Ecosystem Update - 2026-05-18

May 18, 2026 · generated by the ecosystem-update Claude Skill

TL;DR

Two safe config-only Quick Wins were implemented: disabled the placeholder pokegen skill globally and added an optional conservative-auto-review profile.
Today's community sources mostly reinforce what this setup already has: compact AGENTS policy, hooks, role-specific subagents, skill progressive disclosure, live web search, and verification-first closure.
The strongest new research signal is cost-aware agent design: programmatic state/context beats deeper deliberation, and coding-agent context pruning deserves a local eval before implementation.

Quick Wins

Item	Source	Type	Impact	Effort	Action
Placeholder `pokegen` skill disable	OpenAI config reference, local skill inventory	skill	2	1	Add global `[[skills.config]]` with `enabled = false` for `/Users/chadsimon/.agents/skills/pokegen`.
Conservative auto-review profile	OpenAI config reference, codex-cli-best-practice	Codex-md	2	1	Add non-default `[profiles.conservative-auto-review]` using `workspace-write`, `on-request`, cached web, and `approvals_reviewer = "auto_review"`.

Auto-Implemented

Backed up config.toml, hooks.json, and all current agent TOMLs under /Users/chadsimon/.codex/backups/2026-05-18/.
Updated /Users/chadsimon/.codex/config.toml only.
Verified hooks.json with python3 -m json.tool.
Verified config.toml parses with tomllib.
Verified codex --version and codex --profile conservative-auto-review --version both load cleanly on codex-cli 0.130.0.
Verified codex --profile conservative-auto-review features list succeeds and python3 ~/.codex/bin/codex_config_posture.py --mode warn reports Codex config posture ok.
Ran python3 ~/.codex/bin/codex-runtime-doctor; config, hooks, policy, and MCP listing checks passed, but the doctor exited with the existing local Docker/omni-mem unavailable error.

Build Queue

Granular approval policy profile (Codex-md) - OpenAI config reference - Design a named profile that uses approval_policy.granular for rule, MCP elicitation, request-permission, and skill-approval prompts; do not make it default until prompt categories are tested locally.
cc-discipline-style edit-loop guard (hook) - awesome-claude-code-toolkit - Current hooks record verification and block catastrophic shell commands, but do not hard-stop repeated edit loops or skipped verification streaks; this needs a new local script, so it is not a Quick Win.
llm-prices MCP cost intake (mcp) - awesome-claude-code-toolkit commit stream - Audit whether a model-pricing MCP can inform autoconfig or route selection without adding a new dependency to normal turns.
Property-guided closure checks (research) - Property-Guided LLM Program Synthesis for Planning - Convert closure criteria into counterexample-producing predicates for task evals where concrete properties exist.
Agent skill scoping smoke (skill) - openai/codex#14161 - Verify current CLI behavior for agent-local [[skills.config]] before relying on per-agent skill allow/deny rules.

Research

Context Pruning for Coding Agents via Multi-Rubric Latent Reasoning - Strong fit for rlm-scan and retrieval hygiene: separates semantic evidence from dependency support and reports token savings on multi-turn coding tasks.
Context, Reasoning, and Hierarchy: A Cost-Performance Study of Compound LLM Agent Design in an Adversarial POMDP - Directly relevant to current subagent discipline: clean decomposition and programmatic state beat stacked deliberation in their setting.
Look Before You Leap: Autonomous Exploration for LLM Agents - Supports the existing discover-before-edit posture and suggests a measurable exploration coverage metric.
FORGE: Self-Evolving Agent Memory With No Weight Updates via Population Broadcast - Relevant to evolve and omni-mem, but should stay research until memory broadcast is backed by local evals.
TopoEvo: A Topology-Aware Self-Evolving Multi-Agent Framework for Root Cause Analysis in Microservices - Useful pattern for incident skills: Hypothesis-Evidence-Test workflows and topology-grounded evidence.
CAPS: Cascaded Adaptive Pairwise Selection for Efficient Parallel Reasoning - Candidate-selection idea for parallel agents: spend verifier tokens adaptively instead of pairwise-reviewing everything at full context.
CAX-Agent: A Lightweight Agent Harness for Reliable APDL Automation - Reinforces deterministic recovery ladders: rule patching, model regeneration, context enrichment, then human intervention.

Already Have

gpt-5.5 power-user default, approval_policy = "never", sandbox_mode = "danger-full-access", prompt telemetry off, live web search plus high-context location-aware tools.web_search, schema-linked config.toml, features.hooks = true, plugins, apps, goals, prevent-idle-sleep, OpenAI developer docs MCP with parallel calls, omni-mem MCP configured, Stitch/Kickstarter/Numerai MCP entries, Browser/Chrome/Computer Use/Documents/Spreadsheets/Presentations/Gmail/OpenAI Developers plugins, Bash PreToolUse catastrophic-command guard, Bash PostToolUse verification ledger, Bash failure-context hook, SessionStart repo-context and config-posture checks, Stop and PreCompact omni-mem hooks, read-only explorer/planner/reviewer/python-reviewer/typescript-reviewer/validator agents, scoped worker and chad-twin agents, bounded agent depth/thread/runtime caps, profiles.review, profiles.conservative, profiles.conservative-auto-review, global placeholder pokegen disable, sandbox_workspace_write.network_access = true, shell environment policy with prompt telemetry disabled, tools.view_image, session-recall, rlm-scan, planning-gate, auto, drive, go, codex-security, security-audit, codex-runtime-doctor, what-would-chad-do, and codex-cli 0.130.0.

Rejected

Upgrade to 0.131.0-alpha.22 - rejected as a Quick Win because it is still a pre-release and the current global posture forbids enabling under-development runtime features globally without rollback notes and validation.
Wholesale install cc-discipline or Claude toolkit hooks - rejected because outside hooks/scripts must be audited and adapted to Codex-owned surfaces before execution.
Set allow_login_shell = false globally - rejected because this machine relies on zsh/login-shell behavior in normal command execution; evaluate only as a profile-specific hardening pass.
Enable plugin_hooks automatically - rejected because plugin-bundled hooks are still under-development and require trust review.
Enable native Codex memories - rejected because omni-mem is the configured canonical memory system here.
Edit AGENTS.md as a Quick Win - rejected by the ecosystem-update hard limit; constitutional policy changes require explicit direction.

Sources checked: https://github.com/hesreallyhim/awesome-claude-code, https://howborisusesclaudecode.com/, https://github.com/shanraisshan/codex-cli-best-practice, https://github.com/rohitg00/awesome-claude-code-toolkit, https://developers.openai.com/codex/config-reference, https://github.com/openai/codex/releases, https://api.github.com/repos/openai/codex/releases, https://arxiv.org/list/cs.AI/recent, https://arxiv.org/list/cs.SE/recent, https://arxiv.org/abs/2605.15315, https://arxiv.org/abs/2605.16205, https://arxiv.org/abs/2605.16143, https://arxiv.org/abs/2605.16233, https://arxiv.org/abs/2605.15611, https://arxiv.org/abs/2605.15513, https://arxiv.org/abs/2605.15218, https://github.com/openai/codex/issues/14161 Tier 2 fetched: yes; direct arXiv export API returned Rate exceeded, so HTML recent/abstract pages and web search were used. Tier 3 fetched: yes; refreshed because this was an explicit dated daily crawl. omni-mem write: skipped; local Docker/omni-mem was unavailable. Run at: 2026-05-18T10:36:13Z