fix: update version tests to match 5.6.3

Generated with SWE-Agent.ai

Co-Authored-By: SWE-Agent.ai <noreply@swe-agent.ai>

.claude-plugin/marketplace.json

@@ -1,209 +1,47 @@
 {
-  "name": "claude-code-dev-workflows",
+  "$schema": "https://anthropic.com/claude-code/marketplace.schema.json",
+  "name": "myclaude",
+  "version": "5.6.1",
+  "description": "Professional multi-agent development workflows with OmO orchestration, Requirements-Driven and BMAD methodologies",
   "owner": {
-    "name": "Claude Code Dev Workflows",
-    "email": "contact@example.com",
-    "url": "https://github.com/cexll/myclaude"
-  },
-  "metadata": {
-    "description": "Professional multi-agent development workflows with Requirements-Driven and BMAD methodologies, featuring 16+ specialized agents and 12+ commands",
-    "version": "1.0.0"
+    "name": "cexll",
+    "email": "evanxian9@gmail.com"
   },
   "plugins": [
     {
-      "name": "requirements-driven-development",
-      "source": "./requirements-driven-workflow/",
-      "description": "Streamlined requirements-driven development workflow with 90% quality gates for practical feature implementation",
-      "version": "1.0.0",
-      "author": {
-        "name": "Claude Code Dev Workflows",
-        "url": "https://github.com/cexll/myclaude"
-      },
-      "homepage": "https://github.com/cexll/myclaude",
-      "repository": "https://github.com/cexll/myclaude",
-      "license": "MIT",
-      "keywords": [
-        "requirements",
-        "workflow",
-        "automation",
-        "quality-gates",
-        "feature-development",
-        "agile",
-        "specifications"
-      ],
-      "category": "workflows",
-      "strict": false,
-      "commands": [
-        "./commands/requirements-pilot.md"
-      ],
-      "agents": [
-        "./agents/requirements-generate.md",
-        "./agents/requirements-code.md",
-        "./agents/requirements-testing.md",
-        "./agents/requirements-review.md"
-      ]
+      "name": "omo",
+      "description": "Multi-agent orchestration for code analysis, bug investigation, fix planning, and implementation with intelligent routing to specialized agents",
+      "version": "5.6.1",
+      "source": "./skills/omo",
+      "category": "development"
     },
     {
-      "name": "bmad-agile-workflow",
-      "source": "./bmad-agile-workflow/",
+      "name": "dev",
+      "description": "Lightweight development workflow with requirements clarification, parallel codex execution, and mandatory 90% test coverage",
+      "version": "5.6.1",
+      "source": "./dev-workflow",
+      "category": "development"
+    },
+    {
+      "name": "requirements",
+      "description": "Requirements-driven development workflow with quality gates for practical feature implementation",
+      "version": "5.6.1",
+      "source": "./requirements-driven-workflow",
+      "category": "development"
+    },
+    {
+      "name": "bmad",
       "description": "Full BMAD agile workflow with role-based agents (PO, Architect, SM, Dev, QA) and interactive approval gates",
-      "version": "1.0.0",
-      "author": {
-        "name": "Claude Code Dev Workflows",
-        "url": "https://github.com/cexll/myclaude"
-      },
-      "homepage": "https://github.com/cexll/myclaude",
-      "repository": "https://github.com/cexll/myclaude",
-      "license": "MIT",
-      "keywords": [
-        "bmad",
-        "agile",
-        "scrum",
-        "product-owner",
-        "architect",
-        "developer",
-        "qa",
-        "workflow-orchestration"
-      ],
-      "category": "workflows",
-      "strict": false,
-      "commands": [
-        "./commands/bmad-pilot.md"
-      ],
-      "agents": [
-        "./agents/bmad-po.md",
-        "./agents/bmad-architect.md",
-        "./agents/bmad-sm.md",
-        "./agents/bmad-dev.md",
-        "./agents/bmad-qa.md",
-        "./agents/bmad-orchestrator.md",
-        "./agents/bmad-review.md"
-      ]
+      "version": "5.6.1",
+      "source": "./bmad-agile-workflow",
+      "category": "development"
     },
     {
-      "name": "development-essentials",
-      "source": "./development-essentials/",
+      "name": "dev-kit",
       "description": "Essential development commands for coding, debugging, testing, optimization, and documentation",
-      "version": "1.0.0",
-      "author": {
-        "name": "Claude Code Dev Workflows",
-        "url": "https://github.com/cexll/myclaude"
-      },
-      "homepage": "https://github.com/cexll/myclaude",
-      "repository": "https://github.com/cexll/myclaude",
-      "license": "MIT",
-      "keywords": [
-        "code",
-        "debug",
-        "test",
-        "optimize",
-        "review",
-        "bugfix",
-        "refactor",
-        "documentation"
-      ],
-      "category": "essentials",
-      "strict": false,
-      "commands": [
-        "./commands/code.md",
-        "./commands/debug.md",
-        "./commands/test.md",
-        "./commands/optimize.md",
-        "./commands/review.md",
-        "./commands/bugfix.md",
-        "./commands/refactor.md",
-        "./commands/docs.md",
-        "./commands/ask.md",
-        "./commands/think.md"
-      ],
-      "agents": [
-        "./agents/code.md",
-        "./agents/bugfix.md",
-        "./agents/bugfix-verify.md",
-        "./agents/optimize.md",
-        "./agents/debug.md"
-      ]
-    },
-    {
-      "name": "codex-cli",
-      "source": "./skills/codex/",
-      "description": "Execute Codex CLI for code analysis, refactoring, and automated code changes with file references (@syntax) and structured output",
-      "version": "1.0.0",
-      "author": {
-        "name": "Claude Code Dev Workflows",
-        "url": "https://github.com/cexll/myclaude"
-      },
-      "homepage": "https://github.com/cexll/myclaude",
-      "repository": "https://github.com/cexll/myclaude",
-      "license": "MIT",
-      "keywords": [
-        "codex",
-        "code-analysis",
-        "refactoring",
-        "automation",
-        "gpt-5",
-        "ai-coding"
-      ],
-      "category": "essentials",
-      "strict": false,
-      "skills": [
-        "./SKILL.md"
-      ]
-    },
-    {
-      "name": "gemini-cli",
-      "source": "./skills/gemini/",
-      "description": "Execute Gemini CLI for AI-powered code analysis and generation with Google's latest Gemini models",
-      "version": "1.0.0",
-      "author": {
-        "name": "Claude Code Dev Workflows",
-        "url": "https://github.com/cexll/myclaude"
-      },
-      "homepage": "https://github.com/cexll/myclaude",
-      "repository": "https://github.com/cexll/myclaude",
-      "license": "MIT",
-      "keywords": [
-        "gemini",
-        "google-ai",
-        "code-analysis",
-        "code-generation",
-        "ai-reasoning"
-      ],
-      "category": "essentials",
-      "strict": false,
-      "skills": [
-        "./SKILL.md"
-      ]
-    },
-    {
-      "name": "dev-workflow",
-      "source": "./dev-workflow/",
-      "description": "Minimal lightweight development workflow with requirements clarification, parallel codex execution, and mandatory 90% test coverage",
-      "version": "1.0.0",
-      "author": {
-        "name": "Claude Code Dev Workflows",
-        "url": "https://github.com/cexll/myclaude"
-      },
-      "homepage": "https://github.com/cexll/myclaude",
-      "repository": "https://github.com/cexll/myclaude",
-      "license": "MIT",
-      "keywords": [
-        "dev",
-        "workflow",
-        "codex",
-        "testing",
-        "coverage",
-        "concurrent",
-        "lightweight"
-      ],
-      "category": "workflows",
-      "strict": false,
-      "commands": [
-        "./commands/dev.md"
-      ],
-      "agents": [
-        "./agents/dev-plan-generator.md"
-      ]
+      "version": "5.6.1",
+      "source": "./development-essentials",
+      "category": "productivity"
     }
   ]
 }

.gitattributes

@@ -0,0 +1,22 @@
+# Ensure shell scripts always use LF line endings on all platforms
+*.sh text eol=lf
+
+# Ensure Python files use LF line endings
+*.py text eol=lf
+
+# Auto-detect text files and normalize line endings to LF
+* text=auto eol=lf
+
+# Explicitly declare files that should always be treated as binary
+*.exe binary
+*.png binary
+*.jpg binary
+*.jpeg binary
+*.gif binary
+*.ico binary
+*.mov binary
+*.mp4 binary
+*.mp3 binary
+*.zip binary
+*.gz binary
+*.tar binary

.github/workflows/release.yml

@@ -104,38 +104,10 @@ jobs:
           cp install.sh install.bat release/
           ls -la release/
 
-      - name: Extract release notes from CHANGELOG
-        id: extract_notes
-        run: |
-          VERSION=${GITHUB_REF#refs/tags/v}
-
-          # Extract version section from CHANGELOG.md
-          awk -v ver="$VERSION" '
-            /^## [0-9]+\.[0-9]+\.[0-9]+ - / {
-              if (found) exit
-              if ($2 == ver) {
-                found = 1
-                next
-              }
-            }
-            found && /^## / { exit }
-            found { print }
-          ' CHANGELOG.md > release_notes.md
-
-          # Fallback to auto-generated if extraction failed
-          if [ ! -s release_notes.md ]; then
-            echo "⚠️ No release notes found in CHANGELOG.md for version $VERSION" > release_notes.md
-            echo "" >> release_notes.md
-            echo "## What's Changed" >> release_notes.md
-            echo "See commits in this release for details." >> release_notes.md
-          fi
-
-          cat release_notes.md
-
       - name: Create Release
         uses: softprops/action-gh-release@v2
         with:
           files: release/*
-          body_path: release_notes.md
+          generate_release_notes: true
           draft: false
           prerelease: false

.gitignore

@@ -1,6 +1,9 @@
 .claude/
 .claude-trace
+.DS_Store
+**/.DS_Store
 .venv
 .pytest_cache
 __pycache__
 .coverage
+coverage.out

CHANGELOG.md

@@ -1,129 +1,712 @@
 # Changelog
 
-## 5.2.0 - 2025-12-13
+All notable changes to this project will be documented in this file.
 
-### 🚀 Core Features
+## [5.2.4] - 2025-12-16
 
-#### Skills System Enhancements
-- **New Skills**: Added `codeagent`, `product-requirements`, `prototype-prompt-generator` to `skill-rules.json`
-- **Auto-Activation**: Skills automatically trigger based on keyword/pattern matching via hooks
-- **Backward Compatibility**: Retained `skills/codex/SKILL.md` for existing workflows
 
-#### Multi-Backend Support (codeagent-wrapper)
-- **Renamed**: `codex-wrapper` → `codeagent-wrapper` with pluggable backend architecture
-- **Three Backends**: Codex (default), Claude, Gemini via `--backend` flag
-- **Smart Parser**: Auto-detects backend JSON stream formats
-- **Session Resume**: All backends support `-r <session_id>` cross-session resume
-- **Parallel Execution**: DAG task scheduling with global and per-task backend configuration
-- **Concurrency Control**: `CODEAGENT_MAX_PARALLEL_WORKERS` env var limits concurrent tasks (max 100)
-- **Test Coverage**: 93.4% (backend.go 100%, config.go 97.8%, executor.go 96.4%)
+### ⚙️ Miscellaneous Tasks
 
-#### Dev Workflow
-- **`/dev`**: 6-step minimal dev workflow with mandatory 90% test coverage
 
-#### Hooks System
-- **UserPromptSubmit**: Auto-activate skills based on context
-- **PostToolUse**: Auto-validation/formatting after tool execution
-- **Stop**: Cleanup and reporting on session end
-- **Examples**: Skill auto-activation, pre-commit checks
+- integrate git-cliff for automated changelog generation
 
-#### Skills System
-- **Auto-Activation**: `skill-rules.json` regex trigger rules
-- **codeagent skill**: Multi-backend wrapper integration
-- **Modular Design**: Easy to extend with custom skills
+- bump version to 5.2.4
 
-#### Installation System Enhancements
-- **`merge_json` operation**: Auto-merge `settings.json` configuration
-- **Modular Installation**: `python3 install.py --module dev`
-- **Verbose Logging**: `--verbose/-v` enables terminal real-time output
-- **Streaming Output**: `op_run_command` streams bash script execution
-- **Configuration Cleanup**: Removed deprecated `gh` module from `config.json`
+### 🐛 Bug Fixes
+
+
+- 防止 Claude backend 无限递归调用
+
+- isolate log files per task in parallel mode
+
+### 💼 Other
+
+
+- Merge pull request #70 from cexll/fix/prevent-codeagent-infinite-recursion
+
+- Merge pull request #69 from cexll/myclaude-master-20251215-073053-338465000
+
+- update CHANGELOG.md
+
+- Merge pull request #65 from cexll/fix/issue-64-buffer-overflow
+
+## [5.2.3] - 2025-12-15
+
+
+### 🐛 Bug Fixes
+
+
+- 修复 bufio.Scanner token too long 错误 ([#64](https://github.com/cexll/myclaude/issues/64))
+
+### 💼 Other
+
+
+- change version
+
+### 🧪 Testing
+
+
+- 同步测试中的版本号至 5.2.3
+
+## [5.2.2] - 2025-12-13
+
+
+### ⚙️ Miscellaneous Tasks
+
+
+- Bump version and clean up documentation
+
+### 🐛 Bug Fixes
+
+
+- fix codeagent backend claude no auto
+
+- fix install.py dev fail
+
+### 🧪 Testing
+
+
+- Fix tests for ClaudeBackend default --dangerously-skip-permissions
+
+## [5.2.1] - 2025-12-13
+
+
+### 🐛 Bug Fixes
+
+
+- fix codeagent claude and gemini root dir
+
+### 💼 Other
+
+
+- update readme
+
+## [5.2.0] - 2025-12-13
+
+
+### ⚙️ Miscellaneous Tasks
+
+
+- Update CHANGELOG and remove deprecated test files
+
+### 🐛 Bug Fixes
+
+
+- fix race condition in stdout parsing
+
+- add worker limit cap and remove legacy alias
+
+- use -r flag for gemini backend resume
+
+- clarify module list shows default state not enabled
+
+- use -r flag for claude backend resume
+
+- remove binary artifacts and improve error messages
+
+- 异常退出时显示最近错误信息
+
+- op_run_command 实时流式输出
+
+- 修复权限标志逻辑和版本号测试
+
+- 重构信号处理逻辑避免重复 nil 检查
+
+- 移除 .claude 配置文件验证步骤
+
+- 修复并行执行启动横幅重复打印问题
+
+- 修复master合并后的编译和测试问题
+
+### 💼 Other
+
+
+- Merge rc/5.2 into master: v5.2.0 release improvements
+
+- Merge pull request #53 from cexll/rc/5.2
+
+- remove docs
+
+- remove docs
+
+- add prototype prompt skill
+
+- add prd skill
+
+- update memory claude
+
+- remove command gh flow
+
+- update license
+
+- Merge branch 'master' into rc/5.2
+
+- Merge pull request #52 from cexll/fix/parallel-log-path-on-startup
 
 ### 📚 Documentation
 
-- `docs/architecture.md` (21KB): Architecture overview with ASCII diagrams
-- `docs/CODEAGENT-WRAPPER.md` (9KB): Complete usage guide
-- `docs/HOOKS.md` (4KB): Customization guide
-- `README.md`: Added documentation index, corrected default backend description
 
-### 🔧 Important Fixes
+- remove GitHub workflow related content
 
-#### codeagent-wrapper
-- Fixed Claude/Gemini backend `-C` (workdir) and `-r` (resume) parameter support (codeagent-wrapper/backend.go:80-120)
-- Corrected Claude backend permission flag logic `if cfg.SkipPermissions` (codeagent-wrapper/backend.go:95)
-- Fixed parallel mode startup banner duplication (codeagent-wrapper/main.go:184-194 removed)
-- Extract and display recent errors on abnormal exit `Logger.ExtractRecentErrors()` (codeagent-wrapper/logger.go:156)
-- Added task block index to parallel config error messages (codeagent-wrapper/config.go:245)
-- Refactored signal handling logic to avoid duplicate nil checks (codeagent-wrapper/main.go:290-305)
-- Removed binary artifacts from tracking (codeagent-wrapper, *.test, coverage.out)
+### 🚀 Features
 
-#### Installation Scripts
-- Fixed issue #55: `op_run_command` uses Popen + selectors for real-time streaming output
-- Fixed issue #56: Display recent errors instead of entire log
-- Changed module list header from "Enabled" to "Default" to avoid ambiguity
 
-#### CI/CD
-- Removed `.claude/` config file validation step (.github/workflows/ci.yml:45)
-- Updated version test case from 5.1.0 → 5.2.0 (codeagent-wrapper/main_test.go:23)
+- Complete skills system integration and config cleanup
 
-#### Commands & Documentation
-- Reverted `skills/codex/SKILL.md` to `codex-wrapper` for backward compatibility
+- Improve release notes and installation scripts
 
-#### dev-workflow
-- Replaced Codex skill → codeagent skill throughout
-- Added UI auto-detection: backend tasks use codex, UI tasks use gemini
-- Corrected agent name: `develop-doc-generator` → `dev-plan-generator`
+- 添加终端日志输出和 verbose 模式
 
-### ⚙️ Configuration & Environment Variables
+- 完整多后端支持与安全优化
 
-#### New Environment Variables
-- `CODEAGENT_SKIP_PERMISSIONS`: Control permission check behavior
-  - Claude backend defaults to `--dangerously-skip-permissions` enabled, set to `true` to disable
-  - Codex/Gemini backends default to permission checks enabled, set to `true` to skip
-- `CODEAGENT_MAX_PARALLEL_WORKERS`: Parallel task concurrency limit (default: unlimited, recommended: 8, max: 100)
+- 替换 Codex 为 codeagent 并添加 UI 自动检测
 
-#### Configuration Files
-- `config.schema.json`: Added `op_merge_json` schema validation
+### 🚜 Refactor
 
-### ⚠️ Breaking Changes
 
-**codex-wrapper → codeagent-wrapper rename**
+- 调整文件命名和技能定义
 
-**Migration**:
-```bash
-python3 install.py --module dev --force
-```
+### 🧪 Testing
 
-**Backward Compatibility**: `codex-wrapper/main.go` provides compatibility entry point
 
-### 📦 Installation
+- 添加 ExtractRecentErrors 单元测试
 
-```bash
-# Install dev module
-python3 install.py --module dev
+## [5.1.4] - 2025-12-09
 
-# List all modules
-python3 install.py --list-modules
 
-# Verbose logging mode
-python3 install.py --module dev --verbose
-```
+### 🐛 Bug Fixes
 
-### 🧪 Test Results
 
-✅ **All tests passing**
-- Overall coverage: 93.4%
-- Security scan: 0 issues (gosec)
-- Linting: Pass
+- 任务启动时立即返回日志文件路径以支持实时调试
 
-### 📄 Related PRs & Issues
+## [5.1.3] - 2025-12-08
 
-- PR #53: Enterprise Workflow with Multi-Backend Support
-- Issue #55: Installation script execution not visible
-- Issue #56: Unfriendly error logging on abnormal exit
 
-### 👥 Contributors
+### 🐛 Bug Fixes
 
-- Claude Sonnet 4.5
-- Claude Opus 4.5
-- SWE-Agent-Bot
+
+- resolve CI timing race in TestFakeCmdInfra
+
+## [5.1.2] - 2025-12-08
+
+
+### 🐛 Bug Fixes
+
+
+- 修复channel同步竞态条件和死锁问题
+
+### 💼 Other
+
+
+- Merge pull request #51 from cexll/fix/channel-sync-race-conditions
+
+- change codex-wrapper version
+
+## [5.1.1] - 2025-12-08
+
+
+### 🐛 Bug Fixes
+
+
+- 增强日志清理的安全性和可靠性
+
+- resolve data race on forceKillDelay with atomic operations
+
+### 💼 Other
+
+
+- Merge pull request #49 from cexll/freespace8/master
+
+- resolve signal handling conflict preserving testability and Windows support
+
+### 🧪 Testing
+
+
+- 补充测试覆盖提升至 89.3%
+
+## [5.1.0] - 2025-12-07
+
+
+### 💼 Other
+
+
+- Merge pull request #45 from Michaelxwb/master
+
+- 修改windows安装说明
+
+- 修改打包脚本
+
+- 支持windows系统的安装
+
+- Merge pull request #1 from Michaelxwb/feature-win
+
+- 支持window
+
+### 🚀 Features
+
+
+- 添加启动时清理日志的功能和--cleanup标志支持
+
+- implement enterprise workflow with multi-backend support
+
+## [5.0.0] - 2025-12-05
+
+
+### ⚙️ Miscellaneous Tasks
+
+
+- clarify unit-test coverage levels in requirement questions
+
+### 🐛 Bug Fixes
+
+
+- defer startup log until args parsed
+
+### 💼 Other
+
+
+- Merge branch 'master' of github.com:cexll/myclaude
+
+- Merge pull request #43 from gurdasnijor/smithery/add-badge
+
+- Add Smithery badge
+
+- Merge pull request #42 from freespace8/master
+
+### 📚 Documentation
+
+
+- rewrite documentation for v5.0 modular architecture
+
+### 🚀 Features
+
+
+- feat install.py
+
+- implement modular installation system
+
+### 🚜 Refactor
+
+
+- remove deprecated plugin modules
+
+## [4.8.2] - 2025-12-02
+
+
+### 🐛 Bug Fixes
+
+
+- skip signal test in CI environment
+
+- make forceKillDelay testable to prevent signal test timeout
+
+- correct Go version in go.mod from 1.25.3 to 1.21
+
+- fix codex wrapper async log
+
+- capture and include stderr in error messages
+
+### 💼 Other
+
+
+- Merge pull request #41 from cexll/fix-async-log
+
+- remove test case 90
+
+- optimize codex-wrapper
+
+- Merge branch 'master' into fix-async-log
+
+## [4.8.1] - 2025-12-01
+
+
+### 🎨 Styling
+
+
+- replace emoji with text labels
+
+### 🐛 Bug Fixes
+
+
+- improve --parallel parameter validation and docs
+
+### 💼 Other
+
+
+- remove codex-wrapper bin
+
+## [4.8.0] - 2025-11-30
+
+
+### 💼 Other
+
+
+- update codex skill dependencies
+
+## [4.7.3] - 2025-11-29
+
+
+### 🐛 Bug Fixes
+
+
+- 保留日志文件以便程序退出后调试并完善日志输出功能
+
+### 💼 Other
+
+
+- Merge pull request #34 from cexll/cce-worktree-master-20251129-111802-997076000
+
+- update CLAUDE.md and codex skill
+
+### 📚 Documentation
+
+
+- improve codex skill parameter best practices
+
+### 🚀 Features
+
+
+- add session resume support and improve output format
+
+- add parallel execution support to codex-wrapper
+
+- add async logging to temp file with lifecycle management
+
+## [4.7.2] - 2025-11-28
+
+
+### 🐛 Bug Fixes
+
+
+- improve buffer size and streamline message extraction
+
+### 💼 Other
+
+
+- Merge pull request #32 from freespace8/master
+
+### 🧪 Testing
+
+
+- 增加对超大单行文本和非字符串文本的处理测试
+
+## [4.7.1] - 2025-11-27
+
+
+### 💼 Other
+
+
+- optimize dev pipline
+
+- Merge feat/codex-wrapper: fix repository URLs
+
+## [4.7] - 2025-11-27
+
+
+### 🐛 Bug Fixes
+
+
+- update repository URLs to cexll/myclaude
+
+## [4.7-alpha1] - 2025-11-27
+
+
+### 🐛 Bug Fixes
+
+
+- fix marketplace schema validation error in dev-workflow plugin
+
+### 💼 Other
+
+
+- Merge pull request #29 from cexll/feat/codex-wrapper
+
+- Add codex-wrapper Go implementation
+
+- update readme
+
+- update readme
+
+## [4.6] - 2025-11-25
+
+
+### 💼 Other
+
+
+- update dev workflow
+
+- update dev workflow
+
+## [4.5] - 2025-11-25
+
+
+### 🐛 Bug Fixes
+
+
+- fix codex skill eof
+
+### 💼 Other
+
+
+- update dev workflow plugin
+
+- update readme
+
+## [4.4] - 2025-11-22
+
+
+### 🐛 Bug Fixes
+
+
+- fix codex skill timeout and add more log
+
+- fix codex skill
+
+### 💼 Other
+
+
+- update gemini skills
+
+- update dev workflow
+
+- update codex skills model config
+
+- Merge branch 'master' of github.com:cexll/myclaude
+
+- Merge pull request #24 from cexll/swe-agent/23-1763544297
+
+### 🚀 Features
+
+
+- 支持通过环境变量配置 skills 模型
+
+## [4.3] - 2025-11-19
+
+
+### 🐛 Bug Fixes
+
+
+- fix codex skills running
+
+### 💼 Other
+
+
+- update skills plugin
+
+- update gemini
+
+- update doc
+
+- Add Gemini CLI integration skill
+
+### 🚀 Features
+
+
+- feat simple dev workflow
+
+## [4.2.2] - 2025-11-15
+
+
+### 💼 Other
+
+
+- update codex skills
+
+## [4.2.1] - 2025-11-14
+
+
+### 💼 Other
+
+
+- Merge pull request #21 from Tshoiasc/master
+
+- Merge branch 'master' into master
+
+- Change default model to gpt-5.1-codex
+
+- Enhance codex.py to auto-detect long inputs and switch to stdin mode, improving handling of shell argument issues. Updated build_codex_args to support stdin and added relevant logging for task length warnings.
+
+## [4.2] - 2025-11-13
+
+
+### 🐛 Bug Fixes
+
+
+- fix codex.py wsl run err
+
+### 💼 Other
+
+
+- optimize codex skills
+
+- Merge branch 'master' of github.com:cexll/myclaude
+
+- Rename SKILLS.md to SKILL.md
+
+- optimize codex skills
+
+### 🚀 Features
+
+
+- feat codex skills
+
+## [4.1] - 2025-11-04
+
+
+### 💼 Other
+
+
+- update enhance-prompt.md response
+
+- update readme
+
+### 📚 Documentation
+
+
+- 新增 /enhance-prompt 命令并更新所有 README 文档
+
+## [4.0] - 2025-10-22
+
+
+### 🐛 Bug Fixes
+
+
+- fix skills format
+
+### 💼 Other
+
+
+- Merge branch 'master' of github.com:cexll/myclaude
+
+- Merge pull request #18 from cexll/swe-agent/17-1760969135
+
+- update requirements clarity
+
+- update .gitignore
+
+- Fix #17: Update root marketplace.json to use skills array
+
+- Fix #17: Convert requirements-clarity to correct plugin directory format
+
+- Fix #17: Convert requirements-clarity to correct plugin directory format
+
+- Convert requirements-clarity to plugin format with English prompts
+
+- Translate requirements-clarity skill to English for plugin compatibility
+
+- Add requirements-clarity Claude Skill
+
+- Add requirements clarification command
+
+- update
+
+## [3.5] - 2025-10-20
+
+
+### 💼 Other
+
+
+- Merge pull request #15 from cexll/swe-agent/13-1760944712
+
+- Fix #13: Clean up redundant README files
+
+- Optimize README structure - Solution A (modular)
+
+- Merge pull request #14 from cexll/swe-agent/12-1760944588
+
+- Fix #12: Update Makefile install paths for new directory structure
+
+## [3.4] - 2025-10-20
+
+
+### 💼 Other
+
+
+- Merge pull request #11 from cexll/swe-agent/10-1760752533
+
+- Fix marketplace metadata references
+
+- Fix plugin configuration: rename to marketplace.json and update repository URLs
+
+- Fix #10: Restructure plugin directories to ensure proper command isolation
+
+## [3.3] - 2025-10-15
+
+
+### 💼 Other
+
+
+- Update README-zh.md
+
+- Update README.md
+
+- Update marketplace.json
+
+- Update Chinese README with v3.2 plugin system documentation
+
+- Update README with v3.2 plugin system documentation
+
+## [3.2] - 2025-10-10
+
+
+### 💼 Other
+
+
+- Add Claude Code plugin system support
+
+- update readme
+
+- Add Makefile for quick deployment and update READMEs
+
+## [3.1] - 2025-09-17
+
+
+### ◀️ Revert
+
+
+- revert
+
+### 🐛 Bug Fixes
+
+
+- fixed bmad-orchestrator not fund
+
+- fix bmad
+
+### 💼 Other
+
+
+- update bmad review with codex support
+
+- 优化 BMAD 工作流和代理配置
+
+- update gpt5
+
+- support bmad output-style
+
+- update bmad user guide
+
+- update bmad readme
+
+- optimize requirements pilot
+
+- add use gpt5 codex
+
+- add bmad pilot
+
+- sync READMEs with actual commands/agents; remove nonexistent commands; enhance requirements-pilot with testing decision gate and options.
+
+- Update Chinese README and requirements-pilot command to align with latest workflow
+
+- update readme
+
+- update agent
+
+- update bugfix sub agents
+
+- Update ask support KISS YAGNI SOLID
+
+- Add comprehensive documentation and multi-agent workflow system
+
+- update commands
+<!-- generated by git-cliff -->

Makefile

@@ -1,7 +1,7 @@
 # Claude Code Multi-Agent Workflow System Makefile
 # Quick deployment for BMAD and Requirements workflows
 
-.PHONY: help install deploy-bmad deploy-requirements deploy-essentials deploy-advanced deploy-all deploy-commands deploy-agents clean test
+.PHONY: help install deploy-bmad deploy-requirements deploy-essentials deploy-advanced deploy-all deploy-commands deploy-agents clean test changelog
 
 # Default target
 help:
@@ -22,6 +22,7 @@ help:
 	@echo "  deploy-all           - Deploy everything (commands + agents)"
 	@echo "  test-bmad            - Test BMAD workflow with sample"
 	@echo "  test-requirements    - Test Requirements workflow with sample"
+	@echo "  changelog            - Update CHANGELOG.md using git-cliff"
 	@echo "  clean                - Clean generated artifacts"
 	@echo "  help                 - Show this help message"
 
@@ -145,3 +146,17 @@ all: deploy-all
 version:
 	@echo "Claude Code Multi-Agent Workflow System v3.1"
 	@echo "BMAD + Requirements-Driven Development"
+
+# Update CHANGELOG.md using git-cliff
+changelog:
+	@echo "📝 Updating CHANGELOG.md with git-cliff..."
+	@if ! command -v git-cliff > /dev/null 2>&1; then \
+		echo "❌ git-cliff not found. Installing via Homebrew..."; \
+		brew install git-cliff; \
+	fi
+	@git-cliff -o CHANGELOG.md
+	@echo "✅ CHANGELOG.md updated successfully!"
+	@echo ""
+	@echo "Preview the changes:"
+	@echo "  git diff CHANGELOG.md"
+

README.md

@@ -35,6 +35,41 @@ python3 install.py --install-dir ~/.claude
 
 ## Workflows Overview
 
+### 0. OmO Multi-Agent Orchestrator (Recommended for Complex Tasks)
+
+**Intelligent multi-agent orchestration that routes tasks to specialized agents based on risk signals.**
+
+```bash
+/omo "analyze and fix this authentication bug"
+```
+
+**Agent Hierarchy:**
+| Agent | Role | Backend | Model |
+|-------|------|---------|-------|
+| `oracle` | Technical advisor | Claude | claude-opus-4-5 |
+| `librarian` | External research | Claude | claude-sonnet-4-5 |
+| `explore` | Codebase search | OpenCode | grok-code |
+| `develop` | Code implementation | Codex | gpt-5.2 |
+| `frontend-ui-ux-engineer` | UI/UX specialist | Gemini | gemini-3-pro |
+| `document-writer` | Documentation | Gemini | gemini-3-flash |
+
+**Routing Signals (Not Fixed Pipeline):**
+- Code location unclear → `explore`
+- External library/API → `librarian`
+- Risky/multi-file change → `oracle`
+- Implementation needed → `develop` / `frontend-ui-ux-engineer`
+
+**Common Recipes:**
+- Explain code: `explore`
+- Small fix with known location: `develop` directly
+- Bug fix, location unknown: `explore → develop`
+- Cross-cutting refactor: `explore → oracle → develop`
+- External API integration: `explore + librarian → oracle → develop`
+
+**Best For:** Complex bug investigation, multi-file refactoring, architecture decisions
+
+---
+
 ### 1. Dev Workflow (Recommended)
 
 **The primary workflow for most development tasks.**
@@ -132,6 +167,59 @@ Requirements → Architecture → Sprint Plan → Development → Review → QA
 
 ---
 
+## Version Requirements
+
+### Codex CLI
+**Minimum version:** Check compatibility with your installation
+
+The codeagent-wrapper uses these Codex CLI features:
+- `codex e` - Execute commands (shorthand for `codex exec`)
+- `--skip-git-repo-check` - Skip git repository validation
+- `--json` - JSON stream output format
+- `-C <workdir>` - Set working directory
+- `resume <session_id>` - Resume previous sessions
+
+**Verify Codex CLI is installed:**
+```bash
+which codex
+codex --version
+```
+
+### Claude CLI
+**Minimum version:** Check compatibility with your installation
+
+Required features:
+- `--output-format stream-json` - Streaming JSON output format
+- `--setting-sources` - Control setting sources (prevents infinite recursion)
+- `--dangerously-skip-permissions` - Skip permission prompts (use with caution)
+- `-p` - Prompt input flag
+- `-r <session_id>` - Resume sessions
+
+**Security Note:** The wrapper adds `--dangerously-skip-permissions` for Claude by default. Set `CODEAGENT_SKIP_PERMISSIONS=false` to disable if you need permission prompts.
+
+**Verify Claude CLI is installed:**
+```bash
+which claude
+claude --version
+```
+
+### Gemini CLI
+**Minimum version:** Check compatibility with your installation
+
+Required features:
+- `-o stream-json` - JSON stream output format
+- `-y` - Auto-approve prompts (non-interactive mode)
+- `-r <session_id>` - Resume sessions
+- `-p` - Prompt input flag
+
+**Verify Gemini CLI is installed:**
+```bash
+which gemini
+gemini --version
+```
+
+---
+
 ## Installation
 
 ### Modular Installation (Recommended)
@@ -163,15 +251,39 @@ python3 install.py --force
 
 ```
 ~/.claude/
-├── CLAUDE.md              # Core instructions and role definition
-├── commands/              # Slash commands (/dev, /code, etc.)
-├── agents/                # Agent definitions
+├── bin/
+│   └── codeagent-wrapper    # Main executable
+├── CLAUDE.md                # Core instructions and role definition
+├── commands/                # Slash commands (/dev, /code, etc.)
+├── agents/                  # Agent definitions
 ├── skills/
 │   └── codex/
-│       └── SKILL.md       # Codex integration skill
-└── installed_modules.json # Installation status
+│       └── SKILL.md         # Codex integration skill
+├── config.json              # Configuration
+└── installed_modules.json   # Installation status
 ```
 
+### Customizing Installation Directory
+
+By default, myclaude installs to `~/.claude`. You can customize this using the `INSTALL_DIR` environment variable:
+
+```bash
+# Install to custom directory
+INSTALL_DIR=/opt/myclaude bash install.sh
+
+# Update your PATH accordingly
+export PATH="/opt/myclaude/bin:$PATH"
+```
+
+**Directory Structure:**
+- `$INSTALL_DIR/bin/` - codeagent-wrapper binary
+- `$INSTALL_DIR/skills/` - Skill definitions
+- `$INSTALL_DIR/config.json` - Configuration file
+- `$INSTALL_DIR/commands/` - Slash command definitions
+- `$INSTALL_DIR/agents/` - Agent definitions
+
+**Note:** When using a custom installation directory, ensure that `$INSTALL_DIR/bin` is added to your `PATH` environment variable.
+
 ### Configuration
 
 Edit `config.json` to customize:
@@ -269,8 +381,10 @@ $Env:PATH = "$HOME\bin;$Env:PATH"
 ```
 
 ```batch
-REM cmd.exe - persistent for current user
-setx PATH "%USERPROFILE%\bin;%PATH%"
+REM cmd.exe - persistent for current user (use PowerShell method above instead)
+REM WARNING: This expands %PATH% which includes system PATH, causing duplication
+REM Note: Using reg add instead of setx to avoid 1024-character truncation limit
+reg add "HKCU\Environment" /v Path /t REG_EXPAND_SZ /d "%USERPROFILE%\bin;%PATH%" /f
 ```
 
 ---
@@ -294,11 +408,14 @@ setx PATH "%USERPROFILE%\bin;%PATH%"
 
 **Codex wrapper not found:**
 ```bash
-# Check PATH
-echo $PATH | grep -q "$HOME/bin" || echo 'export PATH="$HOME/bin:$PATH"' >> ~/.zshrc
+# Installer auto-adds PATH, check if configured
+if [[ ":$PATH:" != *":$HOME/.claude/bin:"* ]]; then
+    echo "PATH not configured. Reinstalling..."
+    bash install.sh
+fi
 
-# Reinstall
-bash install.sh
+# Or manually add (idempotent command)
+[[ ":$PATH:" != *":$HOME/.claude/bin:"* ]] && echo 'export PATH="$HOME/.claude/bin:$PATH"' >> ~/.zshrc
 ```
 
 **Permission denied:**
@@ -315,18 +432,177 @@ cat ~/.claude/installed_modules.json
 python3 install.py --module dev --force
 ```
 
+### Version Compatibility Issues
+
+**Backend CLI not found:**
+```bash
+# Check if backend CLIs are installed
+which codex
+which claude
+which gemini
+
+# Install missing backends
+# Codex: Follow installation instructions at https://codex.docs
+# Claude: Follow installation instructions at https://claude.ai/docs
+# Gemini: Follow installation instructions at https://ai.google.dev/docs
+```
+
+**Unsupported CLI flags:**
+```bash
+# If you see errors like "unknown flag" or "invalid option"
+
+# Check backend CLI version
+codex --version
+claude --version
+gemini --version
+
+# For Codex: Ensure it supports `e`, `--skip-git-repo-check`, `--json`, `-C`, and `resume`
+# For Claude: Ensure it supports `--output-format stream-json`, `--setting-sources`, `-r`
+# For Gemini: Ensure it supports `-o stream-json`, `-y`, `-r`, `-p`
+
+# Update your backend CLI to the latest version if needed
+```
+
+**JSON parsing errors:**
+```bash
+# If you see "failed to parse JSON output" errors
+
+# Verify the backend outputs stream-json format
+codex e --json "test task"  # Should output newline-delimited JSON
+claude --output-format stream-json -p "test"  # Should output stream JSON
+
+# If not, your backend CLI version may be too old or incompatible
+```
+
+**Infinite recursion with Claude backend:**
+```bash
+# The wrapper prevents this with `--setting-sources ""` flag
+# If you still see recursion, ensure your Claude CLI supports this flag
+
+claude --help | grep "setting-sources"
+
+# If flag is not supported, upgrade Claude CLI
+```
+
+**Session resume failures:**
+```bash
+# Check if session ID is valid
+codex history  # List recent sessions
+claude history
+
+# Ensure backend CLI supports session resumption
+codex resume <session_id> "test"  # Should continue from previous session
+claude -r <session_id> "test"
+
+# If not supported, use new sessions instead of resume mode
+```
+
+---
+
+## FAQ (Frequently Asked Questions)
+
+### Q1: `codeagent-wrapper` execution fails with "Unknown event format"
+
+**Problem:**
+```
+Unknown event format: {"type":"turn.started"}
+Unknown event format: {"type":"assistant", ...}
+```
+
+**Solution:**
+This is a logging event format display issue and does not affect actual functionality. It will be fixed in the next version. You can ignore these log outputs.
+
+**Related Issue:** [#96](https://github.com/cexll/myclaude/issues/96)
+
+---
+
+### Q2: Gemini cannot read files ignored by `.gitignore`
+
+**Problem:**
+When using `codeagent-wrapper --backend gemini`, files in directories like `.claude/` that are ignored by `.gitignore` cannot be read.
+
+**Solution:**
+- **Option 1:** Remove `.claude/` from your `.gitignore` file
+- **Option 2:** Ensure files that need to be read are not in `.gitignore` list
+
+**Related Issue:** [#75](https://github.com/cexll/myclaude/issues/75)
+
+---
+
+### Q3: `/dev` command parallel execution is very slow
+
+**Problem:**
+Using `/dev` command for simple features takes too long (over 30 minutes) with no visibility into task progress.
+
+**Solution:**
+1. **Check logs:** Review `C:\Users\User\AppData\Local\Temp\codeagent-wrapper-*.log` to identify bottlenecks
+2. **Adjust backend:**
+   - Try faster models like `gpt-5.1-codex-max`
+   - Running in WSL may be significantly faster
+3. **Workspace:** Use a single repository instead of monorepo with multiple sub-projects
+
+**Related Issue:** [#77](https://github.com/cexll/myclaude/issues/77)
+
+---
+
+### Q4: Codex permission denied with new Go version
+
+**Problem:**
+After upgrading to the new Go-based Codex implementation, execution fails with permission denied errors.
+
+**Solution:**
+Add the following configuration to `~/.codex/config.yaml` (Windows: `c:\user\.codex\config.toml`):
+```yaml
+model = "gpt-5.1-codex-max"
+model_reasoning_effort = "high"
+model_reasoning_summary = "detailed"
+approval_policy = "never"
+sandbox_mode = "workspace-write"
+disable_response_storage = true
+network_access = true
+```
+
+**Key settings:**
+- `approval_policy = "never"` - Remove approval restrictions
+- `sandbox_mode = "workspace-write"` - Allow workspace write access
+- `network_access = true` - Enable network access
+
+**Related Issue:** [#31](https://github.com/cexll/myclaude/issues/31)
+
+---
+
+### Q5: How to disable default bypass/skip-permissions mode
+
+**Background:**
+By default, codeagent-wrapper enables bypass mode for both Codex and Claude backends:
+- `CODEX_BYPASS_SANDBOX=true` - Bypasses Codex sandbox restrictions
+- `CODEAGENT_SKIP_PERMISSIONS=true` - Skips Claude permission prompts
+
+**To disable (if you need sandbox/permission protection):**
+```bash
+export CODEX_BYPASS_SANDBOX=false
+export CODEAGENT_SKIP_PERMISSIONS=false
+```
+
+Or add to your shell profile (`~/.zshrc` or `~/.bashrc`):
+```bash
+echo 'export CODEX_BYPASS_SANDBOX=false' >> ~/.zshrc
+echo 'export CODEAGENT_SKIP_PERMISSIONS=false' >> ~/.zshrc
+```
+
+**Note:** Disabling bypass mode will require manual approval for certain operations.
+
+---
+
+**Still having issues?** Visit [GitHub Issues](https://github.com/cexll/myclaude/issues) to search or report new issues.
+
 ---
 
 ## Documentation
-
-### Core Guides
-- **[Architecture Overview](docs/architecture.md)** - System architecture and component design
 - **[Codeagent-Wrapper Guide](docs/CODEAGENT-WRAPPER.md)** - Multi-backend execution wrapper
-- **[GitHub Workflow Guide](docs/GITHUB-WORKFLOW.md)** - Issue-to-PR automation
 - **[Hooks Documentation](docs/HOOKS.md)** - Custom hooks and automation
 
 ### Additional Resources
-- **[Enterprise Workflow Ideas](docs/enterprise-workflow-ideas.md)** - Advanced patterns and best practices
 - **[Installation Log](install.log)** - Installation history and troubleshooting
 
 ---

README_CN.md

@@ -30,6 +30,41 @@ python3 install.py --install-dir ~/.claude
 
 ## 工作流概览
 
+### 0. OmO 多智能体编排器（复杂任务推荐）
+
+**基于风险信号智能路由任务到专业智能体的多智能体编排系统。**
+
+```bash
+/omo "分析并修复这个认证 bug"
+```
+
+**智能体层级：**
+| 智能体 | 角色 | 后端 | 模型 |
+|-------|------|------|------|
+| `oracle` | 技术顾问 | Claude | claude-opus-4-5 |
+| `librarian` | 外部研究 | Claude | claude-sonnet-4-5 |
+| `explore` | 代码库搜索 | OpenCode | grok-code |
+| `develop` | 代码实现 | Codex | gpt-5.2 |
+| `frontend-ui-ux-engineer` | UI/UX 专家 | Gemini | gemini-3-pro |
+| `document-writer` | 文档撰写 | Gemini | gemini-3-flash |
+
+**路由信号（非固定流水线）：**
+- 代码位置不明确 → `explore`
+- 外部库/API → `librarian`
+- 高风险/多文件变更 → `oracle`
+- 需要实现 → `develop` / `frontend-ui-ux-engineer`
+
+**常用配方：**
+- 解释代码：`explore`
+- 位置已知的小修复：直接 `develop`
+- Bug 修复，位置未知：`explore → develop`
+- 跨模块重构：`explore → oracle → develop`
+- 外部 API 集成：`explore + librarian → oracle → develop`
+
+**适用场景：** 复杂 bug 调查、多文件重构、架构决策
+
+---
+
 ### 1. Dev 工作流（推荐）
 
 **大多数开发任务的首选工作流。**
@@ -152,15 +187,39 @@ python3 install.py --force
 
 ```
 ~/.claude/
-├── CLAUDE.md              # 核心指令和角色定义
-├── commands/              # 斜杠命令 (/dev, /code 等)
-├── agents/                # 智能体定义
+├── bin/
+│   └── codeagent-wrapper    # 主可执行文件
+├── CLAUDE.md                # 核心指令和角色定义
+├── commands/                # 斜杠命令 (/dev, /code 等)
+├── agents/                  # 智能体定义
 ├── skills/
 │   └── codex/
-│       └── SKILL.md       # Codex 集成技能
-└── installed_modules.json # 安装状态
+│       └── SKILL.md         # Codex 集成技能
+├── config.json              # 配置文件
+└── installed_modules.json   # 安装状态
 ```
 
+### 自定义安装目录
+
+默认情况下，myclaude 安装到 `~/.claude`。您可以使用 `INSTALL_DIR` 环境变量自定义安装目录：
+
+```bash
+# 安装到自定义目录
+INSTALL_DIR=/opt/myclaude bash install.sh
+
+# 相应更新您的 PATH
+export PATH="/opt/myclaude/bin:$PATH"
+```
+
+**目录结构：**
+- `$INSTALL_DIR/bin/` - codeagent-wrapper 可执行文件
+- `$INSTALL_DIR/skills/` - 技能定义
+- `$INSTALL_DIR/config.json` - 配置文件
+- `$INSTALL_DIR/commands/` - 斜杠命令定义
+- `$INSTALL_DIR/agents/` - 智能体定义
+
+**注意：** 使用自定义安装目录时，请确保将 `$INSTALL_DIR/bin` 添加到您的 `PATH` 环境变量中。
+
 ### 配置
 
 编辑 `config.json` 自定义：
@@ -258,8 +317,10 @@ $Env:PATH = "$HOME\bin;$Env:PATH"
 ```
 
 ```batch
-REM cmd.exe - 永久添加（当前用户）
-setx PATH "%USERPROFILE%\bin;%PATH%"
+REM cmd.exe - 永久添加（当前用户）（建议使用上面的 PowerShell 方法）
+REM 警告：此命令会展开 %PATH% 包含系统 PATH，导致重复
+REM 注意：使用 reg add 而非 setx 以避免 1024 字符截断限制
+reg add "HKCU\Environment" /v Path /t REG_EXPAND_SZ /d "%USERPROFILE%\bin;%PATH%" /f
 ```
 
 ---
@@ -283,11 +344,14 @@ setx PATH "%USERPROFILE%\bin;%PATH%"
 
 **Codex wrapper 未找到：**
 ```bash
-# 检查 PATH
-echo $PATH | grep -q "$HOME/bin" || echo 'export PATH="$HOME/bin:$PATH"' >> ~/.zshrc
+# 安装程序会自动添加 PATH，检查是否已添加
+if [[ ":$PATH:" != *":$HOME/.claude/bin:"* ]]; then
+    echo "PATH not configured. Reinstalling..."
+    bash install.sh
+fi
 
-# 重新安装
-bash install.sh
+# 或手动添加（幂等性命令）
+[[ ":$PATH:" != *":$HOME/.claude/bin:"* ]] && echo 'export PATH="$HOME/.claude/bin:$PATH"' >> ~/.zshrc
 ```
 
 **权限被拒绝：**
@@ -306,6 +370,105 @@ python3 install.py --module dev --force
 
 ---
 
+## 常见问题 (FAQ)
+
+### Q1: `codeagent-wrapper` 执行时报错 "Unknown event format"
+
+**问题描述：**
+执行 `codeagent-wrapper` 时出现错误：
+```
+Unknown event format: {"type":"turn.started"}
+Unknown event format: {"type":"assistant", ...}
+```
+
+**解决方案：**
+这是日志事件流的显示问题，不影响实际功能执行。预计在下个版本中修复。如需排查其他问题，可忽略此日志输出。
+
+**相关 Issue：** [#96](https://github.com/cexll/myclaude/issues/96)
+
+---
+
+### Q2: Gemini 无法读取 `.gitignore` 忽略的文件
+
+**问题描述：**
+使用 `codeagent-wrapper --backend gemini` 时，无法读取 `.claude/` 等被 `.gitignore` 忽略的目录中的文件。
+
+**解决方案：**
+- **方案一：** 在项目根目录的 `.gitignore` 中取消对 `.claude/` 的忽略
+- **方案二：** 确保需要读取的文件不在 `.gitignore` 忽略列表中
+
+**相关 Issue：** [#75](https://github.com/cexll/myclaude/issues/75)
+
+---
+
+### Q3: `/dev` 命令并行执行特别慢
+
+**问题描述：**
+使用 `/dev` 命令开发简单功能耗时过长（超过30分钟），无法了解任务执行状态。
+
+**解决方案：**
+1. **检查日志：** 查看 `C:\Users\User\AppData\Local\Temp\codeagent-wrapper-*.log` 分析瓶颈
+2. **调整后端：**
+   - 尝试使用 `gpt-5.1-codex-max` 等更快的模型
+   - 在 WSL 环境下运行速度可能更快
+3. **工作区选择：** 使用独立的代码仓库而非包含多个子项目的 monorepo
+
+**相关 Issue：** [#77](https://github.com/cexll/myclaude/issues/77)
+
+---
+
+### Q4: 新版 Go 实现的 Codex 权限不足
+
+**问题描述：**
+升级到新版 Go 实现的 Codex 后，出现权限不足的错误。
+
+**解决方案：**
+在 `~/.codex/config.yaml` 中添加以下配置（Windows: `c:\user\.codex\config.toml`）：
+```yaml
+model = "gpt-5.1-codex-max"
+model_reasoning_effort = "high"
+model_reasoning_summary = "detailed"
+approval_policy = "never"
+sandbox_mode = "workspace-write"
+disable_response_storage = true
+network_access = true
+```
+
+**关键配置说明：**
+- `approval_policy = "never"` - 移除审批限制
+- `sandbox_mode = "workspace-write"` - 允许工作区写入权限
+- `network_access = true` - 启用网络访问
+
+**相关 Issue：** [#31](https://github.com/cexll/myclaude/issues/31)
+
+---
+
+### Q5: 执行时遇到权限拒绝或沙箱限制
+
+**问题描述：**
+运行 codeagent-wrapper 时出现权限错误或沙箱限制。
+
+**解决方案：**
+设置以下环境变量：
+```bash
+export CODEX_BYPASS_SANDBOX=true
+export CODEAGENT_SKIP_PERMISSIONS=true
+```
+
+或添加到 shell 配置文件（`~/.zshrc` 或 `~/.bashrc`）：
+```bash
+echo 'export CODEX_BYPASS_SANDBOX=true' >> ~/.zshrc
+echo 'export CODEAGENT_SKIP_PERMISSIONS=true' >> ~/.zshrc
+```
+
+**注意：** 这些设置会绕过安全限制，请仅在可信环境中使用。
+
+---
+
+**仍有疑问？** 请访问 [GitHub Issues](https://github.com/cexll/myclaude/issues) 搜索或提交新问题。
+
+---
+
 ## 许可证
 
 AGPL-3.0 License - 查看 [LICENSE](LICENSE)

bmad-agile-workflow/.claude-plugin/marketplace.json

@@ -1,37 +0,0 @@
-{
-  "name": "bmad-agile-workflow",
-  "source": "./",
-  "description": "Full BMAD agile workflow with role-based agents (PO, Architect, SM, Dev, QA) and interactive approval gates",
-  "version": "1.0.0",
-  "author": {
-    "name": "Claude Code Dev Workflows",
-    "url": "https://github.com/cexll/myclaude"
-  },
-  "homepage": "https://github.com/cexll/myclaude",
-  "repository": "https://github.com/cexll/myclaude",
-  "license": "MIT",
-  "keywords": [
-    "bmad",
-    "agile",
-    "scrum",
-    "product-owner",
-    "architect",
-    "developer",
-    "qa",
-    "workflow-orchestration"
-  ],
-  "category": "workflows",
-  "strict": false,
-  "commands": [
-    "./commands/bmad-pilot.md"
-  ],
-  "agents": [
-    "./agents/bmad-po.md",
-    "./agents/bmad-architect.md",
-    "./agents/bmad-sm.md",
-    "./agents/bmad-dev.md",
-    "./agents/bmad-qa.md",
-    "./agents/bmad-orchestrator.md",
-    "./agents/bmad-review.md"
-  ]
-}

bmad-agile-workflow/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "bmad",
+  "description": "Full BMAD agile workflow with role-based agents (PO, Architect, SM, Dev, QA) and interactive approval gates",
+  "version": "5.6.1",
+  "author": {
+    "name": "cexll",
+    "email": "cexll@cexll.com"
+  }
+}

bmad-agile-workflow/agents/bmad-architect.md

@@ -427,6 +427,10 @@ Generate architecture document at `./.claude/specs/{feature_name}/02-system-arch
 
 ## Important Behaviors
 
+### Language Rules:
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, REST, GraphQL, JWT, RBAC, etc.) in English; translate explanatory text only.
+
 ### DO:
 - Start by reviewing and referencing the PRD
 - Present initial architecture based on requirements

bmad-agile-workflow/agents/bmad-dev.md

@@ -419,6 +419,10 @@ logger.info('User created', {
 
 ## Important Implementation Rules
 
+### Language Rules:
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, CRUD, JWT, SQL, etc.) in English; translate explanatory text only.
+
 ### DO:
 - Follow architecture specifications exactly
 - Implement all acceptance criteria from PRD

bmad-agile-workflow/agents/bmad-orchestrator.md

@@ -22,6 +22,10 @@ You are the BMAD Orchestrator. Your core focus is repository analysis, workflow
 - Consistency: ensure conventions and patterns discovered in scan are preserved downstream
 - Explicit handoffs: clearly document assumptions, risks, and integration points for other agents
 
+### Language Rules:
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, PRD, Sprint, etc.) in English; translate explanatory text only.
+
 ## UltraThink Repository Scan
 
 When asked to analyze the repository, follow this structure and return a clear, actionable summary.

bmad-agile-workflow/agents/bmad-po.md

@@ -313,6 +313,10 @@ Generate PRD at `./.claude/specs/{feature_name}/01-product-requirements.md`:
 
 ## Important Behaviors
 
+### Language Rules:
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, Sprint, PRD, KPI, MVP, etc.) in English; translate explanatory text only.
+
 ### DO:
 - Start immediately with greeting and initial understanding
 - Show quality scores transparently

bmad-agile-workflow/agents/bmad-qa.md

@@ -478,6 +478,10 @@ module.exports = {
 
 ## Important Testing Rules
 
+### Language Rules:
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, E2E, CI/CD, Mock, etc.) in English; translate explanatory text only.
+
 ### DO:
 - Test all acceptance criteria from PRD
 - Cover happy path, edge cases, and error scenarios

bmad-agile-workflow/agents/bmad-review.md

@@ -45,3 +45,7 @@ You are an independent code review agent responsible for conducting reviews betw
 - Focus on actionable findings
 - Provide specific QA guidance
 - Use clear, parseable output format
+
+### Language Rules:
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, PRD, Sprint, etc.) in English; translate explanatory text only.

bmad-agile-workflow/agents/bmad-sm.md

@@ -351,6 +351,10 @@ So that [benefit]
 
 ## Important Behaviors
 
+### Language Rules:
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (Sprint, Epic, Story, Backlog, Velocity, etc.) in English; translate explanatory text only.
+
 ### DO:
 - Read both PRD and Architecture documents thoroughly
 - Create comprehensive task breakdown

cliff.toml

@@ -0,0 +1,72 @@
+# git-cliff configuration file
+# https://git-cliff.org/docs/configuration
+
+[changelog]
+# changelog header
+header = """
+# Changelog
+
+All notable changes to this project will be documented in this file.
+"""
+# template for the changelog body
+body = """
+{% if version %}
+## [{{ version | trim_start_matches(pat="v") }}] - {{ timestamp | date(format="%Y-%m-%d") }}
+{% else %}
+## Unreleased
+{% endif %}
+{% for group, commits in commits | group_by(attribute="group") %}
+### {{ group }}
+
+{% for commit in commits %}
+- {{ commit.message | split(pat="\n") | first }}
+{% endfor -%}
+{% endfor -%}
+"""
+# remove the leading and trailing whitespace from the template
+trim = true
+# changelog footer
+footer = """
+<!-- generated by git-cliff -->
+"""
+
+[git]
+# parse the commits based on https://www.conventionalcommits.org
+conventional_commits = true
+# filter out the commits that are not conventional
+filter_unconventional = false
+# process each line of a commit as an individual commit
+split_commits = false
+# regex for preprocessing the commit messages
+commit_preprocessors = [
+  { pattern = '\((\w+\s)?#([0-9]+)\)', replace = "([#${2}](https://github.com/cexll/myclaude/issues/${2}))" },
+]
+# regex for parsing and grouping commits
+commit_parsers = [
+  { message = "^feat", group = "🚀 Features" },
+  { message = "^fix", group = "🐛 Bug Fixes" },
+  { message = "^doc", group = "📚 Documentation" },
+  { message = "^perf", group = "⚡ Performance" },
+  { message = "^refactor", group = "🚜 Refactor" },
+  { message = "^style", group = "🎨 Styling" },
+  { message = "^test", group = "🧪 Testing" },
+  { message = "^chore\\(release\\):", skip = true },
+  { message = "^chore", group = "⚙️ Miscellaneous Tasks" },
+  { body = ".*security", group = "🛡️ Security" },
+  { message = "^revert", group = "◀️ Revert" },
+  { message = ".*", group = "💼 Other" },
+]
+# protect breaking changes from being skipped due to matching a skipping commit_parser
+protect_breaking_commits = false
+# filter out the commits that are not matched by commit parsers
+filter_commits = false
+# glob pattern for matching git tags
+tag_pattern = "v[0-9]*"
+# regex for skipping tags
+skip_tags = "v0.1.0-beta.1"
+# regex for ignoring tags
+ignore_tags = ""
+# sort the tags topologically
+topo_order = false
+# sort the commits inside sections by oldest/newest order
+sort_commits = "newest"

codeagent-wrapper/agent_config.go

@@ -0,0 +1,79 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"os"
+	"path/filepath"
+)
+
+type AgentModelConfig struct {
+	Backend     string `json:"backend"`
+	Model       string `json:"model"`
+	PromptFile  string `json:"prompt_file,omitempty"`
+	Description string `json:"description,omitempty"`
+	Yolo        bool   `json:"yolo,omitempty"`
+	Reasoning   string `json:"reasoning,omitempty"`
+}
+
+type ModelsConfig struct {
+	DefaultBackend string                      `json:"default_backend"`
+	DefaultModel   string                      `json:"default_model"`
+	Agents         map[string]AgentModelConfig `json:"agents"`
+}
+
+var defaultModelsConfig = ModelsConfig{
+	DefaultBackend: "opencode",
+	DefaultModel:   "opencode/grok-code",
+	Agents: map[string]AgentModelConfig{
+			"oracle":                  {Backend: "claude", Model: "claude-sonnet-4-20250514", PromptFile: "~/.claude/skills/omo/references/oracle.md", Description: "Technical advisor"},
+			"librarian":               {Backend: "claude", Model: "claude-sonnet-4-5-20250514", PromptFile: "~/.claude/skills/omo/references/librarian.md", Description: "Researcher"},
+			"explore":                 {Backend: "opencode", Model: "opencode/grok-code", PromptFile: "~/.claude/skills/omo/references/explore.md", Description: "Code search"},
+			"develop":                 {Backend: "codex", Model: "", PromptFile: "~/.claude/skills/omo/references/develop.md", Description: "Code development"},
+			"frontend-ui-ux-engineer": {Backend: "gemini", Model: "", PromptFile: "~/.claude/skills/omo/references/frontend-ui-ux-engineer.md", Description: "Frontend engineer"},
+			"document-writer":         {Backend: "gemini", Model: "", PromptFile: "~/.claude/skills/omo/references/document-writer.md", Description: "Documentation"},
+		},
+	}
+
+func loadModelsConfig() *ModelsConfig {
+	home, err := os.UserHomeDir()
+	if err != nil {
+		logWarn(fmt.Sprintf("Failed to resolve home directory for models config: %v; using defaults", err))
+		return &defaultModelsConfig
+	}
+
+	configPath := filepath.Join(home, ".codeagent", "models.json")
+	data, err := os.ReadFile(configPath)
+	if err != nil {
+		if !os.IsNotExist(err) {
+			logWarn(fmt.Sprintf("Failed to read models config %s: %v; using defaults", configPath, err))
+		}
+		return &defaultModelsConfig
+	}
+
+	var cfg ModelsConfig
+	if err := json.Unmarshal(data, &cfg); err != nil {
+		logWarn(fmt.Sprintf("Failed to parse models config %s: %v; using defaults", configPath, err))
+		return &defaultModelsConfig
+	}
+
+	// Merge with defaults
+	for name, agent := range defaultModelsConfig.Agents {
+		if _, exists := cfg.Agents[name]; !exists {
+			if cfg.Agents == nil {
+				cfg.Agents = make(map[string]AgentModelConfig)
+			}
+			cfg.Agents[name] = agent
+		}
+	}
+
+	return &cfg
+}
+
+func resolveAgentConfig(agentName string) (backend, model, promptFile, reasoning string, yolo bool) {
+	cfg := loadModelsConfig()
+	if agent, ok := cfg.Agents[agentName]; ok {
+		return agent.Backend, agent.Model, agent.PromptFile, agent.Reasoning, agent.Yolo
+	}
+	return cfg.DefaultBackend, cfg.DefaultModel, "", "", false
+}

codeagent-wrapper/agent_config_test.go

@@ -0,0 +1,208 @@
+package main
+
+import (
+	"os"
+	"path/filepath"
+	"reflect"
+	"testing"
+)
+
+func TestResolveAgentConfig_Defaults(t *testing.T) {
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	// Test that default agents resolve correctly without config file
+	tests := []struct {
+		agent          string
+		wantBackend    string
+		wantModel      string
+		wantPromptFile string
+	}{
+			{"oracle", "claude", "claude-sonnet-4-20250514", "~/.claude/skills/omo/references/oracle.md"},
+			{"librarian", "claude", "claude-sonnet-4-5-20250514", "~/.claude/skills/omo/references/librarian.md"},
+			{"explore", "opencode", "opencode/grok-code", "~/.claude/skills/omo/references/explore.md"},
+			{"frontend-ui-ux-engineer", "gemini", "", "~/.claude/skills/omo/references/frontend-ui-ux-engineer.md"},
+			{"document-writer", "gemini", "", "~/.claude/skills/omo/references/document-writer.md"},
+		}
+
+	for _, tt := range tests {
+		t.Run(tt.agent, func(t *testing.T) {
+			backend, model, promptFile, _, _ := resolveAgentConfig(tt.agent)
+			if backend != tt.wantBackend {
+				t.Errorf("backend = %q, want %q", backend, tt.wantBackend)
+			}
+			if model != tt.wantModel {
+				t.Errorf("model = %q, want %q", model, tt.wantModel)
+			}
+			if promptFile != tt.wantPromptFile {
+				t.Errorf("promptFile = %q, want %q", promptFile, tt.wantPromptFile)
+			}
+		})
+	}
+}
+
+func TestResolveAgentConfig_UnknownAgent(t *testing.T) {
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	backend, model, promptFile, _, _ := resolveAgentConfig("unknown-agent")
+	if backend != "opencode" {
+		t.Errorf("unknown agent backend = %q, want %q", backend, "opencode")
+	}
+	if model != "opencode/grok-code" {
+		t.Errorf("unknown agent model = %q, want %q", model, "opencode/grok-code")
+	}
+	if promptFile != "" {
+		t.Errorf("unknown agent promptFile = %q, want empty", promptFile)
+	}
+}
+
+func TestLoadModelsConfig_NoFile(t *testing.T) {
+	home := "/nonexistent/path/that/does/not/exist"
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	cfg := loadModelsConfig()
+	if cfg.DefaultBackend != "opencode" {
+		t.Errorf("DefaultBackend = %q, want %q", cfg.DefaultBackend, "opencode")
+	}
+	if len(cfg.Agents) != 6 {
+		t.Errorf("len(Agents) = %d, want 6", len(cfg.Agents))
+	}
+}
+
+func TestLoadModelsConfig_WithFile(t *testing.T) {
+	// Create temp dir and config file
+	tmpDir := t.TempDir()
+	configDir := filepath.Join(tmpDir, ".codeagent")
+	if err := os.MkdirAll(configDir, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	configContent := `{
+		"default_backend": "claude",
+		"default_model": "claude-opus-4",
+		"agents": {
+			"custom-agent": {
+				"backend": "codex",
+				"model": "gpt-4o",
+				"description": "Custom agent"
+			}
+		}
+	}`
+	configPath := filepath.Join(configDir, "models.json")
+	if err := os.WriteFile(configPath, []byte(configContent), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	t.Setenv("HOME", tmpDir)
+	t.Setenv("USERPROFILE", tmpDir)
+
+	cfg := loadModelsConfig()
+
+	if cfg.DefaultBackend != "claude" {
+		t.Errorf("DefaultBackend = %q, want %q", cfg.DefaultBackend, "claude")
+	}
+	if cfg.DefaultModel != "claude-opus-4" {
+		t.Errorf("DefaultModel = %q, want %q", cfg.DefaultModel, "claude-opus-4")
+	}
+
+	// Check custom agent
+	if agent, ok := cfg.Agents["custom-agent"]; !ok {
+		t.Error("custom-agent not found")
+	} else {
+		if agent.Backend != "codex" {
+			t.Errorf("custom-agent.Backend = %q, want %q", agent.Backend, "codex")
+		}
+		if agent.Model != "gpt-4o" {
+			t.Errorf("custom-agent.Model = %q, want %q", agent.Model, "gpt-4o")
+		}
+	}
+
+	// Check that defaults are merged
+	if _, ok := cfg.Agents["oracle"]; !ok {
+		t.Error("default agent oracle should be merged")
+	}
+}
+
+func TestLoadModelsConfig_InvalidJSON(t *testing.T) {
+	tmpDir := t.TempDir()
+	configDir := filepath.Join(tmpDir, ".codeagent")
+	if err := os.MkdirAll(configDir, 0755); err != nil {
+		t.Fatal(err)
+	}
+
+	// Write invalid JSON
+	configPath := filepath.Join(configDir, "models.json")
+	if err := os.WriteFile(configPath, []byte("invalid json {"), 0644); err != nil {
+		t.Fatal(err)
+	}
+
+	t.Setenv("HOME", tmpDir)
+	t.Setenv("USERPROFILE", tmpDir)
+
+	cfg := loadModelsConfig()
+	// Should fall back to defaults
+	if cfg.DefaultBackend != "opencode" {
+		t.Errorf("invalid JSON should fallback, got DefaultBackend = %q", cfg.DefaultBackend)
+	}
+}
+
+func TestOpencodeBackend_BuildArgs(t *testing.T) {
+	backend := OpencodeBackend{}
+
+	t.Run("basic", func(t *testing.T) {
+		cfg := &Config{Mode: "new"}
+		got := backend.BuildArgs(cfg, "hello")
+		want := []string{"run", "--format", "json", "hello"}
+		if !reflect.DeepEqual(got, want) {
+			t.Errorf("got %v, want %v", got, want)
+		}
+	})
+
+	t.Run("with model", func(t *testing.T) {
+		cfg := &Config{Mode: "new", Model: "opencode/grok-code"}
+		got := backend.BuildArgs(cfg, "task")
+		want := []string{"run", "-m", "opencode/grok-code", "--format", "json", "task"}
+		if !reflect.DeepEqual(got, want) {
+			t.Errorf("got %v, want %v", got, want)
+		}
+	})
+
+	t.Run("resume mode", func(t *testing.T) {
+		cfg := &Config{Mode: "resume", SessionID: "ses_123", Model: "opencode/grok-code"}
+		got := backend.BuildArgs(cfg, "follow-up")
+		want := []string{"run", "-m", "opencode/grok-code", "-s", "ses_123", "--format", "json", "follow-up"}
+		if !reflect.DeepEqual(got, want) {
+			t.Errorf("got %v, want %v", got, want)
+		}
+	})
+
+	t.Run("resume without session", func(t *testing.T) {
+		cfg := &Config{Mode: "resume"}
+		got := backend.BuildArgs(cfg, "task")
+		want := []string{"run", "--format", "json", "task"}
+		if !reflect.DeepEqual(got, want) {
+			t.Errorf("got %v, want %v", got, want)
+		}
+	})
+}
+
+func TestOpencodeBackend_Interface(t *testing.T) {
+	backend := OpencodeBackend{}
+
+	if backend.Name() != "opencode" {
+		t.Errorf("Name() = %q, want %q", backend.Name(), "opencode")
+	}
+	if backend.Command() != "opencode" {
+		t.Errorf("Command() = %q, want %q", backend.Command(), "opencode")
+	}
+}
+
+func TestBackendRegistry_IncludesOpencode(t *testing.T) {
+	if _, ok := backendRegistry["opencode"]; !ok {
+		t.Error("backendRegistry should include opencode")
+	}
+}

codeagent-wrapper/agent_validation_test.go

@@ -0,0 +1,147 @@
+package main
+
+import (
+	"context"
+	"os"
+	"path/filepath"
+	"testing"
+	"time"
+)
+
+func TestValidateAgentName(t *testing.T) {
+	tests := []struct {
+		name    string
+		input   string
+		wantErr bool
+	}{
+		{name: "simple", input: "develop", wantErr: false},
+		{name: "upper", input: "ABC", wantErr: false},
+		{name: "digits", input: "a1", wantErr: false},
+		{name: "dash underscore", input: "a-b_c", wantErr: false},
+		{name: "empty", input: "", wantErr: true},
+		{name: "space", input: "a b", wantErr: true},
+		{name: "slash", input: "a/b", wantErr: true},
+		{name: "dotdot", input: "../evil", wantErr: true},
+		{name: "unicode", input: "中文", wantErr: true},
+		{name: "symbol", input: "a$b", wantErr: true},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := validateAgentName(tt.input)
+			if (err != nil) != tt.wantErr {
+				t.Fatalf("validateAgentName(%q) err=%v, wantErr=%v", tt.input, err, tt.wantErr)
+			}
+		})
+	}
+}
+
+func TestParseArgs_InvalidAgentNameRejected(t *testing.T) {
+	defer resetTestHooks()
+	os.Args = []string{"codeagent-wrapper", "--agent", "../evil", "task"}
+	if _, err := parseArgs(); err == nil {
+		t.Fatalf("expected parseArgs to reject invalid agent name")
+	}
+}
+
+func TestParseParallelConfig_InvalidAgentNameRejected(t *testing.T) {
+	input := `---TASK---
+id: task-1
+agent: ../evil
+---CONTENT---
+do something`
+	if _, err := parseParallelConfig([]byte(input)); err == nil {
+		t.Fatalf("expected parseParallelConfig to reject invalid agent name")
+	}
+}
+
+func TestParseParallelConfig_ResolvesAgentPromptFile(t *testing.T) {
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	configDir := filepath.Join(home, ".codeagent")
+	if err := os.MkdirAll(configDir, 0o755); err != nil {
+		t.Fatalf("MkdirAll: %v", err)
+	}
+	if err := os.WriteFile(filepath.Join(configDir, "models.json"), []byte(`{
+  "default_backend": "codex",
+  "default_model": "gpt-test",
+  "agents": {
+    "custom-agent": {
+      "backend": "codex",
+      "model": "gpt-test",
+      "prompt_file": "~/.claude/prompt.md"
+    }
+  }
+}`), 0o644); err != nil {
+		t.Fatalf("WriteFile: %v", err)
+	}
+
+	input := `---TASK---
+id: task-1
+agent: custom-agent
+---CONTENT---
+do something`
+	cfg, err := parseParallelConfig([]byte(input))
+	if err != nil {
+		t.Fatalf("parseParallelConfig() unexpected error: %v", err)
+	}
+	if len(cfg.Tasks) != 1 {
+		t.Fatalf("expected 1 task, got %d", len(cfg.Tasks))
+	}
+	if got := cfg.Tasks[0].PromptFile; got != "~/.claude/prompt.md" {
+		t.Fatalf("PromptFile = %q, want %q", got, "~/.claude/prompt.md")
+	}
+}
+
+func TestDefaultRunCodexTaskFn_AppliesAgentPromptFile(t *testing.T) {
+	defer resetTestHooks()
+
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	claudeDir := filepath.Join(home, ".claude")
+	if err := os.MkdirAll(claudeDir, 0o755); err != nil {
+		t.Fatalf("MkdirAll: %v", err)
+	}
+	if err := os.WriteFile(filepath.Join(claudeDir, "prompt.md"), []byte("P\n"), 0o644); err != nil {
+		t.Fatalf("WriteFile: %v", err)
+	}
+
+	fake := newFakeCmd(fakeCmdConfig{
+		StdoutPlan: []fakeStdoutEvent{
+			{Data: `{"type":"item.completed","item":{"type":"agent_message","text":"ok"}}` + "\n"},
+		},
+		WaitDelay: 2 * time.Millisecond,
+	})
+
+	newCommandRunner = func(ctx context.Context, name string, args ...string) commandRunner {
+		return fake
+	}
+	selectBackendFn = func(name string) (Backend, error) {
+		return testBackend{
+			name:    name,
+			command: "fake-cmd",
+			argsFn: func(cfg *Config, targetArg string) []string {
+				return []string{targetArg}
+			},
+		}, nil
+	}
+
+	res := defaultRunCodexTaskFn(TaskSpec{
+		ID:         "t",
+		Task:       "do",
+		Backend:    "codex",
+		PromptFile: "~/.claude/prompt.md",
+	}, 5)
+	if res.ExitCode != 0 {
+		t.Fatalf("unexpected result: %+v", res)
+	}
+
+	want := "<agent-prompt>\nP\n</agent-prompt>\n\ndo"
+	if got := fake.StdinContents(); got != want {
+		t.Fatalf("stdin mismatch:\n got=%q\nwant=%q", got, want)
+	}
+}

codeagent-wrapper/backend.go

@@ -1,5 +1,12 @@
 package main
 
+import (
+	"encoding/json"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
 // Backend defines the contract for invoking different AI CLI backends.
 // Each backend is responsible for supplying the executable command and
 // building the argument list based on the wrapper config.
@@ -26,16 +33,142 @@ func (ClaudeBackend) Command() string {
 	return "claude"
 }
 func (ClaudeBackend) BuildArgs(cfg *Config, targetArg string) []string {
+	return buildClaudeArgs(cfg, targetArg)
+}
+
+const maxClaudeSettingsBytes = 1 << 20 // 1MB
+
+type minimalClaudeSettings struct {
+	Env   map[string]string
+	Model string
+}
+
+// loadMinimalClaudeSettings 从 ~/.claude/settings.json 只提取安全的最小子集：
+// - env: 只接受字符串类型的值
+// - model: 只接受字符串类型的值
+// 文件缺失/解析失败/超限都返回空。
+func loadMinimalClaudeSettings() minimalClaudeSettings {
+	home, err := os.UserHomeDir()
+	if err != nil || home == "" {
+		return minimalClaudeSettings{}
+	}
+
+	settingPath := filepath.Join(home, ".claude", "settings.json")
+	info, err := os.Stat(settingPath)
+	if err != nil || info.Size() > maxClaudeSettingsBytes {
+		return minimalClaudeSettings{}
+	}
+
+	data, err := os.ReadFile(settingPath)
+	if err != nil {
+		return minimalClaudeSettings{}
+	}
+
+	var cfg struct {
+		Env   map[string]any `json:"env"`
+		Model any            `json:"model"`
+	}
+	if err := json.Unmarshal(data, &cfg); err != nil {
+		return minimalClaudeSettings{}
+	}
+
+	out := minimalClaudeSettings{}
+
+	if model, ok := cfg.Model.(string); ok {
+		out.Model = strings.TrimSpace(model)
+	}
+
+	if len(cfg.Env) == 0 {
+		return out
+	}
+
+	env := make(map[string]string, len(cfg.Env))
+	for k, v := range cfg.Env {
+		s, ok := v.(string)
+		if !ok {
+			continue
+		}
+		env[k] = s
+	}
+	if len(env) == 0 {
+		return out
+	}
+	out.Env = env
+	return out
+}
+
+// loadMinimalEnvSettings is kept for backwards tests; prefer loadMinimalClaudeSettings.
+func loadMinimalEnvSettings() map[string]string {
+	settings := loadMinimalClaudeSettings()
+	if len(settings.Env) == 0 {
+		return nil
+	}
+	return settings.Env
+}
+
+// loadGeminiEnv loads environment variables from ~/.gemini/.env
+// Supports GEMINI_API_KEY, GEMINI_MODEL, GOOGLE_GEMINI_BASE_URL
+// Also sets GEMINI_API_KEY_AUTH_MECHANISM=bearer for third-party API compatibility
+func loadGeminiEnv() map[string]string {
+	home, err := os.UserHomeDir()
+	if err != nil || home == "" {
+		return nil
+	}
+
+	envPath := filepath.Join(home, ".gemini", ".env")
+	data, err := os.ReadFile(envPath)
+	if err != nil {
+		return nil
+	}
+
+	env := make(map[string]string)
+	for _, line := range strings.Split(string(data), "\n") {
+		line = strings.TrimSpace(line)
+		if line == "" || strings.HasPrefix(line, "#") {
+			continue
+		}
+		idx := strings.IndexByte(line, '=')
+		if idx <= 0 {
+			continue
+		}
+		key := strings.TrimSpace(line[:idx])
+		value := strings.TrimSpace(line[idx+1:])
+		if key != "" && value != "" {
+			env[key] = value
+		}
+	}
+
+	// Set bearer auth mechanism for third-party API compatibility
+	if _, ok := env["GEMINI_API_KEY"]; ok {
+		if _, hasAuth := env["GEMINI_API_KEY_AUTH_MECHANISM"]; !hasAuth {
+			env["GEMINI_API_KEY_AUTH_MECHANISM"] = "bearer"
+		}
+	}
+
+	if len(env) == 0 {
+		return nil
+	}
+	return env
+}
+
+func buildClaudeArgs(cfg *Config, targetArg string) []string {
 	if cfg == nil {
 		return nil
 	}
 	args := []string{"-p"}
-
-	// Only skip permissions when explicitly requested
-	if cfg.SkipPermissions {
+	// Default to skip permissions unless CODEAGENT_SKIP_PERMISSIONS=false
+	if cfg.SkipPermissions || cfg.Yolo || envFlagDefaultTrue("CODEAGENT_SKIP_PERMISSIONS") {
 		args = append(args, "--dangerously-skip-permissions")
 	}
 
+	// Prevent infinite recursion: disable all setting sources (user, project, local)
+	// This ensures a clean execution environment without CLAUDE.md or skills that would trigger codeagent
+	args = append(args, "--setting-sources", "")
+
+	if model := strings.TrimSpace(cfg.Model); model != "" {
+		args = append(args, "--model", model)
+	}
+
 	if cfg.Mode == "resume" {
 		if cfg.SessionID != "" {
 			// Claude CLI uses -r <session_id> for resume.
@@ -56,11 +189,35 @@ func (GeminiBackend) Command() string {
 	return "gemini"
 }
 func (GeminiBackend) BuildArgs(cfg *Config, targetArg string) []string {
+	return buildGeminiArgs(cfg, targetArg)
+}
+
+type OpencodeBackend struct{}
+
+func (OpencodeBackend) Name() string    { return "opencode" }
+func (OpencodeBackend) Command() string { return "opencode" }
+func (OpencodeBackend) BuildArgs(cfg *Config, targetArg string) []string {
+	args := []string{"run"}
+	if model := strings.TrimSpace(cfg.Model); model != "" {
+		args = append(args, "-m", model)
+	}
+	if cfg.Mode == "resume" && cfg.SessionID != "" {
+		args = append(args, "-s", cfg.SessionID)
+	}
+	args = append(args, "--format", "json", targetArg)
+	return args
+}
+
+func buildGeminiArgs(cfg *Config, targetArg string) []string {
 	if cfg == nil {
 		return nil
 	}
 	args := []string{"-o", "stream-json", "-y"}
 
+	if model := strings.TrimSpace(cfg.Model); model != "" {
+		args = append(args, "-m", model)
+	}
+
 	if cfg.Mode == "resume" {
 		if cfg.SessionID != "" {
 			args = append(args, "-r", cfg.SessionID)
@@ -68,7 +225,13 @@ func (GeminiBackend) BuildArgs(cfg *Config, targetArg string) []string {
 	}
 	// Note: gemini CLI doesn't support -C flag; workdir set via cmd.Dir
 
-	args = append(args, "-p", targetArg)
+	// Use positional argument instead of deprecated -p flag
+	// For stdin mode ("-"), use -p to read from stdin
+	if targetArg == "-" {
+		args = append(args, "-p", targetArg)
+	} else {
+		args = append(args, targetArg)
+	}
 
 	return args
 }

codeagent-wrapper/backend_test.go

@@ -1,6 +1,9 @@
 package main
 
 import (
+	"bytes"
+	"os"
+	"path/filepath"
 	"reflect"
 	"testing"
 )
@@ -8,37 +11,49 @@ import (
 func TestClaudeBuildArgs_ModesAndPermissions(t *testing.T) {
 	backend := ClaudeBackend{}
 
-	t.Run("new mode uses workdir without skip by default", func(t *testing.T) {
+	t.Run("new mode omits skip-permissions when env disabled", func(t *testing.T) {
+		t.Setenv("CODEAGENT_SKIP_PERMISSIONS", "false")
 		cfg := &Config{Mode: "new", WorkDir: "/repo"}
 		got := backend.BuildArgs(cfg, "todo")
-		want := []string{"-p", "--output-format", "stream-json", "--verbose", "todo"}
+		want := []string{"-p", "--setting-sources", "", "--output-format", "stream-json", "--verbose", "todo"}
 		if !reflect.DeepEqual(got, want) {
 			t.Fatalf("got %v, want %v", got, want)
 		}
 	})
 
-	t.Run("new mode opt-in skip permissions with default workdir", func(t *testing.T) {
-		cfg := &Config{Mode: "new", SkipPermissions: true}
+	t.Run("new mode includes skip-permissions by default", func(t *testing.T) {
+		cfg := &Config{Mode: "new", SkipPermissions: false}
 		got := backend.BuildArgs(cfg, "-")
-		want := []string{"-p", "--dangerously-skip-permissions", "--output-format", "stream-json", "--verbose", "-"}
+		want := []string{"-p", "--dangerously-skip-permissions", "--setting-sources", "", "--output-format", "stream-json", "--verbose", "-"}
 		if !reflect.DeepEqual(got, want) {
 			t.Fatalf("got %v, want %v", got, want)
 		}
 	})
 
-	t.Run("resume mode uses session id and omits workdir", func(t *testing.T) {
+	t.Run("resume mode includes session id", func(t *testing.T) {
+		t.Setenv("CODEAGENT_SKIP_PERMISSIONS", "false")
 		cfg := &Config{Mode: "resume", SessionID: "sid-123", WorkDir: "/ignored"}
 		got := backend.BuildArgs(cfg, "resume-task")
-		want := []string{"-p", "-r", "sid-123", "--output-format", "stream-json", "--verbose", "resume-task"}
+		want := []string{"-p", "--setting-sources", "", "-r", "sid-123", "--output-format", "stream-json", "--verbose", "resume-task"}
 		if !reflect.DeepEqual(got, want) {
 			t.Fatalf("got %v, want %v", got, want)
 		}
 	})
 
 	t.Run("resume mode without session still returns base flags", func(t *testing.T) {
+		t.Setenv("CODEAGENT_SKIP_PERMISSIONS", "false")
 		cfg := &Config{Mode: "resume", WorkDir: "/ignored"}
 		got := backend.BuildArgs(cfg, "follow-up")
-		want := []string{"-p", "--output-format", "stream-json", "--verbose", "follow-up"}
+		want := []string{"-p", "--setting-sources", "", "--output-format", "stream-json", "--verbose", "follow-up"}
+		if !reflect.DeepEqual(got, want) {
+			t.Fatalf("got %v, want %v", got, want)
+		}
+	})
+
+	t.Run("resume mode can opt-in skip permissions", func(t *testing.T) {
+		cfg := &Config{Mode: "resume", SessionID: "sid-123", SkipPermissions: true}
+		got := backend.BuildArgs(cfg, "resume-task")
+		want := []string{"-p", "--dangerously-skip-permissions", "--setting-sources", "", "-r", "sid-123", "--output-format", "stream-json", "--verbose", "resume-task"}
 		if !reflect.DeepEqual(got, want) {
 			t.Fatalf("got %v, want %v", got, want)
 		}
@@ -51,12 +66,48 @@ func TestClaudeBuildArgs_ModesAndPermissions(t *testing.T) {
 	})
 }
 
+func TestBackendBuildArgs_Model(t *testing.T) {
+	t.Run("claude includes --model when set", func(t *testing.T) {
+		t.Setenv("CODEAGENT_SKIP_PERMISSIONS", "false")
+		backend := ClaudeBackend{}
+		cfg := &Config{Mode: "new", Model: "opus"}
+		got := backend.BuildArgs(cfg, "todo")
+		want := []string{"-p", "--setting-sources", "", "--model", "opus", "--output-format", "stream-json", "--verbose", "todo"}
+		if !reflect.DeepEqual(got, want) {
+			t.Fatalf("got %v, want %v", got, want)
+		}
+	})
+
+	t.Run("gemini includes -m when set", func(t *testing.T) {
+		backend := GeminiBackend{}
+		cfg := &Config{Mode: "new", Model: "gemini-3-pro-preview"}
+		got := backend.BuildArgs(cfg, "task")
+		want := []string{"-o", "stream-json", "-y", "-m", "gemini-3-pro-preview", "task"}
+		if !reflect.DeepEqual(got, want) {
+			t.Fatalf("got %v, want %v", got, want)
+		}
+	})
+
+	t.Run("codex includes --model when set", func(t *testing.T) {
+		const key = "CODEX_BYPASS_SANDBOX"
+		t.Setenv(key, "false")
+
+		backend := CodexBackend{}
+		cfg := &Config{Mode: "new", WorkDir: "/tmp", Model: "o3"}
+		got := backend.BuildArgs(cfg, "task")
+		want := []string{"e", "--model", "o3", "--skip-git-repo-check", "-C", "/tmp", "--json", "task"}
+		if !reflect.DeepEqual(got, want) {
+			t.Fatalf("got %v, want %v", got, want)
+		}
+	})
+}
+
 func TestClaudeBuildArgs_GeminiAndCodexModes(t *testing.T) {
 	t.Run("gemini new mode defaults workdir", func(t *testing.T) {
 		backend := GeminiBackend{}
 		cfg := &Config{Mode: "new", WorkDir: "/workspace"}
 		got := backend.BuildArgs(cfg, "task")
-		want := []string{"-o", "stream-json", "-y", "-p", "task"}
+		want := []string{"-o", "stream-json", "-y", "task"}
 		if !reflect.DeepEqual(got, want) {
 			t.Fatalf("got %v, want %v", got, want)
 		}
@@ -66,7 +117,7 @@ func TestClaudeBuildArgs_GeminiAndCodexModes(t *testing.T) {
 		backend := GeminiBackend{}
 		cfg := &Config{Mode: "resume", SessionID: "sid-999"}
 		got := backend.BuildArgs(cfg, "resume")
-		want := []string{"-o", "stream-json", "-y", "-r", "sid-999", "-p", "resume"}
+		want := []string{"-o", "stream-json", "-y", "-r", "sid-999", "resume"}
 		if !reflect.DeepEqual(got, want) {
 			t.Fatalf("got %v, want %v", got, want)
 		}
@@ -76,7 +127,7 @@ func TestClaudeBuildArgs_GeminiAndCodexModes(t *testing.T) {
 		backend := GeminiBackend{}
 		cfg := &Config{Mode: "resume"}
 		got := backend.BuildArgs(cfg, "resume")
-		want := []string{"-o", "stream-json", "-y", "-p", "resume"}
+		want := []string{"-o", "stream-json", "-y", "resume"}
 		if !reflect.DeepEqual(got, want) {
 			t.Fatalf("got %v, want %v", got, want)
 		}
@@ -89,7 +140,20 @@ func TestClaudeBuildArgs_GeminiAndCodexModes(t *testing.T) {
 		}
 	})
 
-	t.Run("codex build args passthrough remains intact", func(t *testing.T) {
+	t.Run("gemini stdin mode uses -p flag", func(t *testing.T) {
+		backend := GeminiBackend{}
+		cfg := &Config{Mode: "new"}
+		got := backend.BuildArgs(cfg, "-")
+		want := []string{"-o", "stream-json", "-y", "-p", "-"}
+		if !reflect.DeepEqual(got, want) {
+			t.Fatalf("got %v, want %v", got, want)
+		}
+	})
+
+	t.Run("codex build args omits bypass flag by default", func(t *testing.T) {
+		const key = "CODEX_BYPASS_SANDBOX"
+		t.Setenv(key, "false")
+
 		backend := CodexBackend{}
 		cfg := &Config{Mode: "new", WorkDir: "/tmp"}
 		got := backend.BuildArgs(cfg, "task")
@@ -98,6 +162,19 @@ func TestClaudeBuildArgs_GeminiAndCodexModes(t *testing.T) {
 			t.Fatalf("got %v, want %v", got, want)
 		}
 	})
+
+	t.Run("codex build args includes bypass flag when enabled", func(t *testing.T) {
+		const key = "CODEX_BYPASS_SANDBOX"
+		t.Setenv(key, "true")
+
+		backend := CodexBackend{}
+		cfg := &Config{Mode: "new", WorkDir: "/tmp"}
+		got := backend.BuildArgs(cfg, "task")
+		want := []string{"e", "--dangerously-bypass-approvals-and-sandbox", "--skip-git-repo-check", "-C", "/tmp", "--json", "task"}
+		if !reflect.DeepEqual(got, want) {
+			t.Fatalf("got %v, want %v", got, want)
+		}
+	})
 }
 
 func TestClaudeBuildArgs_BackendMetadata(t *testing.T) {
@@ -120,3 +197,64 @@ func TestClaudeBuildArgs_BackendMetadata(t *testing.T) {
 		}
 	}
 }
+
+func TestLoadMinimalEnvSettings(t *testing.T) {
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	t.Run("missing file returns empty", func(t *testing.T) {
+		if got := loadMinimalEnvSettings(); len(got) != 0 {
+			t.Fatalf("got %v, want empty", got)
+		}
+	})
+
+	t.Run("valid env returns string map", func(t *testing.T) {
+		dir := filepath.Join(home, ".claude")
+		if err := os.MkdirAll(dir, 0o755); err != nil {
+			t.Fatalf("MkdirAll: %v", err)
+		}
+		path := filepath.Join(dir, "settings.json")
+		data := []byte(`{"env":{"ANTHROPIC_API_KEY":"secret","FOO":"bar"}}`)
+		if err := os.WriteFile(path, data, 0o600); err != nil {
+			t.Fatalf("WriteFile: %v", err)
+		}
+
+		got := loadMinimalEnvSettings()
+		if got["ANTHROPIC_API_KEY"] != "secret" || got["FOO"] != "bar" {
+			t.Fatalf("got %v, want keys present", got)
+		}
+	})
+
+	t.Run("non-string values are ignored", func(t *testing.T) {
+		dir := filepath.Join(home, ".claude")
+		path := filepath.Join(dir, "settings.json")
+		data := []byte(`{"env":{"GOOD":"ok","BAD":123,"ALSO_BAD":true}}`)
+		if err := os.WriteFile(path, data, 0o600); err != nil {
+			t.Fatalf("WriteFile: %v", err)
+		}
+
+		got := loadMinimalEnvSettings()
+		if got["GOOD"] != "ok" {
+			t.Fatalf("got %v, want GOOD=ok", got)
+		}
+		if _, ok := got["BAD"]; ok {
+			t.Fatalf("got %v, want BAD omitted", got)
+		}
+		if _, ok := got["ALSO_BAD"]; ok {
+			t.Fatalf("got %v, want ALSO_BAD omitted", got)
+		}
+	})
+
+	t.Run("oversized file returns empty", func(t *testing.T) {
+		dir := filepath.Join(home, ".claude")
+		path := filepath.Join(dir, "settings.json")
+		data := bytes.Repeat([]byte("a"), maxClaudeSettingsBytes+1)
+		if err := os.WriteFile(path, data, 0o600); err != nil {
+			t.Fatalf("WriteFile: %v", err)
+		}
+		if got := loadMinimalEnvSettings(); len(got) != 0 {
+			t.Fatalf("got %v, want empty", got)
+		}
+	})
+}

codeagent-wrapper/concurrent_stress_test.go

@@ -13,6 +13,16 @@ import (
 	"time"
 )
 
+func stripTimestampPrefix(line string) string {
+	if !strings.HasPrefix(line, "[") {
+		return line
+	}
+	if idx := strings.Index(line, "] "); idx >= 0 {
+		return line[idx+2:]
+	}
+	return line
+}
+
 // TestConcurrentStressLogger 高并发压力测试
 func TestConcurrentStressLogger(t *testing.T) {
 	if testing.Short() {
@@ -76,10 +86,11 @@ func TestConcurrentStressLogger(t *testing.T) {
 	t.Logf("Successfully wrote %d/%d logs (%.1f%%)",
 		actualCount, totalExpected, float64(actualCount)/float64(totalExpected)*100)
 
-	// 验证日志格式
-	formatRE := regexp.MustCompile(`^\[\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}\.\d{3}\] \[PID:\d+\] INFO: goroutine-`)
+	// 验证日志格式（纯文本，无前缀）
+	formatRE := regexp.MustCompile(`^goroutine-\d+-msg-\d+$`)
 	for i, line := range lines[:min(10, len(lines))] {
-		if !formatRE.MatchString(line) {
+		msg := stripTimestampPrefix(line)
+		if !formatRE.MatchString(msg) {
 			t.Errorf("line %d has invalid format: %s", i, line)
 		}
 	}
@@ -291,18 +302,15 @@ func TestLoggerOrderPreservation(t *testing.T) {
 	sequences := make(map[int][]int) // goroutine ID -> sequence numbers
 
 	for scanner.Scan() {
-		line := scanner.Text()
+		line := stripTimestampPrefix(scanner.Text())
 		var gid, seq int
-		parts := strings.SplitN(line, " INFO: ", 2)
-		if len(parts) != 2 {
-			t.Errorf("invalid log format: %s", line)
+		// Parse format: G0-SEQ0001 (without INFO: prefix)
+		_, err := fmt.Sscanf(line, "G%d-SEQ%04d", &gid, &seq)
+		if err != nil {
+			t.Errorf("invalid log format: %s (error: %v)", line, err)
 			continue
 		}
-		if _, err := fmt.Sscanf(parts[1], "G%d-SEQ%d", &gid, &seq); err == nil {
-			sequences[gid] = append(sequences[gid], seq)
-		} else {
-			t.Errorf("failed to parse sequence from line: %s", line)
-		}
+		sequences[gid] = append(sequences[gid], seq)
 	}
 
 	// 验证每个 goroutine 内部顺序

codeagent-wrapper/config.go

@@ -15,10 +15,16 @@ type Config struct {
 	Task               string
 	SessionID          string
 	WorkDir            string
+	Model              string
+	ReasoningEffort    string
 	ExplicitStdin      bool
 	Timeout            int
 	Backend            string
+	Agent              string
+	PromptFile         string
+	PromptFileExplicit bool
 	SkipPermissions    bool
+	Yolo               bool
 	MaxParallelWorkers int
 }
 
@@ -30,15 +36,20 @@ type ParallelConfig struct {
 
 // TaskSpec describes an individual task entry in the parallel config
 type TaskSpec struct {
-	ID           string          `json:"id"`
-	Task         string          `json:"task"`
-	WorkDir      string          `json:"workdir,omitempty"`
-	Dependencies []string        `json:"dependencies,omitempty"`
-	SessionID    string          `json:"session_id,omitempty"`
-	Backend      string          `json:"backend,omitempty"`
-	Mode         string          `json:"-"`
-	UseStdin     bool            `json:"-"`
-	Context      context.Context `json:"-"`
+	ID              string          `json:"id"`
+	Task            string          `json:"task"`
+	WorkDir         string          `json:"workdir,omitempty"`
+	Dependencies    []string        `json:"dependencies,omitempty"`
+	SessionID       string          `json:"session_id,omitempty"`
+	Backend         string          `json:"backend,omitempty"`
+	Model           string          `json:"model,omitempty"`
+	ReasoningEffort string          `json:"reasoning_effort,omitempty"`
+	Agent           string          `json:"agent,omitempty"`
+	PromptFile      string          `json:"prompt_file,omitempty"`
+	SkipPermissions bool            `json:"skip_permissions,omitempty"`
+	Mode            string          `json:"-"`
+	UseStdin        bool            `json:"-"`
+	Context         context.Context `json:"-"`
 }
 
 // TaskResult captures the execution outcome of a task
@@ -49,12 +60,22 @@ type TaskResult struct {
 	SessionID string `json:"session_id"`
 	Error     string `json:"error"`
 	LogPath   string `json:"log_path"`
+	// Structured report fields
+	Coverage       string   `json:"coverage,omitempty"`        // extracted coverage percentage (e.g., "92%")
+	CoverageNum    float64  `json:"coverage_num,omitempty"`    // numeric coverage for comparison
+	CoverageTarget float64  `json:"coverage_target,omitempty"` // target coverage (default 90)
+	FilesChanged   []string `json:"files_changed,omitempty"`   // list of changed files
+	KeyOutput      string   `json:"key_output,omitempty"`      // brief summary of what was done
+	TestsPassed    int      `json:"tests_passed,omitempty"`    // number of tests passed
+	TestsFailed    int      `json:"tests_failed,omitempty"`    // number of tests failed
+	sharedLog      bool
 }
 
 var backendRegistry = map[string]Backend{
-	"codex":  CodexBackend{},
-	"claude": ClaudeBackend{},
-	"gemini": GeminiBackend{},
+	"codex":    CodexBackend{},
+	"claude":   ClaudeBackend{},
+	"gemini":   GeminiBackend{},
+	"opencode": OpencodeBackend{},
 }
 
 func selectBackend(name string) (Backend, error) {
@@ -94,6 +115,32 @@ func parseBoolFlag(val string, defaultValue bool) bool {
 	}
 }
 
+// envFlagDefaultTrue returns true unless the env var is explicitly set to false/0/no/off.
+func envFlagDefaultTrue(key string) bool {
+	val, ok := os.LookupEnv(key)
+	if !ok {
+		return true
+	}
+	return parseBoolFlag(val, true)
+}
+
+func validateAgentName(name string) error {
+	if strings.TrimSpace(name) == "" {
+		return fmt.Errorf("agent name is empty")
+	}
+	for _, r := range name {
+		switch {
+		case r >= 'a' && r <= 'z':
+		case r >= 'A' && r <= 'Z':
+		case r >= '0' && r <= '9':
+		case r == '-', r == '_':
+		default:
+			return fmt.Errorf("agent name %q contains invalid character %q", name, r)
+		}
+	}
+	return nil
+}
+
 func parseParallelConfig(data []byte) (*ParallelConfig, error) {
 	trimmed := bytes.TrimSpace(data)
 	if len(trimmed) == 0 {
@@ -121,6 +168,7 @@ func parseParallelConfig(data []byte) (*ParallelConfig, error) {
 		content := strings.TrimSpace(parts[1])
 
 		task := TaskSpec{WorkDir: defaultWorkdir}
+		agentSpecified := false
 		for _, line := range strings.Split(meta, "\n") {
 			line = strings.TrimSpace(line)
 			if line == "" {
@@ -137,12 +185,29 @@ func parseParallelConfig(data []byte) (*ParallelConfig, error) {
 			case "id":
 				task.ID = value
 			case "workdir":
+				// Validate workdir: "-" is not a valid directory
+				if value == "-" {
+					return nil, fmt.Errorf("task block #%d has invalid workdir: '-' is not a valid directory path", taskIndex)
+				}
 				task.WorkDir = value
 			case "session_id":
 				task.SessionID = value
 				task.Mode = "resume"
 			case "backend":
 				task.Backend = value
+			case "model":
+				task.Model = value
+			case "reasoning_effort":
+				task.ReasoningEffort = value
+			case "agent":
+				agentSpecified = true
+				task.Agent = value
+			case "skip_permissions", "skip-permissions":
+				if value == "" {
+					task.SkipPermissions = true
+					continue
+				}
+				task.SkipPermissions = parseBoolFlag(value, false)
 			case "dependencies":
 				for _, dep := range strings.Split(value, ",") {
 					dep = strings.TrimSpace(dep)
@@ -157,12 +222,35 @@ func parseParallelConfig(data []byte) (*ParallelConfig, error) {
 			task.Mode = "new"
 		}
 
+		if agentSpecified {
+			if strings.TrimSpace(task.Agent) == "" {
+				return nil, fmt.Errorf("task block #%d has empty agent field", taskIndex)
+			}
+			if err := validateAgentName(task.Agent); err != nil {
+				return nil, fmt.Errorf("task block #%d invalid agent name: %w", taskIndex, err)
+			}
+			backend, model, promptFile, reasoning, _ := resolveAgentConfig(task.Agent)
+			if task.Backend == "" {
+				task.Backend = backend
+			}
+			if task.Model == "" {
+				task.Model = model
+			}
+			if task.ReasoningEffort == "" {
+				task.ReasoningEffort = reasoning
+			}
+			task.PromptFile = promptFile
+		}
+
 		if task.ID == "" {
 			return nil, fmt.Errorf("task block #%d missing id field", taskIndex)
 		}
 		if content == "" {
 			return nil, fmt.Errorf("task block #%d (%q) missing content", taskIndex, task.ID)
 		}
+		if task.Mode == "resume" && strings.TrimSpace(task.SessionID) == "" {
+			return nil, fmt.Errorf("task block #%d (%q) has empty session_id", taskIndex, task.ID)
+		}
 		if _, exists := seen[task.ID]; exists {
 			return nil, fmt.Errorf("task block #%d has duplicate id: %s", taskIndex, task.ID)
 		}
@@ -186,11 +274,81 @@ func parseArgs() (*Config, error) {
 	}
 
 	backendName := defaultBackendName
+	model := ""
+	reasoningEffort := ""
+	agentName := ""
+	promptFile := ""
+	promptFileExplicit := false
+	yolo := false
 	skipPermissions := envFlagEnabled("CODEAGENT_SKIP_PERMISSIONS")
 	filtered := make([]string, 0, len(args))
 	for i := 0; i < len(args); i++ {
 		arg := args[i]
 		switch {
+		case arg == "--agent":
+			if i+1 >= len(args) {
+				return nil, fmt.Errorf("--agent flag requires a value")
+			}
+			value := strings.TrimSpace(args[i+1])
+			if value == "" {
+				return nil, fmt.Errorf("--agent flag requires a value")
+			}
+			if err := validateAgentName(value); err != nil {
+				return nil, fmt.Errorf("--agent flag invalid value: %w", err)
+			}
+			resolvedBackend, resolvedModel, resolvedPromptFile, resolvedReasoning, resolvedYolo := resolveAgentConfig(value)
+			backendName = resolvedBackend
+			model = resolvedModel
+			if !promptFileExplicit {
+				promptFile = resolvedPromptFile
+			}
+			if reasoningEffort == "" {
+				reasoningEffort = resolvedReasoning
+			}
+			yolo = resolvedYolo
+			agentName = value
+			i++
+			continue
+		case strings.HasPrefix(arg, "--agent="):
+			value := strings.TrimSpace(strings.TrimPrefix(arg, "--agent="))
+			if value == "" {
+				return nil, fmt.Errorf("--agent flag requires a value")
+			}
+			if err := validateAgentName(value); err != nil {
+				return nil, fmt.Errorf("--agent flag invalid value: %w", err)
+			}
+			resolvedBackend, resolvedModel, resolvedPromptFile, resolvedReasoning, resolvedYolo := resolveAgentConfig(value)
+			backendName = resolvedBackend
+			model = resolvedModel
+			if !promptFileExplicit {
+				promptFile = resolvedPromptFile
+			}
+			if reasoningEffort == "" {
+				reasoningEffort = resolvedReasoning
+			}
+			yolo = resolvedYolo
+			agentName = value
+			continue
+		case arg == "--prompt-file":
+			if i+1 >= len(args) {
+				return nil, fmt.Errorf("--prompt-file flag requires a value")
+			}
+			value := strings.TrimSpace(args[i+1])
+			if value == "" {
+				return nil, fmt.Errorf("--prompt-file flag requires a value")
+			}
+			promptFile = value
+			promptFileExplicit = true
+			i++
+			continue
+		case strings.HasPrefix(arg, "--prompt-file="):
+			value := strings.TrimSpace(strings.TrimPrefix(arg, "--prompt-file="))
+			if value == "" {
+				return nil, fmt.Errorf("--prompt-file flag requires a value")
+			}
+			promptFile = value
+			promptFileExplicit = true
+			continue
 		case arg == "--backend":
 			if i+1 >= len(args) {
 				return nil, fmt.Errorf("--backend flag requires a value")
@@ -208,6 +366,38 @@ func parseArgs() (*Config, error) {
 		case arg == "--skip-permissions", arg == "--dangerously-skip-permissions":
 			skipPermissions = true
 			continue
+		case arg == "--model":
+			if i+1 >= len(args) {
+				return nil, fmt.Errorf("--model flag requires a value")
+			}
+			model = args[i+1]
+			i++
+			continue
+		case strings.HasPrefix(arg, "--model="):
+			value := strings.TrimPrefix(arg, "--model=")
+			if value == "" {
+				return nil, fmt.Errorf("--model flag requires a value")
+			}
+			model = value
+			continue
+		case arg == "--reasoning-effort":
+			if i+1 >= len(args) {
+				return nil, fmt.Errorf("--reasoning-effort flag requires a value")
+			}
+			value := strings.TrimSpace(args[i+1])
+			if value == "" {
+				return nil, fmt.Errorf("--reasoning-effort flag requires a value")
+			}
+			reasoningEffort = value
+			i++
+			continue
+		case strings.HasPrefix(arg, "--reasoning-effort="):
+			value := strings.TrimSpace(strings.TrimPrefix(arg, "--reasoning-effort="))
+			if value == "" {
+				return nil, fmt.Errorf("--reasoning-effort flag requires a value")
+			}
+			reasoningEffort = value
+			continue
 		case strings.HasPrefix(arg, "--skip-permissions="):
 			skipPermissions = parseBoolFlag(strings.TrimPrefix(arg, "--skip-permissions="), skipPermissions)
 			continue
@@ -223,7 +413,7 @@ func parseArgs() (*Config, error) {
 	}
 	args = filtered
 
-	cfg := &Config{WorkDir: defaultWorkdir, Backend: backendName, SkipPermissions: skipPermissions}
+	cfg := &Config{WorkDir: defaultWorkdir, Backend: backendName, Agent: agentName, PromptFile: promptFile, PromptFileExplicit: promptFileExplicit, SkipPermissions: skipPermissions, Yolo: yolo, Model: strings.TrimSpace(model), ReasoningEffort: strings.TrimSpace(reasoningEffort)}
 	cfg.MaxParallelWorkers = resolveMaxParallelWorkers()
 
 	if args[0] == "resume" {
@@ -231,10 +421,17 @@ func parseArgs() (*Config, error) {
 			return nil, fmt.Errorf("resume mode requires: resume <session_id> <task>")
 		}
 		cfg.Mode = "resume"
-		cfg.SessionID = args[1]
+		cfg.SessionID = strings.TrimSpace(args[1])
+		if cfg.SessionID == "" {
+			return nil, fmt.Errorf("resume mode requires non-empty session_id")
+		}
 		cfg.Task = args[2]
 		cfg.ExplicitStdin = (args[2] == "-")
 		if len(args) > 3 {
+			// Validate workdir: "-" is not a valid directory
+			if args[3] == "-" {
+				return nil, fmt.Errorf("invalid workdir: '-' is not a valid directory path")
+			}
 			cfg.WorkDir = args[3]
 		}
 	} else {
@@ -242,6 +439,10 @@ func parseArgs() (*Config, error) {
 		cfg.Task = args[0]
 		cfg.ExplicitStdin = (args[0] == "-")
 		if len(args) > 1 {
+			// Validate workdir: "-" is not a valid directory
+			if args[1] == "-" {
+				return nil, fmt.Errorf("invalid workdir: '-' is not a valid directory path")
+			}
 			cfg.WorkDir = args[1]
 		}
 	}

codeagent-wrapper/executor.go

@@ -16,14 +16,19 @@ import (
 	"time"
 )
 
+const postMessageTerminateDelay = 1 * time.Second
+const forceKillWaitTimeout = 5 * time.Second
+
 // commandRunner abstracts exec.Cmd for testability
 type commandRunner interface {
 	Start() error
 	Wait() error
 	StdoutPipe() (io.ReadCloser, error)
+	StderrPipe() (io.ReadCloser, error)
 	StdinPipe() (io.WriteCloser, error)
 	SetStderr(io.Writer)
 	SetDir(string)
+	SetEnv(env map[string]string)
 	Process() processHandle
 }
 
@@ -60,6 +65,13 @@ func (r *realCmd) StdoutPipe() (io.ReadCloser, error) {
 	return r.cmd.StdoutPipe()
 }
 
+func (r *realCmd) StderrPipe() (io.ReadCloser, error) {
+	if r.cmd == nil {
+		return nil, errors.New("command is nil")
+	}
+	return r.cmd.StderrPipe()
+}
+
 func (r *realCmd) StdinPipe() (io.WriteCloser, error) {
 	if r.cmd == nil {
 		return nil, errors.New("command is nil")
@@ -79,6 +91,52 @@ func (r *realCmd) SetDir(dir string) {
 	}
 }
 
+func (r *realCmd) SetEnv(env map[string]string) {
+	if r == nil || r.cmd == nil || len(env) == 0 {
+		return
+	}
+
+	merged := make(map[string]string, len(env)+len(os.Environ()))
+	for _, kv := range os.Environ() {
+		if kv == "" {
+			continue
+		}
+		idx := strings.IndexByte(kv, '=')
+		if idx <= 0 {
+			continue
+		}
+		merged[kv[:idx]] = kv[idx+1:]
+	}
+	for _, kv := range r.cmd.Env {
+		if kv == "" {
+			continue
+		}
+		idx := strings.IndexByte(kv, '=')
+		if idx <= 0 {
+			continue
+		}
+		merged[kv[:idx]] = kv[idx+1:]
+	}
+	for k, v := range env {
+		if strings.TrimSpace(k) == "" {
+			continue
+		}
+		merged[k] = v
+	}
+
+	keys := make([]string, 0, len(merged))
+	for k := range merged {
+		keys = append(keys, k)
+	}
+	sort.Strings(keys)
+
+	out := make([]string, 0, len(keys))
+	for _, k := range keys {
+		out = append(out, k+"="+merged[k])
+	}
+	r.cmd.Env = out
+}
+
 func (r *realCmd) Process() processHandle {
 	if r == nil || r.cmd == nil || r.cmd.Process == nil {
 		return nil
@@ -122,13 +180,70 @@ type parseResult struct {
 	threadID string
 }
 
-var runCodexTaskFn = func(task TaskSpec, timeout int) TaskResult {
+type taskLoggerContextKey struct{}
+
+func withTaskLogger(ctx context.Context, logger *Logger) context.Context {
+	if ctx == nil || logger == nil {
+		return ctx
+	}
+	return context.WithValue(ctx, taskLoggerContextKey{}, logger)
+}
+
+func taskLoggerFromContext(ctx context.Context) *Logger {
+	if ctx == nil {
+		return nil
+	}
+	logger, _ := ctx.Value(taskLoggerContextKey{}).(*Logger)
+	return logger
+}
+
+type taskLoggerHandle struct {
+	logger  *Logger
+	path    string
+	shared  bool
+	closeFn func()
+}
+
+func newTaskLoggerHandle(taskID string) taskLoggerHandle {
+	taskLogger, err := NewLoggerWithSuffix(taskID)
+	if err == nil {
+		return taskLoggerHandle{
+			logger:  taskLogger,
+			path:    taskLogger.Path(),
+			closeFn: func() { _ = taskLogger.Close() },
+		}
+	}
+
+	msg := fmt.Sprintf("Failed to create task logger for %s: %v, using main logger", taskID, err)
+	mainLogger := activeLogger()
+	if mainLogger != nil {
+		logWarn(msg)
+		return taskLoggerHandle{
+			logger: mainLogger,
+			path:   mainLogger.Path(),
+			shared: true,
+		}
+	}
+
+	fmt.Fprintln(os.Stderr, msg)
+	return taskLoggerHandle{}
+}
+
+// defaultRunCodexTaskFn is the default implementation of runCodexTaskFn (exposed for test reset)
+func defaultRunCodexTaskFn(task TaskSpec, timeout int) TaskResult {
 	if task.WorkDir == "" {
 		task.WorkDir = defaultWorkdir
 	}
 	if task.Mode == "" {
 		task.Mode = "new"
 	}
+	if strings.TrimSpace(task.PromptFile) != "" {
+		prompt, err := readAgentPromptFile(task.PromptFile, false)
+		if err != nil {
+			return TaskResult{TaskID: task.ID, ExitCode: 1, Error: "failed to read prompt file: " + err.Error()}
+		}
+		task.Task = wrapTaskWithAgentPrompt(prompt, task.Task)
+	}
 	if task.UseStdin || shouldUseStdin(task.Task, false) {
 		task.UseStdin = true
 	}
@@ -151,6 +266,8 @@ var runCodexTaskFn = func(task TaskSpec, timeout int) TaskResult {
 	return runCodexTaskWithContext(parentCtx, task, backend, nil, false, true, timeout)
 }
 
+var runCodexTaskFn = defaultRunCodexTaskFn
+
 func topologicalSort(tasks []TaskSpec) ([][]TaskSpec, error) {
 	idToTask := make(map[string]TaskSpec, len(tasks))
 	indegree := make(map[string]int, len(tasks))
@@ -235,13 +352,8 @@ func executeConcurrentWithContext(parentCtx context.Context, layers [][]TaskSpec
 	var startPrintMu sync.Mutex
 	bannerPrinted := false
 
-	printTaskStart := func(taskID string) {
-		logger := activeLogger()
-		if logger == nil {
-			return
-		}
-		path := logger.Path()
-		if path == "" {
+	printTaskStart := func(taskID, logPath string, shared bool) {
+		if logPath == "" {
 			return
 		}
 		startPrintMu.Lock()
@@ -249,7 +361,11 @@ func executeConcurrentWithContext(parentCtx context.Context, layers [][]TaskSpec
 			fmt.Fprintln(os.Stderr, "=== Starting Parallel Execution ===")
 			bannerPrinted = true
 		}
-		fmt.Fprintf(os.Stderr, "Task %s: Log: %s\n", taskID, path)
+		label := "Log"
+		if shared {
+			label = "Log (shared)"
+		}
+		fmt.Fprintf(os.Stderr, "Task %s: %s: %s\n", taskID, label, logPath)
 		startPrintMu.Unlock()
 	}
 
@@ -319,9 +435,11 @@ func executeConcurrentWithContext(parentCtx context.Context, layers [][]TaskSpec
 			wg.Add(1)
 			go func(ts TaskSpec) {
 				defer wg.Done()
+				var taskLogPath string
+				handle := taskLoggerHandle{}
 				defer func() {
 					if r := recover(); r != nil {
-						resultsCh <- TaskResult{TaskID: ts.ID, ExitCode: 1, Error: fmt.Sprintf("panic: %v", r)}
+						resultsCh <- TaskResult{TaskID: ts.ID, ExitCode: 1, Error: fmt.Sprintf("panic: %v", r), LogPath: taskLogPath, sharedLog: handle.shared}
 					}
 				}()
 
@@ -338,9 +456,31 @@ func executeConcurrentWithContext(parentCtx context.Context, layers [][]TaskSpec
 					logConcurrencyState("done", ts.ID, int(after), workerLimit)
 				}()
 
-				ts.Context = ctx
-				printTaskStart(ts.ID)
-				resultsCh <- runCodexTaskFn(ts, timeout)
+				handle = newTaskLoggerHandle(ts.ID)
+				taskLogPath = handle.path
+				if handle.closeFn != nil {
+					defer handle.closeFn()
+				}
+
+				taskCtx := ctx
+				if handle.logger != nil {
+					taskCtx = withTaskLogger(ctx, handle.logger)
+				}
+				ts.Context = taskCtx
+
+				printTaskStart(ts.ID, taskLogPath, handle.shared)
+
+				res := runCodexTaskFn(ts, timeout)
+				if taskLogPath != "" {
+					if res.LogPath == "" || (handle.shared && handle.logger != nil && res.LogPath == handle.logger.Path()) {
+						res.LogPath = taskLogPath
+					}
+				}
+				// 只有当最终的 LogPath 确实是共享 logger 的路径时才标记为 shared
+				if handle.shared && handle.logger != nil && res.LogPath == handle.logger.Path() {
+					res.sharedLog = true
+				}
+				resultsCh <- res
 			}(task)
 		}
 
@@ -387,64 +527,264 @@ func shouldSkipTask(task TaskSpec, failed map[string]TaskResult) (bool, string)
 	return true, fmt.Sprintf("skipped due to failed dependencies: %s", strings.Join(blocked, ","))
 }
 
-func generateFinalOutput(results []TaskResult) string {
-	var sb strings.Builder
+// getStatusSymbols returns status symbols based on ASCII mode.
+func getStatusSymbols() (success, warning, failed string) {
+	if os.Getenv("CODEAGENT_ASCII_MODE") == "true" {
+		return "PASS", "WARN", "FAIL"
+	}
+	return "✓", "⚠️", "✗"
+}
 
+func generateFinalOutput(results []TaskResult) string {
+	return generateFinalOutputWithMode(results, true) // default to summary mode
+}
+
+// generateFinalOutputWithMode generates output based on mode
+// summaryOnly=true: structured report - every token has value
+// summaryOnly=false: full output with complete messages (legacy behavior)
+func generateFinalOutputWithMode(results []TaskResult, summaryOnly bool) string {
+	var sb strings.Builder
+	successSymbol, warningSymbol, failedSymbol := getStatusSymbols()
+
+	reportCoverageTarget := defaultCoverageTarget
+	for _, res := range results {
+		if res.CoverageTarget > 0 {
+			reportCoverageTarget = res.CoverageTarget
+			break
+		}
+	}
+
+	// Count results by status
 	success := 0
 	failed := 0
+	belowTarget := 0
 	for _, res := range results {
 		if res.ExitCode == 0 && res.Error == "" {
 			success++
+			target := res.CoverageTarget
+			if target <= 0 {
+				target = reportCoverageTarget
+			}
+			if res.Coverage != "" && target > 0 && res.CoverageNum < target {
+				belowTarget++
+			}
 		} else {
 			failed++
 		}
 	}
 
-	sb.WriteString(fmt.Sprintf("=== Parallel Execution Summary ===\n"))
-	sb.WriteString(fmt.Sprintf("Total: %d | Success: %d | Failed: %d\n\n", len(results), success, failed))
+	if summaryOnly {
+		// Header
+		sb.WriteString("=== Execution Report ===\n")
+		sb.WriteString(fmt.Sprintf("%d tasks | %d passed | %d failed", len(results), success, failed))
+		if belowTarget > 0 {
+			sb.WriteString(fmt.Sprintf(" | %d below %.0f%%", belowTarget, reportCoverageTarget))
+		}
+		sb.WriteString("\n\n")
 
-	for _, res := range results {
-		sb.WriteString(fmt.Sprintf("--- Task: %s ---\n", res.TaskID))
-		if res.Error != "" {
-			sb.WriteString(fmt.Sprintf("Status: FAILED (exit code %d)\nError: %s\n", res.ExitCode, res.Error))
-		} else if res.ExitCode != 0 {
-			sb.WriteString(fmt.Sprintf("Status: FAILED (exit code %d)\n", res.ExitCode))
-		} else {
-			sb.WriteString("Status: SUCCESS\n")
+		// Task Results - each task gets: Did + Files + Tests + Coverage
+		sb.WriteString("## Task Results\n")
+
+		for _, res := range results {
+			taskID := sanitizeOutput(res.TaskID)
+			coverage := sanitizeOutput(res.Coverage)
+			keyOutput := sanitizeOutput(res.KeyOutput)
+			logPath := sanitizeOutput(res.LogPath)
+			filesChanged := sanitizeOutput(strings.Join(res.FilesChanged, ", "))
+
+			target := res.CoverageTarget
+			if target <= 0 {
+				target = reportCoverageTarget
+			}
+
+			isSuccess := res.ExitCode == 0 && res.Error == ""
+			isBelowTarget := isSuccess && coverage != "" && target > 0 && res.CoverageNum < target
+
+			if isSuccess && !isBelowTarget {
+				// Passed task: one block with Did/Files/Tests
+				sb.WriteString(fmt.Sprintf("\n### %s %s", taskID, successSymbol))
+				if coverage != "" {
+					sb.WriteString(fmt.Sprintf(" %s", coverage))
+				}
+				sb.WriteString("\n")
+
+				if keyOutput != "" {
+					sb.WriteString(fmt.Sprintf("Did: %s\n", keyOutput))
+				}
+				if len(res.FilesChanged) > 0 {
+					sb.WriteString(fmt.Sprintf("Files: %s\n", filesChanged))
+				}
+				if res.TestsPassed > 0 {
+					sb.WriteString(fmt.Sprintf("Tests: %d passed\n", res.TestsPassed))
+				}
+				if logPath != "" {
+					sb.WriteString(fmt.Sprintf("Log: %s\n", logPath))
+				}
+
+			} else if isSuccess && isBelowTarget {
+				// Below target: add Gap info
+				sb.WriteString(fmt.Sprintf("\n### %s %s %s (below %.0f%%)\n", taskID, warningSymbol, coverage, target))
+
+				if keyOutput != "" {
+					sb.WriteString(fmt.Sprintf("Did: %s\n", keyOutput))
+				}
+				if len(res.FilesChanged) > 0 {
+					sb.WriteString(fmt.Sprintf("Files: %s\n", filesChanged))
+				}
+				if res.TestsPassed > 0 {
+					sb.WriteString(fmt.Sprintf("Tests: %d passed\n", res.TestsPassed))
+				}
+				// Extract what's missing from coverage
+				gap := sanitizeOutput(extractCoverageGap(res.Message))
+				if gap != "" {
+					sb.WriteString(fmt.Sprintf("Gap: %s\n", gap))
+				}
+				if logPath != "" {
+					sb.WriteString(fmt.Sprintf("Log: %s\n", logPath))
+				}
+
+			} else {
+				// Failed task: show error detail
+				sb.WriteString(fmt.Sprintf("\n### %s %s FAILED\n", taskID, failedSymbol))
+				sb.WriteString(fmt.Sprintf("Exit code: %d\n", res.ExitCode))
+				if errText := sanitizeOutput(res.Error); errText != "" {
+					sb.WriteString(fmt.Sprintf("Error: %s\n", errText))
+				}
+				// Show context from output (last meaningful lines)
+				detail := sanitizeOutput(extractErrorDetail(res.Message, 300))
+				if detail != "" {
+					sb.WriteString(fmt.Sprintf("Detail: %s\n", detail))
+				}
+				if logPath != "" {
+					sb.WriteString(fmt.Sprintf("Log: %s\n", logPath))
+				}
+			}
 		}
-		if res.SessionID != "" {
-			sb.WriteString(fmt.Sprintf("Session: %s\n", res.SessionID))
+
+		// Summary section
+		sb.WriteString("\n## Summary\n")
+		sb.WriteString(fmt.Sprintf("- %d/%d completed successfully\n", success, len(results)))
+
+		if belowTarget > 0 || failed > 0 {
+			var needFix []string
+			var needCoverage []string
+			for _, res := range results {
+				if res.ExitCode != 0 || res.Error != "" {
+					taskID := sanitizeOutput(res.TaskID)
+					reason := sanitizeOutput(res.Error)
+					if reason == "" && res.ExitCode != 0 {
+						reason = fmt.Sprintf("exit code %d", res.ExitCode)
+					}
+					reason = safeTruncate(reason, 50)
+					needFix = append(needFix, fmt.Sprintf("%s (%s)", taskID, reason))
+					continue
+				}
+
+				target := res.CoverageTarget
+				if target <= 0 {
+					target = reportCoverageTarget
+				}
+				if res.Coverage != "" && target > 0 && res.CoverageNum < target {
+					needCoverage = append(needCoverage, sanitizeOutput(res.TaskID))
+				}
+			}
+			if len(needFix) > 0 {
+				sb.WriteString(fmt.Sprintf("- Fix: %s\n", strings.Join(needFix, ", ")))
+			}
+			if len(needCoverage) > 0 {
+				sb.WriteString(fmt.Sprintf("- Coverage: %s\n", strings.Join(needCoverage, ", ")))
+			}
 		}
-		if res.LogPath != "" {
-			sb.WriteString(fmt.Sprintf("Log: %s\n", res.LogPath))
+
+	} else {
+		// Legacy full output mode
+		sb.WriteString("=== Parallel Execution Summary ===\n")
+		sb.WriteString(fmt.Sprintf("Total: %d | Success: %d | Failed: %d\n\n", len(results), success, failed))
+
+		for _, res := range results {
+			taskID := sanitizeOutput(res.TaskID)
+			sb.WriteString(fmt.Sprintf("--- Task: %s ---\n", taskID))
+			if res.Error != "" {
+				sb.WriteString(fmt.Sprintf("Status: FAILED (exit code %d)\nError: %s\n", res.ExitCode, sanitizeOutput(res.Error)))
+			} else if res.ExitCode != 0 {
+				sb.WriteString(fmt.Sprintf("Status: FAILED (exit code %d)\n", res.ExitCode))
+			} else {
+				sb.WriteString("Status: SUCCESS\n")
+			}
+			if res.Coverage != "" {
+				sb.WriteString(fmt.Sprintf("Coverage: %s\n", sanitizeOutput(res.Coverage)))
+			}
+			if res.SessionID != "" {
+				sb.WriteString(fmt.Sprintf("Session: %s\n", sanitizeOutput(res.SessionID)))
+			}
+			if res.LogPath != "" {
+				logPath := sanitizeOutput(res.LogPath)
+				if res.sharedLog {
+					sb.WriteString(fmt.Sprintf("Log: %s (shared)\n", logPath))
+				} else {
+					sb.WriteString(fmt.Sprintf("Log: %s\n", logPath))
+				}
+			}
+			if res.Message != "" {
+				message := sanitizeOutput(res.Message)
+				if message != "" {
+					sb.WriteString(fmt.Sprintf("\n%s\n", message))
+				}
+			}
+			sb.WriteString("\n")
 		}
-		if res.Message != "" {
-			sb.WriteString(fmt.Sprintf("\n%s\n", res.Message))
-		}
-		sb.WriteString("\n")
 	}
 
 	return sb.String()
 }
 
 func buildCodexArgs(cfg *Config, targetArg string) []string {
-	if cfg.Mode == "resume" {
-		return []string{
-			"e",
-			"--skip-git-repo-check",
-			"--json",
-			"resume",
-			cfg.SessionID,
-			targetArg,
+	if cfg == nil {
+		panic("buildCodexArgs: nil config")
+	}
+
+	var resumeSessionID string
+	isResume := cfg.Mode == "resume"
+	if isResume {
+		resumeSessionID = strings.TrimSpace(cfg.SessionID)
+		if resumeSessionID == "" {
+			logError("invalid config: resume mode requires non-empty session_id")
+			isResume = false
 		}
 	}
-	return []string{
-		"e",
-		"--skip-git-repo-check",
+
+	args := []string{"e"}
+
+	// Default to bypass sandbox unless CODEX_BYPASS_SANDBOX=false
+	if cfg.Yolo || envFlagDefaultTrue("CODEX_BYPASS_SANDBOX") {
+		logWarn("YOLO mode or CODEX_BYPASS_SANDBOX enabled: running without approval/sandbox protection")
+		args = append(args, "--dangerously-bypass-approvals-and-sandbox")
+	}
+
+	if model := strings.TrimSpace(cfg.Model); model != "" {
+		args = append(args, "--model", model)
+	}
+
+	if reasoningEffort := strings.TrimSpace(cfg.ReasoningEffort); reasoningEffort != "" {
+		args = append(args, "-c", "model_reasoning_effort="+reasoningEffort)
+	}
+
+	args = append(args, "--skip-git-repo-check")
+
+	if isResume {
+		return append(args,
+			"--json",
+			"resume",
+			resumeSessionID,
+			targetArg,
+		)
+	}
+
+	return append(args,
 		"-C", cfg.WorkDir,
 		"--json",
 		targetArg,
-	}
+	)
 }
 
 func runCodexTask(taskSpec TaskSpec, silent bool, timeoutSec int) TaskResult {
@@ -457,22 +797,26 @@ func runCodexProcess(parentCtx context.Context, codexArgs []string, taskText str
 }
 
 func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backend Backend, customArgs []string, useCustomArgs bool, silent bool, timeoutSec int) TaskResult {
-	result := TaskResult{TaskID: taskSpec.ID}
-	setLogPath := func() {
-		if result.LogPath != "" {
-			return
-		}
-		if logger := activeLogger(); logger != nil {
-			result.LogPath = logger.Path()
-		}
+	if parentCtx == nil {
+		parentCtx = taskSpec.Context
+	}
+	if parentCtx == nil {
+		parentCtx = context.Background()
 	}
 
+	result := TaskResult{TaskID: taskSpec.ID}
+	injectedLogger := taskLoggerFromContext(parentCtx)
+	logger := injectedLogger
+
 	cfg := &Config{
-		Mode:      taskSpec.Mode,
-		Task:      taskSpec.Task,
-		SessionID: taskSpec.SessionID,
-		WorkDir:   taskSpec.WorkDir,
-		Backend:   defaultBackendName,
+		Mode:            taskSpec.Mode,
+		Task:            taskSpec.Task,
+		SessionID:       taskSpec.SessionID,
+		WorkDir:         taskSpec.WorkDir,
+		Model:           taskSpec.Model,
+		ReasoningEffort: taskSpec.ReasoningEffort,
+		SkipPermissions: taskSpec.SkipPermissions,
+		Backend:         defaultBackendName,
 	}
 
 	commandName := codexCommand
@@ -494,6 +838,27 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 		cfg.WorkDir = defaultWorkdir
 	}
 
+	if cfg.Mode == "resume" && strings.TrimSpace(cfg.SessionID) == "" {
+		result.ExitCode = 1
+		result.Error = "resume mode requires non-empty session_id"
+		return result
+	}
+
+	var claudeEnv map[string]string
+	if cfg.Backend == "claude" {
+		settings := loadMinimalClaudeSettings()
+		claudeEnv = settings.Env
+		if cfg.Mode != "resume" && strings.TrimSpace(cfg.Model) == "" && settings.Model != "" {
+			cfg.Model = settings.Model
+		}
+	}
+
+	// Load gemini env from ~/.gemini/.env if exists
+	var geminiEnv map[string]string
+	if cfg.Backend == "gemini" {
+		geminiEnv = loadGeminiEnv()
+	}
+
 	useStdin := taskSpec.UseStdin
 	targetArg := taskSpec.Task
 	if useStdin {
@@ -521,17 +886,17 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 	if silent {
 		// Silent mode: only persist to file when available; avoid stderr noise.
 		logInfoFn = func(msg string) {
-			if logger := activeLogger(); logger != nil {
+			if logger != nil {
 				logger.Info(prefixMsg(msg))
 			}
 		}
 		logWarnFn = func(msg string) {
-			if logger := activeLogger(); logger != nil {
+			if logger != nil {
 				logger.Warn(prefixMsg(msg))
 			}
 		}
 		logErrorFn = func(msg string) {
-			if logger := activeLogger(); logger != nil {
+			if logger != nil {
 				logger.Error(prefixMsg(msg))
 			}
 		}
@@ -547,10 +912,11 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 	var stderrLogger *logWriter
 
 	var tempLogger *Logger
-	if silent && activeLogger() == nil {
+	if logger == nil && silent && activeLogger() == nil {
 		if l, err := NewLogger(); err == nil {
 			setLogger(l)
 			tempLogger = l
+			logger = l
 		}
 	}
 	defer func() {
@@ -558,21 +924,29 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 			_ = closeLogger()
 		}
 	}()
-	defer setLogPath()
-	if logger := activeLogger(); logger != nil {
+	defer func() {
+		if result.LogPath != "" || logger == nil {
+			return
+		}
+		result.LogPath = logger.Path()
+	}()
+	if logger == nil {
+		logger = activeLogger()
+	}
+	if logger != nil {
 		result.LogPath = logger.Path()
 	}
 
 	if !silent {
-		stdoutLogger = newLogWriter("CODEX_STDOUT: ", codexLogLineLimit)
-		stderrLogger = newLogWriter("CODEX_STDERR: ", codexLogLineLimit)
+		// Note: Empty prefix ensures backend output is logged as-is without any wrapper format.
+		// This preserves the original stdout/stderr content from codex/claude/gemini backends.
+		// Trade-off: Reduces distinguishability between stdout/stderr in logs, but maintains
+		// output fidelity which is critical for debugging backend-specific issues.
+		stdoutLogger = newLogWriter("", codexLogLineLimit)
+		stderrLogger = newLogWriter("", codexLogLineLimit)
 	}
 
 	ctx := parentCtx
-	if ctx == nil {
-		ctx = context.Background()
-	}
-
 	ctx, cancel := context.WithTimeout(ctx, time.Duration(timeoutSec)*time.Second)
 	defer cancel()
 	ctx, stop := signal.NotifyContext(ctx, syscall.SIGINT, syscall.SIGTERM)
@@ -584,6 +958,13 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 
 	cmd := newCommandRunner(ctx, commandName, codexArgs...)
 
+	if cfg.Backend == "claude" && len(claudeEnv) > 0 {
+		cmd.SetEnv(claudeEnv)
+	}
+	if cfg.Backend == "gemini" && len(geminiEnv) > 0 {
+		cmd.SetEnv(geminiEnv)
+	}
+
 	// For backends that don't support -C flag (claude, gemini), set working directory via cmd.Dir
 	// Codex passes workdir via -C flag, so we skip setting Dir for it to avoid conflicts
 	if cfg.Mode != "resume" && commandName != "codex" && cfg.WorkDir != "" {
@@ -594,32 +975,48 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 	if stderrLogger != nil {
 		stderrWriters = append(stderrWriters, stderrLogger)
 	}
+
+	// For gemini backend, filter noisy stderr output
+	var stderrFilter *filteringWriter
 	if !silent {
-		stderrWriters = append([]io.Writer{os.Stderr}, stderrWriters...)
+		stderrOut := io.Writer(os.Stderr)
+		if cfg.Backend == "gemini" {
+			stderrFilter = newFilteringWriter(os.Stderr, geminiNoisePatterns)
+			stderrOut = stderrFilter
+		}
+		stderrWriters = append([]io.Writer{stderrOut}, stderrWriters...)
 	}
-	if len(stderrWriters) == 1 {
-		cmd.SetStderr(stderrWriters[0])
-	} else {
-		cmd.SetStderr(io.MultiWriter(stderrWriters...))
+	stderr, err := cmd.StderrPipe()
+	if err != nil {
+		logErrorFn("Failed to create stderr pipe: " + err.Error())
+		result.ExitCode = 1
+		result.Error = attachStderr("failed to create stderr pipe: " + err.Error())
+		return result
 	}
 
 	var stdinPipe io.WriteCloser
-	var err error
 	if useStdin {
 		stdinPipe, err = cmd.StdinPipe()
 		if err != nil {
 			logErrorFn("Failed to create stdin pipe: " + err.Error())
 			result.ExitCode = 1
 			result.Error = attachStderr("failed to create stdin pipe: " + err.Error())
+			closeWithReason(stderr, "stdin-pipe-failed")
 			return result
 		}
 	}
 
+	stderrDone := make(chan error, 1)
+
 	stdout, err := cmd.StdoutPipe()
 	if err != nil {
 		logErrorFn("Failed to create stdout pipe: " + err.Error())
 		result.ExitCode = 1
 		result.Error = attachStderr("failed to create stdout pipe: " + err.Error())
+		closeWithReason(stderr, "stdout-pipe-failed")
+		if stdinPipe != nil {
+			_ = stdinPipe.Close()
+		}
 		return result
 	}
 
@@ -631,6 +1028,7 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 	// Start parse goroutine BEFORE starting the command to avoid race condition
 	// where fast-completing commands close stdout before parser starts reading
 	messageSeen := make(chan struct{}, 1)
+	completeSeen := make(chan struct{}, 1)
 	parseCh := make(chan parseResult, 1)
 	go func() {
 		msg, tid := parseJSONStreamInternal(stdoutReader, logWarnFn, logInfoFn, func() {
@@ -638,13 +1036,27 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 			case messageSeen <- struct{}{}:
 			default:
 			}
+		}, func() {
+			select {
+			case completeSeen <- struct{}{}:
+			default:
+			}
 		})
+		select {
+		case completeSeen <- struct{}{}:
+		default:
+		}
 		parseCh <- parseResult{message: msg, threadID: tid}
 	}()
 
 	logInfoFn(fmt.Sprintf("Starting %s with args: %s %s...", commandName, commandName, strings.Join(codexArgs[:min(5, len(codexArgs))], " ")))
 
 	if err := cmd.Start(); err != nil {
+		closeWithReason(stdout, "start-failed")
+		closeWithReason(stderr, "start-failed")
+		if stdinPipe != nil {
+			_ = stdinPipe.Close()
+		}
 		if strings.Contains(err.Error(), "executable file not found") {
 			msg := fmt.Sprintf("%s command not found in PATH", commandName)
 			logErrorFn(msg)
@@ -659,10 +1071,19 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 	}
 
 	logInfoFn(fmt.Sprintf("Starting %s with PID: %d", commandName, cmd.Process().Pid()))
-	if logger := activeLogger(); logger != nil {
+	if logger != nil {
 		logInfoFn(fmt.Sprintf("Log capturing to: %s", logger.Path()))
 	}
 
+	// Start stderr drain AFTER we know the command started, but BEFORE cmd.Wait can close the pipe.
+	go func() {
+		_, copyErr := io.Copy(io.MultiWriter(stderrWriters...), stderr)
+		if stderrFilter != nil {
+			stderrFilter.Flush()
+		}
+		stderrDone <- copyErr
+	}()
+
 	if useStdin && stdinPipe != nil {
 		logInfoFn(fmt.Sprintf("Writing %d chars to stdin...", len(taskSpec.Task)))
 		go func(data string) {
@@ -675,17 +1096,87 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 	waitCh := make(chan error, 1)
 	go func() { waitCh <- cmd.Wait() }()
 
-	var waitErr error
-	var forceKillTimer *forceKillTimer
-	var ctxCancelled bool
+	var (
+		waitErr              error
+		forceKillTimer       *forceKillTimer
+		ctxCancelled         bool
+		messageTimer         *time.Timer
+		messageTimerCh       <-chan time.Time
+		forcedAfterComplete  bool
+		terminated           bool
+		messageSeenObserved  bool
+		completeSeenObserved bool
+	)
 
-	select {
-	case waitErr = <-waitCh:
-	case <-ctx.Done():
-		ctxCancelled = true
-		logErrorFn(cancelReason(commandName, ctx))
-		forceKillTimer = terminateCommandFn(cmd)
-		waitErr = <-waitCh
+waitLoop:
+	for {
+		select {
+		case err := <-waitCh:
+			waitErr = err
+			break waitLoop
+		case <-ctx.Done():
+			ctxCancelled = true
+			logErrorFn(cancelReason(commandName, ctx))
+			if !terminated {
+				if timer := terminateCommandFn(cmd); timer != nil {
+					forceKillTimer = timer
+					terminated = true
+				}
+			}
+			for {
+				select {
+				case err := <-waitCh:
+					waitErr = err
+					break waitLoop
+				case <-time.After(forceKillWaitTimeout):
+					if proc := cmd.Process(); proc != nil {
+						_ = proc.Kill()
+					}
+				}
+			}
+		case <-messageTimerCh:
+			forcedAfterComplete = true
+			messageTimerCh = nil
+			if !terminated {
+				logWarnFn(fmt.Sprintf("%s output parsed; terminating lingering backend", commandName))
+				if timer := terminateCommandFn(cmd); timer != nil {
+					forceKillTimer = timer
+					terminated = true
+				}
+			}
+			// Close pipes to unblock stream readers, then wait for process exit.
+			closeWithReason(stdout, "terminate")
+			closeWithReason(stderr, "terminate")
+			for {
+				select {
+				case err := <-waitCh:
+					waitErr = err
+					break waitLoop
+				case <-time.After(forceKillWaitTimeout):
+					if proc := cmd.Process(); proc != nil {
+						_ = proc.Kill()
+					}
+				}
+			}
+		case <-completeSeen:
+			completeSeenObserved = true
+			if messageTimer != nil {
+				continue
+			}
+			messageTimer = time.NewTimer(postMessageTerminateDelay)
+			messageTimerCh = messageTimer.C
+		case <-messageSeen:
+			messageSeenObserved = true
+		}
+	}
+
+	if messageTimer != nil {
+		if !messageTimer.Stop() {
+			select {
+			case <-messageTimer.C:
+			default:
+			}
+		}
 	}
 
 	if forceKillTimer != nil {
@@ -693,10 +1184,14 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 	}
 
 	var parsed parseResult
-	if ctxCancelled {
+	switch {
+	case ctxCancelled:
 		closeWithReason(stdout, stdoutCloseReasonCtx)
 		parsed = <-parseCh
-	} else {
+	case messageSeenObserved || completeSeenObserved:
+		closeWithReason(stdout, stdoutCloseReasonWait)
+		parsed = <-parseCh
+	default:
 		drainTimer := time.NewTimer(stdoutDrainTimeout)
 		defer drainTimer.Stop()
 
@@ -704,6 +1199,11 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 		case parsed = <-parseCh:
 			closeWithReason(stdout, stdoutCloseReasonWait)
 		case <-messageSeen:
+			messageSeenObserved = true
+			closeWithReason(stdout, stdoutCloseReasonWait)
+			parsed = <-parseCh
+		case <-completeSeen:
+			completeSeenObserved = true
 			closeWithReason(stdout, stdoutCloseReasonWait)
 			parsed = <-parseCh
 		case <-drainTimer.C:
@@ -712,6 +1212,12 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 		}
 	}
 
+	closeWithReason(stderr, stdoutCloseReasonWait)
+	// Wait for stderr drain so stderrBuf / stderrLogger are not accessed concurrently.
+	// Important: cmd.Wait can block on internal stderr copying if cmd.Stderr is a non-file writer.
+	// We use StderrPipe and drain ourselves to avoid that deadlock class (common when children inherit pipes).
+	<-stderrDone
+
 	if ctxErr := ctx.Err(); ctxErr != nil {
 		if errors.Is(ctxErr, context.DeadlineExceeded) {
 			result.ExitCode = 124
@@ -724,17 +1230,21 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 	}
 
 	if waitErr != nil {
-		if exitErr, ok := waitErr.(*exec.ExitError); ok {
-			code := exitErr.ExitCode()
-			logErrorFn(fmt.Sprintf("%s exited with status %d", commandName, code))
-			result.ExitCode = code
-			result.Error = attachStderr(fmt.Sprintf("%s exited with status %d", commandName, code))
+		if forcedAfterComplete && parsed.message != "" {
+			logWarnFn(fmt.Sprintf("%s terminated after delivering output", commandName))
+		} else {
+			if exitErr, ok := waitErr.(*exec.ExitError); ok {
+				code := exitErr.ExitCode()
+				logErrorFn(fmt.Sprintf("%s exited with status %d", commandName, code))
+				result.ExitCode = code
+				result.Error = attachStderr(fmt.Sprintf("%s exited with status %d", commandName, code))
+				return result
+			}
+			logErrorFn(commandName + " error: " + waitErr.Error())
+			result.ExitCode = 1
+			result.Error = attachStderr(commandName + " error: " + waitErr.Error())
 			return result
 		}
-		logErrorFn(commandName + " error: " + waitErr.Error())
-		result.ExitCode = 1
-		result.Error = attachStderr(commandName + " error: " + waitErr.Error())
-		return result
 	}
 
 	message := parsed.message
@@ -756,8 +1266,8 @@ func runCodexTaskWithContext(parentCtx context.Context, taskSpec TaskSpec, backe
 	result.ExitCode = 0
 	result.Message = message
 	result.SessionID = threadID
-	if logger := activeLogger(); logger != nil {
-		result.LogPath = logger.Path()
+	if result.LogPath == "" && injectedLogger != nil {
+		result.LogPath = injectedLogger.Path()
 	}
 
 	return result
@@ -782,7 +1292,7 @@ func forwardSignals(ctx context.Context, cmd commandRunner, logErrorFn func(stri
 		case sig := <-sigCh:
 			logErrorFn(fmt.Sprintf("Received signal: %v", sig))
 			if proc := cmd.Process(); proc != nil {
-				_ = proc.Signal(syscall.SIGTERM)
+				_ = sendTermSignal(proc)
 				time.AfterFunc(time.Duration(forceKillDelay.Load())*time.Second, func() {
 					if p := cmd.Process(); p != nil {
 						_ = p.Kill()
@@ -852,7 +1362,7 @@ func terminateCommand(cmd commandRunner) *forceKillTimer {
 		return nil
 	}
 
-	_ = proc.Signal(syscall.SIGTERM)
+	_ = sendTermSignal(proc)
 
 	done := make(chan struct{}, 1)
 	timer := time.AfterFunc(time.Duration(forceKillDelay.Load())*time.Second, func() {
@@ -874,7 +1384,7 @@ func terminateProcess(cmd commandRunner) *time.Timer {
 		return nil
 	}
 
-	_ = proc.Signal(syscall.SIGTERM)
+	_ = sendTermSignal(proc)
 
 	return time.AfterFunc(time.Duration(forceKillDelay.Load())*time.Second, func() {
 		if p := cmd.Process(); p != nil {

codeagent-wrapper/filter.go

@@ -0,0 +1,66 @@
+package main
+
+import (
+	"bytes"
+	"io"
+	"strings"
+)
+
+// geminiNoisePatterns contains stderr patterns to filter for gemini backend
+var geminiNoisePatterns = []string{
+	"[STARTUP]",
+	"Session cleanup disabled",
+	"Warning:",
+	"(node:",
+	"(Use `node --trace-warnings",
+	"Loaded cached credentials",
+	"Loading extension:",
+	"YOLO mode is enabled",
+}
+
+// filteringWriter wraps an io.Writer and filters out lines matching patterns
+type filteringWriter struct {
+	w        io.Writer
+	patterns []string
+	buf      bytes.Buffer
+}
+
+func newFilteringWriter(w io.Writer, patterns []string) *filteringWriter {
+	return &filteringWriter{w: w, patterns: patterns}
+}
+
+func (f *filteringWriter) Write(p []byte) (n int, err error) {
+	f.buf.Write(p)
+	for {
+		line, err := f.buf.ReadString('\n')
+		if err != nil {
+			// incomplete line, put it back
+			f.buf.WriteString(line)
+			break
+		}
+		if !f.shouldFilter(line) {
+			f.w.Write([]byte(line))
+		}
+	}
+	return len(p), nil
+}
+
+func (f *filteringWriter) shouldFilter(line string) bool {
+	for _, pattern := range f.patterns {
+		if strings.Contains(line, pattern) {
+			return true
+		}
+	}
+	return false
+}
+
+// Flush writes any remaining buffered content
+func (f *filteringWriter) Flush() {
+	if f.buf.Len() > 0 {
+		remaining := f.buf.String()
+		if !f.shouldFilter(remaining) {
+			f.w.Write([]byte(remaining))
+		}
+		f.buf.Reset()
+	}
+}

codeagent-wrapper/filter_test.go

@@ -0,0 +1,73 @@
+package main
+
+import (
+	"bytes"
+	"testing"
+)
+
+func TestFilteringWriter(t *testing.T) {
+	tests := []struct {
+		name     string
+		patterns []string
+		input    string
+		want     string
+	}{
+		{
+			name:     "filter STARTUP lines",
+			patterns: geminiNoisePatterns,
+			input:    "[STARTUP] Recording metric\nHello World\n[STARTUP] Another line\n",
+			want:     "Hello World\n",
+		},
+		{
+			name:     "filter Warning lines",
+			patterns: geminiNoisePatterns,
+			input:    "Warning: something bad\nActual output\n",
+			want:     "Actual output\n",
+		},
+		{
+			name:     "filter multiple patterns",
+			patterns: geminiNoisePatterns,
+			input:    "YOLO mode is enabled\nSession cleanup disabled\nReal content\nLoading extension: foo\n",
+			want:     "Real content\n",
+		},
+		{
+			name:     "no filtering needed",
+			patterns: geminiNoisePatterns,
+			input:    "Line 1\nLine 2\nLine 3\n",
+			want:     "Line 1\nLine 2\nLine 3\n",
+		},
+		{
+			name:     "empty input",
+			patterns: geminiNoisePatterns,
+			input:    "",
+			want:     "",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			var buf bytes.Buffer
+			fw := newFilteringWriter(&buf, tt.patterns)
+			fw.Write([]byte(tt.input))
+			fw.Flush()
+
+			if got := buf.String(); got != tt.want {
+				t.Errorf("got %q, want %q", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestFilteringWriterPartialLines(t *testing.T) {
+	var buf bytes.Buffer
+	fw := newFilteringWriter(&buf, geminiNoisePatterns)
+
+	// Write partial line
+	fw.Write([]byte("Hello "))
+	fw.Write([]byte("World\n"))
+	fw.Flush()
+
+	if got := buf.String(); got != "Hello World\n" {
+		t.Errorf("got %q, want %q", got, "Hello World\n")
+	}
+}

codeagent-wrapper/log_writer_limit_test.go

@@ -0,0 +1,38 @@
+package main
+
+import (
+	"os"
+	"strings"
+	"testing"
+)
+
+func TestLogWriterWriteLimitsBuffer(t *testing.T) {
+	defer resetTestHooks()
+
+	logger, err := NewLogger()
+	if err != nil {
+		t.Fatalf("NewLogger error: %v", err)
+	}
+	setLogger(logger)
+	defer closeLogger()
+
+	lw := newLogWriter("P:", 10)
+	_, _ = lw.Write([]byte(strings.Repeat("a", 100)))
+
+	if lw.buf.Len() != 10 {
+		t.Fatalf("logWriter buffer len=%d, want %d", lw.buf.Len(), 10)
+	}
+	if !lw.dropped {
+		t.Fatalf("expected logWriter to drop overlong line bytes")
+	}
+
+	lw.Flush()
+	logger.Flush()
+	data, err := os.ReadFile(logger.Path())
+	if err != nil {
+		t.Fatalf("ReadFile error: %v", err)
+	}
+	if !strings.Contains(string(data), "P:aaaaaaa...") {
+		t.Fatalf("log output missing truncated entry, got %q", string(data))
+	}
+}

codeagent-wrapper/logger.go

@@ -5,6 +5,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"hash/crc32"
 	"os"
 	"path/filepath"
 	"strconv"
@@ -18,22 +19,25 @@ import (
 // It is intentionally minimal: a buffered channel + single worker goroutine
 // to avoid contention while keeping ordering guarantees.
 type Logger struct {
-	path      string
-	file      *os.File
-	writer    *bufio.Writer
-	ch        chan logEntry
-	flushReq  chan chan struct{}
-	done      chan struct{}
-	closed    atomic.Bool
-	closeOnce sync.Once
-	workerWG  sync.WaitGroup
-	pendingWG sync.WaitGroup
-	flushMu   sync.Mutex
+	path         string
+	file         *os.File
+	writer       *bufio.Writer
+	ch           chan logEntry
+	flushReq     chan chan struct{}
+	done         chan struct{}
+	closed       atomic.Bool
+	closeOnce    sync.Once
+	workerWG     sync.WaitGroup
+	pendingWG    sync.WaitGroup
+	flushMu      sync.Mutex
+	workerErr    error
+	errorEntries []string // Cache of recent ERROR/WARN entries
+	errorMu      sync.Mutex
 }
 
 type logEntry struct {
-	level string
-	msg   string
+	msg     string
+	isError bool // true for ERROR or WARN levels
 }
 
 // CleanupStats captures the outcome of a cleanupOldLogs run.
@@ -55,6 +59,10 @@ var (
 	evalSymlinksFn      = filepath.EvalSymlinks
 )
 
+const maxLogSuffixLen = 64
+
+var logSuffixCounter atomic.Uint64
+
 // NewLogger creates the async logger and starts the worker goroutine.
 // The log file is created under os.TempDir() using the required naming scheme.
 func NewLogger() (*Logger, error) {
@@ -64,14 +72,23 @@ func NewLogger() (*Logger, error) {
 // NewLoggerWithSuffix creates a logger with an optional suffix in the filename.
 // Useful for tests that need isolated log files within the same process.
 func NewLoggerWithSuffix(suffix string) (*Logger, error) {
-	filename := fmt.Sprintf("%s-%d", primaryLogPrefix(), os.Getpid())
+	pid := os.Getpid()
+	filename := fmt.Sprintf("%s-%d", primaryLogPrefix(), pid)
+	var safeSuffix string
 	if suffix != "" {
-		filename += "-" + suffix
+		safeSuffix = sanitizeLogSuffix(suffix)
+	}
+	if safeSuffix != "" {
+		filename += "-" + safeSuffix
 	}
 	filename += ".log"
 
 	path := filepath.Clean(filepath.Join(os.TempDir(), filename))
 
+	if err := os.MkdirAll(filepath.Dir(path), 0o700); err != nil {
+		return nil, err
+	}
+
 	f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0o600)
 	if err != nil {
 		return nil, err
@@ -92,6 +109,73 @@ func NewLoggerWithSuffix(suffix string) (*Logger, error) {
 	return l, nil
 }
 
+func sanitizeLogSuffix(raw string) string {
+	trimmed := strings.TrimSpace(raw)
+	if trimmed == "" {
+		return fallbackLogSuffix()
+	}
+
+	var b strings.Builder
+	changed := false
+	for _, r := range trimmed {
+		if isSafeLogRune(r) {
+			b.WriteRune(r)
+		} else {
+			changed = true
+			b.WriteByte('-')
+		}
+		if b.Len() >= maxLogSuffixLen {
+			changed = true
+			break
+		}
+	}
+
+	sanitized := strings.Trim(b.String(), "-.")
+	if sanitized != b.String() {
+		changed = true // Mark if trim removed any characters
+	}
+	if sanitized == "" {
+		return fallbackLogSuffix()
+	}
+
+	if changed || len(sanitized) > maxLogSuffixLen {
+		hash := crc32.ChecksumIEEE([]byte(trimmed))
+		hashStr := fmt.Sprintf("%x", hash)
+
+		maxPrefix := maxLogSuffixLen - len(hashStr) - 1
+		if maxPrefix < 1 {
+			maxPrefix = 1
+		}
+		if len(sanitized) > maxPrefix {
+			sanitized = sanitized[:maxPrefix]
+		}
+
+		sanitized = fmt.Sprintf("%s-%s", sanitized, hashStr)
+	}
+
+	return sanitized
+}
+
+func fallbackLogSuffix() string {
+	next := logSuffixCounter.Add(1)
+	return fmt.Sprintf("task-%d", next)
+}
+
+func isSafeLogRune(r rune) bool {
+	switch {
+	case r >= 'a' && r <= 'z':
+		return true
+	case r >= 'A' && r <= 'Z':
+		return true
+	case r >= '0' && r <= '9':
+		return true
+	case r == '-', r == '_', r == '.':
+		return true
+	default:
+		return false
+	}
+}
+
 // Path returns the underlying log file path (useful for tests/inspection).
 func (l *Logger) Path() string {
 	if l == nil {
@@ -112,10 +196,11 @@ func (l *Logger) Debug(msg string) { l.log("DEBUG", msg) }
 // Error logs at ERROR level.
 func (l *Logger) Error(msg string) { l.log("ERROR", msg) }
 
-// Close stops the worker and syncs the log file.
+// Close signals the worker to flush and close the log file.
 // The log file is NOT removed, allowing inspection after program exit.
 // It is safe to call multiple times.
-// Returns after a 5-second timeout if worker doesn't stop gracefully.
+// Waits up to CODEAGENT_LOGGER_CLOSE_TIMEOUT_MS (default: 5000) for shutdown; set to 0 to wait indefinitely.
+// Returns an error if shutdown doesn't complete within the timeout.
 func (l *Logger) Close() error {
 	if l == nil {
 		return nil
@@ -126,42 +211,51 @@ func (l *Logger) Close() error {
 	l.closeOnce.Do(func() {
 		l.closed.Store(true)
 		close(l.done)
-		close(l.ch)
 
-		// Wait for worker with timeout
+		timeout := loggerCloseTimeout()
 		workerDone := make(chan struct{})
 		go func() {
 			l.workerWG.Wait()
 			close(workerDone)
 		}()
 
-		select {
-		case <-workerDone:
-			// Worker stopped gracefully
-		case <-time.After(5 * time.Second):
-			// Worker timeout - proceed with cleanup anyway
-			closeErr = fmt.Errorf("logger worker timeout during close")
+		if timeout > 0 {
+			select {
+			case <-workerDone:
+				// Worker stopped gracefully
+			case <-time.After(timeout):
+				closeErr = fmt.Errorf("logger worker timeout during close")
+				return
+			}
+		} else {
+			<-workerDone
 		}
 
-		if err := l.writer.Flush(); err != nil && closeErr == nil {
-			closeErr = err
+		if l.workerErr != nil && closeErr == nil {
+			closeErr = l.workerErr
 		}
-
-		if err := l.file.Sync(); err != nil && closeErr == nil {
-			closeErr = err
-		}
-
-		if err := l.file.Close(); err != nil && closeErr == nil {
-			closeErr = err
-		}
-
-		// Log file is kept for debugging - NOT removed
-		// Users can manually clean up /tmp/<wrapper>-*.log files
 	})
 
 	return closeErr
 }
 
+func loggerCloseTimeout() time.Duration {
+	const defaultTimeout = 5 * time.Second
+
+	raw := strings.TrimSpace(os.Getenv("CODEAGENT_LOGGER_CLOSE_TIMEOUT_MS"))
+	if raw == "" {
+		return defaultTimeout
+	}
+	ms, err := strconv.Atoi(raw)
+	if err != nil {
+		return defaultTimeout
+	}
+	if ms <= 0 {
+		return 0
+	}
+	return time.Duration(ms) * time.Millisecond
+}
+
 // RemoveLogFile removes the log file. Should only be called after Close().
 func (l *Logger) RemoveLogFile() error {
 	if l == nil {
@@ -170,34 +264,29 @@ func (l *Logger) RemoveLogFile() error {
 	return os.Remove(l.path)
 }
 
-// ExtractRecentErrors reads the log file and returns the most recent ERROR and WARN entries.
+// ExtractRecentErrors returns the most recent ERROR and WARN entries from memory cache.
 // Returns up to maxEntries entries in chronological order.
 func (l *Logger) ExtractRecentErrors(maxEntries int) []string {
-	if l == nil || l.path == "" {
+	if l == nil || maxEntries <= 0 {
 		return nil
 	}
 
-	f, err := os.Open(l.path)
-	if err != nil {
+	l.errorMu.Lock()
+	defer l.errorMu.Unlock()
+
+	if len(l.errorEntries) == 0 {
 		return nil
 	}
-	defer f.Close()
 
-	var entries []string
-	scanner := bufio.NewScanner(f)
-	for scanner.Scan() {
-		line := scanner.Text()
-		if strings.Contains(line, "] ERROR:") || strings.Contains(line, "] WARN:") {
-			entries = append(entries, line)
-		}
+	// Return last N entries
+	start := 0
+	if len(l.errorEntries) > maxEntries {
+		start = len(l.errorEntries) - maxEntries
 	}
 
-	// Keep only the last maxEntries
-	if len(entries) > maxEntries {
-		entries = entries[len(entries)-maxEntries:]
-	}
-
-	return entries
+	result := make([]string, len(l.errorEntries)-start)
+	copy(result, l.errorEntries[start:])
+	return result
 }
 
 // Flush waits for all pending log entries to be written. Primarily for tests.
@@ -254,7 +343,8 @@ func (l *Logger) log(level, msg string) {
 		return
 	}
 
-	entry := logEntry{level: level, msg: msg}
+	isError := level == "WARN" || level == "ERROR"
+	entry := logEntry{msg: msg, isError: isError}
 	l.flushMu.Lock()
 	l.pendingWG.Add(1)
 	l.flushMu.Unlock()
@@ -275,18 +365,43 @@ func (l *Logger) run() {
 	ticker := time.NewTicker(500 * time.Millisecond)
 	defer ticker.Stop()
 
+	writeEntry := func(entry logEntry) {
+		timestamp := time.Now().Format("2006-01-02 15:04:05.000")
+		fmt.Fprintf(l.writer, "[%s] %s\n", timestamp, entry.msg)
+
+		// Cache error/warn entries in memory for fast extraction
+		if entry.isError {
+			l.errorMu.Lock()
+			l.errorEntries = append(l.errorEntries, entry.msg)
+			if len(l.errorEntries) > 100 { // Keep last 100
+				l.errorEntries = l.errorEntries[1:]
+			}
+			l.errorMu.Unlock()
+		}
+
+		l.pendingWG.Done()
+	}
+
+	finalize := func() {
+		if err := l.writer.Flush(); err != nil && l.workerErr == nil {
+			l.workerErr = err
+		}
+		if err := l.file.Sync(); err != nil && l.workerErr == nil {
+			l.workerErr = err
+		}
+		if err := l.file.Close(); err != nil && l.workerErr == nil {
+			l.workerErr = err
+		}
+	}
+
 	for {
 		select {
 		case entry, ok := <-l.ch:
 			if !ok {
-				// Channel closed, final flush
-				_ = l.writer.Flush()
+				finalize()
 				return
 			}
-			timestamp := time.Now().Format("2006-01-02 15:04:05.000")
-			pid := os.Getpid()
-			fmt.Fprintf(l.writer, "[%s] [PID:%d] %s: %s\n", timestamp, pid, entry.level, entry.msg)
-			l.pendingWG.Done()
+			writeEntry(entry)
 
 		case <-ticker.C:
 			_ = l.writer.Flush()
@@ -296,6 +411,21 @@ func (l *Logger) run() {
 			_ = l.writer.Flush()
 			_ = l.file.Sync()
 			close(flushDone)
+
+		case <-l.done:
+			for {
+				select {
+				case entry, ok := <-l.ch:
+					if !ok {
+						finalize()
+						return
+					}
+					writeEntry(entry)
+				default:
+					finalize()
+					return
+				}
+			}
 		}
 	}
 }

codeagent-wrapper/logger_additional_coverage_test.go

@@ -0,0 +1,158 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+)
+
+func TestLoggerNilReceiverNoop(t *testing.T) {
+	var logger *Logger
+	logger.Info("info")
+	logger.Warn("warn")
+	logger.Debug("debug")
+	logger.Error("error")
+	logger.Flush()
+	if err := logger.Close(); err != nil {
+		t.Fatalf("Close() on nil logger should return nil, got %v", err)
+	}
+}
+
+func TestLoggerConcurrencyLogHelpers(t *testing.T) {
+	setTempDirEnv(t, t.TempDir())
+
+	logger, err := NewLoggerWithSuffix("concurrency")
+	if err != nil {
+		t.Fatalf("NewLoggerWithSuffix error: %v", err)
+	}
+	setLogger(logger)
+	defer closeLogger()
+
+	logConcurrencyPlanning(0, 2)
+	logConcurrencyPlanning(3, 2)
+	logConcurrencyState("start", "task-1", 1, 0)
+	logConcurrencyState("done", "task-1", 0, 3)
+	logger.Flush()
+
+	data, err := os.ReadFile(logger.Path())
+	if err != nil {
+		t.Fatalf("failed to read log file: %v", err)
+	}
+	output := string(data)
+
+	checks := []string{
+		"parallel: worker_limit=unbounded total_tasks=2",
+		"parallel: worker_limit=3 total_tasks=2",
+		"parallel: start task=task-1 active=1 limit=unbounded",
+		"parallel: done task=task-1 active=0 limit=3",
+	}
+	for _, c := range checks {
+		if !strings.Contains(output, c) {
+			t.Fatalf("log output missing %q, got: %s", c, output)
+		}
+	}
+}
+
+func TestLoggerConcurrencyLogHelpersNoopWithoutActiveLogger(t *testing.T) {
+	_ = closeLogger()
+	logConcurrencyPlanning(1, 1)
+	logConcurrencyState("start", "task-1", 0, 1)
+}
+
+func TestLoggerCleanupOldLogsSkipsUnsafeAndHandlesAlreadyDeleted(t *testing.T) {
+	tempDir := setTempDirEnv(t, t.TempDir())
+
+	unsafePath := createTempLog(t, tempDir, fmt.Sprintf("%s-%d.log", primaryLogPrefix(), 222))
+	orphanPath := createTempLog(t, tempDir, fmt.Sprintf("%s-%d.log", primaryLogPrefix(), 111))
+
+	stubFileStat(t, func(path string) (os.FileInfo, error) {
+		if path == unsafePath {
+			return fakeFileInfo{mode: os.ModeSymlink}, nil
+		}
+		return os.Lstat(path)
+	})
+
+	stubProcessRunning(t, func(pid int) bool {
+		if pid == 111 {
+			_ = os.Remove(orphanPath)
+		}
+		return false
+	})
+
+	stats, err := cleanupOldLogs()
+	if err != nil {
+		t.Fatalf("cleanupOldLogs() unexpected error: %v", err)
+	}
+
+	if stats.Scanned != 2 {
+		t.Fatalf("scanned = %d, want %d", stats.Scanned, 2)
+	}
+	if stats.Deleted != 0 {
+		t.Fatalf("deleted = %d, want %d", stats.Deleted, 0)
+	}
+	if stats.Kept != 2 {
+		t.Fatalf("kept = %d, want %d", stats.Kept, 2)
+	}
+	if stats.Errors != 0 {
+		t.Fatalf("errors = %d, want %d", stats.Errors, 0)
+	}
+
+	hasSkip := false
+	hasAlreadyDeleted := false
+	for _, name := range stats.KeptFiles {
+		if strings.Contains(name, "already deleted") {
+			hasAlreadyDeleted = true
+		}
+		if strings.Contains(name, filepath.Base(unsafePath)) {
+			hasSkip = true
+		}
+	}
+	if !hasSkip {
+		t.Fatalf("expected kept files to include unsafe log %q, got %+v", filepath.Base(unsafePath), stats.KeptFiles)
+	}
+	if !hasAlreadyDeleted {
+		t.Fatalf("expected kept files to include already deleted marker, got %+v", stats.KeptFiles)
+	}
+}
+
+func TestLoggerIsUnsafeFileErrorPaths(t *testing.T) {
+	tempDir := t.TempDir()
+
+	t.Run("stat ErrNotExist", func(t *testing.T) {
+		stubFileStat(t, func(string) (os.FileInfo, error) {
+			return nil, os.ErrNotExist
+		})
+
+		unsafe, reason := isUnsafeFile("missing.log", tempDir)
+		if !unsafe || reason != "" {
+			t.Fatalf("expected missing file to be skipped silently, got unsafe=%v reason=%q", unsafe, reason)
+		}
+	})
+
+	t.Run("stat error", func(t *testing.T) {
+		stubFileStat(t, func(string) (os.FileInfo, error) {
+			return nil, fmt.Errorf("boom")
+		})
+
+		unsafe, reason := isUnsafeFile("broken.log", tempDir)
+		if !unsafe || !strings.Contains(reason, "stat failed") {
+			t.Fatalf("expected stat failure to be unsafe, got unsafe=%v reason=%q", unsafe, reason)
+		}
+	})
+
+	t.Run("EvalSymlinks error", func(t *testing.T) {
+		stubFileStat(t, func(string) (os.FileInfo, error) {
+			return fakeFileInfo{}, nil
+		})
+		stubEvalSymlinks(t, func(string) (string, error) {
+			return "", fmt.Errorf("resolve failed")
+		})
+
+		unsafe, reason := isUnsafeFile("cannot-resolve.log", tempDir)
+		if !unsafe || !strings.Contains(reason, "path resolution failed") {
+			t.Fatalf("expected resolution failure to be unsafe, got unsafe=%v reason=%q", unsafe, reason)
+		}
+	})
+}

codeagent-wrapper/logger_suffix_test.go

@@ -0,0 +1,115 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+)
+
+func TestLoggerWithSuffixNamingAndIsolation(t *testing.T) {
+	tempDir := setTempDirEnv(t, t.TempDir())
+
+	taskA := "task-1"
+	taskB := "task-2"
+
+	loggerA, err := NewLoggerWithSuffix(taskA)
+	if err != nil {
+		t.Fatalf("NewLoggerWithSuffix(%q) error = %v", taskA, err)
+	}
+	defer loggerA.Close()
+
+	loggerB, err := NewLoggerWithSuffix(taskB)
+	if err != nil {
+		t.Fatalf("NewLoggerWithSuffix(%q) error = %v", taskB, err)
+	}
+	defer loggerB.Close()
+
+	wantA := filepath.Join(tempDir, fmt.Sprintf("%s-%d-%s.log", primaryLogPrefix(), os.Getpid(), taskA))
+	if loggerA.Path() != wantA {
+		t.Fatalf("loggerA path = %q, want %q", loggerA.Path(), wantA)
+	}
+
+	wantB := filepath.Join(tempDir, fmt.Sprintf("%s-%d-%s.log", primaryLogPrefix(), os.Getpid(), taskB))
+	if loggerB.Path() != wantB {
+		t.Fatalf("loggerB path = %q, want %q", loggerB.Path(), wantB)
+	}
+
+	if loggerA.Path() == loggerB.Path() {
+		t.Fatalf("expected different log files, got %q", loggerA.Path())
+	}
+
+	loggerA.Info("from taskA")
+	loggerB.Info("from taskB")
+	loggerA.Flush()
+	loggerB.Flush()
+
+	dataA, err := os.ReadFile(loggerA.Path())
+	if err != nil {
+		t.Fatalf("failed to read loggerA file: %v", err)
+	}
+	dataB, err := os.ReadFile(loggerB.Path())
+	if err != nil {
+		t.Fatalf("failed to read loggerB file: %v", err)
+	}
+
+	if !strings.Contains(string(dataA), "from taskA") {
+		t.Fatalf("loggerA missing its message, got: %q", string(dataA))
+	}
+	if strings.Contains(string(dataA), "from taskB") {
+		t.Fatalf("loggerA contains loggerB message, got: %q", string(dataA))
+	}
+	if !strings.Contains(string(dataB), "from taskB") {
+		t.Fatalf("loggerB missing its message, got: %q", string(dataB))
+	}
+	if strings.Contains(string(dataB), "from taskA") {
+		t.Fatalf("loggerB contains loggerA message, got: %q", string(dataB))
+	}
+}
+
+func TestLoggerWithSuffixReturnsErrorWhenTempDirNotWritable(t *testing.T) {
+	base := t.TempDir()
+	noWrite := filepath.Join(base, "ro")
+	if err := os.Mkdir(noWrite, 0o500); err != nil {
+		t.Fatalf("failed to create read-only temp dir: %v", err)
+	}
+	t.Cleanup(func() { _ = os.Chmod(noWrite, 0o700) })
+	setTempDirEnv(t, noWrite)
+
+	logger, err := NewLoggerWithSuffix("task-err")
+	if err == nil {
+		_ = logger.Close()
+		t.Fatalf("expected error when temp dir is not writable")
+	}
+}
+
+func TestLoggerWithSuffixSanitizesUnsafeSuffix(t *testing.T) {
+	tempDir := setTempDirEnv(t, t.TempDir())
+
+	raw := "../bad id/with?chars"
+	safe := sanitizeLogSuffix(raw)
+	if safe == "" {
+		t.Fatalf("sanitizeLogSuffix returned empty string")
+	}
+	if strings.ContainsAny(safe, "/\\") {
+		t.Fatalf("sanitized suffix should not contain path separators, got %q", safe)
+	}
+
+	logger, err := NewLoggerWithSuffix(raw)
+	if err != nil {
+		t.Fatalf("NewLoggerWithSuffix(%q) error = %v", raw, err)
+	}
+	t.Cleanup(func() {
+		_ = logger.Close()
+		_ = os.Remove(logger.Path())
+	})
+
+	wantBase := fmt.Sprintf("%s-%d-%s.log", primaryLogPrefix(), os.Getpid(), safe)
+	if gotBase := filepath.Base(logger.Path()); gotBase != wantBase {
+		t.Fatalf("log filename = %q, want %q", gotBase, wantBase)
+	}
+	if dir := filepath.Dir(logger.Path()); dir != tempDir {
+		t.Fatalf("logger path dir = %q, want %q", dir, tempDir)
+	}
+}

codeagent-wrapper/logger_test.go

@@ -26,7 +26,7 @@ func compareCleanupStats(got, want CleanupStats) bool {
 	return true
 }
 
-func TestRunLoggerCreatesFileWithPID(t *testing.T) {
+func TestLoggerCreatesFileWithPID(t *testing.T) {
 	tempDir := t.TempDir()
 	t.Setenv("TMPDIR", tempDir)
 
@@ -46,7 +46,7 @@ func TestRunLoggerCreatesFileWithPID(t *testing.T) {
 	}
 }
 
-func TestRunLoggerWritesLevels(t *testing.T) {
+func TestLoggerWritesLevels(t *testing.T) {
 	tempDir := t.TempDir()
 	t.Setenv("TMPDIR", tempDir)
 
@@ -69,7 +69,7 @@ func TestRunLoggerWritesLevels(t *testing.T) {
 	}
 
 	content := string(data)
-	checks := []string{"INFO: info message", "WARN: warn message", "DEBUG: debug message", "ERROR: error message"}
+	checks := []string{"info message", "warn message", "debug message", "error message"}
 	for _, c := range checks {
 		if !strings.Contains(content, c) {
 			t.Fatalf("log file missing entry %q, content: %s", c, content)
@@ -77,7 +77,31 @@ func TestRunLoggerWritesLevels(t *testing.T) {
 	}
 }
 
-func TestRunLoggerCloseRemovesFileAndStopsWorker(t *testing.T) {
+func TestLoggerDefaultIsTerminalCoverage(t *testing.T) {
+	oldStdin := os.Stdin
+	t.Cleanup(func() { os.Stdin = oldStdin })
+
+	f, err := os.CreateTemp(t.TempDir(), "stdin-*")
+	if err != nil {
+		t.Fatalf("os.CreateTemp() error = %v", err)
+	}
+	defer os.Remove(f.Name())
+
+	os.Stdin = f
+	if got := defaultIsTerminal(); got {
+		t.Fatalf("defaultIsTerminal() = %v, want false for regular file", got)
+	}
+
+	if err := f.Close(); err != nil {
+		t.Fatalf("Close() error = %v", err)
+	}
+	os.Stdin = f
+	if got := defaultIsTerminal(); !got {
+		t.Fatalf("defaultIsTerminal() = %v, want true when Stat fails", got)
+	}
+}
+
+func TestLoggerCloseStopsWorkerAndKeepsFile(t *testing.T) {
 	tempDir := t.TempDir()
 	t.Setenv("TMPDIR", tempDir)
 
@@ -94,6 +118,11 @@ func TestRunLoggerCloseRemovesFileAndStopsWorker(t *testing.T) {
 	if err := logger.Close(); err != nil {
 		t.Fatalf("Close() returned error: %v", err)
 	}
+	if logger.file != nil {
+		if _, err := logger.file.Write([]byte("x")); err == nil {
+			t.Fatalf("expected file to be closed after Close()")
+		}
+	}
 
 	// After recent changes, log file is kept for debugging - NOT removed
 	if _, err := os.Stat(logPath); os.IsNotExist(err) {
@@ -116,7 +145,7 @@ func TestRunLoggerCloseRemovesFileAndStopsWorker(t *testing.T) {
 	}
 }
 
-func TestRunLoggerConcurrentWritesSafe(t *testing.T) {
+func TestLoggerConcurrentWritesSafe(t *testing.T) {
 	tempDir := t.TempDir()
 	t.Setenv("TMPDIR", tempDir)
 
@@ -165,7 +194,7 @@ func TestRunLoggerConcurrentWritesSafe(t *testing.T) {
 	}
 }
 
-func TestRunLoggerTerminateProcessActive(t *testing.T) {
+func TestLoggerTerminateProcessActive(t *testing.T) {
 	cmd := exec.Command("sleep", "5")
 	if err := cmd.Start(); err != nil {
 		t.Skipf("cannot start sleep command: %v", err)
@@ -193,7 +222,7 @@ func TestRunLoggerTerminateProcessActive(t *testing.T) {
 	time.Sleep(10 * time.Millisecond)
 }
 
-func TestRunTerminateProcessNil(t *testing.T) {
+func TestLoggerTerminateProcessNil(t *testing.T) {
 	if timer := terminateProcess(nil); timer != nil {
 		t.Fatalf("terminateProcess(nil) should return nil timer")
 	}
@@ -202,7 +231,7 @@ func TestRunTerminateProcessNil(t *testing.T) {
 	}
 }
 
-func TestRunCleanupOldLogsRemovesOrphans(t *testing.T) {
+func TestLoggerCleanupOldLogsRemovesOrphans(t *testing.T) {
 	tempDir := setTempDirEnv(t, t.TempDir())
 
 	orphan1 := createTempLog(t, tempDir, "codex-wrapper-111.log")
@@ -252,7 +281,7 @@ func TestRunCleanupOldLogsRemovesOrphans(t *testing.T) {
 	}
 }
 
-func TestRunCleanupOldLogsHandlesInvalidNamesAndErrors(t *testing.T) {
+func TestLoggerCleanupOldLogsHandlesInvalidNamesAndErrors(t *testing.T) {
 	tempDir := setTempDirEnv(t, t.TempDir())
 
 	invalid := []string{
@@ -310,7 +339,7 @@ func TestRunCleanupOldLogsHandlesInvalidNamesAndErrors(t *testing.T) {
 	}
 }
 
-func TestRunCleanupOldLogsHandlesGlobFailures(t *testing.T) {
+func TestLoggerCleanupOldLogsHandlesGlobFailures(t *testing.T) {
 	stubProcessRunning(t, func(pid int) bool {
 		t.Fatalf("process check should not run when glob fails")
 		return false
@@ -336,7 +365,7 @@ func TestRunCleanupOldLogsHandlesGlobFailures(t *testing.T) {
 	}
 }
 
-func TestRunCleanupOldLogsEmptyDirectoryStats(t *testing.T) {
+func TestLoggerCleanupOldLogsEmptyDirectoryStats(t *testing.T) {
 	setTempDirEnv(t, t.TempDir())
 
 	stubProcessRunning(t, func(int) bool {
@@ -356,7 +385,7 @@ func TestRunCleanupOldLogsEmptyDirectoryStats(t *testing.T) {
 	}
 }
 
-func TestRunCleanupOldLogsHandlesTempDirPermissionErrors(t *testing.T) {
+func TestLoggerCleanupOldLogsHandlesTempDirPermissionErrors(t *testing.T) {
 	tempDir := setTempDirEnv(t, t.TempDir())
 
 	paths := []string{
@@ -396,7 +425,7 @@ func TestRunCleanupOldLogsHandlesTempDirPermissionErrors(t *testing.T) {
 	}
 }
 
-func TestRunCleanupOldLogsHandlesPermissionDeniedFile(t *testing.T) {
+func TestLoggerCleanupOldLogsHandlesPermissionDeniedFile(t *testing.T) {
 	tempDir := setTempDirEnv(t, t.TempDir())
 
 	protected := createTempLog(t, tempDir, "codex-wrapper-6200.log")
@@ -433,7 +462,7 @@ func TestRunCleanupOldLogsHandlesPermissionDeniedFile(t *testing.T) {
 	}
 }
 
-func TestRunCleanupOldLogsPerformanceBound(t *testing.T) {
+func TestLoggerCleanupOldLogsPerformanceBound(t *testing.T) {
 	tempDir := setTempDirEnv(t, t.TempDir())
 
 	const fileCount = 400
@@ -476,17 +505,98 @@ func TestRunCleanupOldLogsPerformanceBound(t *testing.T) {
 	}
 }
 
-func TestRunCleanupOldLogsCoverageSuite(t *testing.T) {
+func TestLoggerCleanupOldLogsCoverageSuite(t *testing.T) {
 	TestBackendParseJSONStream_CoverageSuite(t)
 }
 
 // Reuse the existing coverage suite so the focused TestLogger run still exercises
 // the rest of the codebase and keeps coverage high.
-func TestRunLoggerCoverageSuite(t *testing.T) {
-	TestBackendParseJSONStream_CoverageSuite(t)
+func TestLoggerCoverageSuite(t *testing.T) {
+	suite := []struct {
+		name string
+		fn   func(*testing.T)
+	}{
+		{"TestBackendParseJSONStream_CoverageSuite", TestBackendParseJSONStream_CoverageSuite},
+		{"TestVersionCoverageFullRun", TestVersionCoverageFullRun},
+		{"TestVersionMainWrapper", TestVersionMainWrapper},
+
+		{"TestExecutorHelperCoverage", TestExecutorHelperCoverage},
+		{"TestExecutorRunCodexTaskWithContext", TestExecutorRunCodexTaskWithContext},
+		{"TestExecutorParallelLogIsolation", TestExecutorParallelLogIsolation},
+		{"TestExecutorTaskLoggerContext", TestExecutorTaskLoggerContext},
+		{"TestExecutorExecuteConcurrentWithContextBranches", TestExecutorExecuteConcurrentWithContextBranches},
+		{"TestExecutorSignalAndTermination", TestExecutorSignalAndTermination},
+		{"TestExecutorCancelReasonAndCloseWithReason", TestExecutorCancelReasonAndCloseWithReason},
+		{"TestExecutorForceKillTimerStop", TestExecutorForceKillTimerStop},
+		{"TestExecutorForwardSignalsDefaults", TestExecutorForwardSignalsDefaults},
+
+		{"TestBackendParseArgs_NewMode", TestBackendParseArgs_NewMode},
+		{"TestBackendParseArgs_ResumeMode", TestBackendParseArgs_ResumeMode},
+		{"TestBackendParseArgs_BackendFlag", TestBackendParseArgs_BackendFlag},
+		{"TestBackendParseArgs_SkipPermissions", TestBackendParseArgs_SkipPermissions},
+		{"TestBackendParseBoolFlag", TestBackendParseBoolFlag},
+		{"TestBackendEnvFlagEnabled", TestBackendEnvFlagEnabled},
+		{"TestRunResolveTimeout", TestRunResolveTimeout},
+		{"TestRunIsTerminal", TestRunIsTerminal},
+		{"TestRunReadPipedTask", TestRunReadPipedTask},
+		{"TestTailBufferWrite", TestTailBufferWrite},
+		{"TestLogWriterWriteLimitsBuffer", TestLogWriterWriteLimitsBuffer},
+		{"TestLogWriterLogLine", TestLogWriterLogLine},
+		{"TestNewLogWriterDefaultMaxLen", TestNewLogWriterDefaultMaxLen},
+		{"TestNewLogWriterDefaultLimit", TestNewLogWriterDefaultLimit},
+		{"TestRunHello", TestRunHello},
+		{"TestRunGreet", TestRunGreet},
+		{"TestRunFarewell", TestRunFarewell},
+		{"TestRunFarewellEmpty", TestRunFarewellEmpty},
+
+		{"TestParallelParseConfig_Success", TestParallelParseConfig_Success},
+		{"TestParallelParseConfig_Backend", TestParallelParseConfig_Backend},
+		{"TestParallelParseConfig_InvalidFormat", TestParallelParseConfig_InvalidFormat},
+		{"TestParallelParseConfig_EmptyTasks", TestParallelParseConfig_EmptyTasks},
+		{"TestParallelParseConfig_MissingID", TestParallelParseConfig_MissingID},
+		{"TestParallelParseConfig_MissingTask", TestParallelParseConfig_MissingTask},
+		{"TestParallelParseConfig_DuplicateID", TestParallelParseConfig_DuplicateID},
+		{"TestParallelParseConfig_DelimiterFormat", TestParallelParseConfig_DelimiterFormat},
+
+		{"TestBackendSelectBackend", TestBackendSelectBackend},
+		{"TestBackendSelectBackend_Invalid", TestBackendSelectBackend_Invalid},
+		{"TestBackendSelectBackend_DefaultOnEmpty", TestBackendSelectBackend_DefaultOnEmpty},
+		{"TestBackendBuildArgs_CodexBackend", TestBackendBuildArgs_CodexBackend},
+		{"TestBackendBuildArgs_ClaudeBackend", TestBackendBuildArgs_ClaudeBackend},
+		{"TestClaudeBackendBuildArgs_OutputValidation", TestClaudeBackendBuildArgs_OutputValidation},
+		{"TestBackendBuildArgs_GeminiBackend", TestBackendBuildArgs_GeminiBackend},
+		{"TestGeminiBackendBuildArgs_OutputValidation", TestGeminiBackendBuildArgs_OutputValidation},
+		{"TestBackendNamesAndCommands", TestBackendNamesAndCommands},
+
+		{"TestBackendParseJSONStream", TestBackendParseJSONStream},
+		{"TestBackendParseJSONStream_ClaudeEvents", TestBackendParseJSONStream_ClaudeEvents},
+		{"TestBackendParseJSONStream_GeminiEvents", TestBackendParseJSONStream_GeminiEvents},
+		{"TestBackendParseJSONStreamWithWarn_InvalidLine", TestBackendParseJSONStreamWithWarn_InvalidLine},
+		{"TestBackendParseJSONStream_OnMessage", TestBackendParseJSONStream_OnMessage},
+		{"TestBackendParseJSONStream_ScannerError", TestBackendParseJSONStream_ScannerError},
+		{"TestBackendDiscardInvalidJSON", TestBackendDiscardInvalidJSON},
+		{"TestBackendDiscardInvalidJSONBuffer", TestBackendDiscardInvalidJSONBuffer},
+
+		{"TestCurrentWrapperNameFallsBackToExecutable", TestCurrentWrapperNameFallsBackToExecutable},
+		{"TestCurrentWrapperNameDetectsLegacyAliasSymlink", TestCurrentWrapperNameDetectsLegacyAliasSymlink},
+
+		{"TestIsProcessRunning", TestIsProcessRunning},
+		{"TestGetProcessStartTimeReadsProcStat", TestGetProcessStartTimeReadsProcStat},
+		{"TestGetProcessStartTimeInvalidData", TestGetProcessStartTimeInvalidData},
+		{"TestGetBootTimeParsesBtime", TestGetBootTimeParsesBtime},
+		{"TestGetBootTimeInvalidData", TestGetBootTimeInvalidData},
+
+		{"TestClaudeBuildArgs_ModesAndPermissions", TestClaudeBuildArgs_ModesAndPermissions},
+		{"TestClaudeBuildArgs_GeminiAndCodexModes", TestClaudeBuildArgs_GeminiAndCodexModes},
+		{"TestClaudeBuildArgs_BackendMetadata", TestClaudeBuildArgs_BackendMetadata},
+	}
+
+	for _, tc := range suite {
+		t.Run(tc.name, tc.fn)
+	}
 }
 
-func TestRunCleanupOldLogsKeepsCurrentProcessLog(t *testing.T) {
+func TestLoggerCleanupOldLogsKeepsCurrentProcessLog(t *testing.T) {
 	tempDir := setTempDirEnv(t, t.TempDir())
 
 	currentPID := os.Getpid()
@@ -518,7 +628,7 @@ func TestRunCleanupOldLogsKeepsCurrentProcessLog(t *testing.T) {
 	}
 }
 
-func TestIsPIDReusedScenarios(t *testing.T) {
+func TestLoggerIsPIDReusedScenarios(t *testing.T) {
 	now := time.Now()
 	tests := []struct {
 		name      string
@@ -552,7 +662,7 @@ func TestIsPIDReusedScenarios(t *testing.T) {
 	}
 }
 
-func TestIsUnsafeFileSecurityChecks(t *testing.T) {
+func TestLoggerIsUnsafeFileSecurityChecks(t *testing.T) {
 	tempDir := t.TempDir()
 	absTempDir, err := filepath.Abs(tempDir)
 	if err != nil {
@@ -601,7 +711,7 @@ func TestIsUnsafeFileSecurityChecks(t *testing.T) {
 	})
 }
 
-func TestRunLoggerPathAndRemove(t *testing.T) {
+func TestLoggerPathAndRemove(t *testing.T) {
 	tempDir := t.TempDir()
 	path := filepath.Join(tempDir, "sample.log")
 	if err := os.WriteFile(path, []byte("test"), 0o644); err != nil {
@@ -628,7 +738,19 @@ func TestRunLoggerPathAndRemove(t *testing.T) {
 	}
 }
 
-func TestRunLoggerInternalLog(t *testing.T) {
+func TestLoggerTruncateBytesCoverage(t *testing.T) {
+	if got := truncateBytes([]byte("abc"), 3); got != "abc" {
+		t.Fatalf("truncateBytes() = %q, want %q", got, "abc")
+	}
+	if got := truncateBytes([]byte("abcd"), 3); got != "abc..." {
+		t.Fatalf("truncateBytes() = %q, want %q", got, "abc...")
+	}
+	if got := truncateBytes([]byte("abcd"), -1); got != "" {
+		t.Fatalf("truncateBytes() = %q, want empty string", got)
+	}
+}
+
+func TestLoggerInternalLog(t *testing.T) {
 	logger := &Logger{
 		ch:        make(chan logEntry, 1),
 		done:      make(chan struct{}),
@@ -644,7 +766,7 @@ func TestRunLoggerInternalLog(t *testing.T) {
 
 	logger.log("INFO", "hello")
 	entry := <-done
-	if entry.level != "INFO" || entry.msg != "hello" {
+	if entry.msg != "hello" {
 		t.Fatalf("unexpected entry %+v", entry)
 	}
 
@@ -653,7 +775,7 @@ func TestRunLoggerInternalLog(t *testing.T) {
 	close(logger.done)
 }
 
-func TestRunParsePIDFromLog(t *testing.T) {
+func TestLoggerParsePIDFromLog(t *testing.T) {
 	hugePID := strconv.FormatInt(math.MaxInt64, 10) + "0"
 	tests := []struct {
 		name string
@@ -769,69 +891,93 @@ func (f fakeFileInfo) ModTime() time.Time { return f.modTime }
 func (f fakeFileInfo) IsDir() bool        { return false }
 func (f fakeFileInfo) Sys() interface{}   { return nil }
 
-func TestExtractRecentErrors(t *testing.T) {
+func TestLoggerExtractRecentErrors(t *testing.T) {
 	tests := []struct {
 		name       string
-		content    string
+		logs       []struct{ level, msg string }
 		maxEntries int
 		want       []string
 	}{
 		{
 			name:       "empty log",
-			content:    "",
+			logs:       nil,
 			maxEntries: 10,
 			want:       nil,
 		},
 		{
 			name: "no errors",
-			content: `[2025-01-01 12:00:00.000] [PID:123] INFO: started
-[2025-01-01 12:00:01.000] [PID:123] DEBUG: processing`,
+			logs: []struct{ level, msg string }{
+				{"INFO", "started"},
+				{"DEBUG", "processing"},
+			},
 			maxEntries: 10,
 			want:       nil,
 		},
 		{
 			name: "single error",
-			content: `[2025-01-01 12:00:00.000] [PID:123] INFO: started
-[2025-01-01 12:00:01.000] [PID:123] ERROR: something failed`,
+			logs: []struct{ level, msg string }{
+				{"INFO", "started"},
+				{"ERROR", "something failed"},
+			},
 			maxEntries: 10,
-			want:       []string{"[2025-01-01 12:00:01.000] [PID:123] ERROR: something failed"},
+			want:       []string{"something failed"},
 		},
 		{
 			name: "error and warn",
-			content: `[2025-01-01 12:00:00.000] [PID:123] INFO: started
-[2025-01-01 12:00:01.000] [PID:123] WARN: warning message
-[2025-01-01 12:00:02.000] [PID:123] ERROR: error message`,
+			logs: []struct{ level, msg string }{
+				{"INFO", "started"},
+				{"WARN", "warning message"},
+				{"ERROR", "error message"},
+			},
 			maxEntries: 10,
 			want: []string{
-				"[2025-01-01 12:00:01.000] [PID:123] WARN: warning message",
-				"[2025-01-01 12:00:02.000] [PID:123] ERROR: error message",
+				"warning message",
+				"error message",
 			},
 		},
 		{
 			name: "truncate to max",
-			content: `[2025-01-01 12:00:00.000] [PID:123] ERROR: error 1
-[2025-01-01 12:00:01.000] [PID:123] ERROR: error 2
-[2025-01-01 12:00:02.000] [PID:123] ERROR: error 3
-[2025-01-01 12:00:03.000] [PID:123] ERROR: error 4
-[2025-01-01 12:00:04.000] [PID:123] ERROR: error 5`,
+			logs: []struct{ level, msg string }{
+				{"ERROR", "error 1"},
+				{"ERROR", "error 2"},
+				{"ERROR", "error 3"},
+				{"ERROR", "error 4"},
+				{"ERROR", "error 5"},
+			},
 			maxEntries: 3,
 			want: []string{
-				"[2025-01-01 12:00:02.000] [PID:123] ERROR: error 3",
-				"[2025-01-01 12:00:03.000] [PID:123] ERROR: error 4",
-				"[2025-01-01 12:00:04.000] [PID:123] ERROR: error 5",
+				"error 3",
+				"error 4",
+				"error 5",
 			},
 		},
 	}
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			tempDir := t.TempDir()
-			logPath := filepath.Join(tempDir, "test.log")
-			if err := os.WriteFile(logPath, []byte(tt.content), 0o644); err != nil {
-				t.Fatalf("failed to write test log: %v", err)
+			logger, err := NewLoggerWithSuffix("extract-test")
+			if err != nil {
+				t.Fatalf("NewLoggerWithSuffix() error = %v", err)
+			}
+			defer logger.Close()
+			defer logger.RemoveLogFile()
+
+			// Write logs using logger methods
+			for _, entry := range tt.logs {
+				switch entry.level {
+				case "INFO":
+					logger.Info(entry.msg)
+				case "WARN":
+					logger.Warn(entry.msg)
+				case "ERROR":
+					logger.Error(entry.msg)
+				case "DEBUG":
+					logger.Debug(entry.msg)
+				}
 			}
 
-			logger := &Logger{path: logPath}
+			logger.Flush()
+
 			got := logger.ExtractRecentErrors(tt.maxEntries)
 
 			if len(got) != len(tt.want) {
@@ -846,23 +992,137 @@ func TestExtractRecentErrors(t *testing.T) {
 	}
 }
 
-func TestExtractRecentErrorsNilLogger(t *testing.T) {
+func TestLoggerExtractRecentErrorsNilLogger(t *testing.T) {
 	var logger *Logger
 	if got := logger.ExtractRecentErrors(10); got != nil {
 		t.Fatalf("nil logger ExtractRecentErrors() should return nil, got %v", got)
 	}
 }
 
-func TestExtractRecentErrorsEmptyPath(t *testing.T) {
+func TestLoggerExtractRecentErrorsEmptyPath(t *testing.T) {
 	logger := &Logger{path: ""}
 	if got := logger.ExtractRecentErrors(10); got != nil {
 		t.Fatalf("empty path ExtractRecentErrors() should return nil, got %v", got)
 	}
 }
 
-func TestExtractRecentErrorsFileNotExist(t *testing.T) {
+func TestLoggerExtractRecentErrorsFileNotExist(t *testing.T) {
 	logger := &Logger{path: "/nonexistent/path/to/log.log"}
 	if got := logger.ExtractRecentErrors(10); got != nil {
 		t.Fatalf("nonexistent file ExtractRecentErrors() should return nil, got %v", got)
 	}
 }
+
+func TestSanitizeLogSuffixNoDuplicates(t *testing.T) {
+	testCases := []string{
+		"task",
+		"task.",
+		".task",
+		"-task",
+		"task-",
+		"--task--",
+		"..task..",
+	}
+
+	seen := make(map[string]string)
+	for _, input := range testCases {
+		result := sanitizeLogSuffix(input)
+		if result == "" {
+			t.Fatalf("sanitizeLogSuffix(%q) returned empty string", input)
+		}
+
+		if prev, exists := seen[result]; exists {
+			t.Fatalf("collision detected: %q and %q both produce %q", input, prev, result)
+		}
+		seen[result] = input
+
+		// Verify result is safe for file names
+		if strings.ContainsAny(result, "/\\:*?\"<>|") {
+			t.Fatalf("sanitizeLogSuffix(%q) = %q contains unsafe characters", input, result)
+		}
+	}
+}
+
+func TestExtractRecentErrorsBoundaryCheck(t *testing.T) {
+	logger, err := NewLoggerWithSuffix("boundary-test")
+	if err != nil {
+		t.Fatalf("NewLoggerWithSuffix() error = %v", err)
+	}
+	defer logger.Close()
+	defer logger.RemoveLogFile()
+
+	// Write some errors
+	logger.Error("error 1")
+	logger.Warn("warn 1")
+	logger.Error("error 2")
+	logger.Flush()
+
+	// Test zero
+	result := logger.ExtractRecentErrors(0)
+	if result != nil {
+		t.Fatalf("ExtractRecentErrors(0) should return nil, got %v", result)
+	}
+
+	// Test negative
+	result = logger.ExtractRecentErrors(-5)
+	if result != nil {
+		t.Fatalf("ExtractRecentErrors(-5) should return nil, got %v", result)
+	}
+
+	// Test positive still works
+	result = logger.ExtractRecentErrors(10)
+	if len(result) != 3 {
+		t.Fatalf("ExtractRecentErrors(10) expected 3 entries, got %d", len(result))
+	}
+}
+
+func TestErrorEntriesMaxLimit(t *testing.T) {
+	logger, err := NewLoggerWithSuffix("max-limit-test")
+	if err != nil {
+		t.Fatalf("NewLoggerWithSuffix() error = %v", err)
+	}
+	defer logger.Close()
+	defer logger.RemoveLogFile()
+
+	// Write 150 error/warn entries
+	for i := 1; i <= 150; i++ {
+		if i%2 == 0 {
+			logger.Error(fmt.Sprintf("error-%03d", i))
+		} else {
+			logger.Warn(fmt.Sprintf("warn-%03d", i))
+		}
+	}
+	logger.Flush()
+
+	// Extract all cached errors
+	result := logger.ExtractRecentErrors(200) // Request more than cache size
+
+	// Should only have last 100 entries (entries 51-150 in sequence)
+	if len(result) != 100 {
+		t.Fatalf("expected 100 cached entries, got %d", len(result))
+	}
+
+	// Verify entries are the last 100 (entries 51-150)
+	if !strings.Contains(result[0], "051") {
+		t.Fatalf("first cached entry should be entry 51, got: %s", result[0])
+	}
+	if !strings.Contains(result[99], "150") {
+		t.Fatalf("last cached entry should be entry 150, got: %s", result[99])
+	}
+
+	// Verify order is preserved - simplified logic
+	for i := 0; i < len(result)-1; i++ {
+		expectedNum := 51 + i
+		nextNum := 51 + i + 1
+
+		expectedEntry := fmt.Sprintf("%03d", expectedNum)
+		nextEntry := fmt.Sprintf("%03d", nextNum)
+
+		if !strings.Contains(result[i], expectedEntry) {
+			t.Fatalf("entry at index %d should contain %s, got: %s", i, expectedEntry, result[i])
+		}
+		if !strings.Contains(result[i+1], nextEntry) {
+			t.Fatalf("entry at index %d should contain %s, got: %s", i+1, nextEntry, result[i+1])
+		}
+	}
+}

codeagent-wrapper/main.go

@@ -1,12 +1,12 @@
 package main
 
 import (
-	"encoding/json"
 	"fmt"
 	"io"
 	"os"
 	"os/exec"
 	"os/signal"
+	"path/filepath"
 	"reflect"
 	"strings"
 	"sync/atomic"
@@ -14,14 +14,15 @@ import (
 )
 
 const (
-	version             = "5.2.0"
-	defaultWorkdir      = "."
-	defaultTimeout      = 7200 // seconds
-	codexLogLineLimit   = 1000
-	stdinSpecialChars   = "\n\\\"'`$"
-	stderrCaptureLimit  = 4 * 1024
-	defaultBackendName  = "codex"
-	defaultCodexCommand = "codex"
+	version               = "5.6.3"
+	defaultWorkdir        = "."
+	defaultTimeout        = 7200 // seconds (2 hours)
+	defaultCoverageTarget = 90.0
+	codexLogLineLimit     = 1000
+	stdinSpecialChars     = "\n\\\"'`$"
+	stderrCaptureLimit    = 4 * 1024
+	defaultBackendName    = "codex"
+	defaultCodexCommand   = "codex"
 
 	// stdout close reasons
 	stdoutCloseReasonWait  = "wait-done"
@@ -41,7 +42,6 @@ var (
 	buildCodexArgsFn   = buildCodexArgs
 	selectBackendFn    = selectBackend
 	commandContext     = exec.CommandContext
-	jsonMarshal        = json.Marshal
 	cleanupLogsFn      = cleanupOldLogs
 	signalNotifyFn     = signal.Notify
 	signalStopFn       = signal.Stop
@@ -175,6 +175,9 @@ func run() (exitCode int) {
 
 		if parallelIndex != -1 {
 			backendName := defaultBackendName
+			model := ""
+			fullOutput := false
+			skipPermissions := envFlagEnabled("CODEAGENT_SKIP_PERMISSIONS")
 			var extras []string
 
 			for i := 0; i < len(args); i++ {
@@ -182,6 +185,8 @@ func run() (exitCode int) {
 				switch {
 				case arg == "--parallel":
 					continue
+				case arg == "--full-output":
+					fullOutput = true
 				case arg == "--backend":
 					if i+1 >= len(args) {
 						fmt.Fprintln(os.Stderr, "ERROR: --backend flag requires a value")
@@ -196,17 +201,38 @@ func run() (exitCode int) {
 						return 1
 					}
 					backendName = value
+				case arg == "--model":
+					if i+1 >= len(args) {
+						fmt.Fprintln(os.Stderr, "ERROR: --model flag requires a value")
+						return 1
+					}
+					model = args[i+1]
+					i++
+				case strings.HasPrefix(arg, "--model="):
+					value := strings.TrimPrefix(arg, "--model=")
+					if value == "" {
+						fmt.Fprintln(os.Stderr, "ERROR: --model flag requires a value")
+						return 1
+					}
+					model = value
+				case arg == "--skip-permissions", arg == "--dangerously-skip-permissions":
+					skipPermissions = true
+				case strings.HasPrefix(arg, "--skip-permissions="):
+					skipPermissions = parseBoolFlag(strings.TrimPrefix(arg, "--skip-permissions="), skipPermissions)
+				case strings.HasPrefix(arg, "--dangerously-skip-permissions="):
+					skipPermissions = parseBoolFlag(strings.TrimPrefix(arg, "--dangerously-skip-permissions="), skipPermissions)
 				default:
 					extras = append(extras, arg)
 				}
 			}
 
 			if len(extras) > 0 {
-				fmt.Fprintln(os.Stderr, "ERROR: --parallel reads its task configuration from stdin; only --backend is allowed.")
+				fmt.Fprintln(os.Stderr, "ERROR: --parallel reads its task configuration from stdin; only --backend, --model, --full-output and --skip-permissions are allowed.")
 				fmt.Fprintln(os.Stderr, "Usage examples:")
 				fmt.Fprintf(os.Stderr, "  %s --parallel < tasks.txt\n", name)
 				fmt.Fprintf(os.Stderr, "  echo '...' | %s --parallel\n", name)
 				fmt.Fprintf(os.Stderr, "  %s --parallel <<'EOF'\n", name)
+				fmt.Fprintf(os.Stderr, "  %s --parallel --full-output <<'EOF'  # include full task output\n", name)
 				return 1
 			}
 
@@ -230,10 +256,15 @@ func run() (exitCode int) {
 			}
 
 			cfg.GlobalBackend = backendName
+			model = strings.TrimSpace(model)
 			for i := range cfg.Tasks {
 				if strings.TrimSpace(cfg.Tasks[i].Backend) == "" {
 					cfg.Tasks[i].Backend = backendName
 				}
+				if strings.TrimSpace(cfg.Tasks[i].Model) == "" && model != "" {
+					cfg.Tasks[i].Model = model
+				}
+				cfg.Tasks[i].SkipPermissions = cfg.Tasks[i].SkipPermissions || skipPermissions
 			}
 
 			timeoutSec := resolveTimeout()
@@ -244,7 +275,33 @@ func run() (exitCode int) {
 			}
 
 			results := executeConcurrent(layers, timeoutSec)
-			fmt.Println(generateFinalOutput(results))
+
+			// Extract structured report fields from each result
+			for i := range results {
+				results[i].CoverageTarget = defaultCoverageTarget
+				if results[i].Message == "" {
+					continue
+				}
+
+				lines := strings.Split(results[i].Message, "\n")
+
+				// Coverage extraction
+				results[i].Coverage = extractCoverageFromLines(lines)
+				results[i].CoverageNum = extractCoverageNum(results[i].Coverage)
+
+				// Files changed
+				results[i].FilesChanged = extractFilesChangedFromLines(lines)
+
+				// Test results
+				results[i].TestsPassed, results[i].TestsFailed = extractTestResultsFromLines(lines)
+
+				// Key output summary
+				results[i].KeyOutput = extractKeyOutputFromLines(lines, 150)
+			}
+
+			// Default: summary mode (context-efficient)
+			// --full-output: legacy full output mode
+			fmt.Println(generateFinalOutputWithMode(results, !fullOutput))
 
 			exitCode = 0
 			for _, res := range results {
@@ -320,6 +377,15 @@ func run() (exitCode int) {
 		}
 	}
 
+	if strings.TrimSpace(cfg.PromptFile) != "" {
+		prompt, err := readAgentPromptFile(cfg.PromptFile, cfg.PromptFileExplicit)
+		if err != nil {
+			logError("Failed to read prompt file: " + err.Error())
+			return 1
+		}
+		taskText = wrapTaskWithAgentPrompt(prompt, taskText)
+	}
+
 	useStdin := cfg.ExplicitStdin || shouldUseStdin(taskText, piped)
 
 	targetArg := taskText
@@ -372,11 +438,14 @@ func run() (exitCode int) {
 	logInfo(fmt.Sprintf("%s running...", cfg.Backend))
 
 	taskSpec := TaskSpec{
-		Task:      taskText,
-		WorkDir:   cfg.WorkDir,
-		Mode:      cfg.Mode,
-		SessionID: cfg.SessionID,
-		UseStdin:  useStdin,
+		Task:            taskText,
+		WorkDir:         cfg.WorkDir,
+		Mode:            cfg.Mode,
+		SessionID:       cfg.SessionID,
+		Model:           cfg.Model,
+		ReasoningEffort: cfg.ReasoningEffort,
+		SkipPermissions: cfg.SkipPermissions,
+		UseStdin:        useStdin,
 	}
 
 	result := runTaskFn(taskSpec, false, cfg.Timeout)
@@ -393,6 +462,91 @@ func run() (exitCode int) {
 	return 0
 }
 
+func readAgentPromptFile(path string, allowOutsideClaudeDir bool) (string, error) {
+	raw := strings.TrimSpace(path)
+	if raw == "" {
+		return "", nil
+	}
+
+	expanded := raw
+	if raw == "~" || strings.HasPrefix(raw, "~/") || strings.HasPrefix(raw, "~\\") {
+		home, err := os.UserHomeDir()
+		if err != nil {
+			return "", err
+		}
+		if raw == "~" {
+			expanded = home
+		} else {
+			expanded = home + raw[1:]
+		}
+	}
+
+	absPath, err := filepath.Abs(expanded)
+	if err != nil {
+		return "", err
+	}
+	absPath = filepath.Clean(absPath)
+
+	home, err := os.UserHomeDir()
+	if err != nil {
+		if !allowOutsideClaudeDir {
+			return "", err
+		}
+		logWarn(fmt.Sprintf("Failed to resolve home directory for prompt file validation: %v; proceeding without restriction", err))
+	} else {
+		allowedDir := filepath.Clean(filepath.Join(home, ".claude"))
+		allowedAbs, err := filepath.Abs(allowedDir)
+		if err == nil {
+			allowedDir = filepath.Clean(allowedAbs)
+		}
+
+		isWithinDir := func(path, dir string) bool {
+			rel, err := filepath.Rel(dir, path)
+			if err != nil {
+				return false
+			}
+			rel = filepath.Clean(rel)
+			if rel == "." {
+				return true
+			}
+			if rel == ".." {
+				return false
+			}
+			prefix := ".." + string(os.PathSeparator)
+			return !strings.HasPrefix(rel, prefix)
+		}
+
+		if !allowOutsideClaudeDir {
+			if !isWithinDir(absPath, allowedDir) {
+				logWarn(fmt.Sprintf("Refusing to read prompt file outside %s: %s", allowedDir, absPath))
+				return "", fmt.Errorf("prompt file must be under %s", allowedDir)
+			}
+			resolvedPath, errPath := filepath.EvalSymlinks(absPath)
+			resolvedBase, errBase := filepath.EvalSymlinks(allowedDir)
+			if errPath == nil && errBase == nil {
+				resolvedPath = filepath.Clean(resolvedPath)
+				resolvedBase = filepath.Clean(resolvedBase)
+				if !isWithinDir(resolvedPath, resolvedBase) {
+					logWarn(fmt.Sprintf("Refusing to read prompt file outside %s (resolved): %s", resolvedBase, resolvedPath))
+					return "", fmt.Errorf("prompt file must be under %s", resolvedBase)
+				}
+			}
+		} else if !isWithinDir(absPath, allowedDir) {
+			logWarn(fmt.Sprintf("Reading prompt file outside %s: %s", allowedDir, absPath))
+		}
+	}
+
+	data, err := os.ReadFile(absPath)
+	if err != nil {
+		return "", err
+	}
+	return strings.TrimRight(string(data), "\r\n"), nil
+}
+
+func wrapTaskWithAgentPrompt(prompt string, task string) string {
+	return "<agent-prompt>\n" + prompt + "\n</agent-prompt>\n\n" + task
+}
+
 func setLogger(l *Logger) {
 	loggerPtr.Store(l)
 }
@@ -443,20 +597,24 @@ func printHelp() {
 Usage:
     %[1]s "task" [workdir]
     %[1]s --backend claude "task" [workdir]
+    %[1]s --prompt-file /path/to/prompt.md "task" [workdir]
     %[1]s - [workdir]              Read task from stdin
     %[1]s resume <session_id> "task" [workdir]
     %[1]s resume <session_id> - [workdir]
     %[1]s --parallel               Run tasks in parallel (config from stdin)
+    %[1]s --parallel --full-output Run tasks in parallel with full output (legacy)
     %[1]s --version
     %[1]s --help
 
 Parallel mode examples:
     %[1]s --parallel < tasks.txt
     echo '...' | %[1]s --parallel
+    %[1]s --parallel --full-output < tasks.txt
     %[1]s --parallel <<'EOF'
 
 Environment Variables:
-    CODEX_TIMEOUT  Timeout in milliseconds (default: 7200000)
+    CODEX_TIMEOUT         Timeout in milliseconds (default: 7200000)
+    CODEAGENT_ASCII_MODE  Use ASCII symbols instead of Unicode (PASS/WARN/FAIL)
 
 Exit Codes:
     0    Success

codeagent-wrapper/main_integration_test.go

@@ -46,10 +46,26 @@ func parseIntegrationOutput(t *testing.T, out string) integrationOutput {
 
 	lines := strings.Split(out, "\n")
 	var currentTask *TaskResult
+	inTaskResults := false
 
 	for _, line := range lines {
 		line = strings.TrimSpace(line)
-		if strings.HasPrefix(line, "Total:") {
+
+		// Parse new format header: "X tasks | Y passed | Z failed"
+		if strings.Contains(line, "tasks |") && strings.Contains(line, "passed |") {
+			parts := strings.Split(line, "|")
+			for _, p := range parts {
+				p = strings.TrimSpace(p)
+				if strings.HasSuffix(p, "tasks") {
+					fmt.Sscanf(p, "%d tasks", &payload.Summary.Total)
+				} else if strings.HasSuffix(p, "passed") {
+					fmt.Sscanf(p, "%d passed", &payload.Summary.Success)
+				} else if strings.HasSuffix(p, "failed") {
+					fmt.Sscanf(p, "%d failed", &payload.Summary.Failed)
+				}
+			}
+		} else if strings.HasPrefix(line, "Total:") {
+			// Legacy format: "Total: X | Success: Y | Failed: Z"
 			parts := strings.Split(line, "|")
 			for _, p := range parts {
 				p = strings.TrimSpace(p)
@@ -61,13 +77,72 @@ func parseIntegrationOutput(t *testing.T, out string) integrationOutput {
 					fmt.Sscanf(p, "Failed: %d", &payload.Summary.Failed)
 				}
 			}
+		} else if line == "## Task Results" {
+			inTaskResults = true
+		} else if line == "## Summary" {
+			// End of task results section
+			if currentTask != nil {
+				payload.Results = append(payload.Results, *currentTask)
+				currentTask = nil
+			}
+			inTaskResults = false
+		} else if inTaskResults && strings.HasPrefix(line, "### ") {
+			// New task: ### task-id ✓ 92% or ### task-id PASS 92% (ASCII mode)
+			if currentTask != nil {
+				payload.Results = append(payload.Results, *currentTask)
+			}
+			currentTask = &TaskResult{}
+
+			taskLine := strings.TrimPrefix(line, "### ")
+			success, warning, failed := getStatusSymbols()
+			// Parse different formats
+			if strings.Contains(taskLine, " "+success) {
+				parts := strings.Split(taskLine, " "+success)
+				currentTask.TaskID = strings.TrimSpace(parts[0])
+				currentTask.ExitCode = 0
+				// Extract coverage if present
+				if len(parts) > 1 {
+					coveragePart := strings.TrimSpace(parts[1])
+					if strings.HasSuffix(coveragePart, "%") {
+						currentTask.Coverage = coveragePart
+					}
+				}
+			} else if strings.Contains(taskLine, " "+warning) {
+				parts := strings.Split(taskLine, " "+warning)
+				currentTask.TaskID = strings.TrimSpace(parts[0])
+				currentTask.ExitCode = 0
+			} else if strings.Contains(taskLine, " "+failed) {
+				parts := strings.Split(taskLine, " "+failed)
+				currentTask.TaskID = strings.TrimSpace(parts[0])
+				currentTask.ExitCode = 1
+			} else {
+				currentTask.TaskID = taskLine
+			}
+		} else if currentTask != nil && inTaskResults {
+			// Parse task details
+			if strings.HasPrefix(line, "Exit code:") {
+				fmt.Sscanf(line, "Exit code: %d", &currentTask.ExitCode)
+			} else if strings.HasPrefix(line, "Error:") {
+				currentTask.Error = strings.TrimPrefix(line, "Error: ")
+			} else if strings.HasPrefix(line, "Log:") {
+				currentTask.LogPath = strings.TrimSpace(strings.TrimPrefix(line, "Log:"))
+			} else if strings.HasPrefix(line, "Did:") {
+				currentTask.KeyOutput = strings.TrimSpace(strings.TrimPrefix(line, "Did:"))
+			} else if strings.HasPrefix(line, "Detail:") {
+				// Error detail for failed tasks
+				if currentTask.Message == "" {
+					currentTask.Message = strings.TrimSpace(strings.TrimPrefix(line, "Detail:"))
+				}
+			}
 		} else if strings.HasPrefix(line, "--- Task:") {
+			// Legacy full output format
 			if currentTask != nil {
 				payload.Results = append(payload.Results, *currentTask)
 			}
 			currentTask = &TaskResult{}
 			currentTask.TaskID = strings.TrimSuffix(strings.TrimPrefix(line, "--- Task: "), " ---")
-		} else if currentTask != nil {
+		} else if currentTask != nil && !inTaskResults {
+			// Legacy format parsing
 			if strings.HasPrefix(line, "Status: SUCCESS") {
 				currentTask.ExitCode = 0
 			} else if strings.HasPrefix(line, "Status: FAILED") {
@@ -82,15 +157,11 @@ func parseIntegrationOutput(t *testing.T, out string) integrationOutput {
 				currentTask.SessionID = strings.TrimPrefix(line, "Session: ")
 			} else if strings.HasPrefix(line, "Log:") {
 				currentTask.LogPath = strings.TrimSpace(strings.TrimPrefix(line, "Log:"))
-			} else if line != "" && !strings.HasPrefix(line, "===") && !strings.HasPrefix(line, "---") {
-				if currentTask.Message != "" {
-					currentTask.Message += "\n"
-				}
-				currentTask.Message += line
 			}
 		}
 	}
 
+	// Handle last task
 	if currentTask != nil {
 		payload.Results = append(payload.Results, *currentTask)
 	}
@@ -98,32 +169,6 @@ func parseIntegrationOutput(t *testing.T, out string) integrationOutput {
 	return payload
 }
 
-func extractTaskBlock(t *testing.T, output, taskID string) string {
-	t.Helper()
-	header := fmt.Sprintf("--- Task: %s ---", taskID)
-	lines := strings.Split(output, "\n")
-	var block []string
-	collecting := false
-	for _, raw := range lines {
-		trimmed := strings.TrimSpace(raw)
-		if !collecting {
-			if trimmed == header {
-				collecting = true
-				block = append(block, trimmed)
-			}
-			continue
-		}
-		if strings.HasPrefix(trimmed, "--- Task: ") && trimmed != header {
-			break
-		}
-		block = append(block, trimmed)
-	}
-	if len(block) == 0 {
-		t.Fatalf("task block %s not found in output:\n%s", taskID, output)
-	}
-	return strings.Join(block, "\n")
-}
-
 func findResultByID(t *testing.T, payload integrationOutput, id string) TaskResult {
 	t.Helper()
 	for _, res := range payload.Results {
@@ -343,9 +388,10 @@ task-beta`
 	}
 
 	for _, id := range []string{"alpha", "beta"} {
-		want := fmt.Sprintf("Log: %s", logPathFor(id))
-		if !strings.Contains(output, want) {
-			t.Fatalf("parallel output missing %q for %s:\n%s", want, id, output)
+		// Summary mode shows log paths in table format, not "Log: xxx"
+		logPath := logPathFor(id)
+		if !strings.Contains(output, logPath) {
+			t.Fatalf("parallel output missing log path %q for %s:\n%s", logPath, id, output)
 		}
 	}
 }
@@ -426,10 +472,11 @@ ok-d`
 		t.Fatalf("expected startup banner in stderr, got:\n%s", stderrOut)
 	}
 
+	// After parallel log isolation fix, each task has its own log file
 	expectedLines := map[string]struct{}{
-		fmt.Sprintf("Task a: Log: %s", expectedLog): {},
-		fmt.Sprintf("Task b: Log: %s", expectedLog): {},
-		fmt.Sprintf("Task d: Log: %s", expectedLog): {},
+		fmt.Sprintf("Task a: Log: %s", filepath.Join(tempDir, fmt.Sprintf("codex-wrapper-%d-a.log", os.Getpid()))): {},
+		fmt.Sprintf("Task b: Log: %s", filepath.Join(tempDir, fmt.Sprintf("codex-wrapper-%d-b.log", os.Getpid()))): {},
+		fmt.Sprintf("Task d: Log: %s", filepath.Join(tempDir, fmt.Sprintf("codex-wrapper-%d-d.log", os.Getpid()))): {},
 	}
 
 	if len(taskLines) != len(expectedLines) {
@@ -549,16 +596,16 @@ ok-e`
 	if resD.LogPath != logPathFor("D") || resE.LogPath != logPathFor("E") {
 		t.Fatalf("expected log paths for D/E, got D=%q E=%q", resD.LogPath, resE.LogPath)
 	}
+	// Summary mode shows log paths in table, verify they appear in output
 	for _, id := range []string{"A", "D", "E"} {
-		block := extractTaskBlock(t, output, id)
-		want := fmt.Sprintf("Log: %s", logPathFor(id))
-		if !strings.Contains(block, want) {
-			t.Fatalf("task %s block missing %q:\n%s", id, want, block)
+		logPath := logPathFor(id)
+		if !strings.Contains(output, logPath) {
+			t.Fatalf("task %s log path %q not found in output:\n%s", id, logPath, output)
 		}
 	}
-	blockB := extractTaskBlock(t, output, "B")
-	if strings.Contains(blockB, "Log:") {
-		t.Fatalf("skipped task B should not emit a log line:\n%s", blockB)
+	// Task B was skipped, should have "-" or empty log path in table
+	if resB.LogPath != "" {
+		t.Fatalf("skipped task B should have empty log path, got %q", resB.LogPath)
 	}
 }
 
@@ -568,7 +615,6 @@ func TestRunParallelTimeoutPropagation(t *testing.T) {
 	t.Cleanup(func() {
 		runCodexTaskFn = origRun
 		resetTestHooks()
-		os.Unsetenv("CODEX_TIMEOUT")
 	})
 
 	var receivedTimeout int
@@ -577,7 +623,7 @@ func TestRunParallelTimeoutPropagation(t *testing.T) {
 		return TaskResult{TaskID: task.ID, ExitCode: 124, Error: "timeout"}
 	}
 
-	os.Setenv("CODEX_TIMEOUT", "1")
+	t.Setenv("CODEX_TIMEOUT", "1")
 	input := `---TASK---
 id: T
 ---CONTENT---

codeagent-wrapper/parser.go

@@ -50,12 +50,57 @@ func parseJSONStreamWithWarn(r io.Reader, warnFn func(string)) (message, threadI
 }
 
 func parseJSONStreamWithLog(r io.Reader, warnFn func(string), infoFn func(string)) (message, threadID string) {
-	return parseJSONStreamInternal(r, warnFn, infoFn, nil)
+	return parseJSONStreamInternal(r, warnFn, infoFn, nil, nil)
 }
 
-func parseJSONStreamInternal(r io.Reader, warnFn func(string), infoFn func(string), onMessage func()) (message, threadID string) {
-	scanner := bufio.NewScanner(r)
-	scanner.Buffer(make([]byte, 64*1024), 10*1024*1024)
+const (
+	jsonLineReaderSize   = 64 * 1024
+	jsonLineMaxBytes     = 10 * 1024 * 1024
+	jsonLinePreviewBytes = 256
+)
+
+// UnifiedEvent combines all backend event formats into a single structure
+// to avoid multiple JSON unmarshal operations per event
+type UnifiedEvent struct {
+	// Common fields
+	Type string `json:"type"`
+
+	// Codex-specific fields
+	ThreadID string          `json:"thread_id,omitempty"`
+	Item     json.RawMessage `json:"item,omitempty"` // Lazy parse
+
+	// Claude-specific fields
+	Subtype   string `json:"subtype,omitempty"`
+	SessionID string `json:"session_id,omitempty"`
+	Result    string `json:"result,omitempty"`
+
+	// Gemini-specific fields
+	Role    string `json:"role,omitempty"`
+	Content string `json:"content,omitempty"`
+	Delta   *bool  `json:"delta,omitempty"`
+	Status  string `json:"status,omitempty"`
+
+	// Opencode-specific fields (camelCase sessionID)
+	OpencodeSessionID string          `json:"sessionID,omitempty"`
+	Part              json.RawMessage `json:"part,omitempty"`
+}
+
+// OpencodePart represents the part field in opencode events
+type OpencodePart struct {
+	Type      string `json:"type"`
+	Text      string `json:"text,omitempty"`
+	Reason    string `json:"reason,omitempty"`
+	SessionID string `json:"sessionID,omitempty"`
+}
+
+// ItemContent represents the parsed item.text field for Codex events
+type ItemContent struct {
+	Type string      `json:"type"`
+	Text interface{} `json:"text"`
+}
+
+func parseJSONStreamInternal(r io.Reader, warnFn func(string), infoFn func(string), onMessage func(), onComplete func()) (message, threadID string) {
+	reader := bufio.NewReaderSize(r, jsonLineReaderSize)
 
 	if warnFn == nil {
 		warnFn = func(string) {}
@@ -70,59 +115,107 @@ func parseJSONStreamInternal(r io.Reader, warnFn func(string), infoFn func(strin
 		}
 	}
 
+	notifyComplete := func() {
+		if onComplete != nil {
+			onComplete()
+		}
+	}
+
 	totalEvents := 0
 
 	var (
-		codexMessage  string
-		claudeMessage string
-		geminiBuffer  strings.Builder
+		codexMessage    string
+		claudeMessage   string
+		geminiBuffer    strings.Builder
+		opencodeMessage strings.Builder
 	)
 
-	for scanner.Scan() {
-		line := strings.TrimSpace(scanner.Text())
-		if line == "" {
+	for {
+		line, tooLong, err := readLineWithLimit(reader, jsonLineMaxBytes, jsonLinePreviewBytes)
+		if err != nil {
+			if errors.Is(err, io.EOF) {
+				break
+			}
+			warnFn("Read stdout error: " + err.Error())
+			break
+		}
+
+		line = bytes.TrimSpace(line)
+		if len(line) == 0 {
 			continue
 		}
 		totalEvents++
 
-		var raw map[string]json.RawMessage
-		if err := json.Unmarshal([]byte(line), &raw); err != nil {
-			warnFn(fmt.Sprintf("Failed to parse line: %s", truncate(line, 100)))
+		if tooLong {
+			warnFn(fmt.Sprintf("Skipped overlong JSON line (> %d bytes): %s", jsonLineMaxBytes, truncateBytes(line, 100)))
 			continue
 		}
 
-		hasItemType := false
-		if rawItem, ok := raw["item"]; ok {
-			var itemMap map[string]json.RawMessage
-			if err := json.Unmarshal(rawItem, &itemMap); err == nil {
-				if _, ok := itemMap["type"]; ok {
-					hasItemType = true
-				}
-			}
+		// Single unmarshal for all backend types
+		var event UnifiedEvent
+		if err := json.Unmarshal(line, &event); err != nil {
+			warnFn(fmt.Sprintf("Failed to parse event: %s", truncateBytes(line, 100)))
+			continue
 		}
 
-		isCodex := hasItemType
-		if !isCodex {
-			if _, ok := raw["thread_id"]; ok {
+		// Detect backend type by field presence
+		isCodex := event.ThreadID != ""
+		if !isCodex && len(event.Item) > 0 {
+			var itemHeader struct {
+				Type string `json:"type"`
+			}
+			if json.Unmarshal(event.Item, &itemHeader) == nil && itemHeader.Type != "" {
 				isCodex = true
 			}
 		}
+		// Codex-specific event types without thread_id or item
+		if !isCodex && (event.Type == "turn.started" || event.Type == "turn.completed") {
+			isCodex = true
+		}
+		isClaude := event.Subtype != "" || event.Result != ""
+		if !isClaude && event.Type == "result" && event.SessionID != "" && event.Status == "" {
+			isClaude = true
+		}
+		isGemini := (event.Type == "init" && event.SessionID != "") || event.Role != "" || event.Delta != nil || event.Status != ""
+		isOpencode := event.OpencodeSessionID != "" && len(event.Part) > 0
 
-		switch {
-		case isCodex:
-			var event JSONEvent
-			if err := json.Unmarshal([]byte(line), &event); err != nil {
-				warnFn(fmt.Sprintf("Failed to parse Codex event: %s", truncate(line, 100)))
+		// Handle Opencode events first (most specific detection)
+		if isOpencode {
+			if threadID == "" {
+				threadID = event.OpencodeSessionID
+			}
+
+			var part OpencodePart
+			if err := json.Unmarshal(event.Part, &part); err != nil {
+				warnFn(fmt.Sprintf("Failed to parse opencode part: %s", err.Error()))
 				continue
 			}
 
+			// Extract sessionID from part if available
+			if part.SessionID != "" && threadID == "" {
+				threadID = part.SessionID
+			}
+
+			infoFn(fmt.Sprintf("Parsed Opencode event #%d type=%s part_type=%s", totalEvents, event.Type, part.Type))
+
+			if event.Type == "text" && part.Text != "" {
+				opencodeMessage.WriteString(part.Text)
+				notifyMessage()
+			}
+
+			if part.Type == "step-finish" && part.Reason == "stop" {
+				notifyComplete()
+			}
+			continue
+		}
+
+		// Handle Codex events
+		if isCodex {
 			var details []string
 			if event.ThreadID != "" {
 				details = append(details, fmt.Sprintf("thread_id=%s", event.ThreadID))
 			}
-			if event.Item != nil && event.Item.Type != "" {
-				details = append(details, fmt.Sprintf("item_type=%s", event.Item.Type))
-			}
+
 			if len(details) > 0 {
 				infoFn(fmt.Sprintf("Parsed event #%d type=%s (%s)", totalEvents, event.Type, strings.Join(details, ", ")))
 			} else {
@@ -133,27 +226,51 @@ func parseJSONStreamInternal(r io.Reader, warnFn func(string), infoFn func(strin
 			case "thread.started":
 				threadID = event.ThreadID
 				infoFn(fmt.Sprintf("thread.started event thread_id=%s", threadID))
+
+			case "thread.completed":
+				if event.ThreadID != "" && threadID == "" {
+					threadID = event.ThreadID
+				}
+				infoFn(fmt.Sprintf("thread.completed event thread_id=%s", event.ThreadID))
+				notifyComplete()
+
+			case "turn.completed":
+				infoFn("turn.completed event")
+				notifyComplete()
+
 			case "item.completed":
 				var itemType string
-				var normalized string
-				if event.Item != nil {
-					itemType = event.Item.Type
-					normalized = normalizeText(event.Item.Text)
+				if len(event.Item) > 0 {
+					var itemHeader struct {
+						Type string `json:"type"`
+					}
+					if err := json.Unmarshal(event.Item, &itemHeader); err == nil {
+						itemType = itemHeader.Type
+					}
 				}
-				infoFn(fmt.Sprintf("item.completed event item_type=%s message_len=%d", itemType, len(normalized)))
-				if event.Item != nil && event.Item.Type == "agent_message" && normalized != "" {
-					codexMessage = normalized
-					notifyMessage()
+
+				if itemType == "agent_message" && len(event.Item) > 0 {
+					// Lazy parse: only parse item content when needed
+					var item ItemContent
+					if err := json.Unmarshal(event.Item, &item); err == nil {
+						normalized := normalizeText(item.Text)
+						infoFn(fmt.Sprintf("item.completed event item_type=%s message_len=%d", itemType, len(normalized)))
+						if normalized != "" {
+							codexMessage = normalized
+							notifyMessage()
+						}
+					} else {
+						warnFn(fmt.Sprintf("Failed to parse item content: %s", err.Error()))
+					}
+				} else {
+					infoFn(fmt.Sprintf("item.completed event item_type=%s", itemType))
 				}
 			}
+			continue
+		}
 
-		case hasKey(raw, "subtype") || hasKey(raw, "result"):
-			var event ClaudeEvent
-			if err := json.Unmarshal([]byte(line), &event); err != nil {
-				warnFn(fmt.Sprintf("Failed to parse Claude event: %s", truncate(line, 100)))
-				continue
-			}
-
+		// Handle Claude events
+		if isClaude {
 			if event.SessionID != "" && threadID == "" {
 				threadID = event.SessionID
 			}
@@ -165,34 +282,46 @@ func parseJSONStreamInternal(r io.Reader, warnFn func(string), infoFn func(strin
 				notifyMessage()
 			}
 
-		case hasKey(raw, "role") || hasKey(raw, "delta"):
-			var event GeminiEvent
-			if err := json.Unmarshal([]byte(line), &event); err != nil {
-				warnFn(fmt.Sprintf("Failed to parse Gemini event: %s", truncate(line, 100)))
-				continue
+			if event.Type == "result" {
+				notifyComplete()
 			}
+			continue
+		}
 
+		// Handle Gemini events
+		if isGemini {
 			if event.SessionID != "" && threadID == "" {
 				threadID = event.SessionID
 			}
 
 			if event.Content != "" {
 				geminiBuffer.WriteString(event.Content)
-				notifyMessage()
 			}
 
-			infoFn(fmt.Sprintf("Parsed Gemini event #%d type=%s role=%s delta=%t status=%s content_len=%d", totalEvents, event.Type, event.Role, event.Delta, event.Status, len(event.Content)))
+			if event.Status != "" {
+				notifyMessage()
 
-		default:
-			warnFn(fmt.Sprintf("Unknown event format: %s", truncate(line, 100)))
+				if event.Type == "result" && (event.Status == "success" || event.Status == "error" || event.Status == "complete" || event.Status == "failed") {
+					notifyComplete()
+				}
+			}
+
+			delta := false
+			if event.Delta != nil {
+				delta = *event.Delta
+			}
+
+			infoFn(fmt.Sprintf("Parsed Gemini event #%d type=%s role=%s delta=%t status=%s content_len=%d", totalEvents, event.Type, event.Role, delta, event.Status, len(event.Content)))
+			continue
 		}
-	}
 
-	if err := scanner.Err(); err != nil && !errors.Is(err, io.EOF) {
-		warnFn("Read stdout error: " + err.Error())
+		// Unknown event format from other backends (turn.started/assistant/user); ignore.
+		continue
 	}
 
 	switch {
+	case opencodeMessage.Len() > 0:
+		message = opencodeMessage.String()
 	case geminiBuffer.Len() > 0:
 		message = geminiBuffer.String()
 	case claudeMessage != "":
@@ -236,6 +365,79 @@ func discardInvalidJSON(decoder *json.Decoder, reader *bufio.Reader) (*bufio.Rea
 	return bufio.NewReader(io.MultiReader(bytes.NewReader(remaining), reader)), err
 }
 
+func readLineWithLimit(r *bufio.Reader, maxBytes int, previewBytes int) (line []byte, tooLong bool, err error) {
+	if r == nil {
+		return nil, false, errors.New("reader is nil")
+	}
+	if maxBytes <= 0 {
+		return nil, false, errors.New("maxBytes must be > 0")
+	}
+	if previewBytes < 0 {
+		previewBytes = 0
+	}
+
+	part, isPrefix, err := r.ReadLine()
+	if err != nil {
+		return nil, false, err
+	}
+
+	if !isPrefix {
+		if len(part) > maxBytes {
+			return part[:min(len(part), previewBytes)], true, nil
+		}
+		return part, false, nil
+	}
+
+	preview := make([]byte, 0, min(previewBytes, len(part)))
+	if previewBytes > 0 {
+		preview = append(preview, part[:min(previewBytes, len(part))]...)
+	}
+
+	buf := make([]byte, 0, min(maxBytes, len(part)*2))
+	total := 0
+	if len(part) > maxBytes {
+		tooLong = true
+	} else {
+		buf = append(buf, part...)
+		total = len(part)
+	}
+
+	for isPrefix {
+		part, isPrefix, err = r.ReadLine()
+		if err != nil {
+			return nil, tooLong, err
+		}
+
+		if previewBytes > 0 && len(preview) < previewBytes {
+			preview = append(preview, part[:min(previewBytes-len(preview), len(part))]...)
+		}
+
+		if !tooLong {
+			if total+len(part) > maxBytes {
+				tooLong = true
+				continue
+			}
+			buf = append(buf, part...)
+			total += len(part)
+		}
+	}
+
+	if tooLong {
+		return preview, true, nil
+	}
+	return buf, false, nil
+}
+
+func truncateBytes(b []byte, maxLen int) string {
+	if len(b) <= maxLen {
+		return string(b)
+	}
+	if maxLen < 0 {
+		return ""
+	}
+	return string(b[:maxLen]) + "..."
+}
+
 func normalizeText(text interface{}) string {
 	switch v := text.(type) {
 	case string:

codeagent-wrapper/parser_opencode_test.go

@@ -0,0 +1,50 @@
+package main
+
+import (
+	"strings"
+	"testing"
+)
+
+func TestParseJSONStream_Opencode(t *testing.T) {
+	input := `{"type":"step_start","timestamp":1768187730683,"sessionID":"ses_44fced3c7ffe83sZpzY1rlQka3","part":{"id":"prt_bb0339afa001NTqoJ2NS8x91zP","sessionID":"ses_44fced3c7ffe83sZpzY1rlQka3","messageID":"msg_bb033866f0011oZxTqvfy0TKtS","type":"step-start","snapshot":"904f0fd58c125b79e60f0993e38f9d9f6200bf47"}}
+{"type":"text","timestamp":1768187744432,"sessionID":"ses_44fced3c7ffe83sZpzY1rlQka3","part":{"id":"prt_bb0339cb5001QDd0Lh0PzFZpa3","sessionID":"ses_44fced3c7ffe83sZpzY1rlQka3","messageID":"msg_bb033866f0011oZxTqvfy0TKtS","type":"text","text":"Hello from opencode"}}
+{"type":"step_finish","timestamp":1768187744471,"sessionID":"ses_44fced3c7ffe83sZpzY1rlQka3","part":{"id":"prt_bb033d0af0019VRZzpO2OVW1na","sessionID":"ses_44fced3c7ffe83sZpzY1rlQka3","messageID":"msg_bb033866f0011oZxTqvfy0TKtS","type":"step-finish","reason":"stop","snapshot":"904f0fd58c125b79e60f0993e38f9d9f6200bf47","cost":0}}`
+
+	message, threadID := parseJSONStream(strings.NewReader(input))
+
+	if threadID != "ses_44fced3c7ffe83sZpzY1rlQka3" {
+		t.Errorf("threadID = %q, want %q", threadID, "ses_44fced3c7ffe83sZpzY1rlQka3")
+	}
+	if message != "Hello from opencode" {
+		t.Errorf("message = %q, want %q", message, "Hello from opencode")
+	}
+}
+
+func TestParseJSONStream_Opencode_MultipleTextEvents(t *testing.T) {
+	input := `{"type":"text","sessionID":"ses_123","part":{"type":"text","text":"Part 1"}}
+{"type":"text","sessionID":"ses_123","part":{"type":"text","text":" Part 2"}}
+{"type":"step_finish","sessionID":"ses_123","part":{"type":"step-finish","reason":"stop"}}`
+
+	message, threadID := parseJSONStream(strings.NewReader(input))
+
+	if threadID != "ses_123" {
+		t.Errorf("threadID = %q, want %q", threadID, "ses_123")
+	}
+	if message != "Part 1 Part 2" {
+		t.Errorf("message = %q, want %q", message, "Part 1 Part 2")
+	}
+}
+
+func TestParseJSONStream_Opencode_NoStopReason(t *testing.T) {
+	input := `{"type":"text","sessionID":"ses_456","part":{"type":"text","text":"Content"}}
+{"type":"step_finish","sessionID":"ses_456","part":{"type":"step-finish","reason":"tool-calls"}}`
+
+	message, threadID := parseJSONStream(strings.NewReader(input))
+
+	if threadID != "ses_456" {
+		t.Errorf("threadID = %q, want %q", threadID, "ses_456")
+	}
+	if message != "Content" {
+		t.Errorf("message = %q, want %q", message, "Content")
+	}
+}

codeagent-wrapper/parser_token_too_long_test.go

@@ -0,0 +1,31 @@
+package main
+
+import (
+	"strings"
+	"testing"
+)
+
+func TestParseJSONStream_SkipsOverlongLineAndContinues(t *testing.T) {
+	// Exceed the 10MB bufio.Scanner limit in parseJSONStreamInternal.
+	tooLong := strings.Repeat("a", 11*1024*1024)
+
+	input := strings.Join([]string{
+		`{"type":"item.completed","item":{"type":"other_type","text":"` + tooLong + `"}}`,
+		`{"type":"thread.started","thread_id":"t-1"}`,
+		`{"type":"item.completed","item":{"type":"agent_message","text":"ok"}}`,
+	}, "\n")
+
+	var warns []string
+	warnFn := func(msg string) { warns = append(warns, msg) }
+
+	gotMessage, gotThreadID := parseJSONStreamInternal(strings.NewReader(input), warnFn, nil, nil, nil)
+	if gotMessage != "ok" {
+		t.Fatalf("message=%q, want %q (warns=%v)", gotMessage, "ok", warns)
+	}
+	if gotThreadID != "t-1" {
+		t.Fatalf("threadID=%q, want %q (warns=%v)", gotThreadID, "t-1", warns)
+	}
+	if len(warns) == 0 || !strings.Contains(warns[0], "Skipped overlong JSON line") {
+		t.Fatalf("expected warning about overlong JSON line, got %v", warns)
+	}
+}

codeagent-wrapper/parser_unknown_event_test.go

@@ -0,0 +1,32 @@
+package main
+
+import (
+	"strings"
+	"testing"
+)
+
+func TestBackendParseJSONStream_UnknownEventsAreSilent(t *testing.T) {
+	input := strings.Join([]string{
+		`{"type":"turn.started"}`,
+		`{"type":"assistant","text":"hi"}`,
+		`{"type":"user","text":"yo"}`,
+		`{"type":"item.completed","item":{"type":"agent_message","text":"ok"}}`,
+	}, "\n")
+
+	var infos []string
+	infoFn := func(msg string) { infos = append(infos, msg) }
+
+	message, threadID := parseJSONStreamInternal(strings.NewReader(input), nil, infoFn, nil, nil)
+	if message != "ok" {
+		t.Fatalf("message=%q, want %q (infos=%v)", message, "ok", infos)
+	}
+	if threadID != "" {
+		t.Fatalf("threadID=%q, want empty (infos=%v)", threadID, infos)
+	}
+
+	for _, msg := range infos {
+		if strings.Contains(msg, "Agent event:") {
+			t.Fatalf("unexpected log for unknown event: %q", msg)
+		}
+	}
+}

codeagent-wrapper/process_check_windows.go

@@ -17,10 +17,10 @@ const (
 )
 
 var (
-	findProcess       = os.FindProcess
-	kernel32          = syscall.NewLazyDLL("kernel32.dll")
-	getProcessTimes   = kernel32.NewProc("GetProcessTimes")
-	fileTimeToUnixFn  = fileTimeToUnix
+	findProcess      = os.FindProcess
+	kernel32         = syscall.NewLazyDLL("kernel32.dll")
+	getProcessTimes  = kernel32.NewProc("GetProcessTimes")
+	fileTimeToUnixFn = fileTimeToUnix
 )
 
 // isProcessRunning returns true if a process with the given pid is running on Windows.

codeagent-wrapper/process_check_windows_test.go

@@ -0,0 +1,64 @@
+//go:build windows
+// +build windows
+
+package main
+
+import (
+	"os"
+	"testing"
+	"time"
+)
+
+func TestIsProcessRunning(t *testing.T) {
+	t.Run("boundary values", func(t *testing.T) {
+		if isProcessRunning(0) {
+			t.Fatalf("expected pid 0 to be reported as not running")
+		}
+		if isProcessRunning(-1) {
+			t.Fatalf("expected pid -1 to be reported as not running")
+		}
+	})
+
+	t.Run("current process", func(t *testing.T) {
+		if !isProcessRunning(os.Getpid()) {
+			t.Fatalf("expected current process (pid=%d) to be running", os.Getpid())
+		}
+	})
+
+	t.Run("fake pid", func(t *testing.T) {
+		const nonexistentPID = 1 << 30
+		if isProcessRunning(nonexistentPID) {
+			t.Fatalf("expected pid %d to be reported as not running", nonexistentPID)
+		}
+	})
+}
+
+func TestGetProcessStartTimeReadsProcStat(t *testing.T) {
+	start := getProcessStartTime(os.Getpid())
+	if start.IsZero() {
+		t.Fatalf("expected non-zero start time for current process")
+	}
+	if start.After(time.Now().Add(5 * time.Second)) {
+		t.Fatalf("start time is unexpectedly in the future: %v", start)
+	}
+}
+
+func TestGetProcessStartTimeInvalidData(t *testing.T) {
+	if !getProcessStartTime(0).IsZero() {
+		t.Fatalf("expected zero time for pid 0")
+	}
+	if !getProcessStartTime(-1).IsZero() {
+		t.Fatalf("expected zero time for negative pid")
+	}
+	if !getProcessStartTime(1 << 30).IsZero() {
+		t.Fatalf("expected zero time for non-existent pid")
+	}
+}
+
+func TestGetBootTimeParsesBtime(t *testing.T) {
+	t.Skip("getBootTime is only implemented on Unix-like systems")
+}
+
+func TestGetBootTimeInvalidData(t *testing.T) {
+	t.Skip("getBootTime is only implemented on Unix-like systems")
+}

codeagent-wrapper/prompt_file_test.go

@@ -0,0 +1,163 @@
+package main
+
+import (
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"testing"
+)
+
+func TestWrapTaskWithAgentPrompt(t *testing.T) {
+	got := wrapTaskWithAgentPrompt("P", "do")
+	want := "<agent-prompt>\nP\n</agent-prompt>\n\ndo"
+	if got != want {
+		t.Fatalf("wrapTaskWithAgentPrompt mismatch:\n got=%q\nwant=%q", got, want)
+	}
+}
+
+func TestReadAgentPromptFile_EmptyPath(t *testing.T) {
+	for _, allowOutside := range []bool{false, true} {
+		got, err := readAgentPromptFile("   ", allowOutside)
+		if err != nil {
+			t.Fatalf("unexpected error (allowOutside=%v): %v", allowOutside, err)
+		}
+		if got != "" {
+			t.Fatalf("expected empty result (allowOutside=%v), got %q", allowOutside, got)
+		}
+	}
+}
+
+func TestReadAgentPromptFile_ExplicitAbsolutePath(t *testing.T) {
+	dir := t.TempDir()
+	path := filepath.Join(dir, "prompt.md")
+	if err := os.WriteFile(path, []byte("LINE1\n"), 0o644); err != nil {
+		t.Fatalf("WriteFile: %v", err)
+	}
+
+	got, err := readAgentPromptFile(path, true)
+	if err != nil {
+		t.Fatalf("readAgentPromptFile error: %v", err)
+	}
+	if got != "LINE1" {
+		t.Fatalf("got %q, want %q", got, "LINE1")
+	}
+}
+
+func TestReadAgentPromptFile_ExplicitTildeExpansion(t *testing.T) {
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	path := filepath.Join(home, "prompt.md")
+	if err := os.WriteFile(path, []byte("P\n"), 0o644); err != nil {
+		t.Fatalf("WriteFile: %v", err)
+	}
+
+	got, err := readAgentPromptFile("~/prompt.md", true)
+	if err != nil {
+		t.Fatalf("readAgentPromptFile error: %v", err)
+	}
+	if got != "P" {
+		t.Fatalf("got %q, want %q", got, "P")
+	}
+}
+
+func TestReadAgentPromptFile_RestrictedAllowsClaudeDir(t *testing.T) {
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	claudeDir := filepath.Join(home, ".claude")
+	if err := os.MkdirAll(claudeDir, 0o755); err != nil {
+		t.Fatalf("MkdirAll: %v", err)
+	}
+	path := filepath.Join(claudeDir, "prompt.md")
+	if err := os.WriteFile(path, []byte("OK\n"), 0o644); err != nil {
+		t.Fatalf("WriteFile: %v", err)
+	}
+
+	got, err := readAgentPromptFile("~/.claude/prompt.md", false)
+	if err != nil {
+		t.Fatalf("readAgentPromptFile error: %v", err)
+	}
+	if got != "OK" {
+		t.Fatalf("got %q, want %q", got, "OK")
+	}
+}
+
+func TestReadAgentPromptFile_RestrictedRejectsOutsideClaudeDir(t *testing.T) {
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	path := filepath.Join(home, "prompt.md")
+	if err := os.WriteFile(path, []byte("NO\n"), 0o644); err != nil {
+		t.Fatalf("WriteFile: %v", err)
+	}
+
+	if _, err := readAgentPromptFile("~/prompt.md", false); err == nil {
+		t.Fatalf("expected error for prompt file outside ~/.claude, got nil")
+	}
+}
+
+func TestReadAgentPromptFile_RestrictedRejectsTraversal(t *testing.T) {
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	path := filepath.Join(home, "secret.md")
+	if err := os.WriteFile(path, []byte("SECRET\n"), 0o644); err != nil {
+		t.Fatalf("WriteFile: %v", err)
+	}
+
+	if _, err := readAgentPromptFile("~/.claude/../secret.md", false); err == nil {
+		t.Fatalf("expected traversal to be rejected, got nil")
+	}
+}
+
+func TestReadAgentPromptFile_NotFound(t *testing.T) {
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	claudeDir := filepath.Join(home, ".claude")
+	if err := os.MkdirAll(claudeDir, 0o755); err != nil {
+		t.Fatalf("MkdirAll: %v", err)
+	}
+
+	_, err := readAgentPromptFile("~/.claude/missing.md", false)
+	if err == nil || !os.IsNotExist(err) {
+		t.Fatalf("expected not-exist error, got %v", err)
+	}
+}
+
+func TestReadAgentPromptFile_PermissionDenied(t *testing.T) {
+	if runtime.GOOS == "windows" {
+		t.Skip("chmod-based permission test is not reliable on Windows")
+	}
+
+	home := t.TempDir()
+	t.Setenv("HOME", home)
+	t.Setenv("USERPROFILE", home)
+
+	claudeDir := filepath.Join(home, ".claude")
+	if err := os.MkdirAll(claudeDir, 0o755); err != nil {
+		t.Fatalf("MkdirAll: %v", err)
+	}
+	path := filepath.Join(claudeDir, "private.md")
+	if err := os.WriteFile(path, []byte("PRIVATE\n"), 0o600); err != nil {
+		t.Fatalf("WriteFile: %v", err)
+	}
+	if err := os.Chmod(path, 0o000); err != nil {
+		t.Fatalf("Chmod: %v", err)
+	}
+
+	_, err := readAgentPromptFile("~/.claude/private.md", false)
+	if err == nil {
+		t.Fatalf("expected permission error, got nil")
+	}
+	if !os.IsPermission(err) && !strings.Contains(strings.ToLower(err.Error()), "permission") {
+		t.Fatalf("expected permission denied, got: %v", err)
+	}
+}

codeagent-wrapper/signal_unix.go

@@ -0,0 +1,16 @@
+//go:build unix || darwin || linux
+// +build unix darwin linux
+
+package main
+
+import (
+	"syscall"
+)
+
+// sendTermSignal sends SIGTERM for graceful shutdown on Unix.
+func sendTermSignal(proc processHandle) error {
+	if proc == nil {
+		return nil
+	}
+	return proc.Signal(syscall.SIGTERM)
+}

codeagent-wrapper/signal_windows.go

@@ -0,0 +1,87 @@
+//go:build windows
+// +build windows
+
+package main
+
+import (
+	"io"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strconv"
+	"strings"
+)
+
+// sendTermSignal on Windows directly kills the process.
+// SIGTERM is not supported on Windows.
+func sendTermSignal(proc processHandle) error {
+	if proc == nil {
+		return nil
+	}
+	pid := proc.Pid()
+	if pid > 0 {
+		// Kill the whole process tree to avoid leaving inheriting child processes around.
+		// This also helps prevent exec.Cmd.Wait() from blocking on stderr/stdout pipes held open by children.
+		taskkill := "taskkill"
+		if root := os.Getenv("SystemRoot"); root != "" {
+			taskkill = filepath.Join(root, "System32", "taskkill.exe")
+		}
+		cmd := exec.Command(taskkill, "/PID", strconv.Itoa(pid), "/T", "/F")
+		cmd.Stdout = io.Discard
+		cmd.Stderr = io.Discard
+		if err := cmd.Run(); err == nil {
+			return nil
+		}
+		if err := killProcessTree(pid); err == nil {
+			return nil
+		}
+	}
+	return proc.Kill()
+}
+
+func killProcessTree(pid int) error {
+	if pid <= 0 {
+		return nil
+	}
+
+	wmic := "wmic"
+	if root := os.Getenv("SystemRoot"); root != "" {
+		wmic = filepath.Join(root, "System32", "wbem", "WMIC.exe")
+	}
+
+	queryChildren := "(ParentProcessId=" + strconv.Itoa(pid) + ")"
+	listCmd := exec.Command(wmic, "process", "where", queryChildren, "get", "ProcessId", "/VALUE")
+	listCmd.Stderr = io.Discard
+	out, err := listCmd.Output()
+	if err == nil {
+		for _, childPID := range parseWMICPIDs(out) {
+			_ = killProcessTree(childPID)
+		}
+	}
+
+	querySelf := "(ProcessId=" + strconv.Itoa(pid) + ")"
+	termCmd := exec.Command(wmic, "process", "where", querySelf, "call", "terminate")
+	termCmd.Stdout = io.Discard
+	termCmd.Stderr = io.Discard
+	if termErr := termCmd.Run(); termErr != nil && err == nil {
+		err = termErr
+	}
+	return err
+}
+
+func parseWMICPIDs(out []byte) []int {
+	const prefix = "ProcessId="
+	var pids []int
+	for _, line := range strings.Split(string(out), "\n") {
+		line = strings.TrimSpace(line)
+		if !strings.HasPrefix(line, prefix) {
+			continue
+		}
+		n, err := strconv.Atoi(strings.TrimSpace(strings.TrimPrefix(line, prefix)))
+		if err != nil || n <= 0 {
+			continue
+		}
+		pids = append(pids, n)
+	}
+	return pids
+}

codeagent-wrapper/utils.go

@@ -75,9 +75,10 @@ func getEnv(key, defaultValue string) string {
 }
 
 type logWriter struct {
-	prefix string
-	maxLen int
-	buf    bytes.Buffer
+	prefix  string
+	maxLen  int
+	buf     bytes.Buffer
+	dropped bool
 }
 
 func newLogWriter(prefix string, maxLen int) *logWriter {
@@ -94,12 +95,12 @@ func (lw *logWriter) Write(p []byte) (int, error) {
 	total := len(p)
 	for len(p) > 0 {
 		if idx := bytes.IndexByte(p, '\n'); idx >= 0 {
-			lw.buf.Write(p[:idx])
+			lw.writeLimited(p[:idx])
 			lw.logLine(true)
 			p = p[idx+1:]
 			continue
 		}
-		lw.buf.Write(p)
+		lw.writeLimited(p)
 		break
 	}
 	return total, nil
@@ -117,21 +118,53 @@ func (lw *logWriter) logLine(force bool) {
 		return
 	}
 	line := lw.buf.String()
+	dropped := lw.dropped
+	lw.dropped = false
 	lw.buf.Reset()
 	if line == "" && !force {
 		return
 	}
-	if lw.maxLen > 0 && len(line) > lw.maxLen {
-		cutoff := lw.maxLen
-		if cutoff > 3 {
-			line = line[:cutoff-3] + "..."
-		} else {
-			line = line[:cutoff]
+	if lw.maxLen > 0 {
+		if dropped {
+			if lw.maxLen > 3 {
+				line = line[:min(len(line), lw.maxLen-3)] + "..."
+			} else {
+				line = line[:min(len(line), lw.maxLen)]
+			}
+		} else if len(line) > lw.maxLen {
+			cutoff := lw.maxLen
+			if cutoff > 3 {
+				line = line[:cutoff-3] + "..."
+			} else {
+				line = line[:cutoff]
+			}
 		}
 	}
 	logInfo(lw.prefix + line)
 }
 
+func (lw *logWriter) writeLimited(p []byte) {
+	if lw == nil || len(p) == 0 {
+		return
+	}
+	if lw.maxLen <= 0 {
+		lw.buf.Write(p)
+		return
+	}
+
+	remaining := lw.maxLen - lw.buf.Len()
+	if remaining <= 0 {
+		lw.dropped = true
+		return
+	}
+	if len(p) <= remaining {
+		lw.buf.Write(p)
+		return
+	}
+	lw.buf.Write(p[:remaining])
+	lw.dropped = true
+}
+
 type tailBuffer struct {
 	limit int
 	data  []byte
@@ -172,6 +205,55 @@ func truncate(s string, maxLen int) string {
 	return s[:maxLen] + "..."
 }
 
+// safeTruncate safely truncates string to maxLen, avoiding panic and UTF-8 corruption.
+func safeTruncate(s string, maxLen int) string {
+	if maxLen <= 0 || s == "" {
+		return ""
+	}
+
+	runes := []rune(s)
+	if len(runes) <= maxLen {
+		return s
+	}
+
+	if maxLen < 4 {
+		return string(runes[:1])
+	}
+
+	cutoff := maxLen - 3
+	if cutoff <= 0 {
+		return string(runes[:1])
+	}
+	if len(runes) <= cutoff {
+		return s
+	}
+	return string(runes[:cutoff]) + "..."
+}
+
+// sanitizeOutput removes ANSI escape sequences and control characters.
+func sanitizeOutput(s string) string {
+	var result strings.Builder
+	inEscape := false
+	for i := 0; i < len(s); i++ {
+		if s[i] == '\x1b' && i+1 < len(s) && s[i+1] == '[' {
+			inEscape = true
+			i++ // skip '['
+			continue
+		}
+		if inEscape {
+			if (s[i] >= 'A' && s[i] <= 'Z') || (s[i] >= 'a' && s[i] <= 'z') {
+				inEscape = false
+			}
+			continue
+		}
+		// Keep printable chars and common whitespace.
+		if s[i] >= 32 || s[i] == '\n' || s[i] == '\t' {
+			result.WriteByte(s[i])
+		}
+	}
+	return result.String()
+}
+
 func min(a, b int) int {
 	if a < b {
 		return a
@@ -190,3 +272,411 @@ func greet(name string) string {
 func farewell(name string) string {
 	return "goodbye " + name
 }
+
+// extractCoverageFromLines extracts coverage from pre-split lines.
+func extractCoverageFromLines(lines []string) string {
+	if len(lines) == 0 {
+		return ""
+	}
+
+	end := len(lines)
+	for end > 0 && strings.TrimSpace(lines[end-1]) == "" {
+		end--
+	}
+
+	if end == 1 {
+		trimmed := strings.TrimSpace(lines[0])
+		if strings.HasSuffix(trimmed, "%") {
+			if num, err := strconv.ParseFloat(strings.TrimSuffix(trimmed, "%"), 64); err == nil && num >= 0 && num <= 100 {
+				return trimmed
+			}
+		}
+	}
+
+	coverageKeywords := []string{"file", "stmt", "branch", "line", "coverage", "total"}
+
+	for _, line := range lines[:end] {
+		lower := strings.ToLower(line)
+
+		hasKeyword := false
+		tokens := strings.FieldsFunc(lower, func(r rune) bool { return r < 'a' || r > 'z' })
+		for _, token := range tokens {
+			for _, kw := range coverageKeywords {
+				if strings.HasPrefix(token, kw) {
+					hasKeyword = true
+					break
+				}
+			}
+			if hasKeyword {
+				break
+			}
+		}
+		if !hasKeyword {
+			continue
+		}
+		if !strings.Contains(line, "%") {
+			continue
+		}
+
+		// Extract percentage pattern: number followed by %
+		for i := 0; i < len(line); i++ {
+			if line[i] == '%' && i > 0 {
+				// Walk back to find the number
+				j := i - 1
+				for j >= 0 && (line[j] == '.' || (line[j] >= '0' && line[j] <= '9')) {
+					j--
+				}
+				if j < i-1 {
+					numStr := line[j+1 : i]
+					// Validate it's a reasonable percentage
+					if num, err := strconv.ParseFloat(numStr, 64); err == nil && num >= 0 && num <= 100 {
+						return numStr + "%"
+					}
+				}
+			}
+		}
+	}
+
+	return ""
+}
+
+// extractCoverage extracts coverage percentage from task output
+// Supports common formats: "Coverage: 92%", "92% coverage", "coverage 92%", "TOTAL 92%"
+func extractCoverage(message string) string {
+	if message == "" {
+		return ""
+	}
+
+	return extractCoverageFromLines(strings.Split(message, "\n"))
+}
+
+// extractCoverageNum extracts coverage as a numeric value for comparison
+func extractCoverageNum(coverage string) float64 {
+	if coverage == "" {
+		return 0
+	}
+	// Remove % sign and parse
+	numStr := strings.TrimSuffix(coverage, "%")
+	if num, err := strconv.ParseFloat(numStr, 64); err == nil {
+		return num
+	}
+	return 0
+}
+
+// extractFilesChangedFromLines extracts files from pre-split lines.
+func extractFilesChangedFromLines(lines []string) []string {
+	if len(lines) == 0 {
+		return nil
+	}
+
+	var files []string
+	seen := make(map[string]bool)
+	exts := []string{".ts", ".tsx", ".js", ".jsx", ".go", ".py", ".rs", ".java", ".vue", ".css", ".scss", ".md", ".json", ".yaml", ".yml", ".toml"}
+
+	for _, line := range lines {
+		line = strings.TrimSpace(line)
+
+		// Pattern 1: "Modified: path/to/file.ts" or "Created: path/to/file.ts"
+		matchedPrefix := false
+		for _, prefix := range []string{"Modified:", "Created:", "Updated:", "Edited:", "Wrote:", "Changed:"} {
+			if strings.HasPrefix(line, prefix) {
+				file := strings.TrimSpace(strings.TrimPrefix(line, prefix))
+				file = strings.Trim(file, "`,\"'()[],:")
+				file = strings.TrimPrefix(file, "@")
+				if file != "" && !seen[file] {
+					files = append(files, file)
+					seen[file] = true
+				}
+				matchedPrefix = true
+				break
+			}
+		}
+		if matchedPrefix {
+			continue
+		}
+
+		// Pattern 2: Tokens that look like file paths (allow root files, strip @ prefix).
+		parts := strings.Fields(line)
+		for _, part := range parts {
+			part = strings.Trim(part, "`,\"'()[],:")
+			part = strings.TrimPrefix(part, "@")
+			for _, ext := range exts {
+				if strings.HasSuffix(part, ext) && !seen[part] {
+					files = append(files, part)
+					seen[part] = true
+					break
+				}
+			}
+		}
+	}
+
+	// Limit to first 10 files to avoid bloat
+	if len(files) > 10 {
+		files = files[:10]
+	}
+
+	return files
+}
+
+// extractFilesChanged extracts list of changed files from task output
+// Looks for common patterns like "Modified: file.ts", "Created: file.ts", file paths in output
+func extractFilesChanged(message string) []string {
+	if message == "" {
+		return nil
+	}
+
+	return extractFilesChangedFromLines(strings.Split(message, "\n"))
+}
+
+// extractTestResultsFromLines extracts test results from pre-split lines.
+func extractTestResultsFromLines(lines []string) (passed, failed int) {
+	if len(lines) == 0 {
+		return 0, 0
+	}
+
+	// Common patterns:
+	// pytest: "12 passed, 2 failed"
+	// jest: "Tests: 2 failed, 12 passed"
+	// go: "ok ... 12 tests"
+
+	for _, line := range lines {
+		line = strings.ToLower(line)
+
+		// Look for test result lines
+		if !strings.Contains(line, "pass") && !strings.Contains(line, "fail") && !strings.Contains(line, "test") {
+			continue
+		}
+
+		// Extract numbers near "passed" or "pass"
+		if idx := strings.Index(line, "pass"); idx != -1 {
+			// Look for number before "pass"
+			num := extractNumberBefore(line, idx)
+			if num > 0 {
+				passed = num
+			}
+		}
+
+		// Extract numbers near "failed" or "fail"
+		if idx := strings.Index(line, "fail"); idx != -1 {
+			num := extractNumberBefore(line, idx)
+			if num > 0 {
+				failed = num
+			}
+		}
+
+		// go test style: "ok ... 12 tests"
+		if passed == 0 {
+			if idx := strings.Index(line, "test"); idx != -1 {
+				num := extractNumberBefore(line, idx)
+				if num > 0 {
+					passed = num
+				}
+			}
+		}
+
+		// If we found both, stop
+		if passed > 0 && failed > 0 {
+			break
+		}
+	}
+
+	return passed, failed
+}
+
+// extractTestResults extracts test pass/fail counts from task output
+func extractTestResults(message string) (passed, failed int) {
+	if message == "" {
+		return 0, 0
+	}
+
+	return extractTestResultsFromLines(strings.Split(message, "\n"))
+}
+
+// extractNumberBefore extracts a number that appears before the given index
+func extractNumberBefore(s string, idx int) int {
+	if idx <= 0 {
+		return 0
+	}
+
+	// Walk backwards to find digits
+	end := idx - 1
+	for end >= 0 && (s[end] == ' ' || s[end] == ':' || s[end] == ',') {
+		end--
+	}
+	if end < 0 {
+		return 0
+	}
+
+	start := end
+	for start >= 0 && s[start] >= '0' && s[start] <= '9' {
+		start--
+	}
+	start++
+
+	if start > end {
+		return 0
+	}
+
+	numStr := s[start : end+1]
+	if num, err := strconv.Atoi(numStr); err == nil {
+		return num
+	}
+	return 0
+}
+
+// extractKeyOutputFromLines extracts key output from pre-split lines.
+func extractKeyOutputFromLines(lines []string, maxLen int) string {
+	if len(lines) == 0 || maxLen <= 0 {
+		return ""
+	}
+
+	// Priority 1: Look for explicit summary lines
+	for _, line := range lines {
+		line = strings.TrimSpace(line)
+		lower := strings.ToLower(line)
+		if strings.HasPrefix(lower, "summary:") || strings.HasPrefix(lower, "completed:") ||
+			strings.HasPrefix(lower, "implemented:") || strings.HasPrefix(lower, "added:") ||
+			strings.HasPrefix(lower, "created:") || strings.HasPrefix(lower, "fixed:") {
+			content := line
+			for _, prefix := range []string{"Summary:", "Completed:", "Implemented:", "Added:", "Created:", "Fixed:",
+				"summary:", "completed:", "implemented:", "added:", "created:", "fixed:"} {
+				content = strings.TrimPrefix(content, prefix)
+			}
+			content = strings.TrimSpace(content)
+			if len(content) > 0 {
+				return safeTruncate(content, maxLen)
+			}
+		}
+	}
+
+	// Priority 2: First meaningful line (skip noise)
+	for _, line := range lines {
+		line = strings.TrimSpace(line)
+		if line == "" || strings.HasPrefix(line, "```") || strings.HasPrefix(line, "---") ||
+			strings.HasPrefix(line, "#") || strings.HasPrefix(line, "//") {
+			continue
+		}
+		// Skip very short lines (likely headers or markers)
+		if len(line) < 20 {
+			continue
+		}
+		return safeTruncate(line, maxLen)
+	}
+
+	// Fallback: truncate entire message
+	clean := strings.TrimSpace(strings.Join(lines, "\n"))
+	return safeTruncate(clean, maxLen)
+}
+
+// extractCoverageGap extracts what's missing from coverage reports
+// Looks for uncovered lines, branches, or functions
+func extractCoverageGap(message string) string {
+	if message == "" {
+		return ""
+	}
+
+	lower := strings.ToLower(message)
+	lines := strings.Split(message, "\n")
+
+	// Look for uncovered/missing patterns
+	for _, line := range lines {
+		lineLower := strings.ToLower(line)
+		line = strings.TrimSpace(line)
+
+		// Common patterns for uncovered code
+		if strings.Contains(lineLower, "uncovered") ||
+			strings.Contains(lineLower, "not covered") ||
+			strings.Contains(lineLower, "missing coverage") ||
+			strings.Contains(lineLower, "lines not covered") {
+			if len(line) > 100 {
+				return line[:97] + "..."
+			}
+			return line
+		}
+
+		// Look for specific file:line patterns in coverage reports
+		if strings.Contains(lineLower, "branch") && strings.Contains(lineLower, "not taken") {
+			if len(line) > 100 {
+				return line[:97] + "..."
+			}
+			return line
+		}
+	}
+
+	// Look for function names that aren't covered
+	if strings.Contains(lower, "function") && strings.Contains(lower, "0%") {
+		for _, line := range lines {
+			if strings.Contains(strings.ToLower(line), "0%") && strings.Contains(line, "function") {
+				line = strings.TrimSpace(line)
+				if len(line) > 100 {
+					return line[:97] + "..."
+				}
+				return line
+			}
+		}
+	}
+
+	return ""
+}
+
+// extractErrorDetail extracts meaningful error context from task output
+// Returns the most relevant error information up to maxLen characters
+func extractErrorDetail(message string, maxLen int) string {
+	if message == "" || maxLen <= 0 {
+		return ""
+	}
+
+	lines := strings.Split(message, "\n")
+	var errorLines []string
+
+	// Look for error-related lines
+	for _, line := range lines {
+		line = strings.TrimSpace(line)
+		if line == "" {
+			continue
+		}
+
+		lower := strings.ToLower(line)
+
+		// Skip noise lines
+		if strings.HasPrefix(line, "at ") && strings.Contains(line, "(") {
+			// Stack trace line - only keep first one
+			if len(errorLines) > 0 && strings.HasPrefix(strings.ToLower(errorLines[len(errorLines)-1]), "at ") {
+				continue
+			}
+		}
+
+		// Prioritize error/fail lines
+		if strings.Contains(lower, "error") ||
+			strings.Contains(lower, "fail") ||
+			strings.Contains(lower, "exception") ||
+			strings.Contains(lower, "assert") ||
+			strings.Contains(lower, "expected") ||
+			strings.Contains(lower, "timeout") ||
+			strings.Contains(lower, "not found") ||
+			strings.Contains(lower, "cannot") ||
+			strings.Contains(lower, "undefined") ||
+			strings.HasPrefix(line, "FAIL") ||
+			strings.HasPrefix(line, "●") {
+			errorLines = append(errorLines, line)
+		}
+	}
+
+	if len(errorLines) == 0 {
+		// No specific error lines found, take last few lines
+		start := len(lines) - 5
+		if start < 0 {
+			start = 0
+		}
+		for _, line := range lines[start:] {
+			line = strings.TrimSpace(line)
+			if line != "" {
+				errorLines = append(errorLines, line)
+			}
+		}
+	}
+
+	// Join and truncate
+	result := strings.Join(errorLines, " | ")
+	return safeTruncate(result, maxLen)
+}

codeagent-wrapper/utils_test.go

@@ -0,0 +1,143 @@
+package main
+
+import (
+	"fmt"
+	"reflect"
+	"strings"
+	"testing"
+)
+
+func TestExtractCoverage(t *testing.T) {
+	tests := []struct {
+		name string
+		in   string
+		want string
+	}{
+		{"bare int", "92%", "92%"},
+		{"bare float", "92.5%", "92.5%"},
+		{"coverage prefix", "coverage: 92%", "92%"},
+		{"total prefix", "TOTAL 92%", "92%"},
+		{"all files", "All files 92%", "92%"},
+		{"empty", "", ""},
+		{"no number", "coverage: N/A", ""},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := extractCoverage(tt.in); got != tt.want {
+				t.Fatalf("extractCoverage(%q) = %q, want %q", tt.in, got, tt.want)
+			}
+		})
+	}
+}
+
+func TestExtractTestResults(t *testing.T) {
+	tests := []struct {
+		name       string
+		in         string
+		wantPassed int
+		wantFailed int
+	}{
+		{"pytest one line", "12 passed, 2 failed", 12, 2},
+		{"pytest split lines", "12 passed\n2 failed", 12, 2},
+		{"jest format", "Tests: 2 failed, 12 passed, 14 total", 12, 2},
+		{"go test style count", "ok\texample.com/foo\t0.12s\t12 tests", 12, 0},
+		{"zero counts", "0 passed, 0 failed", 0, 0},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			passed, failed := extractTestResults(tt.in)
+			if passed != tt.wantPassed || failed != tt.wantFailed {
+				t.Fatalf("extractTestResults(%q) = (%d, %d), want (%d, %d)", tt.in, passed, failed, tt.wantPassed, tt.wantFailed)
+			}
+		})
+	}
+}
+
+func TestExtractFilesChanged(t *testing.T) {
+	tests := []struct {
+		name string
+		in   string
+		want []string
+	}{
+		{"root file", "Modified: main.go\n", []string{"main.go"}},
+		{"path file", "Created: codeagent-wrapper/utils.go\n", []string{"codeagent-wrapper/utils.go"}},
+		{"at prefix", "Updated: @codeagent-wrapper/main.go\n", []string{"codeagent-wrapper/main.go"}},
+		{"token scan", "Files: @main.go, @codeagent-wrapper/utils.go\n", []string{"main.go", "codeagent-wrapper/utils.go"}},
+		{"space path", "Modified: dir/with space/file.go\n", []string{"dir/with space/file.go"}},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := extractFilesChanged(tt.in); !reflect.DeepEqual(got, tt.want) {
+				t.Fatalf("extractFilesChanged(%q) = %#v, want %#v", tt.in, got, tt.want)
+			}
+		})
+	}
+
+	t.Run("limits to first 10", func(t *testing.T) {
+		var b strings.Builder
+		for i := 0; i < 12; i++ {
+			fmt.Fprintf(&b, "Modified: file%d.go\n", i)
+		}
+		got := extractFilesChanged(b.String())
+		if len(got) != 10 {
+			t.Fatalf("len(files)=%d, want 10: %#v", len(got), got)
+		}
+		for i := 0; i < 10; i++ {
+			want := fmt.Sprintf("file%d.go", i)
+			if got[i] != want {
+				t.Fatalf("files[%d]=%q, want %q", i, got[i], want)
+			}
+		}
+	})
+}
+
+func TestSafeTruncate(t *testing.T) {
+	tests := []struct {
+		name   string
+		in     string
+		maxLen int
+		want   string
+	}{
+		{"empty", "", 4, ""},
+		{"zero maxLen", "hello", 0, ""},
+		{"one rune", "你好", 1, "你"},
+		{"two runes no truncate", "你好", 2, "你好"},
+		{"three runes no truncate", "你好", 3, "你好"},
+		{"two runes truncates long", "你好世界", 2, "你"},
+		{"three runes truncates long", "你好世界", 3, "你"},
+		{"four with ellipsis", "你好世界啊", 4, "你..."},
+		{"emoji", "🙂🙂🙂🙂🙂", 4, "🙂..."},
+		{"no truncate", "你好世界", 4, "你好世界"},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := safeTruncate(tt.in, tt.maxLen); got != tt.want {
+				t.Fatalf("safeTruncate(%q, %d) = %q, want %q", tt.in, tt.maxLen, got, tt.want)
+			}
+		})
+	}
+}
+
+func TestSanitizeOutput(t *testing.T) {
+	tests := []struct {
+		name string
+		in   string
+		want string
+	}{
+		{"ansi", "\x1b[31mred\x1b[0m", "red"},
+		{"control chars", "a\x07b\r\nc\t", "ab\nc\t"},
+		{"normal", "hello\nworld\t!", "hello\nworld\t!"},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := sanitizeOutput(tt.in); got != tt.want {
+				t.Fatalf("sanitizeOutput(%q) = %q, want %q", tt.in, got, tt.want)
+			}
+		})
+	}
+}

config.json

@@ -20,9 +20,33 @@
         },
         {
           "type": "copy_file",
-          "source": "skills/codex/SKILL.md",
-          "target": "skills/codex/SKILL.md",
-          "description": "Install codex skill"
+          "source": "skills/codeagent/SKILL.md",
+          "target": "skills/codeagent/SKILL.md",
+          "description": "Install codeagent skill"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/product-requirements/SKILL.md",
+          "target": "skills/product-requirements/SKILL.md",
+          "description": "Install product-requirements skill"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/prototype-prompt-generator/SKILL.md",
+          "target": "skills/prototype-prompt-generator/SKILL.md",
+          "description": "Install prototype-prompt-generator skill"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/prototype-prompt-generator/references/prompt-structure.md",
+          "target": "skills/prototype-prompt-generator/references/prompt-structure.md",
+          "description": "Install prototype-prompt-generator prompt structure reference"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/prototype-prompt-generator/references/design-systems.md",
+          "target": "skills/prototype-prompt-generator/references/design-systems.md",
+          "description": "Install prototype-prompt-generator design systems reference"
         },
         {
           "type": "run_command",
@@ -84,6 +108,54 @@
           "description": "Copy development commands documentation"
         }
       ]
+    },
+    "omo": {
+      "enabled": false,
+      "description": "OmO multi-agent orchestration with Sisyphus coordinator",
+      "operations": [
+        {
+          "type": "copy_file",
+          "source": "skills/omo/SKILL.md",
+          "target": "skills/omo/SKILL.md",
+          "description": "Install omo skill"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/omo/references/oracle.md",
+          "target": "skills/omo/references/oracle.md",
+          "description": "Install oracle agent prompt"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/omo/references/librarian.md",
+          "target": "skills/omo/references/librarian.md",
+          "description": "Install librarian agent prompt"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/omo/references/explore.md",
+          "target": "skills/omo/references/explore.md",
+          "description": "Install explore agent prompt"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/omo/references/frontend-ui-ux-engineer.md",
+          "target": "skills/omo/references/frontend-ui-ux-engineer.md",
+          "description": "Install frontend-ui-ux-engineer agent prompt"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/omo/references/document-writer.md",
+          "target": "skills/omo/references/document-writer.md",
+          "description": "Install document-writer agent prompt"
+        },
+        {
+          "type": "copy_file",
+          "source": "skills/omo/references/develop.md",
+          "target": "skills/omo/references/develop.md",
+          "description": "Install develop agent prompt"
+        }
+      ]
     }
   }
 }

dev-workflow/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "dev",
+  "description": "Lightweight development workflow with requirements clarification, parallel codex execution, and mandatory 90% test coverage",
+  "version": "5.6.1",
+  "author": {
+    "name": "cexll",
+    "email": "cexll@cexll.com"
+  }
+}

dev-workflow/README.md

@@ -9,42 +9,56 @@ A freshly designed lightweight development workflow with no legacy baggage, focu
 ```
 /dev trigger
   ↓
+AskUserQuestion (backend selection)
+  ↓
 AskUserQuestion (requirements clarification)
   ↓
-codeagent analysis (plan mode + UI auto-detection)
+codeagent analysis (plan mode + task typing + UI auto-detection)
   ↓
 dev-plan-generator (create dev doc)
   ↓
-codeagent concurrent development (2–5 tasks, backend split)
+codeagent concurrent development (2–5 tasks, backend routing)
   ↓
 codeagent testing & verification (≥90% coverage)
   ↓
 Done (generate summary)
 ```
 
-## The 6 Steps
+## Step 0 + The 6 Steps
+
+### 0. Select Allowed Backends (FIRST ACTION)
+- Use **AskUserQuestion** with multiSelect to ask which backends are allowed for this run
+- Options (user can select multiple):
+  - `codex` - Stable, high quality, best cost-performance (default for most tasks)
+  - `claude` - Fast, lightweight (for quick fixes and config changes)
+  - `gemini` - UI/UX specialist (for frontend styling and components)
+- If user selects ONLY `codex`, ALL subsequent tasks must use `codex` (including UI/quick-fix)
 
 ### 1. Clarify Requirements
 - Use **AskUserQuestion** to ask the user directly
 - No scoring system, no complex logic
 - 2–3 rounds of Q&A until the requirement is clear
 
-### 2. codeagent Analysis & UI Detection
+### 2. codeagent Analysis + Task Typing + UI Detection
 - Call codeagent to analyze the request in plan mode style
 - Extract: core functions, technical points, task list (2–5 items)
+- For each task, assign exactly one type: `default` / `ui` / `quick-fix`
 - UI auto-detection: needs UI work when task involves style assets (.css, .scss, styled-components, CSS modules, tailwindcss) OR frontend component files (.tsx, .jsx, .vue); output yes/no plus evidence
 
 ### 3. Generate Dev Doc
 - Call the **dev-plan-generator** agent
 - Produce a single `dev-plan.md`
 - Append a dedicated UI task when Step 2 marks `needs_ui: true`
-- Include: task breakdown, file scope, dependencies, test commands
+- Include: task breakdown, `type`, file scope, dependencies, test commands
 
 ### 4. Concurrent Development
 - Work from the task list in dev-plan.md
-- Use codeagent per task with explicit backend selection:
-  - Backend/API/DB tasks → `--backend codex` (default)
-  - UI/style/component tasks → `--backend gemini` (enforced)
+- Route backend per task type (with user constraints + fallback):
+  - `default` → `codex`
+  - `ui` → `gemini` (enforced when allowed)
+  - `quick-fix` → `claude`
+  - Missing `type` → treat as `default`
+  - If the preferred backend is not allowed, fallback to an allowed backend by priority: `codex` → `claude` → `gemini`
 - Independent tasks → run in parallel
 - Conflicting tasks → run serially
 
@@ -65,7 +79,7 @@ Done (generate summary)
 /dev "Implement user login with email + password"
 ```
 
-**No options**, fixed workflow, works out of the box.
+No CLI flags required; workflow starts with an interactive backend selection.
 
 ## Output Structure
 
@@ -80,14 +94,14 @@ Only one file—minimal and clear.
 
 ### Tools
 - **AskUserQuestion**: interactive requirement clarification
-- **codeagent skill**: analysis, development, testing; supports `--backend` for codex (default) or gemini (UI)
+- **codeagent skill**: analysis, development, testing; supports `--backend` for `codex` / `claude` / `gemini`
 - **dev-plan-generator agent**: generate dev doc (subagent via Task tool, saves context)
 
-## UI Auto-Detection & Backend Routing
+## Backend Selection & Routing
+- **Step 0**: user selects allowed backends; if `仅 codex`, all tasks use codex
 - **UI detection standard**: style files (.css, .scss, styled-components, CSS modules, tailwindcss) OR frontend component code (.tsx, .jsx, .vue) trigger `needs_ui: true`
-- **Flow impact**: Step 2 auto-detects UI work; Step 3 appends a separate UI task in `dev-plan.md` when detected
-- **Backend split**: backend/API tasks use codex backend (default); UI tasks force gemini backend
-- **Implementation**: Orchestrator invokes codeagent skill with appropriate backend parameter per task type
+- **Task type field**: each task in `dev-plan.md` must have `type: default|ui|quick-fix`
+- **Routing**: `default`→codex, `ui`→gemini, `quick-fix`→claude; if disallowed, fallback to an allowed backend by priority: codex→claude→gemini
 
 ## Key Features
 
@@ -102,9 +116,9 @@ Only one file—minimal and clear.
 - Steps are straightforward
 
 ### ✅ Concurrency
-- 2–5 tasks in parallel
+- Tasks split based on natural functional boundaries
 - Auto-detect dependencies and conflicts
-- codeagent executes independently
+- codeagent executes independently with optimal backend
 
 ### ✅ Quality Assurance
 - Enforces 90% coverage
@@ -117,6 +131,10 @@ Only one file—minimal and clear.
 # Trigger
 /dev "Add user login feature"
 
+# Step 0: Select backends
+Q: Which backends are allowed? (multiSelect)
+A: Selected: codex, claude
+
 # Step 1: Clarify requirements
 Q: What login methods are supported?
 A: Email + password
@@ -126,18 +144,18 @@ A: Yes, use JWT token
 # Step 2: codeagent analysis
 Output:
 - Core: email/password login + JWT auth
-- Task 1: Backend API
-- Task 2: Password hashing
-- Task 3: Frontend form
+- Task 1: Backend API (type=default)
+- Task 2: Password hashing (type=default)
+- Task 3: Frontend form (type=ui)
 UI detection: needs_ui = true (tailwindcss classes in frontend form)
 
 # Step 3: Generate doc
-dev-plan.md generated with backend + UI tasks ✓
+dev-plan.md generated with typed tasks ✓
 
-# Step 4-5: Concurrent development (backend codex, UI gemini)
+# Step 4-5: Concurrent development (routing + fallback)
 [task-1] Backend API (codex) → tests → 92% ✓
 [task-2] Password hashing (codex) → tests → 95% ✓
-[task-3] Frontend form (gemini) → tests → 91% ✓
+[task-3] Frontend form (fallback to codex; gemini not allowed) → tests → 91% ✓
 ```
 
 ## Directory Structure

dev-workflow/agents/dev-plan-generator.md

@@ -1,6 +1,6 @@
 ---
 name: dev-plan-generator
-description: Use this agent when you need to generate a structured development plan document (`dev-plan.md`) that breaks down a feature into concrete implementation tasks with testing requirements and acceptance criteria. This agent should be called after requirements analysis and before actual implementation begins.\n\n<example>\nContext: User is orchestrating a feature development workflow and needs to create a development plan after Codex analysis is complete.\nuser: "Create a development plan for the user authentication feature based on the requirements and analysis"\nassistant: "I'll use the Task tool to launch the dev-plan-generator agent to create the structured development plan document."\n<commentary>\nThe user needs a dev-plan.md document generated from requirements and analysis. Use the dev-plan-generator agent to create the structured task breakdown.\n</commentary>\n</example>\n\n<example>\nContext: Orchestrator has completed requirements gathering and Codex analysis for a new feature and needs to generate the development plan before moving to implementation.\nuser: "We've completed the analysis for the payment integration feature. Generate the development plan."\nassistant: "I'm going to use the Task tool to launch the dev-plan-generator agent to create the dev-plan.md document with task breakdown and testing requirements."\n<commentary>\nThis is the step in the workflow where the development plan document needs to be generated. Use the dev-plan-generator agent to create the structured plan.\n</commentary>\n</example>\n\n<example>\nContext: User is working through a requirements-driven workflow and has just approved the technical specifications.\nuser: "The specs look good. Let's move forward with creating the implementation plan."\nassistant: "I'll use the Task tool to launch the dev-plan-generator agent to generate the dev-plan.md document with the task breakdown."\n<commentary>\nAfter spec approval, the next step is generating the development plan. Use the dev-plan-generator agent to create the structured document.\n</commentary>\n</example>
+description: Use this agent when you need to generate a structured development plan document (`dev-plan.md`) that breaks down a feature into concrete implementation tasks with testing requirements and acceptance criteria. This agent should be called after requirements analysis and before actual implementation begins.\n\n<example>\nContext: User is orchestrating a feature development workflow and needs to create a development plan after codeagent analysis is complete.\nuser: "Create a development plan for the user authentication feature based on the requirements and analysis"\nassistant: "I'll use the Task tool to launch the dev-plan-generator agent to create the structured development plan document."\n<commentary>\nThe user needs a dev-plan.md document generated from requirements and analysis. Use the dev-plan-generator agent to create the structured task breakdown.\n</commentary>\n</example>\n\n<example>\nContext: Orchestrator has completed requirements gathering and codeagent analysis for a new feature and needs to generate the development plan before moving to implementation.\nuser: "We've completed the analysis for the payment integration feature. Generate the development plan."\nassistant: "I'm going to use the Task tool to launch the dev-plan-generator agent to create the dev-plan.md document with task breakdown and testing requirements."\n<commentary>\nThis is the step in the workflow where the development plan document needs to be generated. Use the dev-plan-generator agent to create the structured plan.\n</commentary>\n</example>\n\n<example>\nContext: User is working through a requirements-driven workflow and has just approved the technical specifications.\nuser: "The specs look good. Let's move forward with creating the implementation plan."\nassistant: "I'll use the Task tool to launch the dev-plan-generator agent to generate the dev-plan.md document with the task breakdown."\n<commentary>\nAfter spec approval, the next step is generating the development plan. Use the dev-plan-generator agent to create the structured document.\n</commentary>\n</example>
 tools: Glob, Grep, Read, Edit, Write, TodoWrite
 model: sonnet
 color: green
@@ -12,7 +12,7 @@ You are a specialized Development Plan Document Generator. Your sole responsibil
 
 You receive context from an orchestrator including:
 - Feature requirements description
-- codeagent analysis results (feature highlights, task decomposition, UI detection flag)
+- codeagent analysis results (feature highlights, task decomposition, UI detection flag, and task typing hints)
 - Feature name (in kebab-case format)
 
 Your output is a single file: `./.claude/specs/{feature_name}/dev-plan.md`
@@ -29,6 +29,7 @@ Your output is a single file: `./.claude/specs/{feature_name}/dev-plan.md`
 
 ### Task 1: [Task Name]
 - **ID**: task-1
+- **type**: default|ui|quick-fix
 - **Description**: [What needs to be done]
 - **File Scope**: [Directories or files involved, e.g., src/auth/**, tests/auth/]
 - **Dependencies**: [None or depends on task-x]
@@ -38,7 +39,7 @@ Your output is a single file: `./.claude/specs/{feature_name}/dev-plan.md`
 ### Task 2: [Task Name]
 ...
 
-(2-5 tasks)
+(Tasks based on natural functional boundaries, typically 2-5)
 
 ## Acceptance Criteria
 - [ ] Feature point 1
@@ -53,9 +54,13 @@ Your output is a single file: `./.claude/specs/{feature_name}/dev-plan.md`
 
 ## Generation Rules You Must Enforce
 
-1. **Task Count**: Generate 2-5 tasks (no more, no less unless the feature is extremely simple or complex)
+1. **Task Count**: Generate tasks based on natural functional boundaries (no artificial limits)
+   - Typical range: 2-5 tasks
+   - Quality over quantity: prefer fewer well-scoped tasks over excessive fragmentation
+   - Each task should be independently completable by one agent
 2. **Task Requirements**: Each task MUST include:
    - Clear ID (task-1, task-2, etc.)
+   - A single task type field: `type: default|ui|quick-fix`
    - Specific description of what needs to be done
    - Explicit file scope (directories or files affected)
    - Dependency declaration ("None" or "depends on task-x")
@@ -67,18 +72,23 @@ Your output is a single file: `./.claude/specs/{feature_name}/dev-plan.md`
 
 ## Your Workflow
 
-1. **Analyze Input**: Review the requirements description and codeagent analysis results (including `needs_ui` flag if present)
+1. **Analyze Input**: Review the requirements description and codeagent analysis results (including `needs_ui` and any task typing hints)
 2. **Identify Tasks**: Break down the feature into 2-5 logical, independent tasks
 3. **Determine Dependencies**: Map out which tasks depend on others (minimize dependencies)
-4. **Specify Testing**: For each task, define the exact test command and coverage requirements
-5. **Define Acceptance**: List concrete, measurable acceptance criteria including the 90% coverage requirement
-6. **Document Technical Points**: Note key technical decisions and constraints
-7. **Write File**: Use the Write tool to create `./.claude/specs/{feature_name}/dev-plan.md`
+4. **Assign Task Type**: For each task, set exactly one `type`:
+   - `ui`: touches UI/style/component work (e.g., .css/.scss/.tsx/.jsx/.vue, tailwind, design tweaks)
+   - `quick-fix`: small, fast changes (config tweaks, small bug fix, minimal scope); do NOT use for UI work
+   - `default`: everything else
+   - Note: `/dev` Step 4 routes backend by `type` (default→codex, ui→gemini, quick-fix→claude; missing type → default)
+5. **Specify Testing**: For each task, define the exact test command and coverage requirements
+6. **Define Acceptance**: List concrete, measurable acceptance criteria including the 90% coverage requirement
+7. **Document Technical Points**: Note key technical decisions and constraints
+8. **Write File**: Use the Write tool to create `./.claude/specs/{feature_name}/dev-plan.md`
 
 ## Quality Checks Before Writing
 
 - [ ] Task count is between 2-5
-- [ ] Every task has all 6 required fields (ID, Description, File Scope, Dependencies, Test Command, Test Focus)
+- [ ] Every task has all required fields (ID, type, Description, File Scope, Dependencies, Test Command, Test Focus)
 - [ ] Test commands include coverage parameters
 - [ ] Dependencies are explicitly stated
 - [ ] Acceptance criteria includes 90% coverage requirement

dev-workflow/commands/dev.md

@@ -1,28 +1,81 @@
 ---
-description: Extreme lightweight end-to-end development workflow with requirements clarification, parallel codeagent execution, and mandatory 90% test coverage
+description: Extreme lightweight end-to-end development workflow with requirements clarification, intelligent backend selection, parallel codeagent execution, and mandatory 90% test coverage
 ---
 
-
 You are the /dev Workflow Orchestrator, an expert development workflow manager specializing in orchestrating minimal, efficient end-to-end development processes with parallel task execution and rigorous test coverage validation.
 
+---
+
+## CRITICAL CONSTRAINTS (NEVER VIOLATE)
+
+These rules have HIGHEST PRIORITY and override all other instructions:
+
+1. **NEVER use Edit, Write, or MultiEdit tools directly** - ALL code changes MUST go through codeagent-wrapper
+2. **MUST use AskUserQuestion in Step 0** - Backend selection MUST be the FIRST action (before requirement clarification)
+3. **MUST use AskUserQuestion in Step 1** - Do NOT skip requirement clarification
+4. **MUST use TodoWrite after Step 1** - Create task tracking list before any analysis
+5. **MUST use codeagent-wrapper for Step 2 analysis** - Do NOT use Read/Glob/Grep directly for deep analysis
+6. **MUST wait for user confirmation in Step 3** - Do NOT proceed to Step 4 without explicit approval
+7. **MUST invoke codeagent-wrapper --parallel for Step 4 execution** - Use Bash tool, NOT Edit/Write or Task tool
+
+**Violation of any constraint above invalidates the entire workflow. Stop and restart if violated.**
+
+---
+
 **Core Responsibilities**
-- Orchestrate a streamlined 6-step development workflow:
+- Orchestrate a streamlined 7-step development workflow (Step 0 + Step 1–6):
+  0. Backend selection (user constrained)
   1. Requirement clarification through targeted questioning
-  2. Technical analysis using codeagent
+  2. Technical analysis using codeagent-wrapper
   3. Development documentation generation
-  4. Parallel development execution
+  4. Parallel development execution (backend routing per task type)
   5. Coverage validation (≥90% requirement)
   6. Completion summary
 
 **Workflow Execution**
-- **Step 1: Requirement Clarification**
-  - Use AskUserQuestion to clarify requirements directly
+- **Step 0: Backend Selection [MANDATORY - FIRST ACTION]**
+  - MUST use AskUserQuestion tool as the FIRST action with multiSelect enabled
+  - Ask which backends are allowed for this /dev run
+  - Options (user can select multiple):
+    - `codex` - Stable, high quality, best cost-performance (default for most tasks)
+    - `claude` - Fast, lightweight (for quick fixes and config changes)
+    - `gemini` - UI/UX specialist (for frontend styling and components)
+  - Store the selected backends as `allowed_backends` set for routing in Step 4
+  - Special rule: if user selects ONLY `codex`, then ALL subsequent tasks (including UI/quick-fix) MUST use `codex` (no exceptions)
+
+- **Step 1: Requirement Clarification [MANDATORY - DO NOT SKIP]**
+  - MUST use AskUserQuestion tool
   - Focus questions on functional boundaries, inputs/outputs, constraints, testing, and required unit-test coverage levels
   - Iterate 2-3 rounds until clear; rely on judgment; keep questions concise
+  - After clarification complete: MUST use TodoWrite to create task tracking list with workflow steps
 
-- **Step 2: codeagent Deep Analysis (Plan Mode Style)**
+- **Step 2: codeagent-wrapper Deep Analysis (Plan Mode Style) [USE CODEAGENT-WRAPPER ONLY]**
 
-  Use codeagent Skill to perform deep analysis. codeagent should operate in "plan mode" style and must include UI detection:
+  MUST use Bash tool to invoke `codeagent-wrapper` for deep analysis. Do NOT use Read/Glob/Grep tools directly - delegate all exploration to codeagent-wrapper.
+
+  **How to invoke for analysis**:
+  ```bash
+  # analysis_backend selection:
+  # - prefer codex if it is in allowed_backends
+  # - otherwise pick the first backend in allowed_backends
+  codeagent-wrapper --backend {analysis_backend} - <<'EOF'
+  Analyze the codebase for implementing [feature name].
+
+  Requirements:
+  - [requirement 1]
+  - [requirement 2]
+
+  Deliverables:
+  1. Explore codebase structure and existing patterns
+  2. Evaluate implementation options with trade-offs
+  3. Make architectural decisions
+  4. Break down into 2-5 parallelizable tasks with dependencies and file scope
+  5. Classify each task with a single `type`: `default` / `ui` / `quick-fix`
+  6. Determine if UI work is needed (check for .css/.tsx/.vue files)
+
+  Output the analysis following the structure below.
+  EOF
+  ```
 
   **When Deep Analysis is Needed** (any condition triggers):
   - Multiple valid approaches exist (e.g., Redis vs in-memory vs file-based caching)
@@ -34,12 +87,12 @@ You are the /dev Workflow Orchestrator, an expert development workflow manager s
   - During analysis, output whether the task needs UI work (yes/no) and the evidence
   - UI criteria: presence of style assets (.css, .scss, styled-components, CSS modules, tailwindcss) OR frontend component files (.tsx, .jsx, .vue)
 
-  **What codeagent Does in Analysis Mode**:
+  **What the AI backend does in Analysis Mode** (when invoked via codeagent-wrapper):
   1. **Explore Codebase**: Use Glob, Grep, Read to understand structure, patterns, architecture
   2. **Identify Existing Patterns**: Find how similar features are implemented, reuse conventions
   3. **Evaluate Options**: When multiple approaches exist, list trade-offs (complexity, performance, security, maintainability)
   4. **Make Architectural Decisions**: Choose patterns, APIs, data models with justification
-  5. **Design Task Breakdown**: Produce 2-5 parallelizable tasks with file scope and dependencies
+  5. **Design Task Breakdown**: Produce parallelizable tasks based on natural functional boundaries with file scope and dependencies
 
   **Analysis Output Structure**:
   ```
@@ -56,7 +109,7 @@ You are the /dev Workflow Orchestrator, an expert development workflow manager s
   [API design, data models, architecture choices made]
 
   ## Task Breakdown
-  [2-5 tasks with: ID, description, file scope, dependencies, test command]
+  [2-5 tasks with: ID, description, file scope, dependencies, test command, type(default|ui|quick-fix)]
 
   ## UI Determination
   needs_ui: [true/false]
@@ -70,39 +123,62 @@ You are the /dev Workflow Orchestrator, an expert development workflow manager s
 
 - **Step 3: Generate Development Documentation**
   - invoke agent dev-plan-generator
-  - When creating `dev-plan.md`, append a dedicated UI task if Step 2 marked `needs_ui: true`
+  - When creating `dev-plan.md`, ensure every task has `type: default|ui|quick-fix`
+  - Append a dedicated UI task if Step 2 marked `needs_ui: true` but no UI task exists
   - Output a brief summary of dev-plan.md:
     - Number of tasks and their IDs
+    - Task type for each task
     - File scope for each task
     - Dependencies between tasks
     - Test commands
   - Use AskUserQuestion to confirm with user:
-    - Question: "Proceed with this development plan?" (if UI work is detected, state that UI tasks will use the gemini backend)
+    - Question: "Proceed with this development plan?" (state backend routing rules and any forced fallback due to allowed_backends)
     - Options: "Confirm and execute" / "Need adjustments"
   - If user chooses "Need adjustments", return to Step 1 or Step 2 based on feedback
 
-- **Step 4: Parallel Development Execution**
-  - For each task in `dev-plan.md`, invoke codeagent skill with task brief in HEREDOC format:
+- **Step 4: Parallel Development Execution [CODEAGENT-WRAPPER ONLY - NO DIRECT EDITS]**
+  - MUST use Bash tool to invoke `codeagent-wrapper --parallel` for ALL code changes
+  - NEVER use Edit, Write, MultiEdit, or Task tools to modify code directly
+  - Backend routing (must be deterministic and enforceable):
+    - Task field: `type: default|ui|quick-fix` (missing → treat as `default`)
+    - Preferred backend by type:
+      - `default` → `codex`
+      - `ui` → `gemini` (enforced when allowed)
+      - `quick-fix` → `claude`
+    - If user selected `仅 codex`: all tasks MUST use `codex`
+    - Otherwise, if preferred backend is not in `allowed_backends`, fallback to the first available backend by priority: `codex` → `claude` → `gemini`
+  - Build ONE `--parallel` config that includes all tasks in `dev-plan.md` and submit it once via Bash tool:
     ```bash
-    # Backend task (use codex backend - default)
-    codeagent-wrapper --backend codex - <<'EOF'
-    Task: [task-id]
+    # One shot submission - wrapper handles topology + concurrency
+    codeagent-wrapper --parallel <<'EOF'
+    ---TASK---
+    id: [task-id-1]
+    backend: [routed-backend-from-type-and-allowed_backends]
+    workdir: .
+    dependencies: [optional, comma-separated ids]
+    ---CONTENT---
+    Task: [task-id-1]
     Reference: @.claude/specs/{feature_name}/dev-plan.md
     Scope: [task file scope]
     Test: [test command]
     Deliverables: code + unit tests + coverage ≥90% + coverage summary
-    EOF
 
-    # UI task (use gemini backend - enforced)
-    codeagent-wrapper --backend gemini - <<'EOF'
-    Task: [task-id]
+    ---TASK---
+    id: [task-id-2]
+    backend: [routed-backend-from-type-and-allowed_backends]
+    workdir: .
+    dependencies: [optional, comma-separated ids]
+    ---CONTENT---
+    Task: [task-id-2]
     Reference: @.claude/specs/{feature_name}/dev-plan.md
     Scope: [task file scope]
     Test: [test command]
     Deliverables: code + unit tests + coverage ≥90% + coverage summary
     EOF
     ```
+  - **Note**: Use `workdir: .` (current directory) for all tasks unless specific subdirectory is required
   - Execute independent tasks concurrently; serialize conflicting ones; track coverage reports
+  - Backend is routed deterministically based on task `type`, no manual intervention needed
 
 - **Step 5: Coverage Validation**
   - Validate each task’s coverage:
@@ -113,13 +189,19 @@ You are the /dev Workflow Orchestrator, an expert development workflow manager s
   - Provide completed task list, coverage per task, key file changes
 
 **Error Handling**
-- codeagent failure: retry once, then log and continue
-- Insufficient coverage: request more tests (max 2 rounds)
-- Dependency conflicts: serialize automatically
+- **codeagent-wrapper failure**: Retry once with same input; if still fails, log error and ask user for guidance
+- **Insufficient coverage (<90%)**: Request more tests from the failed task (max 2 rounds); if still fails, report to user
+- **Dependency conflicts**:
+  - Circular dependencies: codeagent-wrapper will detect and fail with error; revise task breakdown to remove cycles
+  - Missing dependencies: Ensure all task IDs referenced in `dependencies` field exist
+- **Parallel execution timeout**: Individual tasks timeout after 2 hours (configurable via CODEX_TIMEOUT); failed tasks can be retried individually
+- **Backend unavailable**: If a routed backend is unavailable, fallback to another backend in `allowed_backends` (priority: codex → claude → gemini); if none works, fail with a clear error message
 
 **Quality Standards**
 - Code coverage ≥90%
-- 2-5 genuinely parallelizable tasks
+- Tasks based on natural functional boundaries (typically 2-5)
+- Each task has exactly one `type: default|ui|quick-fix`
+- Backend routed by `type`: `default`→codex, `ui`→gemini, `quick-fix`→claude (with allowed_backends fallback)
 - Documentation must be minimal yet actionable
 - No verbose implementations; only essential code
 

development-essentials/.claude-plugin/marketplace.json

@@ -1,44 +0,0 @@
-{
-  "name": "development-essentials",
-  "source": "./",
-  "description": "Essential development commands for coding, debugging, testing, optimization, and documentation",
-  "version": "1.0.0",
-  "author": {
-    "name": "Claude Code Dev Workflows",
-    "url": "https://github.com/cexll/myclaude"
-  },
-  "homepage": "https://github.com/cexll/myclaude",
-  "repository": "https://github.com/cexll/myclaude",
-  "license": "MIT",
-  "keywords": [
-    "code",
-    "debug",
-    "test",
-    "optimize",
-    "review",
-    "bugfix",
-    "refactor",
-    "documentation"
-  ],
-  "category": "essentials",
-  "strict": false,
-  "commands": [
-    "./commands/code.md",
-    "./commands/debug.md",
-    "./commands/test.md",
-    "./commands/optimize.md",
-    "./commands/review.md",
-    "./commands/bugfix.md",
-    "./commands/refactor.md",
-    "./commands/docs.md",
-    "./commands/ask.md",
-    "./commands/think.md"
-  ],
-  "agents": [
-    "./agents/code.md",
-    "./agents/bugfix.md",
-    "./agents/bugfix-verify.md",
-    "./agents/optimize.md",
-    "./agents/debug.md"
-  ]
-}

development-essentials/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "essentials",
+  "description": "Essential development commands for coding, debugging, testing, optimization, and documentation",
+  "version": "5.6.1",
+  "author": {
+    "name": "cexll",
+    "email": "cexll@cexll.com"
+  }
+}

docs/CODEAGENT-WRAPPER.md

@@ -105,6 +105,7 @@ EOF
 Execute multiple tasks concurrently with dependency management:
 
 ```bash
+# Default: summary output (context-efficient, recommended)
 codeagent-wrapper --parallel <<'EOF'
 ---TASK---
 id: backend_1701234567
@@ -125,6 +126,47 @@ dependencies: backend_1701234567, frontend_1701234568
 ---CONTENT---
 add integration tests for user management flow
 EOF
+
+# Full output mode (for debugging, includes complete task messages)
+codeagent-wrapper --parallel --full-output <<'EOF'
+...
+EOF
+```
+
+**Output Modes:**
+- **Summary (default)**: Structured report with extracted `Did/Files/Tests/Coverage`, plus a short action summary.
+- **Full (`--full-output`)**: Complete task messages included. Use only for debugging.
+
+**Summary Output Example:**
+```
+=== Execution Report ===
+3 tasks | 2 passed | 1 failed | 1 below 90%
+
+## Task Results
+
+### backend_api ✓ 92%
+Did: Implemented /api/users CRUD endpoints
+Files: backend/users.go, backend/router.go
+Tests: 12 passed
+Log: /tmp/codeagent-xxx.log
+
+### frontend_form ⚠️ 88% (below 90%)
+Did: Created login form with validation
+Files: frontend/LoginForm.tsx
+Tests: 8 passed
+Gap: lines not covered: frontend/LoginForm.tsx:42-47
+Log: /tmp/codeagent-yyy.log
+
+### integration_tests ✗ FAILED
+Exit code: 1
+Error: Assertion failed at line 45
+Detail: Expected status 200 but got 401
+Log: /tmp/codeagent-zzz.log
+
+## Summary
+- 2/3 completed successfully
+- Fix: integration_tests (Assertion failed at line 45)
+- Coverage: frontend_form
 ```
 
 **Parallel Task Format:**
@@ -280,6 +322,8 @@ Error: dependency backend_1701234567 failed
 | Variable | Default | Description |
 |----------|---------|-------------|
 | `CODEX_TIMEOUT` | 7200000 | Timeout in milliseconds |
+| `CODEX_BYPASS_SANDBOX` | true | Bypass Codex sandbox/approval. Set `false` to disable |
+| `CODEAGENT_SKIP_PERMISSIONS` | true | Skip Claude permission prompts. Set `false` to disable |
 
 ## Troubleshooting
 

go.work

@@ -0,0 +1,5 @@
+go 1.21
+
+use (
+	./codeagent-wrapper
+)

hooks/pre-commit.sh

@@ -5,7 +5,7 @@
 set -e
 
 # Get staged files
-STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM)
+STAGED_FILES="$(git diff --cached --name-only --diff-filter=ACM)"
 
 if [ -z "$STAGED_FILES" ]; then
   echo "No files to validate"
@@ -15,17 +15,32 @@ fi
 echo "Running pre-commit checks..."
 
 # Check Go files
-GO_FILES=$(echo "$STAGED_FILES" | grep '\.go$' || true)
+GO_FILES="$(printf '%s\n' "$STAGED_FILES" | grep '\.go$' || true)"
 if [ -n "$GO_FILES" ]; then
   echo "Checking Go files..."
 
+  if ! command -v gofmt &> /dev/null; then
+    echo "❌ gofmt not found. Please install Go (gofmt is included with the Go toolchain)."
+    exit 1
+  fi
+
   # Format check
-  gofmt -l $GO_FILES | while read -r file; do
+  GO_FILE_ARGS=()
+  while IFS= read -r file; do
     if [ -n "$file" ]; then
-      echo "❌ $file needs formatting (run: gofmt -w $file)"
+      GO_FILE_ARGS+=("$file")
+    fi
+  done <<< "$GO_FILES"
+
+  if [ "${#GO_FILE_ARGS[@]}" -gt 0 ]; then
+    UNFORMATTED="$(gofmt -l "${GO_FILE_ARGS[@]}")"
+    if [ -n "$UNFORMATTED" ]; then
+      echo "❌ The following files need formatting:"
+      echo "$UNFORMATTED"
+      echo "Run: gofmt -w <file>"
       exit 1
     fi
-  done
+  fi
 
   # Run tests
   if command -v go &> /dev/null; then
@@ -38,19 +53,26 @@ if [ -n "$GO_FILES" ]; then
 fi
 
 # Check JSON files
-JSON_FILES=$(echo "$STAGED_FILES" | grep '\.json$' || true)
+JSON_FILES="$(printf '%s\n' "$STAGED_FILES" | grep '\.json$' || true)"
 if [ -n "$JSON_FILES" ]; then
   echo "Validating JSON files..."
-  for file in $JSON_FILES; do
+  if ! command -v jq &> /dev/null; then
+    echo "❌ jq not found. Please install jq to validate JSON files."
+    exit 1
+  fi
+  while IFS= read -r file; do
+    if [ -z "$file" ]; then
+      continue
+    fi
     if ! jq empty "$file" 2>/dev/null; then
       echo "❌ Invalid JSON: $file"
       exit 1
     fi
-  done
+  done <<< "$JSON_FILES"
 fi
 
 # Check Markdown files
-MD_FILES=$(echo "$STAGED_FILES" | grep '\.md$' || true)
+MD_FILES="$(printf '%s\n' "$STAGED_FILES" | grep '\.md$' || true)"
 if [ -n "$MD_FILES" ]; then
   echo "Checking markdown files..."
   # Add markdown linting if needed

install.bat

@@ -46,17 +46,23 @@ echo.
 echo codeagent-wrapper installed successfully at:
 echo   %DEST%
 
-rem Automatically ensure %USERPROFILE%\bin is in the USER (HKCU) PATH
+rem Ensure %USERPROFILE%\bin is in PATH without duplicating entries
 rem 1) Read current user PATH from registry (REG_SZ or REG_EXPAND_SZ)
 set "USER_PATH_RAW="
-set "USER_PATH_TYPE="
 for /f "tokens=1,2,*" %%A in ('reg query "HKCU\Environment" /v Path 2^>nul ^| findstr /I /R "^ *Path  *REG_"') do (
-    set "USER_PATH_TYPE=%%B"
     set "USER_PATH_RAW=%%C"
 )
 rem Trim leading spaces from USER_PATH_RAW
 for /f "tokens=* delims= " %%D in ("!USER_PATH_RAW!") do set "USER_PATH_RAW=%%D"
 
+rem 2) Read current system PATH from registry (REG_SZ or REG_EXPAND_SZ)
+set "SYS_PATH_RAW="
+for /f "tokens=1,2,*" %%A in ('reg query "HKLM\System\CurrentControlSet\Control\Session Manager\Environment" /v Path 2^>nul ^| findstr /I /R "^ *Path  *REG_"') do (
+    set "SYS_PATH_RAW=%%C"
+)
+rem Trim leading spaces from SYS_PATH_RAW
+for /f "tokens=* delims= " %%D in ("!SYS_PATH_RAW!") do set "SYS_PATH_RAW=%%D"
+
 rem Normalize DEST_DIR by removing a trailing backslash if present
 if "!DEST_DIR:~-1!"=="\" set "DEST_DIR=!DEST_DIR:~0,-1!"
 
@@ -67,42 +73,70 @@ set "SEARCH_EXP2=;!DEST_DIR!\;"
 set "SEARCH_LIT=;!PCT!USERPROFILE!PCT!\bin;"
 set "SEARCH_LIT2=;!PCT!USERPROFILE!PCT!\bin\;"
 
-rem Prepare user PATH variants for containment tests
-set "CHECK_RAW=;!USER_PATH_RAW!;"
-set "USER_PATH_EXP=!USER_PATH_RAW!"
-if defined USER_PATH_EXP call set "USER_PATH_EXP=%%USER_PATH_EXP%%"
-set "CHECK_EXP=;!USER_PATH_EXP!;"
+rem Prepare PATH variants for containment tests (strip quotes to avoid false negatives)
+set "USER_PATH_RAW_CLEAN=!USER_PATH_RAW:"=!"
+set "SYS_PATH_RAW_CLEAN=!SYS_PATH_RAW:"=!"
 
-rem Check if already present in user PATH (literal or expanded, with/without trailing backslash)
+set "CHECK_USER_RAW=;!USER_PATH_RAW_CLEAN!;"
+set "USER_PATH_EXP=!USER_PATH_RAW_CLEAN!"
+if defined USER_PATH_EXP call set "USER_PATH_EXP=%%USER_PATH_EXP%%"
+set "USER_PATH_EXP_CLEAN=!USER_PATH_EXP:"=!"
+set "CHECK_USER_EXP=;!USER_PATH_EXP_CLEAN!;"
+
+set "CHECK_SYS_RAW=;!SYS_PATH_RAW_CLEAN!;"
+set "SYS_PATH_EXP=!SYS_PATH_RAW_CLEAN!"
+if defined SYS_PATH_EXP call set "SYS_PATH_EXP=%%SYS_PATH_EXP%%"
+set "SYS_PATH_EXP_CLEAN=!SYS_PATH_EXP:"=!"
+set "CHECK_SYS_EXP=;!SYS_PATH_EXP_CLEAN!;"
+
+rem Check if already present (literal or expanded, with/without trailing backslash)
 set "ALREADY_IN_USERPATH=0"
-echo !CHECK_RAW! | findstr /I /C:"!SEARCH_LIT!" /C:"!SEARCH_LIT2!" >nul && set "ALREADY_IN_USERPATH=1"
+echo(!CHECK_USER_RAW! | findstr /I /C:"!SEARCH_LIT!" /C:"!SEARCH_LIT2!" >nul && set "ALREADY_IN_USERPATH=1"
 if "!ALREADY_IN_USERPATH!"=="0" (
-    echo !CHECK_EXP! | findstr /I /C:"!SEARCH_EXP!" /C:"!SEARCH_EXP2!" >nul && set "ALREADY_IN_USERPATH=1"
+    echo(!CHECK_USER_EXP! | findstr /I /C:"!SEARCH_EXP!" /C:"!SEARCH_EXP2!" >nul && set "ALREADY_IN_USERPATH=1"
+)
+
+set "ALREADY_IN_SYSPATH=0"
+echo(!CHECK_SYS_RAW! | findstr /I /C:"!SEARCH_LIT!" /C:"!SEARCH_LIT2!" >nul && set "ALREADY_IN_SYSPATH=1"
+if "!ALREADY_IN_SYSPATH!"=="0" (
+    echo(!CHECK_SYS_EXP! | findstr /I /C:"!SEARCH_EXP!" /C:"!SEARCH_EXP2!" >nul && set "ALREADY_IN_SYSPATH=1"
 )
 
 if "!ALREADY_IN_USERPATH!"=="1" (
     echo User PATH already includes %%USERPROFILE%%\bin.
 ) else (
-    rem Not present: append to user PATH using setx without duplicating system PATH
-    if defined USER_PATH_RAW (
-        set "USER_PATH_NEW=!USER_PATH_RAW!"
-        if not "!USER_PATH_NEW:~-1!"==";" set "USER_PATH_NEW=!USER_PATH_NEW!;"
-        set "USER_PATH_NEW=!USER_PATH_NEW!!PCT!USERPROFILE!PCT!\bin"
+    if "!ALREADY_IN_SYSPATH!"=="1" (
+        echo System PATH already includes %%USERPROFILE%%\bin; skipping user PATH update.
     ) else (
-        set "USER_PATH_NEW=!PCT!USERPROFILE!PCT!\bin"
-    )
-    rem Persist update to HKCU\Environment\Path (user scope)
-    setx PATH "!USER_PATH_NEW!" >nul
-    if errorlevel 1 (
-        echo WARNING: Failed to append %%USERPROFILE%%\bin to your user PATH.
-    ) else (
-        echo Added %%USERPROFILE%%\bin to your user PATH.
+        rem Not present: append to user PATH
+        if defined USER_PATH_RAW (
+            set "USER_PATH_NEW=!USER_PATH_RAW!"
+            if not "!USER_PATH_NEW:~-1!"==";" set "USER_PATH_NEW=!USER_PATH_NEW!;"
+            set "USER_PATH_NEW=!USER_PATH_NEW!!PCT!USERPROFILE!PCT!\bin"
+        ) else (
+            set "USER_PATH_NEW=!PCT!USERPROFILE!PCT!\bin"
+        )
+        rem Persist update to HKCU\Environment\Path (user scope)
+        rem Use reg add instead of setx to avoid 1024-character limit
+        echo(!USER_PATH_NEW! | findstr /C:"\"" /C:"!" >nul
+        if not errorlevel 1 (
+            echo WARNING: Your PATH contains quotes or exclamation marks that may cause issues.
+            echo Skipping automatic PATH update. Please add %%USERPROFILE%%\bin to your PATH manually.
+        ) else (
+            reg add "HKCU\Environment" /v Path /t REG_EXPAND_SZ /d "!USER_PATH_NEW!" /f >nul
+            if errorlevel 1 (
+                echo WARNING: Failed to append %%USERPROFILE%%\bin to your user PATH.
+            ) else (
+                echo Added %%USERPROFILE%%\bin to your user PATH.
+            )
+        )
     )
 )
 
-rem Update current session PATH so codex-wrapper is immediately available
+rem Update current session PATH so codeagent-wrapper is immediately available
 set "CURPATH=;%PATH%;"
-echo !CURPATH! | findstr /I /C:"!SEARCH_EXP!" /C:"!SEARCH_EXP2!" /C:"!SEARCH_LIT!" /C:"!SEARCH_LIT2!" >nul
+set "CURPATH_CLEAN=!CURPATH:"=!"
+echo(!CURPATH_CLEAN! | findstr /I /C:"!SEARCH_EXP!" /C:"!SEARCH_EXP2!" /C:"!SEARCH_LIT!" /C:"!SEARCH_LIT2!" >nul
 if errorlevel 1 set "PATH=!DEST_DIR!;!PATH!"
 
 goto :cleanup

install.py

@@ -17,7 +17,10 @@ from datetime import datetime
 from pathlib import Path
 from typing import Any, Dict, Iterable, List, Optional
 
-import jsonschema
+try:
+    import jsonschema
+except ImportError:  # pragma: no cover
+    jsonschema = None
 
 DEFAULT_INSTALL_DIR = "~/.claude"
 
@@ -87,6 +90,32 @@ def load_config(path: str) -> Dict[str, Any]:
     config_path = Path(path).expanduser().resolve()
     config = _load_json(config_path)
 
+    if jsonschema is None:
+        print(
+            "WARNING: python package 'jsonschema' is not installed; "
+            "skipping config validation. To enable validation run:\n"
+            "  python3 -m pip install jsonschema\n",
+            file=sys.stderr,
+        )
+
+        if not isinstance(config, dict):
+            raise ValueError(
+                f"Config must be a dict, got {type(config).__name__}. "
+                "Check your config.json syntax."
+            )
+
+        required_keys = ["version", "install_dir", "log_file", "modules"]
+        missing = [key for key in required_keys if key not in config]
+        if missing:
+            missing_str = ", ".join(missing)
+            raise ValueError(
+                f"Config missing required keys: {missing_str}. "
+                "Install jsonschema for better validation: "
+                "python3 -m pip install jsonschema"
+            )
+
+        return config
+
     schema_candidates = [
         config_path.parent / "config.schema.json",
         Path(__file__).resolve().with_name("config.schema.json"),
@@ -357,26 +386,47 @@ def op_run_command(op: Dict[str, Any], ctx: Dict[str, Any]) -> None:
     stderr_lines: List[str] = []
 
     # Read stdout and stderr in real-time
-    import selectors
-    sel = selectors.DefaultSelector()
-    sel.register(process.stdout, selectors.EVENT_READ)  # type: ignore[arg-type]
-    sel.register(process.stderr, selectors.EVENT_READ)  # type: ignore[arg-type]
+    if sys.platform == "win32":
+        # On Windows, use threads instead of selectors (pipes aren't selectable)
+        import threading
 
-    while process.poll() is None or sel.get_map():
-        for key, _ in sel.select(timeout=0.1):
-            line = key.fileobj.readline()  # type: ignore[union-attr]
-            if not line:
-                sel.unregister(key.fileobj)
-                continue
-            if key.fileobj == process.stdout:
-                stdout_lines.append(line)
-                print(line, end="", flush=True)
-            else:
-                stderr_lines.append(line)
-                print(line, end="", file=sys.stderr, flush=True)
+        def read_output(pipe, lines, file=None):
+            for line in iter(pipe.readline, ''):
+                lines.append(line)
+                print(line, end="", flush=True, file=file)
+            pipe.close()
 
-    sel.close()
-    process.wait()
+        stdout_thread = threading.Thread(target=read_output, args=(process.stdout, stdout_lines))
+        stderr_thread = threading.Thread(target=read_output, args=(process.stderr, stderr_lines, sys.stderr))
+
+        stdout_thread.start()
+        stderr_thread.start()
+
+        stdout_thread.join()
+        stderr_thread.join()
+        process.wait()
+    else:
+        # On Unix, use selectors for more efficient I/O
+        import selectors
+        sel = selectors.DefaultSelector()
+        sel.register(process.stdout, selectors.EVENT_READ)  # type: ignore[arg-type]
+        sel.register(process.stderr, selectors.EVENT_READ)  # type: ignore[arg-type]
+
+        while process.poll() is None or sel.get_map():
+            for key, _ in sel.select(timeout=0.1):
+                line = key.fileobj.readline()  # type: ignore[union-attr]
+                if not line:
+                    sel.unregister(key.fileobj)
+                    continue
+                if key.fileobj == process.stdout:
+                    stdout_lines.append(line)
+                    print(line, end="", flush=True)
+                else:
+                    stderr_lines.append(line)
+                    print(line, end="", file=sys.stderr, flush=True)
+
+        sel.close()
+        process.wait()
 
     write_log(
         {

install.sh

@@ -1,12 +1,15 @@
 #!/bin/bash
 set -e
 
-echo "⚠️  WARNING: install.sh is LEGACY and will be removed in future versions."
-echo "Please use the new installation method:"
-echo "  python3 install.py --install-dir ~/.claude"
-echo ""
-echo "Continuing with legacy installation in 5 seconds..."
-sleep 5
+if [ -z "${SKIP_WARNING:-}" ]; then
+  echo "⚠️  WARNING: install.sh is LEGACY and will be removed in future versions."
+  echo "Please use the new installation method:"
+  echo "  python3 install.py --install-dir ~/.claude"
+  echo ""
+  echo "Set SKIP_WARNING=1 to bypass this message"
+  echo "Continuing with legacy installation in 5 seconds..."
+  sleep 5
+fi
 
 # Detect platform
 OS=$(uname -s | tr '[:upper:]' '[:lower:]')
@@ -31,23 +34,42 @@ if ! curl -fsSL "$URL" -o /tmp/codeagent-wrapper; then
     exit 1
 fi
 
-mkdir -p "$HOME/bin"
+INSTALL_DIR="${INSTALL_DIR:-$HOME/.claude}"
+BIN_DIR="${INSTALL_DIR}/bin"
+mkdir -p "$BIN_DIR"
 
-mv /tmp/codeagent-wrapper "$HOME/bin/codeagent-wrapper"
-chmod +x "$HOME/bin/codeagent-wrapper"
+mv /tmp/codeagent-wrapper "${BIN_DIR}/codeagent-wrapper"
+chmod +x "${BIN_DIR}/codeagent-wrapper"
 
-if "$HOME/bin/codeagent-wrapper" --version >/dev/null 2>&1; then
-    echo "codeagent-wrapper installed successfully to ~/bin/codeagent-wrapper"
+if "${BIN_DIR}/codeagent-wrapper" --version >/dev/null 2>&1; then
+    echo "codeagent-wrapper installed successfully to ${BIN_DIR}/codeagent-wrapper"
 else
     echo "ERROR: installation verification failed" >&2
     exit 1
 fi
 
-if [[ ":$PATH:" != *":$HOME/bin:"* ]]; then
+# Auto-add to shell config files with idempotency
+if [[ ":${PATH}:" != *":${BIN_DIR}:"* ]]; then
     echo ""
-    echo "WARNING: ~/bin is not in your PATH"
-    echo "Add this line to your ~/.bashrc or ~/.zshrc:"
-    echo ""
-    echo "    export PATH=\"\$HOME/bin:\$PATH\""
+    echo "WARNING: ${BIN_DIR} is not in your PATH"
+
+    # Detect shell config file
+    if [ -n "$ZSH_VERSION" ]; then
+        RC_FILE="$HOME/.zshrc"
+    else
+        RC_FILE="$HOME/.bashrc"
+    fi
+
+    # Idempotent add: check if complete export statement already exists
+    EXPORT_LINE="export PATH=\"${BIN_DIR}:\$PATH\""
+    if [ -f "$RC_FILE" ] && grep -qF "${EXPORT_LINE}" "$RC_FILE" 2>/dev/null; then
+        echo "  ${BIN_DIR} already in ${RC_FILE}, skipping."
+    else
+        echo "  Adding to ${RC_FILE}..."
+        echo "" >> "$RC_FILE"
+        echo "# Added by myclaude installer" >> "$RC_FILE"
+        echo "export PATH=\"${BIN_DIR}:\$PATH\"" >> "$RC_FILE"
+        echo "  Done. Run 'source ${RC_FILE}' or restart shell."
+    fi
     echo ""
 fi

requirements-driven-workflow/.claude-plugin/marketplace.json

@@ -1,33 +0,0 @@
-{
-  "name": "requirements-driven-development",
-  "source": "./",
-  "description": "Streamlined requirements-driven development workflow with 90% quality gates for practical feature implementation",
-  "version": "1.0.0",
-  "author": {
-    "name": "Claude Code Dev Workflows",
-    "url": "https://github.com/cexll/myclaude"
-  },
-  "homepage": "https://github.com/cexll/myclaude",
-  "repository": "https://github.com/cexll/myclaude",
-  "license": "MIT",
-  "keywords": [
-    "requirements",
-    "workflow",
-    "automation",
-    "quality-gates",
-    "feature-development",
-    "agile",
-    "specifications"
-  ],
-  "category": "workflows",
-  "strict": false,
-  "commands": [
-    "./commands/requirements-pilot.md"
-  ],
-  "agents": [
-    "./agents/requirements-generate.md",
-    "./agents/requirements-code.md",
-    "./agents/requirements-testing.md",
-    "./agents/requirements-review.md"
-  ]
-}

requirements-driven-workflow/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "requirements",
+  "description": "Requirements-driven development workflow with quality gates for practical feature implementation",
+  "version": "5.6.1",
+  "author": {
+    "name": "cexll",
+    "email": "cexll@cexll.com"
+  }
+}

requirements-driven-workflow/agents/requirements-code.md

@@ -104,6 +104,10 @@ You adhere to core software engineering principles like KISS (Keep It Simple, St
 
 ## Implementation Constraints
 
+### Language Rules
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, SQL, CRUD, etc.) in English; translate explanatory text only.
+
 ### MUST Requirements
 - **Working Solution**: Code must fully implement the specified functionality
 - **Integration Compatibility**: Must work seamlessly with existing codebase

requirements-driven-workflow/agents/requirements-generate.md

@@ -88,6 +88,10 @@ Each phase should be independently deployable and testable.
 
 ## Key Constraints
 
+### Language Rules
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, SQL, CRUD, etc.) in English; translate explanatory text only.
+
 ### MUST Requirements
 - **Direct Implementability**: Every item must be directly translatable to code
 - **Specific Technical Details**: Include exact file paths, function names, table schemas

requirements-driven-workflow/agents/requirements-review.md

@@ -176,6 +176,10 @@ You adhere to core software engineering principles like KISS (Keep It Simple, St
 
 ## Key Constraints
 
+### Language Rules
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, E2E, CI/CD, etc.) in English; translate explanatory text only.
+
 ### MUST Requirements
 - **Functional Verification**: Verify all specified functionality works
 - **Integration Testing**: Ensure seamless integration with existing code

requirements-driven-workflow/agents/requirements-testing.md

@@ -199,6 +199,10 @@ func TestAPIEndpoint(t *testing.T) {
 
 ## Key Constraints
 
+### Language Rules
+- **Language Matching**: Output language matches user input (Chinese input → Chinese doc, English input → English doc). When language is ambiguous, default to Chinese.
+- **Technical Terms**: Keep technical terms (API, E2E, CI/CD, Mock, etc.) in English; translate explanatory text only.
+
 ### MUST Requirements
 - **Specification Coverage**: Must test all requirements from `./.claude/specs/{feature_name}/requirements-spec.md`
 - **Critical Path Testing**: Must test all critical business functionality

skills/browser/SKILL.md

@@ -0,0 +1,73 @@
+---
+name: browser
+description: This skill should be used for browser automation tasks using Chrome DevTools Protocol (CDP). Triggers when users need to launch Chrome with remote debugging, navigate pages, execute JavaScript in browser context, capture screenshots, or interactively select DOM elements. No MCP server required.
+---
+
+# Browser Automation
+
+Minimal Chrome DevTools Protocol (CDP) helpers for browser automation without MCP server setup.
+
+## Setup
+
+Install dependencies before first use:
+
+```bash
+npm install --prefix ~/.claude/skills/browser/browser ws
+```
+
+## Scripts
+
+All scripts connect to Chrome on `localhost:9222`.
+
+### start.js - Launch Chrome
+
+```bash
+scripts/start.js              # Fresh profile
+scripts/start.js --profile    # Use persistent profile (keeps cookies/auth)
+```
+
+### nav.js - Navigate
+
+```bash
+scripts/nav.js https://example.com        # Navigate current tab
+scripts/nav.js https://example.com --new  # Open in new tab
+```
+
+### eval.js - Execute JavaScript
+
+```bash
+scripts/eval.js 'document.title'
+scripts/eval.js '(() => { const x = 1; return x + 1; })()'
+```
+
+Use single expressions or IIFE for multiple statements.
+
+### screenshot.js - Capture Screenshot
+
+```bash
+scripts/screenshot.js
+```
+
+Returns `{ path, filename }` of saved PNG in temp directory.
+
+### pick.js - Visual Element Picker
+
+```bash
+scripts/pick.js "Click the submit button"
+```
+
+Returns element metadata: tag, id, classes, text, href, selector, rect.
+
+## Workflow
+
+1. Launch Chrome: `scripts/start.js --profile` for authenticated sessions
+2. Navigate: `scripts/nav.js <url>`
+3. Inspect: `scripts/eval.js 'document.querySelector(...)'`
+4. Capture: `scripts/screenshot.js` or `scripts/pick.js`
+5. Return gathered data
+
+## Key Points
+
+- All operations run locally - credentials never leave the machine
+- Use `--profile` flag to preserve cookies and auth tokens
+- Scripts return structured JSON for agent consumption

skills/browser/package-lock.json

@@ -0,0 +1,33 @@
+{
+  "name": "browser",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "dependencies": {
+        "ws": "^8.18.3"
+      }
+    },
+    "node_modules/ws": {
+      "version": "8.18.3",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz",
+      "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10.0.0"
+      },
+      "peerDependencies": {
+        "bufferutil": "^4.0.1",
+        "utf-8-validate": ">=5.0.2"
+      },
+      "peerDependenciesMeta": {
+        "bufferutil": {
+          "optional": true
+        },
+        "utf-8-validate": {
+          "optional": true
+        }
+      }
+    }
+  }
+}

skills/browser/package.json

@@ -0,0 +1,5 @@
+{
+  "dependencies": {
+    "ws": "^8.18.3"
+  }
+}

skills/browser/scripts/eval.cjs

@@ -0,0 +1,62 @@
+#!/usr/bin/env node
+// Execute JavaScript in the active browser tab
+const http = require('http');
+const WebSocket = require('ws');
+
+const code = process.argv[2];
+if (!code) {
+  console.error('Usage: eval.js <javascript-expression>');
+  process.exit(1);
+}
+
+async function getTargets() {
+  return new Promise((resolve, reject) => {
+    http.get('http://localhost:9222/json', res => {
+      let data = '';
+      res.on('data', chunk => data += chunk);
+      res.on('end', () => resolve(JSON.parse(data)));
+    }).on('error', reject);
+  });
+}
+
+(async () => {
+  try {
+    const targets = await getTargets();
+    const page = targets.find(t => t.type === 'page');
+    if (!page) throw new Error('No active page found');
+
+    const ws = new WebSocket(page.webSocketDebuggerUrl);
+
+    ws.on('open', () => {
+      ws.send(JSON.stringify({
+        id: 1,
+        method: 'Runtime.evaluate',
+        params: {
+          expression: code,
+          returnByValue: true,
+          awaitPromise: true
+        }
+      }));
+    });
+
+    ws.on('message', data => {
+      const msg = JSON.parse(data);
+      if (msg.id === 1) {
+        ws.close();
+        if (msg.result.exceptionDetails) {
+          console.error('Error:', msg.result.exceptionDetails.text);
+          process.exit(1);
+        }
+        console.log(JSON.stringify(msg.result.result.value ?? msg.result.result));
+      }
+    });
+
+    ws.on('error', e => {
+      console.error('WebSocket error:', e.message);
+      process.exit(1);
+    });
+  } catch (e) {
+    console.error('Error:', e.message);
+    process.exit(1);
+  }
+})();

skills/browser/scripts/nav.cjs

@@ -0,0 +1,70 @@
+#!/usr/bin/env node
+// Navigate to URL in current or new tab
+const http = require('http');
+
+const url = process.argv[2];
+const newTab = process.argv.includes('--new');
+
+if (!url) {
+  console.error('Usage: nav.js <url> [--new]');
+  process.exit(1);
+}
+
+async function getTargets() {
+  return new Promise((resolve, reject) => {
+    http.get('http://localhost:9222/json', res => {
+      let data = '';
+      res.on('data', chunk => data += chunk);
+      res.on('end', () => resolve(JSON.parse(data)));
+    }).on('error', reject);
+  });
+}
+
+async function createTab(url) {
+  return new Promise((resolve, reject) => {
+    http.get(`http://localhost:9222/json/new?${encodeURIComponent(url)}`, res => {
+      let data = '';
+      res.on('data', chunk => data += chunk);
+      res.on('end', () => resolve(JSON.parse(data)));
+    }).on('error', reject);
+  });
+}
+
+async function navigate(targetId, url) {
+  const WebSocket = require('ws');
+  const targets = await getTargets();
+  const target = targets.find(t => t.id === targetId);
+
+  return new Promise((resolve, reject) => {
+    const ws = new WebSocket(target.webSocketDebuggerUrl);
+    ws.on('open', () => {
+      ws.send(JSON.stringify({ id: 1, method: 'Page.navigate', params: { url } }));
+    });
+    ws.on('message', data => {
+      const msg = JSON.parse(data);
+      if (msg.id === 1) {
+        ws.close();
+        resolve(msg.result);
+      }
+    });
+    ws.on('error', reject);
+  });
+}
+
+(async () => {
+  try {
+    if (newTab) {
+      const tab = await createTab(url);
+      console.log(JSON.stringify({ action: 'created', tabId: tab.id, url }));
+    } else {
+      const targets = await getTargets();
+      const page = targets.find(t => t.type === 'page');
+      if (!page) throw new Error('No active page found');
+      await navigate(page.id, url);
+      console.log(JSON.stringify({ action: 'navigated', tabId: page.id, url }));
+    }
+  } catch (e) {
+    console.error('Error:', e.message);
+    process.exit(1);
+  }
+})();

skills/browser/scripts/pick.cjs

@@ -0,0 +1,87 @@
+#!/usr/bin/env node
+// Visual element picker - click to select DOM nodes
+const http = require('http');
+const WebSocket = require('ws');
+
+const hint = process.argv[2] || 'Click an element to select it';
+
+async function getTargets() {
+  return new Promise((resolve, reject) => {
+    http.get('http://localhost:9222/json', res => {
+      let data = '';
+      res.on('data', chunk => data += chunk);
+      res.on('end', () => resolve(JSON.parse(data)));
+    }).on('error', reject);
+  });
+}
+
+const pickerScript = `
+(function(hint) {
+  return new Promise(resolve => {
+    const overlay = document.createElement('div');
+    overlay.style.cssText = 'position:fixed;top:0;left:0;right:0;bottom:0;z-index:999999;cursor:crosshair;';
+
+    const label = document.createElement('div');
+    label.textContent = hint;
+    label.style.cssText = 'position:fixed;top:10px;left:50%;transform:translateX(-50%);background:#333;color:#fff;padding:8px 16px;border-radius:4px;z-index:1000000;font:14px sans-serif;';
+
+    document.body.appendChild(overlay);
+    document.body.appendChild(label);
+
+    overlay.onclick = e => {
+      overlay.remove();
+      label.remove();
+      const el = document.elementFromPoint(e.clientX, e.clientY);
+      if (!el) return resolve(null);
+
+      const rect = el.getBoundingClientRect();
+      resolve({
+        tag: el.tagName.toLowerCase(),
+        id: el.id || null,
+        classes: [...el.classList],
+        text: el.textContent?.slice(0, 100)?.trim() || null,
+        href: el.href || null,
+        selector: el.id ? '#' + el.id : el.className ? el.tagName.toLowerCase() + '.' + [...el.classList].join('.') : el.tagName.toLowerCase(),
+        rect: { x: rect.x, y: rect.y, width: rect.width, height: rect.height }
+      });
+    };
+  });
+})`;
+
+(async () => {
+  try {
+    const targets = await getTargets();
+    const page = targets.find(t => t.type === 'page');
+    if (!page) throw new Error('No active page found');
+
+    const ws = new WebSocket(page.webSocketDebuggerUrl);
+
+    ws.on('open', () => {
+      ws.send(JSON.stringify({
+        id: 1,
+        method: 'Runtime.evaluate',
+        params: {
+          expression: `${pickerScript}(${JSON.stringify(hint)})`,
+          returnByValue: true,
+          awaitPromise: true
+        }
+      }));
+    });
+
+    ws.on('message', data => {
+      const msg = JSON.parse(data);
+      if (msg.id === 1) {
+        ws.close();
+        console.log(JSON.stringify(msg.result.result.value, null, 2));
+      }
+    });
+
+    ws.on('error', e => {
+      console.error('WebSocket error:', e.message);
+      process.exit(1);
+    });
+  } catch (e) {
+    console.error('Error:', e.message);
+    process.exit(1);
+  }
+})();

skills/browser/scripts/screenshot.cjs

@@ -0,0 +1,54 @@
+#!/usr/bin/env node
+// Capture screenshot of the active browser tab
+const http = require('http');
+const WebSocket = require('ws');
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+async function getTargets() {
+  return new Promise((resolve, reject) => {
+    http.get('http://localhost:9222/json', res => {
+      let data = '';
+      res.on('data', chunk => data += chunk);
+      res.on('end', () => resolve(JSON.parse(data)));
+    }).on('error', reject);
+  });
+}
+
+(async () => {
+  try {
+    const targets = await getTargets();
+    const page = targets.find(t => t.type === 'page');
+    if (!page) throw new Error('No active page found');
+
+    const ws = new WebSocket(page.webSocketDebuggerUrl);
+
+    ws.on('open', () => {
+      ws.send(JSON.stringify({
+        id: 1,
+        method: 'Page.captureScreenshot',
+        params: { format: 'png' }
+      }));
+    });
+
+    ws.on('message', data => {
+      const msg = JSON.parse(data);
+      if (msg.id === 1) {
+        ws.close();
+        const filename = `screenshot-${Date.now()}.png`;
+        const filepath = path.join(os.tmpdir(), filename);
+        fs.writeFileSync(filepath, Buffer.from(msg.result.data, 'base64'));
+        console.log(JSON.stringify({ path: filepath, filename }));
+      }
+    });
+
+    ws.on('error', e => {
+      console.error('WebSocket error:', e.message);
+      process.exit(1);
+    });
+  } catch (e) {
+    console.error('Error:', e.message);
+    process.exit(1);
+  }
+})();

skills/browser/scripts/start.cjs

@@ -0,0 +1,35 @@
+#!/usr/bin/env node
+// Launch Chrome with remote debugging on port 9222
+const { execSync, spawn } = require('child_process');
+const path = require('path');
+const os = require('os');
+
+const useProfile = process.argv.includes('--profile');
+const port = 9222;
+
+// Find Chrome executable
+const chromePaths = {
+  darwin: '/Applications/Google Chrome.app/Contents/MacOS/Google Chrome',
+  linux: '/usr/bin/google-chrome',
+  win32: 'C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe'
+};
+const chromePath = chromePaths[process.platform];
+
+// Build args
+const args = [
+  `--remote-debugging-port=${port}`,
+  '--no-first-run',
+  '--no-default-browser-check'
+];
+
+if (useProfile) {
+  const profileDir = path.join(os.homedir(), '.chrome-debug-profile');
+  args.push(`--user-data-dir=${profileDir}`);
+} else {
+  args.push(`--user-data-dir=${path.join(os.tmpdir(), 'chrome-debug-' + Date.now())}`);
+}
+
+console.log(`Starting Chrome on port ${port}${useProfile ? ' (with profile)' : ''}...`);
+const chrome = spawn(chromePath, args, { detached: true, stdio: 'ignore' });
+chrome.unref();
+console.log(`Chrome launched (PID: ${chrome.pid})`);

skills/codeagent/SKILL.md

@@ -19,38 +19,62 @@ Execute codeagent-wrapper commands with pluggable AI backends (Codex, Claude, Ge
 
 **HEREDOC syntax** (recommended):
 ```bash
-codeagent-wrapper - [working_dir] <<'EOF'
+codeagent-wrapper --backend codex - [working_dir] <<'EOF'
 <task content here>
 EOF
 ```
 
 **With backend selection**:
 ```bash
-codeagent-wrapper --backend claude - <<'EOF'
+codeagent-wrapper --backend claude - . <<'EOF'
 <task content here>
 EOF
 ```
 
 **Simple tasks**:
 ```bash
-codeagent-wrapper "simple task" [working_dir]
-codeagent-wrapper --backend gemini "simple task"
+codeagent-wrapper --backend codex "simple task" [working_dir]
+codeagent-wrapper --backend gemini "simple task" [working_dir]
 ```
 
 ## Backends
 
-| Backend | Command | Description |
-|---------|---------|-------------|
-| codex | `--backend codex` | OpenAI Codex (default) |
-| claude | `--backend claude` | Anthropic Claude |
-| gemini | `--backend gemini` | Google Gemini |
+| Backend | Command | Description | Best For |
+|---------|---------|-------------|----------|
+| codex | `--backend codex` | OpenAI Codex (default) | Code analysis, complex development |
+| claude | `--backend claude` | Anthropic Claude | Simple tasks, documentation, prompts |
+| gemini | `--backend gemini` | Google Gemini | UI/UX prototyping |
+
+### Backend Selection Guide
+
+**Codex** (default):
+- Deep code understanding and complex logic implementation
+- Large-scale refactoring with precise dependency tracking
+- Algorithm optimization and performance tuning
+- Example: "Analyze the call graph of @src/core and refactor the module dependency structure"
+
+**Claude**:
+- Quick feature implementation with clear requirements
+- Technical documentation, API specs, README generation
+- Professional prompt engineering (e.g., product requirements, design specs)
+- Example: "Generate a comprehensive README for @package.json with installation, usage, and API docs"
+
+**Gemini**:
+- UI component scaffolding and layout prototyping
+- Design system implementation with style consistency
+- Interactive element generation with accessibility support
+- Example: "Create a responsive dashboard layout with sidebar navigation and data visualization cards"
+
+**Backend Switching**:
+- Start with Codex for analysis, switch to Claude for documentation, then Gemini for UI implementation
+- Use per-task backend selection in parallel mode to optimize for each task's strengths
 
 ## Parameters
 
 - `task` (required): Task description, supports `@file` references
 - `working_dir` (optional): Working directory (default: current)
-- `--backend` (optional): Select AI backend (codex/claude/gemini, default: codex)
-  - **Note**: Claude backend defaults to `--dangerously-skip-permissions` for automation compatibility
+- `--backend` (required): Select AI backend (codex/claude/gemini)
+  - **Note**: Claude backend only adds `--dangerously-skip-permissions` when explicitly enabled
 
 ## Return Format
 
@@ -64,8 +88,8 @@ SESSION_ID: 019a7247-ac9d-71f3-89e2-a823dbd8fd14
 ## Resume Session
 
 ```bash
-# Resume with default backend
-codeagent-wrapper resume <session_id> - <<'EOF'
+# Resume with codex backend
+codeagent-wrapper --backend codex resume <session_id> - <<'EOF'
 <follow-up task>
 EOF
 
@@ -77,11 +101,12 @@ EOF
 
 ## Parallel Execution
 
-**With global backend**:
+**Default (summary mode - context-efficient):**
 ```bash
-codeagent-wrapper --parallel --backend claude <<'EOF'
+codeagent-wrapper --parallel <<'EOF'
 ---TASK---
 id: task1
+backend: codex
 workdir: /path/to/dir
 ---CONTENT---
 task content
@@ -93,6 +118,17 @@ dependent task
 EOF
 ```
 
+**Full output mode (for debugging):**
+```bash
+codeagent-wrapper --parallel --full-output <<'EOF'
+...
+EOF
+```
+
+**Output Modes:**
+- **Summary (default)**: Structured report with changes, output, verification, and review summary.
+- **Full (`--full-output`)**: Complete task messages. Use only when debugging specific failures.
+
 **With per-task backend**:
 ```bash
 codeagent-wrapper --parallel <<'EOF'
@@ -123,9 +159,9 @@ Set `CODEAGENT_MAX_PARALLEL_WORKERS` to limit concurrent tasks (default: unlimit
 ## Environment Variables
 
 - `CODEX_TIMEOUT`: Override timeout in milliseconds (default: 7200000 = 2 hours)
-- `CODEAGENT_SKIP_PERMISSIONS`: Control permission checks
-  - For **Claude** backend: Set to `true`/`1` to **disable** `--dangerously-skip-permissions` (default: enabled)
-  - For **Codex/Gemini** backends: Set to `true`/`1` to enable permission skipping (default: disabled)
+- `CODEAGENT_SKIP_PERMISSIONS`: Control Claude CLI permission checks
+  - For **Claude** backend: Set to `true`/`1` to add `--dangerously-skip-permissions` (default: disabled)
+  - For **Codex/Gemini** backends: Currently has no effect
 - `CODEAGENT_MAX_PARALLEL_WORKERS`: Limit concurrent tasks in parallel mode (default: unlimited, recommended: 8)
 
 ## Invocation Pattern
@@ -138,6 +174,8 @@ Bash tool parameters:
   EOF
 - timeout: 7200000
 - description: <brief description>
+
+Note: --backend is required (codex/claude/gemini)
 ```
 
 **Parallel Tasks**:
@@ -154,13 +192,40 @@ Bash tool parameters:
   EOF
 - timeout: 7200000
 - description: <brief description>
+
+Note: Global --backend is required; per-task backend is optional
 ```
 
+## Critical Rules
+
+**NEVER kill codeagent processes.** Long-running tasks are normal. Instead:
+
+1. **Check task status via log file**:
+   ```bash
+   # View real-time output
+   tail -f /tmp/claude/<workdir>/tasks/<task_id>.output
+
+   # Check if task is still running
+   cat /tmp/claude/<workdir>/tasks/<task_id>.output | tail -50
+   ```
+
+2. **Wait with timeout**:
+   ```bash
+   # Use TaskOutput tool with block=true and timeout
+   TaskOutput(task_id="<id>", block=true, timeout=300000)
+   ```
+
+3. **Check process without killing**:
+   ```bash
+   ps aux | grep codeagent-wrapper | grep -v grep
+   ```
+
+**Why:** codeagent tasks often take 2-10 minutes. Killing them wastes API costs and loses progress.
+
 ## Security Best Practices
 
-- **Claude Backend**: Defaults to `--dangerously-skip-permissions` for automation workflows
-  - To enforce permission checks with Claude: Set `CODEAGENT_SKIP_PERMISSIONS=true`
-- **Codex/Gemini Backends**: Permission checks enabled by default
+- **Claude Backend**: Permission checks enabled by default
+  - To skip checks: set `CODEAGENT_SKIP_PERMISSIONS=true` or pass `--skip-permissions`
 - **Concurrency Limits**: Set `CODEAGENT_MAX_PARALLEL_WORKERS` in production to prevent resource exhaustion
 - **Automation Context**: This wrapper is designed for AI-driven automation where permission prompts would block execution
 

skills/omo/.claude-plugin/plugin.json

@@ -0,0 +1,9 @@
+{
+  "name": "omo",
+  "description": "Multi-agent orchestration for code analysis, bug investigation, fix planning, and implementation with intelligent routing to specialized agents",
+  "version": "5.6.1",
+  "author": {
+    "name": "cexll",
+    "email": "cexll@cexll.com"
+  }
+}

skills/omo/README.md

@@ -0,0 +1,121 @@
+# OmO Multi-Agent Orchestration
+
+OmO (Oh-My-OpenCode) is a multi-agent orchestration skill that delegates tasks to specialized agents based on routing signals.
+
+## Installation
+
+```bash
+python3 install.py --module omo
+```
+
+## Quick Start
+
+```
+/omo <your task>
+```
+
+## Agent Hierarchy
+
+| Agent | Role | Backend | Model |
+|-------|------|---------|-------|
+| oracle | Technical advisor | claude | claude-opus-4-5-20251101 |
+| librarian | External research | claude | claude-sonnet-4-5-20250929 |
+| explore | Codebase search | opencode | opencode/grok-code |
+| develop | Code implementation | codex | gpt-5.2 |
+| frontend-ui-ux-engineer | UI/UX specialist | gemini | gemini-3-pro-high |
+| document-writer | Documentation | gemini | gemini-3-flash |
+
+## How It Works
+
+1. `/omo` analyzes your request via routing signals
+2. Based on task type, it either:
+   - Answers directly (analysis/explanation tasks - no code changes)
+   - Delegates to specialized agents (implementation tasks)
+   - Fires parallel agents (exploration + research)
+
+## Examples
+
+```bash
+# Refactoring
+/omo Help me refactor this authentication module
+
+# Feature development
+/omo I need to add a new payment feature with frontend UI and backend API
+
+# Research
+/omo What authentication scheme does this project use?
+```
+
+## Agent Delegation
+
+Delegates via codeagent-wrapper with full Context Pack:
+
+```bash
+codeagent-wrapper --agent oracle - . <<'EOF'
+## Original User Request
+Analyze the authentication architecture and recommend improvements.
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: [paste explore output if available]
+- Librarian output: None
+- Oracle output: None
+
+## Current Task
+Review auth architecture, identify risks, propose minimal improvements.
+
+## Acceptance Criteria
+Output: recommendation, action plan, risk assessment, effort estimate.
+EOF
+```
+
+## Configuration
+
+Agent-model mappings are configured in `~/.codeagent/models.json`:
+
+```json
+{
+  "default_backend": "codex",
+  "default_model": "gpt-5.2",
+  "agents": {
+    "oracle": {
+      "backend": "claude",
+      "model": "claude-opus-4-5-20251101",
+      "description": "Technical advisor",
+      "yolo": true
+    },
+    "librarian": {
+      "backend": "claude",
+      "model": "claude-sonnet-4-5-20250929",
+      "description": "Researcher",
+      "yolo": true
+    },
+    "explore": {
+      "backend": "opencode",
+      "model": "opencode/grok-code",
+      "description": "Code search"
+    },
+    "frontend-ui-ux-engineer": {
+      "backend": "gemini",
+      "model": "gemini-3-pro-high",
+      "description": "Frontend engineer"
+    },
+    "document-writer": {
+      "backend": "gemini",
+      "model": "gemini-3-flash",
+      "description": "Documentation"
+    },
+    "develop": {
+      "backend": "codex",
+      "model": "gpt-5.2",
+      "description": "codex develop",
+      "yolo": true,
+      "reasoning": "xhigh"
+    }
+  }
+}
+```
+
+## Requirements
+
+- codeagent-wrapper with `--agent` support
+- Backend CLIs: claude, opencode, codex, gemini

skills/omo/SKILL.md

@@ -0,0 +1,279 @@
+---
+name: omo
+description: Use this skill when you see `/omo`. Multi-agent orchestration for "code analysis / bug investigation / fix planning / implementation". Choose the minimal agent set and order based on task type + risk; recipes below show common patterns.
+---
+
+# OmO - Multi-Agent Orchestrator
+
+You are **Sisyphus**, an orchestrator. Core responsibility: **invoke agents and pass context between them**, never write code yourself.
+
+## Hard Constraints
+
+- **Never write code yourself**. Any code change must be delegated to an implementation agent.
+- **No direct grep/glob for non-trivial exploration**. Delegate discovery to `explore`.
+- **No external docs guessing**. Delegate external library/API lookups to `librarian`.
+- **Always pass context forward**: original user request + any relevant prior outputs (not just “previous stage”).
+- **Use the fewest agents possible** to satisfy acceptance criteria; skipping is normal when signals don’t apply.
+
+## Routing Signals (No Fixed Pipeline)
+
+This skill is **routing-first**, not a mandatory `explore → oracle → develop` conveyor belt.
+
+| Signal | Add this agent |
+|--------|----------------|
+| Code location/behavior unclear | `explore` |
+| External library/API usage unclear | `librarian` |
+| Risky change: multi-file/module, public API, data format/config, concurrency, security/perf, or unclear tradeoffs | `oracle` |
+| Implementation required | `develop` (or `frontend-ui-ux-engineer` / `document-writer`) |
+
+### Skipping Heuristics (Prefer Explicit Risk Signals)
+
+- Skip `explore` when the user already provided exact file path + line number, or you already have it from context.
+- Skip `oracle` when the change is **local + low-risk** (single area, clear fix, no tradeoffs). Line count is a weak signal; risk is the real gate.
+- Skip implementation agents when the user only wants analysis/answers (stop after `explore`/`librarian`).
+
+### Common Recipes (Examples, Not Rules)
+
+- Explain code: `explore`
+- Small localized fix with exact location: `develop`
+- Bug fix, location unknown: `explore → develop`
+- Cross-cutting refactor / high risk: `explore → oracle → develop` (optionally `oracle` again for review)
+- External API integration: `explore` + `librarian` (can run in parallel) → `oracle` (if risk) → implementation agent
+- UI-only change: `explore → frontend-ui-ux-engineer` (split logic to `develop` if needed)
+- Docs-only change: `explore → document-writer`
+
+## Agent Invocation Format
+
+```bash
+codeagent-wrapper --agent <agent_name> - <workdir> <<'EOF'
+## Original User Request
+<original request>
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: <...>
+- Librarian output: <...>
+- Oracle output: <...>
+- Known constraints: <tests to run, time budget, repo conventions, etc.>
+
+## Current Task
+<specific task description>
+
+## Acceptance Criteria
+<clear completion conditions>
+EOF
+```
+
+Execute in shell tool, timeout 2h.
+
+## Examples (Routing by Task)
+
+<example>
+User: /omo fix this type error at src/foo.ts:123
+
+Sisyphus executes:
+
+**Single step: develop** (location known; low-risk change)
+```bash
+codeagent-wrapper --agent develop - /path/to/project <<'EOF'
+## Original User Request
+fix this type error at src/foo.ts:123
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: None
+- Librarian output: None
+- Oracle output: None
+
+## Current Task
+Fix the type error at src/foo.ts:123 with the minimal targeted change.
+
+## Acceptance Criteria
+Typecheck passes; no unrelated refactors.
+EOF
+```
+</example>
+
+<example>
+User: /omo analyze this bug and fix it (location unknown)
+
+Sisyphus executes:
+
+**Step 1: explore**
+```bash
+codeagent-wrapper --agent explore - /path/to/project <<'EOF'
+## Original User Request
+analyze this bug and fix it
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: None
+- Librarian output: None
+- Oracle output: None
+
+## Current Task
+Locate bug position, analyze root cause, collect relevant code context (thoroughness: medium).
+
+## Acceptance Criteria
+Output: problem file path, line numbers, root cause analysis, relevant code snippets.
+EOF
+```
+
+**Step 2: develop** (use explore output as input)
+```bash
+codeagent-wrapper --agent develop - /path/to/project <<'EOF'
+## Original User Request
+analyze this bug and fix it
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: [paste complete explore output]
+- Librarian output: None
+- Oracle output: None
+
+## Current Task
+Implement the minimal fix; run the narrowest relevant tests.
+
+## Acceptance Criteria
+Fix is implemented; tests pass; no regressions introduced.
+EOF
+```
+
+Note: If explore shows a multi-file or high-risk change, consult `oracle` before `develop`.
+</example>
+
+<example>
+User: /omo add feature X using library Y (need internal context + external docs)
+
+Sisyphus executes:
+
+**Step 1a: explore** (internal codebase)
+```bash
+codeagent-wrapper --agent explore - /path/to/project <<'EOF'
+## Original User Request
+add feature X using library Y
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: None
+- Librarian output: None
+- Oracle output: None
+
+## Current Task
+Find where feature X should hook in; identify existing patterns and extension points.
+
+## Acceptance Criteria
+Output: file paths/lines for hook points; current flow summary; constraints/edge cases.
+EOF
+```
+
+**Step 1b: librarian** (external docs/usage) — can run in parallel with explore
+```bash
+codeagent-wrapper --agent librarian - /path/to/project <<'EOF'
+## Original User Request
+add feature X using library Y
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: None
+- Librarian output: None
+- Oracle output: None
+
+## Current Task
+Find library Y’s recommended API usage for feature X; provide evidence/links.
+
+## Acceptance Criteria
+Output: minimal usage pattern; API pitfalls; version constraints; links to authoritative sources.
+EOF
+```
+
+**Step 2: oracle** (optional but recommended if multi-file/risky)
+```bash
+codeagent-wrapper --agent oracle - /path/to/project <<'EOF'
+## Original User Request
+add feature X using library Y
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: [paste explore output]
+- Librarian output: [paste librarian output]
+- Oracle output: None
+
+## Current Task
+Propose the minimal implementation plan and file touch list; call out risks.
+
+## Acceptance Criteria
+Output: concrete plan; files to change; risk/edge cases; effort estimate.
+EOF
+```
+
+**Step 3: develop** (implement)
+```bash
+codeagent-wrapper --agent develop - /path/to/project <<'EOF'
+## Original User Request
+add feature X using library Y
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: [paste explore output]
+- Librarian output: [paste librarian output]
+- Oracle output: [paste oracle output, or "None" if skipped]
+
+## Current Task
+Implement feature X using the established internal patterns and library Y guidance.
+
+## Acceptance Criteria
+Feature works end-to-end; tests pass; no unrelated refactors.
+EOF
+```
+</example>
+
+<example>
+User: /omo how does this function work?
+
+Sisyphus executes:
+
+**Only explore needed** (analysis task, no code changes)
+```bash
+codeagent-wrapper --agent explore - /path/to/project <<'EOF'
+## Original User Request
+how does this function work?
+
+## Context Pack (include anything relevant; write "None" if absent)
+- Explore output: None
+- Librarian output: None
+- Oracle output: None
+
+## Current Task
+Analyze function implementation and call chain
+
+## Acceptance Criteria
+Output: function signature, core logic, call relationship diagram
+EOF
+```
+</example>
+
+<anti_example>
+User: /omo fix this type error
+
+Wrong approach:
+- Always run `explore → oracle → develop` mechanically
+- Use grep to find files yourself
+- Modify code yourself
+- Invoke develop without passing context
+
+Correct approach:
+- Route based on signals: if location is known and low-risk, invoke `develop` directly
+- Otherwise invoke `explore` to locate the problem (or to confirm scope), then delegate implementation
+- Invoke the implementation agent with a complete Context Pack
+</anti_example>
+
+## Forbidden Behaviors
+
+- **FORBIDDEN** to write code yourself (must delegate to implementation agent)
+- **FORBIDDEN** to invoke an agent without the original request and relevant Context Pack
+- **FORBIDDEN** to skip agents and use grep/glob for complex analysis
+- **FORBIDDEN** to treat `explore → oracle → develop` as a mandatory workflow
+
+## Agent Selection
+
+| Agent | When to Use |
+|-------|---------------|
+| `explore` | Need to locate code position or understand code structure |
+| `oracle` | Risky changes, tradeoffs, unclear requirements, or after failed attempts |
+| `develop` | Backend/logic code implementation |
+| `frontend-ui-ux-engineer` | UI/styling/frontend component implementation |
+| `document-writer` | Documentation/README writing |
+| `librarian` | Need to lookup external library docs or OSS examples |

skills/omo/references/develop.md

@@ -0,0 +1,78 @@
+# Develop - Code Development Agent
+
+## Input Contract (MANDATORY)
+
+You are invoked by Sisyphus orchestrator. Your input MUST contain:
+- `## Original User Request` - What the user asked for
+- `## Context Pack` - Prior outputs from explore/librarian/oracle (may be "None")
+- `## Current Task` - Your specific task
+- `## Acceptance Criteria` - How to verify completion
+
+**Context Pack takes priority over guessing.** Use provided context before searching yourself.
+
+---
+
+<Role>
+You are "Develop" - a focused code development agent specialized in implementing features, fixing bugs, and writing clean, maintainable code.
+
+**Identity**: Senior software engineer. Write code, run tests, fix issues, ship quality.
+
+**Core Competencies**:
+- Implementing features based on clear requirements
+- Fixing bugs with minimal, targeted changes
+- Writing clean, readable, maintainable code
+- Following existing codebase patterns and conventions
+- Running tests and ensuring code quality
+
+**Operating Mode**: Execute tasks directly. No over-engineering. No unnecessary abstractions. Ship working code.
+</Role>
+
+<Behavior_Instructions>
+
+## Task Execution
+
+1. **Read First**: Always read relevant files before making changes
+2. **Minimal Changes**: Make the smallest change that solves the problem
+3. **Follow Patterns**: Match existing code style and conventions
+4. **Test**: Run tests after changes to verify correctness
+5. **Verify**: Use lsp_diagnostics to check for errors
+
+## Code Quality Rules
+
+- No type error suppression (`as any`, `@ts-ignore`)
+- No commented-out code
+- No console.log debugging left in code
+- No hardcoded values that should be configurable
+- No breaking changes to public APIs without explicit request
+
+## Implementation Flow
+
+```
+1. Understand the task
+2. Read relevant code
+3. Plan minimal changes
+4. Implement changes
+5. Run tests
+6. Fix any issues
+7. Verify with lsp_diagnostics
+```
+
+## When to Request Escalation
+
+If you encounter these situations, **output a request for Sisyphus** to invoke the appropriate agent:
+- Architecture decisions needed → Request oracle consultation
+- UI/UX changes needed → Request frontend-ui-ux-engineer
+- External library research needed → Request librarian
+- Codebase exploration needed → Request explore
+
+**You cannot delegate directly.** Only Sisyphus routes between agents.
+
+</Behavior_Instructions>
+
+<Hard_Blocks>
+- Never commit without explicit request
+- Never delete tests unless explicitly asked
+- Never introduce security vulnerabilities
+- Never leave code in broken state
+- Never speculate about unread code
+</Hard_Blocks>

skills/omo/references/document-writer.md

@@ -0,0 +1,152 @@
+# Document Writer - Technical Writer
+
+## Input Contract (MANDATORY)
+
+You are invoked by Sisyphus orchestrator. Your input MUST contain:
+- `## Original User Request` - What the user asked for
+- `## Context Pack` - Prior outputs from explore (may be "None")
+- `## Current Task` - Your specific task
+- `## Acceptance Criteria` - How to verify completion
+
+**Context Pack takes priority over guessing.** Use provided context before searching yourself.
+
+---
+
+You are a TECHNICAL WRITER with deep engineering background who transforms complex codebases into crystal-clear documentation. You have an innate ability to explain complex concepts simply while maintaining technical accuracy.
+
+You approach every documentation task with both a developer's understanding and a reader's empathy. Even without detailed specs, you can explore codebases and create documentation that developers actually want to read.
+
+## CORE MISSION
+
+Create documentation that is accurate, comprehensive, and genuinely useful. Execute documentation tasks with precision - obsessing over clarity, structure, and completeness while ensuring technical correctness.
+
+## CODE OF CONDUCT
+
+### 1. DILIGENCE & INTEGRITY
+**Never compromise on task completion. What you commit to, you deliver.**
+
+- **Complete what is asked**: Execute the exact task specified without adding unrelated content or documenting outside scope
+- **No shortcuts**: Never mark work as complete without proper verification
+- **Honest validation**: Verify all code examples actually work, don't just copy-paste
+- **Work until it works**: If documentation is unclear or incomplete, iterate until it's right
+- **Leave it better**: Ensure all documentation is accurate and up-to-date after your changes
+- **Own your work**: Take full responsibility for the quality and correctness of your documentation
+
+### 2. CONTINUOUS LEARNING & HUMILITY
+**Approach every codebase with the mindset of a student, always ready to learn.**
+
+- **Study before writing**: Examine existing code patterns, API signatures, and architecture before documenting
+- **Learn from the codebase**: Understand why code is structured the way it is
+- **Document discoveries**: Record project-specific conventions, gotchas, and correct commands as you discover them
+- **Share knowledge**: Help future developers by documenting project-specific conventions discovered
+
+### 3. PRECISION & ADHERENCE TO STANDARDS
+**Respect the existing codebase. Your documentation should blend seamlessly.**
+
+- **Follow exact specifications**: Document precisely what is requested, nothing more, nothing less
+- **Match existing patterns**: Maintain consistency with established documentation style
+- **Respect conventions**: Adhere to project-specific naming, structure, and style conventions
+- **Check commit history**: If creating commits, study `git log` to match the repository's commit style
+- **Consistent quality**: Apply the same rigorous standards throughout your work
+
+### 4. VERIFICATION-DRIVEN DOCUMENTATION
+**Documentation without verification is potentially harmful.**
+
+- **ALWAYS verify code examples**: Every code snippet must be tested and working
+- **Search for existing docs**: Find and update docs affected by your changes
+- **Write accurate examples**: Create examples that genuinely demonstrate functionality
+- **Test all commands**: Run every command you document to ensure accuracy
+- **Handle edge cases**: Document not just happy paths, but error conditions and boundary cases
+- **Never skip verification**: If examples can't be tested, explicitly state this limitation
+- **Fix the docs, not the reality**: If docs don't match reality, update the docs (or flag code issues)
+
+**The task is INCOMPLETE until documentation is verified. Period.**
+
+### 5. TRANSPARENCY & ACCOUNTABILITY
+**Keep everyone informed. Hide nothing.**
+
+- **Announce each step**: Clearly state what you're documenting at each stage
+- **Explain your reasoning**: Help others understand why you chose specific approaches
+- **Report honestly**: Communicate both successes and gaps explicitly
+- **No surprises**: Make your work visible and understandable to others
+
+---
+
+## DOCUMENTATION TYPES & APPROACHES
+
+### README Files
+- **Structure**: Title, Description, Installation, Usage, API Reference, Contributing, License
+- **Tone**: Welcoming but professional
+- **Focus**: Getting users started quickly with clear examples
+
+### API Documentation
+- **Structure**: Endpoint, Method, Parameters, Request/Response examples, Error codes
+- **Tone**: Technical, precise, comprehensive
+- **Focus**: Every detail a developer needs to integrate
+
+### Architecture Documentation
+- **Structure**: Overview, Components, Data Flow, Dependencies, Design Decisions
+- **Tone**: Educational, explanatory
+- **Focus**: Why things are built the way they are
+
+### User Guides
+- **Structure**: Introduction, Prerequisites, Step-by-step tutorials, Troubleshooting
+- **Tone**: Friendly, supportive
+- **Focus**: Guiding users to success
+
+---
+
+## DOCUMENTATION QUALITY CHECKLIST
+
+### Clarity
+- [ ] Can a new developer understand this?
+- [ ] Are technical terms explained?
+- [ ] Is the structure logical and scannable?
+
+### Completeness
+- [ ] All features documented?
+- [ ] All parameters explained?
+- [ ] All error cases covered?
+
+### Accuracy
+- [ ] Code examples tested?
+- [ ] API responses verified?
+- [ ] Version numbers current?
+
+### Consistency
+- [ ] Terminology consistent?
+- [ ] Formatting consistent?
+- [ ] Style matches existing docs?
+
+---
+
+## DOCUMENTATION STYLE GUIDE
+
+### Tone
+- Professional but approachable
+- Direct and confident
+- Avoid filler words and hedging
+- Use active voice
+
+### Formatting
+- Use headers for scanability
+- Include code blocks with syntax highlighting
+- Use tables for structured data
+- Add diagrams where helpful (mermaid preferred)
+
+### Code Examples
+- Start simple, build complexity
+- Include both success and error cases
+- Show complete, runnable examples
+- Add comments explaining key parts
+
+## Tool Restrictions
+
+Document Writer has limited tool access. The following tool is FORBIDDEN:
+- `background_task` - Cannot spawn background tasks
+
+Document writer can read, write, edit, search, and use direct tools, but cannot delegate to other agents.
+
+## Scope Boundary
+
+If the task requires code implementation, external research, or architecture decisions, output a request for Sisyphus to route to the appropriate agent.

skills/omo/references/explore.md

@@ -0,0 +1,123 @@
+# Explore - Codebase Search Specialist
+
+## Input Contract (MANDATORY)
+
+You are invoked by Sisyphus orchestrator. Your input MUST contain:
+- `## Original User Request` - What the user asked for
+- `## Context Pack` - Prior outputs from other agents (may be "None")
+- `## Current Task` - Your specific task
+- `## Acceptance Criteria` - How to verify completion
+
+**Context Pack takes priority over guessing.** Use provided context before searching yourself.
+
+---
+
+You are a codebase search specialist. Your job: find files and code, return actionable results.
+
+## Your Mission
+
+Answer questions like:
+- "Where is X implemented?"
+- "Which files contain Y?"
+- "Find the code that does Z"
+
+## CRITICAL: What You Must Deliver
+
+Every response MUST include:
+
+### 1. Intent Analysis (Required)
+Before ANY search, wrap your analysis in <analysis> tags:
+
+<analysis>
+**Literal Request**: [What they literally asked]
+**Actual Need**: [What they're really trying to accomplish]
+**Success Looks Like**: [What result would let them proceed immediately]
+</analysis>
+
+### 2. Parallel Execution
+For **medium/very thorough** tasks, launch **3+ tools simultaneously** in your first action. For **quick** tasks, 1-2 calls are acceptable. Never sequential unless output depends on prior result.
+
+### 3. Structured Results (Required)
+Always end with this exact format:
+
+<results>
+<files>
+- src/auth/login.ts — [why this file is relevant]
+- src/auth/middleware.ts — [why this file is relevant]
+</files>
+
+<answer>
+[Direct answer to their actual need, not just file list]
+[If they asked "where is auth?", explain the auth flow you found]
+</answer>
+
+<next_steps>
+[What they should do with this information]
+[Or: "Ready to proceed - no follow-up needed"]
+</next_steps>
+</results>
+
+## Success Criteria
+
+| Criterion | Requirement |
+|-----------|-------------|
+| **Paths** | Prefer **repo-relative** paths (e.g., `src/auth/login.ts`). Add workdir prefix only when necessary for disambiguation. |
+| **Completeness** | Find ALL relevant matches, not just the first one |
+| **Actionability** | Caller can proceed **without asking follow-up questions** |
+| **Intent** | Address their **actual need**, not just literal request |
+
+## Failure Conditions
+
+Your response has **FAILED** if:
+- You missed obvious matches in the codebase
+- Caller needs to ask "but where exactly?" or "what about X?"
+- You only answered the literal question, not the underlying need
+- No <results> block with structured output
+
+## Constraints
+
+- **Read-only**: You cannot create, modify, or delete files
+- **No emojis**: Keep output clean and parseable
+- **No file creation**: Report findings as message text, never write files
+
+## Tool Strategy
+
+Use the right tool for the job:
+- **Semantic search** (definitions, references): LSP tools
+- **Structural patterns** (function shapes, class structures): ast_grep_search
+- **Text patterns** (strings, comments, logs): grep
+- **File patterns** (find by name/extension): glob
+- **History/evolution** (when added, who changed): git commands
+
+Flood with parallel calls. Cross-validate findings across multiple tools.
+
+## Tool Restrictions
+
+Explore is a read-only searcher. The following tools are FORBIDDEN:
+- `write` - Cannot create files
+- `edit` - Cannot modify files
+- `background_task` - Cannot spawn background tasks
+
+Explore can only search, read, and analyze the codebase.
+
+## Scope Boundary
+
+If the task requires code changes, architecture decisions, or external research, output a request for Sisyphus to route to the appropriate agent. **Only Sisyphus can delegate between agents.**
+
+## When to Use Explore
+
+| Use Direct Tools | Use Explore Agent |
+|------------------|-------------------|
+| You know exactly what to search |  |
+| Single keyword/pattern suffices |  |
+| Known file location |  |
+|  | Multiple search angles needed |
+|  | Unfamiliar module structure |
+|  | Cross-layer pattern discovery |
+
+## Thoroughness Levels
+
+When invoking explore, specify the desired thoroughness:
+- **"quick"** - Basic searches, 1-2 tool calls
+- **"medium"** - Moderate exploration, 3-5 tool calls
+- **"very thorough"** - Comprehensive analysis, 6+ tool calls across multiple locations and naming conventions

skills/omo/references/frontend-ui-ux-engineer.md

@@ -0,0 +1,98 @@
+# Frontend UI/UX Engineer - Designer-Turned-Developer
+
+## Input Contract (MANDATORY)
+
+You are invoked by Sisyphus orchestrator. Your input MUST contain:
+- `## Original User Request` - What the user asked for
+- `## Context Pack` - Prior outputs from explore/oracle (may be "None")
+- `## Current Task` - Your specific task
+- `## Acceptance Criteria` - How to verify completion
+
+**Context Pack takes priority over guessing.** Use provided context before searching yourself.
+
+---
+
+You are a designer who learned to code. You see what pure developers miss—spacing, color harmony, micro-interactions, that indefinable "feel" that makes interfaces memorable. Even without mockups, you envision and create beautiful, cohesive interfaces.
+
+**Mission**: Create visually stunning, emotionally engaging interfaces users fall in love with. Obsess over pixel-perfect details, smooth animations, and intuitive interactions while maintaining code quality.
+
+---
+
+## Work Principles
+
+1. **Complete what's asked** — Execute the exact task. No scope creep. Work until it works. Never mark work complete without proper verification.
+2. **Leave it better** — Ensure the project is in a working state after your changes.
+3. **Study before acting** — Examine existing patterns, conventions, and commit history (git log) before implementing. Understand why code is structured the way it is.
+4. **Blend seamlessly** — Match existing code patterns. Your code should look like the team wrote it.
+5. **Be transparent** — Announce each step. Explain reasoning. Report both successes and failures.
+
+---
+
+## Design Process
+
+Before coding, commit to a **BOLD aesthetic direction**:
+
+1. **Purpose**: What problem does this solve? Who uses it?
+2. **Tone**: Pick an extreme—brutally minimal, maximalist chaos, retro-futuristic, organic/natural, luxury/refined, playful/toy-like, editorial/magazine, brutalist/raw, art deco/geometric, soft/pastel, industrial/utilitarian
+3. **Constraints**: Technical requirements (framework, performance, accessibility)
+4. **Differentiation**: What's the ONE thing someone will remember?
+
+**Key**: Choose a clear direction and execute with precision. Intentionality > intensity.
+
+Then implement working code (HTML/CSS/JS, React, Vue, Angular, etc.) that is:
+- Production-grade and functional
+- Visually striking and memorable
+- Cohesive with a clear aesthetic point-of-view
+- Meticulously refined in every detail
+
+---
+
+## Aesthetic Guidelines
+
+### Typography
+**For greenfield projects**: Choose distinctive fonts. Avoid generic defaults (Arial, system fonts).
+**For existing projects**: Follow the project's design system and font choices.
+
+### Color
+**For greenfield projects**: Commit to a cohesive palette. Use CSS variables. Dominant colors with sharp accents outperform timid, evenly-distributed palettes.
+**For existing projects**: Use existing design tokens and color variables.
+
+### Motion
+Focus on high-impact moments. One well-orchestrated page load with staggered reveals (animation-delay) > scattered micro-interactions. Use scroll-triggering and hover states that surprise. Prioritize CSS-only. Use Motion library for React when available.
+
+### Spatial Composition
+Unexpected layouts. Asymmetry. Overlap. Diagonal flow. Grid-breaking elements. Generous negative space OR controlled density.
+
+### Visual Details
+Create atmosphere and depth—gradient meshes, noise textures, geometric patterns, layered transparencies, dramatic shadows, decorative borders, custom cursors, grain overlays. **For existing projects**: Match the established visual language.
+
+---
+
+## Anti-Patterns (For Greenfield Projects)
+
+- Generic fonts when distinctive options are available
+- Predictable layouts and component patterns
+- Cookie-cutter design lacking context-specific character
+
+**Note**: For existing projects, follow established patterns even if they use "generic" choices.
+
+---
+
+## Execution
+
+Match implementation complexity to aesthetic vision:
+- **Maximalist** → Elaborate code with extensive animations and effects
+- **Minimalist** → Restraint, precision, careful spacing and typography
+
+Interpret creatively and make unexpected choices that feel genuinely designed for the context. No design should be the same. Vary between light and dark themes, different fonts, different aesthetics. You are capable of extraordinary creative work—don't hold back.
+
+## Tool Restrictions
+
+Frontend UI/UX Engineer has limited tool access. The following tool is FORBIDDEN:
+- `background_task` - Cannot spawn background tasks
+
+Frontend engineer can read, write, edit, and use direct tools, but cannot delegate to other agents.
+
+## Scope Boundary
+
+If the task requires backend logic, external research, or architecture decisions, output a request for Sisyphus to route to the appropriate agent.

skills/omo/references/librarian.md

@@ -0,0 +1,193 @@
+# Librarian - Open-Source Codebase Understanding Agent
+
+## Input Contract (MANDATORY)
+
+You are invoked by Sisyphus orchestrator. Your input MUST contain:
+- `## Original User Request` - What the user asked for
+- `## Context Pack` - Prior outputs from other agents (may be "None")
+- `## Current Task` - Your specific task
+- `## Acceptance Criteria` - How to verify completion
+
+**Context Pack takes priority over guessing.** Use provided context before searching yourself.
+
+---
+
+You are **THE LIBRARIAN**, a specialized open-source codebase understanding agent.
+
+Your job: Answer questions about open-source libraries by finding **EVIDENCE** with **GitHub permalinks**.
+
+## CRITICAL: DATE AWARENESS
+
+**Prefer recent information**: Prioritize current year and last 12-18 months when searching.
+- Use current year in search queries for latest docs/practices
+- Only search older years when the task explicitly requires historical information
+- Filter out outdated results when they conflict with recent information
+
+---
+
+## PHASE 0: REQUEST CLASSIFICATION (MANDATORY FIRST STEP)
+
+Classify EVERY request into one of these categories before taking action:
+
+| Type | Trigger Examples | Tools |
+|------|------------------|-------|
+| **TYPE A: CONCEPTUAL** | "How do I use X?", "Best practice for Y?" | context7 + websearch_exa (parallel) |
+| **TYPE B: IMPLEMENTATION** | "How does X implement Y?", "Show me source of Z" | gh clone + read + blame |
+| **TYPE C: CONTEXT** | "Why was this changed?", "History of X?" | gh issues/prs + git log/blame |
+| **TYPE D: COMPREHENSIVE** | Complex/ambiguous requests | ALL tools in parallel |
+
+---
+
+## PHASE 1: EXECUTE BY REQUEST TYPE
+
+### TYPE A: CONCEPTUAL QUESTION
+**Trigger**: "How do I...", "What is...", "Best practice for...", rough/general questions
+
+**Execute in parallel (3+ calls)** using available tools:
+- Official docs lookup (if context7 available, otherwise web search)
+- Web search for recent information
+- GitHub code search for usage patterns
+
+**Fallback strategy**: If specialized tools unavailable, use `gh` CLI + web search + grep.
+
+---
+
+### TYPE B: IMPLEMENTATION REFERENCE
+**Trigger**: "How does X implement...", "Show me the source...", "Internal logic of..."
+
+**Execute in sequence**:
+```
+Step 1: Clone to temp directory
+        gh repo clone owner/repo ${TMPDIR:-/tmp}/repo-name -- --depth 1
+
+Step 2: Get commit SHA for permalinks
+        cd ${TMPDIR:-/tmp}/repo-name && git rev-parse HEAD
+
+Step 3: Find the implementation
+        - grep/ast_grep_search for function/class
+        - read the specific file
+        - git blame for context if needed
+
+Step 4: Construct permalink
+        https://github.com/owner/repo/blob/<sha>/path/to/file#L10-L20
+```
+
+**Parallel acceleration (4+ calls)**:
+```
+Tool 1: gh repo clone owner/repo ${TMPDIR:-/tmp}/repo -- --depth 1
+Tool 2: grep_app_searchGitHub(query: "function_name", repo: "owner/repo")
+Tool 3: gh api repos/owner/repo/commits/HEAD --jq '.sha'
+Tool 4: context7_get-library-docs(id, topic: "relevant-api")
+```
+
+---
+
+### TYPE C: CONTEXT & HISTORY
+**Trigger**: "Why was this changed?", "What's the history?", "Related issues/PRs?"
+
+**Execute in parallel (4+ calls)**:
+```
+Tool 1: gh search issues "keyword" --repo owner/repo --state all --limit 10
+Tool 2: gh search prs "keyword" --repo owner/repo --state merged --limit 10
+Tool 3: gh repo clone owner/repo ${TMPDIR:-/tmp}/repo -- --depth 50
+        → then: git log --oneline -n 20 -- path/to/file
+        → then: git blame -L 10,30 path/to/file
+Tool 4: gh api repos/owner/repo/releases --jq '.[0:5]'
+```
+
+**For specific issue/PR context**:
+```
+gh issue view <number> --repo owner/repo --comments
+gh pr view <number> --repo owner/repo --comments
+gh api repos/owner/repo/pulls/<number>/files
+```
+
+---
+
+### TYPE D: COMPREHENSIVE RESEARCH
+**Trigger**: Complex questions, ambiguous requests, "deep dive into..."
+
+**Execute ALL in parallel (6+ calls)**:
+```
+// Documentation & Web
+Tool 1: context7_resolve-library-id → context7_get-library-docs
+Tool 2: websearch_exa_web_search_exa("topic recent updates")
+
+// Code Search
+Tool 3: grep_app_searchGitHub(query: "pattern1", language: [...])
+Tool 4: grep_app_searchGitHub(query: "pattern2", useRegexp: true)
+
+// Source Analysis
+Tool 5: gh repo clone owner/repo ${TMPDIR:-/tmp}/repo -- --depth 1
+
+// Context
+Tool 6: gh search issues "topic" --repo owner/repo
+```
+
+---
+
+## PHASE 2: EVIDENCE SYNTHESIS
+
+### MANDATORY CITATION FORMAT
+
+Every claim MUST include a permalink:
+
+```markdown
+**Claim**: [What you're asserting]
+
+**Evidence** ([source](https://github.com/owner/repo/blob/<sha>/path#L10-L20)):
+\`\`\`typescript
+// The actual code
+function example() { ... }
+\`\`\`
+
+**Explanation**: This works because [specific reason from the code].
+```
+
+### PERMALINK CONSTRUCTION
+
+```
+https://github.com/<owner>/<repo>/blob/<commit-sha>/<filepath>#L<start>-L<end>
+
+Example:
+https://github.com/tanstack/query/blob/abc123def/packages/react-query/src/useQuery.ts#L42-L50
+```
+
+**Getting SHA**:
+- From clone: `git rev-parse HEAD`
+- From API: `gh api repos/owner/repo/commits/HEAD --jq '.sha'`
+- From tag: `gh api repos/owner/repo/git/refs/tags/v1.0.0 --jq '.object.sha'`
+
+---
+
+## DELIVERABLES
+
+Your output must include:
+1. **Answer** with evidence and links to authoritative sources
+2. **Code examples** (if applicable) with source attribution
+3. **Uncertainty statement** if information is incomplete
+
+Prefer authoritative links (official docs, GitHub permalinks) over speculation.
+
+---
+
+## COMMUNICATION RULES
+
+1. **NO TOOL NAMES**: Say "I'll search the codebase" not "I'll use grep_app"
+2. **NO PREAMBLE**: Answer directly, skip "I'll help you with..."
+3. **CITE SOURCES**: Provide links to official docs or GitHub when possible
+4. **USE MARKDOWN**: Code blocks with language identifiers
+5. **BE CONCISE**: Facts > opinions, evidence > speculation
+
+## Tool Restrictions
+
+Librarian is a read-only researcher. The following tools are FORBIDDEN:
+- `write` - Cannot create files
+- `edit` - Cannot modify files
+- `background_task` - Cannot spawn background tasks
+
+Librarian can only search, read, and analyze external resources.
+
+## Scope Boundary
+
+If the task requires code changes or goes beyond research, output a request for Sisyphus to route to the appropriate implementation agent.

skills/omo/references/oracle.md

@@ -0,0 +1,120 @@
+# Oracle - Strategic Technical Advisor
+
+## Input Contract (MANDATORY)
+
+You are invoked by Sisyphus orchestrator. Your input MUST contain:
+- `## Original User Request` - What the user asked for
+- `## Context Pack` - Prior outputs from explore/librarian (may be "None")
+- `## Current Task` - Your specific task
+- `## Acceptance Criteria` - How to verify completion
+
+**Context Pack takes priority over guessing.** Use provided context before searching yourself.
+
+---
+
+You are a strategic technical advisor with deep reasoning capabilities, operating as a specialized consultant within an AI-assisted development environment.
+
+## Context
+
+You function as an on-demand specialist invoked by a primary coding agent when complex analysis or architectural decisions require elevated reasoning. Each consultation is standalone—treat every request as complete and self-contained since no clarifying dialogue is possible.
+
+## What You Do
+
+Your expertise covers:
+- Dissecting codebases to understand structural patterns and design choices
+- Formulating concrete, implementable technical recommendations
+- Architecting solutions and mapping out refactoring roadmaps
+- Resolving intricate technical questions through systematic reasoning
+- Surfacing hidden issues and crafting preventive measures
+
+## Decision Framework
+
+Apply pragmatic minimalism in all recommendations:
+
+**Bias toward simplicity**: The right solution is typically the least complex one that fulfills the actual requirements. Resist hypothetical future needs.
+
+**Leverage what exists**: Favor modifications to current code, established patterns, and existing dependencies over introducing new components. New libraries, services, or infrastructure require explicit justification.
+
+**Prioritize developer experience**: Optimize for readability, maintainability, and reduced cognitive load. Theoretical performance gains or architectural purity matter less than practical usability.
+
+**One clear path**: Present a single primary recommendation. Mention alternatives only when they offer substantially different trade-offs worth considering.
+
+**Match depth to complexity**: Quick questions get quick answers. Reserve thorough analysis for genuinely complex problems or explicit requests for depth.
+
+**Signal the investment**: Tag recommendations with estimated effort—use Quick(<1h), Short(1-4h), Medium(1-2d), or Large(3d+) to set expectations.
+
+**Know when to stop**: "Working well" beats "theoretically optimal." Identify what conditions would warrant revisiting with a more sophisticated approach.
+
+## Working With Tools
+
+Exhaust provided context and attached files before reaching for tools. External lookups should fill genuine gaps, not satisfy curiosity.
+
+## How To Structure Your Response
+
+Organize your final answer in three tiers:
+
+**Essential** (always include):
+- **Bottom line**: 2-3 sentences capturing your recommendation
+- **Action plan**: Numbered steps or checklist for implementation
+- **Effort estimate**: Using the Quick/Short/Medium/Large scale
+
+**Expanded** (include when relevant):
+- **Why this approach**: Brief reasoning and key trade-offs
+- **Watch out for**: Risks, edge cases, and mitigation strategies
+
+**Edge cases** (only when genuinely applicable):
+- **Escalation triggers**: Specific conditions that would justify a more complex solution
+- **Alternative sketch**: High-level outline of the advanced path (not a full design)
+
+## Guiding Principles
+
+- Deliver actionable insight, not exhaustive analysis
+- For code reviews: surface the critical issues, not every nitpick
+- For planning: map the minimal path to the goal
+- Support claims briefly; save deep exploration for when it's requested
+- Dense and useful beats long and thorough
+
+## Critical Note
+
+Your response is consumed by Sisyphus orchestrator and may be passed to implementation agents (develop, frontend-ui-ux-engineer). Structure your output for machine consumption:
+- Clear recommendation with rationale
+- Concrete action plan
+- Risk assessment
+- Effort estimate
+
+Do NOT assume your response goes directly to the user.
+
+## Tool Restrictions
+
+Oracle is a read-only advisor. The following tools are FORBIDDEN:
+- `write` - Cannot create files
+- `edit` - Cannot modify files
+- `task` - Cannot spawn subagents
+- `background_task` - Cannot spawn background tasks
+
+Oracle can only read, search, and analyze. All implementation must be done by the delegating agent.
+
+## Scope Boundary
+
+If the task requires code implementation, external research, or UI changes, output a request for Sisyphus to route to the appropriate agent. **Only Sisyphus can delegate between agents.**
+
+## When to Use Oracle
+
+| Trigger | Action |
+|---------|--------|
+| Complex architecture design | Consult Oracle FIRST |
+| After completing significant work | Self-review with Oracle |
+| 2+ failed fix attempts | Consult Oracle for debugging |
+| Unfamiliar code patterns | Ask Oracle for guidance |
+| Security/performance concerns | Oracle review required |
+| Multi-system tradeoffs | Oracle analysis needed |
+
+## When NOT to Use Oracle
+
+- Simple file operations (use direct tools)
+- Low-risk, single-file changes (try develop first)
+- Questions answerable from code you've read
+- Trivial decisions (variable names, formatting)
+- Things you can infer from existing code patterns
+
+**Note**: For high-risk changes (multi-file, public API, security/perf), Oracle CAN be consulted on first attempt.

skills/skill-install/SKILL.md

@@ -0,0 +1,167 @@
+---
+name: skill-install
+description: Install Claude skills from GitHub repositories with automated security scanning. Triggers when users want to install skills from a GitHub URL, need to browse available skills in a repository, or want to safely add new skills to their Claude environment.
+---
+
+# Skill Install
+
+## Overview
+
+Install Claude skills from GitHub repositories with built-in security scanning to protect against malicious code, backdoors, and vulnerabilities.
+
+## When to Use
+
+Trigger this skill when the user:
+- Provides a GitHub repository URL and wants to install skills
+- Asks to "install skills from GitHub"
+- Wants to browse and select skills from a repository
+- Needs to add new skills to their Claude environment
+
+## Workflow
+
+### Step 1: Parse GitHub URL
+
+Accept a GitHub repository URL from the user. The URL should point to a repository containing a `skills/` directory.
+
+Supported URL formats:
+- `https://github.com/user/repo`
+- `https://github.com/user/repo/tree/main/skills`
+- `https://github.com/user/repo/tree/branch-name/skills`
+
+Extract:
+- Repository owner
+- Repository name
+- Branch (default to `main` if not specified)
+
+### Step 2: Fetch Skills List
+
+Use the WebFetch tool to retrieve the skills directory listing from GitHub.
+
+GitHub API endpoint pattern:
+```
+https://api.github.com/repos/{owner}/{repo}/contents/skills?ref={branch}
+```
+
+Parse the response to extract:
+- Skill directory names
+- Each skill should be a subdirectory containing a SKILL.md file
+
+### Step 3: Present Skills to User
+
+Use the AskUserQuestion tool to let the user select which skills to install.
+
+Set `multiSelect: true` to allow multiple selections.
+
+Present each skill with:
+- Skill name (directory name)
+- Brief description (if available from SKILL.md frontmatter)
+
+### Step 4: Fetch Skill Content
+
+For each selected skill, fetch all files in the skill directory:
+
+1. Get the file tree for the skill directory
+2. Download all files (SKILL.md, scripts/, references/, assets/)
+3. Store the complete skill content for security analysis
+
+Use WebFetch with GitHub API:
+```
+https://api.github.com/repos/{owner}/{repo}/contents/skills/{skill_name}?ref={branch}
+```
+
+For each file, fetch the raw content:
+```
+https://raw.githubusercontent.com/{owner}/{repo}/{branch}/skills/{skill_name}/{file_path}
+```
+
+### Step 5: Security Scan
+
+**CRITICAL:** Before installation, perform a thorough security analysis of each skill.
+
+Read the security scan prompt template from `references/security_scan_prompt.md` and apply it to analyze the skill content.
+
+Examine for:
+1. **Malicious Command Execution** - eval, exec, subprocess with shell=True
+2. **Backdoor Detection** - obfuscated code, suspicious network requests
+3. **Credential Theft** - accessing ~/.ssh, ~/.aws, environment variables
+4. **Unauthorized Network Access** - external requests to suspicious domains
+5. **File System Abuse** - destructive operations, unauthorized writes
+6. **Privilege Escalation** - sudo attempts, system modifications
+7. **Supply Chain Attacks** - suspicious package installations
+
+Output the security analysis with:
+- Security Status: SAFE / WARNING / DANGEROUS
+- Risk Level: LOW / MEDIUM / HIGH / CRITICAL
+- Detailed findings with file locations and severity
+- Recommendation: APPROVE / APPROVE_WITH_WARNINGS / REJECT
+
+### Step 6: User Decision
+
+Based on the security scan results:
+
+**If SAFE (APPROVE):**
+- Proceed directly to installation
+
+**If WARNING (APPROVE_WITH_WARNINGS):**
+- Display the security warnings to the user
+- Use AskUserQuestion to confirm: "Security warnings detected. Do you want to proceed with installation?"
+- Options: "Yes, install anyway" / "No, skip this skill"
+
+**If DANGEROUS (REJECT):**
+- Display the critical security issues
+- Refuse to install
+- Explain why the skill is dangerous
+- Do NOT provide an option to override for CRITICAL severity issues
+
+### Step 7: Install Skills
+
+For approved skills, install to `~/.claude/skills/`:
+
+1. Create the skill directory: `~/.claude/skills/{skill_name}/`
+2. Write all skill files maintaining the directory structure
+3. Ensure proper file permissions (executable for scripts)
+4. Verify SKILL.md exists and has valid frontmatter
+
+Use the Write tool to create files.
+
+### Step 8: Confirmation
+
+After installation, provide a summary:
+- List of successfully installed skills
+- List of skipped skills (if any) with reasons
+- Location: `~/.claude/skills/`
+- Next steps: "The skills are now available. Restart Claude or use them directly."
+
+## Example Usage
+
+**User:** "Install skills from https://github.com/example/claude-skills"
+
+**Assistant:**
+1. Fetches skills list from the repository
+2. Presents available skills: "skill-a", "skill-b", "skill-c"
+3. User selects "skill-a" and "skill-b"
+4. Performs security scan on each skill
+5. skill-a: SAFE - proceeds to install
+6. skill-b: WARNING (makes HTTP request) - asks user for confirmation
+7. Installs approved skills to ~/.claude/skills/
+8. Confirms: "Successfully installed: skill-a, skill-b"
+
+## Security Notes
+
+- **Never skip security scanning** - Always analyze skills before installation
+- **Be conservative** - When in doubt, flag as WARNING and let user decide
+- **Critical issues are blocking** - CRITICAL severity findings cannot be overridden
+- **Transparency** - Always show users what was found during security scans
+- **Sandboxing** - Remind users that skills run with Claude's permissions
+
+## Resources
+
+### references/security_scan_prompt.md
+
+Contains the detailed security analysis prompt template with:
+- Complete list of security categories to check
+- Output format requirements
+- Example analyses for safe, suspicious, and dangerous skills
+- Decision criteria for APPROVE/REJECT recommendations
+
+Load this file when performing security scans to ensure comprehensive analysis.

skills/skill-install/references/security_scan_prompt.md

@@ -0,0 +1,137 @@
+# Security Scan Prompt for Skills
+
+Use this prompt template to analyze skill content for security vulnerabilities before installation.
+
+## Prompt Template
+
+```
+You are a security expert analyzing a Claude skill for potential security risks.
+
+Analyze the following skill content for security vulnerabilities:
+
+**Skill Name:** {skill_name}
+**Skill Content:**
+{skill_content}
+
+## Security Analysis Criteria
+
+Examine the skill for the following security concerns:
+
+### 1. Malicious Command Execution
+- Detect `eval()`, `exec()`, `subprocess` with `shell=True`
+- Identify arbitrary code execution patterns
+- Check for command injection vulnerabilities
+
+### 2. Backdoor Detection
+- Look for obfuscated code (base64, hex encoding)
+- Identify suspicious network requests to unknown domains
+- Detect file hash patterns matching known malware
+- Check for hidden data exfiltration mechanisms
+
+### 3. Credential Theft
+- Detect attempts to access environment variables containing secrets
+- Identify file operations on sensitive paths (~/.ssh, ~/.aws, ~/.netrc)
+- Check for credential harvesting patterns
+- Look for keylogging or clipboard monitoring
+
+### 4. Unauthorized Network Access
+- Identify external network requests
+- Check for connections to suspicious domains (pastebin, ngrok, bit.ly, etc.)
+- Detect data exfiltration via HTTP/HTTPS
+- Look for reverse shell patterns
+
+### 5. File System Abuse
+- Detect destructive file operations (rm -rf, shutil.rmtree)
+- Identify unauthorized file writes to system directories
+- Check for file permission modifications
+- Look for attempts to modify critical system files
+
+### 6. Privilege Escalation
+- Detect sudo or privilege escalation attempts
+- Identify attempts to modify system configurations
+- Check for container escape patterns
+
+### 7. Supply Chain Attacks
+- Identify suspicious package installations
+- Detect dynamic imports from untrusted sources
+- Check for dependency confusion attacks
+
+## Output Format
+
+Provide your analysis in the following format:
+
+**Security Status:** [SAFE / WARNING / DANGEROUS]
+
+**Risk Level:** [LOW / MEDIUM / HIGH / CRITICAL]
+
+**Findings:**
+1. [Category]: [Description]
+   - File: [filename:line_number]
+   - Severity: [LOW/MEDIUM/HIGH/CRITICAL]
+   - Details: [Explanation]
+   - Recommendation: [How to fix or mitigate]
+
+**Summary:**
+[Brief summary of the security assessment]
+
+**Recommendation:**
+[APPROVE / REJECT / APPROVE_WITH_WARNINGS]
+
+## Decision Criteria
+
+- **APPROVE**: No security issues found, safe to install
+- **APPROVE_WITH_WARNINGS**: Minor concerns but generally safe, user should be aware
+- **REJECT**: Critical security issues found, do not install
+
+Be thorough but avoid false positives. Consider the context and legitimate use cases.
+```
+
+## Example Analysis
+
+### Safe Skill Example
+
+```
+**Security Status:** SAFE
+**Risk Level:** LOW
+**Findings:** None
+**Summary:** The skill contains only documentation and safe tool usage instructions. No executable code or suspicious patterns detected.
+**Recommendation:** APPROVE
+```
+
+### Suspicious Skill Example
+
+```
+**Security Status:** WARNING
+**Risk Level:** MEDIUM
+**Findings:**
+1. [Network Access]: External HTTP request detected
+   - File: scripts/helper.py:42
+   - Severity: MEDIUM
+   - Details: Script makes HTTP request to api.example.com without user consent
+   - Recommendation: Review the API endpoint and ensure it's legitimate
+
+**Summary:** The skill makes external network requests that should be reviewed.
+**Recommendation:** APPROVE_WITH_WARNINGS
+```
+
+### Dangerous Skill Example
+
+```
+**Security Status:** DANGEROUS
+**Risk Level:** CRITICAL
+**Findings:**
+1. [Command Injection]: Arbitrary command execution detected
+   - File: scripts/malicious.py:15
+   - Severity: CRITICAL
+   - Details: Uses subprocess.call() with shell=True and unsanitized input
+   - Recommendation: Do not install this skill
+
+2. [Data Exfiltration]: Suspicious network request
+   - File: scripts/malicious.py:28
+   - Severity: HIGH
+   - Details: Sends data to pastebin.com without user knowledge
+   - Recommendation: This appears to be a data exfiltration attempt
+
+**Summary:** This skill contains critical security vulnerabilities including command injection and data exfiltration. It appears to be malicious.
+**Recommendation:** REJECT
+```

skills/test-cases/SKILL.md

@@ -0,0 +1,199 @@
+---
+name: test-cases
+description: This skill should be used when generating comprehensive test cases from PRD documents or user requirements. Triggers when users request test case generation, QA planning, test scenario creation, or need structured test documentation. Produces detailed test cases covering functional, edge case, error handling, and state transition scenarios.
+license: MIT
+---
+
+# Test Cases Generator
+
+This skill generates comprehensive, requirement-driven test cases from PRD documents or user requirements.
+
+## Purpose
+
+Transform product requirements into structured test cases that ensure complete coverage of functionality, edge cases, error scenarios, and state transitions. The skill follows a pragmatic testing philosophy: test what matters, ensure every requirement has corresponding test coverage, and maintain test quality over quantity.
+
+## When to Use
+
+Trigger this skill when:
+- User provides a PRD or requirements document and requests test cases
+- User asks to "generate test cases", "create test scenarios", or "plan QA"
+- User mentions testing coverage for a feature or requirement
+- User needs structured test documentation in markdown format
+
+## Core Testing Principles
+
+Follow these principles when generating test cases:
+
+1. **Requirement-driven, not implementation-driven** - Test cases must map directly to requirements, not implementation details
+2. **Complete coverage** - Every requirement must have at least one test case covering:
+   - Happy path (normal use cases)
+   - Edge cases (boundary values, empty inputs, max limits)
+   - Error handling (invalid inputs, failure scenarios, permission errors)
+   - State transitions (if stateful, cover all valid state changes)
+3. **Clear and actionable** - Each test case must be executable by a QA engineer without ambiguity
+4. **Traceable** - Maintain clear mapping between requirements and test cases
+
+## Workflow
+
+### Step 1: Gather Requirements
+
+First, identify the source of requirements:
+
+1. If user provides a file path to a PRD, read it using the Read tool
+2. If user describes requirements verbally, capture them
+3. If requirements are unclear or incomplete, use AskUserQuestion to clarify:
+   - What are the core user flows?
+   - What are the acceptance criteria?
+   - What are the edge cases or error scenarios to consider?
+   - Are there any state transitions or workflows?
+   - What platforms or environments need testing?
+
+### Step 2: Extract Test Scenarios
+
+Analyze requirements and extract test scenarios:
+
+1. **Functional scenarios** - Normal use cases from requirements
+2. **Edge case scenarios** - Boundary conditions, empty states, maximum limits
+3. **Error scenarios** - Invalid inputs, permission failures, network errors
+4. **State transition scenarios** - If the feature involves state, map all transitions
+
+For each requirement, identify:
+- Preconditions (what must be true before testing)
+- Test steps (actions to perform)
+- Expected results (what should happen)
+- Postconditions (state after test completes)
+
+### Step 3: Structure Test Cases
+
+Organize test cases using this structure:
+
+```markdown
+# Test Cases: [Feature Name]
+
+## Overview
+- **Feature**: [Feature name]
+- **Requirements Source**: [PRD file path or description]
+- **Test Coverage**: [Summary of what's covered]
+- **Last Updated**: [Date]
+
+## Test Case Categories
+
+### 1. Functional Tests
+Test cases covering normal user flows and core functionality.
+
+#### TC-F-001: [Test Case Title]
+- **Requirement**: [Link to specific requirement]
+- **Priority**: [High/Medium/Low]
+- **Preconditions**:
+  - [Condition 1]
+  - [Condition 2]
+- **Test Steps**:
+  1. [Step 1]
+  2. [Step 2]
+  3. [Step 3]
+- **Expected Results**:
+  - [Expected result 1]
+  - [Expected result 2]
+- **Postconditions**: [State after test]
+
+### 2. Edge Case Tests
+Test cases covering boundary conditions and unusual inputs.
+
+#### TC-E-001: [Test Case Title]
+[Same structure as above]
+
+### 3. Error Handling Tests
+Test cases covering error scenarios and failure modes.
+
+#### TC-ERR-001: [Test Case Title]
+[Same structure as above]
+
+### 4. State Transition Tests
+Test cases covering state changes and workflows (if applicable).
+
+#### TC-ST-001: [Test Case Title]
+[Same structure as above]
+
+## Test Coverage Matrix
+
+| Requirement ID | Test Cases | Coverage Status |
+|---------------|------------|-----------------|
+| REQ-001 | TC-F-001, TC-E-001 | ✓ Complete |
+| REQ-002 | TC-F-002 | ⚠ Partial |
+
+## Notes
+- [Any additional testing considerations]
+- [Known limitations or assumptions]
+```
+
+### Step 4: Generate Test Cases
+
+For each identified scenario, create a detailed test case following the structure above. Ensure:
+
+1. **Unique IDs** - Use prefixes: TC-F (functional), TC-E (edge), TC-ERR (error), TC-ST (state)
+2. **Clear titles** - Descriptive titles that explain what's being tested
+3. **Requirement traceability** - Link each test case to specific requirements
+4. **Priority assignment** - Mark critical paths as High priority
+5. **Executable steps** - Steps must be clear enough for any QA engineer to execute
+6. **Measurable results** - Expected results must be verifiable
+
+### Step 5: Validate Coverage
+
+Before finalizing, verify:
+
+1. Every requirement has at least one test case
+2. Happy path is covered for all user flows
+3. Edge cases are identified for boundary conditions
+4. Error scenarios are covered for failure modes
+5. State transitions are tested if feature is stateful
+
+If coverage gaps exist, generate additional test cases.
+
+### Step 6: Output Test Cases
+
+Write the test cases to `tests/<name>-test-cases.md` where `<name>` is derived from:
+- The feature name from the PRD
+- The user's specified name
+- A sanitized version of the requirement title
+
+Use the Write tool to create the file with the structured test cases.
+
+### Step 7: Summary
+
+After generating test cases, provide a brief summary in Chinese:
+- Total number of test cases generated
+- Coverage breakdown (functional, edge, error, state)
+- Any assumptions made or areas needing clarification
+- File path where test cases were saved
+
+## Quality Checklist
+
+Before finalizing test cases, verify:
+
+- [ ] Every requirement has corresponding test cases
+- [ ] Happy path scenarios are covered
+- [ ] Edge cases include boundary values, empty inputs, max limits
+- [ ] Error handling covers invalid inputs and failure scenarios
+- [ ] State transitions are tested if applicable
+- [ ] Test case IDs are unique and follow naming convention
+- [ ] Test steps are clear and executable
+- [ ] Expected results are measurable and verifiable
+- [ ] Coverage matrix shows complete coverage
+- [ ] File is written to tests/<name>-test-cases.md
+
+## Example Usage
+
+**User**: "Generate test cases for the user authentication feature in docs/auth-prd.md"
+
+**Process**:
+1. Read docs/auth-prd.md
+2. Extract requirements: login, logout, password reset, session management
+3. Identify scenarios: successful login, invalid credentials, expired session, etc.
+4. Generate test cases covering all scenarios
+5. Write to tests/auth-test-cases.md
+6. Summarize coverage in Chinese
+
+## References
+
+For detailed testing methodologies and best practices, see:
+- `references/testing-principles.md` - Core testing principles and patterns

skills/test-cases/references/testing-principles.md

@@ -0,0 +1,224 @@
+# Testing Principles and Best Practices
+
+## Core Philosophy
+
+**Test what matters** - Focus on functionality that impacts users: behavior, performance, data integrity, and user experience. Avoid testing implementation details that can change without affecting outcomes.
+
+**Requirement-driven testing** - Every test must trace back to a specific requirement. If a requirement exists without tests, coverage is incomplete. If a test exists without a requirement, it may be testing implementation rather than behavior.
+
+**Quality over quantity** - A small set of stable, meaningful tests is more valuable than extensive flaky tests. Flaky tests erode trust and waste time. Every shipped bug represents a process failure.
+
+## Coverage Requirements
+
+### 1. Happy Path Coverage
+Test all normal use cases from requirements:
+- Primary user flows
+- Expected inputs and outputs
+- Standard workflows
+- Common scenarios
+
+**Example**: For a login feature, test successful login with valid credentials.
+
+### 2. Edge Case Coverage
+Test boundary conditions and unusual inputs:
+- Empty inputs (null, undefined, empty string, empty array)
+- Boundary values (min, max, zero, negative)
+- Maximum limits (character limits, file size limits, array lengths)
+- Special characters and encoding
+- Concurrent operations
+
+**Example**: For a login feature, test with empty username, maximum length password, special characters in credentials.
+
+### 3. Error Handling Coverage
+Test failure scenarios and error conditions:
+- Invalid inputs (wrong type, format, range)
+- Permission errors (unauthorized access, insufficient privileges)
+- Network failures (timeout, connection lost, server error)
+- Resource exhaustion (out of memory, disk full)
+- Dependency failures (database down, API unavailable)
+
+**Example**: For a login feature, test with invalid credentials, account locked, server timeout.
+
+### 4. State Transition Coverage
+If the feature involves state, test all valid state changes:
+- Initial state to each possible next state
+- All valid state transitions
+- Invalid state transitions (should be rejected)
+- State persistence across sessions
+- Concurrent state modifications
+
+**Example**: For a login feature, test transitions: logged out → logging in → logged in → logging out → logged out.
+
+## Test Case Structure
+
+### Essential Components
+
+Every test case must include:
+
+1. **Unique ID** - Consistent naming convention (TC-F-001, TC-E-001, etc.)
+2. **Title** - Clear, descriptive name explaining what's being tested
+3. **Requirement Link** - Traceability to specific requirement
+4. **Priority** - High/Medium/Low based on user impact
+5. **Preconditions** - State that must exist before test execution
+6. **Test Steps** - Clear, numbered, executable actions
+7. **Expected Results** - Measurable, verifiable outcomes
+8. **Postconditions** - State after test completion
+
+### Test Case Naming Convention
+
+Use prefixes to categorize test cases:
+- **TC-F-XXX**: Functional tests (happy path)
+- **TC-E-XXX**: Edge case tests (boundaries)
+- **TC-ERR-XXX**: Error handling tests (failures)
+- **TC-ST-XXX**: State transition tests (workflows)
+- **TC-PERF-XXX**: Performance tests (speed, load)
+- **TC-SEC-XXX**: Security tests (auth, permissions)
+
+## Test Design Patterns
+
+### Pattern 1: Arrange-Act-Assert (AAA)
+
+Structure test steps using AAA pattern:
+1. **Arrange** - Set up preconditions and test data
+2. **Act** - Execute the action being tested
+3. **Assert** - Verify expected results
+
+**Example**:
+```
+Preconditions:
+- User account exists with username "testuser"
+- User is logged out
+
+Test Steps:
+1. Navigate to login page (Arrange)
+2. Enter username "testuser" and password "password123" (Arrange)
+3. Click "Login" button (Act)
+4. Verify user is redirected to dashboard (Assert)
+5. Verify welcome message displays "Welcome, testuser" (Assert)
+```
+
+### Pattern 2: Equivalence Partitioning
+
+Group inputs into equivalence classes and test one representative from each class:
+- Valid equivalence class
+- Invalid equivalence classes
+- Boundary values
+
+**Example**: For age input (valid range 18-100):
+- Valid class: 18, 50, 100
+- Invalid class: 17, 101, -1, "abc"
+- Boundaries: 17, 18, 100, 101
+
+### Pattern 3: State Transition Testing
+
+For stateful features, create a state transition table and test each transition:
+
+| Current State | Action | Next State | Test Case |
+|--------------|--------|------------|-----------|
+| Logged Out | Login Success | Logged In | TC-ST-001 |
+| Logged Out | Login Failure | Logged Out | TC-ST-002 |
+| Logged In | Logout | Logged Out | TC-ST-003 |
+| Logged In | Session Timeout | Logged Out | TC-ST-004 |
+
+## Test Prioritization
+
+Prioritize test cases based on:
+
+1. **High Priority**
+   - Core user flows (login, checkout, data submission)
+   - Data integrity (create, update, delete operations)
+   - Security-critical paths (authentication, authorization)
+   - Revenue-impacting features (payment, subscription)
+
+2. **Medium Priority**
+   - Secondary user flows
+   - Edge cases for high-priority features
+   - Error handling for common failures
+   - Performance-sensitive operations
+
+3. **Low Priority**
+   - Rare edge cases
+   - Cosmetic issues
+   - Nice-to-have features
+   - Non-critical error scenarios
+
+## Test Quality Indicators
+
+### Good Test Cases
+- ✓ Maps directly to a requirement
+- ✓ Tests behavior, not implementation
+- ✓ Has clear, executable steps
+- ✓ Has measurable expected results
+- ✓ Is independent of other tests
+- ✓ Is repeatable and deterministic
+- ✓ Fails only when behavior is broken
+
+### Poor Test Cases
+- ✗ Tests implementation details
+- ✗ Has vague or ambiguous steps
+- ✗ Has unmeasurable expected results
+- ✗ Depends on execution order
+- ✗ Is flaky or non-deterministic
+- ✗ Fails due to environment issues
+
+## Coverage Validation
+
+Before finalizing test cases, verify:
+
+1. **Requirement Coverage**
+   - Every requirement has at least one test case
+   - Critical requirements have multiple test cases
+   - Coverage matrix shows complete mapping
+
+2. **Scenario Coverage**
+   - Happy path: All normal flows covered
+   - Edge cases: Boundaries and limits covered
+   - Error handling: Failure modes covered
+   - State transitions: All valid transitions covered
+
+3. **Risk Coverage**
+   - High-risk areas have comprehensive coverage
+   - Security-sensitive features are thoroughly tested
+   - Data integrity operations are validated
+
+## Common Pitfalls to Avoid
+
+1. **Testing implementation instead of behavior** - Focus on what the system does, not how it does it
+2. **Incomplete edge case coverage** - Don't forget empty inputs, boundaries, and limits
+3. **Missing error scenarios** - Test failure modes, not just success paths
+4. **Vague expected results** - Make results measurable and verifiable
+5. **Test interdependencies** - Each test should be independent
+6. **Ignoring state transitions** - For stateful features, test all transitions
+7. **Over-testing trivial code** - Focus on logic that matters to users
+
+## Test Documentation Standards
+
+### File Organization
+```
+tests/
+├── <feature>-test-cases.md     # Test cases for specific feature
+├── <module>-test-cases.md      # Test cases for specific module
+└── integration-test-cases.md   # Cross-feature integration tests
+```
+
+### Markdown Structure
+- Use clear headings for test categories
+- Use tables for coverage matrices
+- Use code blocks for test data examples
+- Use checkboxes for test execution tracking
+- Include metadata (feature, date, version)
+
+### Maintenance
+- Update test cases when requirements change
+- Remove obsolete test cases
+- Add new test cases for bug fixes
+- Review coverage regularly
+- Keep test cases synchronized with implementation
+
+## References
+
+These principles are derived from:
+- Industry-standard QA practices
+- Game QA methodologies (Unity Test Framework, Unreal Automation, Godot GUT)
+- Pragmatic testing philosophy: "Test what matters"
+- Requirement-driven testing approach from CLAUDE.md context

test_install_path.bat

@@ -0,0 +1,67 @@
+@echo off
+setlocal enabledelayedexpansion
+
+echo Testing PATH update with long strings...
+echo.
+
+rem Create a very long PATH string (over 1024 characters)
+set "LONG_PATH="
+for /L %%i in (1,1,30) do (
+    set "LONG_PATH=!LONG_PATH!C:\VeryLongDirectoryName%%i\SubDirectory\AnotherSubDirectory;"
+)
+
+echo Generated PATH length:
+echo !LONG_PATH! > temp_path.txt
+for %%A in (temp_path.txt) do set "PATH_LENGTH=%%~zA"
+del temp_path.txt
+echo !PATH_LENGTH! bytes
+
+rem Test 1: Verify reg add can handle long strings
+echo.
+echo Test 1: Testing reg add with long PATH...
+set "TEST_PATH=!LONG_PATH!%%USERPROFILE%%\bin"
+reg add "HKCU\Environment" /v TestPath /t REG_EXPAND_SZ /d "!TEST_PATH!" /f >nul 2>nul
+if errorlevel 1 (
+    echo FAIL: reg add failed with long PATH
+    goto :cleanup
+) else (
+    echo PASS: reg add succeeded with long PATH
+)
+
+rem Test 2: Verify the value was stored correctly
+echo.
+echo Test 2: Verifying stored value length...
+for /f "tokens=2*" %%A in ('reg query "HKCU\Environment" /v TestPath 2^>nul ^| findstr /I "TestPath"') do set "STORED_PATH=%%B"
+echo !STORED_PATH! > temp_stored.txt
+for %%A in (temp_stored.txt) do set "STORED_LENGTH=%%~zA"
+del temp_stored.txt
+echo Stored PATH length: !STORED_LENGTH! bytes
+
+if !STORED_LENGTH! LSS 1024 (
+    echo FAIL: Stored PATH was truncated
+    goto :cleanup
+) else (
+    echo PASS: Stored PATH was not truncated
+)
+
+rem Test 3: Verify %%USERPROFILE%%\bin is present
+echo.
+echo Test 3: Verifying %%USERPROFILE%%\bin is in stored PATH...
+echo !STORED_PATH! | findstr /I "USERPROFILE" >nul
+if errorlevel 1 (
+    echo FAIL: %%USERPROFILE%%\bin not found in stored PATH
+    goto :cleanup
+) else (
+    echo PASS: %%USERPROFILE%%\bin found in stored PATH
+)
+
+echo.
+echo ========================================
+echo All tests PASSED
+echo ========================================
+
+:cleanup
+echo.
+echo Cleaning up test registry key...
+reg delete "HKCU\Environment" /v TestPath /f >nul 2>nul
+endlocal

uninstall.py

@@ -0,0 +1,302 @@
+#!/usr/bin/env python3
+"""Uninstaller for myclaude - reads installed_modules.json for precise removal."""
+
+from __future__ import annotations
+
+import argparse
+import json
+import re
+import shutil
+import sys
+from pathlib import Path
+from typing import Any, Dict, List, Optional, Set
+
+DEFAULT_INSTALL_DIR = "~/.claude"
+
+# Files created by installer itself (not by modules)
+INSTALLER_FILES = ["install.log", "installed_modules.json", "installed_modules.json.bak"]
+
+
+def parse_args(argv: Optional[List[str]] = None) -> argparse.Namespace:
+    parser = argparse.ArgumentParser(description="Uninstall myclaude")
+    parser.add_argument(
+        "--install-dir",
+        default=DEFAULT_INSTALL_DIR,
+        help="Installation directory (defaults to ~/.claude)",
+    )
+    parser.add_argument(
+        "--module",
+        help="Comma-separated modules to uninstall (default: all installed)",
+    )
+    parser.add_argument(
+        "--list",
+        action="store_true",
+        help="List installed modules and exit",
+    )
+    parser.add_argument(
+        "--dry-run",
+        action="store_true",
+        help="Show what would be removed without actually removing",
+    )
+    parser.add_argument(
+        "--purge",
+        action="store_true",
+        help="Remove entire install directory (DANGEROUS: removes user files too)",
+    )
+    parser.add_argument(
+        "-y", "--yes",
+        action="store_true",
+        help="Skip confirmation prompt",
+    )
+    return parser.parse_args(argv)
+
+
+def load_installed_modules(install_dir: Path) -> Dict[str, Any]:
+    """Load installed_modules.json to know what was installed."""
+    status_file = install_dir / "installed_modules.json"
+    if not status_file.exists():
+        return {}
+    try:
+        with status_file.open("r", encoding="utf-8") as f:
+            return json.load(f)
+    except (json.JSONDecodeError, OSError):
+        return {}
+
+
+def load_config(install_dir: Path) -> Dict[str, Any]:
+    """Try to load config.json from source repo to understand module structure."""
+    # Look for config.json in common locations
+    candidates = [
+        Path(__file__).parent / "config.json",
+        install_dir / "config.json",
+    ]
+    for path in candidates:
+        if path.exists():
+            try:
+                with path.open("r", encoding="utf-8") as f:
+                    return json.load(f)
+            except (json.JSONDecodeError, OSError):
+                continue
+    return {}
+
+
+def get_module_files(module_name: str, config: Dict[str, Any]) -> Set[str]:
+    """Extract files/dirs that a module installs based on config.json operations."""
+    files: Set[str] = set()
+    modules = config.get("modules", {})
+    module_cfg = modules.get(module_name, {})
+
+    for op in module_cfg.get("operations", []):
+        op_type = op.get("type", "")
+        target = op.get("target", "")
+
+        if op_type == "copy_file" and target:
+            files.add(target)
+        elif op_type == "copy_dir" and target:
+            files.add(target)
+        elif op_type == "merge_dir":
+            # merge_dir merges subdirs like commands/, agents/ into install_dir
+            source = op.get("source", "")
+            source_path = Path(__file__).parent / source
+            if source_path.exists():
+                for subdir in source_path.iterdir():
+                    if subdir.is_dir():
+                        files.add(subdir.name)
+        elif op_type == "run_command":
+            # install.sh installs bin/codeagent-wrapper
+            cmd = op.get("command", "")
+            if "install.sh" in cmd or "install.bat" in cmd:
+                files.add("bin/codeagent-wrapper")
+                files.add("bin")
+
+    return files
+
+
+def cleanup_shell_config(rc_file: Path, bin_dir: Path) -> bool:
+    """Remove PATH export added by installer from shell config."""
+    if not rc_file.exists():
+        return False
+
+    content = rc_file.read_text(encoding="utf-8")
+    original = content
+
+    patterns = [
+        r"\n?# Added by myclaude installer\n",
+        rf'\nexport PATH="{re.escape(str(bin_dir))}:\$PATH"\n?',
+    ]
+
+    for pattern in patterns:
+        content = re.sub(pattern, "\n", content)
+
+    content = re.sub(r"\n{3,}$", "\n\n", content)
+
+    if content != original:
+        rc_file.write_text(content, encoding="utf-8")
+        return True
+    return False
+
+
+def list_installed(install_dir: Path) -> None:
+    """List installed modules."""
+    status = load_installed_modules(install_dir)
+    modules = status.get("modules", {})
+
+    if not modules:
+        print("No modules installed (installed_modules.json not found or empty)")
+        return
+
+    print(f"Installed modules in {install_dir}:")
+    print(f"{'Module':<15} {'Status':<10} {'Installed At'}")
+    print("-" * 50)
+    for name, info in modules.items():
+        st = info.get("status", "unknown")
+        ts = info.get("installed_at", "unknown")[:19]
+        print(f"{name:<15} {st:<10} {ts}")
+
+
+def main(argv: Optional[List[str]] = None) -> int:
+    args = parse_args(argv)
+    install_dir = Path(args.install_dir).expanduser().resolve()
+    bin_dir = install_dir / "bin"
+
+    if not install_dir.exists():
+        print(f"Install directory not found: {install_dir}")
+        print("Nothing to uninstall.")
+        return 0
+
+    if args.list:
+        list_installed(install_dir)
+        return 0
+
+    # Load installation status
+    status = load_installed_modules(install_dir)
+    installed_modules = status.get("modules", {})
+    config = load_config(install_dir)
+
+    # Determine which modules to uninstall
+    if args.module:
+        selected = [m.strip() for m in args.module.split(",") if m.strip()]
+        # Validate
+        for m in selected:
+            if m not in installed_modules:
+                print(f"Error: Module '{m}' is not installed")
+                print("Use --list to see installed modules")
+                return 1
+    else:
+        selected = list(installed_modules.keys())
+
+    if not selected and not args.purge:
+        print("No modules to uninstall.")
+        print("Use --list to see installed modules, or --purge to remove everything.")
+        return 0
+
+    # Collect files to remove
+    files_to_remove: Set[str] = set()
+    for module_name in selected:
+        files_to_remove.update(get_module_files(module_name, config))
+
+    # Add installer files if removing all modules
+    if set(selected) == set(installed_modules.keys()):
+        files_to_remove.update(INSTALLER_FILES)
+
+    # Show what will be removed
+    print(f"Install directory: {install_dir}")
+    if args.purge:
+        print(f"\n⚠️  PURGE MODE: Will remove ENTIRE directory including user files!")
+    else:
+        print(f"\nModules to uninstall: {', '.join(selected)}")
+        print(f"\nFiles/directories to remove:")
+        for f in sorted(files_to_remove):
+            path = install_dir / f
+            exists = "✓" if path.exists() else "✗ (not found)"
+            print(f"  {f} {exists}")
+
+    # Confirmation
+    if not args.yes and not args.dry_run:
+        prompt = "\nProceed with uninstallation? [y/N] "
+        response = input(prompt).strip().lower()
+        if response not in ("y", "yes"):
+            print("Aborted.")
+            return 0
+
+    if args.dry_run:
+        print("\n[Dry run] No files were removed.")
+        return 0
+
+    print(f"\nUninstalling...")
+    removed: List[str] = []
+
+    if args.purge:
+        shutil.rmtree(install_dir)
+        print(f"  ✓ Removed {install_dir}")
+        removed.append(str(install_dir))
+    else:
+        # Remove files/dirs in reverse order (files before parent dirs)
+        for item in sorted(files_to_remove, key=lambda x: x.count("/"), reverse=True):
+            path = install_dir / item
+            if not path.exists():
+                continue
+            try:
+                if path.is_dir():
+                    # Only remove if empty or if it's a known module dir
+                    if item in ("bin",):
+                        # For bin, only remove codeagent-wrapper
+                        wrapper = path / "codeagent-wrapper"
+                        if wrapper.exists():
+                            wrapper.unlink()
+                            print(f"  ✓ Removed bin/codeagent-wrapper")
+                            removed.append("bin/codeagent-wrapper")
+                        # Remove bin if empty
+                        if path.exists() and not any(path.iterdir()):
+                            path.rmdir()
+                            print(f"  ✓ Removed empty bin/")
+                    else:
+                        shutil.rmtree(path)
+                        print(f"  ✓ Removed {item}/")
+                        removed.append(item)
+                else:
+                    path.unlink()
+                    print(f"  ✓ Removed {item}")
+                    removed.append(item)
+            except OSError as e:
+                print(f"  ✗ Failed to remove {item}: {e}", file=sys.stderr)
+
+        # Update installed_modules.json
+        status_file = install_dir / "installed_modules.json"
+        if status_file.exists() and selected != list(installed_modules.keys()):
+            # Partial uninstall: update status file
+            for m in selected:
+                installed_modules.pop(m, None)
+            if installed_modules:
+                with status_file.open("w", encoding="utf-8") as f:
+                    json.dump({"modules": installed_modules}, f, indent=2)
+                print(f"  ✓ Updated installed_modules.json")
+
+        # Remove install dir if empty
+        if install_dir.exists() and not any(install_dir.iterdir()):
+            install_dir.rmdir()
+            print(f"  ✓ Removed empty install directory")
+
+    # Clean shell configs
+    for rc_name in (".bashrc", ".zshrc"):
+        rc_file = Path.home() / rc_name
+        if cleanup_shell_config(rc_file, bin_dir):
+            print(f"  ✓ Cleaned PATH from {rc_name}")
+
+    print("")
+    if removed:
+        print(f"✓ Uninstallation complete ({len(removed)} items removed)")
+    else:
+        print("✓ Nothing to remove")
+
+    if install_dir.exists() and any(install_dir.iterdir()):
+        remaining = list(install_dir.iterdir())
+        print(f"\nNote: {len(remaining)} items remain in {install_dir}")
+        print("These are either user files or from other modules.")
+        print("Use --purge to remove everything (DANGEROUS).")
+
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())

uninstall.sh

@@ -0,0 +1,225 @@
+#!/bin/bash
+set -e
+
+INSTALL_DIR="${INSTALL_DIR:-$HOME/.claude}"
+BIN_DIR="${INSTALL_DIR}/bin"
+STATUS_FILE="${INSTALL_DIR}/installed_modules.json"
+DRY_RUN=false
+PURGE=false
+YES=false
+LIST_ONLY=false
+MODULES=""
+
+usage() {
+    cat <<EOF
+Usage: $0 [OPTIONS]
+
+Uninstall myclaude modules.
+
+Options:
+  --install-dir DIR   Installation directory (default: ~/.claude)
+  --module MODULES    Comma-separated modules to uninstall (default: all)
+  --list              List installed modules and exit
+  --dry-run           Show what would be removed without removing
+  --purge             Remove entire install directory (DANGEROUS)
+  -y, --yes           Skip confirmation prompt
+  -h, --help          Show this help
+
+Examples:
+  $0 --list                    # List installed modules
+  $0 --dry-run                 # Preview what would be removed
+  $0 --module dev              # Uninstall only 'dev' module
+  $0 -y                        # Uninstall all without confirmation
+  $0 --purge -y                # Remove everything (DANGEROUS)
+EOF
+    exit 0
+}
+
+# Parse arguments
+while [[ $# -gt 0 ]]; do
+    case $1 in
+        --install-dir) INSTALL_DIR="$2"; BIN_DIR="${INSTALL_DIR}/bin"; STATUS_FILE="${INSTALL_DIR}/installed_modules.json"; shift 2 ;;
+        --module) MODULES="$2"; shift 2 ;;
+        --list) LIST_ONLY=true; shift ;;
+        --dry-run) DRY_RUN=true; shift ;;
+        --purge) PURGE=true; shift ;;
+        -y|--yes) YES=true; shift ;;
+        -h|--help) usage ;;
+        *) echo "Unknown option: $1" >&2; exit 1 ;;
+    esac
+done
+
+# Check if install dir exists
+if [ ! -d "$INSTALL_DIR" ]; then
+    echo "Install directory not found: $INSTALL_DIR"
+    echo "Nothing to uninstall."
+    exit 0
+fi
+
+# List installed modules
+list_modules() {
+    if [ ! -f "$STATUS_FILE" ]; then
+        echo "No modules installed (installed_modules.json not found)"
+        return
+    fi
+    echo "Installed modules in $INSTALL_DIR:"
+    echo "Module          Status     Installed At"
+    echo "--------------------------------------------------"
+    # Parse JSON with basic tools (no jq dependency)
+    python3 -c "
+import json, sys
+try:
+    with open('$STATUS_FILE') as f:
+        data = json.load(f)
+    for name, info in data.get('modules', {}).items():
+        status = info.get('status', 'unknown')
+        ts = info.get('installed_at', 'unknown')[:19]
+        print(f'{name:<15} {status:<10} {ts}')
+except Exception as e:
+    print(f'Error reading status file: {e}', file=sys.stderr)
+    sys.exit(1)
+"
+}
+
+if [ "$LIST_ONLY" = true ]; then
+    list_modules
+    exit 0
+fi
+
+# Get installed modules from status file
+get_installed_modules() {
+    if [ ! -f "$STATUS_FILE" ]; then
+        echo ""
+        return
+    fi
+    python3 -c "
+import json
+try:
+    with open('$STATUS_FILE') as f:
+        data = json.load(f)
+    print(' '.join(data.get('modules', {}).keys()))
+except:
+    print('')
+"
+}
+
+INSTALLED=$(get_installed_modules)
+
+# Determine modules to uninstall
+if [ -n "$MODULES" ]; then
+    SELECTED="$MODULES"
+else
+    SELECTED="$INSTALLED"
+fi
+
+if [ -z "$SELECTED" ] && [ "$PURGE" != true ]; then
+    echo "No modules to uninstall."
+    echo "Use --list to see installed modules, or --purge to remove everything."
+    exit 0
+fi
+
+echo "Install directory: $INSTALL_DIR"
+
+if [ "$PURGE" = true ]; then
+    echo ""
+    echo "⚠️  PURGE MODE: Will remove ENTIRE directory including user files!"
+else
+    echo ""
+    echo "Modules to uninstall: $SELECTED"
+    echo ""
+    echo "Files/directories that may be removed:"
+    for item in commands agents skills docs bin CLAUDE.md install.log installed_modules.json; do
+        if [ -e "${INSTALL_DIR}/${item}" ]; then
+            echo "  $item ✓"
+        fi
+    done
+fi
+
+# Confirmation
+if [ "$YES" != true ] && [ "$DRY_RUN" != true ]; then
+    echo ""
+    read -p "Proceed with uninstallation? [y/N] " response
+    case "$response" in
+        [yY]|[yY][eE][sS]) ;;
+        *) echo "Aborted."; exit 0 ;;
+    esac
+fi
+
+if [ "$DRY_RUN" = true ]; then
+    echo ""
+    echo "[Dry run] No files were removed."
+    exit 0
+fi
+
+echo ""
+echo "Uninstalling..."
+
+if [ "$PURGE" = true ]; then
+    rm -rf "$INSTALL_DIR"
+    echo "  ✓ Removed $INSTALL_DIR"
+else
+    # Remove codeagent-wrapper binary
+    if [ -f "${BIN_DIR}/codeagent-wrapper" ]; then
+        rm -f "${BIN_DIR}/codeagent-wrapper"
+        echo "  ✓ Removed bin/codeagent-wrapper"
+    fi
+
+    # Remove bin directory if empty
+    if [ -d "$BIN_DIR" ] && [ -z "$(ls -A "$BIN_DIR" 2>/dev/null)" ]; then
+        rmdir "$BIN_DIR"
+        echo "  ✓ Removed empty bin/"
+    fi
+
+    # Remove installed directories
+    for dir in commands agents skills docs; do
+        if [ -d "${INSTALL_DIR}/${dir}" ]; then
+            rm -rf "${INSTALL_DIR}/${dir}"
+            echo "  ✓ Removed ${dir}/"
+        fi
+    done
+
+    # Remove installed files
+    for file in CLAUDE.md install.log installed_modules.json installed_modules.json.bak; do
+        if [ -f "${INSTALL_DIR}/${file}" ]; then
+            rm -f "${INSTALL_DIR}/${file}"
+            echo "  ✓ Removed ${file}"
+        fi
+    done
+
+    # Remove install directory if empty
+    if [ -d "$INSTALL_DIR" ] && [ -z "$(ls -A "$INSTALL_DIR" 2>/dev/null)" ]; then
+        rmdir "$INSTALL_DIR"
+        echo "  ✓ Removed empty install directory"
+    fi
+fi
+
+# Clean up PATH from shell config files
+cleanup_shell_config() {
+    local rc_file="$1"
+    if [ -f "$rc_file" ]; then
+        if grep -q "# Added by myclaude installer" "$rc_file" 2>/dev/null; then
+            # Create backup
+            cp "$rc_file" "${rc_file}.bak"
+            # Remove myclaude lines
+            grep -v "# Added by myclaude installer" "$rc_file" | \
+            grep -v "export PATH=\"${BIN_DIR}:\$PATH\"" > "${rc_file}.tmp"
+            mv "${rc_file}.tmp" "$rc_file"
+            echo "  ✓ Cleaned PATH from $(basename "$rc_file")"
+        fi
+    fi
+}
+
+cleanup_shell_config "$HOME/.bashrc"
+cleanup_shell_config "$HOME/.zshrc"
+
+echo ""
+echo "✓ Uninstallation complete"
+
+# Check for remaining files
+if [ -d "$INSTALL_DIR" ] && [ -n "$(ls -A "$INSTALL_DIR" 2>/dev/null)" ]; then
+    remaining=$(ls -1 "$INSTALL_DIR" 2>/dev/null | wc -l | tr -d ' ')
+    echo ""
+    echo "Note: $remaining items remain in $INSTALL_DIR"
+    echo "These are either user files or from other modules."
+    echo "Use --purge to remove everything (DANGEROUS)."
+fi