* Unblock the next Guardex npm publish after 7.0.15 was already taken (#239)

npm rejected republishing 7.0.15, so this bump moves the package to 7.0.16, adds the matching README release note for the shipped Guardex changes, and updates the release integration test to follow the current package version instead of a stale literal.

Constraint: npm will not publish over the already-taken 7.0.15 version
Rejected: Leave README and release test expectations on 7.0.15 | publish metadata and release verification would drift
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When bumping a published version, keep README release notes and gx release expectations on the same current semver
Tested: npm test (150/150); node --check bin/multiagent-safety.js; openspec validate agent-codex-release-guardex-7-0-16-2026-04-21-15-22 --type change --strict; openspec validate --specs; env npm_config_cache=/tmp/guardex-npm-cache npm pack --dry-run
Not-tested: Live gh release creation against GitHub

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Bump next from 15.2.6 to 15.5.15 in /frontend (#229)

Bumps [next](https://github.com/vercel/next.js) from 15.2.6 to 15.5.15.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v15.2.6...v15.5.15)

---
updated-dependencies:
- dependency-name: next
  dependency-version: 15.5.15
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump qs and express in /frontend (#228)

Bumps [qs](https://github.com/ljharb/qs) to 6.14.2 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.


Updates `qs` from 6.13.0 to 6.14.2
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.13.0...v6.14.2)

Updates `express` from 4.21.2 to 4.22.1
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/v4.22.1/History.md)
- [Commits](expressjs/express@4.21.2...v4.22.1)

---
updated-dependencies:
- dependency-name: qs
  dependency-version: 6.14.2
  dependency-type: indirect
- dependency-name: express
  dependency-version: 4.22.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Auto-finish: gx doctor repairs (#241)

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Clarify how GitGuardex updates AGENTS contract docs (#242)

README now explains the current setup/doctor behavior for repo guidance files.
It makes the marker-managed AGENTS refresh explicit, shows that existing
repo-owned text is preserved outside the managed block, and clarifies that
root CLAUDE.md is left alone unless the repo chooses to symlink it to AGENTS.
A small visual flow and before/after examples make the behavior easier to
scan during setup decisions.

Constraint: README wording needed to match the current ensureAgentsSnippet implementation and install regression tests
Rejected: Describe root CLAUDE.md as auto-managed | inaccurate because setup installs .claude/commands/gitguardex.md instead
Confidence: high
Scope-risk: narrow
Directive: Keep this section aligned with ensureAgentsSnippet semantics and AGENTS refresh tests when setup/doctor behavior changes
Tested: npm test -- --test-name-pattern="setup refreshes existing managed AGENTS block by default|doctor refreshes existing managed AGENTS block by default"
Not-tested: Mermaid and ASCII rendering differences across npm and GitHub surfaces

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Make doctor failures visually obvious in terminal output (#243)

Doctor already prints compact actionable status lines, but fail and success output blend together during long recursive runs. This colors semantic doctor lines only and supports FORCE_COLOR so ANSI coverage can be verified deterministically.

Constraint: Human-readable doctor output must remain plain in non-color terminals
Rejected: Add a dedicated doctor color flag | FORCE_COLOR already covers explicit ANSI opt-in without expanding the CLI surface
Confidence: high
Scope-risk: narrow
Directive: Keep doctor status coloring scoped to semantic outcome lines; do not color every repair bullet without rechecking readability
Tested: node --check bin/multiagent-safety.js; node --test --test-name-pattern "doctor" test/install.test.js; openspec validate agent-codex-doctor-status-colors-2026-04-21-15-58 --type change --strict; openspec validate --specs
Not-tested: Full repo non-doctor test suite

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Clarify how Guardex sandboxes get cleaned up (#244)

The README still showed post-merge cleanup as optional and did not explain the case where one agent implements a change but another agent has to close the sandbox after a usage-limit stop.

This aligns the daily workflow with the current finish flags, adds a direct worktree-removal escape hatch, and ties the OpenSpec collaboration checklist to real cleanup handoffs.

Constraint: README should match the current agent-branch-finish --cleanup flow on main
Rejected: Mention cleanup only in Known rough edges | did not tell users how to remove unwanted worktrees or why collaboration handoffs exist
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep README cleanup examples aligned with finish-script defaults and OpenSpec collaboration tasks
Tested: git diff --check; npm test partial pass before hang in install.test.js
Not-tested: Full npm test completion (hung in test/install.test.js hook-fail-task path)

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Keep npm release verification green when the version is already live (#245)

The current main branch already passes the release-path test suite, but workflow_dispatch and backfill release runs can still fail later on npm publish when the exact package version is already on the registry. This teaches the release workflow to detect that case and skip publish cleanly while leaving verification intact.

Constraint: Existing published versions on npm are immutable and should not make healthy verification runs fail
Constraint: Release verification must still run on every workflow invocation before publish decisions are made
Rejected: Remove workflow_dispatch support | would block maintainer-side verification on current main
Rejected: Skip npm publish unconditionally on manual runs | hides legitimate unpublished release failures
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep the release workflow idempotent for already-published versions so GitHub release state can be backfilled without forcing a version bump
Tested: npm test
Tested: node --check bin/multiagent-safety.js
Tested: npm pack --dry-run
Tested: openspec validate agent-codex-make-release-workflow-idempotent-when-ve-2026-04-21-16-30 --type change --strict
Tested: openspec validate --specs
Not-tested: Live GitHub Actions workflow execution before merge

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Bring the README docs in line with current Guardex behavior (#246)

The docs still showed the older AGENTS marker explanation and an outdated gx status illustration, so the README was refreshed to match the current CLI surface and the managed-block guidance the user asked to add.

This keeps the changes confined to documentation: one richer README section, one updated terminal SVG, and the matching T1 note for the branch.

Constraint: Keep the change docs-only and preserve the user-provided README wording for the AGENTS.md/CLAUDE.md section
Rejected: Add the new AGENTS guidance as a second duplicate section | would leave conflicting docs in the same README
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Update the terminal-status SVG whenever gx command/service output materially changes so README screenshots do not drift
Tested: git diff --check; rendered docs/images/workflow-gx-terminal-status.svg to /tmp/workflow-gx-terminal-status.png for visual review
Not-tested: npm test (skipped because this is a docs/SVG-only change and the suite previously hung in test/install.test.js)

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* new

* new

* Bump path-to-regexp from 0.1.12 to 0.1.13 in /frontend (#240)

Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) from 0.1.12 to 0.1.13.
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/v.0.1.13/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.12...v.0.1.13)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-version: 0.1.13
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Align downstream OpenSpec scaffolds with recodee bootstrap (#247)

Sync the setup-managed change and plan helpers to the richer recodee versions and lock the new scaffold shape with install regressions.

Constraint: gx setup should install the same OpenSpec helper behavior already used in recodee
Rejected: Update only templates | runtime/template drift would break parity guarantees
Rejected: Copy the recodee plan scaffold verbatim without fixes | unescaped backticks corrupted generated cleanup text
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Keep scripts/openspec and templates/scripts/openspec in lockstep with frontend mirrors and install tests
Tested: node --test --test-name-pattern OpenSpec test/install.test.js; node --test test/metadata.test.js; node --check bin/multiagent-safety.js; openspec validate agent-codex-sync-recodee-openspec-bootstrap-into-gx-2026-04-21-17-20 --type change --strict; openspec validate --specs; git diff --check
Not-tested: Full npm test suite

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Expose live Guardex sandbox sessions inside VS Code Source Control (#248)

Guardex now writes repo-local active session presence from codex-agent, scaffolds a lightweight VS Code companion into target repos, and ships a local install helper so users can see running lanes with native loading~spin rows in the Source Control container.

Constraint: VS Code strips custom SVG animation from sidebar surfaces, so the companion must use native animated codicons
Constraint: Guardex setup scaffolds from templates, so the companion and helpers must ship through template mapping as well as the source repo
Rejected: Webview-only sidebar clone | would miss the native Source Control container users already watch
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Keep the companion consuming .omx/state/active-sessions and ignore dead PIDs before adding richer runtime signals
Tested: node --check bin/multiagent-safety.js; node --check scripts/agent-session-state.js; node --check scripts/install-vscode-active-agents-extension.js; node --check templates/vscode/guardex-active-agents/extension.js; node --check templates/vscode/guardex-active-agents/session-schema.js; bash -n scripts/codex-agent.sh; bash -n templates/scripts/codex-agent.sh; node --test test/vscode-active-agents-session-state.test.js; temporary gx setup smoke; openspec validate agent-codex-vscode-active-agents-extension-2026-04-21-17-38 --type change --strict; openspec validate --specs; git diff --check
Not-tested: Live activation inside an already-open VS Code window without a manual reload

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Enhance README with sidebar options and install section (#249)

Added options for GitHub About sidebar description and installation instructions.

* new

* Clarify README problem and About copy surfaces (#250)

Move the collision visual into The problem, move the Guardex workflow visual into Solution, and replace the three-option About copy dump with a single source file plus README pointer.

This keeps the top of the README readable while preserving a copyable GitHub About description in-repo.

Constraint: README needs one canonical GitHub About description instead of multiple alternatives
Rejected: Keep all three About-copy options inline | adds noise and leaves no single source of truth
Confidence: high
Scope-risk: narrow
Directive: Keep GitHub About copy in about_description.txt and mirror it from README instead of adding new inline variants
Tested: git diff --check; openspec validate agent-codex-readme-about-description-2026-04-21-18-05 --type change --strict; openspec validate --specs (no items found)
Not-tested: npm test times out after four passing subtests; npm run agent:safety:scan fails because gx status rejects --strict

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Restore Active Agents view registration in VS Code (#251)

The Active Agents provider was missing getTreeItem, so VS Code crashed the SCM view during render even when session records were present. This restores the required provider method in the installable template bundle and locks the failure mode with a mocked extension-host regression test.

Constraint: This branch installs the VS Code companion from templates/vscode/guardex-active-agents
Rejected: Reordering installer source precedence | broader behavior change than needed for the reported crash
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep the provider contract test aligned with any future extension activation refactors
Tested: node --test test/vscode-active-agents-session-state.test.js
Tested: openspec validate agent-codex-demo-vscode-active-agents-2026-04-21-18-04 --type change --strict
Tested: openspec validate --specs
Not-tested: Live VS Code extension host after window reload

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Protect README About copy with regression coverage (#252)

Add one metadata test that locks the merged README problem/solution visual placement and ensures the README mirrors the canonical about_description.txt copy.

This keeps the docs contract from drifting without adding broader test churn.

Constraint: Follow-up must stay test-only and scoped to the merged README/about-description contract
Rejected: Re-run the entire install.test.js suite to prove this docs change | unrelated long-running suite still times out without incremental output
Confidence: high
Scope-risk: narrow
Directive: If the README About copy changes again, update about_description.txt first and keep this metadata test aligned with the same source
Tested: node --test test/metadata.test.js; openspec validate agent-codex-readme-about-description-regression-test-2026-04-21-18-20 --type change --strict; openspec validate --specs; git diff --check
Not-tested: full npm test aggregate run still contains a long-running install.test.js file that timed out during ad hoc verification

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Make Active Agents visible in SCM by default (#253)

The companion could render session rows but it could not match the intended Source Control presentation because it never created a TreeView handle. This switches the SCM contribution to createTreeView so the header can expose a live badge and empty-state message, and marks the view visible by default on first install.

Constraint: The fix must stay inside the installable VS Code companion surface
Rejected: Show stale sessions to force a non-empty badge | would misrepresent inactive agents
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep header badge coverage aligned with any future view-container refactors
Tested: node --test test/vscode-active-agents-session-state.test.js
Tested: openspec validate agent-codex-vscode-active-agents-scm-badge-visibilit-2026-04-21-18-31 --type change --strict
Tested: openspec validate --specs
Not-tested: Live VS Code SCM rendering after manual window reload

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* new img

* Update README.md (#254)

* Update README.md (#255)

* Update README.md (#256)

* Align package metadata with the canonical Guardian T-Rex pitch (#257)

README and about_description.txt already carried the approved product copy,
but package.json still advertised the older generic description. This change
brings npm metadata onto the same canonical line, restores the README About
and Solution blocks required by the current metadata regression, and records
the alignment in a matching OpenSpec delta.

Constraint: Package metadata, README About copy, and about_description.txt must stay aligned
Rejected: Update package.json only | left README/spec regressions red in this branch
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep package.json description, README About copy, and about_description.txt in lockstep
Tested: node --test test/metadata.test.js; npm test; git diff --check; openspec validate agent-codex-align-guardian-t-rex-package-description-2026-04-21-18-46 --type change --strict; openspec validate --specs
Not-tested: npm registry rendering of the longer package description

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Update README.md (#258)

* Update README.md (#259)

* Auto-finish: gx doctor repairs (#260)

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Show live Guardex worktree activity in the VS Code SCM view (#261)

The Active Agents companion already showed presence, but every row was hardcoded to thinking. This change derives live activity from each sandbox worktree so clean lanes stay thinking while dirty lanes surface working with changed-file counts and tooltip previews.

Constraint: VS Code companion state remains repo-local and read-only; do not require a new runtime daemon.
Rejected: Add a periodic activity writer protocol | unnecessary complexity for a read-only status hint.
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep activity inference resilient; if git inspection fails, fall back to thinking rather than dropping the session row.
Tested: node --test test/vscode-active-agents-session-state.test.js
Tested: openspec validate agent-codex-vscode-active-agents-worktree-status-2026-04-21-21-23 --type change --strict
Tested: openspec validate --specs
Not-tested: VS Code interactive rendering in a live editor window

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Align the published package name with the GitGuardex brand (#262)

Rename package metadata and install/update surfaces to @imdeadpool/gitguardex while keeping gx preferred and guardex as a legacy alias. Refresh docs, tutorial assets, and OpenSpec scaffolding to point at the renamed package, and keep historical release notes tied to the package scope that was actually published at each version.

Constraint: Existing gx and guardex entry points must keep working during the package-name transition
Rejected: Drop the guardex bin alias now | would break existing shells and automation during the rename
Rejected: Rewrite historical release entries to the new npm scope | inaccurate because older releases shipped as @imdeadpool/guardex
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Keep historical release-note package references aligned with the package name that was actually published at that version
Tested: node --test --test-name-pattern "(self-update verifies on-disk version after @latest install and retries with pinned version when stale|self-update restarts into the installed CLI after a successful on-disk upgrade|status --json returns cli, services, and repo summary|prompt outputs AI setup instructions|prompt --exec outputs command-only checklist|deprecated copy-commands alias still works and warns)" test/install.test.js
Tested: node --check bin/multiagent-safety.js
Tested: npm pack --dry-run
Tested: openspec validate agent-codex-rename-npm-package-to-gitguardex-everywh-2026-04-21-21-02 --type change --strict
Tested: openspec validate --specs
Not-tested: full node --test test/install.test.js still hangs in an unrelated gx setup path in this repo

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Restore post-rename parity so branding CI stays green (#263)

The package rename left one stale doctor-output assertion, README structure drift, and two runtime-template mismatches. This follow-up restores the canonical README anchors and keeps installed runtime scripts aligned with their templates so GitGuardex verifies cleanly after the rename.

Constraint: Protected main requires agent branch plus PR finish flow
Rejected: Revert the branding rename | the repo and published package already use GitGuardex
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When branding or log prefixes change, update runtime helpers and their templates together
Tested: node --test --test-name-pattern "(doctor on protected main fails when sandbox PR is not merged|README keeps canonical About copy and problem-solution visuals aligned|critical runtime helper scripts stay in sync with templates)" test/install.test.js test/metadata.test.js; npm test; node --check bin/multiagent-safety.js; openspec validate agent-codex-rename-npm-package-to-gitguardex-everywh-2026-04-21-21-02 --type change --strict; openspec validate --specs
Not-tested: Remote PR merge path

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Match the active-agents view to repo-scoped SCM grouping (#264)

The VS Code companion was rendering a flat live-session list, which could not mirror the grouped Source Control layout operators expect. This change keeps repo context in the SCM-side tree, groups live lanes under ACTIVE AGENTS, surfaces repo-root changes beside them, and filters runtime presence files out of the change list while locking the behavior with focused tests.

Constraint: Must stay within VS Code contributed tree-view APIs without mutating the built-in Git provider
Rejected: Keep the flat active-agent list only | it still loses repo and change context
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep .omx/state/active-sessions presence files out of repo change rows; they are runtime signals, not operator-facing changes
Tested: node --test test/vscode-active-agents-session-state.test.js
Tested: openspec validate agent-codex-vscode-active-agents-scm-provider-layout-2026-04-21-23-22 --type change --strict
Tested: openspec validate --specs
Not-tested: Manual rendering inside a real VS Code window

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Make quota-hit agent takeovers copy-pasteable (#265)

The launcher already preserved unfinished sandboxes, but replacement agents only got a generic merge hint and had to reconstruct the exact resume steps. This change makes codex-agent print a concrete takeover prompt and teaches new OpenSpec change workspaces to scaffold matching handoff/copy-prompt lines so a second agent can continue the same lane without inventing a new sandbox.

Constraint: Must keep the existing finish pipeline and template/runtime script parity intact
Rejected: Persist stale active-session records | would widen the VS Code active-session model without being necessary for the handoff path
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep the codex-agent takeover prompt and init-change-workspace handoff copy aligned so manual and scaffolded rescue flows do not drift
Tested: node --test --test-name-pattern "(codex-agent prints a takeover prompt when the sandbox is kept after an incomplete run|OpenSpec change workspace scaffold creates proposal/tasks/spec defaults|OpenSpec change workspace scaffold supports minimal T1 notes mode|critical runtime helper scripts stay in sync with templates)" test/install.test.js test/metadata.test.js; bash -n scripts/codex-agent.sh scripts/openspec/init-change-workspace.sh templates/scripts/codex-agent.sh templates/scripts/openspec/init-change-workspace.sh; openspec validate agent-codex-improve-usage-limit-takeover-handoff-2026-04-21-23-30 --type change --strict; openspec validate --specs
Not-tested: Full remote PR merge from a real usage-limit interrupted session

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Restore the published npm package identity users already install (#266)

Changing package.json from @imdeadpool/guardex to @imdeadpool/gitguardex created a separate npm package identity instead of renaming the existing registry entry. This restores the manifest, install/update copy, tutorial/docs assets, and regression tests to the package users can actually install today, and bumps the version so the next publish can succeed against the existing @imdeadpool/guardex release line.

Constraint: npm package names are immutable registry identities; changing name publishes a different package
Constraint: @imdeadpool/guardex@7.0.16 is already published on npm, so the revert must advance the version
Rejected: Keep @imdeadpool/gitguardex and only tweak docs | npm view returns 404 so install and self-update guidance would still point at a non-existent package
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Do not change package.json.name again without confirming the target package exists on npm and the next version is publishable
Tested: node --test --test-name-pattern "(default invocation checks for update and can auto-approve latest install|self-update verifies on-disk version after @latest install and retries with pinned version when stale|self-update restarts into the installed CLI after a successful on-disk upgrade|status --json returns cli, services, and repo summary|prompt outputs AI setup instructions|prompt --exec outputs command-only checklist|deprecated copy-commands alias still works and warns)" test/install.test.js; node --check bin/multiagent-safety.js; npm pack --dry-run; openspec validate agent-codex-restore-guardex-npm-package-name-2026-04-22-00-02 --type change --strict; openspec validate --specs; npm test
Not-tested: live npm publish; live GitHub release flow

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Move installed guard workflows to CLI-owned shims (#267)

Setup and doctor now keep thin repo-local dispatch shims while package-owned assets handle hooks, finish flows, migrations, and OpenSpec scaffolding. This also aligns the prompt/test surfaces with the gx-first workflow and restores inherited CLI dispatch for doctor and hook child processes.

Constraint: Installed repos must keep protected-branch repair and hook compatibility while copied workflow logic moves into the package
Rejected: Keep repo-local workflow copies | doctor drift remains the steady state
Confidence: high
Scope-risk: broad
Directive: Repo hooks and scripts are compatibility shims; change package-owned assets first and keep shim dispatch aligned
Tested: node --check bin/multiagent-safety.js
Tested: node --test test/install.test.js
Tested: openspec validate agent-codex-cli-owned-install-surface-2026-04-21-23-09 --type change --strict
Tested: openspec validate --specs
Not-tested: Live GitHub PR or merge against a real GitHub remote beyond fake-gh harnesses

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Ship the CLI-owned install surface on a fresh npm version (#268)

The CLI-owned install surface needs a publishable package version and README release entry, and the scaffold regressions need to assert the same gx-owned surface that setup now installs. This bumps the package to 7.0.18, records the release note, keeps runtime OpenSpec scaffolds aligned with packaged templates, and updates merge workflow tests so hook shims exercise the source CLI instead of an older global gx binary.

Constraint: npm publish cannot reuse 7.0.17

Constraint: setup no longer injects Guardex-managed agent:* package scripts into consumer repos

Rejected: Leave scaffold parity failures as unrelated baseline drift | the packaged release surface includes those templates and full verification would stay red

Confidence: high

Scope-risk: moderate

Directive: Keep generated repo shims and packaged templates behaviorally aligned when changing CLI-owned workflow wording

Tested: node --check bin/multiagent-safety.js

Tested: bash -n scripts/openspec/init-plan-workspace.sh

Tested: bash -n scripts/openspec/init-change-workspace.sh

Tested: npm pack --dry-run

Tested: openspec validate --specs

Tested: npm test (165/165 pass)

Not-tested: live npm publish

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Keep small Guardex tasks on caveman-only routing by default (#269)

Guardex installs a managed AGENTS block into downstream repos, but it did not tell agents when to stay lightweight versus when to escalate into OMX orchestration. This change adds a task-size routing clause to the managed template so small asks stay direct and caveman-only while larger cross-cutting work still has an explicit OMX path.

Constraint: Guardex owns the managed AGENTS block, so the durable fix must live in the template and setup/doctor refresh coverage rather than repo-local docs only
Rejected: Add a second Guardex-side runtime classifier | would duplicate OMX task-size heuristics and drift from the existing advisory detector
Confidence: high
Scope-risk: narrow
Directive: Keep the managed Guardex AGENTS routing aligned with OMX task-size guidance when heavy-mode keywords or lightweight escape hatches change
Tested: targeted install AGENTS refresh tests
Tested: openspec change validation strict
Not-tested: fresh downstream repo end-to-end after rerunning gx setup or gx doctor

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Make working VS Code agent lanes visible at a glance (#270)

The Active Agents view already exposed per-row activity, but active edit lanes still blended into a flat list. This groups sessions into WORKING NOW vs THINKING, adds repo/header working counts, and keeps docs/tests aligned.

Constraint: Keep the existing active-session JSON contract and SCM companion surface intact
Rejected: Add a separate top-level working-lanes view | would duplicate the existing Source Control companion
Confidence: high
Scope-risk: narrow
Directive: Keep WORKING NOW ahead of THINKING so actively editing lanes stay scan-first in the tree
Tested: node --check templates/vscode/guardex-active-agents/extension.js; node --test test/vscode-active-agents-session-state.test.js; openspec validate agent-codex-vscode-working-agents-groups-2026-04-22-09-05 --type change --strict; openspec validate --specs
Not-tested: npm test stopped after early passing output in this environment and did not complete

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Stop repo-local workflow shims from defining Guardex command surface (#271)

Guardex already runs branch, lock, review, and cleanup flows from gx, but repo installs still taught and depended on scripts/ workflow shims. This change shrinks the required repo footprint to hook shims plus repo-local state, removes CLI checks that required repo-local workflow scripts, and updates shipped docs, AGENTS guidance, skill references, and lock/review helper output around the zero-copy surface.

Constraint: Existing repos may still carry legacy workflow scripts during migration; direct gx commands must keep working without weakening branch and lock guardrails
Rejected: Keep thin repo-local workflow shims as permanent entrypoints | still leaves a second command surface and drift noise
Confidence: high
Scope-risk: moderate
Directive: Keep repo-local workflow commands optional compatibility only; install, doctor, status, and skills should teach gx subcommands first
Tested: node --check bin/multiagent-safety.js; node --test test/install.test.js
Not-tested: test/metadata.test.js parity gate for non-targeted local runtime/template sync

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Record merged zero-copy closeout evidence (#272)

The zero-copy install-surface change already merged via PR #271, but the follow-up OpenSpec tasks file still showed cleanup unchecked. This commit marks cleanup complete and records the merged PR, commit, and local cleanup evidence so the change log matches repo state.

Constraint: OpenSpec cleanup bookkeeping must match merged branch state before the change is considered closed
Rejected: Leave tasks.md stale | hides verified merge completion and keeps false cleanup debt
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Use evidence-only follow-up branches only to repair stale bookkeeping; do not reopen implementation scope without a new change
Tested: openspec validate agent-codex-zero-copy-cli-install-surface-2026-04-22-01-28 --type change --strict; openspec validate --specs
Not-tested: No runtime or CLI behavior changed

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Allow targeted managed-file force rewrites during setup and doctor (#273)

Setup/doctor/install/fix now treat managed relative paths that follow --force as targeted rewrite selectors instead of unknown args. The overwrite-conflict message now teaches both targeted and full-surface recovery, and the install regressions lock doctor/setup behavior for the review-bot shim and cr.yml template.

Constraint: Existing bare --force must keep whole-surface rewrite behavior
Rejected: Add a separate single-file repair command | heavier UX than extending the existing recovery path
Confidence: high
Scope-risk: moderate
Directive: Keep targeted selectors limited to explicit managed paths with dedicated rewrite helpers; do not widen them to arbitrary repo files
Tested: node --check bin/multiagent-safety.js; node --test --test-name-pattern "(doctor --force <managed-path>|setup --force <managed-path>|setup conflict message teaches)" test/install.test.js; openspec validate agent-codex-fix-doctor-setup-force-conflict-ux-2026-04-22-08-58 --type change --strict; openspec validate --specs
Not-tested: PR merge/cleanup flow on origin/main

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Unblock the next Guardex npm publish (#274)

This bumps @imdeadpool/guardex from 7.0.18 to 7.0.19 and records the shipped post-7.0.18 changes in the README release history and OpenSpec release artifact.

No runtime behavior changed in this branch; the package metadata now matches the next publishable version the user requested.

Constraint: Release metadata and README release history must move together for gitguardex version bumps
Rejected: Version bump without README/OpenSpec update | would drift release state again
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Keep README release notes aligned with package.json and package-lock.json on every npm version bump
Tested: node --check bin/multiagent-safety.js
Tested: npm pack --dry-run
Tested: openspec validate agent-codex-release-guardex-7-0-19-2026-04-22-10-27 --type change --strict
Tested: openspec validate --specs
Not-tested: node --test test/metadata.test.js still fails on the pre-existing helper-template parity mismatch already red on current main

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Auto-finish: gx doctor repairs (#275)

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Auto-finish: gx doctor repairs (#276)

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Keep gx doctor from treating manual conflict cleanup as repo failure (#277)

Recoverable auto-finish rebase and merge conflicts mean the repo is safe but the branch still needs a human conflict-resolution step. Doctor now reports those rows as actionable skips, keeps the compact summary honest, and preserves verbose tail text for the operator.

Constraint: Doctor should not look unsafe when only manual branch cleanup remains
Rejected: Keep recoverable rebase conflicts under failed count | it makes safe repos read as broken
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Manual conflict detection is text-pattern based; update it if finish-script conflict wording changes
Tested: node --check bin/multiagent-safety.js
Tested: node --test --test-name-pattern "doctor" test/install.test.js
Tested: openspec validate agent-codex-doctor-auto-finish-manual-conflict-2026-04-22-10-42 --type change --strict
Tested: openspec validate --specs
Not-tested: npm test remains red on pre-existing metadata parity assertion for scripts/agent-branch-start.sh vs templates/scripts/agent-branch-start.sh

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Record the merged doctor fix as complete in its OpenSpec task log (#278)

The behavior fix already merged, but its change record still showed the completion section unchecked. This follow-up only updates the existing task log so the OpenSpec artifact matches the actual PR, merge commit, and cleanup state.

Constraint: Keep the follow-up scoped to the existing change record only
Rejected: Leave the merged change with stale completion state | it keeps the execution record inaccurate
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When finish/cleanup evidence is only known after merge, record it in the merged change rather than leaving unchecked completion tasks behind
Tested: openspec validate agent-codex-doctor-auto-finish-manual-conflict-2026-04-22-10-42 --type change --strict
Not-tested: No code-path tests run; docs-only OpenSpec completion update

Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>

* Make extracted Guardex CLI seams executable and publishable

The branch already moved the Guardex CLI into src/**, but the extracted scaffold and git seams were still incomplete and the thin entrypoint/package regressions were only half-switched. This wires the runtime through the extracted scaffold, hooks, toolchain, and finish modules, restores the helper export contract that src/cli/main.js depends on, ships src/** in the published package, and locks the modular entrypoint with focused metadata and command-route regressions.

Constraint: The thin bin entrypoint must preserve the existing gx command surface for installed CLIs
Constraint: The existing agent branch already carried partial refactor state in bin/src/scripts, so the fix had to resume that lane instead of restarting from dev
Rejected: Re-expand logic back into bin/multiagent-safety.js | would undo the modularization goal
Confidence: medium
Scope-risk: moderate
Reversibility: clean
Directive: Keep future CLI refactors moving behavior into src/** and verify module export contracts before thinning the bin entrypoint
Tested: node --check bin/multiagent-safety.js; find src -type f -name '*.js' -exec node --check {} +; node -e "require('./src/cli/main'); console.log('cli-main-ok')"; node bin/multiagent-safety.js --version; node --test test/metadata.test.js; node --test --test-name-pattern "thin entrypoint still routes hook install through the extracted hooks module|thin entrypoint routes finish --all --dry-run through the extracted finish module" test/install.test.js; npm pack --dry-run; openspec validate agent-codex-decompose-cli-monolith-2026-04-22-11-06 --type change --strict; openspec validate --specs
Not-tested: Full test/install.test.js bundle (long-running background path; replaced with targeted command-route coverage)

* Keep the thin Guardex entrypoint executable

Rewriting bin/multiagent-safety.js into a tiny bootstrap reset its file mode to 0644, which would break direct repo usage even though the modular runtime itself was correct. This restores the executable bit and adds a metadata regression so future entrypoint rewrites keep the bin file runnable.

Constraint: The published and repo-local CLI entrypoint must remain directly executable after the modularization rewrite
Rejected: Rely on npm install behavior alone | does not protect direct repo execution or future pack regressions
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: When rewriting files under bin/, preserve the existing executable mode and add an assertion if the rewrite path can reset it
Tested: node --test --test-name-pattern "thin CLI entrypoint delegates to src/cli runtime" test/metadata.test.js; ./bin/multiagent-safety.js --version
Not-tested: Full metadata and install suites re-run after the mode-only fix

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: NagyVikt <nagy.viktordp@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>