Ecosystem Update - 2026-06-04
TL;DR
- Today's strongest signal is the June workflow writeup from Boris/Thariq: task-specific harnesses, separate verifier contexts, loop-until-done, token budgets, and reusable workflow templates.
- The current Codex setup already covers most of the underlying primitives:
/auto, planning-gate, route classification, bounded subagents, read-only reviewers, verifier agents, hooks, rules, MCP, plugins, and conservative profiles. - No safe Quick Win passed the automatic mutation gate today; the useful gaps involve new workflow templates, quarantine semantics, or runtime policy changes, all of which should stay in the Build Queue.
Quick Wins
| Item | Source | Type | Impact | Effort | Action |
|---|---|---|---|---|---|
| None today | https://howborisusesclaudecode.com/ | agent-pattern | - | - | No harness mutation met the Quick Win threshold plus the skill hard limits. |
Auto-Implemented
- No harness files were changed. Report and state updates only.
- No backup was needed because no Quick Win mutated
~/.codex/config.toml,~/.codex/hooks.json, or~/.codex/agents/*.toml. - Verification baseline passed:
python3 ~/.codex/bin/codex-runtime-doctorreportederrors=0 warnings=4; warnings are the known CLI split/pre-release app CLI,TERM=dumb, and report-only process posture.
Build Queue
- Codex-owned workflow template adapter (agent-pattern) - https://howborisusesclaudecode.com/ - Boris/Thariq's June workflow notes describe saving reusable dynamic workflows and distributing them through skills. Current Codex has
/auto, planning-gate, skills, and subagents, but no Codex-owned template adapter that records which harness patterns worked for recurring work without replaying external JavaScript workflows. - Untrusted-source quarantine for fan-out agents (agent-pattern) - https://howborisusesclaudecode.com/ - The workflow guide calls out quarantine for agents reading public/untrusted content before they take privileged actions. Current policy blocks raw prompt exfiltration and disables destructive app actions by default, but the harness could use an explicit route rule or evaluator for "external-read then privileged-action" chains.
- Comparative tournament evaluator for taste/evals/routing (research) - https://howborisusesclaudecode.com/ - Tournament and pairwise judging patterns could improve design review, model routing, and skill evals. This belongs as an eval harness extension, not a default orchestration layer.
- PostCompact hook support review (hook) - https://github.com/shanraisshan/codex-cli-hooks - Community hook notes continue to advertise broader compact lifecycle coverage. Current harness has
PreCompactand session-start compact coverage; addingPostCompactshould wait for a verified supported event and an existing target script.
Research
- No fresh Tier 2 arXiv paper from the last 24 hours cleared the "directly applicable and not already seen" bar. The arXiv API returned 429 during the crawl; the web supplement surfaced older items already represented in prior state, including self-improving coding agents, autonomous software agents, agent worm re-entry defenses, and multi-agent CTF evaluations.
Already Have
OpenAI developer docs MCP, live web search posture, GPT-5.5 default model, review model override, goals enabled, prompt telemetry off, destructive app tools disabled by default, direct/lightweight/autonomous task contract, /auto, planning-gate, /drive and /govern compatibility wrappers, route manifest, UserPromptSubmit classifier, PreToolUse Bash guard, PostToolUse verification ledger, failure-context hook, SessionStart startup/resume/clear/compact coverage, Stop and PreCompact omni-mem hooks, read-only explorer/planner/reviewer/python-reviewer/typescript-reviewer/validator agents, worker and chad-twin agents, agent nickname metadata, bounded max_threads, max_depth, and worker runtime, conservative and review profiles, execpolicy rules directory, plugins and marketplaces, MCP servers, skills with creator/installer/audit flows, rlm-scan, skills-janitor, codex-security, security-audit, what-would-chad-do, runtime doctor, config posture checker, AGENTS.md/runtime-reference split, and daily ecosystem state dedupe.
Rejected
- Auto-create
~/.codex/workflowsor workflow JavaScript templates - would add a new runtime surface and arbitrary files; useful, but not a safe daily Quick Win. - Add
PostCompacthook wiring immediately - no existing explicitly scoped target script was identified, and the skill forbids adding hooks that require new scripts. - Enable native Codex memories as a Quick Win - conflicts with the current omni-mem-first runtime policy and prior rejection history.
- Enable plugin hooks globally - current config intentionally has
plugin_hooks = false; third-party hook loading needs a trust review and targeted need. - Install community skill/plugin catalogs wholesale - duplicates existing local skills and bypasses the outside-skill audit rule.
- Edit
~/.codex/AGENTS.mdor~/AGENTS.mdas a Quick Win - policy docs are explicitly out of scope for automatic daily mutations. - Add a new daemon or external workflow control plane - current
/autoplus subagents covers the recurring need; today's crawl supports targeted adapters, not another service.
Sources checked: https://github.com/hesreallyhim/awesome-claude-code, https://raw.githubusercontent.com/hesreallyhim/awesome-claude-code/main/THE_RESOURCES_TABLE.csv, https://howborisusesclaudecode.com/, https://github.com/shanraisshan/codex-cli-best-practice, https://raw.githubusercontent.com/shanraisshan/codex-cli-best-practice/main/README.md, supplemental web search for Codex hooks/agents/skills, https://arxiv.org/search/?searchtype=all&query=LLM+agent+coding&order=-announced_date_first, arXiv web search supplement, https://developers.openai.com/codex/config-reference Tier 2 fetched: yes - arXiv API returned 429; web supplement checked Tier 3 fetched: no - last tier3 run was 2026-05-30T10:34:13Z, still within 7 days Run at: 2026-06-04T05:52:00-04:00