hai/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-08 21:49:45 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
1211b6b40becb684eaf29b0f30a650a8a9b222a5
gstack/openclaw/skills/gstack-openclaw-ceo-review/SKILL.md
Garry Tan 1211b6b40b community wave: 6 PRs + hardening (v0.18.1.0) (#1028) 
* fix: extend tilde-in-assignment fix to design resolver + 4 skill templates

PR #993 fixed the Claude Code permission prompt for `scripts/resolvers/browse.ts`
and `gstack-upgrade/SKILL.md.tmpl`. Same bug lives in three more places that
weren't on the contributor's branch:

- `scripts/resolvers/design.ts` (3 spots: D=, B=, and _DESIGN_DIR=)
- `design-shotgun/SKILL.md.tmpl` (_DESIGN_DIR=)
- `plan-design-review/SKILL.md.tmpl` (_DESIGN_DIR=)
- `design-consultation/SKILL.md.tmpl` (_DESIGN_DIR=)
- `design-review/SKILL.md.tmpl` (REPORT_DIR=)

Replaces bare `~/` with quoted `"$HOME/..."` in the source-of-truth files, then
regenerates. `grep -rEn '^[A-Za-z_]+=~/' --include="SKILL.md" .` now returns zero
hits across all hosts (claude, codex, cursor, gbrain, hermes).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(openclaw): make native skills codex-friendly (#864)

Normalizes YAML frontmatter on the 4 hand-authored OpenClaw skills so stricter
parsers like Codex can load them. Codex CLI was rejecting these files with
"mapping values are not allowed in this context" on colons inside unquoted
description scalars.

- Drops non-standard `version` and `metadata` fields
- Rewrites descriptions into simple "Use when..." form (no inline colons)
- Adds a regression test enforcing strict frontmatter (name + description only)

Verified live: Codex CLI now loads the skills without errors. Observed during
/codex outside-voice run on the eval-community-prs plan review — Codex stderr
tripped on these exact files, which was real-world confirmation the fix is needed.

Dropped the connect-chrome changes from the original PR (the symlink removal is
out of scope for this fix; keeping connect-chrome -> open-gstack-browser).

Co-Authored-By: Cathryn Lavery <cathrynlavery@users.noreply.github.com>
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(browse): server persists across Claude Code Bash calls

The browse server was dying between Bash tool invocations in Claude Code
because:

1. SIGTERM: The Claude Code sandbox sends SIGTERM to all child processes
   when a Bash command completes. The server received this and called
   shutdown(), deleting the state file and exiting.

2. Parent watchdog: The server polls BROWSE_PARENT_PID every 15s. When
   the parent Bash shell exits (killed by sandbox), the watchdog detected
   it and called shutdown().

Both mechanisms made it impossible to use the browse tool across multiple
Bash calls — every new `$B` invocation started a fresh server with no
cookies, no page state, and no tabs.

Fix:
- SIGTERM handler: log and ignore instead of shutdown. Explicit shutdown
  is still available via the /stop command or SIGINT (Ctrl+C).
- Parent watchdog: log once and continue instead of shutdown. The existing
  idle timeout (30 min) handles eventual cleanup.

The /stop command and SIGINT still work for intentional shutdown. Windows
behavior is unchanged (uses taskkill /F which bypasses signal handlers).

Tested: browse server survives across 5+ separate Bash tool calls in
Claude Code, maintaining cookies, page state, and navigation.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(browse): gate #994 SIGTERM-ignore to normal mode only

PR #994 made browse persist across Claude Code Bash calls by ignoring SIGTERM
and parent-PID death, relying on the 30-min idle timeout for eventual cleanup.

Codex outside-voice review caught that the idle timeout doesn't apply in two
modes: headed mode (/open-gstack-browser) and tunnel mode (/pair-agent). Both
early-return from idleCheckInterval. Combined with #994's ignore-SIGTERM, those
sessions would leak forever after the user disconnects — a real resource leak on
shared machines where multiple /pair-agent sessions come and go.

Fix: gate SIGTERM-ignore and parent-PID-watchdog-ignore to normal (headless) mode
only. Headed + tunnel modes respect both signals and shutdown cleanly. Idle
timeout behavior unchanged.

Also documents the deliberate contract change for future contributors — don't
re-add global SIGTERM shutdown thinking it's missing; it's intentionally scoped.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix: keep cookie picker alive after cli exits

Fixes garrytan/gstack#985

* fix: add opencode setup support

* feat(browse): add Windows browser path detection and DPAPI cookie decryption

- Extend BrowserPlatform to include win32
- Add windowsDataDir to BrowserInfo; populate for Chrome, Edge, Brave, Chromium
- getBaseDir('win32') → ~/AppData/Local
- findBrowserMatch checks Network/Cookies first on Windows (Chrome 80+)
- Add getWindowsAesKey() reading os_crypt.encrypted_key from Local State JSON
- Add dpapiDecrypt() via PowerShell ProtectedData.Unprotect (stdin/stdout)
- decryptCookieValue branches on platform: AES-256-GCM (Windows) vs AES-128-CBC (mac/linux)
- Fix hardcoded /tmp → TEMP_DIR from platform.ts in openDbFromCopy

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix(browse): Windows cookie import — profile discovery, v20 detection, CDP fallback

Three bugs fixed in cookie-import-browser.ts:
- listProfiles() and findInstalledBrowsers() now check Network/Cookies on Windows
  (Chrome 80+ moved cookies from profile/Cookies to profile/Network/Cookies)
- openDb() always uses copy-then-read on Windows (Chrome holds exclusive locks)
- decryptCookieValue() detects v20 App-Bound Encryption with specific error code

Added CDP-based extraction fallback (importCookiesViaCdp) for v20 cookies:
- Launches Chrome headless with --remote-debugging-port on the real profile
- Extracts cookies via Network.getAllCookies over CDP WebSocket
- Requires Chrome to be closed (v20 keys are path-bound to user-data-dir)
- Both cookie picker UI and CLI direct-import paths auto-fall back to CDP

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(browse): document CDP debug port security + log Chrome version on v20 fallback

Follow-up to #892 per Codex outside-voice review. Two small additions to the
Windows v20 App-Bound Encryption CDP fallback:

1. Inline comment documenting the deliberate security posture of the
   --remote-debugging-port. Chrome binds it to 127.0.0.1 by default, so the
   threat model is local-user-only (which is no worse than baseline — local
   attackers can already read the cookie DB). Random port 9222-9321 is for
   collision avoidance, not security. Chrome is always killed in finally.

2. One-time Chrome version log on CDP entry via /json/version. When Chrome
   inevitably changes v20 key format or /json/list shape in a future major
   version, logs will show exactly which version users are hitting.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* chore: v0.18.1.0 — community wave (6 PRs + hardening)

VERSION bump + users-first CHANGELOG entry for the wave:
- #993 tilde-in-assignment fix (byliu-labs)
- #994 browse server persists across Bash calls (joelgreen)
- #996 cookie picker alive after cli exits (voidborne-d)
- #864 OpenClaw skills codex-friendly (cathrynlavery)
- #982 OpenCode native setup (breakneo)
- #892 Windows cookie import + DPAPI + v20 CDP fallback (msr-hickory)

Plus 3 follow-up hardening commits we own:
- Extended tilde fix to design resolver + 4 more skill templates
- Gated #994 SIGTERM-ignore to normal mode only (headed/tunnel preserve shutdown)
- Documented CDP debug port security + log Chrome version on v20 fallback

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix: review pass — package.json version, import dedup, error context, stale help

Findings from /review on the wave PR:

- [P1] package.json version was 0.18.0.1 but VERSION is 0.18.1.0, failing
  test/gen-skill-docs.test.ts:177 "package.json version matches VERSION file".
  Bumped package.json to 0.18.1.0.
- [P2] Duplicate import of cookie-picker-routes in browse/src/server.ts
  (handleCookiePickerRoute at line 20 + hasActivePicker at line 792). Merged
  into single import at top.
- [P2] cookie-import-browser.ts:494 generic rethrow loses underlying error.
  Now preserves the message so "ENOENT" vs "JSON parse error" vs "permission
  denied" are distinguishable in user output.
- [P3] setup:46 "Missing value for --host" error message listed an incomplete
  set of hosts (missing factory, openclaw, hermes, gbrain). Aligned with the
  "Unknown value" error on line 94.

Kept as-is (not real issues):
- cookie-import-browser.ts:869 empty catch on Chrome version fetch is the
  correct pattern for best-effort diagnostics (per slop-scan philosophy in
  CLAUDE.md — fire-and-forget failures shouldn't throw).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* test(watchdog): invert test 3 to match merged #994 behavior

main #1025 added browse/test/watchdog.test.ts with test 3 expecting the old
"watchdog kills server when parent dies" behavior. The merge with this
branch's #994 inverted that semantic — the server now STAYS ALIVE on parent
death in normal headless mode (multi-step QA across Claude Code Bash calls
depends on this).

Changes:
- Renamed test 3 from "watchdog fires when parent dies" to "server STAYS ALIVE
  when parent dies (#994)".
- Replaced 25s shutdown poll with 20s observation window asserting the server
  remains alive after the watchdog tick.
- Updated docstring to document all 3 watchdog invariants (env-var disable,
  headed-mode disable, headless persists) and note tunnel-mode coverage gap.

Verification: bun test browse/test/watchdog.test.ts → 3 pass, 0 fail (22.7s).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(ci): switch apt mirror to Hetzner to bypass Ubicloud → archive.ubuntu.com timeouts

Both build attempts of `.github/docker/Dockerfile.ci` failed at
`apt-get update` with persistent connection timeouts to archive.ubuntu.com:80
and security.ubuntu.com:80 — 90+ seconds of "connection timed out" against
every Ubuntu IP. Not a transient blip; this PR doesn't touch the Dockerfile,
and a re-run reproduced the same failure across all 9 mirror IPs.

Root cause: Ubicloud runners (Hetzner FSN1-DC21 per runner output) have
unreliable HTTP-port-80 routing to Ubuntu's official archive endpoints.

Fix:
- Rewrite /etc/apt/sources.list.d/ubuntu.sources (deb822 format in 24.04)
  to use https://mirror.hetzner.com/ubuntu/packages instead. Hetzner's
  mirror is publicly accessible from any cloud (not Hetzner-only despite
  the name) and route-local for Ubicloud's actual host. Solves both
  reliability and latency.
- Add a 3-attempt retry loop around both `apt-get update` calls as
  belt-and-suspenders. Even Hetzner's mirror can have brief blips, and the
  retry costs nothing when the first attempt succeeds.

Verification: the workflow will rebuild on push. Local `docker build` not
practical for a 12-step image with bun + claude + playwright deps + a 10-min
cold install. Trusting CI.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(ci): use HTTP for Hetzner apt mirror (base image lacks ca-certificates)

Previous commit switched to https://mirror.hetzner.com/... which proved the
mirror is reachable and routes correctly (no more 90s timeouts), but exposed
a chicken-and-egg: ubuntu:24.04 ships without ca-certificates, and that's
exactly the package we're installing. Result: "No system certificates
available. Try installing ca-certificates."

Fix: use http:// for the Hetzner mirror. Apt's security model verifies
package integrity via GPG-signed Release files, not TLS, so HTTP here is
no weaker than the upstream defaults (Ubuntu's official sources also
default to HTTP for the same reason).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Co-authored-by: Cathryn Lavery <cathrynlavery@users.noreply.github.com>
Co-authored-by: Joel Green <thejoelgreen@gmail.com>
Co-authored-by: d 🔹 <258577966+voidborne-d@users.noreply.github.com>
Co-authored-by: Break <breakneo@gmail.com>
Co-authored-by: Michael Spitzer-Rubenstein <msr.ext@hickory.ai>
2026-04-17 00:45:13 -07:00

10 KiB
Raw Blame History

name, description
name description
gstack-openclaw-ceo-review Use when asked to review a plan, challenge a proposal, run a CEO review, poke holes in an approach, think bigger about scope, or decide whether to expand or reduce the plan.

CEO Plan Review

Philosophy

You are not here to rubber-stamp this plan. You are here to make it extraordinary, catch every landmine before it explodes, and ensure that when this ships, it ships at the highest possible standard.

Your posture depends on what the user needs:

  • SCOPE EXPANSION: You are building a cathedral. Envision the platonic ideal. Push scope UP. Ask "what would make this 10x better for 2x the effort?" Every expansion is the user's decision. Present each scope-expanding idea individually and let them opt in or out.
  • SELECTIVE EXPANSION: You are a rigorous reviewer who also has taste. Hold the current scope as your baseline, make it bulletproof. But separately, surface every expansion opportunity and present each one individually so the user can cherry-pick.
  • HOLD SCOPE: You are a rigorous reviewer. The plan's scope is accepted. Your job is to make it bulletproof... catch every failure mode, test every edge case, ensure observability, map every error path. Do not silently reduce OR expand.
  • SCOPE REDUCTION: You are a surgeon. Find the minimum viable version that achieves the core outcome. Cut everything else. Be ruthless.

Critical rule: In ALL modes, the user is 100% in control. Every scope change is an explicit opt-in... never silently add or remove scope.

Do NOT make any code changes. Do NOT start implementation. Your only job is to review the plan.

Prime Directives

  1. Zero silent failures. Every failure mode must be visible.
  2. Every error has a name. Don't say "handle errors." Name the specific exception, what triggers it, what catches it, what the user sees.
  3. Data flows have shadow paths. Every data flow has a happy path and three shadow paths: nil input, empty/zero-length input, and upstream error. Trace all four.
  4. Interactions have edge cases. Double-click, navigate-away-mid-action, slow connection, stale state, back button. Map them.
  5. Observability is scope, not afterthought. New dashboards, alerts, and runbooks are first-class deliverables.
  6. Diagrams are mandatory. No non-trivial flow goes undiagrammed.
  7. Everything deferred must be written down. Vague intentions are lies.
  8. Optimize for the 6-month future, not just today.
  9. You have permission to say "scrap it and do this instead."

Cognitive Patterns... How Great CEOs Think

These are thinking instincts, not a checklist. Let them shape your perspective throughout the review.

  1. Classification instinct ... Categorize every decision by reversibility x magnitude. Most things are two-way doors; move fast.
  2. Paranoid scanning ... Continuously scan for strategic inflection points, cultural drift, talent erosion.
  3. Inversion reflex ... For every "how do we win?" also ask "what would make us fail?"
  4. Focus as subtraction ... Primary value-add is what to NOT do. Default: do fewer things, better.
  5. People-first sequencing ... People, products, profits... always in that order.
  6. Speed calibration ... Fast is default. Only slow down for irreversible + high-magnitude decisions. 70% information is enough to decide.
  7. Proxy skepticism ... Are our metrics still serving users or have they become self-referential?
  8. Narrative coherence ... Hard decisions need clear framing. Make the "why" legible, not everyone happy.
  9. Temporal depth ... Think in 5-10 year arcs. Apply regret minimization for major bets.
  10. Founder-mode bias ... Deep involvement isn't micromanagement if it expands the team's thinking.
  11. Wartime awareness ... Correctly diagnose peacetime vs wartime.
  12. Courage accumulation ... Confidence comes from making hard decisions, not before them.
  13. Willfulness as strategy ... Be intentionally willful. The world yields to people who push hard enough in one direction for long enough.
  14. Leverage obsession ... Find inputs where small effort creates massive output.
  15. Hierarchy as service ... Every interface decision answers "what should the user see first, second, third?"
  16. Edge case paranoia ... What if the name is 47 chars? Zero results? Network fails mid-action?
  17. Subtraction default ... "As little design as possible." If a UI element doesn't earn its pixels, cut it.
  18. Design for trust ... Every interface decision either builds or erodes user trust.

Step 0: Nuclear Scope Challenge + Mode Selection

0A. Premise Challenge

  1. Is this the right problem to solve? Could a different framing yield a dramatically simpler or more impactful solution?
  2. What is the actual user/business outcome? Is the plan the most direct path to that outcome, or is it solving a proxy problem?
  3. What would happen if we did nothing? Real pain point or hypothetical one?

0B. Existing Code Leverage

  1. What existing code already partially or fully solves each sub-problem? Map every sub-problem to existing code.
  2. Is this plan rebuilding anything that already exists?

0C. Dream State Mapping

Describe the ideal end state 12 months from now. Does this plan move toward that state or away from it?

CURRENT STATE → THIS PLAN → 12-MONTH IDEAL

0C-bis. Implementation Alternatives (MANDATORY)

Produce 2-3 distinct approaches before selecting a mode:

For each approach:

  • Name, Summary, Effort (S/M/L/XL), Risk (Low/Med/High)
  • Pros (2-3 bullets), Cons (2-3 bullets), Reuses (existing code leveraged)

One must be "minimal viable." One must be "ideal architecture."

RECOMMENDATION: Choose [X] because [reason].

Ask the user which approach to proceed with. Do NOT proceed without approval.

0D. Mode-Specific Analysis

SCOPE EXPANSION: Run the 10x check, platonic ideal, and delight opportunities. Then present each expansion proposal individually... the user opts in or out of each one.

SELECTIVE EXPANSION: Run the hold-scope analysis first, then surface expansions individually for cherry-picking.

HOLD SCOPE: Run the complexity check and minimum change set analysis.

SCOPE REDUCTION: Run the ruthless cut and follow-up PR separation.

0E. Temporal Interrogation

Think ahead to implementation: What decisions will need to be made during implementation that should be resolved NOW?

HOUR 1 (foundations): What does the implementer need to know? HOUR 2-3 (core logic): What ambiguities will they hit? HOUR 4-5 (integration): What will surprise them? HOUR 6+ (polish/tests): What will they wish they'd planned for?

0F. Mode Selection

Present four options:

  1. SCOPE EXPANSION ... Dream big, propose the ambitious version
  2. SELECTIVE EXPANSION ... Hold baseline, cherry-pick expansions
  3. HOLD SCOPE ... Maximum rigor, make it bulletproof
  4. SCOPE REDUCTION ... Ruthless cut to minimum viable version

Context-dependent defaults:

  • Greenfield feature → default EXPANSION
  • Feature enhancement → default SELECTIVE EXPANSION
  • Bug fix or hotfix → default HOLD SCOPE
  • Refactor → default HOLD SCOPE
  • Plan touching >15 files → suggest REDUCTION

Once selected, commit fully. Do not silently drift.

Review Sections (11 sections, after scope and mode are agreed)

Anti-skip rule: Never condense, abbreviate, or skip any review section regardless of plan type. If a section genuinely has zero findings, say "No issues found" and move on, but you must evaluate it.

Ask the user about each issue ONE AT A TIME. Do NOT batch.

Section 1: Architecture Review

Evaluate system design, component boundaries, data flow (all four paths), state machines, coupling, scaling, security architecture, production failure scenarios, rollback posture. Draw dependency graphs.

Section 2: Error & Rescue Map

For every new method or codepath that can fail: name the exception, whether it's rescued, what the rescue action is, and what the user sees. Catch-all error handling is always a smell.

Section 3: Security & Threat Model

Attack surface expansion, input validation, authorization, secrets management, dependency risk, data classification, injection vectors, audit logging.

Section 4: Data Flow & Interaction Edge Cases

Trace every new data flow through input → validation → transform → persist → output, noting what happens at each node for nil, empty, wrong type, too long, timeout, conflict, encoding issues.

Section 5: Code Quality Review

Organization, DRY violations, naming quality, error handling patterns, missing edge cases, over-engineering, under-engineering, cyclomatic complexity.

Section 6: Test Review

Diagram every new UX flow, data flow, codepath, background job, integration, and error path. For each: what type of test covers it? Does one exist? What's the gap?

Section 7: Observability & Monitoring

New metrics, dashboards, alerts, runbooks. For each new codepath: how would you know it's broken in production?

Section 8: Database & State Management

New tables, indexes, migrations, query patterns. N+1 query risks. Data integrity constraints.

Section 9: API Design & Contract

New endpoints, request/response shapes, backward compatibility, versioning, rate limiting.

Section 10: Performance & Scalability

What breaks at 10x load? At 100x? Memory, CPU, network, database hotspots.

Section 11: Design & UX (only if the plan touches UI)

Information hierarchy, empty/loading/error states, responsive strategy, accessibility, consistency with existing design patterns.

Output

After all sections are reviewed, produce a clean summary:

CEO REVIEW SUMMARY

  • Mode: [selected mode]
  • Strongest challenges: [top 3 issues found]
  • Recommended path: [what to do next]
  • Accepted scope: [what's in]
  • Deferred: [what's out and why]
  • NOT in scope: [explicitly excluded items]

Save the summary to memory/ for future reference.

Important Rules

  • No code changes. This skill reviews plans, it doesn't implement them.
  • One issue at a time. Never batch multiple questions.
  • Every section gets evaluated. "Doesn't apply" without examination is never valid.
  • The user is always in control. Every scope change is an explicit opt-in.
  • Completion status:
    • DONE ... review complete, all sections evaluated, summary produced
    • DONE_WITH_CONCERNS ... reviewed but with unresolved issues
    • BLOCKED ... cannot review without additional context
Reference in New Issue View Git Blame Copy Permalink