Includes the autoresearch-as-a-skill migration (#2727) and the
company-context MCP contract scaffolding. Both ship as opt-in
experimental surfaces; minor bump reflects the new functionality
even though the features are not yet GA.
Constraint: autoresearch migration touches shared skill-state and persistent-mode plumbing — minor bump signals upgrade caution despite the experimental label
Confidence: high
Scope-risk: moderate
Copy templates/hooks/lib into ~/.claude/hooks/lib for standalone installs and update reconciliation so .mjs hooks keep resolving stdin and atomic-write helpers after omc update.
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)
Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
Regenerate CLI and runtime bundles plus compiled TypeScript artifacts so
dist/ matches the skill-first autoresearch sources introduced in the two
preceding commits. Also captures incidental rebuilds for plugin-patterns
and other modules whose dist/ on dev was stale relative to its src/.
Constraint: dist/ is tracked-but-gitignored and must stay in sync with src/
Confidence: high
Scope-risk: narrow
Directive: Do not hand-edit dist/ or bridge/*.cjs; always run npm run build
Autoresearch still writes active mode state through the legacy shared path while stop hooks and exclusivity checks have moved toward session-aware enforcement. This commit adds a narrow compatibility bridge for autoresearch stop-hook checks and routes startup exclusivity through the registry's cross-session active-mode detection.
Constraint: Existing autoresearch lifecycle APIs do not yet thread session identifiers end-to-end.
Rejected: Full session-scoped autoresearch normalization now | broader runtime migration than the reviewed defects require.
Rejected: Generic readModeState session fallback | would weaken the session isolation contract for unrelated modes.
Confidence: high
Scope-risk: narrow
Directive: Keep the legacy bridge autoresearch-specific until a dedicated session-normalization migration retires shared autoresearch state.
Tested: npm test -- --run src/hooks/persistent-mode/stop-hook-blocking.test.ts src/autoresearch/__tests__/runtime.test.ts
Tested: npm run build
Tested: lsp_diagnostics_directory totalErrors=0
Not-tested: Full repository test suite
The team runtime requires a clean leader workspace before it can launch
review workers in dedicated worktrees. This checkpoint captures the
stateful autoresearch migration exactly as verified so the requested
team review can run against a stable branch tip.
Constraint: omx team refuses to launch from a dirty leader workspace
Rejected: Stash local changes temporarily | workers would review an outdated tree
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep omc autoresearch as a hard-deprecated shim; do not restore CLI runtime ownership without revisiting the skill-first contract
Tested: npm run build; targeted vitest suites; project diagnostics via lsp_diagnostics_directory
Not-tested: Full repository test suite; live cron/native scheduling integration
CI exercises both the rendered skill template and the raw shipped SKILL.md.
The previous PR update changed the contract from an injected
ambiguityThreshold sentence to a placeholder/resolved-threshold step, so the
tests need to assert that contract directly. The static skill prose also needs
the portable config-dir notation required by the skill config-dir guard.
Constraint: Keep the static native-loader threshold fix intact
Rejected: Restore the old ambiguityThreshold = ... renderer sentence | would re-couple tests to renderer-only wording
Confidence: high
Scope-risk: narrow
Reversibility: clean
Tested: npx vitest run src/__tests__/skills.test.ts -t "loads deep-interview ambiguityThreshold from settings before state init and updates the announcement copy|refreshes cached deep-interview output when the configured threshold changes without requiring manual cache clearing|replaces all hardcoded 20%/0.2 threshold references in deep-interview template \(issue #2545\)|ships a config-aware deep-interview SKILL.md for native skill-loader paths \(issue #2723\)"
Tested: npx vitest run src/__tests__/auto-slash-aliases.test.ts src/__tests__/skills.test.ts src/skills/__tests__/skill-config-dir.test.ts -t "applies deep-interview threshold runtime injection in slash/materialized output|loads deep-interview ambiguityThreshold from settings before state init and updates the announcement copy|refreshes cached deep-interview output when the configured threshold changes without requiring manual cache clearing|replaces all hardcoded 20%/0.2 threshold references in deep-interview template \(issue #2545\)|ships a config-aware deep-interview SKILL.md for native skill-loader paths \(issue #2723\)|CLAUDE_CONFIG_DIR|total baseline should not increase"
Not-tested: Full test suite
Related: #2723
Claude Code native plugin skill loading can consume the bundled SKILL.md without passing through OMC renderBundledSkillBody. That left the shipped deep-interview skill with hardcoded 20%/0.2 guidance on qualified slash and Skill() paths even though OMC-rendered paths were fixed.
This change makes the bundled deep-interview SKILL.md self-describing for threshold resolution, replacing static 20%/0.2 guidance with runtime placeholders the model must resolve from settings before state init. The existing renderer still resolves those placeholders for OMC-owned paths, so current slash and materialized behavior stays intact.
Constraint: Native Claude plugin skill loading may bypass OMC render hooks
Rejected: Fix this only in renderBundledSkillBody | does not reach raw SKILL.md consumers
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep deep-interview threshold guidance config-aware in raw SKILL.md, not only in JS render transforms
Tested: npx vitest run src/__tests__/auto-slash-aliases.test.ts src/__tests__/skills.test.ts -t "applies deep-interview threshold runtime injection in slash/materialized output|replaces all hardcoded 20%/0.2 threshold references in deep-interview template \(issue #2545\)|ships a config-aware deep-interview SKILL.md for native skill-loader paths \(issue #2723\)"
Not-tested: End-to-end Claude Code native marketplace loader invocation outside repo tests
Related: #2723
Codex review on #2722 correctly flagged that [\s\S]*? could cross call
boundaries — dropping the shell flag from runTypeCheck could still pass
if runTests or runLint kept theirs, because the lazy match would just
continue past the end of the target call until it found the flag in a
sibling options object.
Replaced [\s\S]*? with [^}]*? and anchored the match to this call's own
options-object boundaries (\{ … \}\s*\);), so each assertion fails
independently when its target call loses the flag. Keep the option
objects flat — nested braces would terminate [^}]*? prematurely.
Confidence: high
Scope-risk: narrow
Directive: If future option objects nest braces (e.g. { env: { … } }),
switch these to balanced-scan or per-call substring extraction —
[^}]*? stops at the first inner }.
Not-tested: Mutation-test that synthetically removes each shell flag
and asserts each test fails independently.
Three sibling instances of the CVE-2024-27980 EINVAL class fixed in
v4.12.1 for the HUD wrapper, all in src/hooks/plugin-patterns/index.ts:
- runTypeCheck spawnSync('npx', ['tsc', '--noEmit'], …) L280
- runTests execFileSync('npm',['test'], …) L301
- runLint execFileSync('npm',['run','lint'], …) L337
On Windows + Node 20.12+ / 18.20+ / 21.7+, spawning npm/npx (which
resolve to npm.cmd / npx.cmd) via spawnSync/execFileSync without
shell:true throws EINVAL. All three callers are exported, re-exported
through src/hooks/index.ts, and invoked unconditionally by
runPreCommitChecks() in the same file, so every Windows user hitting
the plugin pre-commit flow trips these.
Each call now opts in to shell:true only on win32 so POSIX spawn
behavior is byte-for-byte identical to before.
Added three static-content assertions to plugin-patterns.test.ts under
a new `win32 spawn hardening (#2721)` describe. Static assertions are
the only regression guard available: CI runs Ubuntu-only (see
.github/workflows/ci.yml — every runs-on is ubuntu-latest), so the
existing behavioral tests (runLint "exit 0" etc.) never exercise the
broken Windows spawn path.
Follow-up to #2715 / PR #2719 (v4.12.1). Fixes#2721.
Constraint: CI is Ubuntu-only; behavioral tests cannot detect win32
spawn regressions. Static content assertions are required as the
regression guard.
Constraint: The three regex assertions must remain tolerant of inline
option-object reformatting ([\s\S]*? + anchored to the literal args
and the shell flag) so future lint-driven reflows don't false-fail.
Rejected: Centralize via a spawnWithShellOnWindows() helper | out of
scope for a point fix; maintainer can land that separately.
Rejected: Replace execFileSync/spawnSync with exec() on Windows |
reintroduces shell-injection risk and changes error semantics.
Rejected: Gate on a Node-version check instead of platform | the
project's engines.node is >=20.0.0 and pre-20.12 is out of support
scope, so platform gating is simpler and covers every supported Node.
Confidence: high
Scope-risk: narrow
Directive: Do not remove `shell: process.platform === 'win32'` from
these call sites without either dropping Windows support or replacing
with a helper that encapsulates the same mitigation.
Not-tested: A behavioral Windows-runner test that asserts EINVAL pre-fix
and absence-of-EINVAL post-fix. Requires adding a windows-latest
matrix to .github/workflows/ci.yml, out of scope for this patch.
Add devswha to the top README as a Document Specialist directly below the ambassadors section so the contributor roster reflects current documentation ownership and links to the correct GitHub profile.\n\nConstraint: Keep this as a docs-only change limited to README.md\nRejected: Adding the entry under Ambassadors | requested role is Document Specialist\nConfidence: high\nScope-risk: narrow\nReversibility: clean\nDirective: Keep contributor role links pointed at canonical GitHub profile URLs\nTested: README.md diff inspection on dev\nNot-tested: Render preview on GitHub
Add devswha to the top README as a Document Specialist directly below the ambassadors section so the contributor roster reflects current documentation ownership and links to the correct GitHub profile.\n\nConstraint: Keep this as a docs-only change limited to README.md\nRejected: Adding the entry under Ambassadors | requested role is Document Specialist\nConfidence: high\nScope-risk: narrow\nReversibility: clean\nDirective: Keep contributor role links pointed at canonical GitHub profile URLs\nTested: README.md diff inspection on dev\nNot-tested: Render preview on GitHub
The HUD wrapper needs npm root discovery to keep global installs reachable when cache and marketplace paths are absent. Node 20.12+ rejects direct npm.cmd execFileSync calls on Windows unless shell execution is enabled, so limit shell:true to the Windows npm.cmd probe while preserving the existing non-Windows npm exec behavior.
Constraint: Node 20.12+ requires shell execution for Windows .cmd/.bat child_process calls.
Rejected: Use execSync('npm root -g') everywhere | broader behavior change for non-Windows wrapper runtime.
Confidence: high
Scope-risk: narrow
Tested: npm test -- --run src/installer/__tests__/hud-wrapper-env.test.ts src/__tests__/hud-windows.test.ts src/__tests__/hud-wrapper-template-sync.test.ts src/__tests__/hud-marketplace-resolution.test.ts
Tested: npx tsc
OMX deep-interview and ralplan flows can write approved artifacts and state
under .omx, but the post-ralplan shortcut path only recognized .omc plan
artifacts, only parsed omc launch hints, and returned early before short
follow-up prompts like "team" could reach the approved execution gate.
This narrows the fix to the state-transition detection path: planning artifact
resolution now reads both .omc and .omx plan roots, launch hints accept OMX
commands, and keyword-detector checks approved follow-ups before the no-match
fast path while recognizing OMX ralplan state files.
Constraint: Team keyword auto-detection remains disabled to avoid worker respawn loops
Rejected: Re-enable generic team keyword detection | would broaden behavior beyond the broken post-ralplan transition
Rejected: Rewrite ralplan state storage globally to .omx only | wider migration than needed for issue #2714
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep approved follow-up detection aligned with both OMC and OMX artifact/state namespaces unless runtime ownership is fully unified
Tested: npx vitest run src/planning/__tests__/artifacts.test.ts src/team/__tests__/followup-planner.test.ts src/__tests__/keyword-detector-script.test.ts
Not-tested: Full repository test suite
Related: #2714
The first #2711 fix correctly stopped native Windows shells from receiving
Unix-only exec wrapping, but the preflight path in runClaudeOutsideTmux
still keyed off process.platform alone. That caused MSYS2/Git Bash sessions
on Windows to skip the existing POSIX sleep/tcflush preflight even though
they still use login-shell wrapping.
Constraint: Keep native Windows COMSPEC handling intact
Constraint: Preserve existing POSIX/MSYS2 login-shell behavior without broad launch refactors
Rejected: Revert the Windows-specific path entirely | would reintroduce the original PowerShell failure
Rejected: Add separate MSYS2-specific launch branches everywhere | broader drift than needed
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When branching shell launch behavior, key off native-Windows-vs-POSIX shell semantics, not process.platform by itself
Tested: npm test -- --run src/cli/__tests__/tmux-utils.test.ts src/cli/__tests__/launch.test.ts src/cli/__tests__/autoresearch-guided.test.ts
Tested: npm run build:cli
Not-tested: Live tmux launch on a real MSYS2/Git Bash Windows host
Related: #2711
Related: #2713
Native Windows shells were receiving Unix login-shell syntax from
wrapWithLoginShell and related tmux launch paths, causing PowerShell/cmd
sessions to fail before Claude or autoresearch setup could start. This
change keeps the existing POSIX/MSYS2 login-shell behavior, but routes
native Windows paths through COMSPEC-compatible command building and
Windows-safe env injection.
Constraint: Preserve existing POSIX login-shell + rc-sourcing behavior
Constraint: Keep the fix narrow to wrapWithLoginShell and directly related launch/setup paths
Rejected: Disable login-shell wrapping everywhere on win32 | would regress MSYS2/Git Bash support
Rejected: Broad tmux contract rewrite | unnecessary drift beyond issue #2711
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If future tmux launch paths add inline env prefixes, use the platform-aware tmux command builders instead of raw Unix shell syntax
Tested: npm test -- --run src/cli/__tests__/tmux-utils.test.ts src/cli/__tests__/launch.test.ts src/cli/__tests__/autoresearch-guided.test.ts
Tested: npm run build:cli
Not-tested: Live tmux launch on a real Windows host
Related: #2711
The earlier root canonicalization reused validateWorkingDirectory, which is
correct for MCP tool entrypoints but too strict for direct mode-state I/O
callers used by tests and temp workspaces. Narrow the fix so mode-state-io
collapses only directories that are inside a git worktree back to that
worktree root, while leaving non-git temp directories untouched.
Constraint: Direct mode-state-io callers must continue to work in standalone temp directories outside the repo root
Rejected: Keep validateWorkingDirectory in mode-state-io | rejects legitimate temp workspaces and breaks session-state cleanup tests
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Use git-root canonicalization here only for nested worktree paths; keep stricter trusted-root enforcement at MCP/tool boundaries
Tested: npx vitest run src/lib/__tests__/mode-state-io.test.ts src/hooks/session-end/__tests__/mode-state-cleanup.test.ts src/hooks/session-end/__tests__/subdirectory-cwd.test.ts src/hooks/session-end/__tests__/team-cleanup.test.ts
Tested: npx vitest run src/hooks/persistent-mode/__tests__/ralph-verification-flow.test.ts src/hooks/persistent-mode/__tests__/rate-limit-stop.test.ts src/hooks/persistent-mode/__tests__/skill-state-stop.test.ts src/hooks/persistent-mode/__tests__/team-ralplan-stop.test.ts
Not-tested: Full repo test suite
Mode-state I/O was still resolving .omc state paths from the caller's raw
working directory, which let nested cwds create state under subdirectories
instead of the owning git worktree root. Canonicalize the root through
validateWorkingDirectory before resolving, scanning, reading, writing, or
clearing state paths, and add regression coverage for nested cwd calls.
Constraint: OMC MCP tools must keep honoring the trusted worktree-root policy used elsewhere
Rejected: Fix only state_write tool paths | would leave read/clear and direct mode-state-io callers inconsistent
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep mode-state-io path resolution aligned with validateWorkingDirectory so nested cwds cannot recreate local .omc state
Tested: npx vitest run src/lib/__tests__/mode-state-io.test.ts
Tested: npx tsc --noEmit
Not-tested: Full repo test suite
`/omc-teams` already delegates to `omc team`, whose workers share one cwd. The compatibility skill only showed the current-repo launch form, so plans stored in one repo could spawn Codex workers in that repo while target repos lived in siblings. The skill now makes the workspace-root/absolute-plan-path contract explicit and uses the existing `--cwd` support instead of adding runtime heuristics.\n\nConstraint: `omc team` runtime remains single-working-directory\nRejected: Auto-infer workspace roots in runtime | brittle path heuristics and broad behavior drift\nConfidence: high\nScope-risk: narrow\nDirective: Keep multi-repo `/omc-teams` launches anchored to a shared workspace root unless the runtime grows explicit multi-workspace support\nTested: npm run test:run -- src/__tests__/skills.test.ts\nTested: npm run build:cli\nNot-tested: live tmux Codex launch across sibling repositories
The original branch update bundled unrelated generated dist churn alongside the
intended workflow-slot/state-init source changes. This follow-up commit reverts
only the generated artifacts that do not correspond to the touched source areas,
so the PR diff stays aligned with the bridge, keyword-detector, persistent-mode,
mode-registry, skill-state, mode-names, and state-tools changes.
Constraint: GitHub PR #2701 must update via the real head branch instead of a local-only approval path
Constraint: Keep the follow-up diff limited to generated artifacts that shrink the existing PR scope
Rejected: Force-push a rewritten replacement commit | unnecessary history rewrite for a narrow cleanup-only fix
Rejected: Keep all dist outputs from 56718e05 | preserves unrelated churn that blocks review
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Regenerate and commit dist only for source areas that remain in the final PR diff
Tested: Branch diff review vs dev after cleanup; targeted verification pending on final commit SHA
Not-tested: Full project-wide build/lint suite for this cleanup-only dist follow-up
The cache-repair path trusted raw installPath strings from installed_plugins.json, so an OMC entry containing ../ segments could still pass the existing prefix check and receive a full payload sync outside plugins/cache. This narrows the fix to canonical containment in the repair predicate and adds an issue-scoped regression test for the escape path.
Constraint: Keep the repair flow behavior unchanged for valid cache-installed OMC roots
Rejected: Broaden path hardening across unrelated installer flows in the same patch | would enlarge review scope beyond the verified repair bug
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Any future cache-root checks should compare canonical paths, not normalized raw strings
Tested: npm run build; ./node_modules/.bin/vitest run src/installer/__tests__/plugin-cache-sync.test.ts src/__tests__/auto-update.test.ts src/__tests__/installer-omc-reference.test.ts; ./node_modules/.bin/tsc --noEmit --pretty false; ./node_modules/.bin/eslint src/installer/index.ts src/installer/__tests__/plugin-cache-sync.test.ts; direct local reproduction of syncInstalledPluginPayload escape path before and after fix
Not-tested: Full repository vitest suite; src/__tests__/installer-plugin-agents.test.ts timed out in this environment during unrelated runs
The original company-context interface change landed with the right code and
skill-surface updates, but review correctly held the PR until the missing
acceptance-doc pieces were explicit. This follow-up adds the settings-schema
page entry for companyContext and records the issue's requested ~5% prompt-
directive miss-rate / residual-risk language without widening runtime scope.
Constraint: Keep the follow-up documentation-only and avoid runtime behavior changes
Constraint: Satisfy issue #2692 acceptance criteria exactly enough for merge review
Rejected: Expand the fix into broader doc cross-linking or runtime wording cleanup | unnecessary scope growth for a blocked PR follow-up
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep future company-context changes aligned with the current .claude/omc.jsonc / ~/.config/claude-omc/config.jsonc config surface unless the runtime contract changes first
Tested: npx vitest run src/config/__tests__/loader.test.ts -t "company context configuration"
Tested: git diff --check -- docs/company-context-interface.md docs/settings-schema.md
Tested: local link existence check for docs/settings-schema.md -> ./company-context-interface.md
Tested: lsp_diagnostics on both changed docs files reported 0 errors
Tested: architect verification APPROVED
Not-tested: Full repo build/test suite (intentionally skipped for docs-only narrow follow-up)
The HUD manual fallback treated cache-read telemetry as live context usage, which could drive large false spikes when native used_percentage was unavailable. This change keeps the fix local to stdin fallback math and adds focused regressions for fallback, native-percentage precedence, and stabilization behavior.
Constraint: Preserve transcript token rendering and MiniMax usage-api semantics\nRejected: Provider-specific MiniMax branching | The proven bug path is HUD-local fallback math, not provider quota parsing\nConfidence: high\nScope-risk: narrow\nReversibility: clean\nDirective: If another provider proves cache_read_input_tokens should count in fallback, capture failing evidence before reintroducing provider-specific logic\nTested: vitest run src/__tests__/hud/stdin.test.ts\nTested: vitest run src/__tests__/hud/token-usage.test.ts\nTested: vitest run src/__tests__/hud/usage-api.test.ts -t minimax\nTested: eslint src/hud/stdin.ts src/__tests__/hud/stdin.test.ts\nTested: npm run build\nNot-tested: Full repo test suite outside the targeted HUD and MiniMax coverage
Replace per-skill ad-hoc detectors with a unified workflow slot ledger that
tracks all 8 canonical workflow skills (autopilot, ralph, team, ultrawork,
ultraqa, deep-interview, ralplan, self-improve) with explicit dual-copy
writes (root + session), soft-tombstone semantics, and TTL pruning.
Key changes:
- Expand canonical mode registry: deep-interview and self-improve promoted
to full ExecutionMode with MODE_CONFIGS entries (mode-names.ts,
mode-registry/{types,index}.ts, state-tools.ts)
- New skill-active-state v2 mixed schema with active_skills + support_skill
branches; 7 new helpers in skill-state/index.ts including
writeSkillActiveStateCopies() as the single persistence path
- Unified parseExplicitWorkflowSlashInvocation() handles /name, /omc:name,
/oh-my-claudecode:name prefixes across all workflow skills; PreToolUse
confirms, PostToolUse tombstones
- Tombstone-aware completion gating in persistent-mode with authority-first
ordering for nested autopilot -> ralph; env kill-switches (DISABLE_OMC,
OMC_SKIP_HOOKS, OMC_TEAM_WORKER) bypass the detector cleanly
- +107 tests across 7 files covering dual-write invariant, TTL prune,
diverged-copy reconciliation, nested lineage, prefix-detector unity,
intent-pattern guards, kill switches, tombstone suppression
Verified via independent codex ralplan consensus (APPROVE verdict) and
lane-isolated verifier pass. Full suite: lint clean, tsc clean, targeted
tests green (181 passed on skill-state + bridge-routing).
Constraint: writeSkillActiveStateCopies() must be the only helper that
persists workflow-slot state; divergence between root and session copies
forces full rewrite on next mutation
Constraint: soft-tombstone semantics (completed_at set, slot retained)
preserve nested parent/child relationships across session boundaries
Rejected: per-skill independent state files | would reintroduce divergence
Rejected: hard-delete on completion | breaks nested workflow authority
resolution when autopilot spawns ralph
Confidence: high
Scope-risk: moderate
Directive: every workflow-slot write/confirm/tombstone/prune/clear MUST
route through writeSkillActiveStateCopies(); direct writes to either
copy violate the dual-write invariant
Not-tested: cross-session race where two Claude Code sessions mutate the
same workflow slot concurrently (single-writer assumption holds today)
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Claude Code statusline stdin can already carry five-hour and weekly usage data. The HUD ignored that payload and always called getUsage(), which created avoidable 429 loops in cold ephemeral environments.
This change extends the stdin contract, converts those buckets into the existing RateLimits shape, and bypasses getUsage() only when stdin provides usable data. Focused tests cover stdin parsing and the watch-mode fallback path.
Constraint: Keep HUD behavior unchanged when stdin omits rate limits
Rejected: Broaden usage-api exports for shared clamp/parser logic | wider surface than needed for a local stdin contract fix
Rejected: Tune 429 backoff/cache only | does not consume already-available stdin data
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: If Claude Code adds more stdin quota buckets later, extend the stdin parser only when HUD rendering actually needs them
Tested: ./node_modules/.bin/vitest run src/__tests__/hud/stdin.test.ts src/__tests__/hud/watch-mode-init.test.ts
Tested: ./node_modules/.bin/eslint src/hud/index.ts src/hud/stdin.ts src/hud/types.ts src/__tests__/hud/stdin.test.ts src/__tests__/hud/watch-mode-init.test.ts
Tested: ./node_modules/.bin/tsc --noEmit --pretty false --project tsconfig.json
Not-tested: Live Claude Code session with a real stdin rate_limits payload
Related: #2695
PR #2694 shipped markdown links that pointed at a machine-local worktree path, which breaks portability outside the author environment. This follow-up keeps scope to the two reported cross-links and replaces them with file-relative repo links that resolve in the repository and on GitHub.
Constraint: Keep scope limited to the review blocker in the two reported docs
Rejected: Broader doc link cleanup | exceeds the blocker scope and broadens the PR
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep cross-doc markdown links repo-relative; never embed machine-local worktree paths in shipped docs
Tested: Focused diff review for the two docs; grep confirmed the absolute worktree path is removed from touched files; relative-link target resolution from each source directory; git diff --check
Not-tested: Full markdown renderer / external docs site rendering
Related: PR #2694
The English README nav line links to the community Discord server,
but the 11 translated READMEs were missing that link. Append
`• [Discord](https://discord.gg/PUwSMR9XNk)` to the top navigation
line of each translation so non-English readers have the same
discovery path as English readers.
ScheduleWakeup-style resume events are not real persistence work, but the Stop hook treated them like ordinary idle stops and could inject continuation text that tells Claude to run /oh-my-claudecode:cancel. That let scheduled /loop turns cancel themselves before the scheduled task executed.
This change adds a narrow scheduled-wakeup bypass alongside the existing non-reinforceable stop guards and mirrors the same detector in the shipped script/template hook surfaces so installed runtime behavior stays aligned with the shared TypeScript path.
Constraint: Installed Stop hook behavior is shipped via script/template surfaces as well as shared TypeScript logic
Rejected: Tighten global persistent-mode freshness rules | broader behavioral change across legitimate long-running sessions
Confidence: medium
Scope-risk: narrow
Directive: Keep scheduled-resume stop marker detection aligned across shared logic and script/template mirrors if Claude Code changes its native wakeup payloads
Tested: ./node_modules/.bin/vitest run src/hooks/todo-continuation/__tests__/isRateLimitStop.test.ts src/hooks/persistent-mode/__tests__/rate-limit-stop.test.ts src/hooks/persistent-mode/stop-hook-blocking.test.ts
Tested: ./node_modules/.bin/eslint src/hooks/todo-continuation/index.ts src/hooks/persistent-mode/index.ts src/hooks/todo-continuation/__tests__/isRateLimitStop.test.ts src/hooks/persistent-mode/__tests__/rate-limit-stop.test.ts src/hooks/persistent-mode/stop-hook-blocking.test.ts
Tested: ./node_modules/.bin/tsc --noEmit --pretty false
Not-tested: Live Claude Code /loop ScheduleWakeup reproduction on macOS
The issue describes a broader deterministic interface, but the maintainable shape here is narrower: an explicit config/schema surface plus shared prompt wording for a small set of skills. This keeps the feature aligned with OMC's existing MCP model instead of inventing runtime enforcement or a new control plane.
The implementation adds a documented companyContext config block, minimal schema/tests, a small reference server, and skill/docs updates that treat returned vendor data as advisory quoted context only.
Constraint: Must stay prompt-level and avoid runtime hook enforcement
Constraint: Base configuration surface should match existing OMC config files rather than introducing a parallel settings path
Rejected: Blindly implement the issue's deterministic wording | the current architecture cannot guarantee tool invocation from prompt text alone
Rejected: Add runtime interception for every workflow | broader policy surface than justified by the issue
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep company-context semantics limited to one configured tool plus onError unless a separate runtime design is explicitly approved
Tested: node --check examples/vendor-mcp-server/server.mjs
Tested: ./node_modules/.bin/vitest run src/config/__tests__/loader.test.ts
Not-tested: End-to-end MCP invocation from live skill execution
Related: #2692
Reviewed in OMX. Scope is appropriately narrow: it repairs incomplete cached/install plugin roots before setup trusts plugin-provided payloads, reuses the same sync logic in auto-update, and covers the #2689 HUD symptom as part of the broader #2688 cache-root contract bug. Source precedence (marketplace -> global npm -> runtime root) is sane for maintainer-controlled repair without overclaiming broader release-flow changes.
