skills/autonomous-ai-agents/kimi-code/SKILL.md

---
name: kimi-code
description: Delegate coding tasks to Kimi Code CLI (Moonshot). Non-interactive print mode for automation. Subscription-based OAuth. kimi-k2.5 under the hood.
version: 1.0.0
author: Hermes Agent
license: MIT
metadata:
  hermes:
    tags: [Coding-Agent, Kimi, Moonshot, K2.5, Automation]
    related_skills: [claude-code, codex, hermes-agent]
    force: true
---

# Kimi Code CLI

Delegate coding tasks to Kimi Code CLI via the Hermes terminal. Powered by kimi-k2.5 with 262K context. OAuth subscription — no API key needed.

## Prerequisites

- Kimi CLI installed (check `which kimi`)
- Logged in: `kimi login`
- Config at `~/.kimi/config.toml`

## Session Persistence (ALWAYS USE)

Kimi scans the entire codebase on first run. Reuse sessions to keep context warm:

```
# First task in a worktree — creates session, caches codebase
terminal(command="kimi --print --session worktree-148 -p 'Fix the XSS vulnerability'", workdir="~/worktrees/kimi-148", timeout=300)

# Subsequent tasks — context is cached, much faster
terminal(command="kimi --print --continue --session worktree-148 -p 'Now fix the CSRF issue'", workdir="~/worktrees/kimi-148", timeout=180)
```

**NEVER run Kimi without --session on large codebases.** First run takes 2-5 min.
Subsequent runs in same session take 30-90s.

## One-Shot Tasks (only for tiny repos or quick questions)

```
terminal(command="kimi --print -p 'Fix the XSS vulnerability in swarm_live.html by sanitizing innerHTML'", workdir="~/project", timeout=120)
```

Quiet mode (final answer only, no tool traces):
```
terminal(command="kimi --quiet -p 'Give me a git commit message for the current changes'", workdir="~/project", timeout=60)
```

## Key Flags

| Flag | Effect |
|------|--------|
| `--print` | Non-interactive mode, exits after executing |
| `-p "prompt"` | Pass the instruction (also `-c`) |
| `--quiet` | Shortcut for --print --output-format text --final-message-only |
| `--yolo` | Auto-approve all operations (implicit in --print) |
| `-w DIR` | Set working directory |
| `--output-format stream-json` | JSONL output for programmatic parsing |
| `--final-message-only` | Only output the final assistant message |

## Background Mode (Long Tasks)

```
# Start in background
terminal(command="kimi --print -p 'Refactor the auth module to use JWT'", workdir="~/project", background=true, timeout=300)
# Returns session_id

# Monitor
process(action="poll", session_id="<id>")
process(action="wait", session_id="<id>", timeout=300)
```

## Parallel Work with Git Worktrees

```
# Create worktrees for parallel tasks
terminal(command="git worktree add -b fix/issue-47 /tmp/timmy-47 main", workdir="~/project")
terminal(command="git worktree add -b fix/issue-25 /tmp/timmy-25 main", workdir="~/project")

# Fire off Kimi in each (background)
terminal(command="kimi --print -p 'Fix XSS in swarm_live.html. Commit when done.'", workdir="/tmp/timmy-47", background=true, timeout=180)
terminal(command="kimi --print -p 'Fix bare excepts in src/. Commit when done.'", workdir="/tmp/timmy-25", background=true, timeout=180)

# Monitor both
process(action="list")
process(action="wait", session_id="<id1>", timeout=180)
```

## Rules

1. **Use `--print` for automation** — default mode is interactive and blocks
2. **No PTY needed** — unlike Codex, print mode works without a pseudo-terminal
3. **OAuth-based** — subscription, not API key. Must be logged in via `kimi login`
4. **262K context** — kimi-k2.5 has huge context, good for large codebase tasks
5. **Background for long tasks** — use `background=true` + `process(action="wait")`
6. **Parallel is fine** — run multiple Kimi processes across worktrees
7. **Set timeout generously** — Kimi can take 1-3 minutes for complex tasks

## Branch & Convention Safety (MANDATORY in every Kimi prompt)

Kimi WILL push to main and run bare pytest if you don't tell it not to.
Always include these constraints in EVERY Kimi prompt — copy verbatim,
replacing {BRANCH} with the actual branch name:

```
GIT RULES — NON-NEGOTIABLE:
- You are on branch '{BRANCH}'. Stay on it.
- Do NOT checkout, merge, rebase, or push to main.
- Commit your changes to THIS branch only.
- Do NOT run 'git push'. The orchestrator handles pushing and PRs.
- If tests fail, fix them here. Do not switch branches.

TESTING:
- Run tests with: tox -e unit
- Do NOT run pytest directly. Always use tox.
- Do NOT modify tox.ini, pyproject.toml, or CI config.

CODE STYLE:
- Ruff handles formatting. Do not manually format.
- Run 'tox -e format' if you need to auto-fix style.
- Follow existing patterns in the codebase.
- No cloud dependencies. All AI runs on localhost via Ollama.
- Never use innerHTML with untrusted content (XSS).
- Never hardcode secrets. Use config.settings.
```

WHY: On 2026-03-14, Kimi pushed a broken commit directly to main because
the prompt said "Commit when done" without branch constraints. This broke
all active worktrees. Branch protection is now enforced on Gitea, but the
prompt must also be explicit — defense in depth.
update: kimi-code skill, fallback chain → groq kimi-k2 2026-03-14 15:09:28 -04:00			`---`
			`name: kimi-code`
			`description: Delegate coding tasks to Kimi Code CLI (Moonshot). Non-interactive print mode for automation. Subscription-based OAuth. kimi-k2.5 under the hood.`
			`version: 1.0.0`
			`author: Hermes Agent`
			`license: MIT`
			`metadata:`
			`hermes:`
			`tags: [Coding-Agent, Kimi, Moonshot, K2.5, Automation]`
			`related_skills: [claude-code, codex, hermes-agent]`
			`force: true`
			`---`

			`# Kimi Code CLI`

			`Delegate coding tasks to Kimi Code CLI via the Hermes terminal. Powered by kimi-k2.5 with 262K context. OAuth subscription — no API key needed.`

			`## Prerequisites`

			- Kimi CLI installed (check `which kimi`)
			- Logged in: `kimi login`
			- Config at `~/.kimi/config.toml`

feat: update kimi-code skill with session persistence, file arch refactor issues #164-#170 2026-03-15 11:38:17 -04:00			`## Session Persistence (ALWAYS USE)`

			`Kimi scans the entire codebase on first run. Reuse sessions to keep context warm:`

			```
			`# First task in a worktree — creates session, caches codebase`
			`terminal(command="kimi --print --session worktree-148 -p 'Fix the XSS vulnerability'", workdir="~/worktrees/kimi-148", timeout=300)`

			`# Subsequent tasks — context is cached, much faster`
			`terminal(command="kimi --print --continue --session worktree-148 -p 'Now fix the CSRF issue'", workdir="~/worktrees/kimi-148", timeout=180)`
			```

			`NEVER run Kimi without --session on large codebases. First run takes 2-5 min.`
			`Subsequent runs in same session take 30-90s.`

			`## One-Shot Tasks (only for tiny repos or quick questions)`
update: kimi-code skill, fallback chain → groq kimi-k2 2026-03-14 15:09:28 -04:00
			```
			`terminal(command="kimi --print -p 'Fix the XSS vulnerability in swarm_live.html by sanitizing innerHTML'", workdir="~/project", timeout=120)`
			```

			`Quiet mode (final answer only, no tool traces):`
			```
			`terminal(command="kimi --quiet -p 'Give me a git commit message for the current changes'", workdir="~/project", timeout=60)`
			```

			`## Key Flags`

			`\| Flag \| Effect \|`
			`\|------\|--------\|`
			\| `--print` \| Non-interactive mode, exits after executing \|
			\| `-p "prompt"` \| Pass the instruction (also `-c`) \|
			\| `--quiet` \| Shortcut for --print --output-format text --final-message-only \|
			\| `--yolo` \| Auto-approve all operations (implicit in --print) \|
			\| `-w DIR` \| Set working directory \|
			\| `--output-format stream-json` \| JSONL output for programmatic parsing \|
			\| `--final-message-only` \| Only output the final assistant message \|

			`## Background Mode (Long Tasks)`

			```
			`# Start in background`
			`terminal(command="kimi --print -p 'Refactor the auth module to use JWT'", workdir="~/project", background=true, timeout=300)`
			`# Returns session_id`

			`# Monitor`
			`process(action="poll", session_id="<id>")`
			`process(action="wait", session_id="<id>", timeout=300)`
			```

			`## Parallel Work with Git Worktrees`

			```
			`# Create worktrees for parallel tasks`
			`terminal(command="git worktree add -b fix/issue-47 /tmp/timmy-47 main", workdir="~/project")`
			`terminal(command="git worktree add -b fix/issue-25 /tmp/timmy-25 main", workdir="~/project")`

			`# Fire off Kimi in each (background)`
			`terminal(command="kimi --print -p 'Fix XSS in swarm_live.html. Commit when done.'", workdir="/tmp/timmy-47", background=true, timeout=180)`
			`terminal(command="kimi --print -p 'Fix bare excepts in src/. Commit when done.'", workdir="/tmp/timmy-25", background=true, timeout=180)`

			`# Monitor both`
			`process(action="list")`
			`process(action="wait", session_id="<id1>", timeout=180)`
			```

			`## Rules`

			1. Use `--print` for automation — default mode is interactive and blocks
			`2. No PTY needed — unlike Codex, print mode works without a pseudo-terminal`
			3. OAuth-based — subscription, not API key. Must be logged in via `kimi login`
			`4. 262K context — kimi-k2.5 has huge context, good for large codebase tasks`
			5. Background for long tasks — use `background=true` + `process(action="wait")`
			`6. Parallel is fine — run multiple Kimi processes across worktrees`
			`7. Set timeout generously — Kimi can take 1-3 minutes for complex tasks`
chore: dev loop prompt rewrite + branch safety + tox conventions - timmy-loop-prompt.md: full rewrite (76→209 lines) with PR-only workflow, tox environments, git hooks, Kimi dispatch safety block, conventional commits - kimi-code skill: added Branch & Convention Safety section - memories/MEMORY.md: updated with branch protection notes - config.yaml: removed dead kimi API key - cron/jobs.json: updated scheduled jobs - channel_directory.json: minor update - .gitignore: exclude queue/ and *.db 2026-03-14 21:28:16 -04:00
			`## Branch & Convention Safety (MANDATORY in every Kimi prompt)`

			`Kimi WILL push to main and run bare pytest if you don't tell it not to.`
			`Always include these constraints in EVERY Kimi prompt — copy verbatim,`
			`replacing {BRANCH} with the actual branch name:`

			```
			`GIT RULES — NON-NEGOTIABLE:`
			`- You are on branch '{BRANCH}'. Stay on it.`
			`- Do NOT checkout, merge, rebase, or push to main.`
			`- Commit your changes to THIS branch only.`
			`- Do NOT run 'git push'. The orchestrator handles pushing and PRs.`
			`- If tests fail, fix them here. Do not switch branches.`

			`TESTING:`
			`- Run tests with: tox -e unit`
			`- Do NOT run pytest directly. Always use tox.`
			`- Do NOT modify tox.ini, pyproject.toml, or CI config.`

			`CODE STYLE:`
			`- Ruff handles formatting. Do not manually format.`
			`- Run 'tox -e format' if you need to auto-fix style.`
			`- Follow existing patterns in the codebase.`
			`- No cloud dependencies. All AI runs on localhost via Ollama.`
			`- Never use innerHTML with untrusted content (XSS).`
			`- Never hardcode secrets. Use config.settings.`
			```

			`WHY: On 2026-03-14, Kimi pushed a broken commit directly to main because`
			`the prompt said "Commit when done" without branch constraints. This broke`
			`all active worktrees. Branch protection is now enforced on Gitea, but the`
			`prompt must also be explicit — defense in depth.`