sneakoscope 3.1.5 → 3.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/README.md +8 -36
  2. package/crates/sks-core/Cargo.lock +1 -1
  3. package/crates/sks-core/Cargo.toml +1 -1
  4. package/crates/sks-core/src/main.rs +1 -1
  5. package/dist/.sks-build-stamp.json +4 -4
  6. package/dist/bin/sks.js +1 -1
  7. package/dist/cli/command-registry.js +1 -2
  8. package/dist/commands/codex-app.js +1 -11
  9. package/dist/commands/codex-native.js +68 -0
  10. package/dist/commands/doctor.js +64 -0
  11. package/dist/core/codex-app/codex-agent-role-sync.js +11 -5
  12. package/dist/core/codex-app/codex-app-execution-profile.js +38 -16
  13. package/dist/core/codex-app/codex-app-harness-matrix.js +4 -117
  14. package/dist/core/codex-app/codex-hook-lifecycle.js +4 -1
  15. package/dist/core/codex-app/codex-init-deep.js +62 -4
  16. package/dist/core/codex-app/codex-skill-sync.js +10 -7
  17. package/dist/core/codex-native/codex-native-capability-cache.js +21 -0
  18. package/dist/core/codex-native/codex-native-feature-broker.js +182 -0
  19. package/dist/core/codex-native/codex-native-feature-matrix.js +31 -0
  20. package/dist/core/codex-native/codex-native-harness-compat.js +54 -0
  21. package/dist/core/{codex-app/lazycodex-interop-policy.js → codex-native/codex-native-interop-policy.js} +13 -15
  22. package/dist/core/codex-native/codex-native-invocation-router.js +112 -0
  23. package/dist/core/codex-native/codex-native-pattern-analysis.js +56 -0
  24. package/dist/core/codex-native/codex-native-reference-evidence.js +2 -0
  25. package/dist/core/codex-native/codex-native-reference-source.js +110 -0
  26. package/dist/core/codex-native/codex-native-rename-map.js +25 -0
  27. package/dist/core/feature-fixtures.js +2 -4
  28. package/dist/core/feature-registry.js +1 -1
  29. package/dist/core/fsx.js +1 -1
  30. package/dist/core/image/image-artifact-path-contract.js +18 -1
  31. package/dist/core/loops/loop-owner-inference.js +3 -0
  32. package/dist/core/loops/loop-planner.js +8 -2
  33. package/dist/core/loops/loop-worker-runtime.js +34 -6
  34. package/dist/core/qa-loop.js +24 -1
  35. package/dist/core/research.js +36 -3
  36. package/dist/core/routes.js +2 -3
  37. package/dist/core/version.js +1 -1
  38. package/dist/scripts/sks-3-1-4-directive-check-lib.js +1 -30
  39. package/dist/scripts/sks-3-1-5-directive-check-lib.js +4 -33
  40. package/dist/scripts/sks-3-1-6-directive-check-lib.js +522 -0
  41. package/package.json +32 -12
  42. package/dist/cli/hermes-command.js +0 -99
  43. package/dist/cli/openclaw-command.js +0 -83
  44. package/dist/commands/hermes.js +0 -5
  45. package/dist/commands/openclaw.js +0 -3
  46. package/dist/core/codex-app/lazycodex-analysis.js +0 -72
  47. package/dist/core/codex-app/lazycodex-live-analyzer.js +0 -98
  48. package/dist/core/hermes.js +0 -192
  49. package/dist/core/openclaw.js +0 -171
package/README.md CHANGED
@@ -27,7 +27,7 @@ Sneakoscope Codex (`sks`) is a Codex CLI/App harness that makes repeatable Codex
27
27
 
28
28
  ![Sneakoscope Codex Trust Layer](docs/assets/sneakoscope-architecture-pipeline.jpg)
29
29
 
30
- ## LLM Init Prompt for Hermes / OpenClaw Agent Builders
30
+ ## LLM Init Prompt for Codex Native Agent Builders
31
31
 
32
32
  ```text
33
33
  Set up this agent project with Sneakoscope Codex. Use [[mandarange/Sneakoscope-Codex](https://github.com/mandarange/Sneakoscope-Codex)] as the repo reference and [npm i -g sneakoscope] as the recommended global install command, then run the appropriate `sks` setup, doctor, Codex App, and proof checks for this repo. Keep generated SKS state out of source control unless documented, and record every version-facing change in CHANGELOG.md.
@@ -35,7 +35,7 @@ Set up this agent project with Sneakoscope Codex. Use [[mandarange/Sneakoscope-C
35
35
 
36
36
  ## 🚀 Current Release
37
37
 
38
- SKS **3.1.5** productionizes the Codex App harness with typed probe surfaces, dry-run Zellij self-heal planning, hook approval and `agent_type` evidence, LazyCodex live-source analysis, init-deep directory memory hints, and execution profile routing across Loop, QA, Research, and Naruto artifacts.
38
+ SKS **3.1.6** removes external reference branding from user-visible release surfaces and routes Codex-native feature decisions through one broker for Loop, QA, Research, Image, MAD, and Doctor.
39
39
 
40
40
  SKS 3.0.0 was the parallel-runtime stabilization release. The whole live-swarm experience — what you actually *see* while 5, 20, or 100 workers run — was rebuilt and proven end-to-end.
41
41
 
@@ -292,7 +292,7 @@ sks selftest --mock
292
292
 
293
293
  ## 🎁 What Sneakoscope Adds
294
294
 
295
- `sks` adds a Zellij-backed Codex CLI runtime, Codex App `$` commands, Team/QA/PPT/Research/DB/GX/Wiki routes, OpenClaw and Hermes skill generation, Context7-gated current docs, TriWiki context packs, DB safety, design SSOT policy, skill dreaming, release checks, and Honest Mode.
295
+ `sks` adds a Zellij-backed Codex CLI runtime, Codex App `$` commands, Codex Native broker routing, Team/QA/PPT/Research/DB/GX/Wiki routes, Context7-gated current docs, TriWiki context packs, DB safety, design SSOT policy, skill dreaming, release checks, and Honest Mode.
296
296
 
297
297
  ## Report-Only Planning Surfaces
298
298
 
@@ -618,43 +618,15 @@ SKS does not install Git pre-commit hooks. Release metadata is changed only by e
618
618
 
619
619
  TriWiki is intentionally sparse: `sks wiki sweep` records demote, soft-forget, archive, delete, promote-to-skill, and promote-to-rule candidates instead of injecting every old claim into future prompts. `sks harness fixture` validates the broader Harness Growth Factory contract: deliberate forgetting fixtures, skill card metadata, experiment schema, tool-error taxonomy, permission profiles, MultiAgentV2 defaults, and tmux cockpit view coverage. `sks code-structure scan` flags handwritten files above 1000/2000/3000-line thresholds so new logic can be extracted before command files become harder to maintain.
620
620
 
621
- ## 🤖 OpenClaw And Hermes Agent Usage
622
-
623
- Sneakoscope can generate an OpenClaw skill package for agents that need to operate SKS-enabled repositories.
621
+ ## Codex Native Broker
624
622
 
625
623
  ```sh
626
- sks openclaw install
627
- sks openclaw path
624
+ sks codex-native status --json
625
+ sks codex-native invocation-plan --route '$Loop' --capability agent-role --json
626
+ sks codex-native init-deep --apply --directory-local --json
628
627
  ```
629
628
 
630
- By default this writes `~/.openclaw/skills/sneakoscope-codex/` with `manifest.yaml`, `SKILL.md`, a README, and `openclaw-agent-config.example.yaml`. Set `OPENCLAW_HOME` or pass `--dir` for a custom location. Attach the skill with the built-in `shell` tool enabled and set `SKS_OPENCLAW=1` so SKS can auto-approve update/install prompts that would otherwise wait for `Y/n`.
631
-
632
- ```sh
633
- SKS_OPENCLAW=1 sks root
634
- SKS_OPENCLAW=1 sks commands
635
- SKS_OPENCLAW=1 sks dollar-commands
636
- SKS_OPENCLAW=1 sks deps check
637
- SKS_OPENCLAW=1 sks proof-field scan --intent "small CLI change" --changed src/cli/main.ts
638
- ```
639
-
640
- If OpenClaw runs in a sandbox, grant shell execution only for trusted workspaces. Database, migration, and destructive work still follows SKS safety routes.
641
-
642
- Sneakoscope can also generate a Hermes Agent skill package for the Hermes `/skills` surface.
643
-
644
- ```sh
645
- sks hermes install
646
- sks hermes status --json
647
- sks hermes path
648
- ```
649
-
650
- By default this writes `~/.hermes/skills/sneakoscope-codex/` with `SKILL.md`, a README, `hermes-config.example.yaml`, and `skill-bundle.example.yaml`. Set `HERMES_HOME` or pass `--dir` for a custom location. Hermes agents should invoke `/sneakoscope-codex` with the terminal toolset enabled and run shell commands with `SKS_HERMES=1`; this enables non-interactive dependency/update prompts while leaving SKS DB, migration, and destructive-operation safety routes intact. If you use Hermes `skills.external_dirs`, remember writable external directories can be updated by Hermes, so protect shared skill folders with filesystem permissions when needed.
651
-
652
- ```sh
653
- SKS_HERMES=1 sks root --json
654
- SKS_HERMES=1 sks commands --json
655
- SKS_HERMES=1 sks dollar-commands --json
656
- SKS_HERMES=1 sks status --json
657
- ```
629
+ The broker records Codex-native feature availability, invocation defaults, neutral pattern evidence, and managed memory setup without exposing reference implementation branding in user-facing artifacts.
658
630
 
659
631
  ## 💬 Prompt `$` Commands
660
632
 
@@ -76,7 +76,7 @@ dependencies = [
76
76
 
77
77
  [[package]]
78
78
  name = "sks-core"
79
- version = "3.1.5"
79
+ version = "3.1.6"
80
80
  dependencies = [
81
81
  "serde_json",
82
82
  ]
@@ -1,6 +1,6 @@
1
1
  [package]
2
2
  name = "sks-core"
3
- version = "3.1.5"
3
+ version = "3.1.6"
4
4
  edition = "2021"
5
5
 
6
6
  [dependencies]
@@ -4,7 +4,7 @@ use std::io::{self, Read, Seek, SeekFrom};
4
4
  fn main() {
5
5
  let mut args = std::env::args().skip(1);
6
6
  match args.next().as_deref() {
7
- Some("--version") => println!("sks-rs 3.1.5"),
7
+ Some("--version") => println!("sks-rs 3.1.6"),
8
8
  Some("compact-info") => {
9
9
  let mut input = String::new();
10
10
  let _ = io::stdin().read_to_string(&mut input);
@@ -1,8 +1,8 @@
1
1
  {
2
2
  "schema": "sks.dist-build-stamp.v1",
3
3
  "package_name": "sneakoscope",
4
- "package_version": "3.1.5",
5
- "source_digest": "89b81e91ec4d82c33320922ae0dc33bd6562ccf37c58171858e7f703d7767e4b",
6
- "source_file_count": 2518,
7
- "built_at_source_time": 1781439913355
4
+ "package_version": "3.1.6",
5
+ "source_digest": "98f9f4c6a64ddd6b1d43f757e16358768f24b27cd9c3285eab0bdacce7cbf5d6",
6
+ "source_file_count": 2543,
7
+ "built_at_source_time": 1781450666248
8
8
  }
package/dist/bin/sks.js CHANGED
@@ -1,5 +1,5 @@
1
1
  #!/usr/bin/env node
2
- const FAST_PACKAGE_VERSION = '3.1.5';
2
+ const FAST_PACKAGE_VERSION = '3.1.6';
3
3
  const args = process.argv.slice(2);
4
4
  try {
5
5
  if (args[0] === '--agent' && args[1] === 'worker') {
@@ -97,11 +97,10 @@ export const COMMANDS = {
97
97
  postinstall: entry('stable', 'Run postinstall bootstrap', 'dist/core/commands/basic-cli.js', basicArgs('postinstallCommand')),
98
98
  codex: entry('beta', 'Check Codex CLI compatibility and vendored hook schemas', 'dist/commands/codex.js', directCommand(() => import('../commands/codex.js'), 'dist/commands/codex.js')),
99
99
  'codex-app': entry('beta', 'Check Codex App readiness', 'dist/commands/codex-app.js', directCommand(() => import('../commands/codex-app.js'), 'dist/commands/codex-app.js')),
100
+ 'codex-native': entry('beta', 'Inspect Codex Native broker and routing readiness', 'dist/commands/codex-native.js', directCommand(() => import('../commands/codex-native.js'), 'dist/commands/codex-native.js')),
100
101
  'codex-lb': entry('beta', 'Inspect codex-lb status and circuit health', 'dist/commands/codex-lb.js', directCommand(() => import('../commands/codex-lb.js'), 'dist/commands/codex-lb.js')),
101
102
  auth: entry('beta', 'Alias for codex-lb auth commands', 'dist/commands/codex-lb.js', directCommand(() => import('../commands/codex-lb.js'), 'dist/commands/codex-lb.js')),
102
103
  hooks: entry('beta', 'Explain and inspect Codex hooks', 'dist/commands/hooks.js', directCommand(() => import('../commands/hooks.js'), 'dist/commands/hooks.js')),
103
- openclaw: entry('labs', 'Create OpenClaw skill package', 'dist/commands/openclaw.js', directCommand(() => import('../commands/openclaw.js'), 'dist/commands/openclaw.js')),
104
- hermes: entry('labs', 'Create Hermes Agent skill package', 'dist/commands/hermes.js', directCommand(() => import('../commands/hermes.js'), 'dist/commands/hermes.js')),
105
104
  tmux: entry('beta', 'Show removed-runtime migration notice', 'dist/commands/tmux.js', directCommand(() => import('../commands/tmux.js'), 'dist/commands/tmux.js')),
106
105
  'zellij-lane': entry('beta', 'Render a Zellij lane frame for SKS sessions', 'dist/commands/zellij-lane.js', directCommand(() => import('../commands/zellij-lane.js'), 'dist/commands/zellij-lane.js')),
107
106
  'zellij-slot-pane': entry('beta', 'Render a compact Zellij worker slot pane', 'dist/commands/zellij-slot-pane.js', directCommand(() => import('../commands/zellij-slot-pane.js'), 'dist/commands/zellij-slot-pane.js')),
@@ -9,7 +9,6 @@ import { syncCodexAgentRoles } from '../core/codex-app/codex-agent-role-sync.js'
9
9
  import { runCodexInitDeep } from '../core/codex-app/codex-init-deep.js';
10
10
  import { buildCodexHookLifecycle } from '../core/codex-app/codex-hook-lifecycle.js';
11
11
  import { resolveCodexAppExecutionProfile } from '../core/codex-app/codex-app-execution-profile.js';
12
- import { buildLazyCodexInteropPolicy } from '../core/codex-app/lazycodex-interop-policy.js';
13
12
  export async function run(_command, args = []) {
14
13
  const action = args[0] || 'check';
15
14
  if (action === 'remote-control' || action === 'remote')
@@ -26,11 +25,6 @@ export async function run(_command, args = []) {
26
25
  return printCodexAppResult(args, await buildCodexHookLifecycle({ root: await sksRoot(), apply: flag(args, '--apply') || flag(args, '--fix') }));
27
26
  if (action === 'execution-profile')
28
27
  return printCodexAppResult(args, await resolveCodexAppExecutionProfile({ root: await sksRoot() }));
29
- if (action === 'interop' && args[1] === 'lazycodex') {
30
- const modeArg = readOption(args, '--mode', 'coexist');
31
- const mode = modeArg === 'sks-primary' || modeArg === 'handoff-to-omo' ? modeArg : 'coexist';
32
- return printCodexAppResult(args, await buildLazyCodexInteropPolicy({ root: await sksRoot(), mode }));
33
- }
34
28
  if (action === 'product-design' || action === 'design-product' || action === 'ensure-product-design') {
35
29
  const checkOnly = flag(args, '--check-only') || flag(args, '--no-install');
36
30
  const status = await codexProductDesignPluginStatus({
@@ -91,7 +85,7 @@ export async function run(_command, args = []) {
91
85
  process.exitCode = 1;
92
86
  return;
93
87
  }
94
- console.error('Usage: sks codex-app check|status|harness-matrix|skill-sync|agent-role-sync|init-deep|hook-lifecycle|execution-profile|interop lazycodex [--mode coexist]|product-design [--check-only]|ensure-product-design|chrome-extension|pat status|remote-control [--json]');
88
+ console.error('Usage: sks codex-app check|status|harness-matrix|skill-sync|agent-role-sync|init-deep|hook-lifecycle|execution-profile|product-design [--check-only]|ensure-product-design|chrome-extension|pat status|remote-control [--json]');
95
89
  process.exitCode = 1;
96
90
  }
97
91
  function printCodexAppResult(args = [], result) {
@@ -109,8 +103,4 @@ function printCodexAppResult(args = [], result) {
109
103
  if (result?.ok === false)
110
104
  process.exitCode = 1;
111
105
  }
112
- function readOption(args = [], name, fallback) {
113
- const index = args.indexOf(name);
114
- return index >= 0 && args[index + 1] ? String(args[index + 1]) : fallback;
115
- }
116
106
  //# sourceMappingURL=codex-app.js.map
@@ -0,0 +1,68 @@
1
+ import { flag } from '../cli/args.js';
2
+ import { printJson } from '../cli/output.js';
3
+ import { sksRoot } from '../core/fsx.js';
4
+ import { syncCodexAgentRoles } from '../core/codex-app/codex-agent-role-sync.js';
5
+ import { resolveCodexAppExecutionProfile } from '../core/codex-app/codex-app-execution-profile.js';
6
+ import { buildCodexAppHarnessMatrix } from '../core/codex-app/codex-app-harness-matrix.js';
7
+ import { buildCodexHookLifecycle } from '../core/codex-app/codex-hook-lifecycle.js';
8
+ import { runCodexInitDeep } from '../core/codex-app/codex-init-deep.js';
9
+ import { syncCodexSksSkills } from '../core/codex-app/codex-skill-sync.js';
10
+ import { buildCodexNativeFeatureMatrix } from '../core/codex-native/codex-native-feature-broker.js';
11
+ import { resolveCodexNativeInvocationPlan } from '../core/codex-native/codex-native-invocation-router.js';
12
+ import { buildCodexNativeInteropPolicy } from '../core/codex-native/codex-native-interop-policy.js';
13
+ import { analyzeCodexNativeReferenceSource } from '../core/codex-native/codex-native-reference-evidence.js';
14
+ import { writeCodexNativePatternAnalysis } from '../core/codex-native/codex-native-pattern-analysis.js';
15
+ export async function run(_command, args = []) {
16
+ const root = await sksRoot();
17
+ const action = String(args[0] || 'status');
18
+ if (action === 'status' || action === 'check' || action === 'feature-broker' || action === 'feature-matrix') {
19
+ return printCodexNativeResult(args, await buildCodexNativeFeatureMatrix({ root, applyRepairs: flag(args, '--fix') || flag(args, '--apply') }));
20
+ }
21
+ if (action === 'harness-matrix' || action === 'harness-compat') {
22
+ return printCodexNativeResult(args, await buildCodexAppHarnessMatrix({ root, applyRepairs: flag(args, '--fix') || flag(args, '--apply') }));
23
+ }
24
+ if (action === 'skill-sync')
25
+ return printCodexNativeResult(args, await syncCodexSksSkills({ root, apply: flag(args, '--apply') || flag(args, '--fix') }));
26
+ if (action === 'agent-role-sync')
27
+ return printCodexNativeResult(args, await syncCodexAgentRoles({ root, apply: flag(args, '--apply') || flag(args, '--fix') }));
28
+ if (action === 'init-deep')
29
+ return printCodexNativeResult(args, await runCodexInitDeep({ root, apply: flag(args, '--apply') || flag(args, '--fix'), directoryLocal: flag(args, '--directory-local') }));
30
+ if (action === 'hook-lifecycle')
31
+ return printCodexNativeResult(args, await buildCodexHookLifecycle({ root, apply: flag(args, '--apply') || flag(args, '--fix') }));
32
+ if (action === 'execution-profile')
33
+ return printCodexNativeResult(args, await resolveCodexAppExecutionProfile({ root }));
34
+ if (action === 'interop-policy')
35
+ return printCodexNativeResult(args, await buildCodexNativeInteropPolicy({ root }));
36
+ if (action === 'reference-evidence')
37
+ return printCodexNativeResult(args, await analyzeCodexNativeReferenceSource({ root, writeReport: true }));
38
+ if (action === 'pattern-analysis')
39
+ return printCodexNativeResult(args, await writeCodexNativePatternAnalysis(root));
40
+ if (action === 'route' || action === 'invocation-plan') {
41
+ const route = readOption(args, '--route', '$Loop');
42
+ const desiredCapability = readOption(args, '--capability', 'agent-role');
43
+ const missionId = readOption(args, '--mission', null);
44
+ return printCodexNativeResult(args, await resolveCodexNativeInvocationPlan({ root, missionId, route, desiredCapability }));
45
+ }
46
+ console.error('Usage: sks codex-native status|feature-broker|harness-compat|skill-sync|agent-role-sync|init-deep|hook-lifecycle|execution-profile|interop-policy|reference-evidence|pattern-analysis|invocation-plan [--json]');
47
+ process.exitCode = 1;
48
+ }
49
+ function printCodexNativeResult(args = [], result) {
50
+ if (flag(args, '--json')) {
51
+ printJson(result);
52
+ if (result?.ok === false)
53
+ process.exitCode = 1;
54
+ return;
55
+ }
56
+ console.log(`${result?.schema || 'sks.codex-native-result'}: ${result?.ok === false ? 'blocked' : 'ok'}`);
57
+ for (const blocker of result?.blockers || [])
58
+ console.log(`- blocker: ${blocker}`);
59
+ for (const warning of result?.warnings || [])
60
+ console.log(`- warning: ${warning}`);
61
+ if (result?.ok === false)
62
+ process.exitCode = 1;
63
+ }
64
+ function readOption(args = [], name, fallback) {
65
+ const index = args.indexOf(name);
66
+ return index >= 0 && args[index + 1] ? String(args[index + 1]) : fallback;
67
+ }
68
+ //# sourceMappingURL=codex-native.js.map
@@ -25,6 +25,7 @@ import { writeCodexPluginInventoryArtifacts, pluginAppTemplatePolicy } from '../
25
25
  import { writeMcpPluginInventoryArtifacts } from '../core/mcp/mcp-plugin-inventory.js';
26
26
  import { runDoctorZellijRepair, doctorZellijRepairConsoleLine } from '../core/doctor/doctor-zellij-repair.js';
27
27
  import { buildCodexAppHarnessMatrix } from '../core/codex-app/codex-app-harness-matrix.js';
28
+ import { buildCodexNativeFeatureMatrix } from '../core/codex-native/codex-native-feature-broker.js';
28
29
  export async function run(_command, args = []) {
29
30
  const doctorFix = flag(args, '--fix');
30
31
  let setupRepair = null;
@@ -206,6 +207,22 @@ export async function run(_command, args = []) {
206
207
  blockers: [err?.message || String(err)],
207
208
  warnings: []
208
209
  }));
210
+ const codexNativeFeatureMatrix = await buildCodexNativeFeatureMatrix({ root, applyRepairs: doctorFix }).catch((err) => ({
211
+ schema: 'sks.codex-native-feature-matrix.v1',
212
+ ok: false,
213
+ codex_cli: { available: Boolean(codex.bin), version: codex.version || null, bin: codex.bin || null },
214
+ features: {},
215
+ invocation_defaults: {
216
+ loop_worker_role_strategy: 'message-role',
217
+ qa_visual_review_strategy: 'blocked',
218
+ research_source_strategy: 'local-files',
219
+ image_followup_strategy: 'blocked',
220
+ hook_evidence_policy: 'unknown-do-not-count',
221
+ skill_bridge_strategy: 'cli-only'
222
+ },
223
+ blockers: [err?.message || String(err)],
224
+ warnings: []
225
+ }));
209
226
  const pkgBytes = await dirSize(root).catch(() => 0);
210
227
  const ready = await writeDoctorReadinessMatrix(root, {
211
228
  codex,
@@ -232,6 +249,7 @@ export async function run(_command, args = []) {
232
249
  ]
233
250
  });
234
251
  const zellijReadiness = buildZellijReadiness(root, zellij, ready);
252
+ const runtimeReadiness = buildRuntimeReadiness(zellijReadiness, codexNativeFeatureMatrix);
235
253
  const result = {
236
254
  schema: 'sks.doctor-status.v1',
237
255
  ok: ready.ready && (!sksUpdate || sksUpdate.ok !== false),
@@ -265,6 +283,8 @@ export async function run(_command, args = []) {
265
283
  mcp_plugin_inventory: mcpPluginInventory?.candidates || null
266
284
  },
267
285
  codex_app_harness_matrix: codexAppHarnessMatrix,
286
+ codex_native_feature_matrix: codexNativeFeatureMatrix,
287
+ runtime_readiness: runtimeReadiness,
268
288
  ready,
269
289
  sneakoscope: { ok: await exists(`${root}/.sneakoscope`) },
270
290
  package: { bytes: pkgBytes, human: formatBytes(pkgBytes) },
@@ -298,6 +318,14 @@ export async function run(_command, args = []) {
298
318
  console.log(` codex doctor: ${codexDoctor.available ? (codexDoctor.exit_code === 0 ? 'ok' : 'warning') : 'unavailable'}`);
299
319
  console.log(`Rust acc.: ${rust.mode || (rust.available ? 'rust_accelerated' : 'js_fallback')} ${rust.version || rust.status || ''}`);
300
320
  console.log(`Codex App: ${ready.codex_app_ready ? 'ok' : 'optional_missing'}`);
321
+ console.log('SKS Runtime Readiness:');
322
+ console.log(` Zellij: ${runtimeReadiness.zellij}`);
323
+ console.log(` Codex Native: ${runtimeReadiness.codex_native}`);
324
+ console.log(` Loop Mesh: ${runtimeReadiness.loop_mesh}`);
325
+ console.log(` QA Visual: ${runtimeReadiness.qa_visual}`);
326
+ console.log(` Research Sources: ${runtimeReadiness.research_sources}`);
327
+ for (const action of runtimeReadiness.repair_actions)
328
+ console.log(` Repair: ${action}`);
301
329
  console.log('Codex App Harness:');
302
330
  console.log(` plugins: ${codexAppHarnessMatrix.app_features?.plugin_json ? 'ok' : 'degraded'}`);
303
331
  console.log(` hook approval: ${codexAppHarnessMatrix.app_features?.hook_approval_state_detectable ? 'ok' : 'unknown'}`);
@@ -385,6 +413,42 @@ export async function run(_command, args = []) {
385
413
  if (!result.ok)
386
414
  process.exitCode = 1;
387
415
  }
416
+ function buildRuntimeReadiness(zellijReadiness, matrix) {
417
+ const defaults = matrix?.invocation_defaults || {};
418
+ const hookPolicy = defaults.hook_evidence_policy || 'unknown-do-not-count';
419
+ const agentStrategy = defaults.loop_worker_role_strategy || 'message-role';
420
+ const zellijStatus = zellijReadiness?.status === 'ok'
421
+ ? 'ok'
422
+ : zellijReadiness?.cli_ready ? 'headless_available' : 'repair_required';
423
+ const codexNative = matrix?.ok === true
424
+ ? 'ok'
425
+ : matrix?.codex_cli?.available ? 'degraded' : 'blocked';
426
+ const repairActions = [];
427
+ if (zellijStatus === 'repair_required')
428
+ repairActions.push('sks doctor --fix --yes');
429
+ if (codexNative !== 'ok')
430
+ repairActions.push('sks doctor --fix --repair-codex-native --yes');
431
+ if (matrix?.features?.project_memory?.ok !== true)
432
+ repairActions.push('sks codex-native init-deep --apply --directory-local');
433
+ if (hookPolicy !== 'approved-only')
434
+ repairActions.push('hook-derived evidence will not count until Codex hook approval is approved');
435
+ return {
436
+ schema: 'sks.runtime-readiness-story.v1',
437
+ zellij: zellijStatus,
438
+ codex_native: codexNative,
439
+ loop_mesh: agentStrategy === 'agent_type' ? 'ok' : 'fallback',
440
+ qa_visual: defaults.qa_visual_review_strategy || 'blocked',
441
+ research_sources: defaults.research_source_strategy || 'local-files',
442
+ hook_evidence_policy: hookPolicy,
443
+ agent_role_strategy: agentStrategy,
444
+ notes: [
445
+ ...(zellijStatus === 'headless_available' ? ['MAD can run with --headless; live panes require repair'] : []),
446
+ ...(hookPolicy !== 'approved-only' ? ['hook-derived evidence will not count'] : []),
447
+ ...(agentStrategy !== 'agent_type' ? ['message-role fallback active'] : [])
448
+ ],
449
+ repair_actions: repairActions
450
+ };
451
+ }
388
452
  // Assemble the explicit Zellij readiness block for `doctor --json` from the
389
453
  // capability probe + readiness matrix. Proof statuses are availability-derived:
390
454
  // `verified` is reserved for a real environment run (SKS_REQUIRE_ZELLIJ=1 gates);
@@ -56,7 +56,7 @@ export async function syncCodexAgentRoles(input) {
56
56
  for (const role of DIRECTIVE_ROLES) {
57
57
  const file = path.join(targetDir, `${role}.toml`);
58
58
  const current = await fs.readFile(file, 'utf8').catch(() => '');
59
- if (current && !current.includes('SKS managed 3.1.4 directive role') && !current.includes('SKS managed 3.1.5 directive role'))
59
+ if (current && !current.includes('SKS managed 3.1.4 directive role') && !current.includes('SKS managed 3.1.5 directive role') && !current.includes('SKS managed 3.1.6 directive role') && !current.includes('SKS managed 3.1.6 bounded role'))
60
60
  continue;
61
61
  await writeTextAtomic(file, roleToml(role, rolePayloads[role]));
62
62
  created.push(file);
@@ -86,15 +86,21 @@ function roleToml(role, payload) {
86
86
  : `message_role_prefix = "${escapeToml(payload?.message_role_prefix || `Role: ${role}.`)}"`;
87
87
  return [
88
88
  `name = "${role}"`,
89
- `description = "SKS managed 3.1.5 directive role: ${role}"`,
89
+ `description = "SKS managed 3.1.6 directive role: ${role}"`,
90
90
  strategyLine,
91
91
  'model_reasoning_effort = "medium"',
92
92
  role.includes('implementer') ? 'sandbox_mode = "workspace-write"' : 'sandbox_mode = "read-only"',
93
93
  'approval_policy = "never"',
94
94
  'developer_instructions = """',
95
- `You are ${role}. SKS managed 3.1.5 directive role.`,
96
- 'Use the assigned scope only, cite concrete repo evidence, keep mutation surfaces bounded, and never clobber user files.',
97
- 'Report blockers as evidence-backed findings and write route artifacts before claiming completion.',
95
+ `You are ${role}. SKS managed 3.1.6 directive role with bounded ownership.`,
96
+ 'Bounded ownership: use only the assigned owner files/directories and treat memory as guidance, not permission.',
97
+ role.includes('implementer') ? 'Maker/checker separation: implementer may patch only owner scope and cannot self-approve.' : 'Maker/checker separation: checker is read-only and must reject missing gates or missing proof artifacts.',
98
+ role.includes('release') ? 'Release verifier: verify version truth, release DAG coverage, package scripts, packlist, and changelog evidence.' : '',
99
+ role.includes('zellij') ? 'UI/Zellij verifier: inspect readiness status, headless fallback, repair_required, pane proof, and slot telemetry without mutating unrelated UI state.' : '',
100
+ role.includes('codex') ? 'Codex native verifier: inspect hook approval, agent_type, skill sync, plugin inventory, MCP candidates, and invocation plan artifacts.' : '',
101
+ 'Side effects: no destructive shell, package publish, global config mutation, database mutation, or external service write unless the sealed route contract explicitly allows it.',
102
+ 'Required proof artifacts: cite concrete repo paths, command outputs, and route-local JSON proof before claiming completion.',
103
+ 'Final arbiter: parent integration owns final acceptance; this role supplies evidence and cannot override missing gates.',
98
104
  `Execution role strategy: ${payload?.strategy || 'message-role'}. Probe: ${payload?.probe_artifact_path || '.sneakoscope/reports/codex-agent-type-probe.json'}.`,
99
105
  '"""',
100
106
  ''
@@ -2,38 +2,60 @@ import path from 'node:path';
2
2
  import { nowIso, writeJsonAtomic } from '../fsx.js';
3
3
  import { buildCodexAppHarnessMatrix } from './codex-app-harness-matrix.js';
4
4
  import { isCodexAppHarnessMatrix } from './codex-app-types.js';
5
+ import { buildCodexNativeFeatureMatrix } from '../codex-native/codex-native-feature-broker.js';
5
6
  export async function resolveCodexAppExecutionProfile(input = { root: process.cwd() }) {
6
7
  const root = path.resolve(input.root || process.cwd());
7
- const maybeMatrix = input.matrix || await buildCodexAppHarnessMatrix({ root }).catch(() => null);
8
+ const nativeMatrix = await buildCodexNativeFeatureMatrix({ root }).catch(() => null);
9
+ const maybeMatrix = input.matrix || (nativeMatrix ? null : await buildCodexAppHarnessMatrix({ root }).catch(() => null));
8
10
  const matrix = isCodexAppHarnessMatrix(maybeMatrix) ? maybeMatrix : null;
9
- const mode = !matrix?.codex_cli.available
10
- ? 'degraded-no-app'
11
- : matrix.app_features.app_handoff_ready && matrix.app_features.agent_type_supported
12
- ? 'codex-app-native'
13
- : matrix.codex_cli.available
14
- ? 'codex-cli-headless'
15
- : 'sks-loop-headless';
11
+ const mode = nativeMatrix
12
+ ? modeFromNative(nativeMatrix)
13
+ : !matrix?.codex_cli.available
14
+ ? 'degraded-no-app'
15
+ : matrix.app_features.app_handoff_ready && matrix.app_features.agent_type_supported
16
+ ? 'codex-app-native'
17
+ : matrix.codex_cli.available
18
+ ? 'codex-cli-headless'
19
+ : 'sks-loop-headless';
20
+ const agentRoleStrategy = nativeMatrix?.invocation_defaults.loop_worker_role_strategy || (matrix?.app_features.agent_type_supported ? 'agent_type' : 'message-role');
21
+ const hookApprovalState = hookApprovalStateFrom(nativeMatrix) || matrix?.app_features.hook_approval_state || 'unknown';
16
22
  const profile = {
17
23
  schema: 'sks.codex-app-execution-profile.v1',
18
24
  generated_at: nowIso(),
19
25
  ok: mode !== 'degraded-no-app',
20
26
  mode,
21
- agent_role_strategy: matrix?.app_features.agent_type_supported ? 'agent_type' : 'message-role',
27
+ agent_role_strategy: agentRoleStrategy,
22
28
  hooks_assumed_running: false,
23
- hooks_approval_required: matrix?.app_features.hook_approval_state !== 'approved',
24
- hook_approval_state: matrix?.app_features.hook_approval_state || 'unknown',
25
- app_handoff_ready: matrix?.app_features.app_handoff_ready === true,
26
- image_path_exposure_ready: matrix?.app_features.image_path_exposure_ready === true,
27
- plugin_mcp_inventory_ready: matrix?.app_features.mcp_inventory_ready === true,
29
+ hooks_approval_required: hookApprovalState !== 'approved',
30
+ hook_approval_state: hookApprovalState,
31
+ app_handoff_ready: nativeMatrix?.features.app_handoff.ok === true || matrix?.app_features.app_handoff_ready === true,
32
+ image_path_exposure_ready: nativeMatrix?.features.image_path_exposure.ok === true || matrix?.app_features.image_path_exposure_ready === true,
33
+ plugin_mcp_inventory_ready: nativeMatrix?.features.mcp_inventory.ok === true || matrix?.app_features.mcp_inventory_ready === true,
28
34
  loop_mesh_app_profile_available: true,
29
35
  artifact_path: '.sneakoscope/reports/codex-app-execution-profile.json',
30
- matrix_artifact_path: '.sneakoscope/reports/codex-app-harness-matrix.json',
36
+ matrix_artifact_path: nativeMatrix ? '.sneakoscope/reports/codex-native-feature-matrix.json' : '.sneakoscope/reports/codex-app-harness-matrix.json',
31
37
  agent_type_probe_artifact_path: '.sneakoscope/reports/codex-agent-type-probe.json',
32
38
  hook_approval_probe_artifact_path: '.sneakoscope/reports/codex-hook-approval-probe.json',
33
39
  blockers: mode === 'degraded-no-app' ? ['codex_cli_missing'] : [],
34
- warnings: matrix?.warnings || []
40
+ warnings: nativeMatrix?.warnings || matrix?.warnings || []
35
41
  };
36
42
  await writeJsonAtomic(path.join(root, '.sneakoscope', 'reports', 'codex-app-execution-profile.json'), profile).catch(() => undefined);
37
43
  return profile;
38
44
  }
45
+ function modeFromNative(matrix) {
46
+ if (!matrix.codex_cli.available)
47
+ return 'degraded-no-app';
48
+ if (matrix.features.app_handoff.ok && matrix.features.agent_type.ok)
49
+ return 'codex-app-native';
50
+ return 'codex-cli-headless';
51
+ }
52
+ function hookApprovalStateFrom(matrix) {
53
+ const probe = matrix?.probes.hook_approval;
54
+ if (!probe || typeof probe !== 'object' || Array.isArray(probe))
55
+ return null;
56
+ const state = probe.approval_state;
57
+ return state === 'approved' || state === 'pending_review' || state === 'modified_requires_reapproval' || state === 'not_installed' || state === 'unknown'
58
+ ? state
59
+ : null;
60
+ }
39
61
  //# sourceMappingURL=codex-app-execution-profile.js.map
@@ -1,104 +1,9 @@
1
1
  import path from 'node:path';
2
- import { findCodexBinary } from '../codex-adapter.js';
3
- import { codexAppIntegrationStatus } from '../codex-app.js';
4
- import { detectCodex0138Capability } from '../codex-control/codex-0138-capability.js';
5
- import { detectCodex0139Capability } from '../codex-control/codex-0139-capability.js';
6
- import { buildCodexPluginInventory } from '../codex-plugins/codex-plugin-json.js';
7
- import { nowIso, runProcess, writeJsonAtomic } from '../fsx.js';
8
- import { repairAgentRoleConfigs } from '../agents/agent-role-config.js';
9
- import { buildLazyCodexInteropPolicy } from './lazycodex-interop-policy.js';
10
- import { probeCodexAgentTypeSupport } from './codex-agent-type-probe.js';
11
- import { probeCodexHookApprovalState } from './codex-hook-approval-probe.js';
12
- import { isRecord } from './codex-app-types.js';
2
+ import { writeJsonAtomic } from '../fsx.js';
3
+ import { buildCodexAppHarnessMatrixFromNative } from '../codex-native/codex-native-harness-compat.js';
13
4
  export async function buildCodexAppHarnessMatrix(input = { root: process.cwd() }) {
14
- const root = path.resolve(input.root || process.cwd());
15
- const codexBin = await findCodexBinary().catch(() => null);
16
- const version = codexBin ? await codexVersion(codexBin) : null;
17
- const cap0138 = await detectCodex0138Capability({ codexBin }).catch((err) => ({ blockers: [messageOf(err)] }));
18
- const cap0139 = await detectCodex0139Capability({ codexBin }).catch((err) => ({ blockers: [messageOf(err)] }));
19
- const app = await codexAppIntegrationStatus({ codex: { bin: codexBin, version, available: Boolean(codexBin) } }).catch((err) => ({ ok: false, blockers: [messageOf(err)] }));
20
- const plugins = await buildCodexPluginInventory().catch((err) => ({ plugins: [], marketplace_available: false, blockers: [messageOf(err)] }));
21
- const hookApproval = await probeCodexHookApprovalState(root, { codexBin }).catch((err) => ({
22
- schema: 'sks.codex-hook-approval-probe.v1',
23
- generated_at: nowIso(),
24
- ok: false,
25
- detectable: false,
26
- approval_state: 'unknown',
27
- sources_checked: [],
28
- blockers: [messageOf(err)],
29
- warnings: ['hook_approval_probe_failed']
30
- }));
31
- const agentType = await probeCodexAgentTypeSupport(root, { codexBin }).catch((err) => ({
32
- schema: 'sks.codex-agent-type-probe.v1',
33
- generated_at: nowIso(),
34
- ok: false,
35
- supported: false,
36
- source: 'unknown',
37
- spawn_tool_name: 'unknown',
38
- schema_path: null,
39
- evidence: [],
40
- blockers: [messageOf(err)],
41
- warnings: ['agent_type_probe_failed_message_role_fallback']
42
- }));
43
- const agents = await repairAgentRoleConfigs({ root, apply: input.applyRepairs === true, reportPath: path.join(root, '.sneakoscope', 'reports', 'codex-agent-role-sync.json') }).catch((err) => ({ ok: false, blockers: [messageOf(err)] }));
44
- const interop = await buildLazyCodexInteropPolicy({ root, inventory: plugins }).catch(() => null);
45
- const appRecord = isRecord(app) ? app : {};
46
- const requiredSkills = isRecord(appRecord.required_skills) ? appRecord.required_skills : {};
47
- const skills = isRecord(appRecord.skills) ? appRecord.skills : {};
48
- const skillShadows = isRecord(appRecord.skill_shadows) ? appRecord.skill_shadows : {};
49
- const hasSkills = requiredSkills.ok === true || skills.ok === true || skillShadows.ok !== false;
50
- const hookApprovalKnown = hookApproval.detectable === true;
51
- const hookBlockers = hookApproval.approval_state === 'modified_requires_reapproval'
52
- ? ['hook_modified_requires_reapproval']
53
- : [];
54
- const matrix = {
55
- schema: 'sks.codex-app-harness-matrix.v1',
56
- generated_at: nowIso(),
57
- ok: Boolean(codexBin) && feature(cap0138, 'supports_plugin_json') !== false && recordOk(agents) !== false,
58
- codex_cli: { available: Boolean(codexBin), version },
59
- app_features: {
60
- plugin_json: feature(cap0138, 'supports_plugin_json') === true,
61
- marketplace_add: feature(cap0139, 'supports_marketplace_source_field') === true || feature(plugins, 'marketplace_available') === true,
62
- marketplace_upgrade: feature(cap0139, 'supports_marketplace_source_field') === true,
63
- startup_review_detectable: hookApprovalKnown,
64
- hook_approval_state_detectable: hookApprovalKnown,
65
- hook_approval_state: hookApproval.approval_state,
66
- skill_picker_ready: Boolean(hasSkills),
67
- agent_type_supported: agentType.supported,
68
- mcp_inventory_ready: Array.isArray(isRecord(plugins) ? plugins.plugins : null),
69
- app_handoff_ready: feature(cap0138, 'supports_app_handoff') === true,
70
- image_path_exposure_ready: feature(cap0138, 'supports_image_path_exposure') === true
71
- },
72
- sks_integrations: {
73
- dollar_skills_synced: Boolean(hasSkills),
74
- agent_roles_synced: recordOk(agents) !== false,
75
- hooks_synced: hookApproval.approval_state === 'approved',
76
- init_deep_available: true,
77
- loop_mesh_app_profile_available: true
78
- },
79
- probes: {
80
- hook_approval: hookApproval,
81
- agent_type: agentType
82
- },
83
- blockers: [
84
- ...(!codexBin ? ['codex_cli_missing'] : []),
85
- ...blockersOf(cap0138),
86
- ...blockersOf(plugins),
87
- ...blockersOf(agents),
88
- ...hookBlockers
89
- ],
90
- warnings: [
91
- ...blockersOf(cap0139).map((b) => `codex_0139:${b}`),
92
- ...hookApproval.blockers.map((b) => `hooks:${b}`),
93
- ...hookApproval.warnings,
94
- ...agentType.warnings,
95
- ...(hookApproval.approval_state === 'pending_review' ? ['hook_approval_pending_review'] : []),
96
- ...(hookApproval.approval_state === 'not_installed' ? ['hooks_not_installed'] : []),
97
- ...(interop?.lazycodex_detected ? ['lazycodex_detected_coexist_mode'] : [])
98
- ]
99
- };
100
- matrix.ok = matrix.blockers.length === 0;
101
- await writeCodexAppHarnessMatrix(root, matrix, input.missionDir);
5
+ const matrix = await buildCodexAppHarnessMatrixFromNative(input);
6
+ await writeCodexAppHarnessMatrix(path.resolve(input.root || process.cwd()), matrix, input.missionDir);
102
7
  return matrix;
103
8
  }
104
9
  export async function writeCodexAppHarnessMatrix(root, matrix, missionDir) {
@@ -106,22 +11,4 @@ export async function writeCodexAppHarnessMatrix(root, matrix, missionDir) {
106
11
  if (missionDir)
107
12
  await writeJsonAtomic(path.join(missionDir, 'codex-app-harness-matrix.json'), matrix).catch(() => undefined);
108
13
  }
109
- async function codexVersion(bin) {
110
- const run = await runProcess(bin, ['--version'], { timeoutMs: 5000, maxOutputBytes: 16 * 1024 }).catch(() => null);
111
- return run?.code === 0 ? `${run.stdout || run.stderr || ''}`.trim() || null : null;
112
- }
113
- function blockersOf(value) {
114
- if (!isRecord(value) || !Array.isArray(value.blockers))
115
- return [];
116
- return value.blockers.map((item) => String(item)).filter(Boolean);
117
- }
118
- function feature(value, key) {
119
- return isRecord(value) && typeof value[key] === 'boolean' ? value[key] : undefined;
120
- }
121
- function recordOk(value) {
122
- return isRecord(value) && typeof value.ok === 'boolean' ? value.ok : undefined;
123
- }
124
- function messageOf(err) {
125
- return err instanceof Error ? err.message : String(err);
126
- }
127
14
  //# sourceMappingURL=codex-app-harness-matrix.js.map
@@ -35,9 +35,12 @@ export async function buildCodexHookLifecycle(input = {}) {
35
35
  approval_state: probe.approval_state,
36
36
  approval_state_detectable: probe.detectable,
37
37
  lifecycle: Object.fromEntries(Object.entries(events).map(([event, actions]) => [event, {
38
+ event,
38
39
  actions,
40
+ sks_action: actions.join(','),
39
41
  installed: installedEvents.has(event),
40
- approval_state: installedEvents.has(event) ? probe.approval_state : 'not_installed'
42
+ approval_state: installedEvents.has(event) ? probe.approval_state : 'not_installed',
43
+ counted_as_evidence: installedEvents.has(event) && probe.approval_state === 'approved'
41
44
  }])),
42
45
  actual_state: actual,
43
46
  install,