@agentforge-ai/cli 0.4.2 → 0.5.0

package/dist/index.js

@@ -1,4 +1,10 @@
 #!/usr/bin/env node
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
 
 // src/index.ts
 import { Command } from "commander";
@@ -295,11 +301,22 @@ async function deployProject(options) {
 }
 
 // src/lib/convex-client.ts
-import { ConvexHttpClient } from "convex/browser";
 import fs4 from "fs-extra";
 import path4 from "path";
+function safeCwd() {
+  try {
+    return process.cwd();
+  } catch {
+    return null;
+  }
+}
 function getConvexUrl() {
-  const cwd = process.cwd();
+  const cwd = safeCwd();
+  if (!cwd) {
+    throw new Error(
+      "Current directory does not exist or is not accessible.\nPlease navigate to a valid AgentForge project directory and try again."
+    );
+  }
   const envFiles = [".env.local", ".env", ".env.production"];
   for (const envFile of envFiles) {
     const envPath = path4.join(cwd, envFile);
@@ -323,7 +340,8 @@ function getConvexUrl() {
     "CONVEX_URL not found. Run `npx convex dev` first, or set CONVEX_URL in your .env file."
   );
 }
-function createClient() {
+async function createClient() {
+  const { ConvexHttpClient } = await import("convex/browser");
   const url = getConvexUrl();
   return new ConvexHttpClient(url);
 }
@@ -334,6 +352,10 @@ async function safeCall(fn, errorMessage) {
     if (error2.message?.includes("CONVEX_URL not found")) {
       console.error("\n\u274C Not connected to Convex.");
       console.error("   Run `npx convex dev` in your project directory first.\n");
+    } else if (error2.message?.includes("Current directory does not exist")) {
+      console.error(`
+\u274C ${error2.message}
+`);
     } else if (error2.message?.includes("fetch failed") || error2.message?.includes("ECONNREFUSED")) {
       console.error("\n\u274C Cannot reach Convex deployment.");
       console.error("   Make sure `npx convex dev` is running.\n");
@@ -424,7 +446,7 @@ function prompt(question) {
 function registerAgentsCommand(program2) {
   const agents = program2.command("agents").description("Manage agents");
   agents.command("list").description("List all agents").option("--active", "Show only active agents").option("--json", "Output as JSON").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(
       () => client.query("agents:list", {}),
       "Failed to list agents"
@@ -460,7 +482,7 @@ function registerAgentsCommand(program2) {
     }
     const provider = model.includes(":") ? model.split(":")[0] : "openai";
     const agentId = name.toLowerCase().replace(/[^a-z0-9]+/g, "-");
-    const client = createClient();
+    const client = await createClient();
     await safeCall(
       () => client.mutation("agents:create", {
         id: agentId,
@@ -475,7 +497,7 @@ function registerAgentsCommand(program2) {
     success(`Agent "${name}" created with ID: ${agentId}`);
   });
   agents.command("inspect").argument("<id>", "Agent ID").description("Show detailed agent information").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     const agent = await safeCall(
       () => client.query("agents:getByAgentId", { id }),
       "Failed to fetch agent"
@@ -503,7 +525,7 @@ function registerAgentsCommand(program2) {
 `);
   });
   agents.command("edit").argument("<id>", "Agent ID").option("--name <name>", "New name").option("--model <model>", "New model").option("--instructions <text>", "New instructions").description("Edit an agent").action(async (id, opts) => {
-    const client = createClient();
+    const client = await createClient();
     const agent = await safeCall(
       () => client.query("agents:getByAgentId", { id }),
       "Failed to fetch agent"
@@ -549,7 +571,7 @@ function registerAgentsCommand(program2) {
         return;
       }
     }
-    const client = createClient();
+    const client = await createClient();
     const agent = await safeCall(
       () => client.query("agents:getByAgentId", { id }),
       "Failed to fetch agent"
@@ -565,7 +587,7 @@ function registerAgentsCommand(program2) {
     success(`Agent "${id}" deleted.`);
   });
   agents.command("enable").argument("<id>", "Agent ID").description("Enable an agent").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     const agent = await safeCall(() => client.query("agents:getByAgentId", { id }), "Failed to fetch agent");
     if (!agent) {
       error(`Agent "${id}" not found.`);
@@ -575,7 +597,7 @@ function registerAgentsCommand(program2) {
     success(`Agent "${id}" enabled.`);
   });
   agents.command("disable").argument("<id>", "Agent ID").description("Disable an agent").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     const agent = await safeCall(() => client.query("agents:getByAgentId", { id }), "Failed to fetch agent");
     if (!agent) {
       error(`Agent "${id}" not found.`);
@@ -590,7 +612,7 @@ function registerAgentsCommand(program2) {
 import readline2 from "readline";
 function registerChatCommand(program2) {
   program2.command("chat").argument("[agent-id]", "Agent ID to chat with").option("-s, --session <id>", "Resume an existing session").description("Start an interactive chat session with an agent").action(async (agentId, opts) => {
-    const client = createClient();
+    const client = await createClient();
     if (!agentId && !opts.session) {
       const agents = await safeCall(() => client.query("agents:list", {}), "Failed to list agents");
       if (!agents || agents.length === 0) {
@@ -683,7 +705,7 @@ function registerChatCommand(program2) {
 function registerSessionsCommand(program2) {
   const sessions = program2.command("sessions").description("Manage sessions");
   sessions.command("list").option("--status <status>", "Filter by status (active, ended)").option("--json", "Output as JSON").description("List all sessions").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("sessions:list", {}), "Failed to list sessions");
     if (opts.json) {
       console.log(JSON.stringify(result, null, 2));
@@ -706,7 +728,7 @@ function registerSessionsCommand(program2) {
     })));
   });
   sessions.command("inspect").argument("<id>", "Session ID").description("Show session details").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     const session = await safeCall(() => client.query("sessions:getById", { id }), "Failed to fetch session");
     if (!session) {
       error(`Session "${id}" not found.`);
@@ -717,7 +739,7 @@ function registerSessionsCommand(program2) {
     details({ ID: s._id, Name: s.name, Agent: s.agentId, Status: s.status, Started: formatDate(s.startedAt), "Last Activity": formatDate(s.lastActivityAt) });
   });
   sessions.command("end").argument("<id>", "Session ID").description("End an active session").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("sessions:update", { _id: id, status: "ended" }), "Failed to end session");
     success(`Session "${id}" ended.`);
   });
@@ -725,7 +747,7 @@ function registerSessionsCommand(program2) {
 function registerThreadsCommand(program2) {
   const threads = program2.command("threads").description("Manage conversation threads");
   threads.command("list").option("--agent <id>", "Filter by agent ID").option("--json", "Output as JSON").description("List all threads").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const args = opts.agent ? { agentId: opts.agent } : {};
     const result = await safeCall(() => client.query("threads:list", args), "Failed to list threads");
     if (opts.json) {
@@ -747,7 +769,7 @@ function registerThreadsCommand(program2) {
     })));
   });
   threads.command("inspect").argument("<id>", "Thread ID").description("Show thread messages").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     const messages = await safeCall(() => client.query("messages:listByThread", { threadId: id }), "Failed to fetch messages");
     header(`Thread: ${id}`);
     const items = messages || [];
@@ -762,7 +784,7 @@ function registerThreadsCommand(program2) {
     console.log();
   });
   threads.command("delete").argument("<id>", "Thread ID").description("Delete a thread and its messages").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("threads:remove", { _id: id }), "Failed to delete thread");
     success(`Thread "${id}" deleted.`);
   });
@@ -782,7 +804,7 @@ function prompt2(q) {
 function registerSkillsCommand(program2) {
   const skills = program2.command("skills").description("Manage agent skills");
   skills.command("list").option("--installed", "Show only installed skills").option("--json", "Output as JSON").description("List all skills").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("skills:list", {}), "Failed to list skills");
     if (opts.json) {
       console.log(JSON.stringify(result, null, 2));
@@ -894,7 +916,7 @@ Edit \`skills/${name}/config.json\` to customize.
     info(`Edit skills/${name}/index.ts to implement your tool logic.`);
   });
   skills.command("install").argument("<name>", "Skill name to install").description("Install a skill").action(async (name) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(
       () => client.mutation("skills:create", {
         name,
@@ -915,7 +937,7 @@ Edit \`skills/${name}/config.json\` to customize.
         success(`Skill "${name}" removed from disk.`);
       }
     }
-    const client = createClient();
+    const client = await createClient();
     try {
       const skills2 = await client.query("skills:list", {});
       const skill = skills2.find((s) => s.name === name);
@@ -961,7 +983,7 @@ function prompt3(q) {
 function registerCronCommand(program2) {
   const cron = program2.command("cron").description("Manage cron jobs");
   cron.command("list").option("--json", "Output as JSON").description("List all cron jobs").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("cronJobs:list", {}), "Failed to list cron jobs");
     if (opts.json) {
       console.log(JSON.stringify(result, null, 2));
@@ -992,7 +1014,7 @@ function registerCronCommand(program2) {
       error("All fields are required.");
       process.exit(1);
     }
-    const client = createClient();
+    const client = await createClient();
     await safeCall(
       () => client.mutation("cronJobs:create", { name, schedule, agentId, action, isEnabled: true }),
       "Failed to create cron job"
@@ -1000,17 +1022,17 @@ function registerCronCommand(program2) {
     success(`Cron job "${name}" created.`);
   });
   cron.command("delete").argument("<id>", "Cron job ID").description("Delete a cron job").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("cronJobs:remove", { _id: id }), "Failed to delete");
     success(`Cron job "${id}" deleted.`);
   });
   cron.command("enable").argument("<id>", "Cron job ID").description("Enable a cron job").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("cronJobs:update", { _id: id, isEnabled: true }), "Failed");
     success(`Cron job "${id}" enabled.`);
   });
   cron.command("disable").argument("<id>", "Cron job ID").description("Disable a cron job").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("cronJobs:update", { _id: id, isEnabled: false }), "Failed");
     success(`Cron job "${id}" disabled.`);
   });
@@ -1028,7 +1050,7 @@ function prompt4(q) {
 function registerMcpCommand(program2) {
   const mcp = program2.command("mcp").description("Manage MCP connections");
   mcp.command("list").option("--json", "Output as JSON").description("List all MCP connections").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("mcpConnections:list", {}), "Failed to list connections");
     if (opts.json) {
       console.log(JSON.stringify(result, null, 2));
@@ -1057,7 +1079,7 @@ function registerMcpCommand(program2) {
       error("All fields required.");
       process.exit(1);
     }
-    const client = createClient();
+    const client = await createClient();
     await safeCall(
       () => client.mutation("mcpConnections:create", {
         name,
@@ -1071,13 +1093,13 @@ function registerMcpCommand(program2) {
     success(`MCP connection "${name}" added.`);
   });
   mcp.command("remove").argument("<id>", "Connection ID").description("Remove an MCP connection").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("mcpConnections:remove", { _id: id }), "Failed");
     success(`Connection "${id}" removed.`);
   });
   mcp.command("test").argument("<id>", "Connection ID").description("Test an MCP connection").action(async (id) => {
     info(`Testing connection "${id}"...`);
-    const client = createClient();
+    const client = await createClient();
     const conns = await safeCall(() => client.query("mcpConnections:list", {}), "Failed");
     const conn = conns.find((c) => c._id === id || c._id?.endsWith(id));
     if (!conn) {
@@ -1102,12 +1124,12 @@ function registerMcpCommand(program2) {
     }
   });
   mcp.command("enable").argument("<id>", "Connection ID").description("Enable a connection").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("mcpConnections:update", { _id: id, isEnabled: true }), "Failed");
     success(`Connection "${id}" enabled.`);
   });
   mcp.command("disable").argument("<id>", "Connection ID").description("Disable a connection").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("mcpConnections:update", { _id: id, isEnabled: false }), "Failed");
     success(`Connection "${id}" disabled.`);
   });
@@ -1119,7 +1141,7 @@ import path6 from "path";
 function registerFilesCommand(program2) {
   const files = program2.command("files").description("Manage files");
   files.command("list").argument("[folder]", "Folder ID to list files from").option("--json", "Output as JSON").description("List files").action(async (folder, opts) => {
-    const client = createClient();
+    const client = await createClient();
     const args = folder ? { folderId: folder } : {};
     const result = await safeCall(() => client.query("files:list", args), "Failed to list files");
     if (opts.json) {
@@ -1165,7 +1187,7 @@ function registerFilesCommand(program2) {
       ".xml": "text/xml"
     };
     const mimeType = mimeTypes[ext] || "application/octet-stream";
-    const client = createClient();
+    const client = await createClient();
     await safeCall(
       () => client.mutation("files:create", {
         name,
@@ -1180,13 +1202,13 @@ function registerFilesCommand(program2) {
     info("Note: File content storage requires Convex file storage or R2 integration.");
   });
   files.command("delete").argument("<id>", "File ID").description("Delete a file").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("files:remove", { _id: id }), "Failed to delete file");
     success(`File "${id}" deleted.`);
   });
   const folders = program2.command("folders").description("Manage folders");
   folders.command("list").option("--json", "Output as JSON").description("List all folders").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("folders:list", {}), "Failed to list folders");
     if (opts.json) {
       console.log(JSON.stringify(result, null, 2));
@@ -1206,7 +1228,7 @@ function registerFilesCommand(program2) {
     })));
   });
   folders.command("create").argument("<name>", "Folder name").option("--parent <id>", "Parent folder ID").description("Create a folder").action(async (name, opts) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(
       () => client.mutation("folders:create", { name, parentId: opts.parent }),
       "Failed to create folder"
@@ -1214,7 +1236,7 @@ function registerFilesCommand(program2) {
     success(`Folder "${name}" created.`);
   });
   folders.command("delete").argument("<id>", "Folder ID").description("Delete a folder").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("folders:remove", { _id: id }), "Failed to delete folder");
     success(`Folder "${id}" deleted.`);
   });
@@ -1237,7 +1259,7 @@ function prompt5(q) {
 function registerProjectsCommand(program2) {
   const projects = program2.command("projects").description("Manage projects and workspaces");
   projects.command("list").option("--json", "Output as JSON").description("List all projects").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("projects:list", {}), "Failed to list projects");
     if (opts.json) {
       console.log(JSON.stringify(result, null, 2));
@@ -1259,7 +1281,7 @@ function registerProjectsCommand(program2) {
   });
   projects.command("create").argument("<name>", "Project name").option("-d, --description <desc>", "Project description").description("Create a new project").action(async (name, opts) => {
     const description = opts.description || await prompt5("Description (optional): ");
-    const client = createClient();
+    const client = await createClient();
     await safeCall(
       () => client.mutation("projects:create", { name, description, status: "active" }),
       "Failed to create project"
@@ -1267,7 +1289,7 @@ function registerProjectsCommand(program2) {
     success(`Project "${name}" created.`);
   });
   projects.command("inspect").argument("<id>", "Project ID").description("Show project details").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     const projects2 = await safeCall(() => client.query("projects:list", {}), "Failed");
     const project = projects2.find((p) => p._id === id || p._id?.endsWith(id));
     if (!project) {
@@ -1292,12 +1314,12 @@ function registerProjectsCommand(program2) {
         return;
       }
     }
-    const client = createClient();
+    const client = await createClient();
     await safeCall(() => client.mutation("projects:remove", { _id: id }), "Failed");
     success(`Project "${id}" deleted.`);
   });
   projects.command("switch").argument("<id>", "Project ID to switch to").description("Set the active project").action(async (id) => {
-    const client = createClient();
+    const client = await createClient();
     const projects2 = await safeCall(() => client.query("projects:list", {}), "Failed");
     const project = projects2.find((p) => p._id === id || p._id?.endsWith(id));
     if (!project) {
@@ -1494,7 +1516,7 @@ function promptSecret(q) {
 function registerVaultCommand(program2) {
   const vault = program2.command("vault").description("Manage secrets securely");
   vault.command("list").option("--json", "Output as JSON").description("List all stored secrets (values hidden)").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("vault:list", {}), "Failed to list secrets");
     if (opts.json) {
       const safe = (result || []).map((s) => ({ ...s, encryptedValue: void 0 }));
@@ -1523,7 +1545,7 @@ function registerVaultCommand(program2) {
       error("Value is required.");
       process.exit(1);
     }
-    const client = createClient();
+    const client = await createClient();
     await safeCall(
       () => client.mutation("vault:store", {
         name,
@@ -1536,7 +1558,7 @@ function registerVaultCommand(program2) {
     success(`Secret "${name}" stored securely.`);
   });
   vault.command("get").argument("<name>", "Secret name").option("--reveal", "Show the actual value (use with caution)").description("Retrieve a secret").action(async (name, opts) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("vault:list", {}), "Failed");
     const secret = (result || []).find((s) => s.name === name);
     if (!secret) {
@@ -1563,7 +1585,7 @@ function registerVaultCommand(program2) {
         return;
       }
     }
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("vault:list", {}), "Failed");
     const secret = (result || []).find((s) => s.name === name);
     if (!secret) {
@@ -1574,7 +1596,7 @@ function registerVaultCommand(program2) {
     success(`Secret "${name}" deleted.`);
   });
   vault.command("rotate").argument("<name>", "Secret name").description("Rotate a secret (set a new value)").action(async (name) => {
-    const client = createClient();
+    const client = await createClient();
     const result = await safeCall(() => client.query("vault:list", {}), "Failed");
     const secret = (result || []).find((s) => s.name === name);
     if (!secret) {
@@ -1594,6 +1616,212 @@ function registerVaultCommand(program2) {
   });
 }
 
+// src/commands/keys.ts
+function safeCall2(fn, msg) {
+  return fn().catch((e) => {
+    error(`${msg}: ${e.message}`);
+    process.exit(1);
+  });
+}
+function formatDate4(ts) {
+  return new Date(ts).toLocaleDateString("en-US", { month: "short", day: "numeric", year: "numeric" });
+}
+function maskKey(key) {
+  if (key.length <= 12) return key.substring(0, 4) + "****";
+  return key.substring(0, 8) + "..." + key.substring(key.length - 4);
+}
+function promptSecret2(question) {
+  return new Promise((resolve2) => {
+    const readline10 = __require("readline");
+    if (process.stdin.isTTY) {
+      process.stdout.write(question);
+      process.stdin.setRawMode(true);
+      process.stdin.resume();
+      process.stdin.setEncoding("utf8");
+      let input = "";
+      const onData = (char) => {
+        if (char === "\n" || char === "\r" || char === "") {
+          process.stdin.setRawMode(false);
+          process.stdin.pause();
+          process.stdin.removeListener("data", onData);
+          process.stdout.write("\n");
+          resolve2(input);
+        } else if (char === "") {
+          process.exit(0);
+        } else if (char === "\x7F" || char === "\b") {
+          if (input.length > 0) {
+            input = input.slice(0, -1);
+            process.stdout.write("\b \b");
+          }
+        } else {
+          input += char;
+          process.stdout.write("*");
+        }
+      };
+      process.stdin.on("data", onData);
+    } else {
+      const rl = readline10.createInterface({ input: process.stdin, output: process.stdout });
+      rl.question(question, (ans) => {
+        rl.close();
+        resolve2(ans.trim());
+      });
+    }
+  });
+}
+var PROVIDERS = [
+  { id: "openai", name: "OpenAI", prefix: "sk-" },
+  { id: "anthropic", name: "Anthropic", prefix: "sk-ant-" },
+  { id: "openrouter", name: "OpenRouter", prefix: "sk-or-" },
+  { id: "google", name: "Google AI", prefix: "AIza" },
+  { id: "xai", name: "xAI", prefix: "xai-" },
+  { id: "groq", name: "Groq", prefix: "gsk_" },
+  { id: "together", name: "Together AI", prefix: "" },
+  { id: "perplexity", name: "Perplexity", prefix: "pplx-" }
+];
+function registerKeysCommand(program2) {
+  const keys = program2.command("keys").description("Manage AI provider API keys");
+  keys.command("list").option("--provider <provider>", "Filter by provider").option("--json", "Output as JSON").description("List all configured API keys").action(async (opts) => {
+    const client = await createClient();
+    const result = await safeCall2(
+      () => client.query("apiKeys:list", opts.provider ? { provider: opts.provider } : {}),
+      "Failed to list API keys"
+    );
+    const items = result || [];
+    if (opts.json) {
+      const safe = items.map((k) => ({ ...k, encryptedKey: maskKey(k.encryptedKey) }));
+      console.log(JSON.stringify(safe, null, 2));
+      return;
+    }
+    header("API Keys");
+    if (items.length === 0) {
+      info("No API keys configured.");
+      dim("  Add one with: agentforge keys add <provider> [key]");
+      dim("");
+      dim("  Supported providers:");
+      PROVIDERS.forEach((p) => dim(`    ${p.id.padEnd(12)} ${p.name}`));
+      return;
+    }
+    table(items.map((k) => ({
+      Provider: k.provider,
+      Name: k.keyName,
+      Key: maskKey(k.encryptedKey),
+      Active: k.isActive ? "\u2713" : "\u2717",
+      Created: formatDate4(k.createdAt),
+      "Last Used": k.lastUsedAt ? formatDate4(k.lastUsedAt) : "Never"
+    })));
+  });
+  keys.command("add").argument("<provider>", `Provider (${PROVIDERS.map((p) => p.id).join(", ")})`).argument("[key]", "API key value (omit for secure prompt)").option("--name <name>", "Key display name").description("Add an AI provider API key").action(async (provider, key, opts) => {
+    const providerInfo = PROVIDERS.find((p) => p.id === provider);
+    if (!providerInfo) {
+      error(`Unknown provider "${provider}". Supported: ${PROVIDERS.map((p) => p.id).join(", ")}`);
+      process.exit(1);
+    }
+    if (!key) {
+      key = await promptSecret2(`Enter ${providerInfo.name} API key: `);
+    }
+    if (!key) {
+      error("API key is required.");
+      process.exit(1);
+    }
+    if (providerInfo.prefix && !key.startsWith(providerInfo.prefix)) {
+      info(`Warning: ${providerInfo.name} keys typically start with "${providerInfo.prefix}".`);
+    }
+    const keyName = opts.name || `${providerInfo.name} Key`;
+    const client = await createClient();
+    await safeCall2(
+      () => client.mutation("apiKeys:create", {
+        provider,
+        keyName,
+        encryptedKey: key
+      }),
+      "Failed to store API key"
+    );
+    success(`${providerInfo.name} API key "${keyName}" stored successfully.`);
+  });
+  keys.command("remove").argument("<provider>", "Provider name").option("-f, --force", "Skip confirmation").description("Remove an API key").action(async (provider, opts) => {
+    const client = await createClient();
+    const result = await safeCall2(
+      () => client.query("apiKeys:list", { provider }),
+      "Failed to list keys"
+    );
+    const items = result || [];
+    if (items.length === 0) {
+      error(`No API keys found for "${provider}".`);
+      process.exit(1);
+    }
+    const target = items[0];
+    if (!opts.force) {
+      const readline10 = __require("readline");
+      const rl = readline10.createInterface({ input: process.stdin, output: process.stdout });
+      const answer = await new Promise((resolve2) => {
+        rl.question(`Delete "${target.keyName}" for ${provider}? (y/N): `, (ans) => {
+          rl.close();
+          resolve2(ans.trim());
+        });
+      });
+      if (answer.toLowerCase() !== "y") {
+        info("Cancelled.");
+        return;
+      }
+    }
+    await safeCall2(
+      () => client.mutation("apiKeys:remove", { id: target._id }),
+      "Failed to remove API key"
+    );
+    success(`API key "${target.keyName}" removed.`);
+  });
+  keys.command("test").argument("<provider>", "Provider to test").description("Test an API key by making a simple request").action(async (provider) => {
+    const client = await createClient();
+    const result = await safeCall2(
+      () => client.query("apiKeys:getActiveForProvider", { provider }),
+      "Failed to get key"
+    );
+    if (!result) {
+      error(`No active API key for "${provider}". Add one with: agentforge keys add ${provider}`);
+      process.exit(1);
+    }
+    const key = result.encryptedKey;
+    info(`Testing ${provider} API key...`);
+    try {
+      let ok = false;
+      if (provider === "openai") {
+        const res = await fetch("https://api.openai.com/v1/models", { headers: { Authorization: `Bearer ${key}` } });
+        ok = res.ok;
+      } else if (provider === "anthropic") {
+        const res = await fetch("https://api.anthropic.com/v1/messages", {
+          method: "POST",
+          headers: { "x-api-key": key, "anthropic-version": "2023-06-01", "Content-Type": "application/json" },
+          body: JSON.stringify({ model: "claude-3-haiku-20240307", max_tokens: 1, messages: [{ role: "user", content: "hi" }] })
+        });
+        ok = res.ok;
+      } else if (provider === "openrouter") {
+        const res = await fetch("https://openrouter.ai/api/v1/models", { headers: { Authorization: `Bearer ${key}` } });
+        ok = res.ok;
+      } else if (provider === "google") {
+        const res = await fetch(`https://generativelanguage.googleapis.com/v1beta/models?key=${key}`);
+        ok = res.ok;
+      } else if (provider === "groq") {
+        const res = await fetch("https://api.groq.com/openai/v1/models", { headers: { Authorization: `Bearer ${key}` } });
+        ok = res.ok;
+      } else {
+        info(`No test endpoint configured for "${provider}". Key is stored.`);
+        return;
+      }
+      if (ok) {
+        success(`${provider} API key is valid and working.`);
+        await safeCall2(
+          () => client.mutation("apiKeys:updateLastUsed", { id: result._id }),
+          "Failed to update last used"
+        );
+      } else {
+        error(`${provider} API key returned an error. Check that the key is valid.`);
+      }
+    } catch (e) {
+      error(`Connection failed: ${e.message}`);
+    }
+  });
+}
+
 // src/commands/status.ts
 import { spawn as spawn2 } from "child_process";
 import path8 from "path";
@@ -1610,7 +1838,7 @@ function registerStatusCommand(program2) {
     checks["Dashboard Dir"] = fs8.existsSync(path8.join(cwd, "dashboard")) ? "\u2714 Found" : "\u2716 Not found";
     checks["Env Config"] = fs8.existsSync(path8.join(cwd, ".env.local")) || fs8.existsSync(path8.join(cwd, ".env")) ? "\u2714 Found" : "\u2716 Not found";
     try {
-      const client = createClient();
+      const client = await createClient();
       const agents = await client.query("agents:list", {});
       checks["Convex Connection"] = `\u2714 Connected (${agents?.length || 0} agents)`;
     } catch {
@@ -1720,7 +1948,7 @@ function registerStatusCommand(program2) {
     });
   });
   program2.command("logs").description("Show recent activity logs").option("-n, --lines <count>", "Number of log entries", "20").option("--agent <id>", "Filter by agent ID").option("--json", "Output as JSON").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     const args = {};
     if (opts.agent) args.agentId = opts.agent;
     const result = await safeCall(
@@ -1747,7 +1975,7 @@ function registerStatusCommand(program2) {
     console.log();
   });
   program2.command("heartbeat").description("Check and resume pending agent tasks").option("--agent <id>", "Check specific agent").action(async (opts) => {
-    const client = createClient();
+    const client = await createClient();
     header("Heartbeat Check");
     const args = {};
     if (opts.agent) args.agentId = opts.agent;
@@ -1813,6 +2041,7 @@ registerFilesCommand(program);
 registerProjectsCommand(program);
 registerConfigCommand(program);
 registerVaultCommand(program);
+registerKeysCommand(program);
 registerStatusCommand(program);
 program.parse();
 //# sourceMappingURL=index.js.map