Skip to content

v0.22.3

Choose a tag to compare

View all tags
@tuanle96 tuanle96 released this 09 Jun 02:06
· 26 commits to main since this release
v0.22.3
b3d48dc

Summary

Bugfix patch for three open issues. All fixes ship as source templates + regression tests.

  • #40 — skill-permission-guard no longer bricks orchestration skills. The guard stops treating skill_invoked telemetry as a sticky active skill, and a skill with no policy entry now defers to task/default tool gating instead of clamping to the read-only default allow list (so e.g. deep-research can issue its own Workflow/Agent calls). Note: per-skill enforcement is now dormant unless AHK_ACTIVE_SKILL is set, since nothing in the kit emits skill_active/skill_started yet.
  • #38 — Codex SubagentStop advisor detection. The hook separates advisor role candidates from identity candidates and probes nested payload metadata (metadata.agent_name, agent.role, tool_input.agent.name, …). UUID-only payloads with no advisor role still write no proof (anti-forgery preserved). For a deterministic Codex advisor proof, use .harness/scripts/codex-advisor-run.mjs.
  • #39 — Flaky e2e-codex-cli reviewer artifact probe. The driver splits the deterministic runtime-surface smoke from the live-LLM reviewer-artifact proof; the surface-read probe is non-blocking unless AHK_E2E_CODEX_REQUIRE_SURFACE_READ=1.

Also corrects CHANGELOG bookkeeping for v0.22.2 (#35 + active-task evidence isolation).

Validation

  • node scripts/check-version-sync.mjs — all manifests pinned to v0.22.3
  • node scripts/verify-contracts.mjs — contracts verified
  • npm run lint — 338 files OK
  • npm test — 913/913 pass (incl. live codex exec e2e)
  • npm run check:readiness — PASSED
Assets 2
Loading