@0dai-dev/cli 4.1.0 → 4.3.4

package/lib/commands/swarm.js

@@ -1,11 +1,15 @@
 "use strict";
 const shared = require("../shared");
-const { log, T, R, D, fs, path, https, requirePlan } = shared;
+const { log, T, R, D, fs, path, https, requirePlan, spawnSync, findRepoScript } = shared;
 
 function cmdSwarm(target, sub, args) {
   const swarmDir = path.join(target, "ai", "swarm");
   const queueDir = path.join(swarmDir, "queue");
 
+  if (sub === "swarm-run") {
+    cmdSwarmRun(target, args.slice(2));
+    return;
+  }
   if (sub === "status") {
     const count = (d) => { try { return fs.readdirSync(d).filter(f => f.endsWith(".json")).length; } catch { return 0; } };
     const q = count(path.join(swarmDir, "queue"));
@@ -192,8 +196,97 @@ function cmdSwarm(target, sub, args) {
     if (typeof result.status === "number" && result.status !== 0) process.exit(result.status);
     return;
   }
-  console.log("Usage: 0dai swarm [status|add|delegate|budget|estimate|quality] [--task '...'] [--to agent]");
-  console.log("  quality   Show quality scores for recent tasks (--last N / --details TASK_ID)");
+  if (sub === "sessions") {
+    const script = findRepoScript(target, "swarm_session_registry.py");
+    if (!script) { log("swarm session registry unavailable"); return; }
+    const fwd = [script, "rebuild", "--stale-after", "600"];
+    const asJson = args.includes("--json");
+    if (!asJson) fwd.push("--write", path.join(swarmDir, "session_registry.json"));
+    const r = spawnSync("python3", fwd, { encoding: "utf8", timeout: 15000 });
+    if (r.error) { log(`error: ${r.error.message}`); return; }
+    if (r.status !== 0 && r.status !== null) { process.exit(r.status); }
+    if (asJson) {
+      console.log(r.stdout);
+      return;
+    }
+    const snapFile = path.join(swarmDir, "session_registry.json");
+    if (!fs.existsSync(snapFile)) {
+      log("no session data yet — run a few tasks first");
+      return;
+    }
+    let snap;
+    try { snap = JSON.parse(fs.readFileSync(snapFile, "utf8")); } catch { log("could not read registry snapshot"); return; }
+    const sessions = snap.sessions || {};
+    if (Object.keys(sessions).length === 0) {
+      console.log("\n  No sessions in registry.\n");
+      return;
+    }
+    const B = process.stdout.isTTY ? "\x1b[1m" : "";
+    const R_ = process.stdout.isTTY ? "\x1b[0m" : "";
+    const W2 = process.stdout.isTTY ? "\x1b[33m" : "";
+    const G2 = process.stdout.isTTY ? "\x1b[32m" : "";
+    const M2 = process.stdout.isTTY ? "\x1b[35m" : "";
+    const dim = process.stdout.isTTY ? "\x1b[2m" : "";
+    const reset = process.stdout.isTTY ? "\x1b[0m" : "";
+    console.log(`\n  ${B}Swarm Sessions${R_}  (updated ${snap.updated_at || "?"})`);
+    console.log(`  ${dim}${"─".repeat(80)}${reset}`);
+    const rows = Object.entries(sessions).sort(([a], [b]) => a.localeCompare(b));
+    for (const [name, s] of rows) {
+      const status = s.current_status || "???";
+      const statusCol = status === "idle" ? G2 : status === "busy" ? W2 : status === "stale" ? M2 : "";
+      const task = s.current_task || "-";
+      const branch = s.current_branch || "-";
+      const claimed = s.claimed_at
+        ? new Date(s.claimed_at).toISOString().replace("T", " ").slice(0, 16)
+        : "-";
+      console.log(
+        `  ${(statusCol + status + reset).padEnd(8)} ${(name || "").padEnd(22)} ${(s.agent_family || "").padEnd(8)} ${(task || "").padEnd(20)} ${(branch || "").padEnd(25)} ${claimed}`
+      );
+    }
+    console.log(`  ${dim}${"─".repeat(80)}${reset}\n`);
+    const idle = rows.filter(([, s]) => s.current_status === "idle").length;
+    const busy = rows.filter(([, s]) => s.current_status === "busy").length;
+    const stale = rows.filter(([, s]) => s.current_status === "stale").length;
+    console.log(`  ${G2}idle${reset}: ${idle}  ${W2}busy${reset}: ${busy}  ${M2}stale${reset}: ${stale}  total: ${rows.length}\n`);
+    return;
+  }
+  console.log("Usage: 0dai swarm [status|add|delegate|budget|estimate|quality|sessions|swarm-run] [--task '...'] [--to agent]");
+  console.log("  sessions  Show live session registry table (idle/busy/stale per session) [--json]");
+  console.log("  swarm-run Add, dispatch, and wait for one swarm task as JSON");
+}
+
+function cmdSwarmRun(target, args) {
+  // #2143 hardening:
+  // 1. `ODAI_SWARM_RUN_SCRIPT` env override lets tests inject a deterministic
+  //    script path, bypassing the `findRepoScript` heuristic that walks up
+  //    multiple parent dirs and can drift on CI runners with stale layouts.
+  // 2. `ODAI_SWARM_RUN_PYTHON` env override picks the interpreter (defaults to
+  //    `python3`). Lets a runner with `python3.12` aliased differently still
+  //    invoke the helper without modifying the test.
+  // 3. When the helper cannot be located, log every candidate that was probed
+  //    so CI failures point at the right runner-layout issue instead of a
+  //    generic "unavailable" line.
+  let script = process.env.ODAI_SWARM_RUN_SCRIPT || "";
+  if (script && !fs.existsSync(script)) {
+    log(`swarm-run helper unavailable: ODAI_SWARM_RUN_SCRIPT=${script} does not exist`);
+    process.exit(1);
+  }
+  if (!script) script = findRepoScript(target, "swarm_run.py");
+  if (!script) {
+    const cwd = process.cwd();
+    log("swarm-run helper unavailable");
+    log(`  probed: ${path.join(target, "scripts", "swarm_run.py")}`);
+    log(`  probed: ${path.join(cwd, "scripts", "swarm_run.py")}`);
+    log(`  hint: set ODAI_SWARM_RUN_SCRIPT to override the lookup`);
+    process.exit(1);
+  }
+  const python = process.env.ODAI_SWARM_RUN_PYTHON || "python3";
+  const result = spawnSync(python, [script, "--target", target, ...args], { stdio: "inherit" });
+  if (result.error) {
+    log(`swarm-run failed: ${result.error.message}`);
+    process.exit(1);
+  }
+  if (typeof result.status === "number" && result.status !== 0) process.exit(result.status);
 }
 
-module.exports = { cmdSwarm };
+module.exports = { cmdSwarm, cmdSwarmRun };

package/lib/commands/tui.js

@@ -0,0 +1,117 @@
+"use strict";
+const path = require("path");
+const fs = require("fs");
+const shared = require("../shared");
+const { log, D, R, VERSION, spawnSync } = shared;
+
+function findRepoScript(target, name) {
+  const candidates = [
+    path.join(target, "scripts", name),
+    path.join(__dirname, "../../../../scripts", name),
+    path.join("/root/0dai/scripts", name),
+  ];
+  for (const c of candidates) {
+    try { if (fs.existsSync(c)) return c; } catch {}
+  }
+  return null;
+}
+
+function argAfter(args, flag) {
+  const i = args.indexOf(flag);
+  return i >= 0 && i + 1 < args.length ? args[i + 1] : null;
+}
+
+function cmdTuiLayout(target, args = []) {
+  const layout = argAfter(args, "--layout");
+  if (layout !== "launchpad") {
+    console.error(`Unknown --layout: ${layout || "(missing)"}. Available: launchpad`);
+    process.exit(2);
+  }
+  const script = findRepoScript(target, "tui.py");
+  if (!script) {
+    console.error("tui.py not found locally. Is the 0dai project set up?");
+    process.exit(1);
+  }
+  const fwd = [script, "--target", target, "--layout", "launchpad"];
+  const exportPng = argAfter(args, "--export-png");
+  if (exportPng) fwd.push("--export-png", exportPng);
+  if (args.includes("--no-color") || !process.stdout.isTTY) fwd.push("--no-color");
+  const res = spawnSync("python3", fwd, { stdio: "inherit" });
+  process.exit(typeof res.status === "number" ? res.status : 1);
+}
+
+async function cmdTui(target, args = []) {
+  // Short-circuit for `--layout launchpad` — one-shot render, no TTY needed.
+  if (args.includes("--layout")) {
+    return cmdTuiLayout(target, args);
+  }
+
+  if (!process.stdout.isTTY) {
+    console.error("0dai tui requires an interactive TTY. Try: 0dai status");
+    process.exit(2);
+  }
+
+  // SPEC-026 Phase 3: --remote <url> + --project <id> flip hooks from
+  // local fs to HTTP. Env vars ODAI_TUI_REMOTE_URL + ODAI_TUI_PROJECT
+  // act as fallbacks so PC / mobile launchers can set them once.
+  const remoteUrl =
+    argAfter(args, "--remote") || process.env.ODAI_TUI_REMOTE_URL || undefined;
+  const projectId =
+    argAfter(args, "--project") || process.env.ODAI_TUI_PROJECT || undefined;
+  if (remoteUrl && !projectId) {
+    console.error(
+      "0dai tui --remote requires --project <id> (or ODAI_TUI_PROJECT env)",
+    );
+    process.exit(2);
+  }
+  if (remoteUrl) {
+    log(`${D}TUI remote-mode: ${remoteUrl} (project=${projectId})${R}`);
+  }
+
+  const writeFlag = args.includes("--write");
+  const writeEnv = process.env.ODAI_TUI_WRITE === "1";
+  const writeMode = writeFlag || writeEnv;
+  if (writeFlag && !writeEnv) {
+    log(`${D}TUI write-mode requested via --write. Set ODAI_TUI_WRITE=1 to persist this preference.${R}`);
+  }
+  if (writeMode) {
+    log(`${D}TUI write-mode ENABLED — destructive actions will require diff preview + confirmation.${R}`);
+  }
+
+  const standupScript = findRepoScript(target, "standup.py");
+  if (standupScript) {
+    spawnSync(
+      "python3",
+      [standupScript, "--target", target, "--if-stale", "--launch-hook"],
+      { stdio: "inherit" },
+    );
+  }
+
+  const bundlePath = path.join(__dirname, "..", "tui", "index.mjs");
+  let tui;
+  try {
+    const url = require("url").pathToFileURL(bundlePath).href;
+    tui = await import(url);
+  } catch (err) {
+    const code = err && err.code;
+    const msg = String(err && err.message || "");
+    if (code === "ERR_MODULE_NOT_FOUND" || msg.includes("Cannot find module")) {
+      log("TUI bundle missing. Rebuild with:");
+      console.log(`  ${D}cd $(npm root -g)/@0dai-dev/cli && node scripts/build-tui.js${R}`);
+      process.exit(1);
+    }
+    throw err;
+  }
+
+  let plan = "free";
+  try {
+    const auth = shared.loadAuthState();
+    if (auth && auth.plan) plan = auth.plan;
+  } catch {
+    // keep default plan
+  }
+
+  await tui.run({ target, version: VERSION, plan, writeMode, remoteUrl, projectId });
+}
+
+module.exports = { cmdTui };

package/lib/commands/usage.js

@@ -0,0 +1,87 @@
+"use strict";
+
+const shared = require("../shared");
+const { log, D, R, spawnSync, findRepoScript } = shared;
+
+const SUBCOMMANDS = new Set(["status", "daily", "monthly"]);
+
+function printUsageHelp() {
+  console.log("Usage:");
+  console.log("  0dai usage [status] [--plan free|pro|team|enterprise] [--json] [--target PATH]");
+  console.log("  0dai usage daily [--date YYYY-MM-DD] [--json] [--target PATH]");
+  console.log("  0dai usage monthly [--month YYYY-MM] [--json] [--target PATH]");
+  console.log("");
+  console.log("Shows token, task, and USD usage from the local usage ledger.");
+}
+
+function _forwardArgs(subcommand, args) {
+  const forwarded = [subcommand];
+  const allowedFlags = new Set(["--json"]);
+  const valueFlags = new Set(
+    subcommand === "daily" ? ["--date"] :
+    subcommand === "monthly" ? ["--month"] :
+    ["--plan"],
+  );
+
+  for (let i = 0; i < args.length; i += 1) {
+    const arg = args[i];
+    if (allowedFlags.has(arg)) {
+      forwarded.push(arg);
+      continue;
+    }
+    if (valueFlags.has(arg)) {
+      if (!args[i + 1] || args[i + 1].startsWith("-")) {
+        throw new Error(`${arg} requires a value`);
+      }
+      forwarded.push(arg, args[i + 1]);
+      i += 1;
+      continue;
+    }
+    throw new Error(`unknown usage option: ${arg}`);
+  }
+
+  return forwarded;
+}
+
+function cmdUsage(target, rawArgs = []) {
+  const args = rawArgs.slice();
+  if (args.includes("--help") || args.includes("-h")) {
+    printUsageHelp();
+    return;
+  }
+
+  const first = args[0] || "";
+  const subcommand = first && !first.startsWith("-") ? args.shift() : "status";
+  if (!SUBCOMMANDS.has(subcommand)) {
+    log(`unknown usage subcommand: ${subcommand}`);
+    printUsageHelp();
+    process.exit(1);
+  }
+
+  let forwarded;
+  try {
+    forwarded = _forwardArgs(subcommand, args);
+  } catch (err) {
+    log(err.message);
+    printUsageHelp();
+    process.exit(1);
+  }
+
+  const script = findRepoScript(target, "usage_ledger.py");
+  if (!script) {
+    log("usage ledger unavailable");
+    console.log(`  ${D}Expected scripts/usage_ledger.py in this project${R}`);
+    process.exit(1);
+  }
+
+  const result = spawnSync("python3", [script, ...forwarded], {
+    cwd: target,
+    stdio: "inherit",
+    timeout: 15000,
+  });
+  if (typeof result.status === "number" && result.status !== 0) {
+    process.exit(result.status);
+  }
+}
+
+module.exports = { cmdUsage, _forwardArgs };

package/lib/commands/vault.js

@@ -0,0 +1,246 @@
+/**
+ * 0dai vault CLI — Phase 1 SCAFFOLD (Task #104, F6 G2).
+ *
+ * Mirrors the shape of ci.js (#2696): tiny dispatcher, JSON or human
+ * output, sub-commands forwarded to ../vault/index.js. Phase 1 implements
+ * only `init`; all other sub-commands print a "P2 deferred" message and
+ * exit with status 2 so scripts can branch on it.
+ *
+ * See docs/runbooks/0dai-vault.md for the phase plan and SPEC pointer.
+ */
+
+"use strict";
+
+const shared = require("../shared");
+const { T, R, D, log } = shared;
+
+const vault = require("../vault");
+
+// Phase 2a ships `add` + `get`. The rest stay P2-gated until operator
+// approves Phase 2b (list/inject/rotate scope).
+const P2_GATED = new Set(["list", "inject", "rotate"]);
+
+function hasFlag(args, name) {
+  return args.includes(name);
+}
+
+function printUsage() {
+  console.log("Usage: 0dai vault <init|add|get|list|inject|rotate> [--json]");
+  console.log("  Phase 1+2a ships `init`, `add`, `get`. `list`/`inject`/`rotate` gated on operator P2b approval.");
+  console.log("  add: 0dai vault add <scope> <name> <value>    (or value via --stdin)");
+  console.log("  get: 0dai vault get <scope> <name>");
+  console.log("  Runbook: docs/runbooks/0dai-vault.md");
+}
+
+function printInitHuman(result) {
+  console.log(`\n  ${T}0dai vault${R} — Phase 1 init`);
+  console.log(`  vault dir   : ${result.vaultDir}`);
+  console.log(`  identity    : ${result.identityPath}`);
+  console.log(`  public key  : ${result.publicKey || "(missing — re-run init)"}`);
+  if (result.created) {
+    console.log(`  ${T}new keypair generated${R} — back up ${result.identityPath} offline`);
+  } else {
+    console.log(`  ${D}existing keypair detected — no changes${R}`);
+  }
+  console.log(`  ${D}Phase 2 (get/add/list/inject/rotate) gated on operator P2 approval${R}`);
+  console.log(`  ${D}runbook: docs/runbooks/0dai-vault.md${R}\n`);
+}
+
+function cmdVaultInit(args) {
+  const asJson = hasFlag(args, "--json");
+  try {
+    const result = vault.init();
+    if (asJson) {
+      console.log(JSON.stringify({
+        schema_version: 1,
+        command: "vault init",
+        phase: 1,
+        ...result,
+      }, null, 2));
+      return;
+    }
+    printInitHuman(result);
+  } catch (err) {
+    if (asJson) {
+      console.log(JSON.stringify({
+        schema_version: 1,
+        command: "vault init",
+        error: err.message,
+        code: err.code || "VAULT_INIT_FAILED",
+      }, null, 2));
+    } else {
+      log(`vault init failed: ${err.message}`);
+    }
+    process.exitCode = 1;
+  }
+}
+
+function _readStdinSync() {
+  const fs = require("node:fs");
+  try {
+    return fs.readFileSync(0, "utf8");
+  } catch (e) {
+    return "";
+  }
+}
+
+function cmdVaultAdd(args) {
+  const asJson = hasFlag(args, "--json");
+  const useStdin = hasFlag(args, "--stdin");
+  // positional args after stripping flags
+  const positional = args.filter((a) => !a.startsWith("--"));
+  const [scope, name, value] = positional;
+  if (!scope || !name) {
+    log("usage: 0dai vault add <scope> <name> <value>|--stdin");
+    process.exitCode = 1;
+    return;
+  }
+  let payload = value;
+  if (useStdin) {
+    payload = _readStdinSync();
+    if (!payload) {
+      log("vault add --stdin: no input on stdin");
+      process.exitCode = 1;
+      return;
+    }
+  }
+  if (payload == null || payload === "") {
+    log("vault add: <value> required (or --stdin)");
+    process.exitCode = 1;
+    return;
+  }
+  try {
+    const result = vault.add(scope, name, payload);
+    if (asJson) {
+      console.log(JSON.stringify({
+        schema_version: 1,
+        command: "vault add",
+        phase: "2a",
+        ...result,
+      }, null, 2));
+    } else {
+      console.log(`\n  ${T}0dai vault add${R}`);
+      console.log(`  scope/name : ${scope}/${name}`);
+      console.log(`  path       : ${result.path}`);
+      console.log(`  bytes      : ${result.bytes}`);
+      console.log(`  ${result.overwritten ? T + "overwritten" + R : D + "new" + R}\n`);
+    }
+  } catch (err) {
+    if (asJson) {
+      console.log(JSON.stringify({
+        schema_version: 1,
+        command: "vault add",
+        error: err.message,
+        code: err.code || "VAULT_ADD_FAILED",
+      }, null, 2));
+    } else {
+      log(`vault add failed: ${err.message}`);
+    }
+    process.exitCode = err.code === "VAULT_INVALID_NAME" ? 2 : 1;
+  }
+}
+
+function cmdVaultGet(args) {
+  const asJson = hasFlag(args, "--json");
+  const positional = args.filter((a) => !a.startsWith("--"));
+  const [scope, name] = positional;
+  if (!scope || !name) {
+    log("usage: 0dai vault get <scope> <name>");
+    process.exitCode = 1;
+    return;
+  }
+  try {
+    const result = vault.get(scope, name);
+    if (asJson) {
+      console.log(JSON.stringify({
+        schema_version: 1,
+        command: "vault get",
+        phase: "2a",
+        scope: result.scope,
+        name: result.name,
+        value: result.value,
+        path: result.path,
+      }, null, 2));
+    } else {
+      // Human mode: print value to stdout unwrapped so shell pipelines work.
+      process.stdout.write(result.value);
+      if (!result.value.endsWith("\n")) process.stdout.write("\n");
+    }
+  } catch (err) {
+    if (asJson) {
+      console.log(JSON.stringify({
+        schema_version: 1,
+        command: "vault get",
+        error: err.message,
+        code: err.code || "VAULT_GET_FAILED",
+      }, null, 2));
+    } else {
+      log(`vault get failed: ${err.message}`);
+    }
+    if (err.code === "VAULT_SECRET_NOT_FOUND") {
+      process.exitCode = 4;  // distinct: "no such secret"
+    } else if (err.code === "VAULT_INVALID_NAME") {
+      process.exitCode = 2;
+    } else {
+      process.exitCode = 1;
+    }
+  }
+}
+
+function cmdVaultDeferred(sub, args) {
+  const asJson = hasFlag(args, "--json");
+  const message = `vault ${sub} is gated on operator P2 approval — see docs/runbooks/0dai-vault.md`;
+  if (asJson) {
+    console.log(JSON.stringify({
+      schema_version: 1,
+      command: `vault ${sub}`,
+      phase: 2,
+      deferred: true,
+      message,
+    }, null, 2));
+  } else {
+    console.log(`\n  ${T}0dai vault ${sub}${R}`);
+    console.log(`  ${D}${message}${R}\n`);
+  }
+  // Distinct exit code so wrapper scripts can detect "not implemented yet"
+  // vs a real failure (1).
+  process.exitCode = 2;
+}
+
+function cmdVault(_target, sub, args) {
+  const command = sub && !sub.startsWith("-") ? sub : "";
+  const forwarded = command === sub ? args.slice(2) : args.slice(1);
+
+  if (!command || command === "help" || command === "-h" || command === "--help") {
+    printUsage();
+    return;
+  }
+
+  if (command === "init") {
+    cmdVaultInit(forwarded);
+    return;
+  }
+
+  if (command === "add") {
+    cmdVaultAdd(forwarded);
+    return;
+  }
+
+  if (command === "get") {
+    cmdVaultGet(forwarded);
+    return;
+  }
+
+  if (P2_GATED.has(command)) {
+    cmdVaultDeferred(command, forwarded);
+    return;
+  }
+
+  log(`unknown vault sub-command: ${command}`);
+  printUsage();
+  process.exitCode = 1;
+}
+
+module.exports = {
+  cmdVault,
+};

package/lib/commands/workspace.js

@@ -108,6 +108,7 @@ function detectSessions(target) {
 function cmdWorkspaceInit(target, args) {
   const globalFlag = args.includes("--global");
 
+  const sessions = detectSessions(target);
   if (sessions.length === 0) {
     log("no services detected. Create workspace config manually with: 0dai workspace add");
     return;

package/lib/onboarding.js

@@ -23,12 +23,16 @@ function _loadState(target) {
   }
 }
 
-function _saveState(target, state) {
+function _saveState(target, state, options = {}) {
+  const createAiDir = options.createAiDir !== false;
   try {
     const dir = path.join(target, "ai");
+    if (!fs.existsSync(dir) && !createAiDir) return false;
     if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
     fs.writeFileSync(_statePath(target), JSON.stringify(state, null, 2) + "\n");
+    return true;
   } catch {}
+  return false;
 }
 
 // ---------------------------------------------------------------------------
@@ -73,14 +77,16 @@ function trackFirstRun(target) {
   const state = _loadState(target);
   if (!state.first_run_at) {
     state.first_run_at = new Date().toISOString();
-    _saveState(target, state);
+    _saveState(target, state, { createAiDir: false });
   }
 }
 
 function trackFirstInit(target) {
   const state = _loadState(target);
   if (!state.first_init_at) {
-    state.first_init_at = new Date().toISOString();
+    const now = new Date().toISOString();
+    if (!state.first_run_at) state.first_run_at = now;
+    state.first_init_at = now;
     _saveState(target, state);
   }
 }
@@ -104,20 +110,28 @@ async function cmdQuickstart(target, { cmdDoctor, cmdStatus, cmdInit, log, ensur
 
   // Step 1: Auth
   console.log(`\n  [1/${steps}] Checking authentication...`);
+  let signedIn = false;
   let authInfo = "not signed in";
   try {
     const auth = JSON.parse(fs.readFileSync(path.join(require("os").homedir(), ".0dai", "auth.json"), "utf8"));
     if (auth.access_token) {
+      signedIn = true;
       authInfo = `signed in (${auth.plan || "free"} plan)`;
     }
   } catch {}
-  console.log(`           \u2713 ${authInfo}`);
+  if (signedIn) {
+    console.log(`           \u2713 ${authInfo}`);
+  } else {
+    console.log(`           \u26a0 ${authInfo} \u2192 run 0dai auth login`);
+  }
 
   // Step 2: Init
   console.log(`  [2/${steps}] Checking project config...`);
   const aiExists = fs.existsSync(path.join(target, "ai", "VERSION"));
   if (aiExists) {
     console.log("           \u2713 ai/ layer found");
+  } else if (!signedIn) {
+    console.log("           \u26a0 skipped \u2192 sign in before first init");
   } else {
     console.log("           initializing...");
     try {
@@ -132,9 +146,9 @@ async function cmdQuickstart(target, { cmdDoctor, cmdStatus, cmdInit, log, ensur
 
   // Step 3: Doctor
   console.log(`  [3/${steps}] Running health check...`);
-  if (fs.existsSync(path.join(target, "ai"))) {
+  if (fs.existsSync(path.join(target, "ai", "VERSION"))) {
     try {
-      cmdDoctor(target);
+      cmdDoctor(target, { suppressExitCode: true });
     } catch {}
     console.log("           \u2713 health check complete");
   } else {
@@ -143,7 +157,7 @@ async function cmdQuickstart(target, { cmdDoctor, cmdStatus, cmdInit, log, ensur
 
   // Step 4: Status
   console.log(`  [4/${steps}] Project status:`);
-  if (fs.existsSync(path.join(target, "ai"))) {
+  if (fs.existsSync(path.join(target, "ai", "VERSION"))) {
     try {
       cmdStatus(target);
     } catch {}
@@ -155,9 +169,15 @@ async function cmdQuickstart(target, { cmdDoctor, cmdStatus, cmdInit, log, ensur
   const elapsed = ((Date.now() - start) / 1000).toFixed(1);
   console.log(`  [5/${steps}] Ready! (${elapsed}s)`);
   console.log("");
-  console.log("  Your project is set up. Try:");
-  console.log("    0dai swarm run --goal \"add auth\"  (Pro)");
-  console.log("    0dai graph push                   (Pro)");
+  if (!signedIn && !aiExists) {
+    console.log("  Next:");
+    console.log("    0dai auth login                  Sign in to unlock init and sync");
+    console.log("    0dai quickstart                  Re-run after sign-in");
+  } else {
+    console.log("  Your project is set up. Try:");
+    console.log("    0dai swarm run --goal \"add auth\"  (Pro)");
+    console.log("    0dai graph push                   (Pro)");
+  }
   console.log("");
 }