thoth-agents 0.1.6 → 0.1.8

package/dist/chunk-OJCEGZSA.js

@@ -0,0 +1,3735 @@
+import {
+  ALL_AGENT_NAMES,
+  CODEX_PROMPT_DIALECT,
+  CONTEXT7_MCP_URL,
+  CUSTOM_SKILLS,
+  DEFAULT_MODELS,
+  DEFAULT_THOTH_COMMAND,
+  GREP_APP_MCP_URL,
+  appendPromptSections,
+  composeAgentPrompt,
+  createModelFamilySection,
+  createOrchestratorPromptSections,
+  createReadOnlySpecialistPromptSections,
+  createStepBudgetSection,
+  createWriteCapableSpecialistPromptSections,
+  disableDefaultAgents,
+  ensureConfigDir,
+  ensureOpenCodeConfigDir,
+  exa,
+  findPackageRoot,
+  generateLiteConfig,
+  getAgentOverride,
+  getCustomSkillsDir,
+  getExistingConfigPath,
+  getExistingLiteConfigPath,
+  getSkillRegistry,
+  installCustomSkills,
+  loadAgentPrompt,
+  parseConfig,
+  renderPromptSection,
+  renderRolePrompt,
+  writeConfig,
+  writeLiteConfig
+} from "./chunk-OES76C67.js";
+
+// src/harness/adapters/codex.ts
+import { existsSync as existsSync2, readFileSync as readFileSync2 } from "fs";
+import { dirname, resolve } from "path";
+import { fileURLToPath } from "url";
+
+// src/harness/core/agent-pack.ts
+var AGENT_ROLES = [
+  {
+    name: "orchestrator",
+    mode: "primary-non-mutating",
+    dispatch: "root-coordinator",
+    canMutateWorkspace: false,
+    scope: "coordination, routing, decisions, progress, and root memory",
+    responsibility: "Delegate-first coordinator for SDD workflow, specialist dispatch, and root-session memory ownership.",
+    toolGovernance: [
+      "delegates inspection, writing, debugging, and verification",
+      "owns question prompts and root-session memory",
+      "does not perform inline workspace implementation"
+    ],
+    verification: [
+      "routes verification to specialists",
+      "summarizes evidence from changed files, diagnostics, and tests"
+    ]
+  },
+  {
+    name: "explorer",
+    mode: "read-only",
+    dispatch: "task",
+    canMutateWorkspace: false,
+    scope: "local repository discovery",
+    responsibility: "Find workspace facts fast and return paths, lines, symbols, constraints, edit targets, and conclusions.",
+    toolGovernance: [
+      "read/search/code-navigation tools only",
+      "no durable memory writes",
+      "no task delegation or progress ownership"
+    ],
+    verification: ["reports confidence, anchors, unchecked areas, and gaps"]
+  },
+  {
+    name: "librarian",
+    mode: "read-only",
+    dispatch: "task",
+    canMutateWorkspace: false,
+    scope: "external research plus local confirmation when needed",
+    responsibility: "Gather authoritative external evidence and distinguish official docs from examples.",
+    toolGovernance: [
+      "research and read-only local confirmation tools",
+      "no workspace mutation",
+      "no durable memory writes"
+    ],
+    verification: ["sources every substantive external claim with a URL"]
+  },
+  {
+    name: "oracle",
+    mode: "read-only",
+    dispatch: "synchronous-task-only",
+    canMutateWorkspace: false,
+    scope: "advice, diagnosis, architecture, code review, and plan review",
+    responsibility: "Provide strategic technical guidance anchored to evidence and review SDD plans.",
+    toolGovernance: [
+      "read-only analysis and review",
+      "no implementation or artifact-producing SDD phases",
+      "no task delegation"
+    ],
+    verification: ["separates observations, risks, and recommendations"]
+  },
+  {
+    name: "designer",
+    mode: "write-capable",
+    dispatch: "synchronous-task-only",
+    canMutateWorkspace: true,
+    scope: "UI/UX decisions, implementation, and visual verification",
+    responsibility: "Own user-facing implementation choices and visual QA for UI work.",
+    toolGovernance: [
+      "may edit focused UI/UX files",
+      "owns screenshots and visual QA",
+      "does not delegate or own SDD progress"
+    ],
+    verification: ["includes visual verification status when applicable"]
+  },
+  {
+    name: "quick",
+    mode: "write-capable",
+    dispatch: "synchronous-task-only",
+    canMutateWorkspace: true,
+    scope: "fast bounded implementation",
+    responsibility: "Implement well-defined narrow or mechanical changes with focused verification.",
+    toolGovernance: [
+      "may edit bounded targets",
+      "does not perform broad rediscovery",
+      "does not delegate or own SDD progress"
+    ],
+    verification: ["runs the smallest sufficient focused check"]
+  },
+  {
+    name: "deep",
+    mode: "write-capable",
+    dispatch: "synchronous-task-only",
+    canMutateWorkspace: true,
+    scope: "thorough implementation and verification",
+    responsibility: "Handle correctness-critical, multi-file, or edge-case-heavy changes with full local context analysis.",
+    toolGovernance: [
+      "may edit implementation and tests",
+      "validates shared behavior against related code and call sites",
+      "does not delegate or own SDD progress"
+    ],
+    verification: ["does not skip verification and reports edge-case evidence"]
+  }
+];
+var DELEGATE_FIRST_RULES = [
+  "The orchestrator coordinates, decides, asks blocking questions, and delegates evidence or action.",
+  "Explorer, librarian, and oracle remain read-only specialists.",
+  "Designer, quick, and deep are write-capable leaf agents with synchronous task dispatch.",
+  "Subagents return findings, diffs, verification, and blockers rather than raw file dumps.",
+  "No leaf agent owns SDD progress checkboxes or orchestrator-only memory."
+];
+var VERIFICATION_PROTOCOL = [
+  "Completion reports include changed files and verification evidence.",
+  "Behavior changes require the smallest sufficient automated check or an explicitly documented check.",
+  "Visual changes require designer-owned visual QA when feasible."
+];
+var AGENT_PACK_CONTRACT = {
+  roles: [...AGENT_ROLES],
+  delegateFirstRules: [...DELEGATE_FIRST_RULES],
+  verificationProtocol: [...VERIFICATION_PROTOCOL]
+};
+function getAgentPackContract() {
+  return {
+    roles: AGENT_PACK_CONTRACT.roles.map((role) => ({
+      ...role,
+      toolGovernance: [...role.toolGovernance],
+      verification: [...role.verification]
+    })),
+    delegateFirstRules: [...AGENT_PACK_CONTRACT.delegateFirstRules],
+    verificationProtocol: [...AGENT_PACK_CONTRACT.verificationProtocol]
+  };
+}
+
+// src/harness/core/memory-governance.ts
+var ROOT_OWNED_TOOLS = [
+  "mem_session_start",
+  "mem_session_summary",
+  "mem_save_prompt"
+];
+var READ_RECALL_CHAIN = [
+  "mem_search",
+  "mem_timeline",
+  "mem_get_observation"
+];
+var WRITE_CAPABLE_DELEGATED_TOOLS = [
+  "mem_save",
+  "mem_search",
+  "mem_get_observation",
+  "mem_timeline",
+  "mem_suggest_topic_key"
+];
+var ALL_MEMORY_TOOLS = [
+  ...ROOT_OWNED_TOOLS,
+  ...READ_RECALL_CHAIN,
+  "mem_suggest_topic_key",
+  "mem_save"
+];
+function uniqueTools(tools) {
+  return [...new Set(tools)];
+}
+function roleAllowedTools(role) {
+  if (role.name === "orchestrator") {
+    return uniqueTools([...ROOT_OWNED_TOOLS, ...WRITE_CAPABLE_DELEGATED_TOOLS]);
+  }
+  if (role.mode === "read-only") {
+    return [...READ_RECALL_CHAIN];
+  }
+  return [...WRITE_CAPABLE_DELEGATED_TOOLS];
+}
+function roleRules(role) {
+  const sharedSubagentRules = [
+    "Every subagent memory call requires the parent session_id and project from dispatch; if either is missing, do not call thoth-mem.",
+    "Never call mem_session_start, mem_session_summary, or mem_save_prompt; those tools are root/orchestrator-owned.",
+    "Protect the sdd/* topic namespace; SDD artifacts may use deterministic sdd/{change}/{artifact} topic keys only in persistence modes that include thoth-mem."
+  ];
+  if (role.name === "orchestrator") {
+    return [
+      "mem_session_start, mem_session_summary, and mem_save_prompt are root/main orchestrator-owned tools and responsibilities.",
+      "In harnesses without an orchestrator-named agent, root/main orchestrator-owned means the initial/root agent when the harness does not expose an orchestrator-named agent.",
+      "Dispatch parent session_id and project when authorizing subagent memory use.",
+      "Protect the sdd/* topic namespace and write SDD memory artifacts only in thoth-mem or hybrid persistence modes."
+    ];
+  }
+  if (role.mode === "read-only") {
+    return [
+      ...sharedSubagentRules,
+      "Read-only agents may only perform bounded, project-scoped recall with mem_search -> mem_timeline -> mem_get_observation when authorized.",
+      "Read-only agents must never write durable memory."
+    ];
+  }
+  return [
+    ...sharedSubagentRules,
+    "Write-capable agents may call mem_save only for delegated durable observations under the parent session/project.",
+    "For reads, use only mem_search -> mem_timeline -> mem_get_observation."
+  ];
+}
+function getRoleMemoryGovernance(role) {
+  const allowedTools = roleAllowedTools(role);
+  return {
+    role: role.name,
+    rootOwnedTools: [...ROOT_OWNED_TOOLS],
+    allowedTools,
+    forbiddenTools: ALL_MEMORY_TOOLS.filter(
+      (tool) => !allowedTools.includes(tool)
+    ),
+    requiresParentContext: role.name !== "orchestrator",
+    mayReadProjectMemory: role.name !== "orchestrator",
+    mayWriteDurableObservations: role.mode === "write-capable",
+    protectsSddNamespace: true,
+    rules: roleRules(role)
+  };
+}
+function renderMemoryGovernanceInstructions(role, dialect) {
+  const governance = getRoleMemoryGovernance(role);
+  const harnessRules = dialect ? [
+    `- Harness wording: use ${dialect.renderRoleInvocation("orchestrator")} as the memory owner and \`${dialect.tools.userQuestionTool}\` for blocking memory-context questions.`,
+    `- Progress ownership remains with the coordinator; report memory-governance verification for tracking in ${dialect.tools.progressTool}.`
+  ] : [];
+  return [
+    "thoth-mem governance:",
+    ...governance.rules.map((rule) => `- ${rule}`),
+    ...harnessRules,
+    `- Runtime enforcement: ${role.name === "orchestrator" ? "root-owned" : "instruction-level unless the target harness validates per-agent memory controls"}.`
+  ].join("\n");
+}
+function memoryGovernanceDiagnostics(input) {
+  const diagnostics = [];
+  if (input.permissionControls !== "supported") {
+    diagnostics.push({
+      severity: "warning",
+      code: `${input.harness}.permission.memory.enforcement_gap`,
+      message: "Runtime controls for root-only memory tools are unavailable; governance is rendered as instruction-level guidance.",
+      harness: input.harness,
+      capability: "rolePermissions",
+      fallback: "instruction-only"
+    });
+  }
+  if (input.parentContextInjection !== "supported") {
+    diagnostics.push({
+      severity: input.parentContextInjection === "unknown" ? "error" : "warning",
+      code: `${input.harness}.context.parent_injection.unvalidated`,
+      message: "Parent session_id/project injection is not runtime-enforced; subagents must be instructed not to use memory without explicit dispatch context.",
+      harness: input.harness,
+      capability: "parentContextInjection",
+      fallback: "instruction-only"
+    });
+  }
+  if (input.memoryWriteControls !== "supported") {
+    diagnostics.push({
+      severity: "warning",
+      code: `${input.harness}.permission.memory_write.enforcement_gap`,
+      message: "Runtime controls for delegated memory writes are unavailable; write-capable agents receive instruction-level mem_save limits only.",
+      harness: input.harness,
+      capability: "memoryGovernanceEnforcement",
+      fallback: "instruction-only"
+    });
+  }
+  return diagnostics;
+}
+
+// src/harness/writers/codex-plugin-package.ts
+import { createHash } from "crypto";
+
+// src/harness/adapters/codex-surfaces.ts
+var CODEX_HOOK_EVENTS = [
+  "SessionStart",
+  "UserPromptSubmit",
+  "PreToolUse",
+  "PermissionRequest",
+  "PostToolUse",
+  "Stop"
+];
+var SUPPORTED_CODEX_HOOK_OUTPUT_FIELDS = ["message"];
+var CODEX_PLUGIN_MANIFEST_FIELDS = [
+  "name",
+  "version",
+  "description",
+  "skills",
+  "mcpServers",
+  "apps",
+  "hooks",
+  "interface"
+];
+var CODEX_SURFACES = [
+  {
+    id: "project-agent-toml",
+    target: "agent-definition",
+    status: "validated",
+    artifactKind: "agent-config",
+    path: ".codex/agents/{name}.toml",
+    fields: [
+      "name",
+      "description",
+      "developer_instructions",
+      "model",
+      "model_reasoning_effort",
+      "sandbox_mode"
+    ],
+    diagnosticCode: "codex.surface.agent_definition.validated",
+    summary: "Project-scoped custom agents are standalone TOML files.",
+    evidence: "OpenAI Codex Subagents docs: ~/.codex/agents/ and .codex/agents/ with required name, description, developer_instructions."
+  },
+  {
+    id: "project-config-toml",
+    target: "config",
+    status: "validated",
+    artifactKind: "harness-config",
+    path: ".codex/config.toml",
+    fields: [
+      "model",
+      "model_reasoning_effort",
+      "approval_policy",
+      "sandbox_mode",
+      "features",
+      "mcp_servers",
+      "skills.config",
+      "agents"
+    ],
+    diagnosticCode: "codex.surface.config.validated",
+    summary: "Codex supports project-scoped config TOML after trust.",
+    evidence: "OpenAI Codex Configuration Reference: ~/.codex/config.toml and project .codex/config.toml overrides."
+  },
+  {
+    id: "mcp-server-config",
+    target: "mcp-config",
+    status: "validated",
+    artifactKind: "mcp-config",
+    path: ".codex/config.toml",
+    fields: ["mcp_servers.<id>", "url", "command", "args", "env", "tools"],
+    diagnosticCode: "codex.surface.mcp.validated",
+    summary: "MCP servers are configured through Codex config TOML.",
+    evidence: "OpenAI Codex config docs describe mcp_servers and per-tool approval overrides."
+  },
+  {
+    id: "repo-skills-directory",
+    target: "skill-directory",
+    status: "validated",
+    artifactKind: "skill",
+    path: ".agents/skills/{skill}/SKILL.md",
+    fields: ["SKILL.md", "scripts/", "references/", "assets/"],
+    diagnosticCode: "codex.surface.skills.validated",
+    summary: "Repository skills are discovered from .agents/skills.",
+    evidence: "OpenAI Codex Skills docs: repo skills are scanned from .agents/skills up to the repository root."
+  },
+  {
+    id: "project-hooks-json",
+    target: "hook-config",
+    status: "validated",
+    artifactKind: "hook-config",
+    path: ".codex/hooks.json",
+    fields: [
+      "SessionStart.command",
+      "UserPromptSubmit.command",
+      "PreToolUse.command",
+      "PermissionRequest.command",
+      "PostToolUse.command",
+      "Stop.command"
+    ],
+    diagnosticCode: "codex.surface.hooks_json.validated",
+    summary: "Codex supports project-local hooks.json command handlers.",
+    evidence: "OpenAI Codex hooks docs describe hooks.json with SessionStart, UserPromptSubmit, PreToolUse, PermissionRequest, PostToolUse, and Stop command handlers."
+  },
+  {
+    id: "inline-hooks-table",
+    target: "hook-config",
+    status: "validated",
+    artifactKind: "hook-config",
+    path: ".codex/config.toml",
+    fields: [
+      "hooks.SessionStart.command",
+      "hooks.UserPromptSubmit.command",
+      "hooks.PreToolUse.command",
+      "hooks.PermissionRequest.command",
+      "hooks.PostToolUse.command",
+      "hooks.Stop.command"
+    ],
+    diagnosticCode: "codex.surface.inline_hooks.validated",
+    summary: "Codex supports inline [hooks] configuration in TOML.",
+    evidence: "OpenAI Codex configuration docs describe inline [hooks] settings gated by trusted project configuration."
+  },
+  {
+    id: "features-hooks-toggle",
+    target: "hook-config",
+    status: "validated",
+    artifactKind: "hook-config",
+    path: ".codex/config.toml",
+    fields: ["features.hooks"],
+    diagnosticCode: "codex.surface.features_hooks.validated",
+    summary: "Codex hook loading is controlled by the features.hooks toggle.",
+    evidence: "OpenAI Codex configuration docs require enabling [features].hooks before project hook configuration is active."
+  },
+  {
+    id: "plugin-hooks-bundle",
+    target: "hook-config",
+    status: "validated",
+    artifactKind: "hook-config",
+    path: ".codex/plugins/{plugin}/hooks.json",
+    fields: ["features.plugin_hooks", "plugin.hooks", "plugin.trust_review"],
+    diagnosticCode: "codex.surface.plugin_hooks.validated",
+    summary: "Codex plugin hook bundles are documented behind plugin hook feature and trust review gates.",
+    evidence: "OpenAI Codex plugin docs describe bundled hook configuration requiring plugin_hooks enablement and trust review."
+  },
+  {
+    id: "plugin-manifest-json",
+    target: "plugin-manifest",
+    status: "validated",
+    artifactKind: "manifest",
+    path: ".codex-plugin/plugin.json",
+    fields: [...CODEX_PLUGIN_MANIFEST_FIELDS],
+    diagnosticCode: "codex.surface.plugin_manifest.validated",
+    summary: "Codex plugin packages are described by a plugin-root plugin.json manifest.",
+    evidence: "OpenAI Codex plugin docs describe plugin.json with official fields including name, version, description, skills, mcpServers, apps, hooks, and interface."
+  },
+  {
+    id: "plugin-skills-directory",
+    target: "skill-directory",
+    status: "validated",
+    artifactKind: "skill",
+    path: ".codex-plugin/skills/{skill}/SKILL.md",
+    fields: ["skills", "./skills/"],
+    diagnosticCode: "codex.surface.plugin_skills.validated",
+    summary: "Codex plugin packages can bundle skills under plugin-root skills/.",
+    evidence: "OpenAI Codex plugin docs describe plugin-bundled skills referenced from plugin.json using plugin-root relative paths."
+  },
+  {
+    id: "plugin-hooks-json",
+    target: "hook-config",
+    status: "validated",
+    artifactKind: "hook-config",
+    path: ".codex-plugin/hooks/hooks.json",
+    fields: ["hooks", "./hooks/hooks.json"],
+    diagnosticCode: "codex.surface.plugin_hooks_json.validated",
+    summary: "Codex plugin packages can bundle hook configuration under plugin-root hooks/.",
+    evidence: "OpenAI Codex plugin docs describe hook bundle assets referenced from plugin.json and gated by plugin_hooks plus trust review."
+  },
+  {
+    id: "plugin-mcp-json",
+    target: "mcp-config",
+    status: "validated",
+    artifactKind: "mcp-config",
+    path: ".codex-plugin/.mcp.json",
+    fields: ["mcpServers", "./.mcp.json"],
+    diagnosticCode: "codex.surface.plugin_mcp_json.validated",
+    summary: "Codex plugin packages can bundle MCP server definitions in plugin-root .mcp.json.",
+    evidence: "OpenAI Codex plugin docs describe bundled .mcp.json server definitions referenced from plugin.json using plugin-root relative paths."
+  },
+  {
+    id: "inline-hooks",
+    target: "hook-config",
+    status: "unknown",
+    artifactKind: "hook-config",
+    fields: ["features.hooks", "hooks"],
+    diagnosticCode: "codex.surface.hooks.unvalidated",
+    summary: "Lifecycle hook availability is documented, but hook event shape and parity with OpenCode runtime hooks is not validated for this adapter.",
+    evidence: "Codex config reference mentions hooks; this implementation has not validated exact event schemas for plugin parity.",
+    fallback: "diagnostic-only"
+  },
+  {
+    id: "per-agent-runtime-permissions",
+    target: "permission-control",
+    status: "unsupported",
+    fields: ["per-agent tool allow/deny equivalent to OpenCode permissions"],
+    diagnosticCode: "codex.permission.memory.enforcement_gap",
+    summary: "Codex sandbox and approval policy can constrain sessions, but OpenCode-style per-agent MCP/tool deny maps are not validated.",
+    evidence: "Codex approvals/security docs cover sandbox and approval policies, not exact OpenCode per-agent permission maps.",
+    fallback: "instruction-only"
+  },
+  {
+    id: "programmatic-delegation-runtime",
+    target: "delegation-runtime",
+    status: "unsupported",
+    fields: [
+      "task API",
+      "background task sessions",
+      "tmux lifecycle hooks",
+      "automatic subagent session close"
+    ],
+    diagnosticCode: "codex.delegation.runtime.unsupported",
+    summary: "Codex subagents are user/instruction-triggered; no OpenCode plugin task API or automatic subagent session close parity is validated.",
+    evidence: "Codex subagents docs describe manual spawning and agent threads, not this plugin runtime task API or a validated runtime close hook.",
+    fallback: "instruction-only"
+  },
+  {
+    id: "parent-context-injection",
+    target: "parent-context-injection",
+    status: "unknown",
+    fields: ["parent session_id", "project"],
+    diagnosticCode: "codex.context.parent_injection.unvalidated",
+    summary: "No machine-enforced parent context injection mechanism is validated; prompts must instruct users to include parent session_id/project.",
+    evidence: "No validated Codex surface in Phase 1 proves automatic parent context injection into spawned agents.",
+    fallback: "instruction-only"
+  }
+];
+function getCodexSurfaceRecords() {
+  return CODEX_SURFACES.map((surface) => ({
+    ...surface,
+    fields: [...surface.fields]
+  }));
+}
+function getCodexSurface(id) {
+  return getCodexSurfaceRecords().find((surface) => surface.id === id);
+}
+function assertCodexSurfaceCanGenerate(id) {
+  const surface = getCodexSurface(id);
+  if (!surface) {
+    return {
+      ok: false,
+      diagnostic: {
+        severity: "error",
+        code: "harness.surface_unvalidated",
+        message: `Codex surface "${id}" is not registered and cannot generate artifacts.`,
+        harness: "codex",
+        surface: id,
+        fallback: "diagnostic-only"
+      }
+    };
+  }
+  if (surface.status !== "validated" || !surface.artifactKind) {
+    return {
+      ok: false,
+      diagnostic: codexSurfaceDiagnostic(surface)
+    };
+  }
+  return { ok: true, surface };
+}
+function codexSurfaceDiagnostic(surface) {
+  const severity = surface.status === "unsupported" ? "warning" : "error";
+  return {
+    severity,
+    code: surface.diagnosticCode,
+    message: `${surface.summary} Artifact generation is disabled for this surface.`,
+    harness: "codex",
+    surface: surface.id,
+    fallback: surface.fallback ?? "diagnostic-only"
+  };
+}
+function normalizeCodexPath(value) {
+  return value.replace(/\\/g, "/");
+}
+function codexPluginPackageDiagnostic(code, message, surface) {
+  return {
+    severity: "error",
+    code,
+    message,
+    harness: "codex",
+    surface,
+    fallback: "diagnostic-only"
+  };
+}
+function isPathUnderCodexPlugin(pathValue) {
+  const normalized = normalizeCodexPath(pathValue);
+  const segments = normalized.split("/");
+  return !normalized.startsWith("/") && !/^[A-Za-z]:\//.test(normalized) && !segments.includes("..") && (normalized === ".codex-plugin" || normalized === ".codex-plugin/" || normalized.startsWith(".codex-plugin/"));
+}
+function fieldAllowedForPluginSurface(surface, field) {
+  if (surface.id === "plugin-manifest-json") {
+    return CODEX_PLUGIN_MANIFEST_FIELDS.includes(
+      field
+    );
+  }
+  return surface.fields.includes(field);
+}
+function validateCodexPluginPackageSurface(input) {
+  const canGenerate = assertCodexSurfaceCanGenerate(input.surfaceId);
+  if (!canGenerate.ok) {
+    return {
+      ok: false,
+      diagnostics: [
+        {
+          ...canGenerate.diagnostic,
+          code: "codex.plugin.surface.unvalidated",
+          message: `Codex plugin package surface "${input.surfaceId}" is not validated for .codex-plugin artifacts.`
+        }
+      ]
+    };
+  }
+  const diagnostics = [];
+  const surface = canGenerate.surface;
+  if (!surface.path?.startsWith(".codex-plugin")) {
+    diagnostics.push(
+      codexPluginPackageDiagnostic(
+        "codex.plugin.surface.unvalidated",
+        `Codex surface "${input.surfaceId}" is validated, but not as a .codex-plugin package surface.`,
+        input.surfaceId
+      )
+    );
+  }
+  if (input.path && !isPathUnderCodexPlugin(input.path)) {
+    diagnostics.push(
+      codexPluginPackageDiagnostic(
+        "codex.plugin.path.unvalidated",
+        `Codex plugin package path "${input.path}" must stay under .codex-plugin/.`,
+        input.surfaceId
+      )
+    );
+  }
+  for (const field of input.fields ?? []) {
+    if (!fieldAllowedForPluginSurface(surface, field)) {
+      diagnostics.push(
+        codexPluginPackageDiagnostic(
+          "codex.plugin.field.unvalidated",
+          `Codex plugin field "${field}" is not validated for surface "${input.surfaceId}".`,
+          input.surfaceId
+        )
+      );
+    }
+  }
+  if (diagnostics.length > 0) return { ok: false, diagnostics };
+  return { ok: true, surface };
+}
+function isCodexHookEvent(event) {
+  return CODEX_HOOK_EVENTS.includes(event);
+}
+function codexHookDiagnostic(code, message) {
+  return {
+    severity: "warning",
+    code,
+    message,
+    harness: "codex",
+    surface: "hook-config",
+    fallback: "diagnostic-only"
+  };
+}
+function inferHookHandlerType(handler) {
+  if (!handler) return void 0;
+  if (typeof handler.type === "string") return handler.type;
+  if ("command" in handler) return "command";
+  if ("prompt" in handler) return "prompt";
+  if ("agent" in handler) return "agent";
+  return void 0;
+}
+function validateCodexHookSurface(input) {
+  const diagnostics = [];
+  const handlerType = inferHookHandlerType(input.handler);
+  if (!isCodexHookEvent(input.event)) {
+    diagnostics.push(
+      codexHookDiagnostic(
+        "codex.hooks.event.unsupported",
+        `Codex hook event "${input.event}" is not documented for this adapter.`
+      )
+    );
+  }
+  if (handlerType !== "command") {
+    diagnostics.push(
+      codexHookDiagnostic(
+        handlerType === "prompt" ? "codex.hooks.handler.prompt_unsupported" : handlerType === "agent" ? "codex.hooks.handler.agent_unsupported" : "codex.hooks.handler.unsupported",
+        `Codex hook handler "${handlerType ?? "unknown"}" is not supported; only command handlers are validated.`
+      )
+    );
+  }
+  if (input.handler?.async === true) {
+    diagnostics.push(
+      codexHookDiagnostic(
+        "codex.hooks.async.unsupported",
+        "Async Codex hook execution is not validated for this adapter."
+      )
+    );
+  }
+  const unsupportedOutputField = input.outputFields?.find(
+    (field) => !SUPPORTED_CODEX_HOOK_OUTPUT_FIELDS.includes(field)
+  );
+  if (unsupportedOutputField) {
+    diagnostics.push(
+      codexHookDiagnostic(
+        "codex.hooks.output_field.unsupported",
+        `Codex hook output field "${unsupportedOutputField}" is not supported by the validated hook surface.`
+      )
+    );
+  }
+  if (input.interceptsToolExecution) {
+    diagnostics.push(
+      codexHookDiagnostic(
+        "codex.hooks.tool_interception.unsupported",
+        "Full tool interception is not supported; Codex hooks are diagnostic/config surfaces, not OpenCode runtime enforcement hooks."
+      )
+    );
+  }
+  if (diagnostics.length > 0 || !isCodexHookEvent(input.event)) {
+    return { ok: false, diagnostics };
+  }
+  return { ok: true, event: input.event, handlerType: "command" };
+}
+
+// src/harness/writers/codex-plugin-package.ts
+var PLUGIN_MANIFEST_SURFACE_ID = "plugin-manifest-json";
+function normalizePath(value) {
+  return value.replace(/\\/g, "/");
+}
+function pluginRootReference(pathValue) {
+  const normalized = normalizePath(pathValue);
+  const relative3 = normalized.slice(".codex-plugin/".length);
+  return `./${relative3}`;
+}
+function sha256(content) {
+  return `sha256:${createHash("sha256").update(content).digest("hex")}`;
+}
+function isRecord(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function stableValue(value) {
+  if (Array.isArray(value)) return value.map(stableValue);
+  if (!isRecord(value)) return value;
+  return Object.fromEntries(
+    Object.keys(value).sort((left, right) => left.localeCompare(right)).map((key) => [key, stableValue(value[key])])
+  );
+}
+function stableJson(value) {
+  return `${JSON.stringify(value, null, 2)}
+`;
+}
+function orderManifestFields(manifest) {
+  const ordered = {};
+  for (const field of CODEX_PLUGIN_MANIFEST_FIELDS) {
+    if (field in manifest) ordered[field] = manifest[field];
+  }
+  return ordered;
+}
+function fieldDiagnostic(field) {
+  return {
+    severity: "error",
+    code: "codex.plugin.field.unvalidated",
+    message: `Skipping unvalidated Codex plugin manifest field "${field}".`,
+    harness: "codex",
+    surface: PLUGIN_MANIFEST_SURFACE_ID,
+    fallback: "diagnostic-only"
+  };
+}
+function artifactKindForSurface(surfaceId) {
+  if (surfaceId === "plugin-mcp-json") return "mcp-config";
+  return surfaceId === "plugin-hooks-json" ? "hook-config" : "skill";
+}
+function codexHookPackageDiagnostic(code, message) {
+  return {
+    severity: "warning",
+    code,
+    message,
+    harness: "codex",
+    surface: "plugin-hooks-json",
+    fallback: "diagnostic-only"
+  };
+}
+function normalizeHookDefinition(hook) {
+  return {
+    command: hook.handler.command,
+    ...hook.outputFields?.length ? { output: [...hook.outputFields].sort() } : {}
+  };
+}
+function renderHookDefinitions(hookDefinitions) {
+  const diagnostics = [];
+  const hooksByEvent = /* @__PURE__ */ new Map();
+  for (const hook of hookDefinitions) {
+    const validation = validateCodexHookSurface(hook);
+    if (!validation.ok) {
+      diagnostics.push(...validation.diagnostics);
+      continue;
+    }
+    const eventHooks = hooksByEvent.get(validation.event) ?? [];
+    eventHooks.push(normalizeHookDefinition(hook));
+    hooksByEvent.set(validation.event, eventHooks);
+  }
+  if (hooksByEvent.size === 0) {
+    diagnostics.push(
+      codexHookPackageDiagnostic(
+        "codex.plugin.hooks.none_packaged",
+        "No Codex plugin hooks were packaged because no hook definitions passed existing Codex hook validation."
+      )
+    );
+    return { diagnostics };
+  }
+  const content = stableJson(
+    Object.fromEntries(
+      [...hooksByEvent.entries()].sort(([left], [right]) => left.localeCompare(right)).map(([event, hooks]) => [event, hooks.map(stableValue)])
+    )
+  );
+  return { content, diagnostics };
+}
+function parseRawHookContent(content) {
+  const diagnostics = [];
+  const hookDefinitions = [];
+  let parsed;
+  try {
+    parsed = JSON.parse(content);
+  } catch {
+    return {
+      hookDefinitions,
+      diagnostics: [
+        codexHookPackageDiagnostic(
+          "codex.plugin.hooks.invalid_json",
+          "Skipping Codex plugin hooks asset because hooks.json content is not valid JSON."
+        )
+      ]
+    };
+  }
+  if (!isRecord(parsed)) {
+    return {
+      hookDefinitions,
+      diagnostics: [
+        codexHookPackageDiagnostic(
+          "codex.plugin.hooks.invalid_shape",
+          "Skipping Codex plugin hooks asset because hooks.json must be an object keyed by Codex hook event."
+        )
+      ]
+    };
+  }
+  for (const [event, definitions] of Object.entries(parsed)) {
+    if (!Array.isArray(definitions)) {
+      diagnostics.push(
+        codexHookPackageDiagnostic(
+          "codex.plugin.hooks.invalid_shape",
+          `Skipping Codex plugin hook event "${event}" because its value is not an array of command handlers.`
+        )
+      );
+      continue;
+    }
+    for (const definition of definitions) {
+      if (!isRecord(definition)) {
+        diagnostics.push(
+          codexHookPackageDiagnostic(
+            "codex.plugin.hooks.invalid_shape",
+            `Skipping Codex plugin hook event "${event}" entry because it is not an object.`
+          )
+        );
+        continue;
+      }
+      const output = definition.output;
+      hookDefinitions.push({
+        event,
+        handler: {
+          type: typeof definition.type === "string" ? definition.type : "command",
+          command: definition.command,
+          async: definition.async
+        },
+        outputFields: Array.isArray(output) ? output.filter((field) => typeof field === "string") : void 0,
+        interceptsToolExecution: definition.interceptsToolExecution === true
+      });
+    }
+  }
+  return { hookDefinitions, diagnostics };
+}
+function resolveHookAssetContent(asset) {
+  if (asset.surfaceId !== "plugin-hooks-json") {
+    return { content: asset.content, diagnostics: [] };
+  }
+  const fromInput = asset.hookDefinitions ? { hookDefinitions: [...asset.hookDefinitions], diagnostics: [] } : asset.content !== void 0 ? parseRawHookContent(asset.content) : { hookDefinitions: [], diagnostics: [] };
+  const rendered = renderHookDefinitions(fromInput.hookDefinitions);
+  return {
+    content: rendered.content,
+    diagnostics: [...fromInput.diagnostics, ...rendered.diagnostics]
+  };
+}
+function renderCodexPluginPackage(input) {
+  const artifacts = [];
+  const diagnostics = [];
+  const manifest = {};
+  const provenance = [];
+  for (const field of Object.keys(input.manifest)) {
+    if (!CODEX_PLUGIN_MANIFEST_FIELDS.includes(
+      field
+    )) {
+      diagnostics.push(fieldDiagnostic(field));
+    }
+  }
+  const manifestValidation = validateCodexPluginPackageSurface({
+    surfaceId: PLUGIN_MANIFEST_SURFACE_ID,
+    path: ".codex-plugin/plugin.json",
+    fields: Object.keys(input.manifest).filter(
+      (field) => CODEX_PLUGIN_MANIFEST_FIELDS.includes(
+        field
+      )
+    )
+  });
+  if (!manifestValidation.ok)
+    diagnostics.push(...manifestValidation.diagnostics);
+  for (const field of CODEX_PLUGIN_MANIFEST_FIELDS) {
+    if (field in input.manifest)
+      manifest[field] = stableValue(input.manifest[field]);
+  }
+  for (const asset of [...input.assets ?? []].sort(
+    (left, right) => normalizePath(left.path).localeCompare(normalizePath(right.path))
+  )) {
+    const assetPath = normalizePath(asset.path);
+    const validation = validateCodexPluginPackageSurface({
+      surfaceId: asset.surfaceId,
+      path: assetPath,
+      fields: [asset.manifestField]
+    });
+    if (!validation.ok) {
+      diagnostics.push(...validation.diagnostics);
+      continue;
+    }
+    const hookContent = resolveHookAssetContent(asset);
+    diagnostics.push(...hookContent.diagnostics);
+    if (asset.surfaceId === "plugin-hooks-json" && !hookContent.content) {
+      continue;
+    }
+    const assetContent = hookContent.content ?? asset.content;
+    const reference = pluginRootReference(assetPath);
+    manifest[asset.manifestField] = reference;
+    if (assetContent !== void 0 && !assetPath.endsWith("/")) {
+      artifacts.push({
+        harness: "codex",
+        kind: artifactKindForSurface(asset.surfaceId),
+        path: assetPath,
+        description: asset.description ?? `Codex plugin asset for ${asset.manifestField}`,
+        content: assetContent
+      });
+    }
+    provenance.push({
+      field: asset.manifestField,
+      path: assetPath,
+      reference,
+      ...asset.provenanceName ? { name: asset.provenanceName } : {},
+      ...asset.sourcePath ? { sourcePath: normalizePath(asset.sourcePath) } : {},
+      ...assetContent !== void 0 ? { sha256: sha256(assetContent) } : {}
+    });
+  }
+  artifacts.push({
+    harness: "codex",
+    kind: "manifest",
+    path: ".codex-plugin/plugin.json",
+    description: "Deterministic Codex plugin package manifest.",
+    content: stableJson(orderManifestFields(manifest))
+  });
+  artifacts.push({
+    harness: "codex",
+    kind: "manifest",
+    path: ".codex-plugin/.thoth-agents-plugin-assets.json",
+    description: "Deterministic Codex plugin package asset provenance.",
+    content: stableJson({
+      generatedBy: "thoth-agents",
+      assets: provenance.sort(
+        (left, right) => left.path.localeCompare(right.path)
+      )
+    })
+  });
+  return { artifacts, diagnostics };
+}
+
+// src/harness/writers/codex-toml.ts
+function escapeTomlString(value) {
+  return value.replace(/\\/g, "\\\\").replace(/"/g, '\\"').replace(/\t/g, "\\t").replace(/\n/g, "\\n").replace(/\f/g, "\\f").replace(/\r/g, "\\r");
+}
+function escapeTomlMultilineString(value) {
+  return value.replace(/\\/g, "\\\\").replace(/"""/g, '\\"\\"\\"').replace(/\r\n/g, "\n").replace(/\r/g, "\n");
+}
+function renderScalar(value) {
+  if (typeof value === "string") return `"${escapeTomlString(value)}"`;
+  if (typeof value === "number" || typeof value === "boolean") {
+    return String(value);
+  }
+  if (Array.isArray(value)) {
+    return `[${value.map(renderScalar).join(", ")}]`;
+  }
+  throw new Error(`Unsupported TOML scalar: ${String(value)}`);
+}
+function renderField(key, value) {
+  if (key === "developer_instructions" && typeof value === "string") {
+    return [`${key} = """`, escapeTomlMultilineString(value), '"""', ""];
+  }
+  return [`${key} = ${renderScalar(value)}`];
+}
+function isRecord2(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function fieldOrder(fields, keys) {
+  const orderedRoots = fields.map((field) => field.split(".")[0]);
+  return [...keys].sort((left, right) => {
+    const leftIndex = orderedRoots.indexOf(left);
+    const rightIndex = orderedRoots.indexOf(right);
+    if (leftIndex !== -1 || rightIndex !== -1) {
+      return (leftIndex === -1 ? Number.MAX_SAFE_INTEGER : leftIndex) - (rightIndex === -1 ? Number.MAX_SAFE_INTEGER : rightIndex);
+    }
+    return left.localeCompare(right);
+  });
+}
+function isAllowedRoot(fields, key) {
+  return fields.some(
+    (field) => field === key || field.startsWith(`${key}.`) || field.includes("<id>") && key === field.split(".")[0]
+  );
+}
+function renderTable(lines, tablePath, value) {
+  lines.push(`[${tablePath.join(".")}]`);
+  const nested = [];
+  for (const key of Object.keys(value).sort()) {
+    const entry = value[key];
+    if (isRecord2(entry)) {
+      nested.push([key, entry]);
+    } else {
+      lines.push(...renderField(key, entry));
+    }
+  }
+  lines.push("");
+  for (const [key, entry] of nested) {
+    renderTable(lines, [...tablePath, key], entry);
+  }
+}
+function renderCodexToml(input) {
+  const canGenerate = assertCodexSurfaceCanGenerate(input.surfaceId);
+  if (!canGenerate.ok) {
+    return { content: "", diagnostics: [canGenerate.diagnostic] };
+  }
+  const surface = getCodexSurface(input.surfaceId);
+  const fields = surface?.fields ?? [];
+  const diagnostics = [];
+  const lines = [];
+  const tables = [];
+  for (const key of fieldOrder(fields, Object.keys(input.values))) {
+    const value = input.values[key];
+    if (!isAllowedRoot(fields, key)) {
+      diagnostics.push({
+        severity: "warning",
+        code: "codex.toml.field.unvalidated",
+        message: `Skipping unvalidated Codex TOML field "${key}" for surface "${input.surfaceId}".`,
+        harness: "codex",
+        surface: input.surfaceId,
+        fallback: "diagnostic-only"
+      });
+      continue;
+    }
+    if (isRecord2(value)) {
+      tables.push([key, value]);
+    } else {
+      lines.push(...renderField(key, value));
+    }
+  }
+  if (tables.length > 0 && lines.length > 0) lines.push("");
+  for (const [key, value] of tables) {
+    renderTable(lines, [key], value);
+  }
+  while (lines.at(-1) === "") lines.pop();
+  return {
+    content: lines.join("\n") + (lines.length > 0 ? "\n" : ""),
+    diagnostics
+  };
+}
+
+// src/harness/writers/skill-layout.ts
+import { createHash as createHash2 } from "crypto";
+import * as fs from "fs";
+import * as path from "path";
+var OUTPUT_MODE_CONFIG = {
+  "plugin-package": {
+    basePath: ".codex-plugin/skills",
+    manifestPath: ".codex-plugin/skills/.thoth-agents-manifest.json",
+    surfaceId: "plugin-skills-directory",
+    label: "plugin-bundled"
+  },
+  "repo-local-fallback": {
+    basePath: ".agents/skills",
+    manifestPath: ".agents/skills/.thoth-agents-manifest.json",
+    surfaceId: "repo-skills-directory",
+    label: "fallback .agents/skills"
+  }
+};
+function normalizePath2(value) {
+  return value.split(path.sep).join("/");
+}
+function collectFiles(directory) {
+  if (!fs.existsSync(directory)) return [];
+  const entries = fs.readdirSync(directory, { withFileTypes: true });
+  const files = [];
+  for (const entry of entries) {
+    const entryPath = path.join(directory, entry.name);
+    if (entry.isDirectory()) {
+      files.push(...collectFiles(entryPath));
+    } else if (entry.isFile()) {
+      files.push(entryPath);
+    }
+  }
+  return files.sort((left, right) => left.localeCompare(right));
+}
+function sha2562(content) {
+  return `sha256:${createHash2("sha256").update(content).digest("hex")}`;
+}
+function resolveOutputModes(input) {
+  const requested = input.outputModes ?? (input.outputMode ? [input.outputMode] : []);
+  const modes = requested.length > 0 ? requested : ["plugin-package"];
+  return [...new Set(modes)];
+}
+function duplicateScopeDiagnostic(skillNames, surfaceId) {
+  if (skillNames.length === 0) return void 0;
+  return {
+    severity: "warning",
+    code: "codex.skill.duplicate_scope_precedence_unverified",
+    message: `Codex skills are selected for both plugin-bundled and fallback .agents/skills scopes: ${skillNames.join(", ")}. Plugin-bundled skills are the intended primary package content, but runtime precedence with fallback scopes is unresolved and must be validated before relying on ordering.`,
+    harness: "codex",
+    surface: surfaceId,
+    fallback: "diagnostic-only"
+  };
+}
+function renderCodexSkillLayout(input) {
+  const surface = assertCodexSurfaceCanGenerate(input.surfaceId);
+  if (!surface.ok) {
+    return { artifacts: [], diagnostics: [surface.diagnostic] };
+  }
+  const artifacts = [];
+  const diagnostics = [];
+  const outputModes = resolveOutputModes(input);
+  for (const mode of outputModes) {
+    const modeSurface = assertCodexSurfaceCanGenerate(
+      OUTPUT_MODE_CONFIG[mode].surfaceId
+    );
+    if (!modeSurface.ok) diagnostics.push(modeSurface.diagnostic);
+  }
+  const duplicateDiagnostic = duplicateScopeDiagnostic(
+    outputModes.length > 1 ? input.skills.map((skill) => skill.name).sort() : [],
+    input.surfaceId
+  );
+  if (duplicateDiagnostic) diagnostics.push(duplicateDiagnostic);
+  const manifests = new Map(
+    outputModes.map((mode) => [mode, []])
+  );
+  for (const skill of [...input.skills].sort(
+    (left, right) => left.name.localeCompare(right.name)
+  )) {
+    const sourceBaseRoot = input.packageRoot ?? input.projectRoot;
+    const sourceRoot = path.join(sourceBaseRoot, skill.sourcePath);
+    const files = collectFiles(sourceRoot);
+    if (files.length === 0) {
+      diagnostics.push({
+        severity: "warning",
+        code: "codex.skill.source_missing",
+        message: `Skipping Codex skill "${skill.name}" because source path "${skill.sourcePath}" was not found.`,
+        harness: "codex",
+        surface: input.surfaceId,
+        fallback: "diagnostic-only"
+      });
+      continue;
+    }
+    for (const file of files) {
+      const relative3 = normalizePath2(path.relative(sourceRoot, file));
+      const content = fs.readFileSync(file, "utf8");
+      const sourcePath = normalizePath2(path.relative(sourceBaseRoot, file));
+      for (const mode of outputModes) {
+        const config = OUTPUT_MODE_CONFIG[mode];
+        const outputPath = `${config.basePath}/${skill.name}/${relative3}`;
+        artifacts.push({
+          harness: "codex",
+          kind: "skill",
+          path: outputPath,
+          description: `Codex ${config.label} skill artifact for ${skill.name}`,
+          content
+        });
+        manifests.get(mode)?.push({
+          name: skill.name,
+          sourcePath,
+          outputPath,
+          sha256: sha2562(content)
+        });
+      }
+    }
+  }
+  for (const mode of outputModes) {
+    const config = OUTPUT_MODE_CONFIG[mode];
+    artifacts.push({
+      harness: "codex",
+      kind: "manifest",
+      path: config.manifestPath,
+      description: `Generated Codex ${config.label} skill source manifest with source hashes.`,
+      content: `${JSON.stringify({ generatedBy: "thoth-agents", skills: manifests.get(mode) ?? [] }, null, 2)}
+`
+    });
+  }
+  return { artifacts, diagnostics };
+}
+
+// src/harness/adapters/codex.ts
+function readRootPackageVersion(context) {
+  const packageJsonPath = findRootPackageJsonPath([
+    ...hasCodexPackageRoot(context) ? [context.packageRoot] : [],
+    context.projectRoot,
+    process.cwd(),
+    fileURLToPath(new URL(".", import.meta.url))
+  ]);
+  return readPackageJsonVersion(packageJsonPath);
+}
+function createCodexPluginPackageManifest(context) {
+  return {
+    name: "thoth-agents",
+    version: readRootPackageVersion(context),
+    description: "Delegate-first OpenCode plugin with seven agents, thoth-mem persistence, and bundled SDD skills."
+  };
+}
+function findRootPackageJsonPath(startDirs) {
+  for (const startDir of startDirs) {
+    let currentDir = resolve(startDir);
+    while (true) {
+      const packageJsonPath = resolve(currentDir, "package.json");
+      if (existsSync2(packageJsonPath)) {
+        const packageJsonText = readFileSync2(packageJsonPath, "utf8");
+        const packageJson = JSON.parse(packageJsonText);
+        if (packageJson.name === "thoth-agents") {
+          return packageJsonPath;
+        }
+      }
+      const parentDir = dirname(currentDir);
+      if (parentDir === currentDir) {
+        break;
+      }
+      currentDir = parentDir;
+    }
+  }
+  throw new Error(
+    "Unable to locate the thoth-agents root package.json from the render context or current working directory."
+  );
+}
+function readPackageJsonVersion(packageJsonPath) {
+  const packageJsonText = readFileSync2(packageJsonPath, "utf8");
+  const packageJson = JSON.parse(packageJsonText);
+  if (typeof packageJson.version !== "string" || packageJson.version.length === 0) {
+    throw new Error("Root package.json version must be a non-empty string.");
+  }
+  return packageJson.version;
+}
+function stableJson2(value) {
+  return `${JSON.stringify(value, null, 2)}
+`;
+}
+function codexCommandConfig(commandParts) {
+  const [command = "", ...args] = commandParts;
+  return {
+    command,
+    ...args.length > 0 ? { args } : {}
+  };
+}
+function codexMcpConfig(config) {
+  if ("url" in config) {
+    return { url: config.url };
+  }
+  const [command = "", ...args] = config.command;
+  return {
+    command,
+    ...args.length > 0 ? { args } : {},
+    ...config.environment && Object.keys(config.environment).length > 0 ? { env: config.environment } : {}
+  };
+}
+function createCodexBuiltinMcpServers() {
+  return {
+    exa: codexMcpConfig(exa),
+    context7: { url: CONTEXT7_MCP_URL },
+    grep_app: { url: GREP_APP_MCP_URL },
+    thoth_mem: codexCommandConfig(DEFAULT_THOTH_COMMAND)
+  };
+}
+function createCodexBuiltinMcpJsonConfig() {
+  return {
+    mcpServers: createCodexBuiltinMcpServers()
+  };
+}
+function createCodexBuiltinMcpTomlConfig() {
+  return {
+    mcp_servers: createCodexBuiltinMcpServers()
+  };
+}
+var CODEX_SUBAGENT_DEFAULT_MODELS = {
+  oracle: "gpt-5.5",
+  librarian: "gpt-5.4-mini",
+  explorer: "gpt-5.4-mini",
+  designer: "gpt-5.4-mini",
+  quick: "gpt-5.4-mini",
+  deep: "gpt-5.5"
+};
+var CODEX_SUBAGENT_REASONING_EFFORTS = {
+  oracle: "high",
+  explorer: "low",
+  librarian: "medium",
+  designer: "medium",
+  quick: "low",
+  deep: "medium"
+};
+var CODEX_ROOT_START = "<!-- thoth-agents:codex-root:start -->";
+var CODEX_ROOT_END = "<!-- thoth-agents:codex-root:end -->";
+var CODEX_CAPABILITIES = CODEX_PROMPT_DIALECT.capabilities.capabilities;
+function codexPromptSections(roleName) {
+  switch (roleName) {
+    case "orchestrator":
+      return createOrchestratorPromptSections();
+    case "explorer":
+    case "librarian":
+    case "oracle":
+      return createReadOnlySpecialistPromptSections(roleName);
+    case "designer":
+    case "quick":
+    case "deep":
+      return createWriteCapableSpecialistPromptSections(roleName);
+  }
+}
+function codexModelFamilyPromptSection(roleName, model) {
+  const section = createModelFamilySection(roleName, model);
+  return section ? renderPromptSection(section, CODEX_PROMPT_DIALECT) : void 0;
+}
+function codexStepBudgetPromptSection(steps) {
+  const section = createStepBudgetSection(steps);
+  return section ? renderPromptSection(section, CODEX_PROMPT_DIALECT) : void 0;
+}
+function renderCodexRolePrompt(roleName, config, model) {
+  const promptOverrides = loadAgentPrompt(roleName, config?.preset);
+  const override = getAgentOverride(config, roleName);
+  const basePrompt = renderRolePrompt(
+    codexPromptSections(roleName),
+    CODEX_PROMPT_DIALECT
+  );
+  const prompt = composeAgentPrompt({
+    basePrompt,
+    customPrompt: promptOverrides.prompt,
+    customAppendPrompt: appendPromptSections(
+      codexModelFamilyPromptSection(roleName, model),
+      promptOverrides.appendPrompt
+    )
+  });
+  return appendPromptSections(
+    prompt,
+    codexStepBudgetPromptSection(override?.steps)
+  );
+}
+function codexRoleInstructions(role) {
+  return [
+    "<role-operational-contract>",
+    `- Role: ${role.name}`,
+    `- Mode: ${role.mode}`,
+    `- Scope: ${role.scope}`,
+    `- Responsibility: ${role.responsibility}`,
+    "- Use request_user_input for local blocking decisions.",
+    "- Permissions, memory governance, runtime hooks, and provider-per-agent controls are instruction-level unless the active Codex runtime documents stronger enforcement.",
+    `- ${role.name} runs as a Codex custom-agent TOML entry; the orchestrator remains the ambient Codex root session, not a generated role TOML.`,
+    ...role.toolGovernance.map((rule) => `- ${rule}`),
+    ...role.verification.map((rule) => `- ${rule}`),
+    "</role-operational-contract>"
+  ].join("\n");
+}
+function roleInstructions(role, config) {
+  const model = getCodexAgentModel(role, config) ?? DEFAULT_MODELS[role.name];
+  return [
+    renderCodexRolePrompt(role.name, config, model),
+    codexRoleInstructions(role),
+    renderMemoryGovernanceInstructions(role, CODEX_PROMPT_DIALECT)
+  ].join("\n\n");
+}
+function renderCodexRootInstructions(config) {
+  const rootOverride = getAgentOverride(config, "orchestrator");
+  const rootPrompt = renderCodexRolePrompt(
+    "orchestrator",
+    config,
+    rootOverride?.model ?? DEFAULT_MODELS.orchestrator
+  );
+  return [
+    CODEX_ROOT_START,
+    rootPrompt,
+    "<codex-runtime>",
+    "- The ambient Codex root session is the root/main orchestrator; orchestrator-only and root-owned instructions apply to it because Codex does not generate a selectable orchestrator agent TOML.",
+    "- On each new root session, when thoth-mem tools are installed and session/project identity is known, call mem_session_start with the active project and session identity, then save the real user prompt with mem_save_prompt before later delegation.",
+    "- If thoth-mem tools or identity values are unavailable, disclose that memory bootstrap could not run and continue without claiming memory was saved.",
+    "- Use the ambient Codex root session as the delegate-first root coordinator; do not generate or select an orchestrator TOML.",
+    "- Delegate by invoking the installed Codex role agents: explorer, librarian, oracle, designer, quick, and deep.",
+    "- After receiving a delegated subagent response, close that subagent session unless you will retry or intentionally keep using that exact same session; explorer and librarian sessions must always be closed immediately after their response, and retry sessions must be closed after the retry result unless explicit same-session reuse is still required.",
+    "- Use packaged thoth-agents plugin capabilities through Codex plugin, skill, MCP, and hook review surfaces after enabling them with /plugins and /hooks.",
+    "- For blocking user decisions in Codex Default mode, use request_user_input after features.default_mode_request_user_input is enabled; do not ask those questions in plain prose.",
+    "- Memory governance, role permissions, provider-per-agent controls, and hooks are instruction-level unless the active Codex runtime documents stronger enforcement.",
+    "</codex-runtime>",
+    CODEX_ROOT_END,
+    ""
+  ].join("\n");
+}
+function agentModelReasoningEffort(role) {
+  return isCodexSubagentName(role.name) ? CODEX_SUBAGENT_REASONING_EFFORTS[role.name] : "medium";
+}
+function isCodexSubagentName(name) {
+  return name in CODEX_SUBAGENT_DEFAULT_MODELS;
+}
+function getPrimaryModelId(model) {
+  if (Array.isArray(model)) {
+    const first = model[0];
+    return typeof first === "string" ? first : first?.id;
+  }
+  return model;
+}
+function getCodexAgentModel(role, config) {
+  if (!isCodexSubagentName(role.name)) return void 0;
+  return getPrimaryModelId(config?.agents?.[role.name]?.model) ?? CODEX_SUBAGENT_DEFAULT_MODELS[role.name];
+}
+function codexSurfaceHasField(surfaceId, field) {
+  return getCodexSurface(surfaceId)?.fields.includes(field) ?? false;
+}
+function hasCodexConfig(context) {
+  return "config" in context;
+}
+function hasCodexPackageRoot(context) {
+  return "packageRoot" in context && typeof context.packageRoot === "string" && context.packageRoot.length > 0;
+}
+function renderAgentArtifacts({ config }) {
+  const artifacts = [];
+  const diagnostics = [];
+  const supportsReasoningEffort = codexSurfaceHasField(
+    "project-agent-toml",
+    "model_reasoning_effort"
+  );
+  for (const role of getAgentPackContract().roles.filter(
+    (candidate) => candidate.name !== "orchestrator"
+  )) {
+    const model = getCodexAgentModel(role, config);
+    const toml = renderCodexToml({
+      surfaceId: "project-agent-toml",
+      values: {
+        name: role.name,
+        description: role.responsibility,
+        developer_instructions: roleInstructions(role, config),
+        ...model ? { model } : {},
+        ...supportsReasoningEffort ? { model_reasoning_effort: agentModelReasoningEffort(role) } : {},
+        sandbox_mode: role.canMutateWorkspace ? "workspace-write" : "read-only"
+      }
+    });
+    diagnostics.push(...toml.diagnostics);
+    artifacts.push({
+      harness: "codex",
+      kind: "agent-config",
+      path: `.codex/agents/thoth-agents-${role.name}.toml`,
+      description: `Codex agent definition for ${role.name}.`,
+      content: toml.content
+    });
+  }
+  return { artifacts, diagnostics };
+}
+function renderConfigArtifacts() {
+  const config = renderCodexToml({
+    surfaceId: "project-config-toml",
+    values: {
+      approval_policy: "on-request",
+      sandbox_mode: "workspace-write",
+      "skills.config": { enabled: true, sources: ["repo"] },
+      agents: getAgentPackContract().roles.filter((role) => role.name !== "orchestrator").map((role) => role.name)
+    }
+  });
+  const mcp = renderCodexToml({
+    surfaceId: "mcp-server-config",
+    values: createCodexBuiltinMcpTomlConfig()
+  });
+  return {
+    artifacts: [
+      {
+        harness: "codex",
+        kind: "harness-config",
+        path: ".codex/config.toml",
+        description: "Codex project configuration snippet for the agent pack.",
+        content: config.content
+      },
+      {
+        harness: "codex",
+        kind: "mcp-config",
+        path: ".codex/config.toml",
+        description: "Codex MCP configuration snippet for thoth-mem.",
+        content: mcp.content
+      }
+    ],
+    diagnostics: [...config.diagnostics, ...mcp.diagnostics]
+  };
+}
+function capabilityDiagnostics() {
+  const surfaceDiagnostics = getCodexSurfaceRecords().filter((surface) => surface.status !== "validated").map(codexSurfaceDiagnostic);
+  const governanceDiagnostics = memoryGovernanceDiagnostics({
+    harness: "codex",
+    permissionControls: CODEX_CAPABILITIES.rolePermissions,
+    parentContextInjection: CODEX_CAPABILITIES.parentContextInjection,
+    memoryWriteControls: CODEX_CAPABILITIES.memoryGovernanceEnforcement
+  });
+  return [...surfaceDiagnostics, ...governanceDiagnostics];
+}
+function hookReadinessDiagnostics() {
+  return [
+    {
+      severity: "warning",
+      code: "codex.hooks.project_trust.required",
+      message: "Codex project-local hooks require trusted project configuration before .codex/hooks.json or inline [hooks] command handlers are active; generated artifacts remain diagnostic-only until trust and features.hooks are reviewed.",
+      harness: "codex",
+      surface: "project-hooks-json",
+      fallback: "diagnostic-only"
+    },
+    {
+      severity: "warning",
+      code: "codex.hooks.features_hooks.required",
+      message: "Codex hook loading is gated by features.hooks; this adapter reports the docs-backed config surface but does not generate hook scripts or claim runtime enforcement.",
+      harness: "codex",
+      surface: "features-hooks-toggle",
+      fallback: "diagnostic-only"
+    },
+    {
+      severity: "warning",
+      code: "codex.hooks.plugin_trust.required",
+      message: "Bundled Codex plugin hook configuration is package content only; activation requires features.plugin_hooks and plugin hook trust review, and this adapter does not enable hooks automatically or claim hard permission enforcement.",
+      harness: "codex",
+      surface: "plugin-hooks-bundle",
+      fallback: "diagnostic-only"
+    }
+  ];
+}
+function resolveSkillOutputModes(context) {
+  return context.options?.codexSkillOutputModes ?? ["plugin-package"];
+}
+var codexAdapter = {
+  id: "codex",
+  displayName: "Codex",
+  capabilities: CODEX_CAPABILITIES,
+  render(context) {
+    const config = hasCodexConfig(context) ? context.config : void 0;
+    const agentArtifacts = renderAgentArtifacts({ config });
+    const configArtifacts = renderConfigArtifacts();
+    const skillOutputModes = resolveSkillOutputModes(context);
+    const skillLayout = renderCodexSkillLayout({
+      projectRoot: context.projectRoot,
+      ...hasCodexPackageRoot(context) ? { packageRoot: context.packageRoot } : {},
+      skills: getSkillRegistry(),
+      surfaceId: "plugin-skills-directory",
+      outputModes: skillOutputModes
+    });
+    const pluginPackage = renderCodexPluginPackage({
+      manifest: createCodexPluginPackageManifest(context),
+      assets: [
+        {
+          surfaceId: "plugin-skills-directory",
+          manifestField: "skills",
+          path: ".codex-plugin/skills/",
+          description: "Codex plugin-bundled skill directory."
+        },
+        {
+          surfaceId: "plugin-mcp-json",
+          manifestField: "mcpServers",
+          path: ".codex-plugin/.mcp.json",
+          description: "Codex plugin-bundled MCP server definitions.",
+          content: stableJson2(createCodexBuiltinMcpJsonConfig())
+        },
+        {
+          surfaceId: "plugin-hooks-json",
+          manifestField: "hooks",
+          path: ".codex-plugin/hooks/hooks.json",
+          description: "Codex plugin-bundled hook configuration.",
+          hookDefinitions: []
+        }
+      ]
+    });
+    return {
+      harness: "codex",
+      artifacts: [
+        ...agentArtifacts.artifacts,
+        ...configArtifacts.artifacts,
+        ...pluginPackage.artifacts,
+        ...skillLayout.artifacts
+      ],
+      diagnostics: [
+        ...agentArtifacts.diagnostics,
+        ...configArtifacts.diagnostics,
+        ...pluginPackage.diagnostics,
+        ...skillLayout.diagnostics,
+        ...hookReadinessDiagnostics(),
+        ...capabilityDiagnostics()
+      ]
+    };
+  }
+};
+
+// src/cli/codex-paths.ts
+import { homedir } from "os";
+import { join as join2 } from "path";
+var CODEX_ROLE_NAMES = [
+  "explorer",
+  "librarian",
+  "oracle",
+  "designer",
+  "quick",
+  "deep"
+];
+function getCodexHome(options = {}) {
+  const explicit = options.codexHome ?? process.env.CODEX_HOME?.trim();
+  return explicit || join2(options.homeDir ?? homedir(), ".codex");
+}
+function resolveCodexTargets(options) {
+  const codexHome = getCodexHome(options);
+  const agentsDir = options.scope === "project" ? join2(options.projectRoot, ".codex", "agents") : join2(codexHome, "agents");
+  return {
+    scope: options.scope,
+    codexHome,
+    configPath: join2(codexHome, "config.toml"),
+    rootInstructionsPath: join2(codexHome, "AGENTS.md"),
+    roleAgentPaths: CODEX_ROLE_NAMES.map((role) => ({
+      role,
+      path: join2(agentsDir, `thoth-agents-${role}.toml`)
+    })),
+    managedModelsPath: join2(
+      codexHome,
+      "agents",
+      ".thoth-agents-managed-models.json"
+    ),
+    skillsDir: options.scope === "project" ? join2(options.projectRoot, ".agents", "skills") : join2(options.homeDir ?? homedir(), ".agents", "skills"),
+    packageRoot: join2(options.projectRoot, ".codex-plugin"),
+    personalPluginRoot: join2(codexHome, "plugins", "thoth-agents"),
+    personalMarketplacePath: join2(
+      options.homeDir ?? homedir(),
+      ".agents",
+      "plugins",
+      "marketplace.json"
+    )
+  };
+}
+
+// src/cli/codex-install.ts
+import {
+  copyFileSync as copyFileSync2,
+  existsSync as existsSync4,
+  mkdirSync as mkdirSync2,
+  readFileSync as readFileSync4,
+  rmSync,
+  writeFileSync as writeFileSync2
+} from "fs";
+import { basename, dirname as dirname3, isAbsolute, join as join4, relative as relative2 } from "path";
+import { fileURLToPath as fileURLToPath2 } from "url";
+
+// src/harness/codex-plugin-paths.ts
+import { join as join3 } from "path";
+var CODEX_PLUGIN_ARTIFACT_PREFIX = ".codex-plugin/";
+function codexPluginRootArtifactPath(artifactPath) {
+  if (!artifactPath.startsWith(CODEX_PLUGIN_ARTIFACT_PREFIX)) {
+    throw new Error(`Expected Codex plugin artifact path: ${artifactPath}`);
+  }
+  const relativePath = artifactPath.slice(CODEX_PLUGIN_ARTIFACT_PREFIX.length);
+  if (relativePath === ".mcp.json") return relativePath;
+  if (relativePath === "plugin.json" || relativePath.startsWith(".")) {
+    return join3(".codex-plugin", relativePath);
+  }
+  return relativePath;
+}
+
+// src/cli/codex-config-io.ts
+import {
+  copyFileSync,
+  existsSync as existsSync3,
+  mkdirSync,
+  readFileSync as readFileSync3,
+  renameSync,
+  writeFileSync
+} from "fs";
+import { dirname as dirname2 } from "path";
+function splitTomlLines(content) {
+  return (content.match(/[^\r\n]*(?:\r\n|\n|\r)|[^\r\n]+$/g) ?? []).map(
+    (rawLine) => {
+      const eol = /(\r\n|\n|\r)$/.exec(rawLine)?.[1] ?? "";
+      return {
+        text: eol ? rawLine.slice(0, -eol.length) : rawLine,
+        eol
+      };
+    }
+  );
+}
+function tomlLineBreak(content) {
+  return /(\r\n|\n|\r)/.exec(content)?.[1] ?? "\n";
+}
+function uncommentedTomlLine(line) {
+  return line.split("#", 1)[0].trim();
+}
+function isTomlTableHeader(line) {
+  const trimmed = uncommentedTomlLine(line);
+  return trimmed.startsWith("[[") && trimmed.endsWith("]]") || trimmed.startsWith("[") && trimmed.endsWith("]");
+}
+function isFeaturesHeader(line) {
+  return uncommentedTomlLine(line) === "[features]";
+}
+function renderTomlLines(lines) {
+  return lines.map((line) => `${line.text}${line.eol}`).join("");
+}
+function ensureLineHasEol(lines, index, eol) {
+  if (index >= 0 && lines[index]?.eol === "") lines[index].eol = eol;
+}
+function appendFeaturesSection(content) {
+  const eol = tomlLineBreak(content);
+  if (!content) {
+    return `[features]${eol}default_mode_request_user_input = true${eol}`;
+  }
+  const separator = content.endsWith("\n") || content.endsWith("\r") ? content.endsWith(`${eol}${eol}`) ? "" : eol : `${eol}${eol}`;
+  return `${content}${separator}[features]${eol}default_mode_request_user_input = true${eol}`;
+}
+function patchCodexDefaultModeUserInputFeature(content) {
+  const lines = splitTomlLines(content);
+  const eol = tomlLineBreak(content);
+  const featuresStart = lines.findIndex((line) => isFeaturesHeader(line.text));
+  if (featuresStart === -1) return appendFeaturesSection(content);
+  let featuresEnd = lines.length;
+  for (let index = featuresStart + 1; index < lines.length; index++) {
+    if (isTomlTableHeader(lines[index].text)) {
+      featuresEnd = index;
+      break;
+    }
+  }
+  const flagPattern = /^(\s*default_mode_request_user_input\s*=\s*)(true|false)(\b.*)$/;
+  for (let index = featuresStart + 1; index < featuresEnd; index++) {
+    const match = flagPattern.exec(lines[index].text);
+    if (!match) continue;
+    if (match[2] === "true") return content;
+    lines[index].text = `${match[1]}true${match[3]}`;
+    return renderTomlLines(lines);
+  }
+  let insertAt = featuresEnd;
+  while (insertAt > featuresStart + 1 && lines[insertAt - 1].text.trim() === "")
+    insertAt--;
+  ensureLineHasEol(lines, insertAt - 1, eol);
+  lines.splice(insertAt, 0, {
+    text: "default_mode_request_user_input = true",
+    eol
+  });
+  return renderTomlLines(lines);
+}
+function buildCodexManagedConfigPatch(content, options) {
+  const diffSummary = [
+    "ensure features.default_mode_request_user_input = true"
+  ];
+  if (options.pluginId) {
+    diffSummary.push(
+      `plugin enablement for "${options.pluginId}" is not textually merged; use /plugins to enable it`
+    );
+  } else {
+    diffSummary.push(
+      "plugin enablement left to /plugins; no guessed plugin id written"
+    );
+  }
+  return {
+    content: patchCodexDefaultModeUserInputFeature(content),
+    diffSummary,
+    warnings: []
+  };
+}
+function writeCodexConfigMerge(options) {
+  try {
+    const before = existsSync3(options.configPath) ? readFileSync3(options.configPath, "utf8") : "";
+    const merged = buildCodexManagedConfigPatch(before, {
+      pluginId: options.pluginId
+    });
+    const changed = before !== merged.content;
+    if (options.dryRun || !changed) {
+      return {
+        success: true,
+        configPath: options.configPath,
+        changed,
+        diffSummary: merged.diffSummary,
+        warnings: merged.warnings
+      };
+    }
+    mkdirSync(dirname2(options.configPath), { recursive: true });
+    const backupPath = `${options.configPath}.bak`;
+    if (existsSync3(options.configPath))
+      copyFileSync(options.configPath, backupPath);
+    const tmpPath = `${options.configPath}.tmp`;
+    writeFileSync(tmpPath, merged.content);
+    renameSync(tmpPath, options.configPath);
+    return {
+      success: true,
+      configPath: options.configPath,
+      backupPath: existsSync3(backupPath) ? backupPath : void 0,
+      changed,
+      diffSummary: merged.diffSummary,
+      warnings: merged.warnings
+    };
+  } catch (error) {
+    return {
+      success: false,
+      configPath: options.configPath,
+      changed: false,
+      diffSummary: [],
+      warnings: [],
+      error: error instanceof Error ? error.message : String(error)
+    };
+  }
+}
+
+// src/cli/codex-install.ts
+var ROOT_START = "<!-- thoth-agents:codex-root:start -->";
+var ROOT_END = "<!-- thoth-agents:codex-root:end -->";
+var MANAGED_MODEL_STATE_VERSION = 1;
+function mergeManagedBlock(existing, managedBlock) {
+  const start = existing.indexOf(ROOT_START);
+  const end = existing.indexOf(ROOT_END);
+  if (start !== -1 && end !== -1 && end > start) {
+    return `${existing.slice(0, start)}${managedBlock}${existing.slice(end + ROOT_END.length).replace(/^\s*\n/, "")}`;
+  }
+  return `${existing}${existing.endsWith("\n") || existing.length === 0 ? "" : "\n"}
+${managedBlock}`;
+}
+function writeTextWithBackup(path2, content) {
+  mkdirSync2(dirname3(path2), { recursive: true });
+  if (existsSync4(path2) && readFileSync4(path2, "utf8") === content) return false;
+  if (existsSync4(path2)) copyFileSync2(path2, `${path2}.bak`);
+  writeFileSync2(path2, content);
+  return true;
+}
+function packageArtifactTarget(packageRoot, artifact) {
+  return join4(packageRoot, codexPluginRootArtifactPath(artifact.path));
+}
+function resolvePackageRoot(packageRoot) {
+  if (packageRoot) return packageRoot;
+  return findPackageRoot(fileURLToPath2(new URL(".", import.meta.url))) ?? void 0;
+}
+function normalizeRelativeMarketplacePath(path2) {
+  const normalized = path2.replaceAll("\\", "/");
+  if (isAbsolute(path2) || /^[A-Za-z]:\//.test(normalized)) return normalized;
+  if (normalized.startsWith("./")) return normalized;
+  return `./${normalized}`;
+}
+function marketplaceSourcePath(homeDir, personalPluginRoot) {
+  return normalizeRelativeMarketplacePath(
+    relative2(homeDir, personalPluginRoot)
+  );
+}
+function managedMarketplaceEntry(homeDir, personalPluginRoot) {
+  return {
+    name: "thoth-agents",
+    source: {
+      source: "local",
+      path: marketplaceSourcePath(homeDir, personalPluginRoot)
+    },
+    policy: {
+      installation: "AVAILABLE",
+      authentication: "ON_INSTALL"
+    },
+    category: "Productivity"
+  };
+}
+function stableJson3(value) {
+  return `${JSON.stringify(value, null, 2)}
+`;
+}
+function emptyManagedModelState() {
+  return {
+    version: MANAGED_MODEL_STATE_VERSION,
+    models: {}
+  };
+}
+function stringRecord(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) return {};
+  return Object.fromEntries(
+    Object.entries(value).filter(
+      (entry) => typeof entry[0] === "string" && typeof entry[1] === "string"
+    )
+  );
+}
+function readManagedModelState(path2) {
+  if (!existsSync4(path2)) return emptyManagedModelState();
+  try {
+    const parsed = JSON.parse(readFileSync4(path2, "utf8"));
+    if (parsed.version !== MANAGED_MODEL_STATE_VERSION || !parsed.models || typeof parsed.models !== "object" || Array.isArray(parsed.models)) {
+      return emptyManagedModelState();
+    }
+    return {
+      version: MANAGED_MODEL_STATE_VERSION,
+      models: stringRecord(parsed.models),
+      ...Object.keys(stringRecord(parsed.configuredModels)).length > 0 ? { configuredModels: stringRecord(parsed.configuredModels) } : {}
+    };
+  } catch {
+    return emptyManagedModelState();
+  }
+}
+function parseRoleTomlModel(content) {
+  const match = /^model\s*=\s*"((?:\\.|[^"\\])*)"\s*$/m.exec(content);
+  if (!match) return void 0;
+  return match[1].replace(/\\n/g, "\n").replace(/\\t/g, "	").replace(/\\"/g, '"').replace(/\\\\/g, "\\");
+}
+function escapeTomlString2(value) {
+  return value.replace(/\\/g, "\\\\").replace(/"/g, '\\"').replace(/\t/g, "\\t").replace(/\n/g, "\\n").replace(/\f/g, "\\f").replace(/\r/g, "\\r");
+}
+function replaceRoleTomlModel(content, model) {
+  const rendered = `model = "${escapeTomlString2(model)}"`;
+  if (/^model\s*=\s*"(?:\\.|[^"\\])*"\s*$/m.test(content)) {
+    return content.replace(/^model\s*=\s*"(?:\\.|[^"\\])*"\s*$/m, rendered);
+  }
+  return `${rendered}
+${content}`;
+}
+function roleManagedModelStateKey(path2) {
+  return basename(path2);
+}
+function applyCodexManagedModelOverrides(config, overrides) {
+  if (config.dryRun) {
+    return {
+      success: true,
+      changed: [],
+      diagnostics: [
+        "Dry-run Codex model override apply requested; no files were written."
+      ]
+    };
+  }
+  const plan = buildCodexSetupPlan({ ...config, dryRun: true, reset: false });
+  const stateItem = plan.items.find(
+    (item) => item.action === "write-managed-model-state"
+  );
+  const statePath = stateItem?.targetPath;
+  if (!statePath) {
+    return {
+      success: false,
+      changed: [],
+      diagnostics: plan.diagnostics,
+      error: "Codex managed model state target was not found."
+    };
+  }
+  const changed = [];
+  const diagnostics = uniqueMessages([
+    ...plan.diagnostics,
+    ...plan.disclaimers
+  ]);
+  const state = readManagedModelState(statePath);
+  const nextState = {
+    version: MANAGED_MODEL_STATE_VERSION,
+    models: { ...state.models },
+    ...state.configuredModels ? { configuredModels: { ...state.configuredModels } } : {}
+  };
+  try {
+    for (const override of overrides) {
+      const roleItem = plan.items.find(
+        (item) => item.action === "write-role-toml" && item.role === override.role
+      );
+      if (!roleItem?.content) {
+        throw new Error(
+          `Missing Codex role TOML content for ${override.role}.`
+        );
+      }
+      const before = existsSync4(roleItem.targetPath) ? readFileSync4(roleItem.targetPath, "utf8") : roleItem.content;
+      const updated = replaceRoleTomlModel(before, override.model);
+      if (writeTextWithBackup(roleItem.targetPath, updated)) {
+        changed.push(roleItem.targetPath);
+      }
+      const key = roleManagedModelStateKey(roleItem.targetPath);
+      nextState.models[key] = parseRoleTomlModel(roleItem.content) ?? override.model;
+      nextState.configuredModels ??= {};
+      nextState.configuredModels[key] = override.model;
+    }
+    if (writeTextWithBackup(statePath, stableJson3(nextState))) {
+      changed.push(statePath);
+    }
+    return {
+      success: true,
+      changed,
+      diagnostics: uniqueMessages(diagnostics)
+    };
+  } catch (error) {
+    return {
+      success: false,
+      changed,
+      diagnostics: uniqueMessages(diagnostics),
+      error: error instanceof Error ? error.message : String(error)
+    };
+  }
+}
+function resolveRoleTomlContent(options) {
+  const renderedModel = parseRoleTomlModel(options.renderedContent);
+  const key = roleManagedModelStateKey(options.targetPath);
+  if (!renderedModel) return options.renderedContent;
+  const configuredModel = options.reset ? void 0 : options.state.configuredModels?.[key];
+  if (options.reset || !existsSync4(options.targetPath)) {
+    options.nextState.models[key] = renderedModel;
+    if (configuredModel !== void 0) {
+      options.nextState.configuredModels ??= {};
+      options.nextState.configuredModels[key] = configuredModel;
+      return replaceRoleTomlModel(options.renderedContent, configuredModel);
+    }
+    return options.renderedContent;
+  }
+  const currentModel = parseRoleTomlModel(
+    readFileSync4(options.targetPath, "utf8")
+  );
+  if (configuredModel !== void 0) {
+    options.nextState.models[key] = renderedModel;
+    options.nextState.configuredModels ??= {};
+    options.nextState.configuredModels[key] = configuredModel;
+    return replaceRoleTomlModel(
+      options.renderedContent,
+      currentModel && currentModel !== configuredModel ? currentModel : configuredModel
+    );
+  }
+  const trackedModel = options.state.models[key];
+  const isUserOwned = currentModel !== void 0 && (trackedModel === void 0 ? currentModel !== renderedModel : currentModel !== trackedModel);
+  if (isUserOwned) {
+    if (trackedModel !== void 0)
+      options.nextState.models[key] = trackedModel;
+    return replaceRoleTomlModel(options.renderedContent, currentModel);
+  }
+  options.nextState.models[key] = renderedModel;
+  return options.renderedContent;
+}
+function mergePersonalMarketplace(existing, homeDir, personalPluginRoot) {
+  const parsed = existing.trim() ? JSON.parse(existing) : {};
+  const plugins = Array.isArray(parsed.plugins) ? parsed.plugins : [];
+  const managedEntry = managedMarketplaceEntry(homeDir, personalPluginRoot);
+  const nextPlugins = plugins.filter(
+    (entry) => !(entry && typeof entry === "object" && "name" in entry && entry.name === "thoth-agents")
+  ).concat(managedEntry);
+  return stableJson3({
+    ...parsed,
+    name: typeof parsed.name === "string" ? parsed.name : "personal-marketplace",
+    interface: parsed.interface && typeof parsed.interface === "object" ? parsed.interface : { displayName: "Personal Plugin Marketplace" },
+    plugins: nextPlugins
+  });
+}
+function roleArtifactContent(role, artifacts) {
+  const path2 = `.codex/agents/thoth-agents-${role}.toml`;
+  const artifact = artifacts.find((candidate) => candidate.path === path2);
+  if (!artifact?.content)
+    throw new Error(`Missing Codex role artifact: ${path2}`);
+  return String(artifact.content);
+}
+function buildCodexSetupPlan(config) {
+  const targets = resolveCodexTargets({
+    scope: config.scope,
+    projectRoot: config.projectRoot,
+    homeDir: config.homeDir,
+    codexHome: config.codexHome
+  });
+  const packageRoot = resolvePackageRoot(config.packageRoot);
+  const render = codexAdapter.render({
+    projectRoot: config.projectRoot,
+    ...packageRoot ? { packageRoot } : {}
+  });
+  const packageArtifacts = render.artifacts.filter(
+    (artifact) => artifact.path.startsWith(".codex-plugin/")
+  );
+  const rootBlock = renderCodexRootInstructions();
+  const managedModelState2 = readManagedModelState(targets.managedModelsPath);
+  const nextManagedModelState = emptyManagedModelState();
+  const items = [
+    {
+      kind: "root-instructions",
+      action: "merge-managed-block",
+      targetPath: targets.rootInstructionsPath,
+      description: `Merge managed Codex root instructions into ${targets.rootInstructionsPath}.`,
+      requiresBackup: true,
+      content: rootBlock
+    },
+    ...targets.roleAgentPaths.map(
+      (target) => ({
+        kind: "role-subagent-toml",
+        action: "write-role-toml",
+        targetPath: target.path,
+        description: `Materialize Codex role subagent ${target.role}.`,
+        requiresBackup: existsSync4(target.path),
+        role: target.role,
+        content: resolveRoleTomlContent({
+          renderedContent: roleArtifactContent(target.role, render.artifacts),
+          targetPath: target.path,
+          state: managedModelState2,
+          nextState: nextManagedModelState,
+          reset: config.reset
+        })
+      })
+    ),
+    {
+      kind: "managed-model-state",
+      action: "write-managed-model-state",
+      targetPath: targets.managedModelsPath,
+      description: "Record thoth-agents-managed Codex role model ownership state.",
+      requiresBackup: existsSync4(targets.managedModelsPath),
+      content: stableJson3(nextManagedModelState)
+    },
+    ...packageArtifacts.map(
+      (artifact) => ({
+        kind: "personal-plugin-source",
+        action: "refresh-package",
+        targetPath: packageArtifactTarget(targets.personalPluginRoot, artifact),
+        description: `Refresh Personal Codex plugin source asset ${artifact.path}.`,
+        requiresBackup: false,
+        content: String(artifact.content ?? "")
+      })
+    ),
+    {
+      kind: "personal-marketplace",
+      action: "merge-marketplace",
+      targetPath: targets.personalMarketplacePath,
+      description: "Register Personal Codex marketplace entry for the local thoth-agents plugin source.",
+      requiresBackup: existsSync4(targets.personalMarketplacePath),
+      content: targets.personalPluginRoot
+    },
+    {
+      kind: "user-config",
+      action: "merge-toml",
+      targetPath: targets.configPath,
+      description: "Merge managed Codex feature gates into user config.toml.",
+      requiresBackup: true
+    },
+    {
+      kind: "diagnostic",
+      action: "diagnose-only",
+      targetPath: targets.codexHome,
+      description: "Report /plugins, /hooks, precedence, and capability review steps.",
+      requiresBackup: false
+    }
+  ];
+  return {
+    dryRun: config.dryRun === true,
+    reset: config.reset,
+    items,
+    configPath: targets.configPath,
+    pluginId: config.pluginId,
+    diagnostics: [
+      "Restart Codex, then run /plugins to review and enable the Personal thoth-agents plugin registered through ~/.agents/plugins/marketplace.json.",
+      "Run /hooks to review and trust plugin hooks; features.plugin_hooks does not bypass hook trust review.",
+      "Codex Default mode user-input requests require features.default_mode_request_user_input = true and use the request_user_input tool; other modes may not expose it.",
+      "Higher-precedence Codex config (project, profile, CLI, system, or admin) may override user config feature flags."
+    ],
+    disclaimers: [
+      "Role permissions, provider-per-agent settings, memory governance, and hook enforcement are instruction-level or user-managed unless documented Codex runtime controls are available.",
+      "Codex v1 reset is managed-only; no broad destructive --force behavior is implemented."
+    ]
+  };
+}
+function formatCodexSetupPlan(plan) {
+  const refreshPackageGroups = /* @__PURE__ */ new Map();
+  for (const item of plan.items) {
+    if (item.action !== "refresh-package") continue;
+    const group = refreshPackageGroups.get(item.kind) ?? [];
+    group.push(item);
+    refreshPackageGroups.set(item.kind, group);
+  }
+  const renderedRefreshKinds = /* @__PURE__ */ new Set();
+  const lines = [];
+  for (const item of plan.items) {
+    if (item.action !== "refresh-package") {
+      lines.push(`- ${item.action}: ${item.targetPath} (${item.description})`);
+      continue;
+    }
+    if (renderedRefreshKinds.has(item.kind)) continue;
+    renderedRefreshKinds.add(item.kind);
+    lines.push(formatRefreshPackageGroup(item.kind, refreshPackageGroups));
+  }
+  return ["Codex setup plan:", ...lines].join("\n");
+}
+function formatRefreshPackageGroup(kind, groups) {
+  const items = groups.get(kind) ?? [];
+  const description = kind === "personal-plugin-source" ? "Refresh Personal Codex plugin source" : "Refresh documented .codex-plugin package";
+  return `- refresh-package: ${commonTargetDirectory(items)} (${description}, ${items.length} files.)`;
+}
+function commonTargetDirectory(items) {
+  if (items.length === 0) return "";
+  let common = dirname3(items[0]?.targetPath ?? "");
+  for (const item of items.slice(1)) {
+    while (!isSameOrChildPath(item.targetPath, common)) {
+      const parent = dirname3(common);
+      if (parent === common) return common;
+      common = parent;
+    }
+  }
+  return common;
+}
+function isSameOrChildPath(path2, parent) {
+  return path2 === parent || path2.startsWith(`${parent}\\`) || path2.startsWith(`${parent}/`);
+}
+function uniqueMessages(messages) {
+  return [...new Set(messages)];
+}
+function applyCodexSetup(plan) {
+  const changed = [];
+  const diagnostics = uniqueMessages([
+    ...plan.diagnostics,
+    ...plan.disclaimers
+  ]);
+  if (plan.dryRun) return { success: true, changed, diagnostics };
+  try {
+    for (const targetPath of managedRefreshRoots(plan)) {
+      rmSync(targetPath, { recursive: true, force: true });
+    }
+    for (const item of plan.items) {
+      if (item.action === "diagnose-only") continue;
+      if (item.action === "merge-toml") {
+        const result = writeCodexConfigMerge({
+          configPath: item.targetPath,
+          dryRun: false,
+          pluginId: plan.pluginId
+        });
+        diagnostics.push(...result.diffSummary, ...result.warnings);
+        if (!result.success) throw new Error(result.error);
+        if (result.changed) changed.push(item.targetPath);
+        continue;
+      }
+      if (item.action === "merge-marketplace") {
+        if (item.content === void 0) continue;
+        const content2 = mergePersonalMarketplace(
+          existsSync4(item.targetPath) ? readFileSync4(item.targetPath, "utf8") : "",
+          dirname3(dirname3(dirname3(item.targetPath))),
+          item.content
+        );
+        if (writeTextWithBackup(item.targetPath, content2))
+          changed.push(item.targetPath);
+        continue;
+      }
+      if (item.content === void 0) continue;
+      const content = item.action === "merge-managed-block" ? mergeManagedBlock(
+        existsSync4(item.targetPath) ? readFileSync4(item.targetPath, "utf8") : "",
+        item.content
+      ) : item.content;
+      if (writeTextWithBackup(item.targetPath, content))
+        changed.push(item.targetPath);
+    }
+    return { success: true, changed, diagnostics: uniqueMessages(diagnostics) };
+  } catch (error) {
+    return {
+      success: false,
+      changed,
+      diagnostics: uniqueMessages(diagnostics),
+      error: error instanceof Error ? error.message : String(error)
+    };
+  }
+}
+function managedRefreshRoots(plan) {
+  const refreshGroups = /* @__PURE__ */ new Map();
+  for (const item of plan.items) {
+    if (item.action !== "refresh-package") continue;
+    const group = refreshGroups.get(item.kind) ?? [];
+    group.push(item);
+    refreshGroups.set(item.kind, group);
+  }
+  return [...refreshGroups].filter(([kind]) => kind === "personal-plugin-source").map(([, items]) => commonTargetDirectory(items)).filter((path2) => path2.length > 0);
+}
+
+// src/cli/operations/codex.ts
+import { existsSync as existsSync5, readFileSync as readFileSync5 } from "fs";
+import { basename as basename2 } from "path";
+var CODEX_DISPLAY_NAME = "Codex";
+var codexPlanSources = /* @__PURE__ */ new WeakMap();
+var codexModelSources = /* @__PURE__ */ new WeakMap();
+var codexActions = [
+  {
+    id: "codex-status",
+    kind: "status",
+    label: "Status",
+    description: "Inspect managed Codex setup state",
+    dryRun: false,
+    requiresConfirmation: false,
+    supported: true
+  },
+  {
+    id: "codex-list",
+    kind: "list",
+    label: "List",
+    description: "List managed Codex surfaces and actions",
+    dryRun: false,
+    requiresConfirmation: false,
+    supported: true
+  },
+  {
+    id: "codex-install",
+    kind: "install",
+    label: "Install",
+    description: "Preview Codex agent-pack setup install",
+    dryRun: true,
+    requiresConfirmation: true,
+    supported: true
+  },
+  {
+    id: "codex-update",
+    kind: "update",
+    label: "Update",
+    description: "Preview Codex managed setup refresh",
+    dryRun: true,
+    requiresConfirmation: true,
+    supported: true
+  },
+  {
+    id: "codex-sync",
+    kind: "sync",
+    label: "Sync",
+    description: "Preview Codex managed configuration sync",
+    dryRun: true,
+    requiresConfirmation: true,
+    supported: true
+  },
+  {
+    id: "codex-model-config",
+    kind: "model-config",
+    label: "Model",
+    description: "Preview supported Codex subagent model line changes",
+    dryRun: true,
+    requiresConfirmation: true,
+    supported: true
+  }
+];
+var codexOperationAdapter = {
+  id: "codex",
+  displayName: CODEX_DISPLAY_NAME,
+  available: true,
+  description: "Codex agent-pack and managed subagent surfaces.",
+  actions: codexActions
+};
+function codexConfig(context = { cwd: process.cwd() }, dryRun) {
+  return {
+    dryRun,
+    reset: false,
+    scope: context.scope ?? "user",
+    projectRoot: context.cwd,
+    homeDir: context.homeDir,
+    codexHome: context.codexHome,
+    packageRoot: context.packageRoot,
+    pluginId: context.pluginId
+  };
+}
+function codexDisclaimers() {
+  return [
+    {
+      message: "Codex root orchestration remains ambient instructions, not a generated root/orchestrator subagent model surface.",
+      code: "codex-root-guidance-only"
+    },
+    {
+      message: "Provider-per-role behavior, hook trust, permissions, and memory governance are instruction-level or user-managed unless Codex exposes runtime controls.",
+      code: "codex-runtime-limits"
+    }
+  ];
+}
+function warning(message, code) {
+  return { severity: "important", message, code };
+}
+function targetForItem(item, state, observed) {
+  return {
+    kind: item.kind === "managed-model-state" ? "memory-state" : "generated-artifact",
+    path: item.targetPath,
+    label: item.role ? `Codex ${item.role} subagent` : item.kind.replaceAll("-", " "),
+    state,
+    expected: item.action,
+    observed,
+    description: item.description
+  };
+}
+function surfaceForItem(item) {
+  return {
+    id: `${item.kind}:${item.role ?? basename2(item.targetPath)}`,
+    label: item.role ? `Codex ${item.role} subagent TOML` : item.kind.replaceAll("-", " "),
+    path: item.targetPath,
+    description: item.description
+  };
+}
+function backupForItem(item) {
+  return {
+    required: item.requiresBackup,
+    strategy: item.requiresBackup ? "managed-backup-file" : "none",
+    destinations: item.requiresBackup ? [{ path: `${item.targetPath}.bak`, label: "managed backup" }] : []
+  };
+}
+function rootBlockState(item) {
+  if (!existsSync5(item.targetPath))
+    return { state: "missing", observed: "absent" };
+  const content = readFileSync5(item.targetPath, "utf8");
+  if (item.content && content.includes(item.content)) {
+    return { state: "installed", observed: "managed root block present" };
+  }
+  if (content.includes("thoth-agents:codex-root:start")) {
+    return { state: "drift", observed: "managed root block differs" };
+  }
+  return { state: "missing", observed: "managed root block absent" };
+}
+function managedModelState(item) {
+  if (!existsSync5(item.targetPath))
+    return { state: "missing", observed: "absent" };
+  try {
+    const parsed = JSON.parse(readFileSync5(item.targetPath, "utf8"));
+    if (parsed.version !== MANAGED_MODEL_STATE_VERSION || !parsed.models || typeof parsed.models !== "object" || Array.isArray(parsed.models)) {
+      return { state: "unknown", observed: "invalid managed model state" };
+    }
+    return item.content === readFileSync5(item.targetPath, "utf8") ? { state: "installed", observed: "managed model state current" } : { state: "drift", observed: "managed model state differs" };
+  } catch {
+    return { state: "unknown", observed: "unparseable managed model state" };
+  }
+}
+function userConfigState(item) {
+  if (!existsSync5(item.targetPath))
+    return { state: "missing", observed: "absent" };
+  const content = readFileSync5(item.targetPath, "utf8");
+  if (/^\s*default_mode_request_user_input\s*=\s*true\b/m.test(content)) {
+    return {
+      state: "installed",
+      observed: "default mode request input enabled"
+    };
+  }
+  if (/^\s*default_mode_request_user_input\s*=\s*false\b/m.test(content)) {
+    return { state: "drift", observed: "default mode request input disabled" };
+  }
+  return { state: "missing", observed: "managed feature flag absent" };
+}
+function marketplaceState(item) {
+  if (!existsSync5(item.targetPath))
+    return { state: "missing", observed: "absent" };
+  try {
+    const parsed = JSON.parse(readFileSync5(item.targetPath, "utf8"));
+    const plugins = Array.isArray(parsed.plugins) ? parsed.plugins : [];
+    const entry = plugins.find(
+      (plugin) => plugin && typeof plugin === "object" && "name" in plugin && plugin.name === "thoth-agents"
+    );
+    if (!entry)
+      return { state: "missing", observed: "marketplace entry absent" };
+    const sourcePath = typeof entry === "object" && entry && "source" in entry && entry.source && typeof entry.source === "object" && "path" in entry.source ? String(entry.source.path) : "";
+    return sourcePath.includes(".codex/plugins/thoth-agents") ? { state: "installed", observed: "marketplace entry present" } : { state: "drift", observed: `marketplace source ${sourcePath}` };
+  } catch {
+    return { state: "unknown", observed: "unparseable marketplace JSON" };
+  }
+}
+function contentState(item) {
+  if (!existsSync5(item.targetPath))
+    return { state: "missing", observed: "absent" };
+  const observed = readFileSync5(item.targetPath, "utf8");
+  if (basename2(item.targetPath) === "plugin.json" && item.targetPath.replaceAll("\\", "/").includes("/.codex-plugin/")) {
+    try {
+      const expectedVersion = JSON.parse(item.content ?? "{}").version;
+      const observedVersion = JSON.parse(observed).version;
+      if (typeof expectedVersion === "string" && typeof observedVersion === "string" && expectedVersion !== observedVersion) {
+        return {
+          state: "outdated",
+          observed: `version ${observedVersion}; expected ${expectedVersion}`
+        };
+      }
+    } catch {
+      return { state: "unknown", observed: "unparseable plugin manifest" };
+    }
+  }
+  if (item.content === observed)
+    return { state: "installed", observed: "current" };
+  if (item.role) {
+    const currentModel = parseRoleTomlModel(observed);
+    const expectedModel = parseRoleTomlModel(item.content ?? "");
+    if (currentModel && expectedModel && currentModel !== expectedModel) {
+      return {
+        state: "drift",
+        observed: `model ${currentModel}; expected ${expectedModel}`
+      };
+    }
+  }
+  return { state: "drift", observed: "content differs" };
+}
+function classifyItem(item) {
+  if (item.action === "diagnose-only") {
+    return { state: "unknown", observed: "diagnostic guidance only" };
+  }
+  if (item.action === "merge-managed-block") return rootBlockState(item);
+  if (item.action === "write-managed-model-state") {
+    return managedModelState(item);
+  }
+  if (item.action === "merge-toml") return userConfigState(item);
+  if (item.action === "merge-marketplace") return marketplaceState(item);
+  return contentState(item);
+}
+function aggregateState(states) {
+  if (states.includes("unknown")) return "unknown";
+  if (states.includes("drift")) return "drift";
+  if (states.includes("outdated")) return "outdated";
+  if (states.includes("missing")) return "missing";
+  return "installed";
+}
+function statusSummary(state) {
+  switch (state) {
+    case "installed":
+      return "Codex managed setup surfaces are installed and current.";
+    case "missing":
+      return "Codex managed setup surfaces are missing.";
+    case "drift":
+      return "Codex managed setup exists but differs from expected managed output.";
+    case "outdated":
+      return "Codex managed setup includes an older generated package artifact.";
+    case "unknown":
+      return "Codex managed setup could not be classified safely.";
+  }
+}
+function getCodexStatus(context = { cwd: process.cwd() }) {
+  let plan;
+  try {
+    plan = buildCodexSetupPlan(codexConfig(context, true));
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    return {
+      harness: "codex",
+      displayName: CODEX_DISPLAY_NAME,
+      state: "unknown",
+      summary: `Codex setup plan could not be built: ${message}`,
+      targets: [],
+      diagnostics: [
+        {
+          severity: "critical",
+          message,
+          code: "codex-plan-build-failed"
+        }
+      ],
+      actions: codexActions,
+      disclaimers: codexDisclaimers()
+    };
+  }
+  const classified = plan.items.filter((item) => item.action !== "diagnose-only").map((item) => ({ item, ...classifyItem(item) }));
+  const state = aggregateState(classified.map((item) => item.state));
+  const diagnostics = plan.diagnostics.map((message) => ({
+    severity: "minor",
+    message,
+    code: "codex-diagnostic"
+  }));
+  return {
+    harness: "codex",
+    displayName: CODEX_DISPLAY_NAME,
+    state,
+    summary: statusSummary(state),
+    targets: classified.map(
+      ({ item, state: state2, observed }) => targetForItem(item, state2, observed)
+    ),
+    diagnostics,
+    actions: codexActions,
+    disclaimers: [
+      ...codexDisclaimers(),
+      ...plan.disclaimers.map((message) => ({ message }))
+    ]
+  };
+}
+function planItemFromSetup(item) {
+  return {
+    title: item.description,
+    target: targetForItem(item),
+    preview: item.content,
+    backup: backupForItem(item)
+  };
+}
+function planFromSetup(id, action, title, summary, setupPlan, context) {
+  const status = getCodexStatus(context);
+  const canApply = status.state === "installed" || status.state === "missing" || status.state === "outdated";
+  const plan = {
+    id,
+    harness: "codex",
+    action,
+    title,
+    summary,
+    dryRun: true,
+    canApply,
+    targets: status.targets,
+    surfaces: setupPlan.items.filter((item) => item.action !== "diagnose-only").map(surfaceForItem),
+    backup: {
+      required: setupPlan.items.some((item) => item.requiresBackup),
+      strategy: "existing-helper",
+      description: "Codex setup apply uses the existing installer backup behavior for files that already exist."
+    },
+    items: setupPlan.items.map(planItemFromSetup),
+    warnings: [
+      ...status.diagnostics,
+      ...canApply ? [] : [
+        warning(
+          `Codex state is ${status.state}; apply is disabled until the state is safely classified or repaired.`,
+          "codex-unsafe-state"
+        )
+      ]
+    ],
+    disclaimers: [
+      ...codexDisclaimers(),
+      ...setupPlan.disclaimers.map((message) => ({ message }))
+    ]
+  };
+  codexPlanSources.set(plan, setupPlan);
+  return plan;
+}
+function buildCodexUpdatePlan(context = { cwd: process.cwd() }) {
+  const setupPlan = buildCodexSetupPlan(codexConfig(context, true));
+  return planFromSetup(
+    "codex-update-preview",
+    "update",
+    "Update Codex managed setup",
+    "Preview Codex managed setup refresh using buildCodexSetupPlan().",
+    setupPlan,
+    context
+  );
+}
+function buildCodexSyncPlan(context = { cwd: process.cwd() }) {
+  const setupPlan = buildCodexSetupPlan(codexConfig(context, true));
+  return planFromSetup(
+    "codex-sync-preview",
+    "sync",
+    "Sync Codex managed configuration",
+    "Preview Codex managed root instructions, subagents, plugin source, marketplace entry, and feature gates.",
+    setupPlan,
+    context
+  );
+}
+function buildCodexInstallPlan(context = { cwd: process.cwd() }) {
+  const setupPlan = buildCodexSetupPlan(codexConfig(context, true));
+  return planFromSetup(
+    "codex-install-preview",
+    "install",
+    "Install Codex managed setup",
+    "Preview Codex managed agent-pack setup using buildCodexSetupPlan().",
+    setupPlan,
+    context
+  );
+}
+function normalizeCodexModel(input) {
+  if (input.provider && !input.model.includes("/")) {
+    return `${input.provider}/${input.model}`;
+  }
+  return input.model;
+}
+function isCodexRole(role) {
+  return CODEX_ROLE_NAMES.includes(role);
+}
+function buildCodexModelPlan(input, context = { cwd: process.cwd() }) {
+  const status = getCodexStatus(context);
+  const supportedRoles = input.roles.filter((role) => isCodexRole(role.role)).map((role) => ({
+    role: role.role,
+    model: normalizeCodexModel(role)
+  }));
+  const unsupportedRoles = input.roles.filter(
+    (role) => !isCodexRole(role.role)
+  );
+  const warnings = [
+    ...status.diagnostics,
+    ...input.warnings ?? [],
+    ...unsupportedRoles.map(
+      (role) => warning(
+        `Codex does not expose a supported generated model surface for ${role.role}; this plan will not write that role.`,
+        "codex-unsupported-model-role"
+      )
+    )
+  ];
+  if (input.harness !== "codex") {
+    warnings.push(
+      warning(
+        "Model plan target harness must be codex.",
+        "codex-model-harness-mismatch"
+      )
+    );
+  }
+  const targets = supportedRoles.map(({ role }) => {
+    const target = status.targets.find(
+      (candidate) => candidate.path?.endsWith(`thoth-agents-${role}.toml`)
+    );
+    return target ?? {
+      kind: "generated-artifact",
+      label: `Codex ${role} subagent`,
+      state: "missing"
+    };
+  });
+  const config = codexConfig(context, false);
+  const stateTarget = status.targets.find(
+    (target) => target.path?.endsWith(".thoth-agents-managed-models.json")
+  );
+  const plan = {
+    id: "codex-model-config-preview",
+    harness: "codex",
+    action: "model-config",
+    title: "Configure Codex subagent model lines",
+    summary: "Preview model changes for generated Codex subagent TOML files and .thoth-agents-managed-models.json only.",
+    dryRun: true,
+    canApply: input.harness === "codex" && supportedRoles.length > 0 && status.state !== "unknown",
+    targets: [...targets, ...stateTarget ? [stateTarget] : []],
+    surfaces: targets.map((target) => ({
+      id: `codex-model:${target.label}`,
+      label: target.label ?? "Codex subagent TOML",
+      path: target.path,
+      state: target.state
+    })),
+    backup: {
+      required: true,
+      strategy: "managed-backup-file",
+      description: "Existing subagent TOML and managed model state files are backed up by the managed write helper."
+    },
+    items: supportedRoles.map(({ role, model }) => ({
+      title: `Set ${role} Codex subagent model line`,
+      target: targets.find(
+        (target) => target.path?.endsWith(`thoth-agents-${role}.toml`)
+      ) ?? {
+        kind: "generated-artifact",
+        label: `Codex ${role} subagent`
+      },
+      preview: JSON.stringify({ role, model }),
+      backup: {
+        required: true,
+        strategy: "managed-backup-file"
+      }
+    })),
+    warnings,
+    disclaimers: [
+      ...codexDisclaimers(),
+      ...input.disclaimers ?? [],
+      {
+        message: "Codex model configuration writes only generated subagent TOML model lines and the managed model state JSON.",
+        code: "codex-model-supported-surface"
+      }
+    ]
+  };
+  codexModelSources.set(plan, { config, roles: supportedRoles });
+  return plan;
+}
+function rejectPlan(plan, message, severity = "critical") {
+  return {
+    harness: plan.harness,
+    action: plan.action,
+    applied: false,
+    summary: message,
+    changedTargets: [],
+    backups: [],
+    warnings: [{ severity, message }],
+    disclaimers: codexDisclaimers()
+  };
+}
+function validateCodexPlan(plan) {
+  if (plan.harness !== "codex") {
+    return rejectPlan(plan, "Only Codex operation plans can be applied.");
+  }
+  if (!plan.canApply) {
+    return rejectPlan(
+      plan,
+      "Codex plan cannot be applied because canApply is false."
+    );
+  }
+  if (!["install", "update", "sync", "model-config"].includes(plan.action)) {
+    return rejectPlan(plan, `Unsupported Codex apply action: ${plan.action}.`);
+  }
+  if (plan.items.length === 0) {
+    return rejectPlan(plan, "Codex plan has no items to apply.");
+  }
+  return null;
+}
+function applyCodexPlan(plan) {
+  const rejection = validateCodexPlan(plan);
+  if (rejection) return rejection;
+  if (plan.action === "model-config") {
+    const source = codexModelSources.get(plan);
+    if (!source) {
+      return rejectPlan(
+        plan,
+        "Codex model plan was not produced by buildCodexModelPlan in this process."
+      );
+    }
+    const result2 = applyCodexManagedModelOverrides(source.config, source.roles);
+    return {
+      harness: "codex",
+      action: "model-config",
+      applied: result2.success,
+      summary: result2.success ? "Applied Codex subagent model overrides." : result2.error ?? "Failed to apply Codex subagent model overrides.",
+      changedTargets: result2.changed.map((path2) => ({
+        kind: path2.endsWith(".json") ? "memory-state" : "generated-artifact",
+        path: path2,
+        label: basename2(path2),
+        state: "installed"
+      })),
+      backups: result2.changed.filter((path2) => existsSync5(`${path2}.bak`)).map((path2) => ({ path: `${path2}.bak`, label: "managed backup" })),
+      warnings: result2.success ? [] : [
+        {
+          severity: "critical",
+          message: result2.error ?? "Codex model apply failed."
+        }
+      ],
+      disclaimers: codexDisclaimers()
+    };
+  }
+  const setupPlan = codexPlanSources.get(plan);
+  if (!setupPlan) {
+    return rejectPlan(
+      plan,
+      "Codex setup plan was not produced by a Codex operation plan builder in this process."
+    );
+  }
+  const result = applyCodexSetup({ ...setupPlan, dryRun: false });
+  return {
+    harness: "codex",
+    action: plan.action,
+    applied: result.success,
+    summary: result.success ? `Applied Codex managed ${plan.action} plan.` : result.error ?? `Failed to apply Codex ${plan.action} plan.`,
+    changedTargets: result.changed.map((path2) => ({
+      kind: path2.endsWith(".json") ? "memory-state" : "generated-artifact",
+      path: path2,
+      label: basename2(path2),
+      state: "installed"
+    })),
+    backups: result.changed.filter((path2) => existsSync5(`${path2}.bak`)).map((path2) => ({ path: `${path2}.bak`, label: "managed backup" })),
+    warnings: result.success ? [] : [
+      {
+        severity: "critical",
+        message: result.error ?? "Codex setup apply failed."
+      }
+    ],
+    disclaimers: codexDisclaimers()
+  };
+}
+
+// src/cli/operations/opencode.ts
+import { existsSync as existsSync7 } from "fs";
+import { join as join6 } from "path";
+
+// src/cli/skills.ts
+import { spawnSync } from "child_process";
+import { existsSync as existsSync6 } from "fs";
+import { homedir as homedir2 } from "os";
+import { join as join5 } from "path";
+var RECOMMENDED_SKILLS = [
+  {
+    name: "simplify",
+    repo: "https://github.com/brianlovin/claude-config",
+    skillName: "simplify",
+    description: "YAGNI code simplification expert"
+  },
+  {
+    name: "playwright-cli",
+    repo: "https://github.com/microsoft/playwright-cli",
+    skillName: "playwright-cli",
+    description: "Browser automation for visual checks and testing"
+  }
+];
+function getRecommendedSkillPath(skill, homeDir = homedir2()) {
+  return join5(homeDir, ".agents", "skills", skill.skillName, "SKILL.md");
+}
+function isRecommendedSkillInstalled(skill, options = {}) {
+  return existsSync6(getRecommendedSkillPath(skill, options.homeDir));
+}
+function runSkillInstallCommand(skill) {
+  const args = [
+    "skills",
+    "add",
+    skill.repo,
+    "--skill",
+    skill.skillName,
+    "-a",
+    "opencode",
+    "-y",
+    "--global"
+  ];
+  try {
+    const result = spawnSync("npx", args, { stdio: "inherit" });
+    if (result.status !== 0) {
+      return { success: false };
+    }
+    if (skill.postInstallCommands && skill.postInstallCommands.length > 0) {
+      console.log(`Running post-install commands for ${skill.name}...`);
+      for (const cmd of skill.postInstallCommands) {
+        console.log(`> ${cmd}`);
+        const [command, ...cmdArgs] = cmd.split(" ");
+        const cmdResult = spawnSync(command, cmdArgs, { stdio: "inherit" });
+        if (cmdResult.status !== 0) {
+          console.warn(`Post-install command failed: ${cmd}`);
+        }
+      }
+    }
+    return { success: true };
+  } catch (error) {
+    console.error(`Failed to install skill: ${skill.name}`, error);
+    return { success: false, error };
+  }
+}
+function installRecommendedSkill(skill, options = {}) {
+  const skillPath = getRecommendedSkillPath(skill, options.homeDir);
+  if (isRecommendedSkillInstalled(skill, options)) {
+    return { skill, status: "already-installed", skillPath };
+  }
+  const result = runSkillInstallCommand(skill);
+  if (result.success) {
+    return { skill, status: "installed", skillPath };
+  }
+  if (isRecommendedSkillInstalled(skill, options)) {
+    return { skill, status: "already-installed", skillPath };
+  }
+  return { skill, status: "failed", skillPath, error: result.error };
+}
+
+// src/cli/operations/opencode.ts
+var PACKAGE_NAME = "thoth-agents";
+var EXPECTED_PLUGIN = `${PACKAGE_NAME}@latest`;
+var OPENAI_PRESET = "openai";
+var ROLE_NAMES = [...ALL_AGENT_NAMES];
+var openCodeActions = [
+  {
+    id: "opencode-status",
+    kind: "status",
+    label: "Status",
+    description: "Inspect managed OpenCode config state",
+    dryRun: false,
+    requiresConfirmation: false,
+    supported: true
+  },
+  {
+    id: "opencode-list",
+    kind: "list",
+    label: "List",
+    description: "List managed OpenCode surfaces and actions",
+    dryRun: false,
+    requiresConfirmation: false,
+    supported: true
+  },
+  {
+    id: "opencode-install",
+    kind: "install",
+    label: "Install",
+    description: "Preview OpenCode install using --no-tui --tmux=no --skills=yes semantics",
+    dryRun: true,
+    requiresConfirmation: true,
+    supported: true
+  },
+  {
+    id: "opencode-update",
+    kind: "update",
+    label: "Update",
+    description: "Preview OpenCode plugin entry updates",
+    dryRun: true,
+    requiresConfirmation: true,
+    supported: true
+  },
+  {
+    id: "opencode-sync",
+    kind: "sync",
+    label: "Sync",
+    description: "Preview OpenCode managed configuration sync",
+    dryRun: true,
+    requiresConfirmation: true,
+    supported: true
+  },
+  {
+    id: "opencode-model-config",
+    kind: "model-config",
+    label: "Model",
+    description: "Preview OpenCode role model override changes",
+    dryRun: true,
+    requiresConfirmation: true,
+    supported: true
+  }
+];
+var opencodeOperationAdapter = {
+  id: "opencode",
+  displayName: "OpenCode",
+  available: true,
+  description: "OpenCode plugin and configuration surfaces.",
+  actions: openCodeActions
+};
+function targetForMainConfig(state) {
+  return {
+    kind: "config",
+    path: getExistingConfigPath(),
+    label: "OpenCode config",
+    state,
+    expected: `plugin includes ${EXPECTED_PLUGIN}`
+  };
+}
+function targetForLiteConfig(state) {
+  return {
+    kind: "config",
+    path: getExistingLiteConfigPath(),
+    label: "thoth-agents config",
+    state,
+    expected: `seven-agent ${OPENAI_PRESET} roster`
+  };
+}
+function titleCaseSkillName(value) {
+  return value.split(/[-_\s]+/).filter(Boolean).map((part) => {
+    const normalized = part.toLowerCase();
+    if (normalized === "cli") return "CLI";
+    if (normalized === "mcp") return "MCP";
+    if (normalized === "sdd") return "SDD";
+    if (normalized === "opencode") return "OpenCode";
+    return `${part.charAt(0).toUpperCase()}${part.slice(1).toLowerCase()}`;
+  }).join("-");
+}
+function homeDirFromContext(context) {
+  return context.env?.HOME ?? context.env?.USERPROFILE;
+}
+function openCodeSkillTargets(context) {
+  const homeDir = homeDirFromContext(context);
+  const recommendedTargets = RECOMMENDED_SKILLS.map(
+    (skill) => {
+      const path2 = getRecommendedSkillPath(skill, homeDir);
+      const installed = existsSync7(path2);
+      return {
+        kind: "skill",
+        path: path2,
+        label: titleCaseSkillName(skill.skillName),
+        state: installed ? "installed" : "missing",
+        expected: "recommended global OpenCode skill",
+        observed: installed ? "recommended global skill installed" : "recommended global skill missing"
+      };
+    }
+  );
+  const bundledTargets = CUSTOM_SKILLS.map((skill) => {
+    const path2 = join6(getCustomSkillsDir(), skill.name, "SKILL.md");
+    const installed = existsSync7(path2);
+    return {
+      kind: "skill",
+      path: path2,
+      label: titleCaseSkillName(skill.name),
+      state: installed ? "installed" : "missing",
+      expected: "bundled thoth-agents OpenCode skill",
+      observed: installed ? "bundled OpenCode skill installed" : "bundled OpenCode skill missing"
+    };
+  });
+  const diagnostics = [];
+  if (recommendedTargets.some((target) => target.state === "missing")) {
+    diagnostics.push({
+      severity: "minor",
+      message: "Recommended OpenCode global skills are missing; run the OpenCode install flow with skills enabled.",
+      code: "opencode-recommended-skills-missing"
+    });
+  }
+  if (bundledTargets.some((target) => target.state === "missing")) {
+    diagnostics.push({
+      severity: "important",
+      message: "Bundled thoth-agents OpenCode skills are missing; run OpenCode install or sync to refresh managed skills.",
+      code: "opencode-bundled-skills-missing"
+    });
+  }
+  return {
+    targets: [...recommendedTargets, ...bundledTargets],
+    diagnostics
+  };
+}
+function configPluginMarker(config) {
+  const plugins = Array.isArray(config?.plugin) ? config.plugin : [];
+  return plugins.length > 0 ? `plugin: ${JSON.stringify(plugins)}` : "plugin: []";
+}
+function hasExpectedPlugin(config) {
+  return Array.isArray(config?.plugin) && config.plugin.includes(EXPECTED_PLUGIN);
+}
+function hasManagedPluginDrift(config) {
+  return Array.isArray(config?.plugin) && config.plugin.some(
+    (plugin) => plugin === PACKAGE_NAME || plugin.startsWith(`${PACKAGE_NAME}@`)
+  ) && !hasExpectedPlugin(config);
+}
+function liteConfigMarker(config) {
+  const preset = typeof config?.preset === "string" ? config.preset : void 0;
+  const presets = config?.presets && typeof config.presets === "object" ? config.presets : {};
+  const openaiPreset = presets[OPENAI_PRESET] && typeof presets[OPENAI_PRESET] === "object" ? presets[OPENAI_PRESET] : {};
+  const roles = ROLE_NAMES.filter((role) => role in openaiPreset);
+  return `preset: ${preset ?? "none"}; ${OPENAI_PRESET} roles: ${roles.join(", ")}`;
+}
+function hasSevenAgentPreset(config) {
+  if (!config || config.preset !== OPENAI_PRESET) return false;
+  if (!config.presets || typeof config.presets !== "object") return false;
+  const presets = config.presets;
+  const openaiPreset = presets[OPENAI_PRESET];
+  if (!openaiPreset || typeof openaiPreset !== "object") return false;
+  const roles = openaiPreset;
+  return ROLE_NAMES.every((role) => {
+    const value = roles[role];
+    return value !== null && typeof value === "object" && typeof value.model === "string";
+  });
+}
+function classifyApplySafety(state) {
+  return state === "missing" || state === "installed";
+}
+function getOpenCodeStatus(context = { cwd: process.cwd() }) {
+  const mainPath = getExistingConfigPath();
+  const litePath = getExistingLiteConfigPath();
+  const main = parseConfig(mainPath);
+  const lite = parseConfig(litePath);
+  const diagnostics = [];
+  const skillStatus = openCodeSkillTargets(context);
+  if (main.error) {
+    diagnostics.push({
+      severity: "critical",
+      message: `Failed to parse OpenCode config: ${main.error}`,
+      code: "opencode-config-parse-error"
+    });
+  }
+  if (lite.error) {
+    diagnostics.push({
+      severity: "critical",
+      message: `Failed to parse thoth-agents config: ${lite.error}`,
+      code: "thoth-config-parse-error"
+    });
+  }
+  if (diagnostics.some((diagnostic) => diagnostic.severity === "critical")) {
+    return {
+      harness: "opencode",
+      displayName: "OpenCode",
+      state: "unknown",
+      summary: "OpenCode managed state could not be classified safely.",
+      targets: [
+        {
+          ...targetForMainConfig("unknown"),
+          observed: main.error ?? "unparsed"
+        },
+        {
+          ...targetForLiteConfig("unknown"),
+          observed: lite.error ?? "unparsed"
+        },
+        ...skillStatus.targets
+      ],
+      diagnostics: [...diagnostics, ...skillStatus.diagnostics],
+      actions: openCodeActions
+    };
+  }
+  const mainExists = existsSync7(mainPath);
+  const liteExists = existsSync7(litePath);
+  const mainTarget = {
+    ...targetForMainConfig(),
+    observed: configPluginMarker(main.config)
+  };
+  const liteTarget = {
+    ...targetForLiteConfig(),
+    observed: liteConfigMarker(lite.config)
+  };
+  if (!mainExists || !hasExpectedPlugin(main.config)) {
+    if (hasManagedPluginDrift(main.config)) {
+      return {
+        harness: "opencode",
+        displayName: "OpenCode",
+        state: "drift",
+        summary: "OpenCode config has a managed thoth-agents plugin entry that is not latest.",
+        targets: [
+          { ...mainTarget, state: "drift" },
+          { ...liteTarget, state: liteExists ? "installed" : "missing" },
+          ...skillStatus.targets
+        ],
+        diagnostics: [
+          {
+            severity: "important",
+            message: "Managed plugin drift requires an explicit repair before applying sync plans.",
+            code: "opencode-plugin-drift"
+          },
+          ...skillStatus.diagnostics
+        ],
+        actions: openCodeActions
+      };
+    }
+    return {
+      harness: "opencode",
+      displayName: "OpenCode",
+      state: "missing",
+      summary: "OpenCode does not include the managed thoth-agents plugin entry.",
+      targets: [
+        { ...mainTarget, state: "missing" },
+        { ...liteTarget, state: liteExists ? "installed" : "missing" },
+        ...skillStatus.targets
+      ],
+      diagnostics: [...diagnostics, ...skillStatus.diagnostics],
+      actions: openCodeActions
+    };
+  }
+  if (!liteExists) {
+    return {
+      harness: "opencode",
+      displayName: "OpenCode",
+      state: "missing",
+      summary: "OpenCode plugin is present, but thoth-agents config is missing.",
+      targets: [
+        { ...mainTarget, state: "installed" },
+        { ...liteTarget, state: "missing" },
+        ...skillStatus.targets
+      ],
+      diagnostics: [...diagnostics, ...skillStatus.diagnostics],
+      actions: openCodeActions
+    };
+  }
+  if (!hasSevenAgentPreset(lite.config)) {
+    return {
+      harness: "opencode",
+      displayName: "OpenCode",
+      state: "drift",
+      summary: "thoth-agents config does not match the expected seven-agent roster.",
+      targets: [
+        { ...mainTarget, state: "installed" },
+        { ...liteTarget, state: "drift" },
+        ...skillStatus.targets
+      ],
+      diagnostics: [
+        {
+          severity: "important",
+          message: "Roster drift requires repair before applying generated plans.",
+          code: "opencode-roster-drift"
+        },
+        ...skillStatus.diagnostics
+      ],
+      actions: openCodeActions
+    };
+  }
+  return {
+    harness: "opencode",
+    displayName: "OpenCode",
+    state: "installed",
+    summary: "OpenCode managed thoth-agents configuration is installed.",
+    targets: [
+      { ...mainTarget, state: "installed" },
+      { ...liteTarget, state: "installed" },
+      ...skillStatus.targets
+    ],
+    diagnostics: [...diagnostics, ...skillStatus.diagnostics],
+    actions: openCodeActions
+  };
+}
+function defaultBackup(path2) {
+  return {
+    required: true,
+    strategy: "managed-backup-file",
+    destinations: [{ path: `${path2}.bak`, label: "managed backup" }]
+  };
+}
+function defaultDisclaimers() {
+  return [
+    {
+      message: "Preview generation does not inspect OpenCode plugin cache internals or write files.",
+      code: "opencode-cache-not-inspected"
+    }
+  ];
+}
+function planFromItems(id, action, title, summary, items) {
+  const status = getOpenCodeStatus();
+  const safe = classifyApplySafety(status.state);
+  const warnings = safe ? status.diagnostics : [
+    ...status.diagnostics,
+    {
+      severity: "important",
+      message: `OpenCode state is ${status.state}; apply is disabled until the state is repaired or safely classified.`,
+      code: "opencode-unsafe-state"
+    }
+  ];
+  return {
+    id,
+    harness: "opencode",
+    action,
+    title,
+    summary,
+    dryRun: true,
+    canApply: safe,
+    targets: status.targets,
+    surfaces: [
+      {
+        id: "opencode-config",
+        label: "OpenCode user config",
+        path: getExistingConfigPath(),
+        state: status.targets[0]?.state
+      },
+      {
+        id: "thoth-agents-config",
+        label: "thoth-agents plugin config",
+        path: getExistingLiteConfigPath(),
+        state: status.targets[1]?.state
+      }
+    ],
+    backup: defaultBackup(getExistingConfigPath()),
+    items,
+    warnings,
+    disclaimers: defaultDisclaimers()
+  };
+}
+function buildOpenCodeUpdatePlan(_context = { cwd: process.cwd() }) {
+  const path2 = getExistingConfigPath();
+  return planFromItems(
+    "opencode-update-preview",
+    "update",
+    "Update OpenCode managed plugin entry",
+    `Preview ensuring plugin: ["${EXPECTED_PLUGIN}"].`,
+    [
+      {
+        title: "Ensure OpenCode plugin points at thoth-agents@latest",
+        target: targetForMainConfig(),
+        state: getOpenCodeStatus().state,
+        preview: `plugin: ["${EXPECTED_PLUGIN}"]`,
+        backup: defaultBackup(path2)
+      }
+    ]
+  );
+}
+function buildOpenCodeSyncPlan(_context = { cwd: process.cwd() }) {
+  const generatedConfig = generateLiteConfig({
+    agent: "opencode",
+    hasTmux: false,
+    installSkills: false,
+    installCustomSkills: true,
+    dryRun: true,
+    reset: false
+  });
+  const litePath = getExistingLiteConfigPath();
+  return planFromItems(
+    "opencode-sync-preview",
+    "sync",
+    "Sync OpenCode managed configuration",
+    "Preview OpenCode plugin entry, default-agent disablement, and thoth-agents config sync.",
+    [
+      {
+        title: "Ensure OpenCode plugin points at thoth-agents@latest",
+        target: targetForMainConfig(),
+        state: getOpenCodeStatus().state,
+        preview: `plugin: ["${EXPECTED_PLUGIN}"]`,
+        backup: defaultBackup(getExistingConfigPath())
+      },
+      {
+        title: "Disable OpenCode default agents",
+        target: targetForMainConfig(),
+        preview: "agent.explore.disable = true; agent.general.disable = true",
+        backup: defaultBackup(getExistingConfigPath())
+      },
+      {
+        title: "Write thoth-agents seven-agent config",
+        target: targetForLiteConfig(),
+        preview: JSON.stringify(generatedConfig, null, 2),
+        backup: defaultBackup(litePath)
+      }
+    ]
+  );
+}
+function tuiInstallConfig() {
+  return {
+    agent: "opencode",
+    hasTmux: false,
+    installSkills: true,
+    installCustomSkills: true,
+    dryRun: true,
+    reset: false
+  };
+}
+function buildOpenCodeInstallPlan(_context = { cwd: process.cwd() }) {
+  const generatedConfig = generateLiteConfig(tuiInstallConfig());
+  const installPreview = {
+    noTui: true,
+    hasTmux: false,
+    installSkills: true,
+    installCustomSkills: true,
+    equivalentCommand: "install --agent=opencode --no-tui --tmux=no --skills=yes"
+  };
+  const litePath = getExistingLiteConfigPath();
+  return planFromItems(
+    "opencode-install-preview",
+    "install",
+    "Preview install",
+    "Preview OpenCode install equivalent to install --agent=opencode --no-tui --tmux=no --skills=yes.",
+    [
+      {
+        title: "Apply OpenCode TUI install options",
+        target: {
+          kind: "config",
+          path: getExistingConfigPath(),
+          label: "OpenCode install options",
+          state: getOpenCodeStatus().state,
+          expected: "--no-tui --tmux=no --skills=yes"
+        },
+        preview: JSON.stringify(installPreview, null, 2)
+      },
+      {
+        title: "Ensure OpenCode plugin points at thoth-agents@latest",
+        target: targetForMainConfig(),
+        state: getOpenCodeStatus().state,
+        preview: `plugin: ["${EXPECTED_PLUGIN}"]`,
+        backup: defaultBackup(getExistingConfigPath())
+      },
+      {
+        title: "Disable OpenCode default agents",
+        target: targetForMainConfig(),
+        preview: "agent.explore.disable = true; agent.general.disable = true",
+        backup: defaultBackup(getExistingConfigPath())
+      },
+      {
+        title: "Write thoth-agents seven-agent config",
+        target: targetForLiteConfig(),
+        preview: JSON.stringify(generatedConfig, null, 2),
+        backup: defaultBackup(litePath)
+      },
+      {
+        title: "Install recommended external skills",
+        target: {
+          kind: "skill",
+          label: "Recommended OpenCode skills",
+          expected: "skills=yes"
+        },
+        preview: JSON.stringify({ installSkills: true }, null, 2)
+      }
+    ]
+  );
+}
+function normalizeRoleModel(input) {
+  if (input.provider && !input.model.includes("/")) {
+    return `${input.provider}/${input.model}`;
+  }
+  return input.model;
+}
+function buildOpenCodeModelPlan(input, _context = { cwd: process.cwd() }) {
+  const items = input.roles.map((role) => {
+    const model = normalizeRoleModel(role);
+    return {
+      title: `Set ${role.role} OpenCode model override`,
+      target: targetForLiteConfig(),
+      preview: JSON.stringify({ [role.role]: { model } }),
+      backup: defaultBackup(getExistingLiteConfigPath())
+    };
+  });
+  const plan = planFromItems(
+    "opencode-model-config-preview",
+    "model-config",
+    "Configure OpenCode role model overrides",
+    "Preview thoth-agents role model overrides in the plugin config agents map.",
+    items
+  );
+  if (input.harness !== "opencode") {
+    return {
+      ...plan,
+      canApply: false,
+      warnings: [
+        ...plan.warnings,
+        {
+          severity: "critical",
+          message: "Model plan target harness must be opencode.",
+          code: "opencode-model-harness-mismatch"
+        }
+      ]
+    };
+  }
+  const unsupportedRoles = input.roles.filter(
+    (role) => !ROLE_NAMES.includes(role.role)
+  );
+  if (input.roles.length === 0 || unsupportedRoles.length > 0) {
+    return {
+      ...plan,
+      canApply: false,
+      warnings: [
+        ...plan.warnings,
+        {
+          severity: "critical",
+          message: input.roles.length === 0 ? "Model plan must include at least one role override." : `Unsupported OpenCode model role(s): ${unsupportedRoles.map((role) => role.role).join(", ")}.`,
+          code: "opencode-model-roster-incomplete"
+        }
+      ]
+    };
+  }
+  return plan;
+}
+function rejectPlan2(plan, message, severity = "critical") {
+  return {
+    harness: plan.harness,
+    action: plan.action,
+    applied: false,
+    summary: message,
+    changedTargets: [],
+    backups: [],
+    warnings: [{ severity, message }],
+    disclaimers: defaultDisclaimers()
+  };
+}
+function ensureLatestPluginEntry() {
+  const configPath = getExistingConfigPath();
+  try {
+    ensureOpenCodeConfigDir();
+    const { config: parsedConfig, error } = parseConfig(configPath);
+    if (error) {
+      return {
+        success: false,
+        configPath,
+        error: `Failed to parse config: ${error}`
+      };
+    }
+    const config = parsedConfig ?? {};
+    const plugins = Array.isArray(config.plugin) ? config.plugin : [];
+    config.plugin = [
+      ...plugins.filter(
+        (plugin) => plugin !== PACKAGE_NAME && !plugin.startsWith(`${PACKAGE_NAME}@`)
+      ),
+      EXPECTED_PLUGIN
+    ];
+    writeConfig(configPath, config);
+    return { success: true, configPath };
+  } catch (err) {
+    return {
+      success: false,
+      configPath,
+      error: `Failed to update OpenCode plugin config: ${err}`
+    };
+  }
+}
+function validateApplyPlan(plan) {
+  if (plan.harness !== "opencode") {
+    return rejectPlan2(plan, "Only OpenCode operation plans can be applied.");
+  }
+  if (!plan.canApply) {
+    return rejectPlan2(
+      plan,
+      "OpenCode plan cannot be applied because canApply is false."
+    );
+  }
+  if (!["install", "update", "sync", "model-config"].includes(plan.action)) {
+    return rejectPlan2(
+      plan,
+      `Unsupported OpenCode apply action: ${plan.action}.`
+    );
+  }
+  if (plan.items.length === 0) {
+    return rejectPlan2(plan, "OpenCode plan has no items to apply.");
+  }
+  if (plan.items.some(
+    (item) => !item.title || !item.target.path && item.target.kind !== "skill" || item.state === "drift" || item.state === "unknown"
+  )) {
+    return rejectPlan2(
+      plan,
+      "OpenCode plan contains malformed or unsafe items."
+    );
+  }
+  return null;
+}
+function applyModelPlan(plan) {
+  const roleModels = /* @__PURE__ */ new Map();
+  for (const item of plan.items) {
+    const match = /^Set (.+) OpenCode model override$/.exec(item.title);
+    if (!match) {
+      return rejectPlan2(
+        plan,
+        "OpenCode model plan contains an unrecognized item."
+      );
+    }
+    let parsed2;
+    try {
+      parsed2 = item.preview ? JSON.parse(item.preview) : {};
+    } catch {
+      return rejectPlan2(
+        plan,
+        "OpenCode model plan contains malformed preview JSON."
+      );
+    }
+    const role = match[1] ?? "";
+    const model = parsed2[role]?.model;
+    if (!ROLE_NAMES.includes(role) || typeof model !== "string") {
+      return rejectPlan2(
+        plan,
+        "OpenCode model plan contains an invalid role or model."
+      );
+    }
+    roleModels.set(role, model);
+  }
+  if (roleModels.size === 0) {
+    return rejectPlan2(
+      plan,
+      "OpenCode model plan does not contain any role overrides."
+    );
+  }
+  ensureConfigDir();
+  const targetPath = getExistingLiteConfigPath();
+  const parsed = parseConfig(targetPath);
+  const base = parsed.config ?? generateLiteConfig({
+    agent: "opencode",
+    hasTmux: false,
+    installSkills: false,
+    installCustomSkills: true,
+    dryRun: false,
+    reset: false
+  });
+  const agents = base.agents && typeof base.agents === "object" ? { ...base.agents } : {};
+  for (const role of roleModels.keys()) {
+    agents[role] = {
+      ...agents[role] ?? {},
+      model: roleModels.get(role)
+    };
+  }
+  base.agents = agents;
+  writeConfig(targetPath, base);
+  return {
+    harness: "opencode",
+    action: "model-config",
+    applied: true,
+    summary: "Applied OpenCode role model overrides.",
+    changedTargets: [
+      {
+        ...targetForLiteConfig("installed"),
+        observed: "agents role overrides updated"
+      }
+    ],
+    backups: existsSync7(`${targetPath}.bak`) ? [{ path: `${targetPath}.bak`, label: "managed backup" }] : [],
+    warnings: [],
+    disclaimers: defaultDisclaimers()
+  };
+}
+function applyInstallSkills(plan) {
+  for (const skill of RECOMMENDED_SKILLS) {
+    const result = installRecommendedSkill(skill);
+    if (result.status === "failed") {
+      return rejectPlan2(
+        plan,
+        `Failed to install recommended OpenCode skill: ${skill.name}.`
+      );
+    }
+  }
+  const bundled = installCustomSkills();
+  if (!bundled.success) {
+    return rejectPlan2(
+      plan,
+      "Failed to install bundled thoth-agents OpenCode skills."
+    );
+  }
+  return null;
+}
+function applyOpenCodePlan(plan) {
+  const rejection = validateApplyPlan(plan);
+  if (rejection) return rejection;
+  const status = getOpenCodeStatus();
+  if (!classifyApplySafety(status.state)) {
+    return rejectPlan2(
+      plan,
+      `OpenCode state is ${status.state}; refusing to apply plan without a safe status.`
+    );
+  }
+  if (plan.action === "model-config") return applyModelPlan(plan);
+  const changedTargets = [];
+  const backups = [];
+  const pluginResult = ensureLatestPluginEntry();
+  if (!pluginResult.success) {
+    return rejectPlan2(
+      plan,
+      pluginResult.error ?? "Failed to update OpenCode plugin config."
+    );
+  }
+  changedTargets.push({
+    ...targetForMainConfig("installed"),
+    observed: `plugin includes ${EXPECTED_PLUGIN}`
+  });
+  if (existsSync7(`${pluginResult.configPath}.bak`)) {
+    backups.push({
+      path: `${pluginResult.configPath}.bak`,
+      label: "OpenCode config backup"
+    });
+  }
+  if (plan.action === "sync" || plan.action === "install") {
+    const defaultAgentResult = disableDefaultAgents();
+    if (!defaultAgentResult.success) {
+      return rejectPlan2(
+        plan,
+        defaultAgentResult.error ?? "Failed to disable OpenCode default agents."
+      );
+    }
+    const liteResult = writeLiteConfig(
+      {
+        agent: "opencode",
+        hasTmux: false,
+        installSkills: plan.action === "install",
+        installCustomSkills: true,
+        dryRun: false,
+        reset: false
+      },
+      getExistingLiteConfigPath()
+    );
+    if (!liteResult.success) {
+      return rejectPlan2(
+        plan,
+        liteResult.error ?? "Failed to write thoth-agents config."
+      );
+    }
+    changedTargets.push({
+      ...targetForLiteConfig("installed"),
+      observed: "seven-agent roster written"
+    });
+    if (existsSync7(`${liteResult.configPath}.bak`)) {
+      backups.push({
+        path: `${liteResult.configPath}.bak`,
+        label: "thoth-agents config backup"
+      });
+    }
+  }
+  if (plan.action === "install") {
+    const skillsRejection = applyInstallSkills(plan);
+    if (skillsRejection) return skillsRejection;
+    changedTargets.push({
+      kind: "skill",
+      label: "Recommended and bundled OpenCode skills",
+      state: "installed",
+      observed: "skills=yes processed"
+    });
+  }
+  return {
+    harness: "opencode",
+    action: plan.action,
+    applied: true,
+    summary: plan.action === "install" ? "Applied OpenCode install plan." : plan.action === "sync" ? "Applied OpenCode managed configuration sync." : "Applied OpenCode plugin update.",
+    changedTargets,
+    backups,
+    warnings: [],
+    disclaimers: defaultDisclaimers()
+  };
+}
+
+// src/cli/operations/index.ts
+var OPERATION_HARNESSES = {
+  opencode: opencodeOperationAdapter,
+  codex: codexOperationAdapter
+};
+var SUPPORTED_OPERATION_HARNESSES = Object.keys(
+  OPERATION_HARNESSES
+);
+function listOperationHarnesses() {
+  return SUPPORTED_OPERATION_HARNESSES.map(
+    (harness) => OPERATION_HARNESSES[harness]
+  );
+}
+function getOperationHarness(harness) {
+  return OPERATION_HARNESSES[harness];
+}
+
+export {
+  codexAdapter,
+  CODEX_ROLE_NAMES,
+  parseRoleTomlModel,
+  buildCodexSetupPlan,
+  formatCodexSetupPlan,
+  applyCodexSetup,
+  RECOMMENDED_SKILLS,
+  installRecommendedSkill,
+  getCodexStatus,
+  buildCodexUpdatePlan,
+  buildCodexSyncPlan,
+  buildCodexInstallPlan,
+  buildCodexModelPlan,
+  applyCodexPlan,
+  getOpenCodeStatus,
+  buildOpenCodeUpdatePlan,
+  buildOpenCodeSyncPlan,
+  buildOpenCodeInstallPlan,
+  buildOpenCodeModelPlan,
+  applyOpenCodePlan,
+  SUPPORTED_OPERATION_HARNESSES,
+  listOperationHarnesses,
+  getOperationHarness
+};