Remove unused loadInstallManifests import and prefix unused result
variable with underscore in selective-install tests. Add npx as an
approved command prefix in hook validation tests.
Adds npx block-no-verify@1.1.2 as a PreToolUse Bash hook in hooks/hooks.json
and a beforeShellExecution hook in .cursor/hooks.json to prevent AI agents
from bypassing git hooks via the hook-bypass flag.
This closes the last enforcement gap in the ECC security stack — the bypass
flag silently skips pre-commit, commit-msg, and pre-push hooks.
Closes#648
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
When ECC is installed as a Claude Code plugin via the marketplace,
scripts live in the plugin cache (~/.claude/plugins/cache/...) but
commands fallback to ~/.claude/ which doesn't have the scripts.
Add resolve-ecc-root.js with a 3-step fallback chain:
1. CLAUDE_PLUGIN_ROOT env var (existing)
2. Standard install at ~/.claude/ (existing)
3. NEW: auto-scan the plugin cache directory
Update sessions.md and skill-health.md commands to use the new
inline resolver. Includes 15 tests covering all fallback paths
including env var priority, standard install, cache discovery,
and the compact INLINE_RESOLVE used in command .md files.
Windows terminals emit control sequences (cursor movement, screen
clearing) that leaked into session.tmp files and were injected
verbatim into Claude's context on the next session start.
Add a comprehensive stripAnsi() to utils.js that handles CSI, OSC,
charset selection, and bare ESC sequences. Apply it in session-end.js
(when extracting user messages from the transcript) and in
session-start.js (safety net before injecting session content).
* feat(rules): add Rust coding style, hooks, and patterns rules
Add language-specific rules for Rust extending the common rule set:
- coding-style.md: rustfmt, clippy, ownership idioms, error handling,
iterator patterns, module organization, visibility
- hooks.md: PostToolUse hooks for rustfmt, clippy, cargo check
- patterns.md: trait-based repository, newtype, enum state machines,
builder, sealed traits, API response envelope
Rules reference existing rust-patterns skill for deep content.
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
* feat(rules): add Rust testing and security rules
Add remaining Rust language-specific rules:
- testing.md: cargo test, rstest parameterized tests, mockall mocking
with mock! macro, tokio async tests, cargo-llvm-cov coverage
- security.md: secrets via env vars, parameterized SQL with sqlx,
parse-don't-validate input validation, unsafe code audit requirements,
cargo-audit dependency scanning, proper HTTP error status codes
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
* fix(rules): address review feedback on Rust rules
Fixes from Copilot, Greptile, Cubic, and CodeRabbit reviews:
- Add missing imports: use std::borrow::Cow, use anyhow::Context
- Use anyhow::Result<T> consistently (patterns.md, security.md)
- Change sqlx placeholder from ? to $1 (Postgres is most common)
- Remove Cargo.lock from hooks.md paths (auto-generated file)
- Fix tokio::test to show attribute form #[tokio::test]
- Fix mockall mock! name collision, wrap in #[cfg(test)] mod tests
- Fix --test target to match file layout (api_test, not integration)
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
* fix: update catalog counts in README.md and AGENTS.md
Update documented counts to match actual repository state after rebase:
- Skills: 109 → 113 (new skills merged to main)
- Commands: 57 → 58 (new command merged to main)
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
---------
Co-authored-by: Chris Yau <chris@diveanddev.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Happy <yesreply@happy.engineering>
- Bump version to 1.9.0 in package.json, package-lock.json, .opencode/package.json
- Add v1.9.0 changelog with 212 commits covering selective install architecture,
6 new agents, 15+ new skills, session/state infrastructure, observer fixes,
12 language ecosystems, and community contributions
- Update README with v1.9.0 release notes and complete agents tree (27 agents)
- Add pytorch-build-resolver to AGENTS.md agent table
- Update documentation counts to 27 agents, 109 skills, 57 commands
- Update version references in zh-CN README
- All 1421 tests passing, catalog counts verified
- Replace node -e with temp file execution in validator tests to avoid
Windows shebang parsing failures (node -e cannot handle scripts that
originally contained #!/usr/bin/env node shebangs)
- Remove duplicate blank line in skills/rust-patterns/SKILL.md (MD012)
* docs: add Antigravity setup and usage guide
Addresses #462 — users were confused about Antigravity skills setup.
Adds a comprehensive guide covering:
- Install mapping (ECC → .agent/ directory)
- Directory structure after install
- openai.yaml agent config format
- Managing installs (list, doctor, uninstall)
- Cross-target comparison table
- Troubleshooting common issues
- How to contribute skills with Antigravity support
Also links the guide from the README FAQ section.
* fix: address review feedback on Antigravity guide
- Remove spurious skills/ row from install mapping table, add note
clarifying .agents/skills/ is static repo layout not installer-mapped
- Fix repair section: doctor.js diagnoses, repair.js restores
- Fix .agents/ → .agent/ path typo in custom skills section
- Clarify 3-step workflow for adding Antigravity skills
- Fix antigravity-project → antigravity in comparison table
- Fix "flatten" → "flattened" grammar in README
- Clarify openai.yaml full nested path structure
* fix: clarify .agents/ vs .agent/ naming and fix Cursor comparison
- Explain that .agents/ (with 's') is ECC source, .agent/ (no 's')
is Antigravity runtime — installer copies between them
- Fix Cursor Agents/Skills column: Cursor has no explicit agents/skills
mapping (only rules), changed from 'skills/' to 'N/A'
* fix: correct installer behavior claims and command style
- Fix .agents/ vs .agent/ note: clarify that only rules, commands, and
agents (no dot) are explicitly mapped by the installer. The dot-prefixed
.agents/ directory falls through to default scaffold, not a direct copy.
- Fix contributor workflow: remove false auto-deploy claim for openai.yaml.
Clarify .agents/ is static repo layout, not installer-deployed.
- Fix uninstall command: use direct script call (node scripts/uninstall.js)
for consistency with doctor.js, repair.js, list-installed.js.
* fix: add missing agents/ step to contributor workflow
Contributors must add an agent definition at agents/ (no dot) for the
installer to deploy it to .agent/skills/ at runtime. Without this step,
skills only exist in the static .agents/ layout and are never deployed.
---------
Co-authored-by: vazidmansuri005 <vazidmansuri005@users.noreply.github.com>
* feat(skills): add architecture-decision-records skill
Adds a skill that captures architectural decisions made during coding
sessions as structured ADR documents (Michael Nygard format).
Features:
- Auto-detects decision moments from conversation signals
- Records context, alternatives considered with pros/cons, and consequences
- Maintains numbered ADR files in docs/adr/ with an index
- Supports ADR lifecycle (proposed → accepted → deprecated/superseded)
- Categorizes decisions worth recording vs trivial ones to skip
- Integrates with planner, code-reviewer, and codebase-onboarding skills
Includes Antigravity support via .agents/skills/ and openai.yaml.
* fix: address review feedback on ADR skill
- Add missing "why did we choose X?" read-ADR trigger to .agents/ copy
- Add canonical-reference link to .agents/ SKILL.md pointing to full version
- Remove integration reference to non-existent codebase-onboarding skill
* fix: add initialization step and sync .agents/ trigger
- Add Step 1 to workflow: initialize docs/adr/ directory, README.md
index, and template.md on first use when directory doesn't exist
- Add "API design" to .agents/ alternatives trigger to match canonical
version
* fix: address ADR workflow gaps and implicit signal safety
- Init step: seed README.md with index table header so Step 8 can
append rows correctly on first ADR
- Add read-path workflow: graceful handling when docs/adr/ is empty
or absent ("No ADRs found, would you like to start?")
- Implicit signals: add "do not auto-create without user confirmation"
guard, tighten triggers to require conclusion/rationale not just
discussion, remove overly broad "testing strategy" trigger
* fix: require user confirmation before creating files
- Canonical SKILL.md: init step now asks user before creating docs/adr/
- .agents/ condensed version: add confirmation gate for implicit signals
and explicit consent step before any file writes
* fix: require user approval before writing ADR file, add refusal path
* fix: remove .agents/ duplicate, keep canonical in skills/
---------
Co-authored-by: vazidmansuri005 <vazidmansuri005@users.noreply.github.com>
* feat(commands): add /context-budget optimizer command
Adds a command that audits context window token consumption across
agents, skills, rules, MCP servers, and CLAUDE.md files.
Detects bloated agent descriptions, redundant components, MCP
over-subscription, and CLAUDE.md bloat. Produces a prioritized
report with specific token savings per optimization.
Directly relevant to #434 (agent descriptions too verbose, ~26k
tokens causing performance warnings).
* fix: address review feedback on context-budget command
- Add $ARGUMENTS to enable --verbose flag passthrough
- Fix MCP token estimate: 45 tools × ~500 tokens = ~22,500 (was ~2,200)
- Fix heavy agents example: all 3 now exceed 200-line threshold
- Fix description threshold: warning at >30 words, fail at >50 words
- Add Step 4 instructions (was empty)
- Fix audit cadence: "quarterly" → "regularly" + "monthly" consistently
- Fix Output Format heading level under Step 4
- Replace "Antigravity" with generic "harness versions"
- Recalculate total overhead to match corrected MCP numbers
* fix: correct MCP tool count and savings percentage in sample output
- Fix MCP tool count: table now shows 87 tools matching the issues
section (was 45 in table vs 87 in issues)
- Fix savings percentage: 5,100 / 66,400 = 7.7% (was 20.6%)
- Recalculate total overhead and effective context to match
* fix: correct sample output arithmetic
- Fix total overhead: 66,400 → 66,100 to match component table sum
(12,400 + 6,200 + 2,800 + 43,500 + 1,200 = 66,100)
- Fix MCP savings: ~1,500 → ~27,500 tokens (55 tools × 500 tokens/tool)
to match the per-tool formula defined in Step 1
- Reorder optimizations by savings (MCP removal is now #1)
- Fix total savings and percentage (31,100 / 66,100 = 47.0%)
* fix: distinguish always-on vs on-demand agent overhead
Agent descriptions are always loaded into Task tool routing context,
but the full agent body is only loaded when invoked. The audit now
measures both: description-only tokens as always-on overhead and
full-file tokens as worst-case overhead. This resolves the
contradiction between Step 1 (counting full files) and Tip 1 (saying
only descriptions are loaded per session).
* fix: simplify agent accounting and resolve inconsistencies
- Revert to single agent overhead metric (full file tokens) — simpler
and matches what the report actually displays
- Add back 200-line threshold for heavy agents in Step 1
- Fix heavy agents action to match issue type (split/trim, not
description-only)
- Remove .agents/skills/ scan path (doesn't exist in ECC repo)
- Consolidate description threshold to single 30-word check
* fix: add model assumption and verbose mode activation
- Step 4: assume 200K context window by default (Claude has no way to
introspect its model at runtime)
- Step 4: add explicit instruction to check $ARGUMENTS for --verbose
flag and include additional output when present
* fix: handle .agents/skills/ duplicates in skill scan
Skills scan now checks .agents/skills/ for Codex harness copies and
skips identical duplicates to avoid double-counting overhead.
* fix: add savings estimate to heavy agents action for consistency
* feat(skills): add context-budget backing skill, slim command to delegator
* fix: use structurally detectable classification criteria instead of session frequency
---------
Co-authored-by: vazidmansuri005 <vazidmansuri005@users.noreply.github.com>
* feat(skills): add codebase-onboarding skill
Adds a skill that systematically analyzes an unfamiliar codebase and
produces two artifacts: a structured onboarding guide and a starter
CLAUDE.md tailored to the project's conventions.
Four-phase workflow:
1. Reconnaissance — parallel detection of manifests, frameworks, entry
points, directory structure, tooling, and test setup
2. Architecture mapping — tech stack, patterns, key directories, request
lifecycle tracing
3. Convention detection — naming, error handling, async patterns, git
workflow from recent history
4. Artifact generation — scannable onboarding guide + project-specific
CLAUDE.md
Includes Antigravity support via .agents/skills/ and openai.yaml.
* fix: address review feedback on codebase-onboarding skill
- Rename headings to match skill format: When to Activate → When to Use,
Onboarding Workflow → How It Works
- Add Examples section with 3 usage scenarios
- Mark Phase 4 Next.js paths as example with HTML comments
- Fix CLAUDE.md generation to read/enhance existing file first
- Replace abbreviated .agents/ SKILL.md with full copy per repo convention
* fix: add example marker to Common Tasks template section
Adds <!-- Example for a Node.js project --> comment to Common Tasks,
matching the markers already on Key Entry Points and Where to Look.
Syncs .agents/ copy.
* fix: add missing example markers and shorten default_prompt
- Add example comment to Tech Stack table in Phase 4 template
- Add example comment to Key Directories block in Phase 2
- Shorten openai.yaml default_prompt to match repo convention (~60 chars)
- Sync .agents/ SKILL.md copy
* fix: add empty-repo fallback and remove hardcoded output path
- Phase 3: add fallback for repos with no git history
- Example 1: remove hardcoded docs/ path assumption, output to
conversation or project root instead
- Sync .agents/ copy
* fix: remove .agents/ duplicate, keep canonical in skills/
* fix: clarify Example 1 output destination
* fix: add shallow-clone fallback to git conventions detection
---------
Co-authored-by: vazidmansuri005 <vazidmansuri005@users.noreply.github.com>
* feat(skills): add agent-eval for head-to-head coding agent comparison
* fix(skills): address PR #540 review feedback for agent-eval skill
- Remove duplicate "When to Use" section (kept "When to Activate")
- Add Installation section with pip install instructions
- Change origin from "community" to "ECC" per repo convention
- Add commit field to YAML task example for reproducibility
- Fix pass@k mislabeling to "pass rate across repeated runs"
- Soften worktree isolation language to "reproducibility isolation"
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Pin agent-eval install to specific commit hash
Address PR review feedback: pin the VCS install to commit
6d062a2 to avoid supply-chain risk from unpinned external deps.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Joaquin Hui Gomez <joaquinhui1995@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
In git worktrees, .git is a file (not a directory) containing a gitdir
pointer. The -d test fails for worktree checkouts, causing project
detection to fall through to the "global" fallback. Changing to -e
(exists) handles both regular repos and worktrees correctly.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The observer's Haiku subprocess cannot access files outside the project
sandbox (/tmp/ for observations, ~/.claude/homunculus/ for instincts).
Adding --allowedTools "Read,Write" grants the necessary file access
while keeping the subprocess constrained by --max-turns and timeout.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add duplicate slug detection in buildOrchestrationPlan to reject
worker names that collapse to the same slug
- Use buildTemplateVariables() for launcher command interpolation
so _sh and _raw suffixes are available in templates
Three fixes for the positive feedback loop causing runaway memory usage:
1. SIGUSR1 throttling in observe.sh: Signal observer only every 20
observations (configurable via ECC_OBSERVER_SIGNAL_EVERY_N) instead
of on every tool call. Uses a counter file to track invocations.
2. Re-entrancy guard in observer-loop.sh on_usr1(): ANALYZING flag
prevents parallel Claude analysis processes from spawning when
signals arrive while analysis is already running.
3. Cooldown + tail-based sampling in observer-loop.sh:
- 60s cooldown between analyses (ECC_OBSERVER_ANALYSIS_COOLDOWN)
- Only last 500 lines sent to LLM (ECC_OBSERVER_MAX_ANALYSIS_LINES)
instead of the entire observations file
Closes#521
The install script requires the ajv package (a devDependency) for
config validation. Without running npm install first, users get
"Cannot find module 'ajv'" when running ./install.sh.
Co-authored-by: Jeffrey Jordan <jeffreyjordan@dizplai.com>
- session-end-marker.js now exports run() function
- Enables in-process execution via run-with-flags.js
- Avoids spawnSync cross-platform issues on Windows
- Maintains backward compatibility with direct CLI execution
Fixes#429
Co-authored-by: 阳虎 <yanghu@yanghudeMacBook-Pro.local>
* feat(continuous-learning-v2): add lazy-start observer logic
Auto-starts observer when observer.enabled: true in config and no .observer.pid exists.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(continuous-learning-v2): address PR review concerns
- Use flock for atomic check-then-act to prevent race conditions
- Check both project-scoped AND global PID files before starting
- Support CLV2_CONFIG override for config file path
- Check disabled file in lazy-start logic
- Use double-check pattern after acquiring lock
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(observe.sh): address PR review comments
- Add stale PID cleanup via _CHECK_OBSERVER_RUNNING function
- Add macOS fallback using lockfile when flock unavailable
- Fix CLV2_CONFIG override: use EFFECTIVE_CONFIG for both check and read
- Use proper Python context manager (with open() as f)
- Deduplicate signaled PIDs to avoid duplicate USR1 signals
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(observe.sh): wrap macOS lockfile fallback in subshell with trap
- Wrap lockfile block in subshell so exit 0 only terminates that block
- Add trap for EXIT to clean up lock file on script interruption
- Add -l 30 (30 second expiry) to prevent permanent lock file stuck
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(observe.sh): address remaining PR review comments
- Validate PID is a positive integer before kill calls to prevent
signaling invalid targets (e.g. -1 could signal all processes)
- Pass config path via env var instead of interpolating shell variable
into Python -c string to prevent injection/breakage on special paths
- Check CLV2_CONFIG-derived directory for disabled file so disable
guard respects the same config source as lazy-start
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
