Conversation
Add a pre-exit analysis phase that spawns an Opus agent to review development records from a methodology perspective. The agent produces a sanitized report (no project-specific info) and optionally helps the user file a GitHub issue with improvement suggestions. New --privacy flag disables the feature; legacy loops default to privacy=true (opt-in only for new loops). The phase integrates into all three non-manual exit paths (complete, stop, maxiter) using the established Finalize Phase pattern with state file renaming and a completion artifact gate.
Address Codex review findings: - Require methodology-analysis-report.md to exist before allowing completion (prevents silent no-op when Opus agent does not run) - Fail closed when .methodology-exit-reason marker is missing or invalid instead of defaulting to "complete" (prevents misreporting stop/maxiter loops as successful)
…y analysis The Opus analysis agent needs to read all round-*-summary.md and round-*-review-result.md files, but the read validator was blocking access to summaries from non-current rounds. Bypass the round number check when methodology-analysis-state.md is the active state file, while still requiring files to be within the active loop directory.
…d allowlist Address Codex review findings: - Use realpath to canonicalize paths before prefix check, preventing directory traversal attacks (e.g., LOOP_DIR/../sensitive-file) - Restrict allowed reads to an explicit allowlist of files the analysis agent actually needs: round summaries, review results, and its own artifacts. This prevents exposing plan.md, prompt files, and other project-specific loop metadata that would undercut sanitization.
Add methodology analysis restrictions to all four validators: - Read validator: restrict loop dir reads to allowlisted artifacts only - Write validator: block all writes except methodology report/done marker - Edit validator: block all edits except methodology report/done marker - Bash validator: block git write commands and in-place file editing tools This prevents source code modifications after Codex has signed off and prevents project-specific information from leaking into the analysis report.
All four validators now try unfiltered loop search when session-filtered search returns empty, so spawned agents (with different session_id) are also subject to methodology analysis restrictions. Bash validator now blocks: touch, mv, cp, rm, dd, truncate, chmod, chown, output redirection to non-/dev/ paths, and all git write commands.
Handle BSD/macOS where realpath fails for non-existent files by resolving the parent directory and appending the basename. This allows the initial Write to methodology-analysis-report.md to succeed. Narrow the bash gh allowlist from all gh commands to only gh issue subcommands, preventing workspace mutations via gh pr checkout, gh repo clone, or mutating gh api calls.
Read validator now blocks reads of files within the project root (not just loop dir) during methodology analysis, while still allowing system files outside the project (CLAUDE.md, configs). This prevents the analysis agent from accessing source code that could leak into the report. Bash validator now blocks common interpreter commands (python, ruby, node, perl, php) during methodology analysis as defense-in-depth against file write bypasses.
…ology analysis Add find_methodology_analysis_loop() that scans all loop directories for methodology-analysis-state.md instead of using the unfiltered find_active_loop fallback which only returns the newest active loop. This prevents spawned agents from binding to a wrong concurrent session during methodology analysis. Block shell script entry points (bash/sh/zsh, build tools, source/dot commands, direct script execution) in the bash validator during methodology analysis to prevent bypassing file modification restrictions via wrapper binaries.
…y exit Remove the gh issue early exit that short-circuited all subsequent methodology analysis checks. Commands like 'gh issue create; rm file' were bypassing blockers. Now all commands go through the full blocklist; pure gh issue commands pass naturally since they match no blocker. Add cancel-rlcr-loop.sh to the allowlist so the cancel command works during the methodology analysis phase. Document concurrent methodology analysis limitation in find_methodology_analysis_loop.
…bcommands Only fall back to find_methodology_analysis_loop when NO session-matched loop was found (spawned agent case). If a session has its own active loop, do NOT search for another session's methodology analysis state -- that would apply restrictions to an unrelated concurrent session. Add git restore, clean, rm, mv to the methodology analysis git command blocklist to prevent working tree modifications after Codex signoff.
…back Remove unfiltered find_methodology_analysis_loop fallback from all validators. The fallback incorrectly applied methodology analysis restrictions to unrelated sessions opened in the same repo. Now only the originating session (matched by session_id) gets restricted. Spawned agents rely on their prompt for guidance. Add raw path fallback when realpath is unavailable (older macOS/BSD) to prevent deadlock where the originating session cannot write completion artifacts.
…tor status Add git switch/pull/clone/submodule/worktree and mkdir/rmdir/ln/mktemp to the methodology analysis bash command blocklist. Require methodology-analysis-report.md to have content (not just exist) before allowing the methodology analysis phase to complete. Add methodology-analysis-state.md to statusline state file resolution and show "Analyzing" status. Treat methodology-analysis as active phase in monitor color.
…ead code Require cancel-rlcr-loop.sh to be a standalone command (no shell operators) to prevent chained commands from bypassing methodology analysis restrictions. Document that spawned agents are not restricted by hooks due to session_id mismatch -- their sanitization is enforced by the analysis prompt. This is an inherent limitation of the hook architecture. Remove unused find_methodology_analysis_loop function.
Remove round-*-summary.md and round-*-review-result.md from the methodology analysis Read allowlist. The originating session should only read the sanitized methodology-analysis-report.md, not raw development records that contain project-specific information. The spawned agent reads raw records directly (not restricted by hooks due to different session_id). Document that read-only bash commands are intentionally not blocked during methodology analysis -- blocking them would break basic operations. The analysis prompt is the primary enforcement mechanism for sanitization.
Update blocked-read messages to match actual allowlist (methodology-analysis-* files only). Previous messages incorrectly listed round-*-summary.md and round-*-review-result.md which were removed from the allowlist.
The template was referenced in loop-common.sh but never created, causing the CI template-references test to fail.
The cancel-rlcr-loop.sh allowlist in the bash validator matched when the script name appeared as an argument to another command (e.g. cp). Anchor the regex to the start of the command string so only direct invocations are allowed. Move the methodology analysis completion handler in the stop hook to run before the git-clean check. Writing methodology artifacts can make the working tree appear dirty when .humanize is tracked, which would block exit before the handler ever ran.
Replace hardcoded #!/bin/bash with #!/usr/bin/env bash for better portability across different Unix systems where bash may be installed in non-standard locations. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Remove spurious blank stderr line from load_template on missing files - Add awk exit code propagation in render_template to surface failures - Extract _emit_fallback helper to deduplicate load_and_render_safe - Prevent append_template from appending empty content on missing templates - Extend validate_template_dir to check all required subdirs (plan, pr-loop) - Bump version to 1.14.1 Signed-off-by: Chao Liu <chao.liu.zevorn@gmail.com>
- add native Codex hook config and installer, wire RLCR/PR stop hooks, and document Codex setup and usage - fix BitLesson selector routing and update related skills/docs - simplify install-skill target handling and harden RLCR test mock argument parsing
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: dbb88bcade
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| # portable-timeout.sh already sourced above | ||
|
|
||
| # Disable native hooks for nested Codex reviewer calls to prevent Stop-hook recursion. | ||
| CODEX_DISABLE_HOOKS_ARGS=(--disable codex_hooks) |
There was a problem hiding this comment.
This new flag is unconditionally added to nested Codex invocations, but the hook only validates that codex exists and never checks whether the installed CLI supports --disable codex_hooks; on older Codex builds, the nested codex call exits with an unknown-argument error, which causes RLCR stop handling to treat review as failed and repeatedly block loop/finalize exits. Add a feature/version probe (or a fallback path without this flag) before injecting it.
Useful? React with 👍 / 👎.
| if not isinstance(stop_groups, list): | ||
| raise SystemExit(f"existing hooks config has invalid Stop array: {hooks_file}") | ||
|
|
||
| managed_pattern = re.compile(r"(^|/)humanize/hooks/(loop-codex-stop-hook\.sh|pr-loop-stop-hook\.sh)$") |
There was a problem hiding this comment.
The stale-hook cleanup regex hardcodes /humanize/hooks/, so installs that use the supported --runtime-root option with any other path (for example /opt/hz/...) will never match existing managed commands; rerunning the installer then appends duplicate loop/pr Stop hooks instead of replacing them, breaking idempotency for custom layouts.
Useful? React with 👍 / 👎.
Replace #!/bin/bash with #!/usr/bin/env bash for better portability across different Unix systems (e.g. NixOS) where bash may be installed in non-standard locations. Also fix remaining shebangs in files added after the original PR was created. Includes prepare_runtime_bin() helper for test PATH isolation.
…ation - Remove spurious blank stderr line from load_template - Add awk exit code propagation in render_template - Extract _emit_fallback helper to eliminate duplicated fallback logic - Guard append_template against appending empty content - Extend validate_template_dir to check all 5 required subdirectories
Add a pre-exit analysis that runs an independent agent to analyze development methodology before the RLCR loop fully exits. The analysis is sanitized of project-specific information and can optionally help file improvement suggestions. Feature is enabled by default; disable with --privacy flag on loop start. Includes validator enforcement during the analysis and monitor/statusline support for the analyzing status.
The nested-hook regression test was added to tests/ but never registered in run-all-tests.sh TEST_SUITES, so CI's main entrypoint skipped the --disable codex_hooks coverage. Regressions in nested Codex invocation handling could ship without tripping any check. Fixes also required to make the test actually pass once wired in: - Mock codex now answers `--help` with output that advertises `--disable`, matching the feature probe in loop-codex-stop-hook.sh. Without this, the probe cached "no support" and the hook emitted argv without the guard flag, so the assertions failed. - Set executable bit so run-all-tests.sh can dispatch the script.
Contributor
Author
|
@codex review this PR as entirety |
The Codex CLI documents that global flags for a subcommand must be
passed after the subcommand so they apply as intended. The stop hook
was invoking nested reviewer calls as:
codex --disable codex_hooks exec ...
codex --disable codex_hooks review ...
With the flag in front of the subcommand, Codex may ignore it, which
re-enables the native Stop hook inside the nested invocation and
reintroduces the Stop-hook recursion under RLCR.
Move CODEX_DISABLE_HOOKS_ARGS after the exec/review subcommand in both
the executed command and the logged command-line trace. Update the
regression test to assert the new argv order.
Contributor
Author
|
@codex review this PR as entirety |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 0ca864d516
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
+89
to
+90
| if echo "$COMMAND_LOWER" | grep -qE '^[[:space:]]*"?([^[:space:]"]+/)?cancel-rlcr-loop\.sh"?([[:space:]]|$)' && \ | ||
| ! echo "$COMMAND_LOWER" | grep -qE '[;|&]'; then |
There was a problem hiding this comment.
The methodology-phase allowlist returns early for any command beginning with cancel-rlcr-loop.sh as long as it does not contain ;, |, or &, which still permits shell-expansion payloads such as cancel-rlcr-loop.sh $(touch /tmp/pwn) (and newline/redirection variants) to run additional write operations before cancel executes. Because this early exit 0 happens before the file-modification blockers, it creates a bypass of the intended read-only safety boundary during methodology analysis.
Useful? React with 👍 / 👎.
The methodology-phase cancel exception returned early for any command
beginning with cancel-rlcr-loop.sh that did not contain `;`, `|`, or `&`.
Payloads such as
cancel-rlcr-loop.sh $(touch /tmp/pwn)
cancel-rlcr-loop.sh \`touch /tmp/pwn\`
cancel-rlcr-loop.sh > /tmp/pwn
cancel-rlcr-loop.sh\nrm -rf /
still satisfied the narrow metachar check and short-circuited past the
downstream file-mod, redirection, and interpreter blockers, effectively
letting arbitrary write operations ride alongside the cancel
invocation.
Extend the reject list to include command substitution opener `$(`,
backticks, redirection (`<`, `>`), and embedded newlines, and switch
from `echo | grep` to a bash case expression so a newline inside the
command text does not bypass the single-line grep semantics. Preserve
`${CLAUDE_PLUGIN_ROOT}` variable expansion (which does not use `$(`) so
the slash-command cancel path continues to work.
Contributor
Author
|
@codex review this PR as entirety |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: cd367ee1ff
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
+617
to
+620
| if [[ "$IS_METHODOLOGY_ANALYSIS_PHASE" == "true" ]]; then | ||
| if complete_methodology_analysis; then | ||
| # Analysis complete, allow exit | ||
| exit 0 |
There was a problem hiding this comment.
When methodology-analysis-state.md is active, this branch exits as soon as complete_methodology_analysis succeeds, so the later git-clean check is never reached. That allows the loop to transition to complete-state.md even if tracked project files are still dirty (for example, edits made during analysis), which can mark unreviewed changes as finalized. Please run the existing git-clean validation (with .humanize exceptions) before allowing methodology completion to exit.
Useful? React with 👍 / 👎.
| exit 2 | ||
| fi | ||
| # Block file manipulation commands (touch, mv, cp, rm, mkdir, ln, etc.) | ||
| if echo "$COMMAND_LOWER" | grep -qE '(^|[[:space:];|&])(tee|install|touch|mv|cp|rm|dd|truncate|chmod|chown|mkdir|rmdir|ln|mktemp)[[:space:]]'; then |
There was a problem hiding this comment.
The methodology-phase Bash restriction relies on a command denylist here, but it omits common file mutators like patch; combined with the current checks, commands such as patch -p0 < /tmp/diff are allowed and can modify tracked source files after Codex sign-off. Since methodology completion can then exit without another review pass, this creates a path for post-review code changes to slip through.
Useful? React with 👍 / 👎.
The methodology-phase file-modification regex enumerates common write
utilities (tee, mv, cp, rm, ...) but omits `patch`, so commands like
patch -p0 < /tmp/diff
passed the denylist and could apply arbitrary edits to tracked source
files after Codex sign-off. Because methodology completion can exit
without another review pass, any changes written via patch would ship
unreviewed.
Add `patch` to the word-boundary-anchored alternation so it is rejected
alongside the other file mutators. The anchor keeps unrelated names
like `gpatch` unaffected.
When methodology-analysis-state.md is active, the stop hook returned exit 0 as soon as complete_methodology_analysis succeeded, short- circuiting past the main git-clean gate. Tracked source edits made during the analysis phase (for example, post-Codex-signoff modifications) could slip through unreviewed the moment the completion marker appeared. Re-run the existing git-clean validation inside the methodology completion branch before allowing the terminal exit. Reuse the HUMANIZE_UNTRACKED_PATTERN filter from the main gate so legitimate .humanize/rlcr/... methodology artifacts are not themselves treated as dirty. If the filtered status is non-empty, block with the same git-not-clean template the main gate uses.
Contributor
Author
|
@codex review this PR as entirety |
|
Codex Review: Didn't find any major issues. You're on a roll. ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
Contributor
Author
|
|
Introduces a design document for a new /humanize:gen-idea command that sits one step before gen-plan in the Humanize workflow. The command applies the directed-diversity insight from Anthropic's Automated W2S Researcher note: a lead picks N orthogonal directions and delegates one direction per Explore subagent, then synthesizes a repo-grounded draft suitable as gen-plan input. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Five-task plan covering the draft template, IO validation script, command spec, README/version bumps, and an end-to-end smoke check. Targets dev for the 1.16.1 release. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Skeleton populated by the command's Phase 4 synthesis step. Placeholders <TITLE>, <ORIGINAL_IDEA>, <PRIMARY_*>, <ALTERNATIVES>, <SYNTHESIS_NOTES> are filled deterministically by the command body. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Detects inline vs .md file input, writes inline text to a tempfile so downstream phases always consume a file, derives a URL-safe slug, and resolves the default output path under .humanize/ideas/. Exit codes parallel validate-gen-plan-io.sh. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Two corrections required to pass macOS smoke tests: - Path heuristic now treats slashes as path-indicating only when no whitespace is present, so inline ideas like "add undo/redo" are not misread as paths. - mktemp template drops the .md suffix (BSD mktemp does not support a suffix after the X template). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Code-quality review surfaced three items on the IO validation script: - Guard `realpath $IDEA_INPUT` with a fallback so older macOS does not trip `set -e` on the file-input branch. - Comment explaining the caller owns tempfile cleanup (no trap) so a future maintainer does not silently break the caller. - Comment clarifying the path-vs-inline heuristic and its limitation (a non-existent path with spaces falls through to inline mode). The plan's literal script copy is updated to match. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Five-phase command: parse, validate via scripts/validate-gen-idea-io.sh, generate N orthogonal directions grounded in repo context, fan out N parallel Explore subagents in a single Task-tool message, synthesize one primary plus N-1 alternatives into the new template, write the draft. No Codex, no tests, no config-loader integration in this pass. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Five documentation patches to commands/gen-idea.md (and the mirrored copy in the plan doc): - State that degraded runs renumber surviving alternatives Alt-1..Alt-K sequentially rather than preserving source-index gaps. - Specify the rendering of the `exploratory, no concrete precedent` sentinel as a single bullet when it is the sole evidence. - Note that the Hard Constraint permits the validation script's prerequisite `.humanize/ideas/` directory creation. - Bold the Sequential Execution Constraint label for style parity with gen-plan.md. - Pin the Phase 2 context paths (README.md, CLAUDE.md, .claude/CLAUDE.md) to the project root via `git rev-parse --show-toplevel`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Add a Quick Start entry for /humanize:gen-idea above the existing gen-plan step and sync version across plugin.json, marketplace.json, and the README header. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Address final-review findings: - Implement the spec's warn-and-continue behavior for inline ideas shorter than 10 characters by emitting a `WARNING: short idea ...` line on stdout before VALIDATION_SUCCESS. The command spec documents this as a non-error informational line that should be surfaced to the user but does not block Phase 2. - Note in Phase 1 that SLUG is informational; it is already baked into OUTPUT_FILE by the script and does not need to be consumed directly by later phases. - Mirror both edits into the plan doc copies. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
An argument ending in .md was unconditionally classified as a path, so inline ideas that mention a markdown filename (for example "rename README.md") failed validation with INPUT_NOT_FOUND instead of being accepted as inline text. Gate the .md heuristic on the same "no whitespace" rule the "/" branch already applied. Ideas with any whitespace fall through to inline mode, while clean strings like "./idea.md" or "path/to/idea.md" still surface a helpful INPUT_NOT_FOUND error when the file is absent.
The file-input branch validated existence, .md extension, and non-empty
content but never checked readability. An unreadable regular .md file
passed validation and then triggered a less actionable runtime failure
when the command itself tried to read IDEA_BODY_FILE.
Insert an -r readability check between the extension and emptiness
checks. Emit VALIDATION_ERROR: INPUT_NOT_READABLE with exit 2, aligning
with the advertised exit-code path ("missing, not readable, or not .md")
in the command spec.
Inline mode created a per-run mktemp file under TMPDIR and deliberately left it in place so the caller could read it after the script exited. On long-lived developer machines or CI workers this produced unbounded tempfile growth and retained user-provided idea text on disk beyond command completion. Eliminate the tempfile entirely. The script now emits the inline idea body on stdout between the literal sentinel lines "=== IDEA_BODY_BEGIN ===" and "=== IDEA_BODY_END ===". The caller extracts the body from that block when INPUT_MODE is inline, and still reads IDEA_BODY_FILE from disk in file mode. IDEA_BODY_FILE is now only emitted in file mode; stdout contract for inline mode gains the sentinel block but drops the on-disk handoff. Update commands/gen-idea.md to document the new mode-aware body retrieval and to reference the in-memory IDEA_BODY value in the Phase 3 subagent prompt and Phase 4 template placeholder.
feat(gen-idea): directed-swarm idea drafting command (1.16.1)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
/gen-ideaslash command: directed-swarm idea drafting that expands a short prompt into a structured design draft, with slug resolution, IO validation, inline-vs-file arg handling, and an emitted draft template (PR feat(gen-idea): directed-swarm idea drafting command (1.16.1) #99)#!/usr/bin/env bash) across all shell scripts for NixOS and non-standard bash locations (PR Use portable shebang across all shell scripts #49)_emit_fallbackdedup,validate_template_direxpanded to all 5 subdirs (PR Harden template-loader error handling and reduce duplication #50)install-codex-hooks.sh) with idempotent managed-hook cleanup (PR Add native Codex hook support and harden install/test flows #47)ask-geminiskill with deep web research via Gemini CLI, plus tool-filtered monitor subcommands (PR Add ask-gemini skill with deep web research #52)<cmt>...</cmt>and<comment>...</comment>annotation formats recognised in/refine-plan(PR Add support for XML-style <cmt>comment</cmt> <comment>comment</comment> formats in refine-plan #78)realpath, prefix-only canonicalization in read/write validators, and symlink-alias rejection for cancel source/destination (PR Canonicalize paths across all humanize hooks and scripts #93, PR Reject symlink aliases for cancel source and destination #94).humanize/) from entering git history (PR Block tracked Humanize loop state from entering git history #86)/loopwith GitHub PR review pollinghumania-orgtoPolyArchBug Fixes (post-merge review)
--disable codex_hooksbehind a feature probe for older Codex builds and place the flag after the Codex subcommanddrift_statuspresence for legacy loop compatsed /Iwith portablegrep -oEiin verdict extractionupsert_state_fieldsawk to split on first=only (prevent value truncation)STATE_PRIVACY_MODEdefault toparse_state_file_strictcodex --helpfeature probe per loop to reduce latencyruntime_rootbefore template substitution in hook installerIMMUTABLE SECTIONheader.humanize/in global gitignore@google/gemini-clipatchin methodology-phase Bash denylistPostToolUsehook to prevent session_id write failure (PR fix: normalize path slashes in PostToolUse hook to prevent session_id write failure #68).humanize/to avoid false blocks~in transcript_path before background-task file check; make tilde-path regressions portabletask_notificationcompletions and keep recovery markerrlcr-stop-gateproject root at every wrapper testsite; normalize loop-start boundary to UTCgen-ideahardening: realpath fallback, tempfile contract, reject unreadable markdown inputs, treat whitespace-containing.mdargs as inline, emit short-idea warning, emit inline idea body via stdout sentinelTest Status
gen-ideaIO validation, stop-hook background-task allowance, multi-format refine-plan comments, and path canonicalization guardsIncluded PRs
feat(gen-idea): directed-swarm idea drafting command (shinan6)<cmt>/<comment>formats in refine-plan (Lyken17)ask-geminiskill with deep web researchRelease
1.16.0