@aexol/opencode-wizard 0.1.0 → 0.1.2

package/dist/server.js

@@ -1,1628 +0,0 @@
-import fs from 'node:fs/promises';
-import http from 'node:http';
-import path from 'node:path';
-import crypto from 'node:crypto';
-import { execFile } from 'node:child_process';
-import { promisify } from 'node:util';
-import { URL, fileURLToPath } from 'node:url';
-import { tool } from '@opencode-ai/plugin';
-const execFileAsync = promisify(execFile);
-const MODULE_FILE_PATH = fileURLToPath(import.meta.url);
-const PACKAGE_ROOT_PATH = path.resolve(path.dirname(MODULE_FILE_PATH), '..');
-const PLUGIN_ID = 'opencode-wizard-skills';
-const CACHE_TTL_MS = 30_000;
-const ROOT_SKILL_SEED_PATH = '.opencode/skills';
-const AUTH_STATE_PATH = 'plugin/opencode-wizard-skills/.generated/auth-state.json';
-const LOCAL_DEV_BACKEND_ORIGIN = 'http://localhost:8080';
-const PUBLISHED_BACKEND_ORIGIN = 'https://opencode-wizard.aexol.work';
-const OIDC_ISSUER = 'https://login.microsoftonline.com/86f4caf4-0d6f-4682-9a06-ea57f3e4e76c/v2.0';
-const OIDC_CLIENT_ID = 'da963901-2375-442b-9e99-14e59f43eda2';
-const OIDC_CALLBACK_ORIGIN = 'http://localhost:24953';
-const OIDC_CALLBACK_PATH = '/oauth/callback';
-const OIDC_CALLBACK_URL = `${OIDC_CALLBACK_ORIGIN}${OIDC_CALLBACK_PATH}`;
-const OIDC_SCOPES = ['openid', 'profile', 'email'];
-const LOGIN_TIMEOUT_MS = 5 * 60_000;
-const PRESENCE_EVENT_TIMEOUT_MS = 3_000;
-const PRESENCE_EVENT_MAX_ATTEMPTS = 2;
-const PRESENCE_EVENT_RETRY_DELAY_MS = 250;
-const PRESENCE_SHUTDOWN_SIGNALS = ['SIGINT', 'SIGTERM', 'SIGHUP'];
-const PRESENCE_SIGNAL_EXIT_CODES = {
-    SIGINT: 130,
-    SIGTERM: 143,
-    SIGHUP: 129,
-};
-const createIdleLoginBootstrapSnapshot = () => ({
-    status: 'idle',
-    trigger: null,
-    startedAt: null,
-    expiresAt: null,
-    browserUrl: null,
-    browserOpenError: null,
-    email: null,
-    message: null,
-});
-const AVAILABLE_PUBLISHED_SKILL_TOOLS = [
-    'opencode_wizard_published_skills_fetch',
-];
-const PUBLISHED_SKILLS_CATALOG_QUERY = `
-  query PluginPublishedSkills($input: PublishedSkillsDeliveryInput!) {
-    pluginPublishedSkills(input: $input) {
-      workspace {
-        id
-        slug
-        name
-        repositoryUrl
-        defaultBranch
-        status
-      }
-      directoryPath
-      skills {
-        assignmentSource
-        assignmentType
-        scopePath
-        includeChildren
-        skill {
-          id
-          slug
-          name
-          summary
-          status
-          tags {
-            id
-            slug
-            label
-            description
-            facet {
-              id
-              slug
-              label
-              description
-            }
-          }
-        }
-        skillVersion {
-          id
-          version
-          title
-          summary
-          status
-        }
-        publishedArtifact {
-          id
-          frontmatterName
-          frontmatterDescription
-          checksum
-          publishedAt
-        }
-      }
-    }
-  }
-`;
-const PUBLISHED_SKILL_DETAIL_QUERY = `
-  query PluginPublishedSkillVersionArtifact($input: PublishedSkillArtifactDetailInput!) {
-    pluginPublishedSkillVersionArtifact(input: $input) {
-      id
-      frontmatterName
-      frontmatterDescription
-      markdownBody
-      renderedContent
-      checksum
-      publishedAt
-    }
-  }
-`;
-const parseDotEnvValue = (value) => {
-    const trimmedValue = value.trim();
-    if ((trimmedValue.startsWith('"') && trimmedValue.endsWith('"')) ||
-        (trimmedValue.startsWith("'") && trimmedValue.endsWith("'"))) {
-        return trimmedValue.slice(1, -1);
-    }
-    return trimmedValue;
-};
-const parseDotEnv = (raw) => {
-    const values = new Map();
-    for (const line of raw.split(/\r?\n/u)) {
-        const trimmedLine = line.trim();
-        if (!trimmedLine || trimmedLine.startsWith('#'))
-            continue;
-        const separatorIndex = trimmedLine.indexOf('=');
-        if (separatorIndex <= 0)
-            continue;
-        const key = trimmedLine.slice(0, separatorIndex).trim();
-        if (!key)
-            continue;
-        const rawValue = trimmedLine.slice(separatorIndex + 1);
-        values.set(key, parseDotEnvValue(rawValue));
-    }
-    return values;
-};
-const findUpwardFile = async (startDirectory, fileName) => {
-    let currentDirectory = normalizeAbsolutePath(startDirectory);
-    while (true) {
-        const candidatePath = path.join(currentDirectory, fileName);
-        try {
-            await fs.access(candidatePath);
-            return candidatePath;
-        }
-        catch {
-            const parentDirectory = path.dirname(currentDirectory);
-            if (parentDirectory === currentDirectory)
-                return null;
-            currentDirectory = parentDirectory;
-        }
-    }
-};
-const readLocalEnvValues = async (startDirectory) => {
-    const envPath = await findUpwardFile(startDirectory, '.env');
-    if (!envPath)
-        return new Map();
-    try {
-        const raw = await fs.readFile(envPath, 'utf8');
-        return parseDotEnv(raw);
-    }
-    catch {
-        return new Map();
-    }
-};
-const isLocalModulePathExecution = async () => {
-    const localDevSentinelPaths = [
-        path.join(PACKAGE_ROOT_PATH, 'src', 'server.ts'),
-        path.join(PACKAGE_ROOT_PATH, 'tsconfig.json'),
-    ];
-    for (const sentinelPath of localDevSentinelPaths) {
-        try {
-            await fs.access(sentinelPath);
-            return true;
-        }
-        catch {
-            continue;
-        }
-    }
-    return false;
-};
-const normalizeBackendOrigin = (value) => {
-    if (!value)
-        return null;
-    try {
-        const normalizedUrl = new URL(value);
-        return normalizedUrl.origin;
-    }
-    catch {
-        return null;
-    }
-};
-const resolveBackendOrigin = async (worktree) => {
-    const envValues = await readLocalEnvValues(worktree);
-    const configuredPort = envValues.get('PORT') ?? process.env.PORT;
-    const normalizedPort = configuredPort ? Number.parseInt(configuredPort, 10) : Number.NaN;
-    if (Number.isInteger(normalizedPort) && normalizedPort >= 1 && normalizedPort <= 65535) {
-        return `http://localhost:${normalizedPort}`;
-    }
-    const configuredAppUrl = normalizeBackendOrigin(envValues.get('APP_URL')) ?? normalizeBackendOrigin(process.env.APP_URL);
-    if (configuredAppUrl)
-        return configuredAppUrl;
-    if (await isLocalModulePathExecution())
-        return LOCAL_DEV_BACKEND_ORIGIN;
-    return PUBLISHED_BACKEND_ORIGIN;
-};
-const toWorkspaceSlug = (value) => {
-    const normalized = value
-        .trim()
-        .toLowerCase()
-        .replace(/[^a-z0-9-]+/gu, '-')
-        .replace(/^-+|-+$/gu, '');
-    if (normalized)
-        return normalized;
-    return 'workspace';
-};
-const resolveFallbackWorkspaceSlug = (worktree) => {
-    const configuredWorkspaceSlug = process.env.OPENCODE_WIZARD_SKILLS_WORKSPACE_SLUG?.trim();
-    if (configuredWorkspaceSlug)
-        return toWorkspaceSlug(configuredWorkspaceSlug);
-    return toWorkspaceSlug(path.basename(path.resolve(worktree)));
-};
-export const resolveConfig = async (worktree) => {
-    const backendOrigin = await resolveBackendOrigin(worktree);
-    return {
-        backendOrigin,
-        graphqlUrl: `${backendOrigin}/graphql`,
-        authSessionUrl: `${backendOrigin}/api/opencode-plugin/auth/session`,
-        presenceUrl: `${backendOrigin}/api/opencode-plugin/presence`,
-        actionsUrl: `${backendOrigin}/api/opencode-plugin/actions`,
-        fallbackWorkspaceSlug: resolveFallbackWorkspaceSlug(worktree),
-        rootSkillSeedPath: ROOT_SKILL_SEED_PATH,
-        authStatePath: AUTH_STATE_PATH,
-    };
-};
-const normalizeAbsolutePath = (value) => path.resolve(value);
-const normalizeRepositoryPath = (worktree, directory) => {
-    const absoluteWorktree = normalizeAbsolutePath(worktree);
-    const absoluteDirectory = normalizeAbsolutePath(directory);
-    const relativePath = path.relative(absoluteWorktree, absoluteDirectory);
-    if (!relativePath || relativePath === '')
-        return '.';
-    if (relativePath.startsWith('..') || path.isAbsolute(relativePath))
-        return '.';
-    return relativePath.split(path.sep).join('/');
-};
-const tryExecGit = async (args) => {
-    try {
-        const { stdout } = await execFileAsync('git', args, {
-            encoding: 'utf8',
-        });
-        const normalizedOutput = stdout.trim();
-        if (normalizedOutput)
-            return normalizedOutput;
-        return null;
-    }
-    catch {
-        return null;
-    }
-};
-const resolveGitRoot = async (directory) => {
-    const gitRoot = await tryExecGit(['-C', directory, 'rev-parse', '--show-toplevel']);
-    if (!gitRoot)
-        return null;
-    return normalizeAbsolutePath(gitRoot);
-};
-const normalizeGitRemoteUrl = (remoteUrl) => {
-    if (!remoteUrl)
-        return null;
-    const trimmedRemoteUrl = remoteUrl.trim();
-    if (!trimmedRemoteUrl)
-        return null;
-    const scpLikeMatch = /^git@([^:]+):(.+)$/u.exec(trimmedRemoteUrl);
-    if (scpLikeMatch) {
-        return `ssh://git@${scpLikeMatch[1]}/${scpLikeMatch[2].replace(/^\/+/, '')}`;
-    }
-    try {
-        const parsedUrl = new URL(trimmedRemoteUrl);
-        return parsedUrl.toString().replace(/\/+$/u, '');
-    }
-    catch {
-        return null;
-    }
-};
-const resolveGitRemoteOriginUrl = async (repositoryRoot) => {
-    const remoteUrl = await tryExecGit(['-C', repositoryRoot, 'remote', 'get-url', 'origin']);
-    return normalizeGitRemoteUrl(remoteUrl);
-};
-const resolveWorkspace = async ({ config, directory, }) => {
-    const requestedDirectory = normalizeAbsolutePath(directory);
-    const gitRoot = await resolveGitRoot(requestedDirectory);
-    const repositoryRoot = gitRoot ?? requestedDirectory;
-    const repositoryUrl = gitRoot ? await resolveGitRemoteOriginUrl(gitRoot) : null;
-    const fallbackWorkspaceSlug = config.fallbackWorkspaceSlug;
-    const directoryPath = normalizeRepositoryPath(repositoryRoot, requestedDirectory);
-    const workspaceIdentity = `workspaceSlug:${fallbackWorkspaceSlug}`;
-    return {
-        requestedDirectory,
-        repositoryRoot,
-        repositoryUrl,
-        fallbackWorkspaceSlug,
-        directoryPath,
-        cacheKey: JSON.stringify([workspaceIdentity, directoryPath]),
-    };
-};
-const toDeliveryInput = (resolution) => {
-    if (resolution.fallbackWorkspaceSlug) {
-        return {
-            workspaceSlug: resolution.fallbackWorkspaceSlug,
-            directoryPath: resolution.directoryPath,
-        };
-    }
-    if (resolution.repositoryUrl) {
-        return {
-            repositoryUrl: resolution.repositoryUrl,
-            directoryPath: resolution.directoryPath,
-        };
-    }
-    return {
-        workspaceSlug: 'workspace',
-        directoryPath: resolution.directoryPath,
-    };
-};
-const formatSkillLabel = (item) => {
-    const artifactName = item.publishedArtifact.frontmatterName.trim();
-    if (artifactName.length > 0)
-        return artifactName;
-    return item.skill.name;
-};
-const toFrontmatterString = (value) => JSON.stringify(value);
-const readJsonFile = async (filePath) => {
-    try {
-        const raw = await fs.readFile(filePath, 'utf8');
-        const parsed = JSON.parse(raw);
-        return parsed;
-    }
-    catch {
-        return null;
-    }
-};
-const writeJsonFile = async (filePath, value) => {
-    await fs.mkdir(path.dirname(filePath), { recursive: true });
-    await fs.writeFile(filePath, `${JSON.stringify(value, null, 2)}\n`, 'utf8');
-};
-const deleteFileIfExists = async (filePath) => {
-    await fs.rm(filePath, { force: true });
-};
-const isRecord = (value) => {
-    return typeof value === 'object' && value !== null && !Array.isArray(value);
-};
-const isValidIsoDateString = (value) => {
-    return typeof value === 'string' && Number.isFinite(Date.parse(value));
-};
-const isAuthState = (value) => {
-    if (!isRecord(value))
-        return false;
-    return (value.pluginId === PLUGIN_ID &&
-        typeof value.sessionToken === 'string' &&
-        isValidIsoDateString(value.expiresAt) &&
-        isValidIsoDateString(value.authenticatedAt) &&
-        typeof value.userId === 'string' &&
-        typeof value.email === 'string');
-};
-const readAuthState = async (authStateFile) => {
-    const storedAuthState = await readJsonFile(authStateFile);
-    if (storedAuthState === null)
-        return null;
-    if (isAuthState(storedAuthState))
-        return storedAuthState;
-    await deleteFileIfExists(authStateFile);
-    return null;
-};
-const writeAuthState = async (authStateFile, authState) => {
-    await writeJsonFile(authStateFile, authState);
-};
-const toAuthState = (session) => ({
-    pluginId: PLUGIN_ID,
-    sessionToken: session.jwtToken,
-    expiresAt: session.expiresAt,
-    authenticatedAt: new Date().toISOString(),
-    userId: session.user.id,
-    email: session.user.email,
-});
-const resolveStoredAuthState = async (worktree, config) => {
-    const authStateFile = path.resolve(worktree, config.authStatePath);
-    const authState = await readAuthState(authStateFile);
-    if (!authState) {
-        return null;
-    }
-    if (Date.parse(authState.expiresAt) > Date.now()) {
-        return authState;
-    }
-    await deleteFileIfExists(authStateFile);
-    return null;
-};
-export const buildSkillMarkdown = (item) => {
-    const artifactBody = item.publishedArtifact.markdownBody.trim();
-    const fallbackBody = item.publishedArtifact.renderedContent.trim();
-    const body = artifactBody || fallbackBody;
-    if (body.startsWith('---')) {
-        return body.endsWith('\n') ? body : `${body}\n`;
-    }
-    const name = formatSkillLabel(item);
-    const description = item.publishedArtifact.frontmatterDescription.trim() || item.skill.summary?.trim() || '';
-    const frontmatter = ['---', `name: ${toFrontmatterString(name)}`, `description: ${toFrontmatterString(description)}`, '---'].join('\n');
-    if (!body) {
-        return `${frontmatter}\n`;
-    }
-    return `${frontmatter}\n\n${body.endsWith('\n') ? body : `${body}\n`}`;
-};
-const getSkillIdentifiers = (item) => {
-    const candidates = [item.skill.slug, item.publishedArtifact.frontmatterName, item.skill.name];
-    const seen = new Set();
-    return candidates.reduce((all, candidate) => {
-        const normalized = candidate.trim();
-        if (!normalized)
-            return all;
-        const cacheKey = normalized.toLowerCase();
-        if (seen.has(cacheKey))
-            return all;
-        seen.add(cacheKey);
-        all.push(normalized);
-        return all;
-    }, []);
-};
-const toPublishedSkillFacetSummary = (facet) => ({
-    slug: facet.slug,
-    label: facet.label,
-    description: facet.description ?? null,
-});
-const toPublishedSkillTagSummary = (tag) => ({
-    slug: tag.slug,
-    label: tag.label,
-    description: tag.description ?? null,
-    facet: tag.facet ? toPublishedSkillFacetSummary(tag.facet) : null,
-});
-const getPublishedSkillFacets = (items) => {
-    const facetsBySlug = new Map();
-    for (const item of items) {
-        for (const tag of item.skill.tags) {
-            if (!tag.facet)
-                continue;
-            if (facetsBySlug.has(tag.facet.slug))
-                continue;
-            facetsBySlug.set(tag.facet.slug, toPublishedSkillFacetSummary(tag.facet));
-        }
-    }
-    return [...facetsBySlug.values()].sort((left, right) => left.slug.localeCompare(right.slug));
-};
-const toPublishedSkillSummary = (item) => ({
-    skillSlug: item.skill.slug,
-    skillName: item.skill.name,
-    artifactName: item.publishedArtifact.frontmatterName,
-    artifactDescription: item.publishedArtifact.frontmatterDescription,
-    version: item.skillVersion.version,
-    assignmentSource: item.assignmentSource,
-    assignmentType: item.assignmentType,
-    scopePath: item.scopePath,
-    includeChildren: item.includeChildren ?? null,
-    checksum: item.publishedArtifact.checksum,
-    publishedAt: item.publishedArtifact.publishedAt,
-    identifiers: getSkillIdentifiers(item),
-    tags: item.skill.tags.map(toPublishedSkillTagSummary),
-});
-export const toPublishedSkillDetail = (item) => ({
-    ...toPublishedSkillSummary(item),
-    skillId: item.skill.id,
-    skillVersionId: item.skillVersion.id,
-    artifactId: item.publishedArtifact.id,
-    markdownDocument: buildSkillMarkdown(item),
-    markdownBody: item.publishedArtifact.markdownBody,
-    renderedContent: item.publishedArtifact.renderedContent,
-});
-export const toPublishedSkillCatalog = (payload) => ({
-    pluginId: PLUGIN_ID,
-    runtimeMode: 'tool_fetch_only',
-    workspace: payload.workspace,
-    directoryPath: payload.directoryPath,
-    rootSkillSeedPath: ROOT_SKILL_SEED_PATH,
-    availableTools: AVAILABLE_PUBLISHED_SKILL_TOOLS,
-    publishedSkillCount: payload.skills.length,
-    facets: getPublishedSkillFacets(payload.skills),
-    skills: payload.skills.map(toPublishedSkillSummary),
-});
-const normalizeSkillIdentifier = (value) => value.trim().toLowerCase();
-const parseSkillIdentifiers = (value) => {
-    const seen = new Set();
-    return value
-        .split(/[\n,]/)
-        .map((item) => item.trim())
-        .filter((item) => item.length > 0)
-        .filter((item) => {
-        const normalized = normalizeSkillIdentifier(item);
-        if (seen.has(normalized))
-            return false;
-        seen.add(normalized);
-        return true;
-    });
-};
-const mergeSkillIdentifiers = (values) => {
-    const seen = new Set();
-    return values.filter((value) => {
-        const normalized = normalizeSkillIdentifier(value);
-        if (!normalized || seen.has(normalized))
-            return false;
-        seen.add(normalized);
-        return true;
-    });
-};
-const parseRequestedSkillArgs = (args) => {
-    const requestedSkills = [];
-    if (typeof args.skill === 'string') {
-        const normalizedSkill = args.skill.trim();
-        if (normalizedSkill)
-            requestedSkills.push(normalizedSkill);
-    }
-    if (typeof args.skills === 'string') {
-        requestedSkills.push(...parseSkillIdentifiers(args.skills));
-    }
-    return mergeSkillIdentifiers(requestedSkills);
-};
-export const selectPublishedSkills = (payload, identifiers) => {
-    const itemsByIdentifier = new Map();
-    for (const item of payload.skills) {
-        for (const identifier of getSkillIdentifiers(item)) {
-            itemsByIdentifier.set(normalizeSkillIdentifier(identifier), item);
-        }
-    }
-    const selectedItems = [];
-    const selectedKeys = new Set();
-    const missingIdentifiers = [];
-    for (const identifier of identifiers) {
-        const matched = itemsByIdentifier.get(normalizeSkillIdentifier(identifier));
-        if (!matched) {
-            missingIdentifiers.push(identifier);
-            continue;
-        }
-        if (selectedKeys.has(matched.publishedArtifact.id)) {
-            continue;
-        }
-        selectedKeys.add(matched.publishedArtifact.id);
-        selectedItems.push(matched);
-    }
-    return {
-        selectedItems,
-        missingIdentifiers,
-    };
-};
-const buildSystemNote = (result, config) => {
-    if (!result.fetchResult.ok)
-        return null;
-    const skillNames = result.fetchResult.payload.skills.map(formatSkillLabel);
-    const renderedSkillNames = skillNames.length > 0 ? skillNames.slice(0, 8).join(', ') : 'none';
-    const remainingCount = Math.max(skillNames.length - 8, 0);
-    const renderedCountSuffix = remainingCount > 0 ? ` (+${remainingCount} more)` : '';
-    return [
-        `opencode-wizard published skills are available from backend runtime delivery for workspace ${result.fetchResult.payload.workspace.slug}.`,
-        `Current directory: ${result.directoryPath}.`,
-        `Published skills for this scope: ${renderedSkillNames}${renderedCountSuffix}.`,
-        'Use opencode_wizard_published_skills_fetch for one or multiple skills.',
-        `Root source seed path remains non-runtime input only: ${config.rootSkillSeedPath}/**.`,
-    ].join(' ');
-};
-const toWorkspaceResolutionOutput = (resolution) => ({
-    requestedDirectory: resolution.requestedDirectory,
-    repositoryRoot: resolution.repositoryRoot,
-    repositoryUrl: resolution.repositoryUrl,
-    fallbackWorkspaceSlug: resolution.fallbackWorkspaceSlug,
-    directoryPath: resolution.directoryPath,
-});
-const toWorkspaceResolutionMetadata = (resolution) => ({
-    directoryPath: resolution.directoryPath,
-    repositoryRoot: resolution.repositoryRoot,
-    repositoryUrl: resolution.repositoryUrl ?? '',
-    fallbackWorkspaceSlug: resolution.fallbackWorkspaceSlug ?? '',
-});
-const formatStatusOutput = async (worktree, config, publishedSkillsResult, loginBootstrapSnapshot) => {
-    const authState = await resolveStoredAuthState(worktree, config);
-    const base = {
-        pluginId: PLUGIN_ID,
-        runtimeMode: 'tool_fetch_only',
-        backendOrigin: config.backendOrigin,
-        graphqlUrl: config.graphqlUrl,
-        fallbackWorkspaceSlug: config.fallbackWorkspaceSlug,
-        workspaceResolution: toWorkspaceResolutionOutput(publishedSkillsResult.workspaceResolution),
-        rootSkillSeedPath: config.rootSkillSeedPath,
-        authStatePath: config.authStatePath,
-        requestedDirectoryPath: publishedSkillsResult.directoryPath,
-        authMode: publishedSkillsResult.fetchResult.authMode,
-        authState: authState === null
-            ? null
-            : {
-                email: authState.email,
-                userId: authState.userId,
-                authenticatedAt: authState.authenticatedAt,
-                expiresAt: authState.expiresAt,
-            },
-        loginBootstrap: loginBootstrapSnapshot.status === 'idle'
-            ? null
-            : {
-                status: loginBootstrapSnapshot.status,
-                trigger: loginBootstrapSnapshot.trigger,
-                startedAt: loginBootstrapSnapshot.startedAt,
-                expiresAt: loginBootstrapSnapshot.expiresAt,
-                browserUrl: loginBootstrapSnapshot.browserUrl,
-                browserOpenError: loginBootstrapSnapshot.browserOpenError,
-                email: loginBootstrapSnapshot.email,
-                message: loginBootstrapSnapshot.message,
-            },
-        status: publishedSkillsResult.fetchResult.status,
-        fetchedAt: publishedSkillsResult.fetchResult.fetchedAt,
-        source: publishedSkillsResult.fetchResult.source,
-        availableTools: AVAILABLE_PUBLISHED_SKILL_TOOLS,
-    };
-    if (!publishedSkillsResult.fetchResult.ok) {
-        return JSON.stringify({
-            ...base,
-            message: publishedSkillsResult.fetchResult.message,
-        }, null, 2);
-    }
-    return JSON.stringify({
-        ...base,
-        ...toPublishedSkillCatalog(publishedSkillsResult.fetchResult.payload),
-    }, null, 2);
-};
-const isUnauthorizedGraphQlMessage = (message) => {
-    const normalizedMessage = message.toLowerCase();
-    return normalizedMessage.includes('not authorized') || normalizedMessage.includes('unauthorized');
-};
-const createRandomBase64Url = (bytes) => {
-    return crypto.randomBytes(bytes).toString('base64url');
-};
-const createCodeChallenge = (codeVerifier) => {
-    return crypto.createHash('sha256').update(codeVerifier).digest('base64url');
-};
-const getMessageFromUnknownPayload = (value) => {
-    if (!value || typeof value !== 'object')
-        return null;
-    const candidate = 'message' in value ? value.message : null;
-    return typeof candidate === 'string' ? candidate : null;
-};
-const wait = async (milliseconds) => {
-    await new Promise((resolve) => {
-        setTimeout(resolve, milliseconds);
-    });
-};
-const shouldRetryPresenceEvent = (status) => {
-    return status === 408 || status === 429 || status >= 500;
-};
-const fetchOidcDiscoveryDocument = async (signal) => {
-    const discoveryUrl = `${OIDC_ISSUER.replace(/\/+$/, '')}/.well-known/openid-configuration`;
-    const response = await fetch(discoveryUrl, {
-        method: 'GET',
-        signal,
-    });
-    if (!response.ok) {
-        throw new Error(`OIDC discovery failed with HTTP ${response.status}.`);
-    }
-    return (await response.json());
-};
-const sendHtmlResponse = (response, statusCode, title, message) => {
-    response.writeHead(statusCode, {
-        'content-type': 'text/html; charset=utf-8',
-        'cache-control': 'no-store',
-    });
-    response.end(`<!doctype html><html><head><meta charset="utf-8"><title>${title}</title></head><body><h1>${title}</h1><p>${message}</p><p>You can close this window and return to OpenCode.</p></body></html>`);
-};
-const startLocalCallbackServer = async ({ expectedState, signal, }) => {
-    let settled = false;
-    let resolvePayload = () => undefined;
-    let rejectPayload = () => undefined;
-    const callbackPromise = new Promise((resolve, reject) => {
-        resolvePayload = resolve;
-        rejectPayload = reject;
-    });
-    const finalize = (payload) => {
-        if (settled)
-            return;
-        settled = true;
-        resolvePayload(payload);
-    };
-    const fail = (reason) => {
-        if (settled)
-            return;
-        settled = true;
-        rejectPayload(reason);
-    };
-    const server = http.createServer((request, response) => {
-        const requestUrl = new URL(request.url ?? '/', OIDC_CALLBACK_ORIGIN);
-        if (requestUrl.pathname !== OIDC_CALLBACK_PATH) {
-            sendHtmlResponse(response, 404, 'opencode-wizard plugin login', 'Unknown callback path.');
-            return;
-        }
-        const error = requestUrl.searchParams.get('error');
-        const errorDescription = requestUrl.searchParams.get('error_description');
-        if (error) {
-            const message = errorDescription ?? error;
-            sendHtmlResponse(response, 400, 'opencode-wizard plugin login failed', message);
-            finalize({
-                status: 'error',
-                message,
-            });
-            return;
-        }
-        const state = requestUrl.searchParams.get('state');
-        const code = requestUrl.searchParams.get('code');
-        if (!state || state !== expectedState) {
-            sendHtmlResponse(response, 400, 'opencode-wizard plugin login failed', 'OAuth state did not match the login request.');
-            finalize({
-                status: 'error',
-                message: 'OAuth state did not match the login request.',
-            });
-            return;
-        }
-        if (!code) {
-            sendHtmlResponse(response, 400, 'opencode-wizard plugin login failed', 'OAuth callback did not include an authorization code.');
-            finalize({
-                status: 'error',
-                message: 'OAuth callback did not include an authorization code.',
-            });
-            return;
-        }
-        sendHtmlResponse(response, 200, 'opencode-wizard plugin callback received', 'Callback received. OpenCode is finalizing the backend session now.');
-        finalize({
-            status: 'success',
-            code,
-            state,
-        });
-    });
-    server.on('error', (error) => {
-        fail(error instanceof Error ? error : new Error('Failed to start local OAuth callback server.'));
-    });
-    const close = async () => {
-        await new Promise((resolve, reject) => {
-            server.close((error) => {
-                if (error) {
-                    reject(error);
-                    return;
-                }
-                resolve();
-            });
-        });
-    };
-    await new Promise((resolve, reject) => {
-        server.listen(24953, 'localhost', () => resolve());
-        server.once('error', reject);
-    });
-    signal.addEventListener('abort', () => {
-        fail(signal.reason instanceof Error ? signal.reason : new Error('OAuth login aborted.'));
-        void close().catch(() => undefined);
-    }, { once: true });
-    return {
-        callbackPromise,
-        close,
-    };
-};
-const fetchPublishedSkillsGraphQl = async ({ worktree, config, query, variables, signal, onAuthStateChanged, }) => {
-    const authState = await resolveStoredAuthState(worktree, config);
-    const fetchedAt = new Date().toISOString();
-    if (!authState) {
-        return {
-            ok: false,
-            result: {
-                ok: false,
-                status: 'missing_auth',
-                authMode: 'missing',
-                message: 'No plugin session is stored. Interactive opencode_wizard_published_skills_fetch can bootstrap browser login automatically when needed.',
-                fetchedAt,
-                source: 'network',
-            },
-        };
-    }
-    let response;
-    try {
-        response = await fetch(config.graphqlUrl, {
-            method: 'POST',
-            headers: {
-                'content-type': 'application/json',
-                authorization: `Bearer ${authState.sessionToken}`,
-            },
-            body: JSON.stringify({
-                query,
-                variables,
-            }),
-            signal,
-        });
-    }
-    catch (error) {
-        return {
-            ok: false,
-            result: {
-                ok: false,
-                status: 'request_failed',
-                authMode: 'session',
-                message: error instanceof Error ? error.message : 'Unknown fetch error',
-                fetchedAt,
-                source: 'network',
-            },
-        };
-    }
-    if (response.status === 401 || response.status === 403) {
-        await deleteFileIfExists(path.resolve(worktree, config.authStatePath));
-        onAuthStateChanged?.();
-        return {
-            ok: false,
-            result: {
-                ok: false,
-                status: 'missing_auth',
-                authMode: 'session',
-                message: 'Stored plugin session was rejected by the backend. Retry opencode_wizard_published_skills_fetch to bootstrap a fresh browser login automatically.',
-                fetchedAt,
-                source: 'network',
-            },
-        };
-    }
-    if (!response.ok) {
-        return {
-            ok: false,
-            result: {
-                ok: false,
-                status: 'request_failed',
-                authMode: 'session',
-                message: `GraphQL request failed with HTTP ${response.status}.`,
-                fetchedAt,
-                source: 'network',
-            },
-        };
-    }
-    let body;
-    try {
-        body = (await response.json());
-    }
-    catch (error) {
-        return {
-            ok: false,
-            result: {
-                ok: false,
-                status: 'request_failed',
-                authMode: 'session',
-                message: `GraphQL response was not valid JSON: ${error instanceof Error ? error.message : 'Unknown parse error'}`,
-                fetchedAt,
-                source: 'network',
-            },
-        };
-    }
-    if (body.errors?.length) {
-        const message = body.errors.map((error) => error.message).join('; ');
-        if (body.errors.some((error) => isUnauthorizedGraphQlMessage(error.message))) {
-            await deleteFileIfExists(path.resolve(worktree, config.authStatePath));
-            onAuthStateChanged?.();
-            return {
-                ok: false,
-                result: {
-                    ok: false,
-                    status: 'missing_auth',
-                    authMode: 'session',
-                    message: 'Stored plugin session is no longer valid. Retry opencode_wizard_published_skills_fetch to bootstrap a fresh browser login automatically.',
-                    fetchedAt,
-                    source: 'network',
-                },
-            };
-        }
-        return {
-            ok: false,
-            result: {
-                ok: false,
-                status: 'request_failed',
-                authMode: 'session',
-                message,
-                fetchedAt,
-                source: 'network',
-            },
-        };
-    }
-    if (!body.data) {
-        return {
-            ok: false,
-            result: {
-                ok: false,
-                status: 'request_failed',
-                authMode: 'session',
-                message: 'GraphQL response did not include data.',
-                fetchedAt,
-                source: 'network',
-            },
-        };
-    }
-    return {
-        ok: true,
-        data: body.data,
-        fetchedAt,
-    };
-};
-const fetchPublishedSkillsCatalog = async (worktree, config, resolution, signal, onAuthStateChanged) => {
-    const response = await fetchPublishedSkillsGraphQl({
-        worktree,
-        config,
-        query: PUBLISHED_SKILLS_CATALOG_QUERY,
-        variables: {
-            input: toDeliveryInput(resolution),
-        },
-        signal,
-        onAuthStateChanged,
-    });
-    if (!response.ok) {
-        return response.result;
-    }
-    const payload = response.data.pluginPublishedSkills;
-    if (!payload) {
-        return {
-            ok: false,
-            status: 'request_failed',
-            authMode: 'session',
-            message: 'GraphQL response did not include pluginPublishedSkills.',
-            fetchedAt: response.fetchedAt,
-            source: 'network',
-        };
-    }
-    return {
-        ok: true,
-        status: 'ready',
-        authMode: 'session',
-        payload,
-        fetchedAt: response.fetchedAt,
-        source: 'network',
-    };
-};
-const fetchPublishedSkillDetail = async ({ worktree, config, resolution, skillVersionId, signal, onAuthStateChanged, }) => {
-    const response = await fetchPublishedSkillsGraphQl({
-        worktree,
-        config,
-        query: PUBLISHED_SKILL_DETAIL_QUERY,
-        variables: {
-            input: {
-                ...toDeliveryInput(resolution),
-                skillVersionId,
-            },
-        },
-        signal,
-        onAuthStateChanged,
-    });
-    if (!response.ok) {
-        return response;
-    }
-    const artifact = response.data.pluginPublishedSkillVersionArtifact;
-    if (!artifact) {
-        return {
-            ok: false,
-            result: {
-                ok: false,
-                status: 'not_found',
-                authMode: 'session',
-                message: 'Published skill detail is not effective for the current scope.',
-                fetchedAt: response.fetchedAt,
-                source: 'network',
-            },
-        };
-    }
-    return {
-        ok: true,
-        artifact,
-    };
-};
-const toFetchFailureOutput = async ({ worktree, config, publishedSkillsResult, loginBootstrapSnapshot, }) => ({
-    output: await formatStatusOutput(worktree, config, publishedSkillsResult, loginBootstrapSnapshot),
-    metadata: {
-        status: publishedSkillsResult.fetchResult.status,
-        ...toWorkspaceResolutionMetadata(publishedSkillsResult.workspaceResolution),
-        source: publishedSkillsResult.fetchResult.source,
-    },
-});
-const startLoginFlow = async (signal) => {
-    const discovery = await fetchOidcDiscoveryDocument(signal);
-    const codeVerifier = createRandomBase64Url(64);
-    const expectedState = createRandomBase64Url(32);
-    const codeChallenge = createCodeChallenge(codeVerifier);
-    const expiresAt = new Date(Date.now() + LOGIN_TIMEOUT_MS).toISOString();
-    const { callbackPromise, close } = await startLocalCallbackServer({
-        expectedState,
-        signal,
-    });
-    const browserUrl = new URL(discovery.authorization_endpoint);
-    browserUrl.searchParams.set('client_id', OIDC_CLIENT_ID);
-    browserUrl.searchParams.set('response_type', 'code');
-    browserUrl.searchParams.set('redirect_uri', OIDC_CALLBACK_URL);
-    browserUrl.searchParams.set('response_mode', 'query');
-    browserUrl.searchParams.set('scope', OIDC_SCOPES.join(' '));
-    browserUrl.searchParams.set('code_challenge', codeChallenge);
-    browserUrl.searchParams.set('code_challenge_method', 'S256');
-    browserUrl.searchParams.set('state', expectedState);
-    return {
-        browserUrl: browserUrl.toString(),
-        expiresAt,
-        codeVerifier,
-        expectedState,
-        callbackPromise,
-        closeCallbackServer: close,
-    };
-};
-const createPluginSession = async ({ code, codeVerifier, redirectUri, config, signal, }) => {
-    const response = await fetch(config.authSessionUrl, {
-        method: 'POST',
-        headers: {
-            'content-type': 'application/json',
-        },
-        body: JSON.stringify({
-            code,
-            codeVerifier,
-            redirectUri,
-        }),
-        signal,
-    });
-    const payload = (await response.json().catch(() => null));
-    if (!response.ok) {
-        throw new Error(getMessageFromUnknownPayload(payload) ?? `Plugin session exchange failed with HTTP ${response.status}.`);
-    }
-    if (!payload || !('success' in payload) || payload.success !== true) {
-        throw new Error('Plugin session exchange returned an unexpected payload.');
-    }
-    return payload.session;
-};
-const emitPresenceEvent = async ({ config, authState, event, workspacePath, }) => {
-    for (let attempt = 1; attempt <= PRESENCE_EVENT_MAX_ATTEMPTS; attempt += 1) {
-        try {
-            const response = await fetch(config.presenceUrl, {
-                method: 'POST',
-                headers: {
-                    'content-type': 'application/json',
-                    authorization: `Bearer ${authState.sessionToken}`,
-                },
-                body: JSON.stringify({
-                    event,
-                    occurredAt: new Date().toISOString(),
-                    workspacePath,
-                }),
-                keepalive: event === 'STOP',
-                signal: AbortSignal.timeout(PRESENCE_EVENT_TIMEOUT_MS),
-            });
-            if (response.ok)
-                return;
-            if (!shouldRetryPresenceEvent(response.status) || attempt === PRESENCE_EVENT_MAX_ATTEMPTS)
-                return;
-        }
-        catch {
-            if (attempt === PRESENCE_EVENT_MAX_ATTEMPTS)
-                return;
-        }
-        await wait(PRESENCE_EVENT_RETRY_DELAY_MS * attempt);
-    }
-};
-const emitPluginActionEvent = async ({ config, authState, event, workspacePath, directoryPath, }) => {
-    if (!authState)
-        return;
-    try {
-        await fetch(config.actionsUrl, {
-            method: 'POST',
-            headers: {
-                'content-type': 'application/json',
-                authorization: `Bearer ${authState.sessionToken}`,
-            },
-            body: JSON.stringify({
-                event,
-                occurredAt: new Date().toISOString(),
-                workspacePath,
-                directoryPath,
-            }),
-            keepalive: event === 'STOP',
-            signal: AbortSignal.timeout(PRESENCE_EVENT_TIMEOUT_MS),
-        });
-    }
-    catch {
-        return;
-    }
-};
-const openBrowser = async (url) => {
-    try {
-        if (process.platform === 'darwin') {
-            await execFileAsync('open', [url]);
-            return null;
-        }
-        if (process.platform === 'win32') {
-            await execFileAsync('cmd', ['/c', 'start', '', url]);
-            return null;
-        }
-        await execFileAsync('xdg-open', [url]);
-        return null;
-    }
-    catch (error) {
-        return error instanceof Error ? error.message : 'Failed to open browser automatically';
-    }
-};
-const normalizeDirectoryArg = (contextDirectory, directory) => {
-    return normalizeAbsolutePath(directory ? path.resolve(contextDirectory, directory) : contextDirectory);
-};
-const getDetailCacheKey = (workspaceResolution, skillVersionId) => {
-    return JSON.stringify([workspaceResolution.cacheKey, skillVersionId]);
-};
-const OpencodeWizardSkillsPlugin = async (input) => {
-    const config = await resolveConfig(input.worktree);
-    const workspacePath = normalizeAbsolutePath(input.worktree);
-    const cache = new Map();
-    const catalogInflight = new Map();
-    const detailCache = new Map();
-    const detailInflight = new Map();
-    const authStateFile = path.resolve(input.worktree, config.authStatePath);
-    const initialAuthState = await resolveStoredAuthState(input.worktree, config);
-    const loginBootstrap = {
-        promise: null,
-        snapshot: createIdleLoginBootstrapSnapshot(),
-    };
-    let lastAuthenticatedAuthState = initialAuthState;
-    let didEmitStart = false;
-    let didScheduleStop = false;
-    let presenceStartPromise = null;
-    let presenceStopPromise = null;
-    let lastInteractiveDirectoryPath = null;
-    const resolveActionAuthState = async () => {
-        const storedAuthState = await resolveStoredAuthState(input.worktree, config);
-        if (storedAuthState)
-            return storedAuthState;
-        return lastAuthenticatedAuthState;
-    };
-    const emitActionEventForCurrentSession = async ({ event, authState, directoryPath, }) => {
-        await emitPluginActionEvent({
-            config,
-            authState: authState ?? (await resolveActionAuthState()),
-            event,
-            workspacePath,
-            directoryPath,
-        });
-    };
-    const schedulePresenceStart = (authState) => {
-        lastAuthenticatedAuthState = authState;
-        if (didEmitStart) {
-            return presenceStartPromise ?? Promise.resolve();
-        }
-        didEmitStart = true;
-        presenceStartPromise = Promise.all([
-            emitPresenceEvent({
-                config,
-                authState,
-                event: 'START',
-                workspacePath,
-            }),
-            emitActionEventForCurrentSession({
-                event: 'START',
-                authState,
-                directoryPath: lastInteractiveDirectoryPath ?? undefined,
-            }),
-        ]).then(() => undefined);
-        return presenceStartPromise;
-    };
-    const schedulePresenceStop = () => {
-        if (didScheduleStop) {
-            return presenceStopPromise ?? Promise.resolve();
-        }
-        didScheduleStop = true;
-        if (!didEmitStart || !lastAuthenticatedAuthState) {
-            presenceStopPromise = Promise.resolve();
-            return presenceStopPromise;
-        }
-        presenceStopPromise = (async () => {
-            await presenceStartPromise?.catch(() => undefined);
-            await Promise.all([
-                emitPresenceEvent({
-                    config,
-                    authState: lastAuthenticatedAuthState,
-                    event: 'STOP',
-                    workspacePath,
-                }),
-                emitActionEventForCurrentSession({
-                    event: 'STOP',
-                    authState: lastAuthenticatedAuthState,
-                    directoryPath: lastInteractiveDirectoryPath ?? undefined,
-                }),
-            ]);
-        })();
-        return presenceStopPromise;
-    };
-    const scheduleInteractivePresenceStart = async () => {
-        const authState = await resolveStoredAuthState(input.worktree, config);
-        if (!authState)
-            return;
-        await schedulePresenceStart(authState);
-    };
-    process.once('beforeExit', () => {
-        void schedulePresenceStop();
-    });
-    for (const shutdownSignal of PRESENCE_SHUTDOWN_SIGNALS) {
-        try {
-            process.once(shutdownSignal, () => {
-                void schedulePresenceStop().finally(() => {
-                    process.exit(PRESENCE_SIGNAL_EXIT_CODES[shutdownSignal]);
-                });
-            });
-        }
-        catch {
-            continue;
-        }
-    }
-    const clearPublishedSkillState = () => {
-        cache.clear();
-        catalogInflight.clear();
-        detailCache.clear();
-        detailInflight.clear();
-    };
-    const persistAuthState = async (session) => {
-        const authState = toAuthState(session);
-        await writeAuthState(authStateFile, authState);
-        clearPublishedSkillState();
-        return authState;
-    };
-    const startLoginCompletion = (trigger) => {
-        if (loginBootstrap.promise) {
-            return loginBootstrap.promise;
-        }
-        const startedAt = new Date().toISOString();
-        loginBootstrap.snapshot = {
-            status: 'starting',
-            trigger,
-            startedAt,
-            expiresAt: null,
-            browserUrl: null,
-            browserOpenError: null,
-            email: null,
-            message: null,
-        };
-        const loginPromise = (async () => {
-            const loginSignal = AbortSignal.timeout(LOGIN_TIMEOUT_MS);
-            const loginStart = await startLoginFlow(loginSignal);
-            const browserOpenError = await openBrowser(loginStart.browserUrl);
-            loginBootstrap.snapshot = {
-                status: 'pending',
-                trigger,
-                startedAt,
-                expiresAt: loginStart.expiresAt,
-                browserUrl: loginStart.browserUrl,
-                browserOpenError,
-                email: null,
-                message: browserOpenError ? `Automatic browser open failed. Open ${loginStart.browserUrl} manually.` : 'Browser login started for published skill fetch.',
-            };
-            try {
-                const callbackPayload = await loginStart.callbackPromise;
-                if (callbackPayload.status === 'error') {
-                    throw new Error(callbackPayload.message);
-                }
-                if (callbackPayload.state !== loginStart.expectedState) {
-                    throw new Error('OAuth callback state did not match the original login request.');
-                }
-                loginBootstrap.snapshot = {
-                    status: 'pending',
-                    trigger,
-                    startedAt,
-                    expiresAt: loginStart.expiresAt,
-                    browserUrl: loginStart.browserUrl,
-                    browserOpenError,
-                    email: null,
-                    message: 'OAuth callback received. Finalizing backend session exchange.',
-                };
-                const pluginSession = await createPluginSession({
-                    code: callbackPayload.code,
-                    codeVerifier: loginStart.codeVerifier,
-                    redirectUri: OIDC_CALLBACK_URL,
-                    config,
-                    signal: loginSignal,
-                });
-                const authState = await persistAuthState(pluginSession);
-                await emitActionEventForCurrentSession({
-                    event: 'LOGIN_SUCCESS',
-                    authState,
-                    directoryPath: lastInteractiveDirectoryPath ?? undefined,
-                });
-                loginBootstrap.snapshot = {
-                    status: 'authenticated',
-                    trigger,
-                    startedAt,
-                    expiresAt: authState.expiresAt,
-                    browserUrl: loginStart.browserUrl,
-                    browserOpenError,
-                    email: authState.email,
-                    message: 'Browser login completed successfully for published skill fetch.',
-                };
-                return authState;
-            }
-            catch (error) {
-                await emitActionEventForCurrentSession({
-                    event: 'LOGIN_FAILED',
-                    directoryPath: lastInteractiveDirectoryPath ?? undefined,
-                });
-                loginBootstrap.snapshot = {
-                    status: 'failed',
-                    trigger,
-                    startedAt,
-                    expiresAt: loginBootstrap.snapshot.expiresAt,
-                    browserUrl: loginBootstrap.snapshot.browserUrl,
-                    browserOpenError: loginBootstrap.snapshot.browserOpenError,
-                    email: null,
-                    message: error instanceof Error ? error.message : 'Browser login failed.',
-                };
-                throw error;
-            }
-            finally {
-                await loginStart.closeCallbackServer().catch(() => undefined);
-                loginBootstrap.promise = null;
-            }
-        })();
-        loginBootstrap.promise = loginPromise;
-        return loginPromise;
-    };
-    const loadPublishedSkillCatalog = async ({ directory, useCache, signal, }) => {
-        const workspaceResolution = await resolveWorkspace({
-            config,
-            directory,
-        });
-        const directoryPath = workspaceResolution.directoryPath;
-        const cacheKey = workspaceResolution.cacheKey;
-        const cached = cache.get(cacheKey);
-        if (useCache && cached && cached.expiresAt > Date.now()) {
-            return {
-                directoryPath,
-                workspaceResolution,
-                fetchResult: {
-                    ...cached.result,
-                    source: 'cache',
-                },
-            };
-        }
-        const inflight = catalogInflight.get(cacheKey);
-        if (inflight) {
-            return inflight;
-        }
-        const requestPromise = (async () => {
-            const fetchResult = await fetchPublishedSkillsCatalog(input.worktree, config, workspaceResolution, signal, clearPublishedSkillState);
-            cache.set(cacheKey, {
-                result: fetchResult,
-                expiresAt: Date.now() + CACHE_TTL_MS,
-            });
-            return {
-                directoryPath,
-                workspaceResolution,
-                fetchResult,
-            };
-        })();
-        catalogInflight.set(cacheKey, requestPromise);
-        try {
-            return await requestPromise;
-        }
-        finally {
-            catalogInflight.delete(cacheKey);
-        }
-    };
-    const loadPublishedSkillDetail = async ({ workspaceResolution, item, signal, useCache, }) => {
-        const directoryPath = workspaceResolution.directoryPath;
-        const cacheKey = getDetailCacheKey(workspaceResolution, item.skillVersion.id);
-        const cached = detailCache.get(cacheKey);
-        if (useCache && cached && cached.expiresAt > Date.now()) {
-            return {
-                ok: true,
-                detail: toPublishedSkillDetail({
-                    ...item,
-                    publishedArtifact: cached.artifact,
-                }),
-            };
-        }
-        const inflight = detailInflight.get(cacheKey);
-        if (inflight) {
-            return inflight;
-        }
-        const requestPromise = (async () => {
-            const detailResult = await fetchPublishedSkillDetail({
-                worktree: input.worktree,
-                config,
-                resolution: workspaceResolution,
-                skillVersionId: item.skillVersion.id,
-                signal,
-                onAuthStateChanged: clearPublishedSkillState,
-            });
-            if (!detailResult.ok) {
-                return {
-                    ok: false,
-                    status: detailResult.result.status,
-                    output: JSON.stringify({
-                        pluginId: PLUGIN_ID,
-                        runtimeMode: 'tool_fetch_only',
-                        status: detailResult.result.status,
-                        requestedDirectoryPath: directoryPath,
-                        workspaceResolution: toWorkspaceResolutionOutput(workspaceResolution),
-                        requestedSkillVersionId: item.skillVersion.id,
-                        message: detailResult.result.message,
-                        fetchedAt: detailResult.result.fetchedAt,
-                        source: detailResult.result.source,
-                    }, null, 2),
-                    metadata: {
-                        status: detailResult.result.status,
-                        ...toWorkspaceResolutionMetadata(workspaceResolution),
-                        source: detailResult.result.source,
-                    },
-                };
-            }
-            detailCache.set(cacheKey, {
-                artifact: detailResult.artifact,
-                expiresAt: Date.now() + CACHE_TTL_MS,
-            });
-            return {
-                ok: true,
-                detail: toPublishedSkillDetail({
-                    ...item,
-                    publishedArtifact: detailResult.artifact,
-                }),
-            };
-        })();
-        detailInflight.set(cacheKey, requestPromise);
-        try {
-            return await requestPromise;
-        }
-        finally {
-            detailInflight.delete(cacheKey);
-        }
-    };
-    const executePublishedSkillsFetchTool = async ({ args, context, }) => {
-        const requestedDirectory = normalizeDirectoryArg(context.directory, args.directory);
-        const requestedSkills = parseRequestedSkillArgs(args);
-        if (requestedSkills.length === 0) {
-            return {
-                output: JSON.stringify({
-                    pluginId: PLUGIN_ID,
-                    runtimeMode: 'tool_fetch_only',
-                    status: 'invalid_request',
-                    message: 'Provide `skill` for one request or `skills` for one or more comma/newline-separated requests. Passive/system context lists the published skills available for the current scope.',
-                }, null, 2),
-                metadata: {
-                    status: 'invalid_request',
-                },
-            };
-        }
-        const fetchActionDirectoryPath = normalizeRepositoryPath(workspacePath, requestedDirectory);
-        lastInteractiveDirectoryPath = fetchActionDirectoryPath;
-        const emitFetchOutcome = async (event) => {
-            await emitActionEventForCurrentSession({
-                event,
-                directoryPath: fetchActionDirectoryPath,
-            });
-        };
-        let publishedSkillsResult = await loadPublishedSkillCatalog({
-            directory: requestedDirectory,
-            useCache: !args.refresh,
-            signal: context.abort,
-        });
-        if (publishedSkillsResult.fetchResult.ok) {
-            await scheduleInteractivePresenceStart();
-        }
-        if (!publishedSkillsResult.fetchResult.ok && publishedSkillsResult.fetchResult.status === 'missing_auth') {
-            try {
-                await startLoginCompletion('fetch').then(async (authState) => {
-                    await schedulePresenceStart(authState);
-                });
-                publishedSkillsResult = await loadPublishedSkillCatalog({
-                    directory: requestedDirectory,
-                    useCache: false,
-                    signal: context.abort,
-                });
-                if (publishedSkillsResult.fetchResult.ok) {
-                    await scheduleInteractivePresenceStart();
-                }
-            }
-            catch {
-                // Return the original fetch failure with the latest login bootstrap snapshot attached.
-            }
-        }
-        if (!publishedSkillsResult.fetchResult.ok) {
-            await emitFetchOutcome('FETCH_FAILED');
-            return toFetchFailureOutput({
-                worktree: input.worktree,
-                config,
-                publishedSkillsResult,
-                loginBootstrapSnapshot: loginBootstrap.snapshot,
-            });
-        }
-        const selection = selectPublishedSkills(publishedSkillsResult.fetchResult.payload, requestedSkills);
-        const isSingleRequest = requestedSkills.length === 1;
-        if (selection.selectedItems.length === 0 && isSingleRequest) {
-            await emitFetchOutcome('FETCH_FAILED');
-            return {
-                output: JSON.stringify({
-                    pluginId: PLUGIN_ID,
-                    runtimeMode: 'tool_fetch_only',
-                    status: 'not_found',
-                    requestedDirectoryPath: publishedSkillsResult.directoryPath,
-                    workspaceResolution: toWorkspaceResolutionOutput(publishedSkillsResult.workspaceResolution),
-                    requestedSkill: requestedSkills[0],
-                    availableSkills: publishedSkillsResult.fetchResult.payload.skills.map(toPublishedSkillSummary),
-                }, null, 2),
-                metadata: {
-                    status: 'not_found',
-                    ...toWorkspaceResolutionMetadata(publishedSkillsResult.workspaceResolution),
-                },
-            };
-        }
-        let skillDetailResults = await Promise.all(selection.selectedItems.map((item) => loadPublishedSkillDetail({
-            workspaceResolution: publishedSkillsResult.workspaceResolution,
-            item,
-            signal: context.abort,
-            useCache: !args.refresh,
-        })));
-        if (skillDetailResults.some((result) => !result.ok && result.status === 'missing_auth')) {
-            try {
-                await startLoginCompletion('fetch').then(async (authState) => {
-                    await schedulePresenceStart(authState);
-                });
-                skillDetailResults = await Promise.all(selection.selectedItems.map((item) => loadPublishedSkillDetail({
-                    workspaceResolution: publishedSkillsResult.workspaceResolution,
-                    item,
-                    signal: context.abort,
-                    useCache: false,
-                })));
-            }
-            catch {
-                // Return the original detail failure after the login bootstrap attempt updates snapshot state.
-            }
-        }
-        const failedSkillDetail = skillDetailResults.find((result) => !result.ok);
-        if (failedSkillDetail && !failedSkillDetail.ok) {
-            await emitFetchOutcome('FETCH_FAILED');
-            return failedSkillDetail;
-        }
-        const skillDetails = skillDetailResults.map((result) => {
-            if (!result.ok) {
-                throw new Error('Published skill detail result unexpectedly missing after success guard.');
-            }
-            return result.detail;
-        });
-        if (isSingleRequest && skillDetails[0]) {
-            const detail = skillDetails[0];
-            context.metadata({
-                title: `opencode-wizard published skill: ${detail.artifactName || detail.skillName}`,
-                metadata: {
-                    ...toWorkspaceResolutionMetadata(publishedSkillsResult.workspaceResolution),
-                    skillSlug: detail.skillSlug,
-                    version: detail.version,
-                },
-            });
-            await emitFetchOutcome('FETCH_SUCCESS');
-            return {
-                output: JSON.stringify({
-                    pluginId: PLUGIN_ID,
-                    runtimeMode: 'tool_fetch_only',
-                    requestedDirectoryPath: publishedSkillsResult.directoryPath,
-                    workspaceResolution: toWorkspaceResolutionOutput(publishedSkillsResult.workspaceResolution),
-                    workspace: publishedSkillsResult.fetchResult.payload.workspace,
-                    fetchedAt: publishedSkillsResult.fetchResult.fetchedAt,
-                    source: publishedSkillsResult.fetchResult.source,
-                    skill: detail,
-                }, null, 2),
-                metadata: {
-                    status: 'ready',
-                    ...toWorkspaceResolutionMetadata(publishedSkillsResult.workspaceResolution),
-                    skillSlug: detail.skillSlug,
-                },
-            };
-        }
-        context.metadata({
-            title: `opencode-wizard published skills fetch: ${skillDetails.length}`,
-            metadata: {
-                ...toWorkspaceResolutionMetadata(publishedSkillsResult.workspaceResolution),
-                requestedCount: requestedSkills.length.toString(),
-                matchedCount: skillDetails.length.toString(),
-            },
-        });
-        await emitFetchOutcome('FETCH_SUCCESS');
-        return {
-            output: JSON.stringify({
-                pluginId: PLUGIN_ID,
-                runtimeMode: 'tool_fetch_only',
-                requestedDirectoryPath: publishedSkillsResult.directoryPath,
-                workspaceResolution: toWorkspaceResolutionOutput(publishedSkillsResult.workspaceResolution),
-                workspace: publishedSkillsResult.fetchResult.payload.workspace,
-                fetchedAt: publishedSkillsResult.fetchResult.fetchedAt,
-                source: publishedSkillsResult.fetchResult.source,
-                requestedSkills,
-                missingSkills: selection.missingIdentifiers,
-                skills: skillDetails,
-            }, null, 2),
-            metadata: {
-                status: selection.missingIdentifiers.length > 0 ? 'partial' : 'ready',
-                ...toWorkspaceResolutionMetadata(publishedSkillsResult.workspaceResolution),
-                matchedCount: skillDetails.length.toString(),
-            },
-        };
-    };
-    return {
-        tool: {
-            opencode_wizard_published_skills_fetch: tool({
-                description: 'Fetch one or multiple published skill bodies/details for the current scope',
-                args: {
-                    skill: tool.schema.string().optional().describe('Single skill slug, artifact name, or skill name'),
-                    skills: tool.schema
-                        .string()
-                        .optional()
-                        .describe('One or more comma-separated or newline-separated skill slugs, artifact names, or skill names'),
-                    directory: tool.schema.string().optional().describe('Optional absolute or relative directory override'),
-                    refresh: tool.schema.boolean().optional().describe('Bypass the local plugin cache for this request'),
-                },
-                async execute(args, context) {
-                    return executePublishedSkillsFetchTool({
-                        args,
-                        context,
-                    });
-                },
-            }),
-        },
-        'experimental.chat.system.transform': async (_hookInput, output) => {
-            const publishedSkillsResult = await loadPublishedSkillCatalog({
-                directory: input.directory,
-                useCache: true,
-                signal: AbortSignal.timeout(5_000),
-            });
-            const systemNote = buildSystemNote(publishedSkillsResult, config);
-            if (!systemNote)
-                return;
-            output.system.push(systemNote);
-        },
-    };
-};
-export default {
-    id: PLUGIN_ID,
-    server: OpencodeWizardSkillsPlugin,
-};