- Check spawnSync result and log warning on failure via stderr
- Restore osascript timeout to 5000ms, increase hook deadline to 10s
for sufficient headroom
- Replace JSON.stringify with curly quote substitution for AppleScript
compatibility (AppleScript does not support \" backslash escapes)
- Reduce spawnSync timeout from 5000ms to 3000ms to leave headroom
within the 5s hook deadline
Add a new Stop hook that sends a native macOS notification with the
task summary (first line of last_assistant_message) when Claude finishes
responding. Uses osascript via spawnSync for shell injection safety.
Supports run-with-flags fast require() path. Only active on standard
and strict profiles; silently skips on non-macOS platforms.
- TokenMeter widget using ratatui Gauge with color gradient (green->yellow->red)
- Budget fields (cost_budget_usd, token_budget) in Config
- Aggregate cost display in status bar
- Warning state at 80%+ budget consumption
- Tests for gradient, config fallback, and meter rendering
Translate English prose inside plain text code blocks (```text, ```)
across ja-JP documentation to Japanese, following the same approach
as PR #753 (zh-CN translation).
Translated content includes:
- Output template labels and status messages
- Folder tree inline comments
- CLI workflow descriptions
- Error/warning message examples
- Commit message templates and PR title examples
Technical identifiers, file paths, and actual code remain untranslated.
Security model:
- Remove set_policy from agent-callable tools table; document as
orchestrator-only to prevent self-privilege escalation
- Pin agentwallet-sdk@6.0.0 in MCP config with pre-install guidance
(npx without -y hangs in non-interactive MCP startup)
- Whitelist only required env vars (PATH, NODE_ENV, WALLET_PRIVATE_KEY)
instead of forwarding entire process.env to subprocess
Code example (complete rewrite):
- Add StdioClientTransport import and client.connect() for runnable code
- Wrap in async main() for CJS/ESM compatibility (top-level await)
- Verify set_policy result via isError before delegating
- Five distinct fail-closed error paths in preToolCheck:
1. Invalid apiCost input (NaN/Infinity bypass prevention)
2. Transport/connectivity failure
3. Tool-level error (isError: true, e.g., auth failure)
4. Unexpected response format (missing/non-finite remaining)
5. Budget exceeded (clear amounts in message)
- Use Number.isFinite() for both apiCost and remaining validation
Documentation:
- Rename headings per CONTRIBUTING.md format
- Replace broken mcp-server-patterns cross-ref with security-review
- Add 'Pin your dependencies' to Best Practices
- Add security note about supply-chain risk
- Process spawning via tokio::process::Command
- Session state transitions with guards (Pending->Running->Completed/Failed/Stopped)
- Stop with process kill and optional worktree cleanup
- Latest alias resolver in get_status
- SQLite store migrations for state tracking
Initial scaffold for ECC 2.0, a terminal-native agentic IDE built with
Ratatui. Compiles to a 3.4MB single binary.
Core modules:
- Session manager with SQLite-backed state store
- TUI dashboard with split-pane layout (sessions, output, metrics)
- Worktree orchestration (auto-create per agent session)
- Observability with tool call risk scoring
- Inter-agent communication via SQLite mailbox
- Background daemon with heartbeat monitoring
- CLI with start/stop/sessions/status/daemon subcommands
Tech stack: Rust + Ratatui + Crossterm + Tokio + rusqlite + git2 + clap
`ajv` is required at runtime by the installer (`scripts/lib/install/config.js`)
but was listed under `devDependencies`. This caused `Error: Cannot find module
'ajv'` when running `./install.sh` from a fresh git clone or via `npx`.
- Move `ajv` from devDependencies to dependencies in package.json
- Add auto `npm install` in install.sh when node_modules is missing
- Add matching auto-install in install.ps1 for Windows parity
Add complete openclaw-persona-forge skill with all supporting files:
- SKILL.md with community origin
- gacha.py and gacha.sh for random soul generation
- Reference docs for avatar style, boundary rules, error handling,
identity tension, naming system, and output template
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
py_compile requires explicit filenames and exits with status 2 when
invoked without them. compileall -q . recursively validates Python
syntax across the entire project, which is what the build-fix
command actually needs.
Fixes#759
Fixes#813. The platform-configs module was missing antigravity from its
targets array, causing all 13+ dependent modules to be skipped when
installing with --target antigravity --profile full.
* feat(skills): add santa-method
Multi-agent adversarial verification with convergence loop. Two independent review agents evaluate output against a shared rubric. Both must pass before shipping. Includes architecture diagram, implementation patterns (subagent, inline, batch sampling), domain-specific rubric extensions, failure mode mitigations, and integration guidance with existing ECC skills.
* Enhance SKILL.md with detailed Santa Method documentation
Expanded the SKILL.md documentation for the Santa Method, detailing architecture, phases, implementation patterns, failure modes, integration with other skills, metrics, and cost analysis.
* feat: add pending instinct TTL pruning and /prune command
Pending instincts generated by the observer accumulate indefinitely
with no cleanup mechanism. This adds lifecycle management:
- `instinct-cli.py prune` — delete pending instincts older than 30 days
(configurable via --max-age). Supports --dry-run and --quiet flags.
- Enhanced `status` command — shows pending count, warns at 5+,
highlights instincts expiring within 7 days.
- `observer-loop.sh` — runs prune before each analysis cycle.
- `/prune` slash command — user-facing command for manual pruning.
Design rationale: council consensus (4/4) rejected auto-promote in
favor of TTL-based garbage collection. Frequency of observation does
not establish correctness. Unreviewed pending instincts auto-delete
after 30 days; if the pattern is real, the observer will regenerate it.
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
* fix: remove duplicate functions, broaden extension filter, fix prune output
- Remove duplicate _collect_pending_dirs and _parse_created_date defs
- Use ALLOWED_INSTINCT_EXTENSIONS (.md/.yaml/.yml) instead of .md-only
- Track actually-deleted items separately from expired for accurate output
- Update README.md and AGENTS.md command counts: 59 → 60
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
* fix: address Copilot and CodeRabbit review findings
- Use is_dir() instead of exists() for pending path checks
- Change > to >= for --max-age boundary (--max-age 0 now prunes all)
- Use CLV2_PYTHON_CMD env var in observer-loop.sh prune call
- Remove unused source_dupes variable
- Remove extraneous f-string prefix on static string
Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)
Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
* fix: update AGENTS.md project structure command count 59 → 60
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: address cubic and coderabbit review findings
- Fix status early return skipping pending instinct warnings (cubic #1)
- Exclude already-expired items from expiring-soon filter (cubic #2)
- Warn on unparseable pending instinct age instead of silent skip (cubic #4)
- Log prune failures to observer.log instead of silencing (cubic #5)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: YAML single-quote unescaping, f-string cleanup, add /prune to README
- Fix single-quoted YAML unescaping: use '' doubling (YAML spec) not
backslash escaping which only applies to double-quoted strings (greptile P1)
- Remove extraneous f-string prefix on static string (coderabbit)
- Add /prune to README command catalog and file tree (cubic)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Happy <yesreply@happy.engineering>
New debugging skill that traces every button/touchpoint through its full
state change sequence. Catches bugs where functions individually work but
cancel each other out via shared state side effects.
Covers 6 bug patterns:
1. Sequential Undo — call B resets what call A just set
2. Async Race — double-click bypasses state-based loading guards
3. Stale Closure — useCallback captures old value
4. Missing State Transition — handler doesn't do what label says
5. Conditional Dead Path — condition always false, action unreachable
6. useEffect Interference — effect undoes button action
Battle-tested: found 48 bugs in a production React+Zustand app that
systematic debugging (54 bugs found separately) completely missed.
