sneakoscope 4.6.0 → 4.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -2,22 +2,22 @@
2
2
 
3
3
  # 🔭 Sneakoscope Codex
4
4
 
5
- **Proof-first Codex orchestration — massive parallel agent swarms you can actually watch, audit, and trust.**
5
+ ### Proof-first orchestration for OpenAI Codex — run massive parallel AI coding agents you can watch, audit, and trust.
6
6
 
7
7
  [![npm version](https://img.shields.io/npm/v/sneakoscope?color=cb3837&logo=npm)](https://www.npmjs.com/package/sneakoscope)
8
8
  [![node](https://img.shields.io/badge/node-%3E%3D20.11-339933?logo=node.js&logoColor=white)](#requirements)
9
9
  [![license](https://img.shields.io/badge/license-MIT-blue)](#license)
10
- [![zellij](https://img.shields.io/badge/UI-Zellij%20stacked%20panes-1e90ff)](#mad-zellij-launch)
10
+ [![Zellij](https://img.shields.io/badge/UI-Zellij%20stacked%20panes-1e90ff)](#mad-zellij-launch)
11
11
 
12
- `npm i -g sneakoscope` `sks --mad` watch up to **100 shadow-clone workers** code in parallel,<br/>each in a live Zellij pane, every claim backed by Completion Proof.
12
+ [![Sneakoscope Codex - proof-first Codex orchestration pipeline: a Codex task fans out to the Naruto parallel worker swarm, streams through live Zellij panes, passes safety gates, and ends in Completion Proof](docs/assets/sneakoscope-hero.svg)](https://www.npmjs.com/package/sneakoscope)
13
13
 
14
- Current package release: **4.6.0**.
14
+ `npm i -g sneakoscope` → `sks --mad` → watch up to **100 parallel workers** code at once,<br/>each in a live Zellij pane, every claim backed by **Completion Proof**.
15
15
 
16
16
  </div>
17
17
 
18
18
  ---
19
19
 
20
- Sneakoscope Codex (`sks`) is a Codex CLI/App harness that makes repeatable Codex work **auditable**. It does not try to clone every other harness. It focuses on one thing relentlessly: Codex work becomes visual-evidence-bound, safety-gated, and reproducible through Completion Proof.
20
+ **Sneakoscope Codex** (`sks`) is a Codex CLI and Codex App harness that makes repeatable Codex work **auditable**. It focuses on one thing relentlessly: every Codex run becomes visual-evidence-bound, safety-gated, and reproducible through Completion Proof.
21
21
 
22
22
  | | What you get |
23
23
  | --- | --- |
@@ -27,173 +27,29 @@ Sneakoscope Codex (`sks`) is a Codex CLI/App harness that makes repeatable Codex
27
27
  | 🛡️ **Safety gates** | DB/migration/destructive operations stay gated, 190+ release gate scripts, Honest Mode |
28
28
  | 🖼️ **Visual evidence** | Image Voxel TriWiki plus `$imagegen`/`gpt-image-2`-bound visual review flows |
29
29
 
30
- ![Sneakoscope Codex Trust Layer](docs/assets/sneakoscope-architecture-pipeline.jpg)
31
-
32
30
  ## LLM Init Prompt for Codex Native Agent Builders
33
31
 
34
32
  ```text
35
33
  Set up this agent project with Sneakoscope Codex. Use [[mandarange/Sneakoscope-Codex](https://github.com/mandarange/Sneakoscope-Codex)] as the repo reference and [npm i -g sneakoscope] as the recommended global install command, then run the appropriate `sks` setup, doctor, Codex App, and proof checks for this repo. Keep generated SKS state out of source control unless documented, and record every version-facing change in CHANGELOG.md.
36
34
  ```
37
35
 
38
- ## 🚀 Current Release
39
-
40
- SKS **4.6.0** adds the proof-backed `seo-geo-optimizer` command and route on one shared search-visibility kernel, plus Lean Engineering Policy evidence in pipeline plans, worker prompts, code-structure reports, GPT final review, and Completion Proof.
41
-
42
- - **`sks seo-geo-optimizer` / `$SEO-GEO-OPTIMIZER`.** Run read-only audit, mutation plan, explicit apply, verification, rollback, and Completion Proof for both Search Engine Optimization and Generative Engine Optimization.
43
- - **Mode-specific evidence.** Use `--mode seo` for package/docs/website search visibility, including metadata, canonical, robots, sitemap, locale, structured data, and internal links. Use `--mode geo` for entity facts, claim evidence, answerability, AI crawler purpose policy, and optional `llms.txt` planning. GEO means Generative Engine Optimization, not geolocation.
44
- - **Lean Engineering evidence.** `sks bench lean-policy --json` compares hermetic baseline-context and lean-policy-context fixtures, catching over-build candidates while preserving safety rejections without making live model accuracy claims.
45
- - **Safety-first mutation.** `audit` and `plan` never mutate source. `apply` requires `--apply`, uses base hashes, create-only ownership, mutation journal, rollback manifest, and post-verification.
46
- - **Release-gated artifacts.** SEO/GEO now have explicit runtime fixtures, schemas, feature registry mappings, release gates, route gates, and Completion Proof links.
36
+ ## Highlights
47
37
 
48
- Common commands:
38
+ - **Massive parallel swarm.** `$Naruto` fans work out to up to 100 clone workers behind a hardware-safe governor, with lease-based parallel writes and a scheduler that keeps idle slots full while runnable work remains.
39
+ - **Live Zellij cockpit.** Workers stack as native Zellij panes that stream heartbeat, current file, tool events, and stdout every second.
40
+ - **Completion Proof on every serious route.** Schema-backed proof artifacts replace "trust me, it's done," and Honest Mode separates implemented, locally verified, production verified, and measured outcomes.
41
+ - **Safety-first by default.** SQL/migrations, Supabase/RLS changes, destructive filesystem operations, and published release state stay gated unless you explicitly opt in.
42
+ - **Visual evidence.** Image Voxel TriWiki plus `$imagegen`/`gpt-image-2`-bound visual review flows.
43
+ - **Search visibility route (SEO + GEO).** `sks seo-geo-optimizer` / `$SEO-GEO-OPTIMIZER` runs read-only audit, mutation plan, explicit apply, verification, rollback, and Completion Proof for both Search Engine Optimization and Generative Engine Optimization (GEO is generative-engine, not geolocation).
49
44
 
50
- ```bash
51
- sks seo-geo-optimizer doctor --mode seo --json
45
+ ```sh
52
46
  sks seo-geo-optimizer audit --mode seo --target package --offline --json
53
47
  sks seo-geo-optimizer plan latest --mode seo --json
54
48
  sks seo-geo-optimizer apply latest --mode seo --apply --json
55
- sks seo-geo-optimizer rollback latest --mode seo --apply --json
56
-
57
- sks seo-geo-optimizer doctor --mode geo --json
58
49
  sks seo-geo-optimizer audit --mode geo --target package --offline --json
59
- sks seo-geo-optimizer plan latest --mode geo --json
60
- sks seo-geo-optimizer apply latest --mode geo --include-llms-txt --apply --json
61
- sks bench lean-policy --json
62
50
  ```
63
51
 
64
- Honest boundary: SEO/GEO reports separate implemented, locally verified, production verified, and measured outcome. Sitemaps, canonical tags, structured data, crawler policy, and `llms.txt` are evidence surfaces, not guarantees of indexing, ranking, traffic, rich results, or AI answer inclusion.
65
-
66
- What changed in 4.2.1:
67
-
68
- What changed in 4.2.0:
69
-
70
- - **First-class MadDB route.** `$MAD-DB` no longer aliases `$MAD-SKS`; it creates one authoritative mission, capability, runtime profile, inventory check, execution, read-back, and closeout cycle.
71
- - **Capability v2 binding.** MadDB capabilities bind project root, project ref hash, mission/cycle/session identity, runtime profile hash, TTL, operator intent, and SQL-plane operation classes.
72
- - **Ephemeral Supabase write profile.** Persistent Supabase MCP config stays read-only; write-capable MCP settings exist only inside the active MadDB mission and are removed in `finally`.
73
- - **Exact lifecycle correlation.** Hook/result handling is keyed by canonical `tool_call_id`, uses idempotent operation state, and avoids unsafe tool-name result matching under parallel calls.
74
- - **Policy/docs/test SSOT.** MadDB route metadata, generated skill guidance, DB safety wording, Doctor guidance, release gates, docs, scanner coverage, and local regression tests share the typed MadDB policy surface.
75
- - **Release metadata truth.** Package, CLI version constants, Rust crate metadata, README, changelog, and release checks all point at 4.2.0.
76
-
77
- What changed in 4.1.1:
78
-
79
- What changed in 4.1.0:
80
-
81
- SKS **4.1.0** turns the Codex `rust-v0.142.0` compatibility surface into the authoritative Doctor/update readiness path. Doctor now consumes structured Codex Doctor semantics, separates pre-repair observation from post-repair truth, repairs managed native assets from plain `sks doctor --fix`, and gates update completion on a current project migration receipt.
82
-
83
- - **Semantic Doctor readiness.** Warning-only Codex Doctor output stays ready, blocking checks block readiness, and unknown non-zero/unparseable Doctor output fails closed.
84
- - **Post-repair authority.** `sks doctor --fix` records pre-repair Codex Doctor output but bases readiness on the final post-repair Doctor run.
85
- - **Managed native assets.** Skills, agent roles, hooks, and Context7 transport share the 4.1.0 managed manifest; stale directive markers no longer appear in generated role content.
86
- - **Codex 0.142 wiring.** The native feature broker exposes multi-agent mode, rollout budget strategy, indexed web search, current time, app-server overload, MCP reconnect, plugin refresh, thread search, remote native environment, and terminal subagent error handling as current capabilities.
87
- - **Update lifecycle receipts.** `sks update now` runs old-version Doctor preflight, installs through the guarded npm path, re-resolves the new package-local binary, runs new-version global Doctor, and writes a project migration receipt before reporting `updated`.
88
- - **Local evidence hygiene.** Machine-local `.sneakoscope` runtime evidence is ignored and guarded so release commits do not carry host paths, secrets, or transient proof logs.
89
-
90
- What changed in 4.0.15:
91
-
92
- - **Codex 0.142 release manifest.** `rust-v0.142.0`, `codex-cli 0.142.0`, SDK `0.142.0`, generated app-server schema hash, required probes, and supported platforms are captured as a single manifest.
93
- - **Runtime identity proof.** Codex compatibility now resolves the project/env/PATH binary through one resolver and records realpath, version, SHA-256, package root, platform, and arch.
94
- - **Safer SDK execution policy.** SDK tasks no longer inherit `process.env` wholesale and no longer hard-code `approvalPolicy: never`, `skipGitRepoCheck: true`, or network access from sandbox mode.
95
- - **0.142 app-server evidence.** Generated app-server TypeScript and JSON Schema snapshots are stored under versioned paths; app-server-v2 wraps `thread/list`, `thread/read`, list search, and `currentTime/read` handling, while capability gates reject `assumed_by_version` evidence.
96
- - **Transactional thread registry guard.** Codex thread registration now uses an atomic lock and append-only journal, with a 100-write gate covering concurrent updates and corruption preservation.
97
- - **Package contract repair.** The npm tarball includes `dist/scripts` verification targets so public package scripts do not point at files excluded from the package.
98
-
99
- What changed in 4.0.14:
100
-
101
- - **Real stage parallelism evidence.** GLM Naruto records bounded parallel stage timelines, overlap ratios, parallelism summaries, critical-path metrics, and speed diagnosis artifacts.
102
- - **Parallel gate/verifier/worktree stages.** Candidate gate, worktree materialization, and verifier checks no longer have to run candidate-by-candidate when multiple candidates are available.
103
- - **Requirement coverage seal.** GLM Naruto writes a requirement ledger and candidate coverage artifacts, and the final seal blocks when required requirements remain uncovered.
104
- - **MAD route isolation.** `sks --mad` without `--glm` remains the GPT/Codex/MAD route and does not resolve OpenRouter or run GLM-specific benchmark/Naruto code.
105
- - **Benchmark proof honesty.** GLM benchmark proof now reports request-summary availability separately from case-level model lock checks and fixes the no-mutation proof boolean.
106
-
107
- What changed in 4.0.13:
108
-
109
- - **Extracted worktree patches.** `--worktree` parses `<sks_patch_candidate>` and records candidate/extracted patch hashes before any worker worktree apply.
110
- - **Adaptive scheduler.** Patch workers use a finite launch queue with provider-health backpressure and retry-once handling for retryable 429/5xx/idle-timeout failures.
111
- - **True direct-vs-Naruto bench.** `--bench --live --no-apply` compares direct GLM, Naruto 1, 4, 8, and 12 worker cases without fake zero metrics.
112
- - **Transaction guards.** Final apply blocks dirty touched paths unless `--allow-dirty-apply` is explicit, runs targeted checks, and rolls back on validation failure by default.
113
- - **Seal artifacts.** GLM Naruto writes `final-seal.json`, stop-gate final-seal evidence, `merge-rationale.md`, and `bench-report.md` for auditability.
114
-
115
- What changed in 4.0.8:
116
-
117
- - **`--open` alias for interactive GLM launch.** `sks --mad --glm --open` now opens the GLM interactive Zellij runtime, equivalent to `sks --mad --glm --interactive`.
118
-
119
- What changed in 4.0.6:
120
-
121
- - **No default long-lived GLM launch.** Bare `sks --mad --glm` no longer falls through to MAD/Zellij; `--interactive`, `--open`, `--zellij`, or `session` is required for that path.
122
- - **Fast GLM speed profile.** Speed mode keeps OpenRouter locked to `z-ai/glm-5.2`, disables GPT/model fallback, avoids high/xhigh reasoning by default, and uses `provider.require_parameters: false` with throughput-first routing.
123
- - **Bounded direct task runs.** `sks --mad --glm run "task"` and `sks --mad --glm "task"` use a one-shot GLM speed run with max-turn, wall-clock, request-timeout, no-progress, repeated-output, and terminal-state guards.
124
- - **Deterministic mutation gate.** GLM still returns patch envelopes; SKS parses the unified diff, blocks protected paths, runs `git apply --check`, and applies only after the gate passes.
125
- - **OpenRouter speed plumbing.** Encoded request bodies are cached without Authorization headers, request timeout/abort is wired, streaming TTFT/usage capture is scaffolded, and synthetic `--bench` remains network-free by default.
126
- - **Loop regression tests.** Routing, speed-profile, cache, loop-guard, patch-gate, and OpenRouter key handling are covered by targeted tests.
127
-
128
- SKS **3.1.16** was a launch-reliability patch on the 3.1.15 doctor-reliability release. It made `sks --mad` self-bootstrap a fresh project instead of dead-ending on a missing Codex config.
129
-
130
- What changed in 3.1.16:
131
-
132
- - **`sks --mad` bootstraps a fresh project.** When the only preflight blocker is a missing managed Codex config (`.codex/config.toml` absent), `sks --mad` now regenerates it — the `sks doctor --fix` equivalent — and re-runs the preflight, instead of blocking and making you run a separate command. An existing but unreadable/EPERM/parse-broken config still blocks and routes you to `sks doctor --fix`.
133
- - **Missing-config diagnostics are honest.** A missing config no longer cascades into misleading `macos_acl_ls_le_failed` / `macos_flags_ls_lO_failed` / `spawned_child_read_failed` blockers from running file checks on a nonexistent path; the preflight reports only `missing_config` / `missing_codex_dir`.
134
-
135
- SKS **3.1.15** was a doctor-reliability patch on the 3.1.14 production-hardening release. It ended the endless `sks doctor --fix` loop that kept reporting `codex_cli_config_toml_parse_error` / `cli_ready: no` on the very run that already repaired the config.
136
-
137
- What changed in 3.1.15:
138
-
139
- - **`sks doctor --fix` no longer loops on a config it already fixed.** The Codex config-load probe is re-run *after* the Context7/Supabase/startup MCP repairs land, so the readiness verdict reflects the repaired config instead of the stale pre-repair snapshot.
140
- - **Context7 is seeded on the remote transport.** Managed setup writes `[mcp_servers.context7]` with the streamable-HTTP `url` instead of a local stdio `command`, so the project config never merges with a remote `url` in the global Codex config into the `url is not supported for stdio` error Codex 0.140 rejects.
141
- - **The config-load operator action is accurate.** A `codex_cli_config_toml_parse_error` now points at both misplaced machine-local keys *and* the Context7/MCP stdio-vs-`url` transport conflict, instead of only suggesting a key hoist that does nothing for a transport conflict.
142
-
143
- The 3.1.14 production-hardening surface for Codex 0.140 evidence, transactional `sks doctor --fix` repair, MCP readiness, native capability proof, and protected-secret rollback remains intact.
144
-
145
- What changed in 3.1.14:
146
-
147
- - **Codex 0.140 readiness carries evidence.** Capability reports now expose per-feature state and certainty, real usage parsing, goal attachment roundtrip proof, and usage-budget provenance for loop/Naruto runtime decisions.
148
- - **Doctor repair is phase-based.** `sks doctor --fix` records phase durations, postchecks, optional manual readiness, and rollback evidence instead of collapsing repair work into a summary writer.
149
- - **Startup and MCP repair are safer.** Managed agent TOML blocks are repaired without touching unrelated config, missing role files are regenerated from real managed templates, Context7 disabled servers stay disabled, and Supabase write scope is separated from read-only readiness.
150
- - **Secret rollback is line-level when possible.** Protected key changes are restored without discarding unrelated operator edits, nested guard operations are recorded, and backup artifacts remain ignored.
151
- - **Native capability proof is stricter.** Computer Use and Chrome/web review no longer become verified from environment variables outside explicit fixture/test modes.
152
- - **Release metadata is aligned for 3.1.14.** Package, lockfile, CLI version constants, Rust helper metadata, README, changelog, docs, built output, and release stamp all point at the same release.
153
-
154
- SKS 3.0.0 was the parallel-runtime stabilization release. The whole live-swarm experience — what you actually *see* while 5, 20, or 100 workers run — was rebuilt and proven end-to-end.
155
-
156
- What changed in 3.0.0:
157
-
158
- - **Slot panes are finally alive.** The watch renderer froze for entire missions because the telemetry snapshot cache never invalidated; snapshot reads are now mtime-aware, multi-process flushes merge instead of clobbering each other, and the disk `updated_at` stays authoritative for stale detection.
159
- - **One SLOTS column, vertical stack.** Concurrent workers used to race anchor creation and split the screen into N side-by-side columns. Anchor + worker pane creation is serialized per session, and workers join a native Zellij stacked-pane group (`new-pane --stacked`, opt out with `SKS_ZELLIJ_WORKER_STACKED=0`).
160
- - **Live renderer is the default worker pane.** `full-debug` showed nothing until worker exit (workers run with `--json`); the default `compact-slots` renderer streams heartbeat, current file, tool events, and stdout tails every second.
161
- - **Zellij stays current like Codex does.** `sks --mad` / `sks naruto run` offer a `[Y/n]` upgrade to the latest stable Zellij (GitHub releases lookup, 6h cache), plus an explicit `sks zellij update [--yes]` subcommand and `SKS_SKIP_ZELLIJ_UPDATE` escape.
162
- - **Faster, honest dispatch.** Scheduler batch telemetry writes run concurrently per batch instead of serializing two file writes per worker; naruto backpressure throttling (50%/25% under host pressure) is reported in the run header instead of staying silent.
163
- - **Wired, not decorative.** The naruto finalizer gate and the agent message bus now run in production paths; dead swarm code (`naruto-work-stealing`, `zellij-right-column-layout-proof`) was removed.
164
-
165
- Quick checks:
166
-
167
- ```bash
168
- npm run typecheck
169
- npm run build
170
- npm run codex:0138-capability
171
- npm run codex-sdk:version-compat
172
- npm run codex-app:handoff
173
- npm run codex-plugin:inventory
174
- npm run qa-loop:app-handoff
175
- npm run image:artifact-path-contract
176
- npm run codex:effort-order
177
- npm run codex:account-usage
178
- npm run codex:0138-doctor
179
- npm run doctor:codex-0138-fix
180
- npm run codex-control:capability
181
- npm run codex-control:structured-output
182
- npm run codex-control:event-stream-ledger
183
- npm run codex-control:thread-registry
184
- npm run codex-control:empty-result-retry
185
- npm run codex-control:stream-idle-watchdog
186
- npm run ultra-router:auto-router
187
- npm run codex-sdk:zellij-pane-binding
188
- npm run codex-app:fast-ui-preservation
189
- npm run provider:badge-context
190
- npm run zellij:worker-pane-manager
191
- npm run runtime:no-mjs-scripts
192
- npm run runtime:ts-python-boundary
193
- npm run codex-control:all-pipelines
194
- ```
195
-
196
- Change-aware release checks live behind `npm run release:check`; publish-authorizing full DAG checks use `npm run release:check:full`. Detailed release history is in [CHANGELOG.md](CHANGELOG.md), and release readiness is tracked in [docs/release-readiness.md](docs/release-readiness.md).
52
+ > 📋 **Current release: `v4.6.2`** full release history lives in [CHANGELOG.md](CHANGELOG.md). This README documents how Sneakoscope works today, not its version-by-version changes. Release readiness is tracked in [docs/release-readiness.md](docs/release-readiness.md).
197
53
 
198
54
  ## 🍥 Parallelism, UX, And Integrations
199
55
 
@@ -210,12 +66,12 @@ Change-aware release checks live behind `npm run release:check`; publish-authori
210
66
 
211
67
  - **Image generation under codex-lb.** `gpt-image-2` routes through the same Codex `/responses` backend the load balancer already proxies, so `$imagegen` works when you are authenticated only through codex-lb (no direct `OPENAI_API_KEY`). The official Codex App `$imagegen` surface stays primary; the codex-lb/OpenAI API path is the fallback. Opt out with `SKS_IMAGEGEN_ALLOW_CODEX_LB_API_FALLBACK=0`.
212
68
 
213
- - **UltraSearch source intelligence.** Run provider-independent source acquisition without requiring xAI/Grok credentials:
69
+ - **InsaneSearch source intelligence.** Run provider-independent source acquisition without requiring xAI/Grok credentials:
214
70
 
215
71
  ```bash
216
- sks ultra-search doctor
217
- sks ultra-search run "current package release notes" --mode balanced
218
- sks ultra-search x "site:x.com product launch"
72
+ sks insane-search doctor
73
+ sks insane-search run "current package release notes" --mode balanced
74
+ sks insane-search x "site:x.com product launch"
219
75
  ```
220
76
 
221
77
  - **CLI-only SKS update notices.** Codex App hooks no longer stop normal work to ask for an SKS update. CLI launch surfaces such as `sks --mad` print a non-blocking latest-version notice, `sks update-check` / `sks update check` show the explicit status, and `sks doctor --fix` runs the guarded global SKS update path before repair.
@@ -301,7 +157,7 @@ The cleanup contract is policy-backed in `.sneakoscope/policy.json`, but the def
301
157
  - Codex App Hooks/PAT: [docs/hooks-pat.md](docs/hooks-pat.md)
302
158
  - codex-lb: [docs/codex-lb.md](docs/codex-lb.md)
303
159
  - Source Intelligence Layer: [docs/source-intelligence-layer.md](docs/source-intelligence-layer.md)
304
- - UltraSearch / Context7 / Codex Web policy: [docs/ultra-search-source-intelligence-policy.md](docs/ultra-search-source-intelligence-policy.md)
160
+ - InsaneSearch / Context7 / Codex Web policy: [docs/ultra-search-source-intelligence-policy.md](docs/ultra-search-source-intelligence-policy.md)
305
161
  - Main no-Scout / worker Scout policy: [docs/main-no-scout-worker-scout-policy.md](docs/main-no-scout-worker-scout-policy.md)
306
162
  - Real Codex dynamic smoke: [docs/real-codex-dynamic-smoke.md](docs/real-codex-dynamic-smoke.md)
307
163
  - Appshots pipeline: [docs/appshots-pipeline.md](docs/appshots-pipeline.md)
@@ -739,7 +595,7 @@ sks codex-native invocation-plan --route Loop --capability agent-role --json
739
595
  sks codex-native init-deep --apply --directory-local --json
740
596
  ```
741
597
 
742
- The broker records Codex-native feature availability, invocation defaults, neutral pattern evidence, and managed memory setup without exposing reference implementation branding in user-facing artifacts.
598
+ The broker records Codex-native feature availability, invocation defaults, neutral pattern evidence, and managed memory setup to drive routing decisions.
743
599
 
744
600
  ## 💬 Prompt `$` Commands
745
601
 
@@ -856,14 +712,14 @@ sks codex-app check
856
712
 
857
713
  If Codex App UI panels or auth-dependent controls still look wrong after codex-lb setup, repair, or upgrade, restart the app first. If the UI still does not recover, sign out of Codex App, sign back in, then run `sks codex-app check` or `sks codex-lb repair` as needed.
858
714
 
859
- ### Setup is blocked by another harness
715
+ ### Setup is blocked by another tool
860
716
 
861
717
  ```sh
862
718
  sks conflicts check
863
719
  sks conflicts prompt
864
720
  ```
865
721
 
866
- OMX/DCodex conflicts block setup/doctor until the user approves cleanup.
722
+ If another agent tool's managed config conflicts with setup, SKS blocks setup/doctor until you approve the cleanup.
867
723
 
868
724
  ### The route is stuck or a final hook keeps reopening
869
725
 
@@ -76,7 +76,7 @@ dependencies = [
76
76
 
77
77
  [[package]]
78
78
  name = "sks-core"
79
- version = "4.6.0"
79
+ version = "4.6.2"
80
80
  dependencies = [
81
81
  "serde_json",
82
82
  ]
@@ -1,6 +1,6 @@
1
1
  [package]
2
2
  name = "sks-core"
3
- version = "4.6.0"
3
+ version = "4.6.2"
4
4
  edition = "2021"
5
5
 
6
6
  [dependencies]
@@ -4,7 +4,7 @@ use std::io::{self, Read, Seek, SeekFrom};
4
4
  fn main() {
5
5
  let mut args = std::env::args().skip(1);
6
6
  match args.next().as_deref() {
7
- Some("--version") => println!("sks-rs 4.6.0"),
7
+ Some("--version") => println!("sks-rs 4.6.2"),
8
8
  Some("compact-info") => {
9
9
  let mut input = String::new();
10
10
  let _ = io::stdin().read_to_string(&mut input);
package/dist/bin/sks.js CHANGED
@@ -1,5 +1,5 @@
1
1
  #!/usr/bin/env node
2
- const FAST_PACKAGE_VERSION = '4.6.0';
2
+ const FAST_PACKAGE_VERSION = '4.6.2';
3
3
  const args = process.argv.slice(2);
4
4
  try {
5
5
  if (args[0] === '--agent' && args[1] === 'worker') {
@@ -132,7 +132,8 @@ export const COMMANDS = {
132
132
  'image-ux-review': entry('labs', 'Inspect image UX artifacts', 'dist/core/commands/image-ux-review-command.js', commandArgsCommand(() => import('../core/commands/image-ux-review-command.js'), 'imageUxReviewCommand', 'dist/core/commands/image-ux-review-command.js')),
133
133
  'computer-use': entry('beta', 'Record native Mac/non-web Computer Use visual evidence', 'dist/core/commands/computer-use-command.js', commandArgsCommand(() => import('../core/commands/computer-use-command.js'), 'computerUseCommand', 'dist/core/commands/computer-use-command.js')),
134
134
  context7: entry('beta', 'Context7 checks and docs', 'dist/cli/context7-command.js', subcommand(() => import('./context7-command.js'), 'context7Command', 'dist/cli/context7-command.js', 'check')),
135
- 'ultra-search': entry('beta', 'Run provider-independent UltraSearch source intelligence', 'dist/cli/ultra-search-command.js', subcommand(() => import('./ultra-search-command.js'), 'ultraSearchCommand', 'dist/cli/ultra-search-command.js', 'doctor')),
135
+ 'insane-search': entry('beta', 'Run provider-independent InsaneSearch source intelligence', 'dist/cli/insane-search-command.js', subcommand(() => import('./insane-search-command.js'), 'insaneSearchCommand', 'dist/cli/insane-search-command.js', 'doctor')),
136
+ 'ultra-search': entry('beta', 'Compatibility alias for InsaneSearch source intelligence', 'dist/cli/insane-search-command.js', subcommand(() => import('./insane-search-command.js'), 'ultraSearchCommand', 'dist/cli/insane-search-command.js', 'doctor')),
136
137
  xai: entry('beta', 'Deprecated compatibility notice for removed xAI/Grok setup', 'dist/cli/xai-command.js', subcommand(() => import('./xai-command.js'), 'xaiCommand', 'dist/cli/xai-command.js', 'check')),
137
138
  recallpulse: entry('labs', 'RecallPulse evidence route', 'dist/commands/recallpulse.js', directCommand(() => import('../commands/recallpulse.js'), 'dist/commands/recallpulse.js')),
138
139
  pipeline: entry('beta', 'Inspect pipeline missions', 'dist/commands/pipeline.js', directCommand(() => import('../commands/pipeline.js'), 'dist/commands/pipeline.js')),
@@ -2,7 +2,7 @@ import fs from 'node:fs/promises';
2
2
  import os from 'node:os';
3
3
  import path from 'node:path';
4
4
  import { runUltraSearch } from '../core/ultra-search/index.js';
5
- export async function ultraSearchCommand(sub = 'help', args = []) {
5
+ export async function insaneSearchCommand(sub = 'help', args = []) {
6
6
  const action = sub || 'help';
7
7
  if (action === 'run')
8
8
  return runCommand(args);
@@ -22,12 +22,13 @@ export async function ultraSearchCommand(sub = 'help', args = []) {
22
22
  return migrateXaiCommand(args);
23
23
  return helpCommand();
24
24
  }
25
+ export const ultraSearchCommand = insaneSearchCommand;
25
26
  async function runCommand(args) {
26
27
  const json = args.includes('--json');
27
28
  const mode = readOption(args, '--mode');
28
29
  const query = positional(args).join(' ').trim();
29
30
  if (!query)
30
- throw new Error('Usage: sks ultra-search run "<query>" [--mode fast|balanced|deep|exhaustive|x_search|url_acquisition] [--json]');
31
+ throw new Error('Usage: sks insane-search run "<query>" [--mode fast|balanced|deep|exhaustive|x_search|url_acquisition] [--json]');
31
32
  const missionDir = await mkMissionDir();
32
33
  const result = await runUltraSearch({
33
34
  missionDir,
@@ -37,7 +38,7 @@ async function runCommand(args) {
37
38
  if (json)
38
39
  console.log(JSON.stringify(result, null, 2));
39
40
  else {
40
- console.log(`UltraSearch ${result.ok ? 'completed' : 'partial/blocked'}: ${result.mode}`);
41
+ console.log(`InsaneSearch ${result.ok ? 'completed' : 'partial/blocked'}: ${result.mode}`);
41
42
  console.log(`Mission: ${missionDir}`);
42
43
  console.log(`Sources: ${result.sources.length}, verified: ${result.proof.verified_source_count}`);
43
44
  if (result.blockers.length)
@@ -64,7 +65,7 @@ async function doctorCommand(args) {
64
65
  if (json)
65
66
  console.log(JSON.stringify(report, null, 2));
66
67
  else
67
- console.log('UltraSearch doctor: core ready; xAI/Grok is not required.');
68
+ console.log('InsaneSearch doctor: core ready; xAI/Grok is not required.');
68
69
  return report;
69
70
  }
70
71
  async function inspectCommand(action, args) {
@@ -112,14 +113,17 @@ async function migrateXaiCommand(args) {
112
113
  function helpCommand() {
113
114
  console.log([
114
115
  'Usage:',
115
- ' sks ultra-search doctor [--json]',
116
- ' sks ultra-search run "<query>" [--mode fast|balanced|deep|exhaustive]',
117
- ' sks ultra-search x "<query>"',
118
- ' sks ultra-search fetch "<url>"',
119
- ' sks ultra-search status|inspect|sources|claims <mission|latest>',
120
- ' sks ultra-search cache status|prune|clear',
121
- ' sks ultra-search bench [--suite all|x|web|docs|blocked]',
122
- ' sks ultra-search migrate-xai [--apply]'
116
+ ' sks insane-search doctor [--json]',
117
+ ' sks insane-search run "<query>" [--mode fast|balanced|deep|exhaustive]',
118
+ ' sks insane-search x "<query>"',
119
+ ' sks insane-search fetch "<url>"',
120
+ ' sks insane-search status|inspect|sources|claims <mission|latest>',
121
+ ' sks insane-search cache status|prune|clear',
122
+ ' sks insane-search bench [--suite all|x|web|docs|blocked]',
123
+ ' sks insane-search migrate-xai [--apply]',
124
+ '',
125
+ 'Compatibility:',
126
+ ' sks ultra-search ...'
123
127
  ].join('\n'));
124
128
  return { ok: true, status: 'help' };
125
129
  }
@@ -160,4 +164,4 @@ async function latestMissionDir() {
160
164
  function asyncDirLikelyUltra(dir) {
161
165
  return Boolean(dir);
162
166
  }
163
- //# sourceMappingURL=ultra-search-command.js.map
167
+ //# sourceMappingURL=insane-search-command.js.map
@@ -9,9 +9,9 @@ export async function xaiCommand(sub = 'check', args = []) {
9
9
  setup_performed: false,
10
10
  xai_required: false,
11
11
  replacement: {
12
- doctor: 'sks ultra-search doctor',
13
- x_search: 'sks ultra-search x "<query>"',
14
- migration: 'sks ultra-search migrate-xai [--apply]'
12
+ doctor: 'sks insane-search doctor',
13
+ x_search: 'sks insane-search x "<query>"',
14
+ migration: 'sks insane-search migrate-xai [--apply]'
15
15
  },
16
16
  blockers: action === 'setup' ? ['xai_setup_removed_use_ultra_search'] : [],
17
17
  warnings: ['sks_xai_is_deprecated_and_does_not_configure_mcp_or_require_XAI_API_KEY']
@@ -19,9 +19,9 @@ export async function xaiCommand(sub = 'check', args = []) {
19
19
  if (json)
20
20
  console.log(JSON.stringify(result, null, 2));
21
21
  else {
22
- console.log('`sks xai` is deprecated. UltraSearch no longer requires xAI/Grok or XAI_API_KEY.');
23
- console.log('Use: sks ultra-search doctor');
24
- console.log('Use: sks ultra-search x "<query>"');
22
+ console.log('`sks xai` is deprecated. InsaneSearch no longer requires xAI/Grok or XAI_API_KEY.');
23
+ console.log('Use: sks insane-search doctor');
24
+ console.log('Use: sks insane-search x "<query>"');
25
25
  if (action === 'setup') {
26
26
  console.log('No MCP setup was performed.');
27
27
  process.exitCode = 1;
@@ -346,7 +346,7 @@ function runNextAction(route, id, args) {
346
346
  function safeRouteExecutionArgs(route, prompt, { auto = false } = {}) {
347
347
  if (route.command === '$DB')
348
348
  return ['db', 'check', '--sql', 'SELECT 1', '--json'];
349
- if (route.command === '$Ultra-Search')
349
+ if (route.command === '$Insane-Search')
350
350
  return ultraSearchExecutionArgs(prompt);
351
351
  if (route.command === '$SEO-GEO-OPTIMIZER')
352
352
  return ['seo-geo-optimizer', searchVisibilityActionFromPrompt(prompt), '--mode', searchVisibilityModeFromPrompt(prompt), '--target', searchVisibilityTargetFromPrompt(prompt), '--offline', '--json'];
@@ -366,22 +366,26 @@ function ultraSearchExecutionArgs(prompt = '') {
366
366
  const stripped = stripUltraSearchPrompt(prompt);
367
367
  const lower = stripped.toLowerCase();
368
368
  if (!stripped || /^(?:doctor|check|status)\b/.test(lower))
369
- return ['ultra-search', 'doctor', '--json'];
369
+ return ['insane-search', 'doctor', '--json'];
370
370
  if (/^(?:x|x-search|x_search)\b/.test(lower)) {
371
371
  const query = stripped.replace(/^(?:x|x-search|x_search)\b[:\s-]*/i, '').trim() || 'source intelligence fixture';
372
- return ['ultra-search', 'x', query, '--json'];
372
+ return ['insane-search', 'x', query, '--json'];
373
373
  }
374
374
  const url = stripped.match(/\bhttps?:\/\/\S+/)?.[0];
375
375
  if (/^(?:fetch|url)\b/.test(lower) || url)
376
- return ['ultra-search', 'fetch', url || stripped.replace(/^(?:fetch|url)\b[:\s-]*/i, '').trim() || 'https://example.com', '--json'];
376
+ return ['insane-search', 'fetch', url || stripped.replace(/^(?:fetch|url)\b[:\s-]*/i, '').trim() || 'https://example.com', '--json'];
377
377
  const query = stripped.replace(/^run\b[:\s-]*/i, '').trim() || 'source intelligence fixture';
378
- return ['ultra-search', 'run', query, '--mode', 'balanced', '--json'];
378
+ return ['insane-search', 'run', query, '--mode', 'balanced', '--json'];
379
379
  }
380
380
  function stripUltraSearchPrompt(prompt = '') {
381
381
  return String(prompt || '')
382
382
  .trim()
383
+ .replace(/^\[\$Insane-Search\]\([^)]+\)(?:\s|:)?\s*/i, '')
384
+ .replace(/^\[\$InsaneSearch\]\([^)]+\)(?:\s|:)?\s*/i, '')
383
385
  .replace(/^\[\$Ultra-Search\]\([^)]+\)(?:\s|:)?\s*/i, '')
384
386
  .replace(/^\[\$UltraSearch\]\([^)]+\)(?:\s|:)?\s*/i, '')
387
+ .replace(/^\$Insane-Search(?:\s|:)?\s*/i, '')
388
+ .replace(/^\$InsaneSearch(?:\s|:)?\s*/i, '')
385
389
  .replace(/^\$Ultra-Search(?:\s|:)?\s*/i, '')
386
390
  .replace(/^\$UltraSearch(?:\s|:)?\s*/i, '')
387
391
  .trim();
@@ -10,8 +10,8 @@ import { madDbOperationClassesFromClassification } from './mad-db/mad-db-policy.
10
10
  export const DEFAULT_DB_SAFETY_POLICY = Object.freeze({
11
11
  schema_version: 1,
12
12
  mode: 'read_only_default',
13
- destructive_operations: 'deny_always',
14
- production_writes: 'deny_always',
13
+ destructive_operations: 'deny_without_active_mad_db_capability',
14
+ production_writes: 'deny_without_active_mad_db_capability',
15
15
  mcp_live_writes: 'deny_by_default',
16
16
  require_project_scoped_mcp: true,
17
17
  require_read_only_mcp_for_real_data: true,
@@ -510,15 +510,16 @@ export async function checkDbOperation(root, state, payload, { duringNoQuestion
510
510
  const contract = await loadMissionContract(root, state);
511
511
  const classification = classifyToolPayload(payload);
512
512
  const madDb = await resolveMadDbMutationPolicy(root, state, classification);
513
- if (madDb.allowed === true && state?.mission_id) {
513
+ if (madDb.allowed === true && madDb.mission_id) {
514
514
  const madDbDecision = madDb;
515
+ const madDbMissionId = String(madDbDecision.mission_id);
515
516
  const sqlText = classification.sql?.statements?.length ? String(classification.sql.statements.join('\n')) : null;
516
517
  const sqlHash = sqlText ? sha256(sqlText) : null;
517
518
  const toolCallId = extractCanonicalToolCallId(payload) || `payload-${sha256(JSON.stringify({ tool: classification.toolName || '', sqlHash, level: classification.level })).slice(0, 16)}`;
518
519
  const operationClasses = madDbDecision.operation_classes?.length ? madDbDecision.operation_classes : madDbOperationClassesFromClassification(classification);
519
520
  const reservation = await reserveMadDbOperation({
520
521
  root,
521
- missionId: String(state.mission_id),
522
+ missionId: madDbMissionId,
522
523
  capability: madDbDecision.capability,
523
524
  toolCallId,
524
525
  toolName: classification.toolName || 'unknown_database_tool',
@@ -527,12 +528,12 @@ export async function checkDbOperation(root, state, payload, { duringNoQuestion
527
528
  });
528
529
  await transitionMadDbOperation({
529
530
  root,
530
- missionId: String(state.mission_id),
531
+ missionId: madDbMissionId,
531
532
  toolCallId,
532
533
  state: 'started'
533
534
  });
534
535
  const lifecycleHook = {
535
- mission_id: String(state.mission_id),
536
+ mission_id: madDbMissionId,
536
537
  operation_id: reservation.operation.operation_id,
537
538
  tool_call_id: toolCallId,
538
539
  cycle_id: madDbDecision.cycle_id || null,
@@ -560,12 +561,13 @@ export async function checkDbOperation(root, state, payload, { duringNoQuestion
560
561
  lifecycle_result_pending: true,
561
562
  ledger_result_hook: lifecycleHook,
562
563
  operation_classes: operationClasses,
564
+ state_source: madDbDecision.state_source || 'hook_state',
563
565
  counters: reservation.capability.counters,
564
566
  idempotent_reservation_reused: reservation.reused
565
567
  }
566
568
  };
567
- await appendMadDbLedgerEvent(root, state.mission_id, { type: 'db_mutation.allowed', cycle_id: madDbDecision.cycle_id, mode: madDbDecision.mode, classification, operation_id: reservation.operation.operation_id, tool_call_id: toolCallId });
568
- await appendJsonlBounded(path.join(missionDir(root, state.mission_id), 'db-safety.jsonl'), { ts: nowIso(), decision });
569
+ await appendMadDbLedgerEvent(root, madDbMissionId, { type: 'db_mutation.allowed', cycle_id: madDbDecision.cycle_id, mode: madDbDecision.mode, classification, operation_id: reservation.operation.operation_id, tool_call_id: toolCallId });
570
+ await appendJsonlBounded(path.join(missionDir(root, madDbMissionId), 'db-safety.jsonl'), { ts: nowIso(), decision });
569
571
  return decision;
570
572
  }
571
573
  const madSks = await madSksOverrideState(root, state);
@@ -76,6 +76,7 @@ const FIXTURES = Object.freeze({
76
76
  'cli-commit': fixture('mock', 'sks commit --dry-run', [], 'pass'),
77
77
  'cli-commit-and-push': fixture('mock', 'sks commit-and-push --dry-run', [], 'pass'),
78
78
  'cli-context7': fixture('real_optional', 'sks context7 check --json', [], 'pass'),
79
+ 'cli-insane-search': fixture('execute', 'sks insane-search doctor --json', [], 'pass'),
79
80
  'cli-ultra-search': fixture('execute', 'sks ultra-search doctor --json', [], 'pass'),
80
81
  'cli-xai': fixture('real_optional', 'sks xai check --json', [], 'pass'),
81
82
  'cli-all-features': fixture('mock', 'sks all-features complete --json', [`.sneakoscope/reports/all-feature-completion-${PACKAGE_VERSION}.json`], 'pass'),
@@ -107,6 +108,8 @@ const FIXTURES = Object.freeze({
107
108
  'route-dfix': fixture('execute_and_validate_artifacts', 'sks dfix fixture --json', ['completion-proof.json', 'dfix-gate.json', 'dfix-verification.json'], 'pass'),
108
109
  'route-answer': fixture('mock', '$Answer answer-only route policy', [], 'pass'),
109
110
  'route-goal': fixture('mock', '$Goal bridge route', ['goal-workflow.json', 'completion-proof.json'], 'pass'),
111
+ 'route-insane-search': fixture('execute', 'sks run "$Insane-Search source intelligence fixture" --execute --json', [], 'pass'),
112
+ 'route-insanesearch': fixture('execute', 'sks run "$InsaneSearch source intelligence fixture" --execute --json', [], 'pass'),
110
113
  'route-ultra-search': fixture('execute', 'sks run "$Ultra-Search source intelligence fixture" --execute --json', [], 'pass'),
111
114
  'route-ultrasearch': fixture('execute', 'sks run "$UltraSearch source intelligence fixture" --execute --json', [], 'pass'),
112
115
  'route-seo-geo-optimizer': fixture('execute_and_validate_artifacts', 'sks seo-geo-optimizer fixture --mode geo --json', ['search-visibility/site-inventory.json', 'search-visibility/geo-findings.json', 'search-visibility/verification-report.json', 'geo-gate.json', 'completion-proof.json'], 'pass'),
package/dist/core/fsx.js CHANGED
@@ -5,7 +5,7 @@ import os from 'node:os';
5
5
  import crypto from 'node:crypto';
6
6
  import { spawn } from 'node:child_process';
7
7
  import { fileURLToPath } from 'node:url';
8
- export const PACKAGE_VERSION = '4.6.0';
8
+ export const PACKAGE_VERSION = '4.6.2';
9
9
  export const DEFAULT_PROCESS_TAIL_BYTES = 256 * 1024;
10
10
  export const DEFAULT_PROCESS_TIMEOUT_MS = 30 * 60 * 1000;
11
11
  export function nowIso() {
package/dist/core/init.js CHANGED
@@ -1068,7 +1068,8 @@ export async function installSkills(root) {
1068
1068
  'reasoning-router': `---\nname: reasoning-router\ndescription: Temporary SKS reasoning-effort routing for every command and pipeline route.\n---\n\nmedium: simple copy/color/discovery/setup/mechanical edits. high: logic, safety, architecture, DB, orchestration, refactor, multi-file work. xhigh: research, AutoResearch, falsification, benchmarks, SEO/GEO, open-ended discovery, and From-Chat-IMG image work-order analysis. Routing is temporary; return to default after the gate. Inspect with sks reasoning and sks pipeline status.\n`,
1069
1069
  'pipeline-runner': `---\nname: pipeline-runner\ndescription: Execute SKS dollar-command routes as stateful pipelines with mission artifacts, route gates, Context7 evidence, temporary reasoning routing, reflection, and Honest Mode.\n---\n\nEvery $ command is a route. Use current.json, mission artifacts, and pipeline-plan.json as the execution plan: it records the lane, skipped stages, kept stages, verification, lean_decision, and no-unrequested-fallback invariant. Use temporary reasoning, TriWiki before stages, source hydration, Context7 when required, Team cleanup before reflection, reflection for full routes, and completion summary plus Honest Mode before final. Surface guard/scopes, record evidence, refresh/pack/validate TriWiki, and check sks pipeline status/resume/plan. ${leanEngineeringCompactText()} ${speedLanePolicyText()} ${skillDreamPolicyText()}\n`,
1070
1070
  'context7-docs': `---\nname: context7-docs\ndescription: Enforce Context7 MCP documentation evidence for SKS routes that depend on external libraries, frameworks, APIs, MCPs, package managers, DB SDKs, or generated docs.\n---\n\nWhen required, resolve-library-id, then query-docs for the resolved id. Legacy get-library-docs evidence is accepted. Prefer sks context7 tools/resolve/docs/evidence and finish only after both evidence stages exist. Check setup with sks context7 check.\n`,
1071
- 'ultra-search': `---\nname: ultra-search\ndescription: Dollar-command route for $Ultra-Search/$UltraSearch provider-independent source intelligence.\n---\n\nUse when the user invokes $Ultra-Search, $UltraSearch, or asks for UltraSearch source intelligence, source acquisition, X-search-style collection, URL acquisition, source normalization, claim ledgers, or citation proof. Prefer \`sks ultra-search doctor --json\` for readiness and \`sks ultra-search run "<query>" --mode balanced --json\` for provider-independent source proof; use \`sks ultra-search x "<query>" --json\` for X-search intent and \`sks ultra-search fetch "<url>" --json\` for URL acquisition. Context7 is required only when the query depends on current package/API/framework/MCP/generated documentation behavior. xAI/Grok credentials are optional and must not be required for route readiness. Evidence/artifacts live under \`.sneakoscope/missions/<ultra-* or route mission>/ultra-search/\`: intent.json, axes.json, query-variants.json, provider-plan.json, source-ledger.json, lead-ledger.json, claim-ledger.json, synthesis.md, ultra-search-proof.json, ultra-search-gate.json, and ultra-search-result.json. Do not turn weak discovery into supported claims; finish with an Honest Mode summary of verified sources, blockers, and unverified external coverage.\n`,
1071
+ 'insane-search': `---\nname: insane-search\ndescription: Dollar-command route for $Insane-Search/$InsaneSearch provider-independent source intelligence.\n---\n\nUse when the user invokes $Insane-Search, $InsaneSearch, legacy $Ultra-Search/$UltraSearch, or asks for InsaneSearch source intelligence, source acquisition, X-search-style collection, URL acquisition, source normalization, claim ledgers, or citation proof. Prefer \`sks insane-search doctor --json\` for readiness and \`sks insane-search run "<query>" --mode balanced --json\` for provider-independent source proof; use \`sks insane-search x "<query>" --json\` for X-search intent and \`sks insane-search fetch "<url>" --json\` for URL acquisition. Context7 is required only when the query depends on current package/API/framework/MCP/generated documentation behavior. xAI/Grok credentials are optional and must not be required for route readiness. Evidence/artifacts remain under \`.sneakoscope/missions/<ultra-* or route mission>/ultra-search/\`: intent.json, axes.json, query-variants.json, provider-plan.json, source-ledger.json, lead-ledger.json, claim-ledger.json, synthesis.md, ultra-search-proof.json, ultra-search-gate.json, and ultra-search-result.json. Do not turn weak discovery into supported claims; finish with an Honest Mode summary of verified sources, blockers, and unverified external coverage.\n`,
1072
+ 'ultra-search': `---\nname: ultra-search\ndescription: Compatibility alias for $Insane-Search/$InsaneSearch provider-independent source intelligence.\n---\n\nUse when the user invokes legacy $Ultra-Search/$UltraSearch or asks for InsaneSearch source intelligence, source acquisition, X-search-style collection, URL acquisition, source normalization, claim ledgers, or citation proof. Prefer \`sks ultra-search doctor --json\` for readiness and \`sks ultra-search run "<query>" --mode balanced --json\` for provider-independent source proof; use \`sks ultra-search x "<query>" --json\` for X-search intent and \`sks ultra-search fetch "<url>" --json\` for URL acquisition. Context7 is required only when the query depends on current package/API/framework/MCP/generated documentation behavior. xAI/Grok credentials are optional and must not be required for route readiness. Evidence/artifacts live under \`.sneakoscope/missions/<ultra-* or route mission>/ultra-search/\`: intent.json, axes.json, query-variants.json, provider-plan.json, source-ledger.json, lead-ledger.json, claim-ledger.json, synthesis.md, ultra-search-proof.json, ultra-search-gate.json, and ultra-search-result.json. Do not turn weak discovery into supported claims; finish with an Honest Mode summary of verified sources, blockers, and unverified external coverage.\n`,
1072
1073
  'search-visibility-core': `---\nname: search-visibility-core\ndescription: Shared kernel for seo-geo-optimizer audit, plan, explicit apply, rollback, verification, gates, and Completion Proof.\n---\n\nPurpose: keep Search Engine Optimization and Generative Engine Optimization on one typed search-visibility kernel instead of duplicate implementations. Use when $SEO-GEO-OPTIMIZER or \`sks seo-geo-optimizer\` is selected. Workflow: doctor detects package/static/Next evidence; audit writes source-backed inventory and findings; plan compiles safe mutation operations; apply requires explicit \`--apply\`; verify separates source, build, HTTP, browser, production, and measured outcome; rollback only reverses mission-owned operations. Safety: default read-only, never overwrite unmanaged robots.txt, sitemap, llms.txt, metadata, or structured data; do not hard-code customer routes; do not invent prices, reviews, availability, rankings, traffic, or AI citation outcomes. Evidence/artifacts: search-visibility/intake.json, adapter-detection.json, site-inventory.json, route-graph.json, robots-policy.json, structured-data-ledger.json, mutation-plan.json, mutation-journal.jsonl, rollback-manifest.json, verification-report.json, route gate, and completion-proof.json. Failure/recovery: unsupported frameworks stay audit/plan-only; missing production/browser/Search Console evidence remains unverified, not fabricated. CLI entrypoint: \`sks seo-geo-optimizer ... --mode seo|geo\`.\n`,
1073
1074
  'seo-geo-optimizer': `---\nname: seo-geo-optimizer\ndescription: Unified $SEO-GEO-OPTIMIZER route for Search Engine Optimization and Generative Engine Optimization.\n---\n\nPurpose: use one route name for SEO and GEO work while keeping the internal search-visibility mode explicit. Use when: the user asks for SEO audit/fix/verification, package/npm/GitHub search visibility, canonical, sitemap, robots.txt, hreflang, metadata, structured data, AI answer visibility, LLM citation readiness, answerability, entity/claim provenance, crawler policy, OAI-SearchBot/GPTBot/ChatGPT-User, Claude-SearchBot/ClaudeBot/Claude-User, or optional llms.txt planning. GEO means Generative Engine Optimization, not geolocation, GeoIP, maps, CDN geography, location permission, or regional redirect bugs. Workflow: run \`sks seo-geo-optimizer doctor --mode seo|geo\`, then audit, plan, explicit apply, verify, status, and rollback. Use \`--mode seo\` for technical/package search optimization and \`--mode geo\` for entity facts, claim evidence, answerability, crawler policy, and optional llms.txt. Safety: audit and plan must not mutate source; apply checks base hashes, ownership, scope, protected paths, rollback manifest, and post-verify. AI crawler policy must split search, training, user-directed retrieval, and ads/other; never use one allow_ai toggle and never auto-allow training crawlers. Evidence/artifacts: site-inventory.json, route-graph.json, seo-findings.json or geo-findings.json, entity-facts.json, claim-evidence-ledger.json, answerability-report.json, ai-crawler-policy.json, llms-txt-plan.json, mutation-plan.json, verification-report.json, seo-gate.json or geo-gate.json, completion-proof.json. Failure/recovery: unsupported frameworks stay plan-only; browser/production/Search Console/analytics outcomes are marked unverified when not actually run. Forbidden claims: no ranking, indexing, traffic lift, rich-result, answer inclusion, or AI citation guarantee; no keyword stuffing, doorway pages, fake reviews, fake prices, fake availability, fake shipping, fake awards, hidden AI-only text, or scaled spam. CLI entrypoint: \`sks seo-geo-optimizer doctor|audit|plan|apply|verify|status|rollback|fixture --mode seo|geo\`.\n`,
1074
1075
  'reflection': `---\nname: reflection\ndescription: Post-route self-review for full SKS routes that records real misses, gaps, and corrective lessons into TriWiki memory.\n---\n\nUse after full route work/tests and before final. DFix, Answer, Help, Wiki, SKS discovery are exempt. Do not invent faults. Write reflection.md; append real lessons to ${REFLECTION_MEMORY_PATH}; refresh/pack, validate context-pack.json, pass reflection-gate.json.\n\n${reflectionInstructionText()}\n`,
@@ -1,8 +1,63 @@
1
1
  import { isMadDbCapabilityActive, readMadDbCapability } from './mad-db-capability.js';
2
2
  import { activeMadDbAllowsSqlPlane, isMadDbControlPlaneDeniedTool, madDbOperationClassesFromClassification } from './mad-db-policy.js';
3
- import { sha256 } from '../fsx.js';
3
+ import { readJson, sha256 } from '../fsx.js';
4
+ import { missionsDir, stateFile } from '../mission.js';
4
5
  export const MAD_DB_POLICY_DECISION_SCHEMA = 'sks.mad-db-policy-decision.v2';
5
6
  export async function resolveMadDbMutationPolicy(root, state = {}, classification = {}, explicitCapability) {
7
+ const primary = await resolveMadDbMutationPolicyForState(root, state, classification, explicitCapability);
8
+ if (primary.allowed === true || explicitCapability)
9
+ return primary;
10
+ const persistedState = await readJson(stateFile(root), null).catch(() => null);
11
+ if (persistedState && persistedState !== state) {
12
+ const fallback = await resolveMadDbMutationPolicyForState(root, persistedState, classification, null);
13
+ if (fallback.allowed === true) {
14
+ return {
15
+ ...fallback,
16
+ state_source: 'persisted_sks_state',
17
+ reasons: [...fallback.reasons, 'mad_db_persisted_state_binding_used']
18
+ };
19
+ }
20
+ }
21
+ const latestCapability = await findLatestActiveMadDbCapability(root);
22
+ if (latestCapability) {
23
+ const fallback = await resolveMadDbMutationPolicyForState(root, {
24
+ mad_db_active: true,
25
+ mad_db_capability_mission_id: latestCapability.mission_id
26
+ }, classification, latestCapability);
27
+ if (fallback.allowed === true) {
28
+ return {
29
+ ...fallback,
30
+ state_source: 'latest_active_mad_db_capability',
31
+ reasons: [...fallback.reasons, 'mad_db_latest_active_capability_used']
32
+ };
33
+ }
34
+ }
35
+ return primary;
36
+ }
37
+ async function findLatestActiveMadDbCapability(root) {
38
+ const fs = await import('node:fs/promises');
39
+ const entries = await fs.readdir(missionsDir(root), { withFileTypes: true }).catch(() => []);
40
+ const candidates = [];
41
+ for (const entry of entries) {
42
+ if (!entry.isDirectory() || !entry.name.startsWith('M-'))
43
+ continue;
44
+ const capability = await readMadDbCapability(root, entry.name).catch(() => null);
45
+ if (!capability || !isMadDbCapabilityActive(capability))
46
+ continue;
47
+ const issuedMs = Date.parse(capability.issued_at || '');
48
+ const expiresMs = Date.parse(capability.expires_at || '');
49
+ candidates.push({
50
+ capability,
51
+ issuedMs: Number.isFinite(issuedMs) ? issuedMs : 0,
52
+ expiresMs: Number.isFinite(expiresMs) ? expiresMs : 0
53
+ });
54
+ }
55
+ candidates.sort((a, b) => ((a.issuedMs - b.issuedMs)
56
+ || (a.expiresMs - b.expiresMs)
57
+ || a.capability.mission_id.localeCompare(b.capability.mission_id)));
58
+ return candidates.at(-1)?.capability || null;
59
+ }
60
+ async function resolveMadDbMutationPolicyForState(root, state = {}, classification = {}, explicitCapability) {
6
61
  const missionId = explicitCapability?.mission_id || state?.mad_db_capability_mission_id || state?.mission_id;
7
62
  if (!missionId)
8
63
  return inactive('mission_id_missing');
@@ -39,7 +94,10 @@ export function validateCapabilityBinding(capability, state = {}, classification
39
94
  return { ok: false, reason: `mad_db_capability_${capability.status || 'inactive'}` };
40
95
  if (!capability.project_ref)
41
96
  return { ok: false, reason: 'mad_db_project_ref_missing' };
42
- if (state?.mission_id && String(state.mission_id) !== capability.mission_id)
97
+ const boundMadDbMissionId = state?.mad_db_capability_mission_id ? String(state.mad_db_capability_mission_id) : null;
98
+ if (boundMadDbMissionId === capability.mission_id && state?.mad_db_active === false)
99
+ return { ok: false, reason: 'mad_db_state_inactive' };
100
+ if (state?.mission_id && String(state.mission_id) !== capability.mission_id && boundMadDbMissionId !== capability.mission_id)
43
101
  return { ok: false, reason: 'mad_db_mission_binding_mismatch' };
44
102
  if (state?.mad_db_cycle_id && String(state.mad_db_cycle_id) !== capability.cycle_id)
45
103
  return { ok: false, reason: 'mad_db_cycle_binding_mismatch' };
@@ -168,7 +168,7 @@ Use only when the operator explicitly invokes $MAD-DB/$mad-db or ${commandPrefix
168
168
 
169
169
  Keep normal Supabase MCP configuration read-only. MadDB must create a mission-local ephemeral write-capable Supabase MCP profile bound to capability v2, project_ref, root, mission, thread/session, intent, runtime profile hash, TTL, and SQL-plane operation classes. Verify execute_sql and apply_migration availability before claiming readiness. Require actual tool results plus independent read-back verification before claiming success. Close/revoke the capability and runtime profile in finally and prove read-only restoration.
170
170
 
171
- Still deny Supabase account/project/billing/credential control-plane actions, credential exfiltration, unrelated storage/edge-function/admin changes, persistent security weakening, and unrequested fallback implementation. Pair with db-safety-guard, Context7 evidence for MCP/API docs, route-local reflection, and Honest Mode.`;
171
+ Still deny Supabase account/project/billing/credential control-plane actions, credential exfiltration, unrelated non-database admin changes, and unrequested fallback implementation. Do not add prompt-only SQL deny lists inside active MadDB; capability binding, SQL-plane scope, operation ledgering, and read-back verification are the approval boundary. Pair with db-safety-guard, Context7 evidence for MCP/API docs, route-local reflection, and Honest Mode.`;
172
172
  }
173
173
  export function dbSafetyGuardSkillText() {
174
174
  return `---
@@ -177,10 +177,11 @@ description: Enforce Sneakoscope Codex database safety before using SQL, Supabas
177
177
  ---
178
178
 
179
179
  Rules:
180
- - Default mode is read-only: do not run DROP, TRUNCATE, mass DELETE/UPDATE, db reset, db push, project deletion, branch reset/merge/delete, or RLS-disabling operations.
180
+ - Default non-MadDB mode is read-only and routes writes/destructive SQL to the DB safety gate.
181
181
  - Supabase MCP must be read-only and project-scoped by default.
182
182
  - Live execute_sql writes are blocked unless a bound active MadDB capability v2 is present.
183
- - Active MadDB is the explicit exception: SQL-plane mutations requested by $MAD-DB or sks mad-db run|exec|apply-migration are allowed and must be executed with read-back verification.
183
+ - Active MadDB is the explicit exception: SQL-plane mutations requested by $MAD-DB or sks mad-db run|exec|apply-migration are allowed, including DROP, DELETE, TRUNCATE, RLS/policy changes, and execute_sql/apply_migration, and must be executed with read-back verification.
184
+ - Default read-only restrictions do not apply to SQL-plane work while the active MadDB capability v2 is bound.
184
185
  - Supabase project/account/billing/credential control-plane actions remain denied even in MadDB.
185
186
  - If no active bound MadDB cycle exists, fall back to read-only only.`;
186
187
  }
@@ -17,7 +17,7 @@ export const RELEASE_1_17_GATE_SNAPSHOT = Object.freeze([
17
17
  'release:readiness'
18
18
  ]);
19
19
  export const RELEASE_1_18_REQUIRED_GATES = Object.freeze([
20
- 'ultra-search:provider-interface',
20
+ 'insane-search:provider-interface',
21
21
  'source-intelligence:policy',
22
22
  'source-intelligence:all-modes',
23
23
  'codex-web:adapter',
@@ -32,7 +32,7 @@ export const FROM_CHAT_IMG_CHECKLIST_ARTIFACT = 'from-chat-img-checklist.md';
32
32
  export const FROM_CHAT_IMG_TEMP_TRIWIKI_ARTIFACT = 'from-chat-img-temp-triwiki.json';
33
33
  export const FROM_CHAT_IMG_QA_LOOP_ARTIFACT = 'from-chat-img-qa-loop.json';
34
34
  export const FROM_CHAT_IMG_TEMP_TRIWIKI_SESSIONS = 5;
35
- export const USAGE_TOPICS = 'install|setup|bootstrap|root|deps|zellij|tmux|auto-review|team|qa-loop|ppt|image-ux-review|computer-use|goal|fast-mode|research|seo-geo-optimizer|db|git|codex|codex-app|codex-native|hooks|features|all-features|dfix|commit|commit-and-push|design|imagegen|dollar|context7|ultra-search|xai|pipeline|reasoning|guard|conflicts|versioning|eval|harness|hproof|gx|wiki|wrongness|code-structure|proof-field|skill-dream|rust';
35
+ export const USAGE_TOPICS = 'install|setup|bootstrap|root|deps|zellij|tmux|auto-review|team|qa-loop|ppt|image-ux-review|computer-use|goal|fast-mode|research|seo-geo-optimizer|db|git|codex|codex-app|codex-native|hooks|features|all-features|dfix|commit|commit-and-push|design|imagegen|dollar|context7|insane-search|ultra-search|xai|pipeline|reasoning|guard|conflicts|versioning|eval|harness|hproof|gx|wiki|wrongness|code-structure|proof-field|skill-dream|rust';
36
36
  export const CODEX_COMPUTER_USE_EVIDENCE_SOURCE = 'codex_computer_use';
37
37
  export const CODEX_IN_APP_BROWSER_EVIDENCE_SOURCE = 'codex_in_app_browser';
38
38
  export const CODEX_CHROME_EXTENSION_EVIDENCE_SOURCE = 'codex_chrome_extension';
@@ -541,19 +541,19 @@ export const ROUTES = [
541
541
  examples: ['$Research investigate this idea']
542
542
  },
543
543
  {
544
- id: 'UltraSearch',
545
- command: '$Ultra-Search',
544
+ id: 'InsaneSearch',
545
+ command: '$Insane-Search',
546
546
  mode: 'ULTRA_SEARCH',
547
547
  route: 'provider-independent source intelligence',
548
- description: 'Run UltraSearch source acquisition, source normalization, claim/proof ledgers, and provider-independent citation evidence without requiring xAI/Grok.',
549
- requiredSkills: ['ultra-search', 'pipeline-runner', 'context7-docs', 'honest-mode'],
550
- dollarAliases: ['$UltraSearch'],
548
+ description: 'Run InsaneSearch source acquisition, source normalization, claim/proof ledgers, and provider-independent citation evidence without requiring xAI/Grok.',
549
+ requiredSkills: ['insane-search', 'pipeline-runner', 'context7-docs', 'honest-mode'],
550
+ dollarAliases: ['$InsaneSearch', '$Ultra-Search', '$UltraSearch'],
551
551
  lifecycle: ['source_intent', 'query_variants', 'provider_plan', 'source_ledgers', 'claim_ledgers', 'ultra_search_gate', 'honest_mode'],
552
552
  context7Policy: 'if_external_docs',
553
553
  reasoningPolicy: 'high',
554
554
  stopGate: 'ultra-search/ultra-search-gate.json',
555
- cliEntrypoint: 'sks ultra-search doctor|run|x|fetch|status|inspect|sources|claims|cache|bench|migrate-xai',
556
- examples: ['$Ultra-Search run "current package release notes"', '$UltraSearch x "site:x.com product launch"']
555
+ cliEntrypoint: 'sks insane-search doctor|run|x|fetch|status|inspect|sources|claims|cache|bench|migrate-xai',
556
+ examples: ['$Insane-Search run "current package release notes"', '$InsaneSearch x "site:x.com product launch"']
557
557
  },
558
558
  {
559
559
  id: 'SEOGEOOptimizer',
@@ -721,8 +721,9 @@ export const COMMAND_CATALOG = [
721
721
  { name: 'image-ux-review', usage: 'sks ux-review run --image <path> --fix --json | sks image-ux-review status <mission-id|latest> [--json]', description: 'Run or inspect $Image-UX-Review gpt-image-2/imagegen annotated UI/UX review artifacts, issue ledgers, safe fix loops, recapture, and proof gates.' },
722
722
  { name: 'computer-use', usage: 'sks computer-use import|status|smoke|require ... [--json]', description: 'Record native Mac/non-web Computer Use visual evidence while keeping web verification on the Chrome Extension path.' },
723
723
  { name: 'context7', usage: 'sks context7 check|setup|tools|resolve|docs|evidence ...', description: 'Check, configure, and call the local Context7 MCP requirement.' },
724
- { name: 'ultra-search', usage: 'sks ultra-search doctor|run|x|fetch|status|inspect|sources|claims|cache|bench|migrate-xai', description: 'Run provider-independent UltraSearch source intelligence.' },
725
- { name: 'xai', usage: 'sks xai check|status|docs', description: 'Deprecated compatibility notice; use sks ultra-search.' },
724
+ { name: 'insane-search', usage: 'sks insane-search doctor|run|x|fetch|status|inspect|sources|claims|cache|bench|migrate-xai', description: 'Run provider-independent InsaneSearch source intelligence.' },
725
+ { name: 'ultra-search', usage: 'compatibility alias for sks insane-search', description: 'Deprecated compatibility alias; use sks insane-search.' },
726
+ { name: 'xai', usage: 'sks xai check|status|docs', description: 'Deprecated compatibility notice; use sks insane-search.' },
726
727
  { name: 'recallpulse', usage: 'sks recallpulse run|status|eval|governance|checklist <mission-id|latest>', description: 'Run report-only RecallPulse active recall, durable status, proof capsule, evidence envelope, and governance checks.' },
727
728
  { name: 'pipeline', usage: 'sks pipeline status|resume|plan|answer ...', description: 'Inspect the active skill-first route, materialized execution plan, ambiguity gates, and completion gates.' },
728
729
  { name: 'guard', usage: 'sks guard check [--json]', description: 'Check SKS harness self-protection lock, fingerprints, and source-repo exception state.' },
@@ -899,7 +900,7 @@ export function looksLikeGenerativeEngineOptimizationRequest(prompt = '') {
899
900
  }
900
901
  export function looksLikeUltraSearchRequest(prompt = '') {
901
902
  const text = String(prompt || '');
902
- return /\b(?:UltraSearch|Ultra-Search|ultra\s*search|source\s+intelligence|provider-independent\s+source|source\s+acquisition|citation\s+proof|x-search)\b|울트라\s*서치|소스\s*인텔리전스/i.test(text);
903
+ return /\b(?:InsaneSearch|Insane-Search|insane\s*search|UltraSearch|Ultra-Search|ultra\s*search|source\s+intelligence|provider-independent\s+source|source\s+acquisition|citation\s+proof|x-search)\b|인세인\s*서치|울트라\s*서치|소스\s*인텔리전스/i.test(text);
903
904
  }
904
905
  export function routePrompt(prompt) {
905
906
  const text = stripVisibleDecisionAnswerBlocks(prompt);
@@ -949,7 +950,7 @@ export function routePrompt(prompt) {
949
950
  if (/\b(qa[-\s]?loop|qaloop|e2e\s+qa|qa\s+e2e)\b/i.test(text))
950
951
  return routeById('QALoop');
951
952
  if (looksLikeUltraSearchRequest(text) && !looksLikeCodeChangingWork(text) && !looksLikeAnswerOnlyRequest(text))
952
- return routeById('UltraSearch');
953
+ return routeById('InsaneSearch');
953
954
  if (looksLikeGenerativeEngineOptimizationRequest(text))
954
955
  return routeById('SEOGEOOptimizer');
955
956
  if (looksLikeSeoRequest(text))
@@ -1051,7 +1052,7 @@ export function routeRequiresSubagents(route, prompt = '') {
1051
1052
  return false;
1052
1053
  if (route.id === 'ImageUXReview')
1053
1054
  return false;
1054
- if (route.id === 'UltraSearch')
1055
+ if (route.id === 'InsaneSearch')
1055
1056
  return false;
1056
1057
  if (route.id === 'SEOGEOOptimizer')
1057
1058
  return false;
@@ -1137,7 +1138,7 @@ export function routeReasoning(route, prompt = '') {
1137
1138
  return teamRouteReasoning(text);
1138
1139
  if (route?.id === 'Research' || route?.id === 'AutoResearch')
1139
1140
  return reasoning('xhigh', 'research_or_experiment_route');
1140
- if (route?.id === 'UltraSearch')
1141
+ if (route?.id === 'InsaneSearch')
1141
1142
  return reasoning('high', 'source_intelligence_route');
1142
1143
  if (route?.id === 'SEOGEOOptimizer')
1143
1144
  return reasoning('high', 'search_visibility_route');
@@ -1,2 +1,2 @@
1
- export const PACKAGE_VERSION = '4.6.0';
1
+ export const PACKAGE_VERSION = '4.6.2';
2
2
  //# sourceMappingURL=version.js.map
@@ -0,0 +1,73 @@
1
+ #!/usr/bin/env node
2
+ import fs from 'node:fs';
3
+ import os from 'node:os';
4
+ import path from 'node:path';
5
+ import { createMission, setCurrent, missionDir } from '../core/mission.js';
6
+ import { checkDbOperation } from '../core/db-safety.js';
7
+ import { createMadDbCapability, MAD_DB_ACK, readMadDbCapability } from '../core/mad-db/mad-db-capability.js';
8
+ import { assertGate, emitGate } from './sks-1-18-gate-lib.js';
9
+ const root = fs.mkdtempSync(path.join(os.tmpdir(), 'sks-mad-db-direct-apply-'));
10
+ const mission = await createMission(root, { mode: 'mad-db', prompt: '$MAD-DB direct apply_migration fixture' });
11
+ const capability = await createMadDbCapability(root, {
12
+ missionId: mission.id,
13
+ ack: MAD_DB_ACK,
14
+ cwd: root,
15
+ ttlMs: 60000,
16
+ projectRef: 'fixture-project-ref',
17
+ status: 'active'
18
+ });
19
+ await setCurrent(root, {
20
+ mission_id: mission.id,
21
+ mode: 'MADDB',
22
+ route: 'MadDB',
23
+ route_command: '$MAD-DB',
24
+ phase: 'MADDB_SQL_PLANE_CAPABILITY_ACTIVE',
25
+ implementation_allowed: true,
26
+ mad_db_active: true,
27
+ mad_db_capability_mission_id: mission.id,
28
+ mad_db_cycle_id: capability.cycle_id,
29
+ mad_db_runtime_session_id: capability.runtime_session_id,
30
+ mad_db_profile_sha256: capability.transport.profile_sha256,
31
+ mad_db_capability_file: 'mad-db-capability.json'
32
+ });
33
+ const payloadStateFromCodex = { mission_id: 'codex-payload-state', mode: 'AGENT', phase: 'TOOL_CALL' };
34
+ const decision = await checkDbOperation(root, payloadStateFromCodex, {
35
+ tool_name: 'mcp__supabase__apply_migration',
36
+ tool_call_id: 'direct-apply-migration-call',
37
+ tool_input: {
38
+ name: 'direct_apply_fixture',
39
+ query: 'alter table public.fixture add column if not exists direct_apply_fixture text;'
40
+ }
41
+ });
42
+ const updated = await readMadDbCapability(root, mission.id);
43
+ const wrongMissionDirExists = fs.existsSync(missionDir(root, payloadStateFromCodex.mission_id));
44
+ assertGate(decision.allowed === true && decision.mad_db?.active === true, 'direct Supabase MCP apply_migration must be allowed by persisted active MadDB capability', decision);
45
+ assertGate(decision.mad_db.operation_classes.includes('migration_apply'), 'direct apply_migration must reserve a migration_apply operation class', decision);
46
+ assertGate(decision.mad_db.state_source === 'persisted_sks_state', 'drifted hook payload state must fall back to persisted SKS MadDB state', decision);
47
+ assertGate(updated?.counters.reserved === 1, 'direct apply_migration reservation must land on the real MadDB mission capability', updated || {});
48
+ assertGate(wrongMissionDirExists === false, 'direct apply_migration must not create or write under the drifted payload mission id');
49
+ const unrelatedMission = await createMission(root, { mode: 'team', prompt: 'unrelated current-state drift fixture' });
50
+ const unrelatedStateFromCodex = { mission_id: unrelatedMission.id, mode: 'TEAM', phase: 'TOOL_CALL' };
51
+ const executeDecision = await checkDbOperation(root, unrelatedStateFromCodex, {
52
+ tool_name: 'mcp__supabase__execute_sql',
53
+ tool_call_id: 'direct-execute-sql-drop-delete-call',
54
+ tool_input: {
55
+ query: 'drop table if exists public.fixture_old; delete from public.fixture;'
56
+ }
57
+ });
58
+ const afterExecute = await readMadDbCapability(root, mission.id);
59
+ const unrelatedOperationsDir = path.join(missionDir(root, unrelatedMission.id), 'mad-db', 'runtime', 'operations');
60
+ assertGate(executeDecision.allowed === true && executeDecision.mad_db?.active === true, 'active MadDB capability must allow direct execute_sql after current state drifts away from MadDB', executeDecision);
61
+ assertGate(executeDecision.mad_db.state_source === 'latest_active_mad_db_capability', 'direct execute_sql must fall back to the latest active MadDB capability when persisted state is unrelated', executeDecision);
62
+ for (const operation of ['direct_execute_sql', 'drop', 'all_row_delete']) {
63
+ assertGate(executeDecision.mad_db.operation_classes.includes(operation), `direct execute_sql destructive SQL must reserve ${operation}`, executeDecision);
64
+ }
65
+ assertGate(afterExecute?.counters.reserved === 2, 'direct execute_sql reservation must land on the real MadDB mission capability', afterExecute || {});
66
+ assertGate(fs.existsSync(unrelatedOperationsDir) === false, 'direct execute_sql must not write operation lifecycle files under the unrelated current mission');
67
+ emitGate('mad-db:direct-apply-migration-hook', {
68
+ mission_id: mission.id,
69
+ apply_operation_id: decision.mad_db.operation_id,
70
+ execute_operation_id: executeDecision.mad_db.operation_id,
71
+ counters: afterExecute?.counters
72
+ });
73
+ //# sourceMappingURL=mad-db-direct-apply-migration-hook-check.js.map
@@ -9,6 +9,10 @@ for (const token of ['table/schema DROP', 'all-row mutations', 'TRUNCATE', 'exec
9
9
  }
10
10
  assertGate(dbSafetySkill.includes('Active MadDB is the explicit exception'), 'db safety skill must name active MadDB exception', { dbSafetySkill });
11
11
  assertGate(!madDbSkill.includes('Keep catastrophic safeguards active: whole database/schema/table removal'), 'MadDB skill must not carry old destructive-operation denial text', { madDbSkill });
12
+ assertGate(!madDbSkill.includes('persistent security weakening'), 'MadDB skill must not carry prompt-only SQL-plane denial text', { madDbSkill });
13
+ assertGate(madDbSkill.includes('Do not add prompt-only SQL deny lists inside active MadDB'), 'MadDB skill must prevent SQL-plane prompt veto lists', { madDbSkill });
14
+ assertGate(!dbSafetySkill.includes('do not run DROP'), 'db safety skill must not conflict with active MadDB SQL-plane allowance', { dbSafetySkill });
15
+ assertGate(dbSafetySkill.includes('Default read-only restrictions do not apply to SQL-plane work while the active MadDB capability v2 is bound'), 'db safety skill must explicitly remove default restrictions during active MadDB', { dbSafetySkill });
12
16
  assertGate(initText.includes('madDbSkillText()') && initText.includes('dbSafetyGuardSkillText()'), 'init must generate skills from typed MadDB policy SSOT', {});
13
17
  assertGate(MAD_DB_POLICY.active_mode.sql_plane === 'allow_all_mutations' && MAD_DB_POLICY.normal_supabase_mcp.read_only_required === true, 'typed policy must encode active SQL-plane and normal read-only modes', MAD_DB_POLICY);
14
18
  emitGate('mad-db:skill-policy', { schema: MAD_DB_POLICY.schema, operation_classes: MAD_DB_POLICY.sql_plane_allowed.length });
@@ -115,6 +115,7 @@ const requiredReleasePresetIds = [
115
115
  'mad-db:operation-lifecycle-ledger',
116
116
  'mad-db:route-identity',
117
117
  'mad-db:hook-idempotency',
118
+ 'mad-db:direct-apply-migration-hook',
118
119
  'mad-db:parallel-lifecycle',
119
120
  'mad-db:runtime-profile',
120
121
  'mad-db:skill-policy',
@@ -97,7 +97,7 @@ const requiredScripts = [
97
97
  'agent:janitor',
98
98
  'agent:multi-project-isolation',
99
99
  'verification:parallel-engine',
100
- 'ultra-search:provider-interface',
100
+ 'insane-search:provider-interface',
101
101
  'source-intelligence:policy',
102
102
  'source-intelligence:all-modes',
103
103
  'codex-web:adapter',
@@ -34,9 +34,9 @@ const tasks = [
34
34
  task('agent:janitor', 'npm run agent:janitor --silent', { dependencies: ['build'] }),
35
35
  task('agent:multi-project-isolation', 'npm run agent:multi-project-isolation --silent', { dependencies: ['build'] }),
36
36
  task('verification:parallel-engine', 'npm run verification:parallel-engine --silent', { dependencies: ['build'] }),
37
- task('ultra-search:provider-interface', 'npm run ultra-search:provider-interface --silent', { dependencies: ['build'] }),
37
+ task('insane-search:provider-interface', 'npm run insane-search:provider-interface --silent', { dependencies: ['build'] }),
38
38
  task('source-intelligence:policy', 'npm run source-intelligence:policy --silent', { dependencies: ['build'] }),
39
- task('source-intelligence:all-modes', 'npm run source-intelligence:all-modes --silent', { dependencies: ['build', 'source-intelligence:policy', 'ultra-search:provider-interface', 'codex-web:adapter'] }),
39
+ task('source-intelligence:all-modes', 'npm run source-intelligence:all-modes --silent', { dependencies: ['build', 'source-intelligence:policy', 'insane-search:provider-interface', 'codex-web:adapter'] }),
40
40
  task('codex-web:adapter', 'npm run codex-web:adapter --silent', { dependencies: ['build'] }),
41
41
  task('seo:cli-blackbox', 'npm run seo:cli-blackbox --silent', { dependencies: ['build'] }),
42
42
  task('seo:audit-fixture', 'npm run seo:audit-fixture --silent', { dependencies: ['build'] }),
@@ -6,7 +6,7 @@ import { assertGate, emitGate, importDist, packageScripts, root } from './sks-1-
6
6
  const mod = await importDist('core/release-parallel-full-coverage.js');
7
7
  const pkgScripts = packageScripts();
8
8
  const parallelSource = fs.readFileSync(path.join(root, 'src/scripts/release-parallel-check.ts'), 'utf8');
9
- const current = [...new Set(Object.keys(pkgScripts).filter((name) => parallelSource.includes(name)).concat(Object.keys(pkgScripts).filter((name) => /^ultra-search|^source-intelligence|^codex-web|^goal-mode|^agent:main-no-scout|^agent:worker-scout-limited|^agent:background-terminals|^agent:zellij-runtime|^agent:visual-consistency|^release:parallel-full-coverage|^priority:full-closure/.test(name))))];
9
+ const current = [...new Set(Object.keys(pkgScripts).filter((name) => parallelSource.includes(name)).concat(Object.keys(pkgScripts).filter((name) => /^insane-search|^ultra-search|^source-intelligence|^codex-web|^goal-mode|^agent:main-no-scout|^agent:worker-scout-limited|^agent:background-terminals|^agent:zellij-runtime|^agent:visual-consistency|^release:parallel-full-coverage|^priority:full-closure/.test(name))))];
10
10
  const report = mod.evaluateReleaseParallelFullCoverage(current);
11
11
  assertGate(report.ok === true, 'release parallel DAG must preserve previous gates and include 1.18 gates', report);
12
12
  emitGate('release:parallel-full-coverage', { previous_gate_count: report.previous_gate_count, current_gate_count: report.current_gate_count });
@@ -103,7 +103,7 @@ const checks = {
103
103
  computer_use_live_evidence: scriptContains('release:check', 'computer-use:live-evidence'),
104
104
  docs_truthfulness: scriptContains('release:check', 'docs:truthfulness'),
105
105
  release_readiness: scriptContains('release:check:parallel', 'release:readiness'),
106
- ultra_search_provider_interface: scriptContains('release:check:parallel', 'ultra-search:provider-interface'),
106
+ insane_search_provider_interface: scriptContains('release:check:parallel', 'insane-search:provider-interface'),
107
107
  source_intelligence_policy: scriptContains('release:check:parallel', 'source-intelligence:policy'),
108
108
  source_intelligence_all_modes: scriptContains('release:check:parallel', 'source-intelligence:all-modes'),
109
109
  codex_web_adapter: scriptContains('release:check:parallel', 'codex-web:adapter'),
@@ -18,7 +18,7 @@ assertGate(result.proof.provider_independent === true, 'UltraSearch proof must b
18
18
  assertGate(result.proof.xai_runtime_dependency === false, 'UltraSearch must not require xAI runtime', result.proof);
19
19
  assertGate(result.sources.some((source) => source.acquisition_verdict === 'verified_content'), 'UltraSearch must normalize verified source evidence', result.sources);
20
20
  assertGate(result.convergence.schema === 'sks.ultra-search-convergence.v1', 'UltraSearch convergence artifact must be typed', result.convergence);
21
- emitGate('ultra-search:provider-interface', {
21
+ emitGate('insane-search:provider-interface', {
22
22
  mode: result.mode,
23
23
  sources: result.sources.length,
24
24
  verified: result.proof.verified_source_count,
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "sneakoscope",
3
3
  "displayName": "ㅅㅋㅅ",
4
- "version": "4.6.0",
4
+ "version": "4.6.2",
5
5
  "description": "Sneakoscope Codex: fast proof-first Codex trust layer with image-based Voxel TriWiki.",
6
6
  "type": "module",
7
7
  "homepage": "https://github.com/mandarange/Sneakoscope-Codex#readme",
@@ -496,7 +496,8 @@
496
496
  "mcp:readonly-runtime-scheduler": "node ./dist/scripts/mcp-readonly-runtime-scheduler-check.js",
497
497
  "codex:0.134-runner-truth": "node ./dist/scripts/codex-0-134-runner-truth-check.js",
498
498
  "source-intelligence:policy": "node ./dist/scripts/source-intelligence-policy-check.js",
499
- "ultra-search:provider-interface": "node ./dist/scripts/ultra-search-provider-interface-check.js",
499
+ "insane-search:provider-interface": "node ./dist/scripts/ultra-search-provider-interface-check.js",
500
+ "ultra-search:provider-interface": "npm run insane-search:provider-interface --silent",
500
501
  "context7:evidence-dedupe": "node ./dist/scripts/context7-evidence-dedupe-check.js",
501
502
  "source-intelligence:codex-history-search": "node ./dist/scripts/codex-history-search-check.js",
502
503
  "source-intelligence:all-modes": "node ./dist/scripts/source-intelligence-all-modes-check.js",
@@ -739,6 +740,7 @@
739
740
  "mad-db:operation-lifecycle-ledger": "node ./dist/scripts/mad-db-operation-lifecycle-ledger-check.js",
740
741
  "mad-db:route-identity": "node ./dist/scripts/mad-db-route-identity-check.js",
741
742
  "mad-db:hook-idempotency": "node ./dist/scripts/mad-db-hook-idempotency-check.js",
743
+ "mad-db:direct-apply-migration-hook": "node ./dist/scripts/mad-db-direct-apply-migration-hook-check.js",
742
744
  "mad-db:parallel-lifecycle": "node ./dist/scripts/mad-db-parallel-lifecycle-check.js",
743
745
  "mad-db:runtime-profile": "node ./dist/scripts/mad-db-runtime-profile-lifecycle-check.js",
744
746
  "mad-db:skill-policy": "node ./dist/scripts/mad-db-skill-policy-snapshot-check.js",
@@ -776,7 +778,7 @@
776
778
  "mad-db:lifecycle-hook-decision": "node ./dist/scripts/mad-db-lifecycle-hook-decision-check.js",
777
779
  "mad-db:mcp-result-lifecycle": "node ./dist/scripts/mad-db-mcp-result-lifecycle-check.js",
778
780
  "mad-db:operation-lifecycle-blackbox": "node ./dist/scripts/mad-db-operation-lifecycle-blackbox.js",
779
- "mad-db:unit": "npm run mad-db:capability && npm run mad-db:command && npm run mad-db:mad-command && npm run mad-db:priority-resolver && npm run mad-db:ledger && npm run mad-db:one-cycle-consumption && npm run mad-db:safety-conflict-matrix && npm run mad-db:one-cycle-bounded && npm run mad-db:operation-lifecycle-ledger && npm run mad-db:route-identity && npm run mad-db:hook-idempotency && npm run mad-db:parallel-lifecycle && npm run mad-db:runtime-profile && npm run mad-db:skill-policy && npm run mad-db:policy-v2 && npm run mad-db:lifecycle-hook-decision && npm run mad-db:mcp-result-lifecycle && npm run mad-db:operation-lifecycle-blackbox",
781
+ "mad-db:unit": "npm run mad-db:capability && npm run mad-db:command && npm run mad-db:mad-command && npm run mad-db:priority-resolver && npm run mad-db:ledger && npm run mad-db:one-cycle-consumption && npm run mad-db:safety-conflict-matrix && npm run mad-db:one-cycle-bounded && npm run mad-db:operation-lifecycle-ledger && npm run mad-db:route-identity && npm run mad-db:hook-idempotency && npm run mad-db:direct-apply-migration-hook && npm run mad-db:parallel-lifecycle && npm run mad-db:runtime-profile && npm run mad-db:skill-policy && npm run mad-db:policy-v2 && npm run mad-db:lifecycle-hook-decision && npm run mad-db:mcp-result-lifecycle && npm run mad-db:operation-lifecycle-blackbox",
780
782
  "mad-db:real-e2e": "node ./dist/scripts/mad-db-real-supabase-e2e.js --require-real",
781
783
  "mad-db:all": "npm run build && npm run mad-db:unit",
782
784
  "mad-db:release": "npm run mad-db:all && npm run mad-db:real-e2e",