dotfiles

Compile accepted intent into a source-bound execution policy and immutable `plan_id`, then exhaustively refine it to a policy-synthesis fixed point before handoff to the multi-plan `$st` workspace under `.ledger/st/`. Use for `$plan`, spec-to-execution lowering, adaptive probes, stabilization plans, or plan revision. Preserve semantic authority; never mutate the repository or silently select an existing `$st` plan.

Compile deep repository evidence into artifact-bound correctness doctrine, authority/law/proof maps, strongest knowledge destinations, and an optional minimal repository-skill portfolio. Use when the user wants both deep codebase understanding and durable doctrine, knowledge routing, or repository-specific skill recommendations. Research discoverable facts before asking; use `$grill-me` only for material user-owned intent choices. Not for quick onboarding, one isolated invariant, ordinary implementation, generic review, or direct skill creation.

Plan-to-PR execution controller for one named plan inside the multi-plan `$st` workspace. Use for `$actuating`, implementing a material plan, resuming an actuation run, or driving one execution-policy action. Require explicit workspace, plan, session, claim, fencing token, branch epoch, and current GCR-v2. Workers produce fenced change sets; target-branch integration is serialized through `$st`.

Realize one already selected normal form or execution-policy action inside a fenced `$st` workspace claim. Use only with explicit workspace, plan, claim, fencing token, GCR-v2, external worktree, resource boundary, and proof obligations. Emit a bounded realization result/change-set candidate; never widen scope, edit another plan, or advance the shared target branch.

Durably capture, query, map, transition, compact, export, and hand off witnessed negative evidence in repo-local `.ledger/negative-ledger/events.jsonl`; selectively admit full ledger projections to Codex memory through memory-source-notes. Use for failed semantic routes, benchmark regressions, no-effect attempts, reverts, route exclusions, reopening, or search-space pruning.

Intent-closed counterexample-guided review synthesis. Use for `$resolve`, material branch review/fix/prove/push/closure, repeated CAS/PR findings, review-driven growth, MBK/RC realization, semantic-surface conservation, or determining exactly which review observations may change code. Seal AC-v2, run bounded review batches, admit only minimal in-horizon CEX-v1 counterexamples, quotient them into one campaign kernel, realize one design, require strict review-potential progress, then close through targeted conformance and one terminal broad holdout. Not for one-shot review, PR creation, merge/land, or isolated implementation.

Reconstruct and experimentally challenge decisions from prior Codex sessions. Use for `$retrace`, historical decision replay, counterfactual forks, alternative-route challenges, hindsight-separated retrospectives, workflow-governance audits, skill decision attribution, or 'why did that session choose this?'. `$seq` owns deterministic history and source-governance evidence; `$cas` owns safe thread/rollout replay and FIR lifecycle; `$retrace` owns bounded experiments and DRR synthesis. Never present fork output as the source model's hidden chain of thought.

Mine Codex session JSONL and memory artifacts with the Zig `seq` CLI. Use for explicit `$seq`, artifact/session/tool/memory/plan forensics, skill activation and outcome audits, decision provenance, `$tune` evidence, `$retrace` source capsules, review-compiler provenance, watched-session deltas, worker attribution, or reproducible historical reports. Prefer the narrowest lifted command and preserve denominators, provenance, contamination, and uncertainty.

Canonical current-spec engine. Turn ambiguous project, architecture, implementation, or product requests into decision-complete implementation specs; or operate narrowly in gate-only, challenge-only, lint-only, or repair mode. Use for `$spec-pipeline`, write a spec, is this ready to plan, pressure-test this spec, lint this spec, repair a failed spec gate, spec automation, strict `$grill-me` to `$plan` handoff, SGR-v2 governance receipts, or legacy spec-gate/spec-challenge/spec-lint intent. Never emit a proposed_plan block.

Repository-level durable graph workspace under `.ledger/st/`. Use for `$st`, one or many plans, dependency graphs, proof-carrying completion, execution-policy horizons, multi-agent allocation, same-repo/same-target-branch coordination, session-local Codex/OpenCode projections, or resuming durable work. Every material mutation requires a current plan-scoped GCR-v2 plus a workspace claim with an unexpired fencing token.

Run Zig CAS helpers (`cas`, `cas_account`, `cas_goal`, `cas_smoke_check`, `cas_instance_runner`, `cas_review_session`, `cas_conformance_suite`) for v2 app-server account status, smoke checks, goal lifecycle control, direct thread/turn execution, detached review control, multi-instance fanout, and `$st` swarm conformance/retry-policy checks.

Safely append, inspect, validate, deploy, and materialize derived digests for typed source-evidence notes in controlled Codex memory extensions. Use only after a handoff from harness-memory, learnings, negative-ledger, or synesthesia, or an explicit custom source capture or diagnostic request. Never edits compiled memory.

Compile a sealed batch of intent-anchored CEX-v1 counterexamples into CEB-v2, one Minimum Behavioral Kernel, RC-v1, targeted review apertures, realization constraints, and an initial review-potential baseline. Use for repeated CAS/PR findings, same-family recurrence, behavioral quotienting, review batching, conformance planning, proof compression, MBK/RC synthesis, or review-driven growth. Read-only; never output patch hunks, mutate delivery, or admit raw review prose.

Make the final current-artifact readiness decision. For Minimum Behavioral Kernel `$resolve`, require a current MBKC-v1, fixed campaign base, accepted kernel, whole-PR realization, semantic-surface conservation, zero orphan code, compressed proof, current holdouts, physical commit/push, and explicit closure horizon.

Create or directly edit Codex skill packages: SKILL.md, triggers, agents/openai.yaml, scripts, references, assets, and optional decision instrumentation. Use for explicit skill creation or direct skill surgery now; classify the skill as decision/execution/evidence/orchestration/mixed, and scaffold SKDC-v1 only when stable decision rules need future `$seq`/`$tune` observability. Use `$refine` instead for usage-backed existing-skill refinement.

Own and apply bounded, evidence-backed optimization of an existing Codex skill. Use after `$tune` supplies STE-v1/SDC-v2 or a complete REFINE-SKILL-v3 brief; inspect the target package, select one smallest intervention, edit only authorized files, preserve stable decision-contract IDs, and validate static structure, contract consistency, and the named behavioral `$seq` query. Not for broad historical diagnosis or system-managed skill optimization.

Tune an existing Codex skill by comparing its intended decision contract with observed decision episodes and outcomes. Prefer `seq skill-decision-audit --mode tune-packet`; use for `$tune`, intended-vs-observed behavior, missed/false/ceremonial activations, ignored clauses, wrong routes, outcome regressions, repeated workarounds, STE-v1 packets, skill-delta candidates, or explicit `$refine` handoff. Stop at audit/proposal unless apply is explicit. `$seq` CLI changes require a separate special spec.

Reversible cross-modal diagnostic lens for software. Use when the user asks what code, architecture, behavior, logs, APIs, or alternatives feel, sound, look, or move like; for compare-by-feel analysis; when literal analysis leaves multiple plausible structural, temporal, interaction, or boundary interpretations that cross-modal recoding could distinguish; or after an owning technical workflow documents such an ambiguity. Start from literal evidence and translate every sensory statement into a technical hypothesis, uncertainty, falsifier, and next move. Not for ordinary architecture, performance, readability, or UX audits; exact syntax; legal/compliance or security sign-off; or code mutation by itself.

Systematically explore unfamiliar codebases and build reusable architecture summaries. Use for repo onboarding, legacy-code understanding, data-flow maps, entry-point discovery, or explicit parallel Codex subagent exploration.

Create/manage Codex app automations in local SQLite (~/.codex/sqlite/codex-dev.db). Use to add, list, update, enable/disable, delete, run now, edit names/prompts/RRULE/cwd scopes, or inspect automation records while troubleshooting.

Create a language-agnostic ghost package from a repo: SPEC.md, exhaustive tests.yaml, INSTALL.md, README.md, VERIFY.md, and LICENSE provenance/regeneration. Use for `$ghost`, ghostify, spec-ify/spec-package this library, ghost library, or portable spec/tests for libraries or tool-using agent loops. For Lean-aided/formal/proved extraction, keep Ghost as artifact authority and route Lean modeling/proof through `$lean`. Not for implementation or skill edits.

Orchestrate evidence-backed optimization of user-owned Codex skills through $seq or $shadow evidence, $tune diagnosis, and $refine package editing and validation. Use for explicit skill audits, missed/false/ceremonial activation, decision-contract tuning, regression repair, or authorized skill edits. Not for application-code optimization or autonomous portfolio mutation.

Historical learning skill for the specification system. Mine multiple prior specs, SGR-v2 receipts, plans, sessions, reports, and churn evidence into concrete updates to `$spec-pipeline` contracts, tools, subagent policy, exemplars, and measurement. Use for `$spec-retro`, improve my spec process from history, analyze spec usage reports, mine plan churn, missing phase impact, repeated gate/challenge/lint failures, or report-to-automation work. Do not use for producing or linting one current spec.

Convert review claims into minimal, intent-anchored counterexamples. Verify current behavior, branch liability, AC-v2 horizon relation, novelty, kernel impact, and the only legal disposition. Use for review findings, PR comments, CAS findings, terminal holdouts, CEX-v1, or deciding whether a valid issue belongs in the current campaign. Under `$resolve`, never issue direct code-mutation authority or hand raw review prose to an implementer.

Use when software needs a structural or categorical architecture rather than ordinary feature work: impossible-state models, repeated boundary validation, opaque callbacks/effects, typed component wiring, effect-ordering ambiguity, syntax mixed with execution, duplicated projections, public contracts shaping internals, certified context, exact abstractions, or a request to design or implement any computable system on an effective universal substrate. Choose one signal, one seam, and the smallest honest construction; require effective presentation, concrete primitives, interpreter, observations, laws, falsifier, and resource model. When the user explicitly requests team/subagent mode, orchestrate the bundled Universalist agents and synthesize an Effective Universal Architecture Certificate. Includes internal Kan/Yoneda/Coyoneda/Freyd-AFT/Freyd-category/operad/codensity/CQL/sheafification mechanics.

Allows you to view the user's screen as well as several hours of history. Use when the user makes a reference to their recent work, for which it'd be helpful to see the screen. This skill MUST be used whenever you need to resolve ambiguity in a user request, where the user hasn't specified enough context to do the task. Examples include disambiguating the specific user/app/document/error the user is referring to. You must also use this skill if the user asks about any question regarding Chronicle or asks what you can see from the screen.

Capture durable, evidence-backed corrections and steering about how Codex should operate, then hand accepted rules to memory-source-notes for append-only harness admission. Use for explicit durable operating corrections, repeated harness rules, verification gates, stop rules, or escalation rules.

Capture, browse, query, supersede, and selectively admit evidence-backed execution learnings from repo-local `.learnings.jsonl`. Trigger for `$learnings`, browse/recent/search learnings, lessons learned, takeaways, wrap up, handoff, validation transitions, strategy pivots, footguns, retry loops, or memory admission of a durable learning.

Use for Zig 0.16.0 implementation, review, migration, build/package, comptime/codegen, formatting/lint, testing/fuzzing, profiling, hazardous low-level code, FFI/layout, concurrency, cache operations, and semantic failures involving proof binding, borrowed-lifetime escape, fallible mutation atomicity, parser/verifier completeness, repository contract drift, or stale proof context. Verify the installed Zig version before version-sensitive work.

Existing-code comprehension and local winnowing preflight. Use for simplify/refactor/clean up/untangle, nested branches, boolean soup, opaque names, mixed responsibilities, cross-file state, or review stalls. Factor the local whole, separate essential/incidental/specification-risk factors, winnow dominated or duplicated factors, and emit the smallest clarity cut. Not for broad architectural layer removal, kernel quotienting, invariant remediation, or greenfield planning.

Audit over-engineered codebases by factoring layers into live obligations, quotienting redundant distinctions, ablating unearned surface, and normalizing the survivors while preserving required behavior. Use when change latency or agent difficulty comes from frameworks, plugins, DI, codegen, task runners, config indirection, ORMs, GraphQL, monorepo/infra tooling, web stacks, or requests to remove layers. Produces evidence-backed Reduction Certificates, cuts, migration phases, proof signals, rollback, and an essential-abstraction check.

Run a proof-heavy simplification campaign that factors code, classifies duplication, quotients proven-equivalent distinctions, ablates redundant surface, and normalizes the survivors. Use when simplification must preserve a declared observation set or exact structure. This skill treats isomorphism as an optional strict preservation relation, not as the reduction objective. Route intentional contractions of obsolete, invalid, or legacy behavior to `reduce` or `resolve` under a refinement-preserving contract.

Watch exactly one Codex session through one target-skill lens and emit only decision-relevant deltas. Prefer `seq skill-decision-audit --mode delta` for `$shadow $tune`; use for shadow/tail/follow/monitor one session, missed or contrary skill decisions, validation/outcome changes, worker decisions, or goal-cycle status. Do not scan broad history, inspect raw JSONL, create a second continual controller, or repeat full analysis when the cursor contains no new decision evidence.

Run one explicit glaze escalation pass verbatim, requiring a material new frame, invariant, mechanism, or artifact. Use for `$glaze`, merely adequate first answers, or preserving original rhetoric while pushing to a materially stronger direction.

Implement exactly the owned contract with the smallest sufficient surface. In Minimum Behavioral Kernel mode, realize an accepted kernel design in a disposable worktree without introducing new distinctions, orphan constructs, or wound-specific proof.

Apply Algebra-Driven Design. Use for ADD, denotational design, combinator models, law-driven architecture, domain algebra, property tests, codebase modeling, event sourcing, workflow design, or agentic skill design. If the canonical bundle is unavailable, use this wrapper as the minimal ADD kernel and report the missing bundle path.

Turn should-never-happen into cannot-happen with authority-gated invariant design: owned inductive invariants, counterexample traces, source-of-truth proof, transition preservation, exception authority, witness parity, enforcement boundary, and verification. Use for invariants, impossible states, validation sprawl, cache/index drift, idempotency/versioning, retries/duplicates/out-of-order events, races, loop correctness, policy exceptions, generator/validator parity, descriptor identity, witness drift, fixture preconditions, or invariant-first hardening. Not for generic refactors, architecture essays, or implementation without an invariant gate.

Systems-thinking and feedback-control skill. Use for `$cybernetic`, cybernetics, complex adaptive systems, root-cause vs structure, feedback loops, stocks/flows, leverage points, incentives, delayed effects, unintended consequences, DART diagnosis, clear/complicated/complex/chaotic classification, intervention/policy design, organizational dynamics, product/business/ecosystem diagnosis, workflow loops, same-cluster review recurrence, or avoiding local optimizations that harm the whole. Produces cybernetic_context or cybernetic_packet; read-only unless routed to implementation.

Manage local Codex account switching with a metadata-only TOML config, safe auth.json vault backups, queued next-turn activation hooks, and weekly reset-cycle rotation. Use when the user asks to manage Codex accounts, switch Codex accounts, install account-switch hooks, inspect account status, or rotate through accounts after weekly limits reset.

Use for deliberate Lean 4 work: proof repair, theorem development, verified programs, model/specification design, external-code models, state-machine or trace invariants, termination proofs, Std/mathlib theorem discovery, Lake/toolchain diagnosis, and high-assurance trust audits. Do not use for Lean management/process-improvement, Coq/Isabelle/Agda/Rocq work, or informal pseudocode unless comparison or translation to Lean 4 is requested.