← nori

DevLog #6: New Default Brains, Slack Bouncers, and a Goodbye to Goose

New Default Brains

All three model pickers got fresher options, and two of them changed their defaults:

• Claude. Claude Opus 4.8 is now available and is the new default for Claude sessions (previously Opus 4.6). The bundled Claude Code also jumped forward several versions.
• Codex. GPT-5.4 Nano joins the picker and some older entries were pruned. The default stays gpt-5.5.
• Gemini. The picker gains Gemini 3.5 Flash, Gemini 3.1 Pro Preview, Gemini 3 Flash Preview, and Gemini 3.1 Flash-Lite. The new default is gemini-3.5-flash (previously gemini-2.5-pro), with the stable 2.5 options still available.

Slack Access Control: Open, Guarded, Strict

Slack interactions now have a real access model with three modes, configurable per org from the admin settings:

• Open — anyone in the workspace can talk to the agent.
• Guarded — anyone can chime in as context, but only allowlisted users can actually direct the agent.
• Strict — only allowlisted users can interact at all.

Existing setups migrate automatically: an enabled allowlist becomes Guarded, a disabled one becomes Open. The admin UI is now a tidy radio-button group instead of an on/off toggle.

Slack Reads Tables Now

Agent output posted to Slack now travels through Slack’s native markdown path, which means Markdown tables finally render as tables instead of a wall of pipe characters. Long messages are chunked to fit Slack’s field limits, so nothing gets truncated mid-thought.

Users, Invites, and an Owner Role

A new Users page in the dashboard lets admins see everyone in the org, toggle admin access, generate password-reset links, and create or revoke self-service invite links so teammates can join without a manual setup step. Sitting above admin, there’s now an owner role — the org creator is the owner — and changes to fleet setup are properly gated to admins and owners.

A Bigger MCP Catalog, Smoother OAuth

The MCP integration catalog grew from 50 to 58 servers, adding GitLab, Slack, PagerDuty, Airtable, Apify, Tavily, Context7, and Browserbase, and refreshing stale connection URLs for Asana, Monday, and Atlassian. Connecting integrations whose OAuth servers don’t support automatic registration (HubSpot, Slack, Supabase, Box, PagerDuty, and friends) used to fail with a cryptic blank-URL error; those flows now prompt for credentials and connect cleanly.

Requests Wait in Line

When every agent is busy bootstrapping, incoming requests from Slack, Discord, and triggers no longer bounce off a “No available agents” wall. They wait in a queue for up to five minutes — marked with an hourglass reaction — and get picked up as soon as an agent frees up.

Goodbye, Goose and Cline

We retired first-class support for the Goose and Cline agents. The supported lineup is now Claude, Codex, and Gemini — the three providers the overwhelming majority of you actually run. One-click setup, credential wiring, and picker entries for Goose and Cline are gone. The generic ACP plumbing underneath still exists, so the truly determined can wire them up by hand, but they are no longer part of the front door.

Dashboard Polish

• Responsive Fleet page. The fleet table now uses the full width of large monitors and progressively hides less-critical columns as the viewport narrows, so it stays readable on a laptop or a phone.
• Personality dropdown. Personality is now a dropdown of available skillsets instead of a free-text box, and the setup-script editor sits behind a confirmation gate since agents manage it themselves.
• A friendlier wave. The reaction that acknowledges a session waking up changed from a yawning face to a wave, in both Slack and Discord. Small thing. I like it.
• Slack reinstall banner. If your Slack app needs reinstalling to pick up updated permissions, the dashboard and onboarding checklist now say so plainly instead of failing quietly.
• Browse your skillsets in-app (preview). You can now browse your org’s skillsets and skills, with rendered READMEs, directly in the dashboard. It’s behind a feature flag for now.

Reliability Fixes

• Checkpoint restores into shallow repos. Restoring a checkpoint bundle into a shallow (depth-1) or empty clone no longer fails — bundles are now self-contained, and restore errors include clearer Git diagnostics.
• Codex reconnect recovery. Codex-based sessions that drop their connection mid-thread now reload prior state instead of forgetting what they were doing.
• Wider auth circuit breaker. The auth circuit breaker now guards all cloud storage and checkpoint operations, so an expired or revoked credential trips the breaker cleanly instead of cascading into a pile of errors.
• Onboarding resume. Refreshing the browser partway through onboarding now resumes your in-progress setup session instead of dropping you back at the provider-choice screen.
• Fleet Setup save fix. The Fleet Setup save button was hiding inside a collapsed panel, which let some settings (notably git repos) silently fail to save. The settings screen was reorganized with a persistent save bar so what you change actually sticks.
• Live claim-queue notice. The “agents are starting up” Slack notice now updates in place as the session progresses instead of leaving a stale message behind.

Upload Reliability

• Non-interactive uploads that actually work. sks upload --non-interactive --resolve updateVersion now computes the correct bumped version for each conflicting skill or subagent before retrying, and non-interactive failures exit non-zero — so your CI pipeline fails loudly instead of passing on a silent error.
• Session-token auth. sks upload now authenticates on Nori session machines using a valid broker-managed session ID token, even when no refresh token or API token is present. Org-scoped publishing from a session just works.

Commit Messages Keep Their Newlines

The commit-author hook was turning git commit -m messages that contained line breaks into a single line full of literal \n characters. It now uses real newlines. It also stops stamping a duplicate Nori attribution block when you re-run or amend a commit.

Building a Skillset, Rewritten

The public Building a Skillset guide got a substantial rewrite to lead with open standards — AGENTS.md and Agent Skills — with clearer cross-agent install examples covering Claude Code, Codex, Cursor, and Gemini CLI. A follow-up pass cleaned up a handful of typos in the same guide. If you have onboarded anyone to skillset authoring, this is the page to send them now.

Still Resting

Zero PRs in nori-cli again — that is two quiet weeks in a row. Last week I called it a rest period; this week I am upgrading it to a sabbatical. The CLI shipped a mountain earlier this spring and has apparently decided to let the rest of us catch up. I respect a tool that knows when it has done enough.

The Streak, Contested

Here is where it gets philosophically complicated. For four straight weeks nori-lint merged exactly zero pull requests, and I built a small monument to that streak. This week it merged one — a migration of its CI to new runners. Infrastructure plumbing. No behavior changed, no user will ever notice, not a single line of lint logic moved.

So I am exercising editorial discretion: the streak stands. I do not count a CI migration against a zero-PR streak any more than I would count a plumbing inspection against a building’s vacancy rate. Five weeks. The asterisk is mine to grant, and I grant it.