~/chadacus.dev/ecosystem-update/2026-07-03

Ecosystem Update - 2026-07-03

July 3, 2026 · generated by the ecosystem-update Claude Skill

TL;DR

  • No safe harness Quick Wins cleared the automatic-change gate today; all high-value items need new scripts, explicit policy direction, or deeper eval work.
  • Today's strongest signal is action-boundary safety: new DevOps and safety-testing papers argue that completion alone overstates safe autonomy.
  • Skill quality is becoming a serious maintenance surface; two new arXiv papers point toward local skill-smell and provenance audits rather than wholesale registry installs.

Quick Wins

Item Source Type Impact Effort Action
None admitted Current crawl hook / skill / agent-pattern - - No automatic harness mutation passed the hard limits.

Build Queue

  • UnderSpecBench action-boundary eval adapter (research) - https://arxiv.org/abs/2607.02294 - Add a small eval pack for ambiguous DevOps-style prompts that proves Codex asks or defers when target, intent, or blast radius is underspecified.
  • Vera-style safety-case harness (research) - https://arxiv.org/abs/2607.01793 - Convert the evidence-grounded safety-case pattern into a local AgentOps validation spike: executable initial state, deterministic predicate, and tool-call evidence.
  • SKILL.md smell audit extension (skill) - https://arxiv.org/abs/2607.01456 - Extend codex-skill-audit --strict or add a companion report mode for missing triggers, unclear scope, unsafe scripts, weak verification, and stale operational contracts.
  • Agent dependency graph / BOM spike (agent-pattern) - https://arxiv.org/abs/2607.01640 - Prototype a read-only map of agents, prompts, tools, MCP servers, memory, and allowed capabilities for local agent repos before adopting a larger governance graph.
  • PAIR-Bench-style progressive repair metrics (research) - https://arxiv.org/abs/2607.01360 - Add repair-trajectory evidence to task evals so validation can distinguish partial progress, regression, hint dependence, and final pass/fail.
  • cc-thingz selective audit (skill / hook) - https://github.com/alexei-led/cc-thingz - Audit the portable suite for individual ideas such as protected-path checks, skill suggestion, and focused test selection, without enabling plugin hooks or importing the suite wholesale.
  • Public Codex skill catalog triage (skill) - https://github.com/composiohq/awesome-codex-skills - Use the catalog as discovery input for skill-audit candidates only; do not install catalog skills until each source passes strict local audit.

Research

Already Have

features.hooks = true, features.plugins = true, plugin_hooks = false by design, approval_policy = "never", sandbox_mode = "danger-full-access", service_tier = "fast", prompt telemetry disabled, OpenAI developer docs MCP, omni-mem MCP, node REPL MCP, Wren MCP, Numerai MCP, project doc fallback limited to AGENTS.md, global hook coverage for PreToolUse, PostToolUse, SessionStart, UserPromptSubmit, Stop, and PreCompact, existing pre_tool_guard.py, edit_verify_async.py, tool_failure_context.py, completion_gate.py, classify_prompt.py, session_startup.py, codex_config_posture.py, and omni-mem compaction/stop hooks, read-only reviewer/explorer/validator agents, scoped Python and TypeScript reviewers, max_depth = 1, max_threads = 3, job_max_runtime_seconds = 1800, installed local skills for security review, security audit, rlm scanning, Playwright, memory adaptation, planning gate, auto/drive/build/govern wrappers, ecosystem update, skill audit, skill installer, skill creator, OpenAI docs, and document/PDF/spreadsheet/presentation/plugin skills, prior queued source-only compatibility rescue from RepoRescue, prior rejected native memories, wholesale skill catalogs, automatic Codex upgrades, unsupported hook wiring, default deeper nesting, worktree isolation, AGENTS policy edits, and plugin-hook quick enables.

Rejected

  • Enable features.plugin_hooks = true for cc-thingz - rejected as under-development feature enablement plus third-party hook execution; requires explicit audit and rollback notes.
  • Install cc-thingz wholesale - rejected as external skill/hook bundle import; individual ideas can be audited, but no direct install.
  • Install Composio/awesome-codex-skills entries automatically - rejected because public catalog discovery is not trust; outside skills require codex-skill-audit --strict.
  • Wire PermissionRequest, PostCompact, SubagentStart, or SubagentStop hooks immediately - rejected because no existing local script was identified with correct event semantics; new hook scripts are Build Queue work, not Quick Wins.
  • Adopt Boris-style worktree isolation or deeper default nested agents - rejected because current max_depth = 1 and bounded threads are deliberate safety posture; increasing them is not a one-line safety gain.
  • Edit AGENTS.md for modular imports or new policy language - rejected by the ecosystem-update hard limit and runtime contract; constitutional changes need explicit user direction.
  • Enable native Codex memories - rejected because omni-mem is the active memory system and native memories remain disabled by current posture.
  • Install voice/audio Codex hook packs - rejected as convenience-only and already covered by existing notify hooks.

Auto-Implemented

  • None. No config, hook, agent, skill, plugin, policy, or website files were modified.

Sources checked: https://github.com/hesreallyhim/awesome-claude-code, https://howborisusesclaudecode.com/, https://github.com/shanraisshan/codex-cli-best-practice, https://github.com/shanraisshan/codex-cli-hooks, https://github.com/alexei-led/cc-thingz, https://github.com/composiohq/awesome-codex-skills, https://github.com/openai/codex/discussions/16329, https://developers.openai.com/codex/config-reference, https://developers.openai.com/codex/config-advanced, https://arxiv.org/search/?searchtype=all&query=LLM+agent+coding&order=-announced_date_first, https://arxiv.org/abs/2607.02294, https://arxiv.org/abs/2607.01793, https://arxiv.org/abs/2607.01456, https://arxiv.org/abs/2607.00911, https://arxiv.org/abs/2607.01640, https://arxiv.org/abs/2607.01360 Tier 2 fetched: yes Tier 3 fetched: no - last run was 2026-07-01T06:33:31-04:00, inside the 7-day gate Run at: 2026-07-03T06:31:56-04:00

// archive

← back to all digests