Cold-Start Install Paths

April 6, 2026 ยท View on GitHub

This document answers the only cold-start questions that matter right now: which hosts are supported, and what the shortest truth-first install path looks like for each.

One-Line Conclusion

The current public surface supports six hosts:

  • codex
  • claude-code
  • cursor
  • windsurf
  • openclaw
  • opencode

Within that scope:

  • codex: strongest governed lane
  • claude-code: supported install/use path with bounded managed closure
  • cursor: preview-guidance path
  • windsurf: runtime-core path
  • openclaw: preview runtime-core adapter path
  • opencode: preview-guidance adapter path, with a thinner direct install/check public path

Other hosts should not currently be described as supported installation targets.

Note: one-shot-setup.* is now a registry-driven wrapper across all six public hosts. opencode still keeps direct install/check as the thinner default command path.

Codex

CODEX_HOME="$HOME/.codex" bash ./scripts/bootstrap/one-shot-setup.sh --host codex --profile full
CODEX_HOME="$HOME/.codex" bash ./check.sh --host codex --profile full --deep

If the goal is to install and let the current Codex discover $vibe immediately, this default path intentionally targets the real ~/.codex. Switch to ~/.vibeskills/targets/codex only when you explicitly want an isolated install.

What you get:

  • governed runtime payload
  • local Codex settings / MCP guidance
  • deep health check

What you do not get:

  • automatic hooks
  • automatic governance-AI online readiness

Claude Code

CLAUDE_HOME="$HOME/.claude" bash ./scripts/bootstrap/one-shot-setup.sh --host claude-code --profile full
CLAUDE_HOME="$HOME/.claude" bash ./check.sh --host claude-code --profile full --deep

What you get:

  • bounded managed vibeskills settings surface
  • incremental merge and verification against the real ~/.claude/settings.json
  • supported-with-constraints health check

What you do not get:

  • full closure
  • overwrite of the real ~/.claude/settings.json
  • automatic takeover of broader Claude plugin / MCP / credential surfaces

Cursor

bash ./scripts/bootstrap/one-shot-setup.sh --host cursor --profile full
bash ./check.sh --host cursor --profile full --deep

What you get:

  • preview-guidance payload
  • preview health check

What you do not get:

  • full closure
  • overwrite of the real ~/.cursor/settings.json
  • Cursor host-native provider / MCP / hook closure

Windsurf

bash ./scripts/bootstrap/one-shot-setup.sh --host windsurf --profile full
bash ./check.sh --host windsurf --profile full --deep

What you get:

  • shared runtime payload
  • a runtime-core install under the real host root ~/.codeium/windsurf
  • .vibeskills/host-settings.json and .vibeskills/host-closure.json
  • a skills-only activation path that stays dormant until Vibe is explicitly invoked

What you do not get:

  • full closure
  • automatic takeover of host-local config files

OpenClaw

bash ./scripts/bootstrap/one-shot-setup.sh --host openclaw --profile full
bash ./check.sh --host openclaw --profile full --deep

What you get:

  • shared runtime payload
  • an OpenClaw runtime-core install path, with default target root from OPENCLAW_HOME or ~/.openclaw
  • .vibeskills/host-settings.json and .vibeskills/host-closure.json
  • explicit attach / copy / bundle path semantics:
    • attach: connect and validate an existing OPENCLAW_HOME (or ~/.openclaw) target root
    • copy: use install/check entrypoints to copy runtime-core payload into the target root
    • bundle: consume runtime-core distribution manifests from dist/host-openclaw/manifest.json and dist/manifests/vibeskills-openclaw.json
  • explicit host-managed boundaries

What you do not get:

  • full closure
  • automatic takeover of OpenClaw-local configuration

OpenCode

The thinner default path is:

bash ./install.sh --host opencode --profile full
bash ./check.sh --host opencode --profile full

If you want to keep the same bootstrap wrapper as other hosts, this is also valid:

bash ./scripts/bootstrap/one-shot-setup.sh --host opencode --profile full
bash ./check.sh --host opencode --profile full --deep

What you get:

  • a preview-guidance adapter path
  • runtime payload
  • .vibeskills/host-settings.json and .vibeskills/host-closure.json
  • opencode.json.example

What you do not get:

  • overwrite of the real ~/.config/opencode/opencode.json
  • automatic plugin installation
  • automatic provider credential wiring
  • automatic MCP trust decisions

Next actions:

  • the default target root is OPENCODE_HOME, otherwise the real host root ~/.config/opencode
  • for project-local isolation, use --target-root ./.opencode
  • read install/opencode-path.en.md

Boundaries That Must Hold During Cold Start

  • HostId / --host decides host semantics
  • the current public surface is not a claim that every host is fully managed
  • if local provider fields are not configured, the environment must not be described as online-ready
  • do not ask users to paste secrets into chat