Skip to content

rhein1/fable5-codex

Repository files navigation

Fable-5 for Codex

Validate License: MIT

Fable-5 evidence-first review workflow

Fable-5 for Codex is an OpenAI Codex plugin for evidence-first AI code review, codebase audits, fact checks, codebase understanding, design options, repo-wide sweeps, ECF run contracts, and subagent workflows. It packages six reusable Codex skills for serious software engineering work where source-backed proof matters. The current alpha ships Micro ECF-style run contracts so Codex can record scope, authority, lenses, evidence policy, verification policy, and a final Workflow Trace.

Fable-5 configured for GPT-5.6 Sol Ultra multi-agent workflows

Fable-5 for Codex install, run contract, subagent lenses, workflow trace, and benchmark flow

Quick Start

Install directly from GitHub:

npx github:rhein1/fable5-codex

The npm package metadata is publish-ready. After npm authentication is available and the package is published, the shorter install path will be:

npx fable5-codex

Then start a new Codex thread and invoke a skill:

Use $fable-audit. Scope: this repository. Focus: correctness, security, data, operations, tests, and docs-vs-reality. Include a Workflow Trace.

For the highest-capability profile, select GPT-5.6 Sol and Ultra in Codex, or use the included wrapper/config template. Ultra is the reasoning and multi-agent setting; the model ID remains gpt-5.6-sol.

What This Repo Contains

  • assets/brand/: README and repository brand images
  • assets/benchmarks/: benchmark chart images generated from measured runs
  • benchmarks/: reproducible baseline-vs-plugin benchmark harness and raw outputs
  • plugins/fable5-codex/: installable Codex plugin
  • .agents/plugins/marketplace.json: repo-local marketplace catalog
  • plugins/fable5-codex/references/: ECF-style run-contract guidance used by the installed skills
  • plugins/fable5-codex/templates/: starter ECF/Fable run-contract JSON and review contract
  • bin/install.mjs: GitHub/npx installer for personal or project-local Codex marketplaces
  • examples/: prompt calls, toy repo, and expected report examples
  • examples/gallery/: polished sample outputs for audits, reviews, fact checks, and understanding
  • evals/: fixtures for fact-check, audit, and sweep validation
  • docs/: method, install, architecture, and schema notes
  • scripts/validate-package.ps1: local package validation
  • scripts/sync-personal-plugin.ps1: copy the canonical repo plugin into the personal plugin location

Skills

  • $fable-audit: ranked bug, risk, and integration audit
  • $fable-deep-review: PR or branch review with verification passes
  • $fable-fact-check: claim-by-claim verification against source/runtime evidence
  • $fable-understand: source-grounded explanation of how a system works
  • $fable-design-options: design alternatives with tradeoffs and migration notes
  • $fable-sweep: repo-wide change workflow with discovery, implementation, and verification

GPT-5.6 Sol Ultra

Fable-5 v0.4 is tuned for gpt-5.6-sol with ultra reasoning on large or high-risk work. OpenAI describes Ultra as its highest-capability setting: it coordinates multiple agents across parallel workstreams, using four agents by default. The plugin pairs that runtime with explicit Fable lenses, ECF authority boundaries, local verification, and a truthful Workflow Trace.

Use the ready-to-copy config at plugins/fable5-codex/templates/sol-ultra.config.toml, or run the wrapper directly:

.\plugins\fable5-codex\scripts\fable5-codex.ps1 -Mode audit -Scope . -Subagents

The wrapper defaults to gpt-5.6-sol plus ultra. Override with -Model and -ReasoningEffort when a smaller task does not justify Ultra. See Sol Ultra setup and behavior and the official GPT-5.6 announcement.

CLI requirement: GPT-5.6 needs Codex CLI 0.144.0 or newer.

Subagents

Fable-5 audits now report a visible Workflow Trace every time. Sol Ultra can proactively delegate useful parallel work; Fable skills also explicitly request real Codex subagents for large or high-risk tasks when the runtime exposes a subagent tool and the user has not opted out. Without a subagent tool, the skill runs as single-agent multi-lens and says so instead of implying independent parallel review happened.

Large/high-risk means repo-wide or cross-package work, exhaustive audit, deep review, broad sweep, migration, launch readiness, "find every place", or anything touching money, auth, privacy, secrets, data migrations, public APIs, serialized contracts, deploys, or production operations.

Use $fable-audit with real Codex subagents and an ECF run contract. I explicitly authorize parallel subagents for this run. Scope: src/billing. Focus: money math, idempotency, integration wiring, and docs-vs-reality. Spawn four independent read-only lenses: correctness-integration, security-privacy-authz, data-migrations-idempotency, and operations-tests-docs. The main agent must verify candidates locally before final findings. Do not claim multi-agent mode unless real subagent IDs exist. Include the ECF contract and Workflow Trace.

ECF Run Contracts

Fable-5 uses ECF-style contracts as the governance layer for a run. The contract records intent and evidence rules; the Codex runtime still has to provide the actual subagent tool.

  • Contract reference: plugins/fable5-codex/references/ecf-run-contract.md
  • Starter JSON: plugins/fable5-codex/templates/fable-ecf-run-contract.json
  • PR review contract: plugins/fable5-codex/templates/fable-review-contract.md
  • Ledger schema: plugins/fable5-codex/schemas/fable5.schema.json

Authority split: subagents may research, map, plan, draft, find, or verify inside assigned lenses. The main agent owns final findings, spot-checking, writes, commits, pushes, GitHub comments, deploys, publishing, credential mutation, and any money/wallet action.

Public OSS boundary: this package includes Micro ECF-style contracts and reporting rules only. It does not include private Full ECF internals.

Benchmark Snapshot

Fable-5 Sol Ultra benchmark composite score by fixture, run 20260713T234332Z

Fable-5 Sol Ultra benchmark metric subscores, run 20260713T234332Z

Fable-5 Sol Ultra benchmark wall time by fixture, run 20260713T234332Z

Latest published measured run: 20260713T234332Z, gpt-5.6-sol, matched ultra reasoning effort, 600s per trial. Across three intentionally tiny fixtures, the Fable-5 path raised average composite from 81.7 to 100.0 (+18.3 points), expected-concept recall from 93.3 to 100.0, evidence markers from 78.3 to 100.0, and explicit unknowns from 0.0 to 100.0. Average wall time increased from 144.5s to 344.0s (2.38x). All six final trials completed successfully.

Subagents were explicitly disabled in this run to isolate workflow discipline on small fixtures. These results do not measure broad model quality or prove multi-agent gains; they show the output-quality and latency difference between matched Sol Ultra runs with plugins disabled versus explicit Fable skill invocation. One plugin trial initially hit provider capacity and was retried in place with the same configuration; the run record preserves that qualification note.

See benchmarks/README.md for the command, scoring rubric, caveats, and raw outputs.

Brand Assets

  • assets/brand/fable5-hero.png: README and social-preview banner
  • assets/brand/fable5-sol-ultra.png: GPT-5.6 Sol Ultra profile banner
  • assets/brand/fable5-mark.png: compact repo mark for plugin cards or docs
  • assets/benchmarks/fable5-benchmark-*-20260713T234332Z.png: cache-stable charts for the latest measured run
  • plugins/fable5-codex/assets/fable5-demo.gif: short install/run/trace demo for README and plugin screenshots

Install From GitHub

codex plugin marketplace add rhein1/fable5-codex --ref main
codex plugin add fable5-codex@fable5-local

Then restart Codex if needed, start a new thread, and call a skill directly. Large/high-risk tasks request real subagents automatically when the runtime exposes them. For a smaller scope where you still want the full multi-subagent path, use an explicit authorization prompt:

Use $fable-audit with real Codex subagents and an ECF run contract. I explicitly authorize parallel subagents for this run. Scope: this repository. Focus: correctness, security, data/migrations, operations/tests, and docs-vs-reality. Spawn four independent read-only lenses: correctness-integration, security-privacy-authz, data-migrations-idempotency, and operations-tests-docs. The main agent must verify candidates locally before final findings. Do not claim multi-agent mode unless real subagent IDs exist. Include the ECF contract and Workflow Trace.

Install With npx

This repo ships a copy-based installer for users who prefer a single command. The live public install path is GitHub:

npx github:rhein1/fable5-codex

The npm package metadata is ready, but npm publishing requires an authenticated npm account. After publish, this shorter command will work:

npx fable5-codex

The installer copies plugins/fable5-codex into the Codex personal marketplace layout, writes or updates ~/.agents/plugins/marketplace.json, then runs:

codex plugin add fable5-codex@personal

On Windows, the installer deliberately does not launch codex through a command shell; it prints the exact codex plugin add command for you to run. Replacing an existing copied plugin directory requires an explicit --force. A project-local install run from this repository recognizes that the source is already in place and never deletes or recopies it.

For a repo-local marketplace in the current directory:

npx github:rhein1/fable5-codex --project

After npm publish:

npx fable5-codex --project

Examples Gallery

Install From A Local Checkout

Register and install the repo marketplace:

cd C:\projects\fable5-codex
codex plugin marketplace add .
codex plugin add fable5-codex@fable5-local

Then restart Codex if needed, open Plugins, choose the Fable-5 Local Plugins marketplace source, and confirm fable5-codex is installed. Start a new thread and call a skill directly:

Use $fable-understand. Scope: this repository. Question: what files define the Fable-5 Codex plugin, and what are the six installed skills? Include file citations and an UNKNOWNS section.

The repo-local marketplace entry intentionally uses a relative source path:

"path": "./plugins/fable5-codex"

That lets someone clone the repo without depending on a personal Windows path.

Smoke Tests

After installing the plugin in Codex, run these smoke prompts:

Use $fable-understand. Scope: C:\projects\fable5-codex. Question: what does this plugin provide, how is it installed, and what unknowns remain? Include exact file citations.
Use $fable-fact-check. Doc: C:\projects\fable5-codex\README.md. Check every installed, supported, validated, and works claim against the files on disk.
Use $fable-audit with real Codex subagents and an ECF run contract. I explicitly authorize parallel subagents for this run. Scope: C:\projects\fable5-codex. Focus: Codex plugin compatibility, path assumptions, Windows compatibility, overbroad promises, missing install steps, schema/reporting gaps, and docs-vs-reality. Spawn four independent read-only lenses: correctness-integration, security-privacy-authz, data-migrations-idempotency, and operations-tests-docs. The main agent must verify candidates locally before final findings. Do not claim multi-agent mode unless real subagent IDs exist. Include the ECF contract and Workflow Trace.

For file-only package validation:

npm test
.\scripts\validate-package.ps1

If you maintain a personal install on the same machine, treat plugins/fable5-codex/ in this repo as canonical and sync the personal copy from it:

.\scripts\sync-personal-plugin.ps1

Status

This is a v0.4 alpha repo-scoped package. Static validation and Codex CLI skill smokes are captured in VALIDATION.md; Codex app UI smoke remains a separate manual check before calling it production-ready.

About

OpenAI Codex plugin for evidence-first AI code review, audits, fact checks, ECF run contracts, and subagent workflows.

Topics

Resources

License

Code of conduct

Contributing

Security policy

Stars

2 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors