Ecosystem Update - 2026-07-11
Highlights
- The daily community sources were quiet:
awesome-claude-codehad only automated ticker refreshes, while Boris's site andcodex-cli-best-practiceexposed no post-run workflow changes - The strongest runtime delta is on Codex main: materialized listed-workspace plugins can have hook hashes trusted after refresh, and terminal/plugin events are gaining richer completion and scheduled-task metadata. The local runtime deliberately has
plugin_hooks = false, so these are upgrade-and-audit items, not safe automatic changes - New research reinforces the current code-owned contract and verifier posture. The useful remaining gaps are contamination-resistant long-horizon task evals and a bounded way to identify repeated SOP steps that deserve validated tools
Quick Wins (implemented today)
-
None passed the automatic-change gate n/aNo harness files changed
New Tools, Skills & Patterns
-
Contamination-resistant long-horizon task eval slice research, Impact 3 / Effort 2 = 1.5https://arxiv.org/abs/2607.07946 - Add a small set of original tasks with hand-written behavioral verifiers to the existing task-eval path so closure quality is measured independently of public issue history and inherited fix tests
-
Stable plugin-hook trust upgrade smoke hook, Impact 3 / Effort 2 = 1.5https://github.com/openai/codex/commit/076a110eb83445fd33fcd40f9a70f3ad84120f76 - When the behavior reaches a stable release, audit install-policy boundaries and verify that only listed workspace plugins for the active account receive current hook hashes before considering
plugin_hooksenablement -
Terminal completion metadata adapter agent-pattern, Impact 2 / Effort 2 = 1.0https://github.com/openai/codex/commit/c4318c386de365bd0dd9595a08d55a30bb142d11 - After a stable upgrade exposes terminal errors in completion events, test whether the existing failure-context/completion-evidence path can consume them without another logging layer
-
Repeated-SOP tool candidate profiler skill, Impact 2 / Effort 2 = 1.0https://arxiv.org/abs/2607.08010 - Extend existing evaluation or analysis surfaces to identify recurring deterministic steps and propose versioned tools; keep synthesis, validation, and promotion human-gated
Research Worth Reading
-
TTHE: Test-Time Harness Evolution- Relevant to
evolveandautoconfig, but its unsupervised population/judge loop should remain research until execution-derived proxy reliability is independently verified -
From Prompts to Contracts: Harness Engineering for Auditable Enterprise LLM Agents- Supports the current pattern of moving guarantees into code, manifests, schemas, traces, and fault-detecting validators instead of prompt-only policy
-
DeepSWE: Measuring Frontier Coding Agents on Original, Long-Horizon Engineering Tasks- Its original tasks and hand-written verifiers offer a concrete design for stronger local task-eval evidence
-
Tool-Making and Self-Evolving LLM Agents in Low-Latency Systems- Suggests compiling repeated, validated procedures into versioned tools rather than regenerating identical code on every run
-
Aleena: Alignment Agent for Research Software Engineering Collaborations- Useful as a comparison point for decision continuity across chat, meetings, issues, and pull requests
Considered, Not Adopting
Items reviewed and explicitly declined this cycle, with the reason. Curation discipline matters more than coverage.
- Automatically enable plugin hooks — - Rejected because the feature is intentionally disabled and today's hook-trust behavior is on main, not established in the installed stable runtime; enabling executable plugin hooks requires a security review and stable smoke test
- Automatically upgrade Codex from main — - Rejected because source commits are not a stable release boundary, and binary upgrades are outside the Quick Win mutation limits
- Test-time population evolution in the live harness — - Rejected as overengineered and insufficiently verified; it introduces persistent self-modification driven by proxy signals where the local loop contract requires deterministic verifiers, budgets, stop conditions, and human gates
- Plugin scheduled-task metadata as a harness edit — - Rejected as low-impact UI/observability metadata with no safe local config action; revisit only after it ships and a concrete visibility gap appears
-
Ticker-only catalog refreshes or wholesale community imports — - Rejected because the only
awesome-claude-codechanges were generated popularity data, and importing external bundles would bypass selective skill audit - Policy-document edits — - Rejected by the ecosystem-update hard limit; no source finding justified explicit constitutional changes