Skip to content

Expose project provider skills in chat#3982

Open
jakeleventhal wants to merge 6 commits into
pingdotgg:mainfrom
jakeleventhal:t3code/share-grok-skill-discovery
Open

Expose project provider skills in chat#3982
jakeleventhal wants to merge 6 commits into
pingdotgg:mainfrom
jakeleventhal:t3code/share-grok-skill-discovery

Conversation

@jakeleventhal

@jakeleventhal jakeleventhal commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Summary

Screenshot 2026-07-14 at 10 40 42 PM Screenshot 2026-07-14 at 10 40 47 PM Screenshot 2026-07-14 at 10 41 18 PM Screenshot 2026-07-14 at 10 41 23 PM
  • add a provider-neutral, cwd-aware listSkills capability, RPC, client query, and composer pipeline
  • preserve snapshot fallback, disabled-provider handling, bounded probes, structured causes, keyed caching, and focus-safe chip metadata refreshes from Expose project Codex skills in chat #3901
  • discover Grok skills through its source of truth: grok --cwd <cwd> inspect --json
  • translate recognized enabled $skill references to Grok native /skill syntax only at the ACP boundary while retaining $skill in stored and rendered messages

This supersedes #3901. The replacement generalizes the project-skill feature across Codex and Grok without adding a second filesystem scanner or provider-specific web/RPC paths.

Validation

  • pnpm exec vp check
  • pnpm exec vp run typecheck
  • 89 focused provider, adapter, registry, composer-token, and skill-search tests
  • 104 contract and server tests
  • real-app Grok acceptance with a temporary project sentinel: cwd-aware menu discovery, cross-project invalidation, stable $skill chip storage, and successful native skill execution through ACP
  • real-app Codex $skill regression check

Note

Medium Risk
Touches provider drivers, WebSocket RPC, and Grok turn preparation (child processes, timeouts); Grok prompt rewriting is behavior-changing at the ACP boundary but scoped to recognized skill tokens.

Overview
Adds project-scoped provider skill discovery end-to-end: optional listSkills on provider instances, server.listProviderSkills RPC, registry delegation, and a composer path that loads skills when the $ menu is open with per-environment/instance/cwd caching and snapshot fallback only when discovery is unsupported.

Codex lists skills via an exported probeCodexAppServerProvider with includeModels: false and auth-probe timeout. Grok adds grok --cwd <cwd> inspect --json parsing (GrokSkillDiscovery) and, on send, rewrites enabled $skill tokens to /skill for ACP only (skipping env-var-shaped tokens like $PATH); model selection is committed before skill discovery so a discovery failure does not roll back a model switch.

The Lexical composer updates skill chip labels in place when metadata refreshes instead of rewriting editor state, avoiding focus loss during in-flight $ probes. collectComposerInlineTokens gains includeTrailingSkillToken for submitted prompts.

Reviewed by Cursor Bugbot for commit 917ea83. Bugbot is set up for automated code reviews on this repo. Configure here.

Note

[!NOTE]

Expose provider skills in the chat composer via a new server.listProviderSkills RPC endpoint

  • Adds a server.listProviderSkills WebSocket RPC endpoint that queries provider-specific skills for a given instance and working directory, returning a structured error when unsupported.
  • Implements listSkills on Codex and Grok provider drivers; Grok uses a new listGrokSkills utility that runs grok inspect --json with a 10s timeout.
  • Integrates skill discovery into the chat composer: skills are fetched when a skill trigger is active, cached per target key, and fall back to snapshot skills when discovery is unsupported.
  • Rewrites $skill tokens to /skill in Grok prompts when the discovered skill is enabled; all-uppercase tokens are excluded from discovery to avoid treating env vars as skills.
  • Updates the Lexical editor to refresh skill chip labels in-place when provider skill metadata changes, avoiding a full editor state rewrite and focus disruption.

Macroscope summarized 917ea83.

@coderabbitai

coderabbitai Bot commented Jul 15, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: abfec770-7ee9-4e31-a3fe-bfe05eb26036

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions github-actions Bot added vouch:unvouched PR author is not yet trusted in the VOUCHED list. size:XL 500-999 changed lines (additions + deletions). labels Jul 15, 2026
Comment thread apps/server/src/provider/Layers/GrokAdapter.ts
Comment thread apps/web/src/components/ComposerPromptEditor.tsx Outdated

@cursor cursor Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using high effort and found 2 potential issues.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 887c718. Configure here.

Comment thread apps/server/src/provider/Layers/GrokAdapter.ts
Comment thread apps/web/src/components/chat/ChatComposer.tsx
@macroscopeapp

macroscopeapp Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Approvability

Verdict: Needs human review

This PR introduces a new feature exposing project-aware provider skills in chat, including new RPC endpoints, skill discovery for Grok/Codex providers, and prompt rewriting logic. The scope and cross-cutting nature of these changes warrants human review.

You can customize Macroscope's approvability policy. Learn more.

@jakeleventhal
jakeleventhal marked this pull request as draft July 15, 2026 01:04
@jakeleventhal
jakeleventhal marked this pull request as ready for review July 15, 2026 01:41

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 917ea83630

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines +127 to +134
const commandResult = yield* spawnAndCollect(
binaryPath,
ChildProcess.make(spawnCommand.command, spawnCommand.args, {
cwd: input.cwd,
...(input.environment ? { env: input.environment } : {}),
shell: spawnCommand.shell,
}),
).pipe(

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Scope each Grok inspect probe

When grok inspect hangs or is interrupted, this spawn is only attached to whatever ambient Scope happens to be running the RPC/adapter call; GrokDriver.listSkills exposes it as a normal service method and does not create a per-call scope. In that case the 10s timeout can return an error while the child process remains tied to a longer-lived provider/server scope, so repeated $ menu opens or sends with $skill tokens can accumulate stuck grok inspect processes until shutdown. Wrap the spawned spawnAndCollect probe in its own Effect.scoped before applying the timeout.

Useful? React with 👍 / 👎.

Comment on lines +39 to +40
if (input.cachedSkills?.targetKey === input.targetKey) {
return input.cachedSkills.skills;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Avoid serving cached skills after discovery failures

When the current cwd-aware skill query fails (for example, grok inspect exits non-zero), discoveredSkills is null and discoveryUnsupported is false, so this branch still returns the previous successful cache for the same target. That makes the menu offer stale skills while the provider is currently unable to rediscover them; selecting one then sends a $skill token that Grok re-checks at send time and fails, blocking the turn instead of surfacing the discovery failure in the composer.

Useful? React with 👍 / 👎.

environmentId,
instanceId: selectedProviderStatus?.instanceId ?? null,
cwd: gitCwd,
enabled: composerTriggerKind === "skill",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Do not probe skills for env-var tokens

When the user types a shell/env-var token such as $PATH or $NODE_ENV, detectComposerTrigger still marks the token as a skill, so this enables server.listProviderSkills and spawns provider CLI probes even though the Grok send path explicitly filters uppercase env-var-style tokens. In prompts or docs involving env vars, merely placing the cursor after $PATH opens the skill menu and can run grok inspect; gate this query with the same env-var-style check or wait until the token can plausibly be a skill.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

size:XL 500-999 changed lines (additions + deletions). vouch:unvouched PR author is not yet trusted in the VOUCHED list.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant