Goose 1.36 Turns Code Review, Hooks, Skills, and Goals Into the Agent Runtime

Goose 1.36.0 is not a “new buttons in the chat window” release. It is more interesting than that, which is inconvenient for anyone trying to reduce coding-agent progress to model benchmarks. The release turns several things teams have been improvising around — code review, permission hooks, reusable skills, goal checks, diff inspection, provider routing, and MCP lifecycle — into explicit runtime surfaces.

That is the right direction. The next stage of agentic coding will not be won by whichever CLI can produce the flashiest demo diff. It will be won by the tools that make agent behavior inspectable, governable, and boring enough to let near real repositories. Goose 1.36.0 reads like maintainers taking that seriously.

The review loop finally becomes a product surface

The standout addition is goose review, a local code-review command that can inspect the working-tree diff or an explicit range such as main...HEAD. According to the release-linked work, it discovers project and global review configuration, runs a per-file correctness pass, fans out parallel check subagents, and emits JSON-lines findings with a check field for attribution.

That last detail matters more than it sounds. A chat transcript saying “I reviewed the code” is not an engineering artifact. A stream of structured findings that names the check responsible can be piped into CI, compared over time, filtered by severity, or stored alongside build output. Once agents start producing large diffs faster than humans can inspect them, the second-pass review loop becomes part of the development system, not a courtesy prompt.

Goose also uses the same .agents/checks/*.md frontmatter shape associated with Amp-style checks. That is a small but useful interoperability move. Teams are about to accumulate review policies the way they accumulated linters: security rules, migration constraints, framework conventions, release checklists, and “please stop doing that thing our codebase hates” notes. If every agent runtime makes those checks proprietary, the ecosystem gets worse. Portable review policy is boring in exactly the way infrastructure should be.

Hooks are where “ask nicely” turns into policy

The other release-defining change is the hooks system, especially PreToolUse denial. PR #9304 allows a hook to block a tool call using exit code 2 or a JSON decision such as {"decision":"block"} on stdout. Hook spawn errors, timeouts, and unrelated failures are logged and treated as allow, which is a pragmatic choice with a sharp edge.

The pragmatic part: a broken hook should not deadlock every developer session. The sharp edge: fail-open policy is still fail-open policy. If a team relies on hooks to prevent network access, secret-touching commands, production-adjacent writes, or destructive shell operations, hook health needs monitoring. A security control that quietly stops running is worse than an obvious denial because it teaches everyone the system is still protecting them.

Still, the primitive is the right one. Agent governance cannot live only in prose instructions. “Do not run risky commands” is a preference. “Call this policy hook before tool use, and let it deny the operation” is a boundary. Boundaries are what let teams increase autonomy without pretending the model has become a compliance department.

Goal checks are not tests, but they reduce premature victory

Goose 1.36.0 also adds /goal, a command that injects a self-evaluation step when the agent would otherwise finish. If the goal has not been met, the agent continues, with a cap of three goal-check nudges to avoid unbounded loops.

This is not a substitute for deterministic tests, and nobody should sell it that way. But it addresses a real failure mode: agents often declare victory because they reached a narratively satisfying stopping point, not because the actual user goal was satisfied. A capped self-check is a cheap guardrail for unattended work. It gives the model one more chance to compare the final state against the requested state before it writes the confident final paragraph everyone has learned to distrust.

Practitioners should treat /goal as a planning affordance, not as proof. Use it for multi-step refactors, bug hunts, documentation sweeps, and issue triage. Pair it with tests, goose review, and a real diff inspection before merging anything. The point is not to remove humans from review. The point is to stop wasting human review cycles on diffs the agent could have caught itself.

Skills make agents useful — and widen the supply chain

The Open Plugins generalization and skills support are the release’s extensibility story. Goose now exposes built-in, recipe, and skill slash commands through a single ACP available_commands list, with name-collision precedence of builtin > recipe > skill. It also adds ACP session-list pagination, session cwd passing to ACP providers, deep links such as goose://resume and goose://new-session, and a worktree-aware directory switcher.

That is the platform shape emerging across coding agents: the agent is no longer just a model endpoint wrapped in a terminal. It is a runtime with commands, skills, recipes, hooks, sessions, worktrees, providers, and permission boundaries. This is good. It is also where supply-chain thinking enters. A skill is reusable behavior. A hook can influence or block tool calls. A recipe can encode multi-step workflows. These are not harmless snippets once the agent has file, shell, MCP, or network authority.

Teams adopting Goose should version shared skills, review plugin sources, pin references where possible, and separate personal experiments from project policy. Put team-owned review checks and recipes in the repository so they move through code review. Keep personal shortcuts personal. If a skill changes how the agent edits, tests, or deploys code, it deserves the same skepticism as a CI action pulled from a random repo.

The unglamorous fixes are the trust story

The release is also packed with runtime plumbing: a TUI command for goose-cli, a /diff viewer, chat-history search, unified thinking-effort controls, Vercel AI Gateway support, GitHub Copilot /responses API support for GPT-5.x and o-series models, stable OAuth callback port configuration, proactive OAuth token refresh, configurable code-block line caps, and provider additions including NEAR AI Cloud and Scaleway.

The bug-fix list tells the same story. Goose now serializes per-session agent creation to stop duplicate MCP initialization, respects GOOSE_MAX_TURNS in gateway sessions, preserves thinking content for provider context, improves Ollama stream-stall timeout messaging, honors Retry-After on 429 responses, flushes OTLP traces more reliably on exit, persists accumulated cost in the session database, reports cumulative total_tokens in JSON output, and removes an unused fetch-metadata IPC handler marked as SSRF-related.

None of that makes a good launch tweet. All of it matters in production usage. Duplicate MCP initialization becomes “why did my tool run twice?” Missing turn limits become runaway sessions. Bad timeout messages become support tickets. Cost that disappears on reload becomes untrustworthy accounting. Agent tools earn trust in the parts of the system users only notice when they fail.

The release landed on GitHub at May 27, 2026, 23:53 UTC. At research time the repository had roughly 45,979 stars, 4,743 forks, and 180 open issues — strong enough signal that this is not a toy project, but the more important signal is the shape of the work. Goose is investing in the operating surface around agentic coding, not just in another chat affordance.

The action item for engineering teams is concrete: if you try Goose 1.36.0, start by writing review checks, not by giving the agent broader autonomy. Add PreToolUse hooks for risky commands, external network calls, secret-adjacent paths, and destructive file operations. Use /goal for unattended tasks, but require tests and goose review before merge. Audit skills like dependencies. Watch hook health if you rely on fail-open controls. And test session resume, MCP initialization, and provider routing before declaring the runtime ready for team workflows.

My read: Goose 1.36.0 is a governance release disguised as a feature buffet. That is a compliment. Coding agents are becoming developer platforms, and the platforms that win will be the ones that turn review, hooks, goals, skills, MCP lifecycle, and provider routing into things engineers can reason about. “The model seemed smart” is not enough. The runtime has to be reviewable.

Sources: GitHub — Goose v1.36.0, PR #9114, PR #9069, PR #9304, PR #9112