { reconcileCodexAppUpgradeProcesses } from '../core/codex-app.js';
 import { recordCodexLbHealthEvent } from '../core/codex-lb-circuit.js';
+import { runSksUpdateCheck, runSksUpdateNow } from '../core/update-check.js';
 import { loadCodexLbEnv, writeCodexLbKeychain, codexLbMetadataPath } from '../core/codex-lb/codex-lb-env.js';
 import { buildCodexLbSetupPlan, codexLbPersistenceSummary, installCodexLbShellProfileSnippet, selectedCodexLbPersistenceModes } from '../core/codex-lb/codex-lb-setup.js';
 const DEFAULT_CODEX_APP_PLUGINS = [
@@ -2231,6 +2232,28 @@ export async function maybePromptCodexUpdateForLaunch(args = [], opts = {}) {
         return { status: 'skipped_by_user', latest: latest.version || null, current, command, bin: codex.bin || null };
     return installCodexLatest(command, latest.version, current);
 }
+export async function maybePromptSksUpdateForLaunch(args = [], opts = {}) {
+    if (hasFlag(args, '--json') || hasFlag(args, '--skip-sks-update') || process.env.SKS_SKIP_SKS_UPDATE === '1')
+        return { status: 'skipped' };
+    const label = opts.label || 'SKS launch';
+    const check = await runSksUpdateCheck({ timeoutMs: 5000 }).catch((err) => ({
+        ok: false,
+        update_available: false,
+        latest: null,
+        current: PACKAGE_VERSION,
+        command: null,
+        error: err?.message || String(err)
+    }));
+    if (!check.update_available) {
+        return { status: check.error ? 'unavailable' : 'current', latest: check.latest || null, current: check.current || PACKAGE_VERSION, error: check.error || null };
+    }
+    const command = check.command || `sks update now --version ${check.latest}`;
+    if (shouldAutoApproveInstall(args)) {
+        return runSksUpdateNow({ version: check.latest, timeoutMs: 10 * 60 * 1000, maxOutputBytes: 128 * 1024 });
+    }
+    console.log(`SKS update available before ${label}: ${check.current} -> ${check.latest}. Run when ready: ${command}`);
+    return { status: 'available', latest: check.latest || null, current: check.current || PACKAGE_VERSION, command };
+}
 export function shouldAutoApproveInstall(args = [], env = process.env) {
     if (hasFlag(args, '--from-postinstall') && env.SKS_POSTINSTALL_AUTO_INSTALL_CLI_TOOLS !== '1')
         return false;

package/dist/commands/codex-app.js

@@ -1,11 +1,31 @@
 import { flag } from '../cli/args.js';
 import { printJson } from '../cli/output.js';
-import { codexAccessTokenStatus, codexAppIntegrationStatus, codexChromeExtensionStatus, formatCodexAppStatus } from '../core/codex-app.js';
+import { codexAccessTokenStatus, codexAppIntegrationStatus, codexChromeExtensionStatus, codexProductDesignPluginStatus, formatCodexAppStatus, formatCodexProductDesignPluginStatus } from '../core/codex-app.js';
 import { codexAppRemoteControlCommand } from '../cli/codex-app-command.js';
 export async function run(_command, args = []) {
     const action = args[0] || 'check';
     if (action === 'remote-control' || action === 'remote')
         return codexAppRemoteControlCommand(args.slice(1));
+    if (action === 'product-design' || action === 'design-product' || action === 'ensure-product-design') {
+        const checkOnly = flag(args, '--check-only') || flag(args, '--no-install');
+        const status = await codexProductDesignPluginStatus({
+            autoInstallProductDesign: !checkOnly && (action === 'product-design'
+                || action === 'design-product'
+                || action === 'ensure-product-design'
+                || flag(args, '--install')
+                || flag(args, '--auto-install'))
+        });
+        if (flag(args, '--json')) {
+            printJson(status);
+            if (!status.ok)
+                process.exitCode = 1;
+            return;
+        }
+        console.log(formatCodexProductDesignPluginStatus(status));
+        if (!status.ok)
+            process.exitCode = 1;
+        return;
+    }
     if (action === 'chrome-extension' || action === 'chrome') {
         const status = await codexChromeExtensionStatus();
         if (flag(args, '--json')) {
@@ -32,7 +52,9 @@ export async function run(_command, args = []) {
         return;
     }
     if (action === 'check' || action === 'status') {
-        const status = await codexAppIntegrationStatus();
+        const status = await codexAppIntegrationStatus({
+            autoInstallProductDesign: flag(args, '--install-product-design') || flag(args, '--auto-install-product-design')
+        });
         if (flag(args, '--json')) {
             printJson(status);
             if (!status.ok)
@@ -44,7 +66,7 @@ export async function run(_command, args = []) {
             process.exitCode = 1;
         return;
     }
-    console.error('Usage: sks codex-app check|status|chrome-extension|pat status|remote-control [--json]');
+    console.error('Usage: sks codex-app check|status|product-design [--check-only]|ensure-product-design|chrome-extension|pat status|remote-control [--json]');
     process.exitCode = 1;
 }
 //# sourceMappingURL=codex-app.js.map

package/dist/commands/doctor.js

@@ -18,10 +18,23 @@ import { appendMigrationEvents, hashConfigText } from '../core/migration/migrati
 import { repairCodexAppFastUi } from '../core/codex-app/codex-app-fast-ui-repair.js';
 import { resolveProviderContext } from '../core/provider/provider-context.js';
 import { readLocalModelConfig } from '../core/agents/ollama-worker-config.js';
+import { runSksUpdateNow } from '../core/update-check.js';
 export async function run(_command, args = []) {
+    const doctorFix = flag(args, '--fix');
     let setupRepair = null;
+    const sksUpdate = doctorFix
+        ? await runSksUpdateNow({
+            timeoutMs: 10 * 60 * 1000,
+            maxOutputBytes: 128 * 1024
+        }).catch((err) => ({
+            schema: 'sks.update-now.v1',
+            ok: false,
+            status: 'failed',
+            error: err?.message || String(err)
+        }))
+        : null;
     let migrationPreFix = null;
-    if (flag(args, '--fix')) {
+    if (doctorFix) {
         // Snapshot config content before ANY mutation so the migration journal can
         // record real before/after hashes for the whole --fix transaction.
         migrationPreFix = await captureCodexConfigSnapshot();
@@ -97,7 +110,6 @@ export async function run(_command, args = []) {
             model_provider: null
         }
     }));
-    const doctorFix = flag(args, '--fix');
     const explicitCodexAppUiRepair = flag(args, '--repair-codex-app-ui') || flag(args, '--yes');
     const codexAppUiPlan = await repairCodexAppFastUi(root, {
         apply: false,
@@ -165,7 +177,7 @@ export async function run(_command, args = []) {
     const zellijReadiness = buildZellijReadiness(root, zellij, ready);
     const result = {
         schema: 'sks.doctor-status.v1',
-        ok: ready.ready,
+        ok: ready.ready && (!sksUpdate || sksUpdate.ok !== false),
         root,
         node: { ok: Number(process.versions.node.split('.')[0]) >= 20, version: process.version },
         codex,
@@ -189,7 +201,7 @@ export async function run(_command, args = []) {
         ready,
         sneakoscope: { ok: await exists(`${root}/.sneakoscope`) },
         package: { bytes: pkgBytes, human: formatBytes(pkgBytes) },
-        repair: { setup: setupRepair, codex_config: configRepair, migration_journal: migrationJournal, global_sks_installs: globalSksInstallCleanup }
+        repair: { sks_update: sksUpdate, setup: setupRepair, codex_config: configRepair, migration_journal: migrationJournal, global_sks_installs: globalSksInstallCleanup }
     };
     if (flag(args, '--json')) {
         printJson(result);
@@ -265,6 +277,9 @@ export async function run(_command, args = []) {
     if (migrationJournal?.journal_path) {
         console.log(`Migration journal: ${migrationJournal.journal_path} (${migrationJournal.event_count} events, ${migrationJournal.mutations_without_rollback} without rollback)`);
     }
+    if (sksUpdate) {
+        console.log(`SKS update: ${sksUpdate.status}${sksUpdate.latest ? ` latest ${sksUpdate.latest}` : ''}${sksUpdate.error ? ` (${sksUpdate.error})` : ''}`);
+    }
     if (globalSksInstallCleanup) {
         console.log(`Global SKS installs: kept ${globalSksInstallCleanup.kept?.length ?? 0}, removed ${globalSksInstallCleanup.removed?.filter((entry) => entry.ok).length ?? 0}, source repo exempt ${globalSksInstallCleanup.candidates?.filter((entry) => entry.source_repo_exempt).length ?? 0}`);
     }

package/dist/commands/mad-sks.js

@@ -1,9 +1,9 @@
 import { madHighCommand } from '../core/commands/mad-sks-command.js';
-import { ensureMadLaunchDependencies, formatMadLaunchDependencyAction, maybePromptCodexUpdateForLaunch, maybePromptCodexLbSetupForLaunch } from '../cli/install-helpers.js';
+import { ensureMadLaunchDependencies, formatMadLaunchDependencyAction, maybePromptCodexUpdateForLaunch, maybePromptCodexLbSetupForLaunch, maybePromptSksUpdateForLaunch } from '../cli/install-helpers.js';
 import { PACKAGE_VERSION } from '../core/fsx.js';
 export async function run(_command, args = []) {
     return madHighCommand(['--mad-sks', ...args], {
-        maybePromptSksUpdateForLaunch: async () => ({ status: 'skipped' }),
+        maybePromptSksUpdateForLaunch,
         maybePromptCodexUpdateForLaunch,
         ensureMadLaunchDependencies,
         printDepsInstallAction: (action) => console.error(formatMadLaunchDependencyAction(action)),

package/dist/core/agents/agent-orchestrator.js

@@ -117,6 +117,7 @@ export async function runNativeAgentOrchestrator(opts = {}) {
     const strategyCompiled = compileStrategy({
         prompt,
         route,
+        ...(writeCapable ? {} : { writeTargets: [] }),
         agentCount: roster.agent_count,
         visualRequired
     });
@@ -235,12 +236,13 @@ export async function runNativeAgentOrchestrator(opts = {}) {
         rate_limit_delay_ms: backend === 'codex-sdk' ? 250 : 0,
         resource_pressure_warnings: roster.agent_count > roster.concurrency ? ['agents_exceed_concurrency_batches'] : []
     });
+    const effectiveWriteMode = writeCapable ? opts.writeMode || 'off' : 'off';
     const parallelWritePolicy = {
         schema: 'sks.agent-parallel-write-policy.v1',
         generated_at: nowIso(),
         route,
         route_command: routeCommand,
-        write_mode: opts.writeMode || 'off',
+        write_mode: effectiveWriteMode,
         apply_patches: opts.applyPatches === true,
         dry_run_patches: opts.dryRunPatches === true,
         max_write_agents: Number(opts.maxWriteAgents || 0),
@@ -779,7 +781,7 @@ async function runAgentPatchSwarmRuntime(root, ledgerRoot, input) {
     await queueStore.persistSnapshot();
     const journalSummary = await queueStore.journal.writeSummary();
     const proof = buildAgentPatchProof({ ...proofInput, transactionJournal: journalSummary });
-    const zeroPatchBlockers = input.writeCapable && input.parallelWritePolicy?.write_mode === 'parallel' && pendingEntries.length === 0 && input.parallelWritePolicy?.dry_run_patches !== true
+    const zeroPatchBlockers = input.writeCapable && input.parallelWritePolicy?.write_mode === 'parallel' && pendingEntries.length === 0 && input.dryRun !== true && input.parallelWritePolicy?.dry_run_patches !== true
         ? ['write_mode_parallel_zero_patch_envelopes']
         : [];
     const blockers = [
@@ -870,6 +872,8 @@ function normalizeVisualLaneCount(value, fallback, maxAgentCount) {
     return Math.max(1, Math.min(maxAgentCount, Math.floor(raw)));
 }
 function isWriteCapableRun(opts) {
+    if (opts.readonly === true)
+        return false;
     return opts.applyPatches === true || opts.dryRunPatches === true || (opts.writeMode !== undefined && opts.writeMode !== 'off');
 }
 function defaultRouteCommand(route) {
@@ -991,6 +995,7 @@ async function runAgentByBackend(backend, agent, slice, opts) {
             ...sdkWorkerResult,
             backend: 'codex-sdk',
             patch_envelopes: patchEnvelopes,
+            ...(patchEnvelopes.length ? {} : { no_patch_reason: buildDirectNoPatchReason(slice, opts) }),
             codex_child_report: sdkReport,
             codex_sdk_thread: sdkReport,
             model_authored_patch_envelopes: patchEnvelopes.length > 0,
@@ -1027,10 +1032,24 @@ function buildDirectSdkWorkerPrompt(slice) {
         '',
         write.length
             ? `Write-capable slice. Return JSON matching ${CODEX_AGENT_WORKER_RESULT_SCHEMA_ID}; include patch_envelopes for write_paths=${JSON.stringify(write)}. Each patch envelope must include schema, source "model_authored", agent_id, session_id, slot_id, generation_index, task_slice_id, lease_id, allowed_paths, operations, and rationale. Each operation must include op, path, search, replace, content, and diff; use empty strings for operation fields that do not apply.`
-            : `Read-only slice. Return JSON matching ${CODEX_AGENT_WORKER_RESULT_SCHEMA_ID}.`,
+            : `Read-only slice. Return JSON matching ${CODEX_AGENT_WORKER_RESULT_SCHEMA_ID}; do not report pre-existing repository dirtiness as changed_files.`,
         'Required JSON fields: status, summary, findings, changed_files, patch_envelopes, verification, rollback_notes, blockers.'
     ].join('\n');
 }
+function buildDirectNoPatchReason(slice, opts) {
+    const writePathCount = sdkWritePaths(slice, opts).length;
+    return {
+        schema: 'sks.native-cli-worker-no-patch-reason.v1',
+        generated_at: nowIso(),
+        ok: writePathCount === 0,
+        reason: writePathCount ? 'write_capable_task_without_backend_patch_envelope' : 'read_only_or_no_write_paths',
+        route_justification: writePathCount ? 'backend returned no patch envelopes for a write-capable task' : 'task has no write paths',
+        read_only_or_noop_evidence: writePathCount === 0,
+        task_slice_id: slice?.id || null,
+        backend: 'codex-sdk',
+        blockers: writePathCount ? ['write_capable_no_patch_envelope'] : []
+    };
+}
 function sdkWritePaths(slice, opts) {
     return [
         ...(Array.isArray(slice?.write_paths) ? slice.write_paths : []),

package/dist/core/agents/agent-proof-evidence.js

@@ -119,6 +119,14 @@ export async function writeAgentProofEvidence(root, input) {
         return !changed || Boolean(row.rollback_digest);
     }) : true;
     const parallelPatchApplyVerified = patchSwarm ? Array.isArray(patchProof?.wall_clock_parallel_evidence) && patchProof.wall_clock_parallel_evidence.length > 0 || Number(patchSwarm?.parallel_apply_count || 0) > 1 : false;
+    const readOnlyNoWriteLeaseMode = isReadOnlyNoWriteLeaseMode({
+        results: input.results || [],
+        leases: input.partition?.leases || [],
+        parallelWritePolicy,
+        taskGraph,
+        narutoWorkGraph
+    });
+    const changedFileLeaseBlockers = readOnlyNoWriteLeaseMode ? [] : agentChangedFileLeaseViolations(input.results || [], input.partition?.leases || []);
     const blockers = [
         ...(lifecycle.ok ? [] : ['agent_lifecycle_not_all_closed']),
         ...(lifecycle.ok ? [] : lifecycle.open_sessions.map((id) => 'session_open:' + id)),
@@ -195,7 +203,7 @@ export async function writeAgentProofEvidence(root, input) {
         ...(isNarutoRoute && !narutoVerificationDag ? ['naruto_verification_dag_missing'] : []),
         ...(isNarutoRoute && !narutoGptFinalPack ? ['naruto_gpt_final_pack_missing'] : []),
         ...(isNarutoRoute && !narutoZellijDashboard ? ['naruto_zellij_dashboard_missing'] : []),
-        ...agentChangedFileLeaseViolations(input.results || [], input.partition?.leases || [])
+        ...changedFileLeaseBlockers
     ];
     const evidence = {
         schema: AGENT_PROOF_EVIDENCE_SCHEMA,
@@ -369,7 +377,7 @@ export async function writeAgentProofEvidence(root, input) {
         triwiki_use_first_count: Number(input.triwikiContext?.use_first?.length || 0),
         triwiki_hydrate_first_count: Number(input.triwikiContext?.hydrate_first?.length || 0),
         triwiki_claim_count: Number(input.triwikiContext?.claim_count || 0),
-        changed_files_lease_checked: true,
+        changed_files_lease_checked: !readOnlyNoWriteLeaseMode,
         dependency_collision_risk: input.partition?.no_overlap_proof?.dependency_collision_risk || [],
         blockers
     };
@@ -448,6 +456,20 @@ function agentChangedFileLeaseViolations(results, leases) {
     }
     return violations;
 }
+function isReadOnlyNoWriteLeaseMode(input) {
+    const writeLeaseCount = input.leases.filter((lease) => lease.kind === 'write').length;
+    if (writeLeaseCount > 0)
+        return false;
+    const resultWriteSignals = input.results.some((result) => (Array.isArray(result?.writes) && result.writes.length > 0)
+        || (Array.isArray(result?.patch_envelopes) && result.patch_envelopes.length > 0));
+    if (resultWriteSignals)
+        return false;
+    const policyReadonly = input.parallelWritePolicy?.readonly === true;
+    const policyWriteOff = String(input.parallelWritePolicy?.write_mode || 'off') === 'off';
+    const narutoReadOnly = input.narutoWorkGraph?.readonly === true || Number(input.narutoWorkGraph?.write_allowed_count || 0) === 0;
+    const taskGraphNoWrites = Number(input.taskGraph?.write_allowed_count || 0) === 0;
+    return policyReadonly || policyWriteOff || narutoReadOnly || taskGraphNoWrites;
+}
 function pathWithin(file, leasePath) {
     const left = String(file || '').replace(/\\/g, '/').replace(/^\.\//, '');
     const right = String(leasePath || '').replace(/\\/g, '/').replace(/^\.\//, '').replace(/\/+$/, '');

package/dist/core/agents/agent-worker-pipeline.js

@@ -67,7 +67,8 @@ export function validateAgentWorkerResult(result) {
         normalized.blockers.push(...patchEnvelopeValidation.blockers.map((issue) => 'patch_envelope_invalid:' + issue));
         normalized.verification = { status: 'failed', checks: [...normalized.verification.checks, 'agent-patch-envelope-schema'] };
     }
-    if (patchEnvelopeValidation.envelopes.length === 0 && (normalized.changed_files.length > 0 || normalized.writes.length > 0)) {
+    const readOnlyOrNoopWithoutPatch = acceptsNoPatchReadOnlyOrNoop(result?.no_patch_reason);
+    if (patchEnvelopeValidation.envelopes.length === 0 && (normalized.writes.length > 0 || (!readOnlyOrNoopWithoutPatch && normalized.changed_files.length > 0))) {
         normalized.status = 'blocked';
         normalized.blockers.push('no_patch_generated');
         normalized.verification = { status: 'failed', checks: [...normalized.verification.checks, 'agent-patch-envelope-required-for-write'] };
@@ -132,4 +133,11 @@ function normalizeVerification(value) {
         checks: Array.isArray(value?.checks) ? value.checks : []
     };
 }
+function acceptsNoPatchReadOnlyOrNoop(value) {
+    if (!value || typeof value !== 'object')
+        return false;
+    return value.ok === true
+        && value.read_only_or_noop_evidence === true
+        && String(value.reason || '') === 'read_only_or_no_write_paths';
+}
 //# sourceMappingURL=agent-worker-pipeline.js.map

package/dist/core/agents/native-worker-backend-router.js

@@ -57,6 +57,7 @@ export async function runNativeWorkerBackendRouter(input) {
         result = validateAgentWorkerResult({
             ...processRun,
             patch_envelopes: patchEnvelopes,
+            ...(patchEnvelopes.length ? {} : { no_patch_reason: buildNoPatchReason(input, backend) }),
             artifacts: [...new Set([...(processRun.artifacts || []), ...(patchEnvelopes.length ? [input.patchRel] : [])])],
             process_child_report: processReport,
             model_authored_patch_envelopes: false,
@@ -81,6 +82,7 @@ export async function runNativeWorkerBackendRouter(input) {
             ...ollamaRun,
             backend: 'ollama',
             patch_envelopes: patchEnvelopes,
+            ...(patchEnvelopes.length ? {} : { no_patch_reason: buildNoPatchReason(input, backend) }),
             model_authored_patch_envelopes: patchEnvelopes.length > 0,
             fixture_patch_envelopes: false,
             verification: { status: ollamaRun.status === 'done' ? 'passed' : 'failed', checks: [...(ollamaRun.verification?.checks || []), 'native-worker-backend-router', 'ollama-api-generate'] }
@@ -147,6 +149,7 @@ export async function runNativeWorkerBackendRouter(input) {
             ...sdkWorkerResult,
             backend: sdkTask.backend === 'local-llm' ? 'local-llm' : 'codex-sdk',
             patch_envelopes: patchEnvelopes,
+            ...(patchEnvelopes.length ? {} : { no_patch_reason: buildNoPatchReason(input, sdkTask.backend || backend) }),
             codex_child_report: sdkReport,
             codex_sdk_thread: sdkReport,
             model_authored_patch_envelopes: patchEnvelopes.length > 0,
@@ -189,6 +192,7 @@ export async function runNativeWorkerBackendRouter(input) {
         result = validateAgentWorkerResult({
             ...zellijRun,
             patch_envelopes: patchEnvelopes,
+            ...(patchEnvelopes.length ? {} : { no_patch_reason: buildNoPatchReason(input, backend) }),
             zellij_child_report: zellijReport,
             model_authored_patch_envelopes: false,
             fixture_patch_envelopes: false,
@@ -279,10 +283,24 @@ function buildWorkerPrompt(slice) {
         '',
         write.length
             ? `Write-capable slice. Return JSON matching ${CODEX_AGENT_WORKER_RESULT_SCHEMA_ID}; include patch_envelopes for write_paths=${JSON.stringify(write)}.`
-            : `Read-only slice. Return JSON matching ${CODEX_AGENT_WORKER_RESULT_SCHEMA_ID}.`,
+            : `Read-only slice. Return JSON matching ${CODEX_AGENT_WORKER_RESULT_SCHEMA_ID}; do not report pre-existing repository dirtiness as changed_files.`,
         'Required JSON fields: status, summary, findings, changed_files, patch_envelopes, verification, rollback_notes, blockers.'
     ].join('\n');
 }
+function buildNoPatchReason(input, backend) {
+    const writePathCount = writePaths(input.slice, input.intake).length;
+    return {
+        schema: 'sks.native-cli-worker-no-patch-reason.v1',
+        generated_at: nowIso(),
+        ok: writePathCount === 0,
+        reason: writePathCount ? 'write_capable_task_without_backend_patch_envelope' : 'read_only_or_no_write_paths',
+        route_justification: writePathCount ? 'backend returned no patch envelopes for a write-capable task' : 'task has no write paths',
+        read_only_or_noop_evidence: writePathCount === 0,
+        task_slice_id: input.slice?.id || null,
+        backend,
+        blockers: writePathCount && backend !== 'fake' ? ['write_capable_no_patch_envelope'] : []
+    };
+}
 function hasWriteLease(slice, intake) {
     return writePaths(slice, intake).length > 0;
 }