0.1.2

Author: xiaowuc1

.github/workflows/plugin-sanity.yml

@@ -0,0 +1,104 @@
+name: Plugin sanity
+
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  sanity:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Validate Codex plugin package
+        run: |
+          python - <<'PY'
+          import json
+          import re
+          from pathlib import Path
+
+          root = Path.cwd()
+
+          def fail(message: str) -> None:
+              raise SystemExit(message)
+
+          def load_json(path: Path) -> dict:
+              try:
+                  return json.loads(path.read_text(encoding="utf-8"))
+              except Exception as exc:
+                  fail(f"{path} is not valid JSON: {exc}")
+
+          marketplace = load_json(root / ".agents" / "plugins" / "marketplace.json")
+          entries = marketplace.get("plugins")
+          if not isinstance(entries, list):
+              fail("marketplace plugins must be a list")
+
+          docent_entries = [entry for entry in entries if entry.get("name") == "docent"]
+          if len(docent_entries) != 1:
+              fail("marketplace must contain exactly one docent plugin entry")
+
+          source = docent_entries[0].get("source")
+          if not isinstance(source, dict) or source.get("source") != "local":
+              fail("docent marketplace source must be local")
+          plugin_dir = root / source.get("path", "")
+          if not plugin_dir.is_dir():
+              fail(f"marketplace source path does not exist: {plugin_dir}")
+
+          manifest = load_json(plugin_dir / ".codex-plugin" / "plugin.json")
+          if manifest.get("name") != "docent":
+              fail("plugin manifest name must be docent")
+
+          version = manifest.get("version")
+          if not isinstance(version, str) or not re.fullmatch(r"\d+\.\d+\.\d+", version):
+              fail("plugin manifest version must be plain major.minor.patch")
+          if manifest.get("skills") != "./skills/":
+              fail("plugin manifest skills must point to ./skills/")
+          if manifest.get("mcpServers") != "./.mcp.json":
+              fail("plugin manifest mcpServers must point to ./.mcp.json")
+
+          required_files = [
+              ".codex-plugin/plugin.json",
+              ".mcp.json",
+              "skills/docent/SKILL.md",
+              "skills/docent/analysis.md",
+              "skills/docent/dql-reference.md",
+              "skills/docent/ingestion-reference.md",
+              "skills/docent/ingestion.md",
+              "skills/docent/readings-reference.md",
+              "skills/docent/report.md",
+          ]
+          for rel_path in required_files:
+              path = plugin_dir / rel_path
+              if not path.is_file():
+                  fail(f"required plugin file is missing: {rel_path}")
+              if path.suffix == ".md" and not path.read_text(encoding="utf-8").strip():
+                  fail(f"markdown file is empty: {rel_path}")
+
+          mcp = load_json(plugin_dir / ".mcp.json")
+          server = mcp.get("mcpServers", {}).get("docent")
+          if not isinstance(server, dict):
+              fail(".mcp.json must define mcpServers.docent")
+          if server.get("type") != "stdio" or server.get("command") != "uv":
+              fail("docent MCP server must run as uv stdio")
+          args = server.get("args")
+          if not isinstance(args, list) or "--from" not in args:
+              fail("docent MCP server args must include --from")
+          package = args[args.index("--from") + 1]
+          if package != "docent-python>=0.1.73":
+              fail("docent MCP server must require docent-python>=0.1.73")
+
+          forbidden_names = {".mcp.local.json", "docent.env"}
+          for path in plugin_dir.rglob("*"):
+              if path.name in forbidden_names or path.name.startswith("docent.env."):
+                  fail(f"local credential/config file must not be published: {path}")
+
+          print("Codex plugin sanity checks passed")
+          PY

plugins/docent/.codex-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "docent",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "description": "Docent AI analysis tools for Codex.",
   "author": {
     "name": "Transluce",

plugins/docent/.mcp.json

@@ -3,7 +3,7 @@
     "docent": {
       "type": "stdio",
       "command": "uv",
-      "args": ["tool", "run", "--from", "docent-python", "docent-mcp"]
+      "args": ["tool", "run", "--from", "docent-python>=0.1.73", "docent-mcp"]
     }
   }
 }

plugins/docent/skills/docent/SKILL.md

@@ -17,5 +17,5 @@ This is the root skill for all Docent work. This file is just a table of content
 - For the Readings API (`client.read`, `client.query`, batching, prompts, clustering): `./readings-reference.md`
 - For DQL syntax, schemas, quirks, and example queries: `./dql-reference.md`
 - For the reports API: `./report.md` (only if the user explicitly asks for a report)
-- For ingestion-side data-model and conversion examples: the reference and pattern sections in `./ingestion.md`
+- For ingestion-side data-model and conversion examples: `./ingestion-reference.md`
 - SDK reference is available by visiting [our online documentation](https://docs.transluce.org/llms.txt)

plugins/docent/skills/docent/analysis.md

@@ -64,11 +64,11 @@ client = Docent.from_url("https://docent.transluce.org/dashboard/668354d8-...")
 ```
 This parses the domain and collection ID from the URL automatically.
 
-The Docent SDK can be configured by a docent.env file in the working directory. The SDK will automatically discover and load a docent.env file if it exists. You do not need to explicitly source docent.env. Config files may use INI-style `[section]` headers for multi-profile support; select a profile with `Docent(profile="my-profile")` or the `DOCENT_PROFILE` environment variable.
+The Docent SDK can be configured by a `docent.env` file. The SDK searches from the current working directory upward through parent directories, then falls back to `~/.docent/docent.env` if no local file exists. You do not need to explicitly source `docent.env`. Config files may use INI-style `[section]` headers for multi-profile support; select a profile with `Docent(profile="my-profile")` or the `DOCENT_PROFILE` environment variable.
 
 If you're not sure what collection the user is talking about:
 * If the user provides a Docent dashboard URL (e.g., `https://docent.transluce.org/dashboard/668354d8-...`), use `Docent.from_url()` or extract the collection ID from the last path segment (the UUID).
-* Otherwise, check the `docent.env` file in the working directory for `DOCENT_COLLECTION_ID`.
+* Otherwise, check the SDK-discovered `docent.env` file for `DOCENT_COLLECTION_ID`.
 * If neither is available, ask the user to paste the collection UUID.
 
 The main Docent deployment lives at https://docent.transluce.org but the user may connect a different deployment by overriding DOCENT_FRONTEND_URL in docent.env. The Docent SDK will print out the frontend URL when it is initialized, e.g. `Authenticating Docent client with frontend_url='https://docent.transluce.org'`. If you see a different frontend URL, use that URL in place of `https://docent.transluce.org` for any links.
@@ -80,7 +80,7 @@ If you run into any issues or unexpected behavior with the Docent platform, paus
 * If authentication fails (HTTP 401) or no API key is configured, walk the user through setup:
   1. Open the API keys page for them: `open https://docent.transluce.org/settings/api-keys` (macOS) or `xdg-open https://docent.transluce.org/settings/api-keys` (Linux).
   2. Ask them to create a new API key (it will start with `dk_`).
-  3. Write the key to a `docent.env` file in the working directory: `DOCENT_API_KEY=dk_...` (plus `DOCENT_API_URL` and `DOCENT_FRONTEND_URL` if not using the default instance).
+  3. Write the key to a local `docent.env` file or `~/.docent/docent.env`: `DOCENT_API_KEY=dk_...` (plus `DOCENT_API_URL` and `DOCENT_FRONTEND_URL` if not using the default instance).
   4. Verify connectivity by constructing a `Docent()` client — the constructor validates the API key automatically.
 * If the SDK does not match what's documented here, check whether the SDK is up to date.
 * If the Docent MCP server is available but doesn't match the tools documented here, check whether the MCP server needs an upgrade (`uv tool upgrade docent`). If an upgrade was needed, ask the user to restart the session or MCP server.
@@ -322,7 +322,7 @@ ORDER BY cnt DESC
 
 These are specific rules that follow from the principles above. They apply throughout the analysis:
 
-* **Never present opaque Python computation as analysis results.** Orientation queries (Step 1) are for *your* understanding and can use `execute_dql()` and local Python. But once you move past orientation into actual analysis (Step 3), findings must go through Docent's inspectable pipeline — DQL query steps visible in the UI and LLM analyses with citable evidence. If the user's question requires categorization, comparison, or synthesis, use Docent analyses, not a Python script that outputs a table. The user has no way to verify, inspect, or drill into results that come from opaque code. Metadata aggregations via DQL are acceptable as supporting context (e.g., counts, averages), but the analytical conclusions should come from inspectable analyses the user can review in the Docent UI.
+* **Never present opaque Python computation as analysis results.** Orientation queries (Step 1) are for *your* understanding and can use `execute_dql()` and local Python. But once you move past orientation into actual analysis (Step 3), findings must go through Docent's inspectable pipeline — DQL query steps visible in the UI and analysis-plan readings with citable evidence. If the user's question requires categorization, comparison, or synthesis, use Docent analyses, not a Python script that outputs a table. The user has no way to verify, inspect, or drill into results that come from opaque code. Metadata aggregations via DQL are acceptable as supporting context (e.g., counts, averages), but the analytical conclusions should come from inspectable analyses the user can review in the Docent UI.
 * **Don't fall back to manual synthesis when an analysis step fails.** If a synthesis step fails (e.g., context overflow), fix the analysis design (batch it, sample it, use structured aggregation) and re-submit. Do not absorb the synthesis work into opaque Python scripts or agent-side summarization — this defeats the core value of Docent's inspectable, citable analysis. If you must do agent-side aggregation as a stopgap (e.g., counting structured output fields via a query), explicitly flag to the user that this step is not inspectable in the Docent UI and offer to re-run it properly.
 * If the user asks you to "read the agent runs", "summarize 10 transcripts", "classify the results", or similar, that not mean that you (the coding agent) should do so directly. Prefer to do this in an analysis plan using readings.
 * **Be transparent about reused work.** This has two parts:

plugins/docent/skills/docent/dql-reference.md

@@ -44,7 +44,6 @@ raw_rows = client.dql_result_to_dicts(result)
 | `transcripts` | Individual transcripts tied to an agent run; stores serialized messages and per-transcript metadata. |
 | `transcript_groups` | Hierarchical groupings of transcripts for runs. |
 | `judge_results` | Scored rubric outputs keyed by agent run and rubric version. |
-| `results` | Individual LLM analysis results from result sets. |
 | `readings` | Reading definitions (template or scripted LLM analysis). |
 | `reading_results` | Results from running readings. |
 | `reading_result_links` | Junction table linking readings to their results. |
@@ -288,7 +287,7 @@ LIMIT 50;
 - **Single statement**: Batches or multiple statements are rejected.
 - **Explicit projection**: Wildcard projections (`*`) are disallowed. List the columns you need.
 - **Collection scoping**: A single query can only access data within a single collection.
-- **Limit enforcement**: Every query is capped at 10,000 rows. Use pagination (`OFFSET`/`LIMIT`) for larger result sets.
+- **Limit enforcement**: Every query is capped at 10,000 rows. Use pagination (`OFFSET`/`LIMIT`) for larger row collections.
 - **JSON performance**: Heavy JSON traversal across large collections can be slow. Prefer top-level fields when available.
 - **Type awareness**: Cast values explicitly when precision matters.