~/chadacus.dev/ecosystem-update/2026-06-06

Ecosystem Update - 2026-06-06

June 6, 2026 · curated by Chad Simon · 18 items reviewed

Highlights

  • No safe automatic harness Quick Win was found today; current candidate hook gaps need new or adapted scripts before wiring
  • Official Codex docs now list PermissionRequest, PostCompact, SubagentStart, and SubagentStop as supported hook events, while the local harness currently covers PreToolUse, PostToolUse, SessionStart, UserPromptSubmit, Stop, and PreCompact
  • Weekly community signal is still strongest around hook catalogs, guarded first-attempt investigation, skill gotchas, and orchestration queues; the local setup already has most primitives, so the remaining work should be measured adapters rather than wholesale imports

Quick Wins (implemented today)

  • None -
    Daily + weekly crawl
    No candidate passed the alignment and existing-script safety gates

New Tools, Skills & Patterns

  • Official PostCompact hook design hook
    https://developers.openai.com/codex/hooks#matcher-patterns - Codex now documents PostCompact with manual|auto matchers and shared output fields. Add only after defining a Codex-owned script that has a real post-compaction job; do not wire placeholder echoes
  • PermissionRequest approval bridge review hook
    https://developers.openai.com/codex/hooks - PermissionRequest can make allow/deny decisions before approval prompts. This belongs in a deliberate conservative-profile review because the active default is approval_policy = "never"
  • Subagent lifecycle hook support review hook
    https://developers.openai.com/codex/hooks#matcher-patterns - SubagentStart and SubagentStop are now in the official matcher matrix. Evaluate whether AgentOps needs a lifecycle ledger hook before adding another global hook
  • Managed hook directory trust review hook
    https://developers.openai.com/codex/config-reference#configtoml - Official config now documents managed hook directories and warns that non-managed command hooks require review/trust. Current scripts are direct absolute paths; assess whether managed hooks reduce trust friction without adding a migration burden
  • SPOQ wave-dispatch eval adapter
    https://arxiv.org/abs/2606.03115v1 - Specialist Orchestrated Queuing maps closely to /auto and planning-gate: dependency waves, dual validation gates, and human-as-agent checkpoints are worth testing against existing routing before changing dispatch policy

Research Worth Reading

  • SPOQ: Specialist Orchestrated Queuing for Multi-Agent Software Engineering
    - Directly relevant to multi-agent task graphs, validation gates, and bounded parallelism in the current Codex AgentOps projection
  • Agentic Monte Carlo: Simulating Reinforcement Learning for Black-Box Agents
    - Useful for router-frontier and eval-harness thinking: test-time trajectory sampling may improve black-box agent policy without model training
  • RAT: RunAnyThing via Fully Automated Environment Configuration
    - Updated June 4; relevant to runtime-doctor and repository setup verification, but too broad for an automatic daily harness change
  • Human-AI Collaboration and the Transformation of Software Engineering Work
    - High-level but reinforces the local bias toward intent specification, verification, governance, and accountable oversight over raw code volume

Considered, Not Adopting

Items reviewed and explicitly declined this cycle, with the reason. Curation discipline matters more than coverage.

  • Auto-wire PostCompact, PermissionRequest, SubagentStart, or SubagentStop today - official support exists, but no existing target script was proven for those events; the ecosystem-update Quick Win rules forbid hook wiring that requires new scripts.
  • Add apply_patch|Edit|Write matchers to existing edit_verify_async.py hook - the script exits unless tool_name == "Bash", so edit matcher wiring would only create apparent coverage.
  • Auto-upgrade Codex CLI to stable 0.137.0 or pre-release 0.138.0-alpha.5 - the local PATH CLI is 0.133.0 and the packaged app CLI is 0.135.0-alpha.1, but CLI upgrades remain explicit upgrade/smoke tasks, not daily automatic mutations.
  • Enable native Codex memories globally - conflicts with the current omni-mem-first policy and prompt-telemetry posture.
  • Enable plugin hooks globally - current trust boundary remains unresolved; config correctly keeps plugin_hooks = false.
  • Wholesale install am-will/codex-skills, awesome-claude-code-toolkit, oh-my-skills, GateGuard, or cc-safe-setup - external skills and hook bundles require strict audit and Codex-owned adaptation before trust.
  • Edit ~/.codex/AGENTS.md, ~/AGENTS.md, or introduce policy-file modularization as a Quick Win - constitutional policy docs are explicitly out of Quick Win scope.
  • Add global auto-format or auto-test edit hooks - broad PostToolUse edit automation can mutate unrelated user work and needs project-level opt-in plus dedicated scripts.

Sources Reviewed

// archive

← back to all digests