| name | setup |
| description | Initial CWF configuration to standardize environment/tool contracts before workflow execution: hook group selection, external tool detection, setup-contract bootstrap, project config bootstrap, optional Agent Team mode setup, optional Codex integration, optional git hook gate installation, optional CWF capability index generation, and optional repository index generation. Triggers: "cwf:setup", "setup hooks", "configure cwf" |
Setup
Standardize hooks, tool contracts, and project/runtime config wiring once so later workflow runs stay reproducible. Includes interactive hook toggles, external tool detection, setup-contract bootstrap for repo-adaptive suggestions, project config bootstrap, optional Agent Team mode setup, optional Codex integration, optional git hook gate installation, optional CWF capability index generation, and optional repository index generation.
Quick Start
cwf:setup # Full setup (hooks + tools + config + Agent Team + optional Codex/repo-index prompts)
cwf:setup --hooks # Hook group selection only
cwf:setup --tools # External tool detection only
cwf:setup --env # Project config bootstrap + runtime priority guidance only
cwf:setup --agent-teams # Agent Team mode setup only
cwf:setup --run-mode # Configure default cwf:run ambiguity mode only
cwf:setup --codex # Codex integration-only rerun (scope-aware skills/references sync)
cwf:setup --codex-wrapper # Codex wrapper-only rerun (scope-aware wrapper setup)
cwf:setup --git-hooks both --gate-profile balanced # Install repo git hooks and set gate depth
cwf:setup --git-hooks pre-commit --gate-profile fast # Lightweight local-only git gate
cwf:setup --git-hooks none # Remove repo-managed git hooks
cwf:setup --cap-index # Generate/refresh CWF capability index only
cwf:setup --repo-index # Generate/refresh repository index (explicit)
cwf:setup --repo-index --target agents # AGENTS.md managed block target
cwf:setup --repo-index --target file # Standalone index file target
cwf:setup --repo-index --target both # AGENTS block + standalone index file
Operational note:
- Prefer
cwf:setup first; it is the default entrypoint and asks for optional integrations when relevant.
- Use
--codex / --codex-wrapper when reapplying only Codex-related integration pieces.
Mode Routing
Parse input flags and run only the relevant phases:
| Input | Phases |
|---|
cwf:setup | 1 → 2 → 2.8 → 2.9 → 2.10 → 2.4 (if codex available) → 2.7 (always ask) → 4 (opt-in) → 5 |
cwf:setup --hooks | 1 → 5 |
cwf:setup --tools | 2 → 2.8 → 2.9 → 2.10 → 5 |
cwf:setup --env | 2.8 → 2.10 → 5 |
cwf:setup --agent-teams | 2.9 → 5 |
cwf:setup --run-mode | 2.10 → 5 |
cwf:setup --codex | 2.5 → 5 |
cwf:setup --codex-wrapper | 2.6 → 5 |
cwf:setup --git-hooks <none|pre-commit|pre-push|both> [--gate-profile <fast|balanced|strict>] | 2.7 → 5 |
cwf:setup --cap-index | 3 → 5 |
cwf:setup --repo-index [--target <agents|file|both>] | 4 → 5 |
When mode is full setup and Codex CLI is available, do not silently skip Codex integration; always run Phase 2.4 and ask the user which integration level to apply.
When mode is full setup, do not expect users to supply optional flags manually. Always ask for git hook installation mode and gate profile in Phase 2.7.
When mode is full setup or tools-only setup, always run Phase 2.8 so project config files are bootstrapped with explicit user choice.
When mode is full setup or tools-only setup, always run Phase 2.9 so Agent Team mode is explicitly aligned with CWF's multi-agent workflow assumptions.
When mode is full setup, tools-only setup, env-only setup, or run-mode-only setup, always run Phase 2.10 so cwf:run default ambiguity policy is explicit and reproducible.
Namespace Routing Guard (Required)
If user input contains the token cwf:setup anywhere (start, middle, or end), keep execution strictly in this CWF setup skill.
- Detect by token match, not prefix-only string checks.
- Match the whole token
cwf:setup (with optional flags/arguments after it), not loose cwf substrings.
- Do not substitute similarly named setup flows from other plugins.
- If routing is uncertain, emit
WAIT_INPUT for the first unresolved setup phase instead of switching skill families.
Non-Interactive Fail-Fast Policy (Required)
When AskUserQuestion is unavailable or blocked, do not wait silently and do not end with empty output.
Mandatory behavior:
- Resolve mode and identify the first unresolved user-choice phase before running heavy phases (full setup starts at phase
1.2).
- Stop immediately at that first unresolved phase when AskUserQuestion is unavailable/blocked.
- Print a deterministic
WAIT_INPUT response with phase id, options, and a direct reply instruction.
- End the turn immediately after printing the waiting response.
Standard response header:
WAIT_INPUT: setup requires user selection at phase <phase-id>.
Examples:
- phase
2.8 (project config bootstrap):
- option 1: create missing templates (recommended)
- option 2: overwrite templates (
--force)
- option 3: skip for now
- phase
2.10 (run ambiguity mode):
- option 1:
defer-blocking (recommended)
- option 2:
strict
- option 3:
defer-reversible
- option 4:
explore-worktrees
Always include:
Please reply with your choice.
Phase 1: Hook Group Selection
Configure which hook groups are active. Default: all enabled (hooks work without running cwf:setup).
1.1 Read Current State
Read cwf-state.yaml hooks: section for current toggle state.
1.2 Present Selection
Use AskUserQuestion with multiSelect: true. Present 9 hook groups with descriptions:
| Group | Description |
|---|
attention | Slack notifications on idle/waiting |
log | Auto-log turns + auto-commit transcripts |
read | File-size aware reading guard |
lint_markdown | Markdown validation after Write/Edit |
lint_shell | ShellCheck validation after Write/Edit |
deletion_safety | Blocks risky file deletions and requires policy-compliant justification |
workflow_gate | Enforces workflow stage/branch safety rules before edits and commands |
websearch_redirect | Redirect WebSearch to cwf:gather |
compact_recovery | Inject live session state after auto-compact and guard session↔worktree binding on prompts |
Pre-select groups that are currently enabled in cwf-state.yaml.
1.3 Write Hook Config
Apply selected hook groups with deterministic sync script:
bash {SKILL_DIR}/scripts/sync-hook-state.sh --enable "<comma-separated selected groups>"
This command writes ~/.claude/cwf-hooks-enabled.sh with:
export HOOK_ATTENTION_ENABLED="true"
export HOOK_LOG_ENABLED="true"
export HOOK_READ_ENABLED="true"
export HOOK_LINT_MARKDOWN_ENABLED="false"
export HOOK_LINT_SHELL_ENABLED="true"
export HOOK_DELETION_SAFETY_ENABLED="true"
export HOOK_WORKFLOW_GATE_ENABLED="true"
export HOOK_WEBSEARCH_REDIRECT_ENABLED="true"
export HOOK_COMPACT_RECOVERY_ENABLED="true"
- One
export HOOK_{GROUP}_ENABLED line per group (uppercased)
- Values:
"true" or "false" (quoted strings)
- Must match the variable names expected by
cwf-hook-gate.sh
1.4 Update cwf-state.yaml
The same command updates cwf-state.yaml hooks: to mirror selections:
hooks:
attention: true
log: true
read: true
lint_markdown: false
lint_shell: true
deletion_safety: true
workflow_gate: true
websearch_redirect: true
compact_recovery: true
Before moving on, verify parity:
bash {SKILL_DIR}/scripts/sync-hook-state.sh --check
Phase 2: External Tool Detection
Detect availability of external AI/search tools and local runtime dependencies used by CWF checks/skills.
2.1 Check Tools
Run external tool checks (codex, gemini, agent-browser, API keys) and local dependency checks (shellcheck, jq, gh, node, python3, lychee, markdownlint-cli2) as defined in tool-detection-and-deps.md.
2.2 Update cwf-state.yaml
Rewrite cwf-state.yaml tools: section with the detection results.
2.3 Report Results
Report detection groups:
- AI/search/browser tools + API-key presence
- local runtime dependency status
2.3.1 Missing Dependency Install Prompt (Required)
If missing dependencies exist, ask install strategy (Install missing now, Show commands only, Skip for now) and execute the matching branch from tool-detection-and-deps.md.
2.3.2 Retry Check (After Install Attempt)
After install attempts, re-run dependency check and explicitly report unresolved tools before continue/stop decision.
2.3.3 Post-Install Re-Detection + cwf-state.yaml Rewrite (Required)
When Install missing now was selected, re-run 2.1 -> 2.2 -> 2.3 in full so cwf-state.yaml stays SSOT. This is mandatory even when unresolved dependencies remain.
2.3.4 Setup Contract Bootstrap + Repo-Tool Proposal (Required for full/tools setup)
Bootstrap setup contract draft (.cwf/setup-contract.yaml by default), report contract status (created|existing|updated|fallback), and ask whether to apply repo-specific tool suggestions now. If bootstrap returns fallback, stop setup immediately and resolve bootstrap failure first.
2.3.5 agent-browser Capability Install Prompt (Optional but Recommended)
If Phase 2 reports agent-browser: unavailable, ask whether to install browser-debug capability now.
- If approved, run the install/retry branch from tool-detection-and-deps.md and re-check availability once.
- If declined, continue setup and report that browser-runtime automation paths will be limited until installed.
Detailed checks, prompts, and commands: tool-detection-and-deps.md.
Phase 2.4: Codex Integration on Full Setup (Scope-Aware)
Use this phase when:
- Mode is full setup (
cwf:setup)
- Phase 2 detected
codex: available
2.4.1 Resolve Active Plugin Scope
Resolve scope using detect-plugin-scope.sh and parse key-value output without eval (safe parser examples are in codex-scope-integration.md).
Mandatory behavior:
- Always print detected values before prompting: active scope, installed scopes, active install path, active project path.
- If detection fails or returns
none, do not silently default to user; ask user to choose target scope explicitly.
- When selected scope is
project or local and root is empty, resolve fallback root using git top-level (or current cwd).
2.4.2 Ask Integration Scope + Level
Use AskUserQuestion prompts exactly as defined in codex-scope-integration.md:
- scope target prompt
- integration level prompt (
Skills + wrapper, Skills only, Skip)
Safety guard:
- If active scope is non-user and target is
user, require a second explicit confirmation before mutation.
2.4.3 Execute Selection
Run command matrix from codex-scope-integration.md:
Skills + wrapper: run sync-skills.sh, then install-wrapper.sh --enable (add PATH only in user scope), then wrapper status.Skills only: run sync-skills.sh.Skip for now: no mutation.
2.4.4 Always Print Post-Setup Verification + Rollback
When wrapper installation was selected, always report:
install-wrapper.sh --statustype -a codex- before-vs-after summary (scope, touched paths, rollback command)
Detailed rollback/report templates are in codex-scope-integration.md, including alias boundary notes for absolute-path aliases/functions.
Phase 2.5: Codex Scope-Aware Skill Sync (Optional)
Use this phase when:
- User runs
cwf:setup --codex
- Full setup and user wants Codex to load CWF from local repo via symlink
2.5.1 Resolve Scope
Reuse Phase 2.4.1. Prompt/override details are in codex-scope-integration.md.
2.5.2 Run Sync Script
Run sync-skills.sh with selected scope and optional --project-root exactly as defined in codex-scope-integration.md.
2.5.3 Report Results
Report checklist and verification commands are in codex-scope-integration.md.
Phase 2.6: Codex Scope-Aware Wrapper Opt-In (Optional)
Use this phase when:
- User runs
cwf:setup --codex-wrapper
- Full setup and user wants Codex session logs auto-synced into repo artifacts with post-run quality checks
2.6.1 Resolve Scope
Reuse Phase 2.4.1. Prompt/override details are in codex-scope-integration.md.
2.6.2 Ask for Opt-In
Use AskUserQuestion prompt text from codex-scope-integration.md. If user declines, skip this phase.
2.6.3 Install Wrapper (Approved Only)
Run wrapper install command matrix from codex-scope-integration.md:
- user scope uses
--add-path
- project/local scope uses
--project-root
2.6.4 Report and Reversal
Status, rollback, PATH notes, and post-run tuning options are documented in codex-scope-integration.md.
Phase 2.7: Git Hook Gate Installation
Use this phase when:
- Mode is full setup (
cwf:setup)
- User runs
cwf:setup --git-hooks ...
Mandatory execution order:
-
Resolve hook install mode (--git-hooks or AskUserQuestion).
-
Resolve gate profile (fast|balanced|strict) unless mode is none.
-
Apply scripts/configure-git-hooks.sh.
-
Bootstrap run gate contract:
bash {SKILL_DIR}/scripts/bootstrap-gate-contract.sh --json
-
If contract status is fallback, stop setup (fail-safe) and request path/permission fix.
-
Report effective hook state + contract policy summary (auto -> portable, explicit authoring path only for maintainer flows).
Detailed prompts, command matrix, and reporting checklist: runtime-and-index-phases.md.
Phase 2.8: Project Config Bootstrap
Use this phase when:
- Mode is full setup (
cwf:setup)
- User runs
cwf:setup --tools
- User runs
cwf:setup --env
Mandatory behavior:
- Ask whether to create templates, overwrite templates, or skip.
- Run scripts/bootstrap-project-config.sh (
--force only for overwrite).
- Report effective runtime priority (
.cwf-config.local.yaml > .cwf-config.yaml > process env > shell exports).
- If interactive prompts are unavailable, emit deterministic
WAIT_INPUT and stop this run.
Detailed prompts, command templates, and reporting checklist: runtime-and-index-phases.md.
Phase 2.9: Agent Team Mode Setup
Use this phase when:
- Mode is full setup (
cwf:setup)
- User runs
cwf:setup --tools
- User runs
cwf:setup --agent-teams
Mandatory behavior:
- Ask mode policy (
enable, keep, disable).
- Apply via scripts/configure-agent-teams.sh with
--enable, --status, or --disable.
- Report effective status and remind restart/new session requirement.
Detailed prompts, command templates, and reporting checklist: runtime-and-index-phases.md.
Phase 2.10: cwf:run Ambiguity Mode Setup
Use this phase when:
- Mode is full setup (
cwf:setup)
- User runs
cwf:setup --tools
- User runs
cwf:setup --env
- User runs
cwf:setup --run-mode
Mandatory behavior:
- Detect current effective
CWF_RUN_AMBIGUITY_MODE (default fallback: defer-blocking).
- Ask desired default mode (
defer-blocking|strict|defer-reversible|explore-worktrees).
- Ask target config scope (
shared|local).
- Persist via scripts/configure-run-mode.sh, bootstrapping project templates when needed.
- Report selected mode/scope/path and precedence order (
--ambiguity-mode flag > local config > shared config > env/shell > built-in default).
- If interactive prompts are unavailable, emit deterministic
WAIT_INPUT and stop this run.
Detailed prompts, command templates, and reporting checklist: runtime-and-index-phases.md.
Phase 3: Generate CWF Capability Index (Explicit)
This phase runs only when --cap-index is explicitly requested.
Mandatory behavior:
- build capability index from current CWF inventories
- keep deterministic ordering and link policy
- validate coverage with
check-index-coverage.sh --profile cap
- if validation fails, regenerate and fix before finish
Detailed generation and validation checklist: runtime-and-index-phases.md.
Phase 4: Generate Repository Index (Optional)
Generate repository index when explicitly requested or approved in full setup.
Mandatory behavior:
- ask include/skip decision in full setup
- resolve output target via
--target or repository-context detection (agents, file, both)
- build deterministic inventories and ordering
- update selected output target(s) deterministically
- validate coverage with
check-index-coverage.sh --profile repo
Detailed generation and validation checklist: runtime-and-index-phases.md.
Phase 5: Lessons Checkpoint
5.1 Ask for Learnings
Ask for learnings and append lessons.md with the standard Expected/Actual/Takeaway format when provided.
5.2 Update Stage Checkpoints
Add setup to cwf-state.yaml current session's stage_checkpoints list.
Detailed lessons/checkpoint format: runtime-and-index-phases.md.
Rules
- State SSOT + idempotency: Read and edit
cwf-state.yaml (do not overwrite wholesale), and keep reruns safe/idempotent across all phases.
- Single-entry setup UX: Full setup (
cwf:setup) must execute the integrated optional decision flow for Codex, hooks, setup-contract proposal, config bootstrap, agent-teams, and run-mode phases in one run.
- Index generation is explicit and deterministic: Capability index runs only via
--cap-index; repository index runs via --repo-index with target resolution (agents, file, both) from CLI or repository context.
- Index coverage/link policy is mandatory: Generated indexes must use Markdown relative links and pass deterministic coverage checks (cap/repo profiles).
- File safety: Codex sync must use symlink + backup move (no direct user file deletion).
- Scope-aware Codex integration: Resolve active plugin scope first; non-user context must not mutate user-global Codex paths without explicit user confirmation.
- No fail-open scope fallback: If scope detection fails or returns
none, require explicit user scope selection before any Codex mutation.
- Setup-contract first-run invariant: Full/tools setup must bootstrap setup-contract and explicitly report
created|existing|updated|fallback status. fallback is fail-safe and must halt setup.
- Formatting invariant: All code fences in this skill must include language specifiers.
- Run gate contract invariant: Setup must bootstrap run gate contract and report its status/path so external repos do not silently rely on implicit gate defaults.
References
