mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-03-30 13:43:26 +08:00
09efd68228
* fix: replace bash TOML surgery with Node add-only MCP merge The old sync script used awk/sed to remove and re-append MCP server sections in config.toml, causing credential extraction races, duplicate TOML tables, and 3 fragile code paths with 9 remove_section_inplace calls each. Replace with a Node script (scripts/codex/merge-mcp-config.js) that uses @iarna/toml to parse the config, then appends only missing ECC servers — preserving all existing content byte-for-byte. Warns on config drift, supports legacy aliases (context7 → context7-mcp), and adds --update-mcp flag for explicit refresh. Generated with [Claude Code](https://claude.ai/code) via [Happy](https://happy.engineering) Co-Authored-By: Claude <noreply@anthropic.com> Co-Authored-By: Happy <yesreply@happy.engineering> * fix: address PR #723 review findings for Codex MCP merge - Use package-manager abstraction (scripts/lib/package-manager.js) instead of hardcoding pnpm — respects CLAUDE_PACKAGE_MANAGER, lock files, and project config - Add Yarn 1.x fallback to npx (yarn dlx unsupported in classic) - Add missing exa server to match .codex/config.toml baseline - Wire up findSubSections for --update-mcp nested subtable removal (fixes Greptile P1: Object.keys only returned top-level keys) - Fix resolvedLabel to prefer canonical entry over legacy alias when both exist (fixes context7/context7-mcp spurious warning) - Fix removeSectionFromText to handle inline TOML comments - Fix dry-run + --update-mcp to show removals before early return - Update README parity table: 4 → 7 servers, TOML-parser-based - Add non-npm install variants to README Codex quick start - Update package-lock.json for @iarna/toml Generated with [Claude Code](https://claude.ai/code) via [Happy](https://happy.engineering) Co-Authored-By: Claude <noreply@anthropic.com> Co-Authored-By: Happy <yesreply@happy.engineering> * fix: address PR #723 review comments (preflight, marker validation) - Add Node.js and merge-mcp-config.js to preflight checks so the script fails fast before partial writes (CodeRabbit) - Validate marker counts: require exactly 1 BEGIN + 1 END in correct order for clean replacement (CodeRabbit) - Corrupted markers: strip all marker lines and re-append fresh block, preserving user content outside markers instead of overwriting - Move MCP_MERGE_SCRIPT to preflight section, remove duplicate Generated with [Claude Code](https://claude.ai/code) via [Happy](https://happy.engineering) Co-Authored-By: Claude <noreply@anthropic.com> Co-Authored-By: Happy <yesreply@happy.engineering> --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Happy <yesreply@happy.engineering>
94 lines
4.6 KiB
Markdown
94 lines
4.6 KiB
Markdown
# ECC for Codex CLI
|
|
|
|
This supplements the root `AGENTS.md` with Codex-specific guidance.
|
|
|
|
## Model Recommendations
|
|
|
|
| Task Type | Recommended Model |
|
|
|-----------|------------------|
|
|
| Routine coding, tests, formatting | GPT 5.4 |
|
|
| Complex features, architecture | GPT 5.4 |
|
|
| Debugging, refactoring | GPT 5.4 |
|
|
| Security review | GPT 5.4 |
|
|
|
|
## Skills Discovery
|
|
|
|
Skills are auto-loaded from `.agents/skills/`. Each skill contains:
|
|
- `SKILL.md` — Detailed instructions and workflow
|
|
- `agents/openai.yaml` — Codex interface metadata
|
|
|
|
Available skills:
|
|
- tdd-workflow — Test-driven development with 80%+ coverage
|
|
- security-review — Comprehensive security checklist
|
|
- coding-standards — Universal coding standards
|
|
- frontend-patterns — React/Next.js patterns
|
|
- frontend-slides — Viewport-safe HTML presentations and PPTX-to-web conversion
|
|
- article-writing — Long-form writing from notes and voice references
|
|
- content-engine — Platform-native social content and repurposing
|
|
- market-research — Source-attributed market and competitor research
|
|
- investor-materials — Decks, memos, models, and one-pagers
|
|
- investor-outreach — Personalized investor outreach and follow-ups
|
|
- backend-patterns — API design, database, caching
|
|
- e2e-testing — Playwright E2E tests
|
|
- eval-harness — Eval-driven development
|
|
- strategic-compact — Context management
|
|
- api-design — REST API design patterns
|
|
- verification-loop — Build, test, lint, typecheck, security
|
|
- deep-research — Multi-source research with firecrawl and exa MCPs
|
|
- exa-search — Neural search via Exa MCP for web, code, and companies
|
|
- claude-api — Anthropic Claude API patterns and SDKs
|
|
- x-api — X/Twitter API integration for posting, threads, and analytics
|
|
- crosspost — Multi-platform content distribution
|
|
- fal-ai-media — AI image/video/audio generation via fal.ai
|
|
- dmux-workflows — Multi-agent orchestration with dmux
|
|
|
|
## MCP Servers
|
|
|
|
Treat the project-local `.codex/config.toml` as the default Codex baseline for ECC. The current ECC baseline enables GitHub, Context7, Exa, Memory, Playwright, and Sequential Thinking; add heavier extras in `~/.codex/config.toml` only when a task actually needs them.
|
|
|
|
### Automatic config.toml merging
|
|
|
|
The sync script (`scripts/sync-ecc-to-codex.sh`) uses a Node-based TOML parser to safely merge ECC MCP servers into `~/.codex/config.toml`:
|
|
|
|
- **Add-only by default** — missing ECC servers are appended; existing servers are never modified or removed.
|
|
- **7 managed servers** — Supabase, Playwright, Context7, Exa, GitHub, Memory, Sequential Thinking.
|
|
- **Package-manager aware** — uses the project's configured package manager (npm/pnpm/yarn/bun) instead of hardcoding `pnpm`.
|
|
- **Drift warnings** — if an existing server's config differs from the ECC recommendation, the script logs a warning.
|
|
- **`--update-mcp`** — explicitly replaces all ECC-managed servers with the latest recommended config (safely removes subtables like `[mcp_servers.supabase.env]`).
|
|
- **User config is always preserved** — custom servers, args, env vars, and credentials outside ECC-managed sections are never touched.
|
|
|
|
## Multi-Agent Support
|
|
|
|
Codex now supports multi-agent workflows behind the experimental `features.multi_agent` flag.
|
|
|
|
- Enable it in `.codex/config.toml` with `[features] multi_agent = true`
|
|
- Define project-local roles under `[agents.<name>]`
|
|
- Point each role at a TOML layer under `.codex/agents/`
|
|
- Use `/agent` inside Codex CLI to inspect and steer child agents
|
|
|
|
Sample role configs in this repo:
|
|
- `.codex/agents/explorer.toml` — read-only evidence gathering
|
|
- `.codex/agents/reviewer.toml` — correctness/security review
|
|
- `.codex/agents/docs-researcher.toml` — API and release-note verification
|
|
|
|
## Key Differences from Claude Code
|
|
|
|
| Feature | Claude Code | Codex CLI |
|
|
|---------|------------|-----------|
|
|
| Hooks | 8+ event types | Not yet supported |
|
|
| Context file | CLAUDE.md + AGENTS.md | AGENTS.md only |
|
|
| Skills | Skills loaded via plugin | `.agents/skills/` directory |
|
|
| Commands | `/slash` commands | Instruction-based |
|
|
| Agents | Subagent Task tool | Multi-agent via `/agent` and `[agents.<name>]` roles |
|
|
| Security | Hook-based enforcement | Instruction + sandbox |
|
|
| MCP | Full support | Supported via `config.toml` and `codex mcp add` |
|
|
|
|
## Security Without Hooks
|
|
|
|
Since Codex lacks hooks, security enforcement is instruction-based:
|
|
1. Always validate inputs at system boundaries
|
|
2. Never hardcode secrets — use environment variables
|
|
3. Run `npm audit` / `pip audit` before committing
|
|
4. Review `git diff` before every push
|
|
5. Use `sandbox_mode = "workspace-write"` in config
|