@agent-native/core 0.7.13 → 0.7.14

package/dist/scripts/db/migrate-user-api-keys.js

@@ -0,0 +1,224 @@
+/**
+ * Core script: db-migrate-user-api-keys
+ *
+ * One-shot migration: copy legacy `user-api-key:<provider>:<email>` and
+ * `user-anthropic-api-key:<email>` rows from the unscoped `settings` table
+ * into `app_secrets` (encrypted, scope=user, scopeId=email), then delete
+ * the legacy rows.
+ *
+ * Background. The pre-secrets-migration `agent-chat-plugin` save-key endpoint
+ * persisted user-pasted LLM API keys to `settings` under email-prefixed
+ * keys. The `app_secrets` system (encrypted, properly scoped) now owns
+ * user-pasted credentials. `getOwnerApiKey()` reads `app_secrets` first
+ * and falls back to the legacy settings rows for compat. This script
+ * clears that compat tail so the legacy rows don't sit around indefinitely.
+ *
+ * Idempotent — re-running on an already-migrated DB is a no-op.
+ *
+ * Usage:
+ *   DATABASE_URL=postgres://... pnpm action db-migrate-user-api-keys
+ *   pnpm action db-migrate-user-api-keys --db ./data/app.db
+ *   pnpm action db-migrate-user-api-keys --dry-run
+ */
+import path from "path";
+import { createClient } from "@libsql/client";
+import { getDatabaseUrl, getDatabaseAuthToken } from "../../db/client.js";
+import { parseArgs } from "../utils.js";
+import { PROVIDER_TO_ENV } from "../../agent/engine/provider-env-vars.js";
+function isPostgresUrl(url) {
+    return url.startsWith("postgres://") || url.startsWith("postgresql://");
+}
+function parseLegacyKey(settingsKey) {
+    // user-api-key:<provider>:<email>
+    // (email may itself contain `:` if someone has a weird local-part — split
+    // on the first two segments only.)
+    if (settingsKey.startsWith("user-api-key:")) {
+        const rest = settingsKey.slice("user-api-key:".length);
+        const colonIdx = rest.indexOf(":");
+        if (colonIdx <= 0)
+            return null;
+        const provider = rest.slice(0, colonIdx);
+        const email = rest.slice(colonIdx + 1);
+        if (!provider || !email)
+            return null;
+        return { provider, email };
+    }
+    // user-anthropic-api-key:<email> (legacy alias)
+    if (settingsKey.startsWith("user-anthropic-api-key:")) {
+        const email = settingsKey.slice("user-anthropic-api-key:".length);
+        if (!email)
+            return null;
+        return { provider: "anthropic", email };
+    }
+    return null;
+}
+function secretKeyForProvider(provider) {
+    return PROVIDER_TO_ENV[provider] ?? `${provider.toUpperCase()}_API_KEY`;
+}
+function maskApiKey(value) {
+    if (!value)
+        return "(empty)";
+    if (value.length <= 8)
+        return "***";
+    return `${value.slice(0, 4)}…${value.slice(-4)} (len=${value.length})`;
+}
+export default async function dbMigrateUserApiKeys(args) {
+    const parsed = parseArgs(args);
+    if (parsed.help === "true") {
+        console.log(`Usage: pnpm action db-migrate-user-api-keys [options]
+
+Copies legacy user-api-key:* + user-anthropic-api-key:* settings rows
+into app_secrets (encrypted, scope=user) and deletes the originals.
+
+Options:
+  --db <path>   Path to SQLite database (default: data/app.db)
+  --dry-run     Print what would be migrated without writing
+  --help        Show this help message`);
+        return;
+    }
+    const dryRun = parsed["dry-run"] === "true";
+    let url;
+    if (parsed.db) {
+        url = "file:" + path.resolve(parsed.db);
+    }
+    else if (getDatabaseUrl()) {
+        url = getDatabaseUrl();
+    }
+    else {
+        url = "file:" + path.resolve(process.cwd(), "data", "app.db");
+    }
+    const dbLabel = url.startsWith("file:")
+        ? url.slice("file:".length)
+        : new URL(url).host || url;
+    console.log(`[migrate-user-api-keys] target: ${dbLabel}${dryRun ? "  (dry-run)" : ""}`);
+    const legacy = await fetchLegacyRows(url);
+    if (legacy.length === 0) {
+        console.log("[migrate-user-api-keys] nothing to migrate.");
+        return;
+    }
+    console.log(`[migrate-user-api-keys] found ${legacy.length} legacy row(s):`);
+    for (const row of legacy) {
+        const target = secretKeyForProvider(row.provider);
+        console.log(`  - ${row.email}  ${row.provider} → app_secrets[${target}]  ${maskApiKey(row.apiKey)}`);
+    }
+    if (dryRun)
+        return;
+    const { writeAppSecret } = await import("../../secrets/storage.js");
+    let migrated = 0;
+    let skipped = 0;
+    for (const row of legacy) {
+        try {
+            await writeAppSecret({
+                key: secretKeyForProvider(row.provider),
+                value: row.apiKey,
+                scope: "user",
+                scopeId: row.email,
+            });
+            await deleteLegacyRow(url, row.settingsKey);
+            migrated++;
+        }
+        catch (err) {
+            console.error(`  ! failed to migrate ${row.settingsKey}:`, err instanceof Error ? err.message : err);
+            skipped++;
+        }
+    }
+    console.log(`[migrate-user-api-keys] done. migrated=${migrated} skipped=${skipped}`);
+}
+async function fetchLegacyRows(url) {
+    const out = [];
+    if (isPostgresUrl(url)) {
+        const { default: pg } = await import("postgres");
+        const sql = pg(url);
+        try {
+            const rows = (await sql.unsafe(`SELECT key, value FROM settings WHERE key LIKE 'user-api-key:%' OR key LIKE 'user-anthropic-api-key:%'`));
+            for (const row of rows) {
+                const parsed = parseLegacyKey(row.key);
+                if (!parsed)
+                    continue;
+                const apiKey = extractKeyFromValue(row.value);
+                if (!apiKey)
+                    continue;
+                out.push({
+                    settingsKey: row.key,
+                    provider: parsed.provider,
+                    email: parsed.email,
+                    apiKey,
+                });
+            }
+        }
+        finally {
+            await sql.end();
+        }
+        return out;
+    }
+    const client = createClient({ url, authToken: getDatabaseAuthToken() });
+    try {
+        const result = await client.execute({
+            sql: `SELECT key, value FROM settings WHERE key LIKE 'user-api-key:%' OR key LIKE 'user-anthropic-api-key:%'`,
+            args: [],
+        });
+        for (const row of result.rows) {
+            const settingsKey = row.key;
+            const value = row.value;
+            const parsed = parseLegacyKey(settingsKey);
+            if (!parsed)
+                continue;
+            const apiKey = extractKeyFromValue(value);
+            if (!apiKey)
+                continue;
+            out.push({
+                settingsKey,
+                provider: parsed.provider,
+                email: parsed.email,
+                apiKey,
+            });
+        }
+    }
+    finally {
+        client.close();
+    }
+    return out;
+}
+function extractKeyFromValue(value) {
+    // Settings rows store JSON. The save-key endpoint historically wrote
+    // `{ key: "sk-..." }`. Tolerate raw strings just in case.
+    if (!value)
+        return null;
+    try {
+        const parsed = JSON.parse(value);
+        if (typeof parsed === "string" && parsed.trim())
+            return parsed.trim();
+        if (parsed && typeof parsed.key === "string" && parsed.key.trim()) {
+            return parsed.key.trim();
+        }
+        return null;
+    }
+    catch {
+        const trimmed = value.trim();
+        return trimmed || null;
+    }
+}
+async function deleteLegacyRow(url, key) {
+    if (isPostgresUrl(url)) {
+        const { default: pg } = await import("postgres");
+        const sql = pg(url);
+        try {
+            await sql.unsafe(`DELETE FROM settings WHERE key = $1`, [key]);
+        }
+        finally {
+            await sql.end();
+        }
+        return;
+    }
+    const client = createClient({ url, authToken: getDatabaseAuthToken() });
+    try {
+        await client.execute({
+            sql: `DELETE FROM settings WHERE key = ?`,
+            args: [key],
+        });
+    }
+    finally {
+        client.close();
+    }
+}
+//# sourceMappingURL=migrate-user-api-keys.js.map

package/dist/scripts/db/migrate-user-api-keys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"migrate-user-api-keys.js","sourceRoot":"","sources":["../../../src/scripts/db/migrate-user-api-keys.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,eAAe,EAAE,MAAM,yCAAyC,CAAC;AAS1E,SAAS,aAAa,CAAC,GAAW;IAChC,OAAO,GAAG,CAAC,UAAU,CAAC,aAAa,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,cAAc,CACrB,WAAmB;IAEnB,kCAAkC;IAClC,0EAA0E;IAC1E,mCAAmC;IACnC,IAAI,WAAW,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,GAAG,WAAW,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QACvD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,QAAQ,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;QAC/B,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;QACvC,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACrC,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC7B,CAAC;IACD,gDAAgD;IAChD,IAAI,WAAW,CAAC,UAAU,CAAC,yBAAyB,CAAC,EAAE,CAAC;QACtD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,yBAAyB,CAAC,MAAM,CAAC,CAAC;QAClE,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;IAC1C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAgB;IAC5C,OAAO,eAAe,CAAC,QAAQ,CAAC,IAAI,GAAG,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC;AAC1E,CAAC;AAED,SAAS,UAAU,CAAC,KAAa;IAC/B,IAAI,CAAC,KAAK;QAAE,OAAO,SAAS,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IACpC,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,KAAK,CAAC,MAAM,GAAG,CAAC;AACzE,CAAC;AAED,MAAM,CAAC,OAAO,CAAC,KAAK,UAAU,oBAAoB,CAChD,IAAc;IAEd,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAE/B,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC;;;;;;;;uCAQuB,CAAC,CAAC;QACrC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;IAE5C,IAAI,GAAW,CAAC;IAChB,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;QACd,GAAG,GAAG,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC1C,CAAC;SAAM,IAAI,cAAc,EAAE,EAAE,CAAC;QAC5B,GAAG,GAAG,cAAc,EAAE,CAAC;IACzB,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,OAAO,GAAG,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC;QACrC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QAC3B,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC;IAC7B,OAAO,CAAC,GAAG,CACT,mCAAmC,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,EAAE,CAC3E,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;IAC1C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,iCAAiC,MAAM,CAAC,MAAM,iBAAiB,CAAC,CAAC;IAC7E,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CACT,OAAO,GAAG,CAAC,KAAK,KAAK,GAAG,CAAC,QAAQ,kBAAkB,MAAM,MAAM,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CACxF,CAAC;IACJ,CAAC;IACD,IAAI,MAAM;QAAE,OAAO;IAEnB,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;IAEpE,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,MAAM,cAAc,CAAC;gBACnB,GAAG,EAAE,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC;gBACvC,KAAK,EAAE,GAAG,CAAC,MAAM;gBACjB,KAAK,EAAE,MAAM;gBACb,OAAO,EAAE,GAAG,CAAC,KAAK;aACnB,CAAC,CAAC;YACH,MAAM,eAAe,CAAC,GAAG,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;YAC5C,QAAQ,EAAE,CAAC;QACb,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,yBAAyB,GAAG,CAAC,WAAW,GAAG,EAC3C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CACzC,CAAC;YACF,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CACT,0CAA0C,QAAQ,YAAY,OAAO,EAAE,CACxE,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,GAAW;IACxC,MAAM,GAAG,GAAgB,EAAE,CAAC;IAC5B,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;QACjD,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,MAAM,CAC5B,wGAAwG,CACzG,CAAqD,CAAC;YACvD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;gBACvB,MAAM,MAAM,GAAG,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACvC,IAAI,CAAC,MAAM;oBAAE,SAAS;gBACtB,MAAM,MAAM,GAAG,mBAAmB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBAC9C,IAAI,CAAC,MAAM;oBAAE,SAAS;gBACtB,GAAG,CAAC,IAAI,CAAC;oBACP,WAAW,EAAE,GAAG,CAAC,GAAG;oBACpB,QAAQ,EAAE,MAAM,CAAC,QAAQ;oBACzB,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;QACH,CAAC;gBAAS,CAAC;YACT,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC;QAClB,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,oBAAoB,EAAE,EAAE,CAAC,CAAC;IACxE,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,wGAAwG;YAC7G,IAAI,EAAE,EAAE;SACT,CAAC,CAAC;QACH,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;YAC9B,MAAM,WAAW,GAAG,GAAG,CAAC,GAAa,CAAC;YACtC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAe,CAAC;YAClC,MAAM,MAAM,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;YAC3C,IAAI,CAAC,MAAM;gBAAE,SAAS;YACtB,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAC1C,IAAI,CAAC,MAAM;gBAAE,SAAS;YACtB,GAAG,CAAC,IAAI,CAAC;gBACP,WAAW;gBACX,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,MAAM;aACP,CAAC,CAAC;QACL,CAAC;IACH,CAAC;YAAS,CAAC;QACT,MAAM,CAAC,KAAK,EAAE,CAAC;IACjB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAa;IACxC,qEAAqE;IACrE,0DAA0D;IAC1D,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACjC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,EAAE;YAAE,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC;QACtE,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,IAAI,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC;YAClE,OAAO,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;QAC7B,OAAO,OAAO,IAAI,IAAI,CAAC;IACzB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,GAAW,EAAE,GAAW;IACrD,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;QACjD,MAAM,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,GAAG,CAAC,MAAM,CAAC,qCAAqC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACjE,CAAC;gBAAS,CAAC;YACT,MAAM,GAAG,CAAC,GAAG,EAAE,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IACD,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,oBAAoB,EAAE,EAAE,CAAC,CAAC;IACxE,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,OAAO,CAAC;YACnB,GAAG,EAAE,oCAAoC;YACzC,IAAI,EAAE,CAAC,GAAG,CAAC;SACZ,CAAC,CAAC;IACL,CAAC;YAAS,CAAC;QACT,MAAM,CAAC,KAAK,EAAE,CAAC;IACjB,CAAC;AACH,CAAC"}

package/dist/scripts/db/wipe-leaked-builder-keys.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Core script: db-wipe-leaked-builder-keys
+ *
+ * One-shot cleanup for the legacy cross-tenant Builder credential leak.
+ *
+ * Pre-migration, the Builder OAuth callback wrote BUILDER_PRIVATE_KEY,
+ * BUILDER_PUBLIC_KEY, BUILDER_USER_ID, BUILDER_ORG_NAME, BUILDER_ORG_KIND
+ * into the unscoped `persisted-env-vars` settings row. On shared-DB
+ * hosted templates that row was global, so the first user to connect
+ * left their Builder identity sitting in `process.env` for every
+ * subsequent tenant on the same serverless instance — anyone without
+ * their own per-user app_secrets record fell back to the leaked key.
+ *
+ * Per-user Builder credentials now live in `app_secrets` (scope=user,
+ * scopeId=email). The plugin init scrubs BUILDER_* on every boot, but
+ * this script lets you wipe the row immediately, before redeploying.
+ *
+ * Idempotent. Re-running on a clean row is a no-op.
+ *
+ * Usage:
+ *   DATABASE_URL=postgres://... pnpm action db-wipe-leaked-builder-keys
+ *   DATABASE_URL=file:./data/app.db pnpm action db-wipe-leaked-builder-keys
+ *   pnpm action db-wipe-leaked-builder-keys --db ./data/app.db
+ *   pnpm action db-wipe-leaked-builder-keys --dry-run
+ */
+export default function dbWipeLeakedBuilderKeys(args: string[]): Promise<void>;
+//# sourceMappingURL=wipe-leaked-builder-keys.d.ts.map

package/dist/scripts/db/wipe-leaked-builder-keys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wipe-leaked-builder-keys.d.ts","sourceRoot":"","sources":["../../../src/scripts/db/wipe-leaked-builder-keys.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAyBH,wBAA8B,uBAAuB,CACnD,IAAI,EAAE,MAAM,EAAE,GACb,OAAO,CAAC,IAAI,CAAC,CA4Gf"}

package/dist/scripts/db/wipe-leaked-builder-keys.js

@@ -0,0 +1,163 @@
+/**
+ * Core script: db-wipe-leaked-builder-keys
+ *
+ * One-shot cleanup for the legacy cross-tenant Builder credential leak.
+ *
+ * Pre-migration, the Builder OAuth callback wrote BUILDER_PRIVATE_KEY,
+ * BUILDER_PUBLIC_KEY, BUILDER_USER_ID, BUILDER_ORG_NAME, BUILDER_ORG_KIND
+ * into the unscoped `persisted-env-vars` settings row. On shared-DB
+ * hosted templates that row was global, so the first user to connect
+ * left their Builder identity sitting in `process.env` for every
+ * subsequent tenant on the same serverless instance — anyone without
+ * their own per-user app_secrets record fell back to the leaked key.
+ *
+ * Per-user Builder credentials now live in `app_secrets` (scope=user,
+ * scopeId=email). The plugin init scrubs BUILDER_* on every boot, but
+ * this script lets you wipe the row immediately, before redeploying.
+ *
+ * Idempotent. Re-running on a clean row is a no-op.
+ *
+ * Usage:
+ *   DATABASE_URL=postgres://... pnpm action db-wipe-leaked-builder-keys
+ *   DATABASE_URL=file:./data/app.db pnpm action db-wipe-leaked-builder-keys
+ *   pnpm action db-wipe-leaked-builder-keys --db ./data/app.db
+ *   pnpm action db-wipe-leaked-builder-keys --dry-run
+ */
+import path from "path";
+import { createClient } from "@libsql/client";
+import { getDatabaseUrl, getDatabaseAuthToken } from "../../db/client.js";
+import { parseArgs } from "../utils.js";
+const BUILDER_KEYS = [
+    "BUILDER_PRIVATE_KEY",
+    "BUILDER_PUBLIC_KEY",
+    "BUILDER_USER_ID",
+    "BUILDER_ORG_NAME",
+    "BUILDER_ORG_KIND",
+];
+function isPostgresUrl(url) {
+    return url.startsWith("postgres://") || url.startsWith("postgresql://");
+}
+function maskValue(v) {
+    if (typeof v !== "string")
+        return String(v);
+    if (v.length <= 8)
+        return "***";
+    return `${v.slice(0, 4)}…${v.slice(-4)} (len=${v.length})`;
+}
+export default async function dbWipeLeakedBuilderKeys(args) {
+    const parsed = parseArgs(args);
+    if (parsed.help === "true") {
+        console.log(`Usage: pnpm action db-wipe-leaked-builder-keys [options]
+
+Removes BUILDER_* keys from the persisted-env-vars row in the settings
+table. Run this once per hosted template database.
+
+Options:
+  --db <path>   Path to SQLite database (default: data/app.db when no DATABASE_URL set)
+  --dry-run     Print what would be removed without writing
+  --help        Show this help message
+
+Database resolution:
+  --db flag → DATABASE_URL env → ./data/app.db`);
+        return;
+    }
+    const dryRun = parsed["dry-run"] === "true";
+    let url;
+    if (parsed.db) {
+        url = "file:" + path.resolve(parsed.db);
+    }
+    else if (getDatabaseUrl()) {
+        url = getDatabaseUrl();
+    }
+    else {
+        url = "file:" + path.resolve(process.cwd(), "data", "app.db");
+    }
+    const dbLabel = url.startsWith("file:")
+        ? url.slice("file:".length)
+        : new URL(url).host || url;
+    console.log(`[wipe-leaked-builder-keys] target: ${dbLabel}${dryRun ? "  (dry-run)" : ""}`);
+    let row = null;
+    if (isPostgresUrl(url)) {
+        const { default: pg } = await import("postgres");
+        const pgSql = pg(url);
+        try {
+            const result = await pgSql.unsafe(`SELECT value FROM settings WHERE key = 'persisted-env-vars'`);
+            const rows = Array.from(result);
+            if (rows.length === 0) {
+                console.log("[wipe-leaked-builder-keys] no persisted-env-vars row.");
+                return;
+            }
+            row = JSON.parse(rows[0].value);
+            const { cleaned, removed } = stripBuilderKeys(row ?? {});
+            if (removed.length === 0) {
+                console.log("[wipe-leaked-builder-keys] row already clean — nothing to do.");
+                return;
+            }
+            logRemoved(removed, row ?? {});
+            if (dryRun)
+                return;
+            await pgSql.unsafe(`UPDATE settings SET value = $1, updated_at = $2 WHERE key = 'persisted-env-vars'`, [JSON.stringify(cleaned), Date.now()]);
+            console.log(`[wipe-leaked-builder-keys] removed ${removed.length} key(s) from persisted-env-vars.`);
+        }
+        finally {
+            await pgSql.end();
+        }
+        return;
+    }
+    // libsql / SQLite
+    const client = createClient({
+        url,
+        authToken: getDatabaseAuthToken(),
+    });
+    try {
+        const result = await client.execute({
+            sql: `SELECT value FROM settings WHERE key = ?`,
+            args: ["persisted-env-vars"],
+        });
+        if (result.rows.length === 0) {
+            console.log("[wipe-leaked-builder-keys] no persisted-env-vars row.");
+            return;
+        }
+        row = JSON.parse(result.rows[0].value);
+        const { cleaned, removed } = stripBuilderKeys(row ?? {});
+        if (removed.length === 0) {
+            console.log("[wipe-leaked-builder-keys] row already clean — nothing to do.");
+            return;
+        }
+        logRemoved(removed, row ?? {});
+        if (dryRun)
+            return;
+        await client.execute({
+            sql: `UPDATE settings SET value = ?, updated_at = ? WHERE key = ?`,
+            args: [JSON.stringify(cleaned), Date.now(), "persisted-env-vars"],
+        });
+        console.log(`[wipe-leaked-builder-keys] removed ${removed.length} key(s) from persisted-env-vars.`);
+    }
+    finally {
+        client.close();
+    }
+}
+function stripBuilderKeys(row) {
+    const builderSet = new Set(BUILDER_KEYS);
+    const cleaned = {};
+    const removed = [];
+    for (const [k, v] of Object.entries(row)) {
+        if (builderSet.has(k)) {
+            removed.push(k);
+        }
+        else {
+            cleaned[k] = v;
+        }
+    }
+    return { cleaned, removed };
+}
+function logRemoved(removed, row) {
+    console.log(`[wipe-leaked-builder-keys] BUILDER_* keys present:`);
+    for (const k of removed) {
+        const masked = k === "BUILDER_ORG_NAME" || k === "BUILDER_ORG_KIND"
+            ? String(row[k])
+            : maskValue(row[k]);
+        console.log(`  - ${k}: ${masked}`);
+    }
+}
+//# sourceMappingURL=wipe-leaked-builder-keys.js.map

package/dist/scripts/db/wipe-leaked-builder-keys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"wipe-leaked-builder-keys.js","sourceRoot":"","sources":["../../../src/scripts/db/wipe-leaked-builder-keys.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,MAAM,YAAY,GAAG;IACnB,qBAAqB;IACrB,oBAAoB;IACpB,iBAAiB;IACjB,kBAAkB;IAClB,kBAAkB;CACV,CAAC;AAEX,SAAS,aAAa,CAAC,GAAW;IAChC,OAAO,GAAG,CAAC,UAAU,CAAC,aAAa,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,SAAS,CAAC,CAAU;IAC3B,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;IAC5C,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAChC,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC;AAC7D,CAAC;AAED,MAAM,CAAC,OAAO,CAAC,KAAK,UAAU,uBAAuB,CACnD,IAAc;IAEd,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAE/B,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;+CAW+B,CAAC,CAAC;QAC7C,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,MAAM,CAAC;IAE5C,IAAI,GAAW,CAAC;IAChB,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;QACd,GAAG,GAAG,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC1C,CAAC;SAAM,IAAI,cAAc,EAAE,EAAE,CAAC;QAC5B,GAAG,GAAG,cAAc,EAAE,CAAC;IACzB,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,OAAO,GAAG,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC;QACrC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QAC3B,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC;IAC7B,OAAO,CAAC,GAAG,CACT,sCAAsC,OAAO,GAAG,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,EAAE,CAC9E,CAAC;IAEF,IAAI,GAAG,GAAmC,IAAI,CAAC;IAE/C,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;QACjD,MAAM,KAAK,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACtB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,MAAM,CAC/B,6DAA6D,CAC9D,CAAC;YACF,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,CAAwC,CAAC;YACvE,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;gBACrE,OAAO;YACT,CAAC;YACD,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YAChC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,gBAAgB,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC;YACzD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACzB,OAAO,CAAC,GAAG,CACT,+DAA+D,CAChE,CAAC;gBACF,OAAO;YACT,CAAC;YACD,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC;YAC/B,IAAI,MAAM;gBAAE,OAAO;YACnB,MAAM,KAAK,CAAC,MAAM,CAChB,kFAAkF,EAClF,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CACtC,CAAC;YACF,OAAO,CAAC,GAAG,CACT,sCAAsC,OAAO,CAAC,MAAM,kCAAkC,CACvF,CAAC;QACJ,CAAC;gBAAS,CAAC;YACT,MAAM,KAAK,CAAC,GAAG,EAAE,CAAC;QACpB,CAAC;QACD,OAAO;IACT,CAAC;IAED,kBAAkB;IAClB,MAAM,MAAM,GAAG,YAAY,CAAC;QAC1B,GAAG;QACH,SAAS,EAAE,oBAAoB,EAAE;KAClC,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,0CAA0C;YAC/C,IAAI,EAAE,CAAC,oBAAoB,CAAC;SAC7B,CAAC,CAAC;QACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;YACrE,OAAO;QACT,CAAC;QACD,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAe,CAAC,CAAC;QACjD,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,gBAAgB,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC;QACzD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CACT,+DAA+D,CAChE,CAAC;YACF,OAAO;QACT,CAAC;QACD,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC;QAC/B,IAAI,MAAM;YAAE,OAAO;QACnB,MAAM,MAAM,CAAC,OAAO,CAAC;YACnB,GAAG,EAAE,6DAA6D;YAClE,IAAI,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,oBAAoB,CAAC;SAClE,CAAC,CAAC;QACH,OAAO,CAAC,GAAG,CACT,sCAAsC,OAAO,CAAC,MAAM,kCAAkC,CACvF,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,MAAM,CAAC,KAAK,EAAE,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,GAA4B;IAIpD,MAAM,UAAU,GAAG,IAAI,GAAG,CAAS,YAAY,CAAC,CAAC;IACjD,MAAM,OAAO,GAA4B,EAAE,CAAC;IAC5C,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACzC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAC9B,CAAC;AAED,SAAS,UAAU,CAAC,OAAiB,EAAE,GAA4B;IACjE,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;IAClE,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,MAAM,GACV,CAAC,KAAK,kBAAkB,IAAI,CAAC,KAAK,kBAAkB;YAClD,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAChB,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;IACrC,CAAC;AACH,CAAC"}

package/dist/secrets/register-framework-secrets.d.ts

@@ -8,6 +8,11 @@
  * Each call uses a `getRequiredSecret` guard so a template that has already
  * registered the same key (often with stricter settings like `required: true`)
  * wins — the framework registration is a fallback, not an override.
+ *
+ * NOTE: The framework previously registered OPENAI_API_KEY here for Whisper
+ * voice transcription. Voice transcription now routes through the Builder.io
+ * gateway (or Groq as a BYOK fallback), so the framework no longer registers
+ * the OpenAI key. Templates that need it (e.g. Clips) register it themselves.
  */
 export declare function registerFrameworkSecrets(): void;
 //# sourceMappingURL=register-framework-secrets.d.ts.map

package/dist/secrets/register-framework-secrets.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"register-framework-secrets.d.ts","sourceRoot":"","sources":["../../src/secrets/register-framework-secrets.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AA8CH,wBAAgB,wBAAwB,IAAI,IAAI,CAE/C"}
+{"version":3,"file":"register-framework-secrets.d.ts","sourceRoot":"","sources":["../../src/secrets/register-framework-secrets.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,wBAAgB,wBAAwB,IAAI,IAAI,CAI/C"}

package/dist/secrets/register-framework-secrets.js

@@ -8,52 +8,15 @@
  * Each call uses a `getRequiredSecret` guard so a template that has already
  * registered the same key (often with stricter settings like `required: true`)
  * wins — the framework registration is a fallback, not an override.
- */
-import { getRequiredSecret, registerRequiredSecret } from "./register.js";
-/**
- * OpenAI API key.
  *
- * The framework uses this for voice transcription in the agent sidebar
- * composer (Whisper). Templates like Clips register it as `required: true`
- * in their own `register-secrets.ts`; the framework keeps it optional here
- * so every other template still surfaces the input without forcing the
- * onboarding checklist step.
+ * NOTE: The framework previously registered OPENAI_API_KEY here for Whisper
+ * voice transcription. Voice transcription now routes through the Builder.io
+ * gateway (or Groq as a BYOK fallback), so the framework no longer registers
+ * the OpenAI key. Templates that need it (e.g. Clips) register it themselves.
  */
-function registerOpenAiKey() {
-    if (getRequiredSecret("OPENAI_API_KEY"))
-        return;
-    registerRequiredSecret({
-        key: "OPENAI_API_KEY",
-        label: "OpenAI API Key",
-        description: "Used for voice transcription (Whisper) in the agent composer. Without this, voice input falls back to your browser's built-in speech recognition.",
-        docsUrl: "https://platform.openai.com/api-keys",
-        scope: "user",
-        kind: "api-key",
-        required: false,
-        validator: async (value) => {
-            if (!value || typeof value !== "string" || value.length < 20) {
-                return { ok: false, error: "Key looks too short." };
-            }
-            try {
-                const res = await fetch("https://api.openai.com/v1/models", {
-                    headers: { Authorization: `Bearer ${value}` },
-                });
-                if (res.ok)
-                    return true;
-                if (res.status === 401)
-                    return { ok: false, error: "OpenAI rejected this key (401)." };
-                return { ok: false, error: `OpenAI returned ${res.status}.` };
-            }
-            catch (err) {
-                return {
-                    ok: false,
-                    error: `Could not reach OpenAI: ${err?.message ?? err}`,
-                };
-            }
-        },
-    });
-}
 export function registerFrameworkSecrets() {
-    registerOpenAiKey();
+    // No framework-level secrets at this time.
+    // Templates register their own keys via `registerRequiredSecret` in
+    // their own `register-secrets.ts`.
 }
 //# sourceMappingURL=register-framework-secrets.js.map

package/dist/secrets/register-framework-secrets.js.map

@@ -1 +1 @@
-{"version":3,"file":"register-framework-secrets.js","sourceRoot":"","sources":["../../src/secrets/register-framework-secrets.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,iBAAiB,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAE1E;;;;;;;;GAQG;AACH,SAAS,iBAAiB;IACxB,IAAI,iBAAiB,CAAC,gBAAgB,CAAC;QAAE,OAAO;IAChD,sBAAsB,CAAC;QACrB,GAAG,EAAE,gBAAgB;QACrB,KAAK,EAAE,gBAAgB;QACvB,WAAW,EACT,mJAAmJ;QACrJ,OAAO,EAAE,sCAAsC;QAC/C,KAAK,EAAE,MAAM;QACb,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;YACzB,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;gBAC7D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,sBAAsB,EAAE,CAAC;YACtD,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,kCAAkC,EAAE;oBAC1D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE;iBAC9C,CAAC,CAAC;gBACH,IAAI,GAAG,CAAC,EAAE;oBAAE,OAAO,IAAI,CAAC;gBACxB,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;oBACpB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,iCAAiC,EAAE,CAAC;gBACjE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,mBAAmB,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;YAChE,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE,2BAA2B,GAAG,EAAE,OAAO,IAAI,GAAG,EAAE;iBACxD,CAAC;YACJ,CAAC;QACH,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,wBAAwB;IACtC,iBAAiB,EAAE,CAAC;AACtB,CAAC"}
+{"version":3,"file":"register-framework-secrets.js","sourceRoot":"","sources":["../../src/secrets/register-framework-secrets.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,MAAM,UAAU,wBAAwB;IACtC,2CAA2C;IAC3C,oEAAoE;IACpE,mCAAmC;AACrC,CAAC"}

package/dist/secrets/substitution.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"substitution.d.ts","sourceRoot":"","sources":["../../src/secrets/substitution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAIjD,MAAM,WAAW,0BAA0B;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,WAAW,EAClB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,0BAA0B,CAAC,CAkCrC;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,GACzB,OAAO,CAeT;AAED;;;GAGG;AACH,wBAAsB,eAAe,CACnC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,WAAW,EAClB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAU1B"}
+{"version":3,"file":"substitution.d.ts","sourceRoot":"","sources":["../../src/secrets/substitution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAQjD,MAAM,WAAW,0BAA0B;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,WAAW,EAClB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,0BAA0B,CAAC,CAsCrC;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,GACzB,OAAO,CAeT;AAED;;;GAGG;AACH,wBAAsB,eAAe,CACnC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,WAAW,EAClB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAU1B"}

package/dist/secrets/substitution.js

@@ -10,6 +10,7 @@
  * keys without breaking automations that reference workspace defaults.
  */
 import { readAppSecret, readAppSecretMeta } from "./storage.js";
+import { getRequestOrgId, getRequestUserEmail, } from "../server/request-context.js";
 const KEY_REFERENCE_REGEX = /\$\{keys\.([A-Za-z0-9_-]+)\}/g;
 /**
  * Resolve `${keys.NAME}` references in `text`. For each reference, looks up
@@ -31,7 +32,11 @@ export async function resolveKeyReferences(text, scope, scopeId) {
             continue;
         let result = await readAppSecret({ key: name, scope, scopeId });
         if (!result && scope === "user") {
-            result = await readAppSecret({ key: name, scope: "workspace", scopeId });
+            result = await readAppSecret({
+                key: name,
+                scope: "workspace",
+                scopeId: getWorkspaceScopeId(scopeId),
+            });
         }
         if (!result) {
             throw new Error(`Referenced key "${name}" is not defined for scope "${scope}". Create it in Settings or via the secrets API before using this automation.`);
@@ -85,9 +90,16 @@ export async function getKeyAllowlist(name, scope, scopeId) {
         meta = await readAppSecretMeta({
             key: name,
             scope: "workspace",
-            scopeId,
+            scopeId: getWorkspaceScopeId(scopeId),
         });
     }
     return meta?.urlAllowlist ?? null;
 }
+function getWorkspaceScopeId(userScopeId) {
+    const orgId = getRequestOrgId();
+    if (orgId)
+        return orgId;
+    const email = getRequestUserEmail() || userScopeId;
+    return `solo:${email}`;
+}
 //# sourceMappingURL=substitution.js.map

package/dist/secrets/substitution.js.map

@@ -1 +1 @@
-{"version":3,"file":"substitution.js","sourceRoot":"","sources":["../../src/secrets/substitution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAGhE,MAAM,mBAAmB,GAAG,+BAA+B,CAAC;AAO5D;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,IAAY,EACZ,KAAkB,EAClB,OAAe;IAEf,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IACtC,CAAC;IAED,MAAM,WAAW,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC9C,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,SAAS;QAEpC,IAAI,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;QAChE,IAAI,CAAC,MAAM,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;YAChC,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC,CAAC;QAC3E,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CACb,mBAAmB,IAAI,+BAA+B,KAAK,+EAA+E,CAC3I,CAAC;QACJ,CAAC;QACD,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,mBAAmB,EAAE,CAAC,CAAC,EAAE,IAAY,EAAE,EAAE;QACrE,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,mBAAmB,IAAI,oBAAoB,CAAC,CAAC;QAC/D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;AAChC,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAClC,GAAW,EACX,SAA0B;IAE1B,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACtD,IAAI,MAAc,CAAC;IACnB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;QAC9B,IAAI,CAAC;YACH,OAAO,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAY,EACZ,KAAkB,EAClB,OAAe;IAEf,IAAI,IAAI,GAAG,MAAM,iBAAiB,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAClE,IAAI,CAAC,IAAI,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;QAC9B,IAAI,GAAG,MAAM,iBAAiB,CAAC;YAC7B,GAAG,EAAE,IAAI;YACT,KAAK,EAAE,WAAW;YAClB,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,EAAE,YAAY,IAAI,IAAI,CAAC;AACpC,CAAC"}
+{"version":3,"file":"substitution.js","sourceRoot":"","sources":["../../src/secrets/substitution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAEhE,OAAO,EACL,eAAe,EACf,mBAAmB,GACpB,MAAM,8BAA8B,CAAC;AAEtC,MAAM,mBAAmB,GAAG,+BAA+B,CAAC;AAO5D;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,IAAY,EACZ,KAAkB,EAClB,OAAe;IAEf,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IACtC,CAAC;IAED,MAAM,WAAW,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC9C,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,SAAS;QAEpC,IAAI,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;QAChE,IAAI,CAAC,MAAM,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;YAChC,MAAM,GAAG,MAAM,aAAa,CAAC;gBAC3B,GAAG,EAAE,IAAI;gBACT,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,mBAAmB,CAAC,OAAO,CAAC;aACtC,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CACb,mBAAmB,IAAI,+BAA+B,KAAK,+EAA+E,CAC3I,CAAC;QACJ,CAAC;QACD,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,mBAAmB,EAAE,CAAC,CAAC,EAAE,IAAY,EAAE,EAAE;QACrE,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,mBAAmB,IAAI,oBAAoB,CAAC,CAAC;QAC/D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;AAChC,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAClC,GAAW,EACX,SAA0B;IAE1B,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACtD,IAAI,MAAc,CAAC;IACnB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;QAC9B,IAAI,CAAC;YACH,OAAO,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAY,EACZ,KAAkB,EAClB,OAAe;IAEf,IAAI,IAAI,GAAG,MAAM,iBAAiB,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAClE,IAAI,CAAC,IAAI,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;QAC9B,IAAI,GAAG,MAAM,iBAAiB,CAAC;YAC7B,GAAG,EAAE,IAAI;YACT,KAAK,EAAE,WAAW;YAClB,OAAO,EAAE,mBAAmB,CAAC,OAAO,CAAC;SACtC,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,EAAE,YAAY,IAAI,IAAI,CAAC;AACpC,CAAC;AAED,SAAS,mBAAmB,CAAC,WAAmB;IAC9C,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;IAChC,IAAI,KAAK;QAAE,OAAO,KAAK,CAAC;IACxB,MAAM,KAAK,GAAG,mBAAmB,EAAE,IAAI,WAAW,CAAC;IACnD,OAAO,QAAQ,KAAK,EAAE,CAAC;AACzB,CAAC"}

package/dist/server/action-discovery.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"action-discovery.d.ts","sourceRoot":"","sources":["../../src/server/action-discovery.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAkQhE;;;;;;;;GAQG;AACH,wBAAgB,6BAA6B,CAC3C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAqC7B;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAsB,mBAAmB,CACvC,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAsCtC;AAED,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GACpC,OAAO,CAAC,IAAI,CAAC,CAiCf;AAED,oDAAoD;AACpD,eAAO,MAAM,mBAAmB,4BAAsB,CAAC"}
+{"version":3,"file":"action-discovery.d.ts","sourceRoot":"","sources":["../../src/server/action-discovery.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAkQhE;;;;;;;;GAQG;AACH,wBAAgB,6BAA6B,CAC3C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAqC7B;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAsB,mBAAmB,CACvC,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAuFtC;AAED,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GACpC,OAAO,CAAC,IAAI,CAAC,CAiCf;AAED,oDAAoD;AACpD,eAAO,MAAM,mBAAmB,4BAAsB,CAAC"}

package/dist/server/action-discovery.js

@@ -321,6 +321,45 @@ export async function autoDiscoverActions(from) {
     catch (err) {
         console.warn(`[autoDiscoverActions] Could not read actions directory: ${actionsDir} — ${err?.message}`);
     }
+    // 1b. Fallback: if filesystem discovery found no template actions (common
+    //     in bundled serverless environments like Netlify/Vercel where the
+    //     actions/ directory doesn't exist on disk), try importing the
+    //     generated static registry at .generated/actions-registry.
+    //
+    //     This prevents the silent-empty-tools footgun where the agent has no
+    //     template actions and falls back to generic tools like web-request.
+    //     Prefer `loadActionsFromStaticRegistry` over `autoDiscoverActions` for
+    //     production reliability — this fallback is a safety net, not the
+    //     primary path.
+    if (Object.keys(registry).length === 0 && from) {
+        try {
+            let registryPath;
+            if (from.startsWith("file://") || from.startsWith("file:///")) {
+                const callerDir = nodePath.dirname(fileURLToPath(from));
+                registryPath = nodePath.resolve(callerDir, "../../.generated/actions-registry.js");
+            }
+            else {
+                registryPath = nodePath.resolve(from, "../.generated/actions-registry.js");
+            }
+            const mod = await import(/* @vite-ignore */ registryPath);
+            const staticEntries = loadActionsFromStaticRegistry(mod.default || mod);
+            Object.assign(registry, staticEntries);
+            if (Object.keys(staticEntries).length > 0) {
+                console.log(`[autoDiscoverActions] Filesystem scan found 0 actions — loaded ${Object.keys(staticEntries).length} from .generated/actions-registry.ts instead. ` +
+                    `Consider switching to loadActionsFromStaticRegistry(actionsRegistry) for production reliability.`);
+            }
+        }
+        catch {
+            // No generated registry available — registry stays empty.
+        }
+    }
+    // If still empty after all fallbacks, warn loudly.
+    if (Object.keys(registry).length === 0) {
+        console.warn(`[autoDiscoverActions] WARNING: No template actions found! ` +
+            `The agent will have no template-specific tools. ` +
+            `If in production, switch from autoDiscoverActions to loadActionsFromStaticRegistry. ` +
+            `See: https://docs.agent-native.com/actions#static-registry`);
+    }
     // 2. Workspace-core actions — merged in with skipExisting so they can't
     //    overwrite template entries.
     try {