npm - @anytio/pspm - Versions diffs - 0.0.3 → 0.0.5 - Mend

@anytio/pspm 0.0.3 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.js CHANGED Viewed

@@ -1,12 +1,13 @@
 #!/usr/bin/env node
 import { readFileSync } from 'fs';
-import { dirname, join } from 'path';
+import { dirname, join, relative } from 'path';
 import { fileURLToPath, URL } from 'url';
 import { Command } from 'commander';
-import { stat, writeFile, mkdir, rm, access, readFile } from 'fs/promises';
-import { randomBytes, createHash } from 'crypto';
+import { stat, writeFile, mkdir, rm, access, readFile, readdir, unlink } from 'fs/promises';
+import { createHash, randomBytes } from 'crypto';
 import * as semver from 'semver';
 import { homedir } from 'os';
+import * as ini from 'ini';
 import http from 'http';
 import open from 'open';
 import { exec as exec$1 } from 'child_process';
@@ -38,7 +39,7 @@ function resolveVersion(range, availableVersions) {
   return semver.maxSatisfying(sorted, range);
 }
-// ../../packages/sdk/src/fetcher.ts
+// ../../packages/sdk/src/fetchers/cli-fetcher.ts
 var config = null;
 function configure(options) {
   config = options;
@@ -76,9 +77,9 @@ async function customFetch(url, options) {
   };
 }
-// ../../packages/sdk/src/generated/index.ts
+// ../../packages/sdk/src/generated/fetch/index.ts
 var getMeUrl = () => {
-  return `/me`;
+  return `/api/skills/me`;
 };
 var me = async (options) => {
   return customFetch(
@@ -90,7 +91,7 @@ var me = async (options) => {
   );
 };
 var getListSkillVersionsUrl = (username, name) => {
-  return `/@user/${username}/${name}/versions`;
+  return `/api/skills/@user/${username}/${name}/versions`;
 };
 var listSkillVersions = async (username, name, options) => {
   return customFetch(
@@ -102,7 +103,7 @@ var listSkillVersions = async (username, name, options) => {
   );
 };
 var getGetSkillVersionUrl = (username, name, version2) => {
-  return `/@user/${username}/${name}/${version2}`;
+  return `/api/skills/@user/${username}/${name}/${version2}`;
 };
 var getSkillVersion = async (username, name, version2, options) => {
   return customFetch(
@@ -114,9 +115,9 @@ var getSkillVersion = async (username, name, version2, options) => {
   );
 };
 var getPublishSkillUrl = () => {
-  return `/publish`;
+  return `/api/skills/publish`;
 };
-var publishSkill = async (publishSkillBody, options) => {
+var publishSkill = async (publishSkillInput, options) => {
   return customFetch(
     getPublishSkillUrl(),
     {
@@ -124,53 +125,52 @@ var publishSkill = async (publishSkillBody, options) => {
       method: "POST",
       headers: { "Content-Type": "application/json", ...options?.headers },
       body: JSON.stringify(
-        publishSkillBody
+        publishSkillInput
       )
     }
   );
 };
 var getDeleteSkillUrl = (name) => {
-  return `/${name}`;
+  return `/api/skills/${name}`;
 };
-var deleteSkill = async (name, deleteSkillBody, options) => {
+var deleteSkill = async (name, options) => {
   return customFetch(
     getDeleteSkillUrl(name),
     {
       ...options,
-      method: "DELETE",
-      headers: { "Content-Type": "application/json", ...options?.headers },
-      body: JSON.stringify(
-        deleteSkillBody
-      )
+      method: "DELETE"
     }
   );
 };
 var getDeleteSkillVersionUrl = (name, version2) => {
-  return `/${name}/${version2}`;
+  return `/api/skills/${name}/${version2}`;
 };
-var deleteSkillVersion = async (name, version2, deleteSkillVersionBody, options) => {
+var deleteSkillVersion = async (name, version2, options) => {
   return customFetch(
     getDeleteSkillVersionUrl(name, version2),
     {
       ...options,
-      method: "DELETE",
-      headers: { "Content-Type": "application/json", ...options?.headers },
-      body: JSON.stringify(
-        deleteSkillVersionBody
-      )
+      method: "DELETE"
     }
   );
 };
 // src/api-client.ts
+function registryUrlToBaseUrl(registryUrl) {
+  return registryUrl.replace(/\/api\/skills\/?$/, "");
+}
+function configure2(options) {
+  const baseUrl = registryUrlToBaseUrl(options.registryUrl);
+  configure({ baseUrl, apiKey: options.apiKey });
+}
 async function whoamiRequest(registryUrl, apiKey) {
   try {
-    configure({ baseUrl: registryUrl, apiKey });
+    configure2({ registryUrl, apiKey });
     const response = await me();
-    const user = response.data;
-    if (!user) {
+    if (response.status !== 200 || !response.data) {
       return null;
     }
+    const user = response.data;
     return {
       username: user.username,
       userId: user.userId
@@ -187,14 +187,6 @@ var ConfigError = class extends Error {
     this.name = "ConfigError";
   }
 };
-var ProfileNotFoundError = class extends ConfigError {
-  constructor(profileName) {
-    super(
-      `Profile "${profileName}" not found. Run 'pspm config list' to see available profiles.`
-    );
-    this.name = "ProfileNotFoundError";
-  }
-};
 var NotLoggedInError = class extends ConfigError {
   constructor() {
     super(
@@ -203,10 +195,47 @@ var NotLoggedInError = class extends ConfigError {
     this.name = "NotLoggedInError";
   }
 };
+function extractApiErrorMessage(response, fallbackMessage) {
+  const errorData = response.data;
+  if (process.env.PSPM_DEBUG) {
+    console.log(`[debug] API response status: ${response.status}`);
+    console.log(
+      `[debug] API response data:`,
+      JSON.stringify(errorData, null, 2)
+    );
+  }
+  if (!errorData) {
+    return `${fallbackMessage} (HTTP ${response.status})`;
+  }
+  let errorMessage = errorData.message || fallbackMessage;
+  if (errorData.code === "VALIDATION_ERROR" && errorData.details) {
+    const issues = errorData.details.issues;
+    if (issues && Array.isArray(issues)) {
+      const issueMessages = issues.map((issue) => {
+        const path = issue.path?.join(".") || "input";
+        const msg = issue.message || "invalid value";
+        return `  - ${path}: ${msg}`;
+      }).join("\n");
+      errorMessage = `Validation failed:
+${issueMessages}`;
+    }
+  }
+  if (errorData.code && !errorMessage.includes(errorData.code)) {
+    errorMessage = `[${errorData.code}] ${errorMessage}`;
+  }
+  if (errorData.requestId) {
+    errorMessage += `
+(Request ID: ${errorData.requestId})`;
+  }
+  return errorMessage;
+}
 // src/config.ts
-var DEFAULT_REGISTRY_URL = "https://pspm.dev/api/skills";
+var DEFAULT_REGISTRY_URL = "https://pspm.dev";
 function getConfigPath() {
+  return join(homedir(), ".pspmrc");
+}
+function getLegacyConfigPath() {
   return join(homedir(), ".pspm", "config.json");
 }
 function getSkillsDir() {
@@ -215,33 +244,6 @@ function getSkillsDir() {
 function getLockfilePath() {
   return join(process.cwd(), "skill-lock.json");
 }
-function createDefaultV2Config() {
-  return {
-    version: 2,
-    defaultProfile: "default",
-    profiles: {
-      default: {
-        registryUrl: DEFAULT_REGISTRY_URL
-      }
-    }
-  };
-}
-function migrateV1ToV2(v1Config) {
-  return {
-    version: 2,
-    defaultProfile: "default",
-    profiles: {
-      default: {
-        registryUrl: v1Config.registryUrl || DEFAULT_REGISTRY_URL,
-        apiKey: v1Config.apiKey,
-        username: v1Config.username
-      }
-    }
-  };
-}
-function isV2Config(config2) {
-  return typeof config2 === "object" && config2 !== null && "version" in config2 && config2.version === 2;
-}
 async function readUserConfig() {
   const configPath = getConfigPath();
   if (process.env.PSPM_DEBUG) {
@@ -249,48 +251,42 @@ async function readUserConfig() {
   }
   try {
     const content = await readFile(configPath, "utf-8");
+    const parsed = ini.parse(content);
     if (process.env.PSPM_DEBUG) {
-      const apiKeyMatch = content.match(/"apiKey":\s*"([^"]+)"/);
-      if (apiKeyMatch) {
-        console.log(
-          `[config] Raw apiKey from file: ${apiKeyMatch[1].substring(
-            0,
-            15
-          )}...`
-        );
-      }
-    }
-    const parsed = JSON.parse(content);
-    if (process.env.PSPM_DEBUG) {
-      console.log(
-        `[config] Parsed config version: ${parsed.version}`
-      );
-      console.log(
-        `[config] Profiles found: ${Object.keys(
-          parsed.profiles || {}
-        ).join(", ")}`
-      );
-    }
-    if (isV2Config(parsed)) {
-      return parsed;
+      console.log(`[config] Parsed config:`, JSON.stringify(parsed, null, 2));
     }
-    const v2Config = migrateV1ToV2(parsed);
-    await writeUserConfig(v2Config);
-    return v2Config;
+    return {
+      registry: parsed.registry,
+      authToken: parsed.authToken,
+      username: parsed.username
+    };
   } catch (error) {
     if (process.env.PSPM_DEBUG) {
       console.log(
         `[config] Error reading config: ${error instanceof Error ? error.message : String(error)}`
       );
-      console.log(`[config] Falling back to default config`);
     }
-    return createDefaultV2Config();
+    return {};
   }
 }
 async function writeUserConfig(config2) {
   const configPath = getConfigPath();
+  const lines = ["; PSPM Configuration", ""];
+  if (config2.registry) {
+    lines.push(`registry = ${config2.registry}`);
+  }
+  if (config2.authToken) {
+    lines.push(`authToken = ${config2.authToken}`);
+  }
+  if (config2.username) {
+    lines.push(`username = ${config2.username}`);
+  }
+  lines.push("");
   await mkdir(dirname(configPath), { recursive: true });
-  await writeFile(configPath, JSON.stringify(config2, null, 2));
+  await writeFile(configPath, lines.join("\n"));
+  if (process.env.PSPM_DEBUG) {
+    console.log(`[config] Wrote config to: ${configPath}`);
+  }
 }
 async function findProjectConfig() {
   let currentDir = process.cwd();
@@ -301,7 +297,26 @@ async function findProjectConfig() {
       const stats = await stat(configPath);
       if (stats.isFile()) {
         const content = await readFile(configPath, "utf-8");
-        return JSON.parse(content);
+        try {
+          const parsed = ini.parse(content);
+          if (process.env.PSPM_DEBUG) {
+            console.log(
+              `[config] Found project config at ${configPath}:`,
+              JSON.stringify(parsed, null, 2)
+            );
+          }
+          return {
+            registry: parsed.registry
+          };
+        } catch {
+          try {
+            const jsonConfig = JSON.parse(content);
+            return {
+              registry: jsonConfig.registryUrl
+            };
+          } catch {
+          }
+        }
       }
     } catch {
     }
@@ -309,49 +324,61 @@ async function findProjectConfig() {
   }
   return null;
 }
-async function resolveConfig(globalOptions) {
-  const userConfig = await readUserConfig();
-  const projectConfig = await findProjectConfig();
-  let profileName;
-  let profileSource;
-  if (globalOptions?.profile) {
-    profileName = globalOptions.profile;
-    profileSource = "cli";
-  } else if (process.env.PSPM_PROFILE) {
-    profileName = process.env.PSPM_PROFILE;
-    profileSource = "env";
-  } else if (projectConfig?.profile) {
-    profileName = projectConfig.profile;
-    profileSource = "project";
-  } else if (userConfig.defaultProfile) {
-    profileName = userConfig.defaultProfile;
-    profileSource = "user";
-  } else {
-    profileName = "default";
-    profileSource = "default";
-  }
-  const profile = userConfig.profiles[profileName];
-  if (!profile) {
-    if (process.env.PSPM_DEBUG) {
+async function migrateFromLegacyConfig() {
+  const legacyPath = getLegacyConfigPath();
+  try {
+    const content = await readFile(legacyPath, "utf-8");
+    const parsed = JSON.parse(content);
+    let config2 = {};
+    if (parsed.version === 2 && parsed.profiles) {
+      const v2Config = parsed;
+      const defaultProfileName = v2Config.defaultProfile || "default";
+      const profile = v2Config.profiles[defaultProfileName];
+      if (profile) {
+        config2 = {
+          registry: profile.registryUrl !== DEFAULT_REGISTRY_URL ? profile.registryUrl : void 0,
+          authToken: profile.apiKey,
+          username: profile.username
+        };
+      }
       console.log(
-        `[config] Profile "${profileName}" not found. Available: ${Object.keys(
-          userConfig.profiles
-        ).join(", ")}`
+        `Migrating from legacy config (profile: ${defaultProfileName})...`
       );
-    }
-    throw new ProfileNotFoundError(profileName);
+    } else {
+      const v1Config = parsed;
+      config2 = {
+        registry: v1Config.registryUrl !== DEFAULT_REGISTRY_URL ? v1Config.registryUrl : void 0,
+        authToken: v1Config.apiKey,
+        username: v1Config.username
+      };
+      console.log("Migrating from legacy config...");
+    }
+    await writeUserConfig(config2);
+    console.log(`Created new config at: ${getConfigPath()}`);
+    await unlink(legacyPath);
+    console.log(`Removed legacy config: ${legacyPath}`);
+    return config2;
+  } catch {
+    return null;
   }
-  if (process.env.PSPM_DEBUG) {
-    console.log(
-      `[config] Using profile: ${profileName} (source: ${profileSource})`
-    );
-    console.log(`[config] Profile has apiKey: ${!!profile.apiKey}`);
+}
+async function resolveConfig() {
+  const newConfigPath = getConfigPath();
+  try {
+    await stat(newConfigPath);
+  } catch {
+    await migrateFromLegacyConfig();
   }
-  let registryUrl = profile.registryUrl;
-  let apiKey = profile.apiKey;
-  const username = profile.username;
-  if (projectConfig?.registryUrl) {
-    registryUrl = projectConfig.registryUrl;
+  const userConfig = await readUserConfig();
+  const projectConfig = await findProjectConfig();
+  let registryUrl = DEFAULT_REGISTRY_URL;
+  let apiKey = userConfig.authToken;
+  const username = userConfig.username;
+  if (userConfig.registry) {
+    registryUrl = userConfig.registry;
+  }
+  if (projectConfig?.registry) {
+    registryUrl = projectConfig.registry;
   }
   if (process.env.PSPM_REGISTRY_URL) {
     registryUrl = process.env.PSPM_REGISTRY_URL;
@@ -359,117 +386,62 @@ async function resolveConfig(globalOptions) {
   if (process.env.PSPM_API_KEY) {
     apiKey = process.env.PSPM_API_KEY;
   }
+  if (process.env.PSPM_DEBUG) {
+    console.log(`[config] Resolved config:`);
+    console.log(`[config]   registryUrl: ${registryUrl}`);
+    console.log(`[config]   apiKey: ${apiKey ? "***" : "(not set)"}`);
+    console.log(`[config]   username: ${username || "(not set)"}`);
+  }
   return {
-    profileName,
-    profileSource,
     registryUrl,
     apiKey,
     username
   };
 }
-async function getProfile(profileName) {
-  const userConfig = await readUserConfig();
-  return userConfig.profiles[profileName] || null;
-}
-async function listProfiles() {
-  const userConfig = await readUserConfig();
-  return Object.keys(userConfig.profiles);
-}
-async function setProfile(profileName, config2) {
-  const userConfig = await readUserConfig();
-  const existing = userConfig.profiles[profileName] || {
-    registryUrl: DEFAULT_REGISTRY_URL
-  };
-  userConfig.profiles[profileName] = {
-    ...existing,
-    ...config2
-  };
-  await writeUserConfig(userConfig);
-}
-async function deleteProfile(profileName) {
-  const userConfig = await readUserConfig();
-  if (!userConfig.profiles[profileName]) {
-    return false;
-  }
-  delete userConfig.profiles[profileName];
-  if (userConfig.defaultProfile === profileName) {
-    const remainingProfiles = Object.keys(userConfig.profiles);
-    userConfig.defaultProfile = remainingProfiles[0] || "default";
+async function setCredentials(authToken, username, registry) {
+  const config2 = await readUserConfig();
+  config2.authToken = authToken;
+  if (username) {
+    config2.username = username;
   }
-  await writeUserConfig(userConfig);
-  return true;
-}
-async function setDefaultProfile(profileName) {
-  const userConfig = await readUserConfig();
-  if (!userConfig.profiles[profileName]) {
-    throw new ProfileNotFoundError(profileName);
+  if (registry && registry !== DEFAULT_REGISTRY_URL) {
+    config2.registry = registry;
   }
-  userConfig.defaultProfile = profileName;
-  await writeUserConfig(userConfig);
+  await writeUserConfig(config2);
 }
-async function getDefaultProfileName() {
-  const userConfig = await readUserConfig();
-  return userConfig.defaultProfile;
+async function clearCredentials() {
+  const config2 = await readUserConfig();
+  delete config2.authToken;
+  delete config2.username;
+  await writeUserConfig(config2);
 }
-({
-  registryUrl: process.env.PSPM_REGISTRY_URL || DEFAULT_REGISTRY_URL
-});
-async function isLoggedIn(globalOptions) {
+async function isLoggedIn() {
   try {
-    const resolved = await resolveConfig(globalOptions);
+    const resolved = await resolveConfig();
     return !!resolved.apiKey;
   } catch {
     return false;
   }
 }
-async function requireApiKey(globalOptions) {
-  const resolved = await resolveConfig(globalOptions);
+async function requireApiKey() {
+  const resolved = await resolveConfig();
   if (!resolved.apiKey) {
     if (process.env.PSPM_DEBUG) {
-      console.log(
-        `[config] requireApiKey: No API key found for profile "${resolved.profileName}"`
-      );
+      console.log(`[config] requireApiKey: No API key found`);
     }
     throw new NotLoggedInError();
   }
   if (process.env.PSPM_DEBUG) {
     console.log(
-      `[config] requireApiKey: Got API key (${resolved.apiKey.substring(
-        0,
-        10
-      )}...)`
+      `[config] requireApiKey: Got API key (${resolved.apiKey.substring(0, 10)}...)`
     );
   }
   return resolved.apiKey;
 }
-async function getRegistryUrl(globalOptions) {
-  const resolved = await resolveConfig(globalOptions);
+async function getRegistryUrl() {
+  const resolved = await resolveConfig();
   return resolved.registryUrl;
 }
-async function clearProfileCredentials(profileName) {
-  const userConfig = await readUserConfig();
-  if (userConfig.profiles[profileName]) {
-    userConfig.profiles[profileName].apiKey = void 0;
-    userConfig.profiles[profileName].username = void 0;
-    await writeUserConfig(userConfig);
-  }
-}
-async function setProfileCredentials(profileName, apiKey, username, registryUrl) {
-  const userConfig = await readUserConfig();
-  if (!userConfig.profiles[profileName]) {
-    userConfig.profiles[profileName] = {
-      registryUrl: registryUrl || DEFAULT_REGISTRY_URL
-    };
-  }
-  userConfig.profiles[profileName].apiKey = apiKey;
-  if (username) {
-    userConfig.profiles[profileName].username = username;
-  }
-  if (registryUrl) {
-    userConfig.profiles[profileName].registryUrl = registryUrl;
-  }
-  await writeUserConfig(userConfig);
-}
 async function readLockfile() {
   const lockfilePath = getLockfilePath();
   try {
@@ -522,10 +494,10 @@ async function listLockfileSkills() {
 }
 // src/commands/add.ts
-async function add(specifier, _options, globalOptions) {
+async function add(specifier, _options) {
   try {
-    const apiKey = await requireApiKey(globalOptions);
-    const registryUrl = await getRegistryUrl(globalOptions);
+    const apiKey = await requireApiKey();
+    const registryUrl = await getRegistryUrl();
     const parsed = parseSkillSpecifier(specifier);
     if (!parsed) {
       console.error(
@@ -534,9 +506,17 @@ async function add(specifier, _options, globalOptions) {
       process.exit(1);
     }
     const { username, name, versionRange } = parsed;
-    configure({ baseUrl: registryUrl, apiKey });
+    configure2({ registryUrl, apiKey });
     console.log(`Resolving ${specifier}...`);
     const versionsResponse = await listSkillVersions(username, name);
+    if (versionsResponse.status !== 200) {
+      const errorMessage = extractApiErrorMessage(
+        versionsResponse,
+        `Skill @user/${username}/${name} not found`
+      );
+      console.error(`Error: ${errorMessage}`);
+      process.exit(1);
+    }
     const versions = versionsResponse.data;
     if (versions.length === 0) {
       console.error(`Error: Skill @user/${username}/${name} not found`);
@@ -553,14 +533,18 @@ async function add(specifier, _options, globalOptions) {
     }
     console.log(`Installing @user/${username}/${name}@${resolved}...`);
     const versionResponse = await getSkillVersion(username, name, resolved);
-    const versionInfo = versionResponse.data;
-    if (!versionInfo) {
-      console.error(`Error: Version ${resolved} not found`);
+    if (versionResponse.status !== 200 || !versionResponse.data) {
+      const errorMessage = extractApiErrorMessage(
+        versionResponse,
+        `Version ${resolved} not found`
+      );
+      console.error(`Error: ${errorMessage}`);
       process.exit(1);
     }
-    const downloadUrl = `${registryUrl}/@user/${username}/${name}/${resolved}/download`;
-    const tarballResponse = await fetch(downloadUrl, {
-      headers: {
+    const versionInfo = versionResponse.data;
+    const isPresignedUrl = versionInfo.downloadUrl.includes(".r2.cloudflarestorage.com") || versionInfo.downloadUrl.includes("X-Amz-Signature");
+    const tarballResponse = await fetch(versionInfo.downloadUrl, {
+      headers: isPresignedUrl ? {} : {
         Authorization: `Bearer ${apiKey}`
       },
       redirect: "follow"
@@ -611,68 +595,6 @@ async function add(specifier, _options, globalOptions) {
     process.exit(1);
   }
 }
-// src/commands/config/add.ts
-async function configAdd(name, options) {
-  try {
-    const existing = await getProfile(name);
-    if (existing) {
-      console.error(`Error: Profile "${name}" already exists.`);
-      console.log("Use 'pspm config set' to modify it.");
-      process.exit(1);
-    }
-    await setProfile(name, {
-      registryUrl: options.registryUrl || "https://pspm.dev/api/skills"
-    });
-    console.log(`Created profile "${name}".`);
-    if (options.registryUrl) {
-      console.log(`  Registry URL: ${options.registryUrl}`);
-    }
-    console.log("");
-    console.log(
-      `To set credentials, run: pspm login --api-key <key> --profile ${name}`
-    );
-    console.log(`To make this the default, run: pspm config use ${name}`);
-  } catch (error) {
-    const message = error instanceof Error ? error.message : "Unknown error";
-    console.error(`Error: ${message}`);
-    process.exit(1);
-  }
-}
-// src/commands/config/delete.ts
-async function configDelete(name) {
-  try {
-    const profiles = await listProfiles();
-    const defaultProfile = await getDefaultProfileName();
-    if (!profiles.includes(name)) {
-      console.error(`Error: Profile "${name}" not found.`);
-      console.log("Run 'pspm config list' to see available profiles.");
-      process.exit(1);
-    }
-    if (profiles.length === 1) {
-      console.error("Error: Cannot delete the last profile.");
-      console.log("Create another profile first, then delete this one.");
-      process.exit(1);
-    }
-    const wasDefault = name === defaultProfile;
-    const success = await deleteProfile(name);
-    if (success) {
-      console.log(`Deleted profile "${name}".`);
-      if (wasDefault) {
-        const newDefault = await getDefaultProfileName();
-        console.log(`Default profile is now "${newDefault}".`);
-      }
-    } else {
-      console.error(`Error: Failed to delete profile "${name}".`);
-      process.exit(1);
-    }
-  } catch (error) {
-    const message = error instanceof Error ? error.message : "Unknown error";
-    console.error(`Error: ${message}`);
-    process.exit(1);
-  }
-}
 async function configInit(options) {
   try {
     const configPath = join(process.cwd(), ".pspmrc");
@@ -682,23 +604,19 @@ async function configInit(options) {
       process.exit(1);
     } catch {
     }
-    const config2 = {};
-    if (options.profile) {
-      config2.profile = options.profile;
-    }
-    if (options.registryUrl) {
-      config2.registryUrl = options.registryUrl;
-    }
-    if (Object.keys(config2).length === 0) {
-      config2.profile = "development";
+    const lines = ["; Project-specific PSPM configuration", ""];
+    if (options.registry) {
+      lines.push(`registry = ${options.registry}`);
+    } else {
+      lines.push("; Uncomment to use a custom registry:");
+      lines.push("; registry = https://custom-registry.example.com");
     }
-    await writeFile(configPath, `${JSON.stringify(config2, null, 2)}
-`);
+    lines.push("");
+    await writeFile(configPath, lines.join("\n"));
     console.log("Created .pspmrc");
     console.log("");
     console.log("Contents:");
-    console.log(JSON.stringify(config2, null, 2));
-    console.log("");
+    console.log(lines.join("\n"));
     console.log("Note: .pspmrc should be committed to version control.");
     console.log("API keys should NOT be stored here - use pspm login instead.");
   } catch (error) {
@@ -708,129 +626,38 @@ async function configInit(options) {
   }
 }
-// src/commands/config/list.ts
-async function configList() {
-  try {
-    const profiles = await listProfiles();
-    const defaultProfile = await getDefaultProfileName();
-    if (profiles.length === 0) {
-      console.log("No profiles configured.");
-      console.log("Run 'pspm config add <name>' to create one.");
-      return;
-    }
-    console.log("Profiles:\n");
-    for (const name of profiles) {
-      const marker = name === defaultProfile ? " (default)" : "";
-      console.log(`  ${name}${marker}`);
-    }
-    console.log("");
-  } catch (error) {
-    const message = error instanceof Error ? error.message : "Unknown error";
-    console.error(`Error: ${message}`);
-    process.exit(1);
-  }
-}
-// src/commands/config/set.ts
-var VALID_KEYS = ["registryUrl", "apiKey", "username"];
-async function configSet(profile, key, value) {
-  try {
-    if (!VALID_KEYS.includes(key)) {
-      console.error(`Error: Invalid key "${key}".`);
-      console.log(`Valid keys: ${VALID_KEYS.join(", ")}`);
-      process.exit(1);
-    }
-    const existing = await getProfile(profile);
-    if (!existing) {
-      console.error(`Error: Profile "${profile}" not found.`);
-      console.log("Run 'pspm config add' to create it first.");
-      process.exit(1);
-    }
-    await setProfile(profile, { [key]: value });
-    console.log(`Updated ${key} for profile "${profile}".`);
-  } catch (error) {
-    const message = error instanceof Error ? error.message : "Unknown error";
-    console.error(`Error: ${message}`);
-    process.exit(1);
-  }
-}
 // src/commands/config/show.ts
-async function configShow(options, globalOptions) {
-  try {
-    if (options.name) {
-      const profile = await getProfile(options.name);
-      if (!profile) {
-        console.error(`Error: Profile "${options.name}" not found.`);
-        console.log("Run 'pspm config list' to see available profiles.");
-        process.exit(1);
-      }
-      const defaultProfile = await getDefaultProfileName();
-      const isDefault = options.name === defaultProfile;
-      console.log(`Profile: ${options.name}${isDefault ? " (default)" : ""}
-`);
-      console.log(`  Registry URL: ${profile.registryUrl}`);
-      console.log(`  API Key:      ${profile.apiKey ? "***" : "(not set)"}`);
-      console.log(`  Username:     ${profile.username || "(not set)"}`);
-    } else {
-      const resolved = await resolveConfig(globalOptions);
-      const projectConfig = await findProjectConfig();
-      const configPath = getConfigPath();
-      console.log("Resolved Configuration:\n");
-      console.log(`  Active Profile: ${resolved.profileName}`);
-      console.log(`  Profile Source: ${formatSource(resolved.profileSource)}`);
-      console.log(`  Registry URL:   ${resolved.registryUrl}`);
-      console.log(`  API Key:        ${resolved.apiKey ? "***" : "(not set)"}`);
-      console.log(`  Username:       ${resolved.username || "(not set)"}`);
-      console.log("");
-      console.log("Config Locations:");
-      console.log(`  User config:    ${configPath}`);
-      console.log(`  Project config: ${projectConfig ? ".pspmrc" : "(none)"}`);
-    }
-  } catch (error) {
-    const message = error instanceof Error ? error.message : "Unknown error";
-    console.error(`Error: ${message}`);
-    process.exit(1);
-  }
-}
-function formatSource(source) {
-  switch (source) {
-    case "cli":
-      return "--profile flag";
-    case "env":
-      return "PSPM_PROFILE env var";
-    case "project":
-      return ".pspmrc file";
-    case "user":
-      return "user config default";
-    case "default":
-      return "fallback default";
-    default:
-      return source;
-  }
-}
-// src/commands/config/use.ts
-async function configUse(name) {
+async function configShow() {
   try {
-    const profile = await getProfile(name);
-    if (!profile) {
-      console.error(`Error: Profile "${name}" not found.`);
-      console.log("Run 'pspm config list' to see available profiles.");
-      process.exit(1);
-    }
-    await setDefaultProfile(name);
-    console.log(`Default profile set to "${name}".`);
+    const resolved = await resolveConfig();
+    const projectConfig = await findProjectConfig();
+    const configPath = getConfigPath();
+    console.log("Resolved Configuration:\n");
+    console.log(`  Registry URL:   ${resolved.registryUrl}`);
+    console.log(`  API Key:        ${resolved.apiKey ? "***" : "(not set)"}`);
+    console.log(`  Username:       ${resolved.username || "(not set)"}`);
+    console.log("");
+    console.log("Config Locations:");
+    console.log(`  User config:    ${configPath}`);
+    console.log(`  Project config: ${projectConfig ? ".pspmrc" : "(none)"}`);
+    console.log("");
+    console.log("Environment Variables:");
+    console.log(
+      `  PSPM_REGISTRY_URL: ${process.env.PSPM_REGISTRY_URL || "(not set)"}`
+    );
+    console.log(
+      `  PSPM_API_KEY:      ${process.env.PSPM_API_KEY ? "***" : "(not set)"}`
+    );
   } catch (error) {
     const message = error instanceof Error ? error.message : "Unknown error";
     console.error(`Error: ${message}`);
     process.exit(1);
   }
 }
-async function install(options, globalOptions) {
+async function install(options) {
   try {
-    const apiKey = await requireApiKey(globalOptions);
-    await getRegistryUrl(globalOptions);
+    const apiKey = await requireApiKey();
+    await getRegistryUrl();
     const skillsDir = options.dir || getSkillsDir();
     const lockfile = await readLockfile();
     if (!lockfile) {
@@ -859,8 +686,9 @@ async function install(options, globalOptions) {
       }
       const [, username, name] = match;
       console.log(`Installing ${fullName}@${entry.version}...`);
+      const isPresignedUrl = entry.resolved.includes(".r2.cloudflarestorage.com") || entry.resolved.includes("X-Amz-Signature");
       const response = await fetch(entry.resolved, {
-        headers: {
+        headers: isPresignedUrl ? {} : {
           Authorization: `Bearer ${apiKey}`
         },
         redirect: "follow"
@@ -872,8 +700,8 @@ async function install(options, globalOptions) {
         continue;
       }
       const tarballBuffer = Buffer.from(await response.arrayBuffer());
-      const { createHash: createHash2 } = await import('crypto');
-      const actualIntegrity = `sha256-${createHash2("sha256").update(tarballBuffer).digest("base64")}`;
+      const { createHash: createHash3 } = await import('crypto');
+      const actualIntegrity = `sha256-${createHash3("sha256").update(tarballBuffer).digest("base64")}`;
       if (actualIntegrity !== entry.integrity) {
         console.error(`  Error: Checksum verification failed for ${fullName}`);
         if (options.frozenLockfile) {
@@ -1070,9 +898,8 @@ function startCallbackServer(expectedState) {
     );
   });
 }
-async function browserLogin(globalOptions) {
-  const resolved = await resolveConfig(globalOptions);
-  const registryUrl = await getRegistryUrl(globalOptions);
+async function browserLogin() {
+  const registryUrl = await getRegistryUrl();
   const webAppUrl = getWebAppUrl(registryUrl);
   const state = randomBytes(32).toString("base64url");
   console.log("Starting browser-based login...");
@@ -1091,41 +918,28 @@ async function browserLogin(globalOptions) {
   cleanup();
   console.log("Received token, exchanging for API key...");
   const { apiKey, username } = await exchangeCliToken2(registryUrl, token);
-  await setProfileCredentials(
-    resolved.profileName,
-    apiKey,
-    username,
-    registryUrl
-  );
+  await setCredentials(apiKey, username, registryUrl);
   console.log(`Logged in as ${username}`);
-  console.log(`Profile: ${resolved.profileName}`);
   console.log(`Registry: ${registryUrl}`);
 }
-async function directLogin(apiKey, globalOptions) {
+async function directLogin(apiKey) {
   console.log("Verifying API key...");
-  const resolved = await resolveConfig(globalOptions);
-  const registryUrl = await getRegistryUrl(globalOptions);
+  const registryUrl = await getRegistryUrl();
   const user = await whoamiRequest(registryUrl, apiKey);
   if (!user) {
     console.error("Error: Invalid API key or not authenticated");
     process.exit(1);
   }
-  await setProfileCredentials(
-    resolved.profileName,
-    apiKey,
-    user.username,
-    registryUrl
-  );
+  await setCredentials(apiKey, user.username, registryUrl);
   console.log(`Logged in as ${user.username}`);
-  console.log(`Profile: ${resolved.profileName}`);
   console.log(`Registry: ${registryUrl}`);
 }
-async function login(options, globalOptions) {
+async function login(options) {
   try {
     if (options.apiKey) {
-      await directLogin(options.apiKey, globalOptions);
+      await directLogin(options.apiKey);
     } else {
-      await browserLogin(globalOptions);
+      await browserLogin();
     }
   } catch (error) {
     const message = error instanceof Error ? error.message : "Unknown error";
@@ -1135,16 +949,15 @@ async function login(options, globalOptions) {
 }
 // src/commands/logout.ts
-async function logout(globalOptions) {
+async function logout() {
   try {
-    const resolved = await resolveConfig(globalOptions);
-    const loggedIn = await isLoggedIn(globalOptions);
+    const loggedIn = await isLoggedIn();
     if (!loggedIn) {
-      console.log(`Not logged in (profile: ${resolved.profileName}).`);
+      console.log("Not logged in.");
       return;
     }
-    await clearProfileCredentials(resolved.profileName);
-    console.log(`Logged out from profile "${resolved.profileName}".`);
+    await clearCredentials();
+    console.log("Logged out successfully.");
   } catch (error) {
     const message = error instanceof Error ? error.message : "Unknown error";
     console.error(`Error: ${message}`);
@@ -1152,10 +965,37 @@ async function logout(globalOptions) {
   }
 }
 var exec = promisify(exec$1);
-async function publishCommand(options, globalOptions) {
+function formatBytes(bytes) {
+  if (bytes < 1024) return `${bytes}B`;
+  if (bytes < 1024 * 1024) return `${(bytes / 1024).toFixed(1)}kB`;
+  return `${(bytes / (1024 * 1024)).toFixed(1)}MB`;
+}
+async function getFilesWithSizes(dir, baseDir) {
+  const results = [];
+  try {
+    const entries = await readdir(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      const fullPath = join(dir, entry.name);
+      const relativePath = relative(baseDir, fullPath);
+      if (entry.name === "node_modules" || entry.name === ".git") {
+        continue;
+      }
+      if (entry.isDirectory()) {
+        const subFiles = await getFilesWithSizes(fullPath, baseDir);
+        results.push(...subFiles);
+      } else {
+        const fileStat = await stat(fullPath);
+        results.push({ path: relativePath, size: fileStat.size });
+      }
+    }
+  } catch {
+  }
+  return results;
+}
+async function publishCommand(options) {
   try {
-    const apiKey = await requireApiKey(globalOptions);
-    const registryUrl = await getRegistryUrl(globalOptions);
+    const apiKey = await requireApiKey();
+    const registryUrl = await getRegistryUrl();
     const packageJsonPath = join(process.cwd(), "package.json");
     let packageJson2;
     try {
@@ -1185,8 +1025,6 @@ async function publishCommand(options, globalOptions) {
       packageJson2.version = newVersion;
       console.log(`Bumped version to ${newVersion}`);
     }
-    console.log(`Registry: ${registryUrl}`);
-    console.log(`Publishing ${packageJson2.name}@${packageJson2.version}...`);
     const safeName = packageJson2.name.replace(/[@/]/g, "-").replace(/^-+/, "");
     const tarballName = `${safeName}-${packageJson2.version}.tgz`;
     const tempDir = join(process.cwd(), ".pspm-publish");
@@ -1209,26 +1047,60 @@ async function publishCommand(options, globalOptions) {
         }
       }
       await exec(`cp package.json "${tempDir}/package/"`);
+      const packageDir = join(tempDir, "package");
+      const tarballContents = await getFilesWithSizes(packageDir, packageDir);
+      const unpackedSize = tarballContents.reduce((acc, f) => acc + f.size, 0);
       const tarballPath = join(tempDir, tarballName);
       await exec(
         `tar -czf "${tarballPath}" -C "${tempDir}" --exclude='node_modules' --exclude='.git' package`
       );
       const tarballBuffer = await readFile(tarballPath);
       const tarballBase64 = tarballBuffer.toString("base64");
-      configure({ baseUrl: registryUrl, apiKey });
+      const tarballSize = tarballBuffer.length;
+      const shasum = createHash("sha1").update(tarballBuffer).digest("hex");
+      const integrityHash = createHash("sha512").update(tarballBuffer).digest("base64");
+      const integrity = `sha512-${integrityHash}`;
+      console.log("");
+      console.log(`pspm notice`);
+      console.log(`pspm notice \u{1F4E6}  ${packageJson2.name}@${packageJson2.version}`);
+      console.log(`pspm notice Tarball Contents`);
+      tarballContents.sort((a, b) => b.size - a.size);
+      for (const file of tarballContents) {
+        console.log(
+          `pspm notice ${formatBytes(file.size).padStart(8)} ${file.path}`
+        );
+      }
+      console.log(`pspm notice Tarball Details`);
+      console.log(`pspm notice name:          ${packageJson2.name}`);
+      console.log(`pspm notice version:       ${packageJson2.version}`);
+      console.log(`pspm notice filename:      ${tarballName}`);
+      console.log(`pspm notice package size:  ${formatBytes(tarballSize)}`);
+      console.log(`pspm notice unpacked size: ${formatBytes(unpackedSize)}`);
+      console.log(`pspm notice shasum:        ${shasum}`);
+      console.log(
+        `pspm notice integrity:     ${integrity.substring(0, 50)}...`
+      );
+      console.log(`pspm notice total files:   ${tarballContents.length}`);
+      console.log(`pspm notice`);
+      console.log(`pspm notice Publishing to ${registryUrl} with tag latest`);
+      configure2({ registryUrl, apiKey });
       const response = await publishSkill({
         manifest: packageJson2,
         tarballBase64
       });
       if (response.status !== 200) {
-        const errorData = response.data;
-        const errorMessage = errorData?.error || errorData?.message || "Publish failed";
+        const errorMessage = extractApiErrorMessage(response, "Publish failed");
+        if (errorMessage.includes("must be greater than") || errorMessage.includes("already exists")) {
+          console.error(`pspm error code E403`);
+          console.error(
+            `pspm error 403 403 Forbidden - You cannot publish over the previously published versions: ${packageJson2.version}.`
+          );
+        }
         throw new Error(errorMessage);
       }
       const result = response.data;
       console.log(
-        `
-Published @user/${result.skill.username}/${result.skill.name}@${result.version.version}`
+        `+ @user/${result.skill.username}/${result.skill.name}@${result.version.version}`
       );
       console.log(`Checksum: ${result.version.checksum}`);
     } finally {
@@ -1238,37 +1110,9 @@ Published @user/${result.skill.username}/${result.skill.name}@${result.version.v
   } catch (error) {
     if (error instanceof Error) {
       console.error(`Error: ${error.message}`);
-      const anyError = error;
-      if (anyError.cause?.response) {
-        try {
-          const text = await anyError.cause.response.text();
-          console.error(`Response body: ${text}`);
-        } catch {
-        }
-      }
-      if (anyError.cause?.body) {
-        console.error(
-          `Cause body: ${JSON.stringify(anyError.cause.body, null, 2)}`
-        );
-      }
-      if (anyError.body) {
-        console.error(`Error body: ${JSON.stringify(anyError.body, null, 2)}`);
-      }
-      if (anyError.data) {
-        console.error(`Error data: ${JSON.stringify(anyError.data, null, 2)}`);
-      }
-      if (process.env.PSPM_DEBUG) {
-        console.error("\nFull error details:");
-        console.error(error);
-        if (error.stack) {
-          console.error("\nStack trace:");
-          console.error(error.stack);
-        }
-      }
     } else {
       console.error(`Error: ${String(error)}`);
     }
-    console.error("\nTip: Set PSPM_DEBUG=1 for more detailed error output");
     process.exit(1);
   }
 }
@@ -1329,10 +1173,10 @@ async function remove(nameOrSpecifier) {
 }
 // src/commands/unpublish.ts
-async function unpublish(specifier, options, globalOptions) {
+async function unpublish(specifier, options) {
   try {
-    const apiKey = await requireApiKey(globalOptions);
-    const registryUrl = await getRegistryUrl(globalOptions);
+    const apiKey = await requireApiKey();
+    const registryUrl = await getRegistryUrl();
     const parsed = parseSkillSpecifier(specifier);
     if (!parsed) {
       console.error(
@@ -1341,7 +1185,7 @@ async function unpublish(specifier, options, globalOptions) {
       process.exit(1);
     }
     const { username, name, versionRange } = parsed;
-    configure({ baseUrl: registryUrl, apiKey });
+    configure2({ registryUrl, apiKey });
     if (versionRange) {
       console.log(`Unpublishing ${specifier}...`);
       if (!options.force) {
@@ -1352,8 +1196,10 @@ async function unpublish(specifier, options, globalOptions) {
       }
       const response = await deleteSkillVersion(name, versionRange);
       if (response.status !== 200) {
-        const errorData = response.data;
-        const errorMessage = errorData?.error || errorData?.message || "Failed to unpublish. Version may not exist.";
+        const errorMessage = extractApiErrorMessage(
+          response,
+          "Failed to unpublish. Version may not exist."
+        );
         console.error(`Error: ${errorMessage}`);
         process.exit(1);
       }
@@ -1368,8 +1214,10 @@ async function unpublish(specifier, options, globalOptions) {
       }
       const response = await deleteSkill(name);
       if (response.status !== 200) {
-        const errorData = response.data;
-        const errorMessage = errorData?.error || errorData?.message || "Failed to unpublish. Skill may not exist.";
+        const errorMessage = extractApiErrorMessage(
+          response,
+          "Failed to unpublish. Skill may not exist."
+        );
         console.error(`Error: ${errorMessage}`);
         process.exit(1);
       }
@@ -1383,16 +1231,16 @@ async function unpublish(specifier, options, globalOptions) {
 }
 // src/commands/update.ts
-async function update(options, globalOptions) {
+async function update(options) {
   try {
-    const apiKey = await requireApiKey(globalOptions);
-    const registryUrl = await getRegistryUrl(globalOptions);
+    const apiKey = await requireApiKey();
+    const registryUrl = await getRegistryUrl();
     const skills = await listLockfileSkills();
     if (skills.length === 0) {
       console.log("No skills installed.");
       return;
     }
-    configure({ baseUrl: registryUrl, apiKey });
+    configure2({ registryUrl, apiKey });
     const updates = [];
     console.log("Checking for updates...\n");
     for (const { name, entry } of skills) {
@@ -1401,6 +1249,14 @@ async function update(options, globalOptions) {
       const [, username, skillName] = match;
       try {
         const versionsResponse = await listSkillVersions(username, skillName);
+        if (versionsResponse.status !== 200) {
+          const errorMessage = extractApiErrorMessage(
+            versionsResponse,
+            "Failed to fetch versions"
+          );
+          console.warn(`  Warning: ${name}: ${errorMessage}`);
+          continue;
+        }
         const versions = versionsResponse.data;
         if (versions.length === 0) continue;
         const versionStrings = versions.map(
@@ -1436,7 +1292,7 @@ async function update(options, globalOptions) {
       if (!match) continue;
       const [, username, skillName] = match;
       const specifier = `@user/${username}/${skillName}@${latest}`;
-      await add(specifier, {}, globalOptions);
+      await add(specifier, {});
     }
     console.log("\nAll skills updated.");
   } catch (error) {
@@ -1447,21 +1303,19 @@ async function update(options, globalOptions) {
 }
 // src/commands/whoami.ts
-async function whoami(globalOptions) {
+async function whoami() {
   try {
-    const resolved = await resolveConfig(globalOptions);
-    const apiKey = await requireApiKey(globalOptions);
-    const registryUrl = await getRegistryUrl(globalOptions);
+    const resolved = await resolveConfig();
+    const apiKey = await requireApiKey();
+    const registryUrl = await getRegistryUrl();
     const user = await whoamiRequest(registryUrl, apiKey);
     if (user) {
       console.log(`Username: ${user.username}`);
       console.log(`User ID:  ${user.userId}`);
       console.log(`Registry: ${registryUrl}`);
-      console.log(`Profile:  ${resolved.profileName}`);
     } else if (resolved.username) {
       console.log(`Username: ${resolved.username} (cached)`);
       console.log(`Registry: ${registryUrl}`);
-      console.log(`Profile:  ${resolved.profileName}`);
     } else {
       console.error("Could not determine current user.");
       process.exit(1);
@@ -1480,61 +1334,30 @@ var packageJson = JSON.parse(
 );
 var version = packageJson.version;
 var program = new Command();
-program.name("pspm").description("Prompt Skill Package Manager for AnyT").version(version).option("-p, --profile <name>", "Use a specific profile");
-function getGlobalOptions(cmd) {
-  let current = cmd;
-  while (current.parent) {
-    current = current.parent;
-  }
-  const opts = current.opts();
-  return {
-    profile: opts.profile
-  };
-}
-var configCmd = program.command("config").description("Manage PSPM configuration and profiles");
-configCmd.command("list").description("List all profiles").action(async () => {
-  await configList();
-});
-configCmd.command("show [name]").description("Show resolved config or a specific profile").action(async (name, _options, cmd) => {
-  const globalOptions = getGlobalOptions(cmd);
-  await configShow({ name }, globalOptions);
-});
-configCmd.command("add <name>").description("Create a new profile").option("--registry-url <url>", "Registry URL for the profile").action(async (name, options) => {
-  await configAdd(name, { registryUrl: options.registryUrl });
-});
-configCmd.command("use <name>").description("Set the default profile").action(async (name) => {
-  await configUse(name);
-});
-configCmd.command("set <profile> <key> <value>").description("Set a profile field (registryUrl, apiKey, username)").action(async (profile, key, value) => {
-  await configSet(profile, key, value);
-});
-configCmd.command("delete <name>").description("Delete a profile").action(async (name) => {
-  await configDelete(name);
+program.name("pspm").description("Prompt Skill Package Manager for AnyT").version(version);
+var configCmd = program.command("config").description("Manage PSPM configuration");
+configCmd.command("show").description("Show resolved configuration").action(async () => {
+  await configShow();
 });
-configCmd.command("init").description("Create a .pspmrc file in the current directory").option("--profile <name>", "Profile to use for this project").option("--registry-url <url>", "Registry URL override").action(async (options) => {
+configCmd.command("init").description("Create a .pspmrc file in the current directory").option("--registry <url>", "Registry URL override").action(async (options) => {
   await configInit({
-    profile: options.profile,
-    registryUrl: options.registryUrl
+    registry: options.registry
   });
 });
 program.command("login").description("Log in via browser or with an API key").option(
   "--api-key <key>",
   "API key for direct authentication (skips browser)"
-).action(async (options, cmd) => {
-  const globalOptions = getGlobalOptions(cmd);
-  await login({ apiKey: options.apiKey }, globalOptions);
+).action(async (options) => {
+  await login({ apiKey: options.apiKey });
 });
-program.command("logout").description("Log out and clear stored credentials").action(async (_options, cmd) => {
-  const globalOptions = getGlobalOptions(cmd);
-  await logout(globalOptions);
+program.command("logout").description("Log out and clear stored credentials").action(async () => {
+  await logout();
 });
-program.command("whoami").description("Show current user information").action(async (_options, cmd) => {
-  const globalOptions = getGlobalOptions(cmd);
-  await whoami(globalOptions);
+program.command("whoami").description("Show current user information").action(async () => {
+  await whoami();
 });
-program.command("add <specifier>").description("Add a skill (e.g., @user/bsheng/vite_slides@^2.0.0)").option("--save", "Save to lockfile (default)").action(async (specifier, options, cmd) => {
-  const globalOptions = getGlobalOptions(cmd);
-  await add(specifier, { save: options.save ?? true }, globalOptions);
+program.command("add <specifier>").description("Add a skill (e.g., @user/bsheng/vite_slides@^2.0.0)").option("--save", "Save to lockfile (default)").action(async (specifier, options) => {
+  await add(specifier, { save: options.save ?? true });
 });
 program.command("remove <name>").alias("rm").description("Remove an installed skill").action(async (name) => {
   await remove(name);
@@ -1542,33 +1365,23 @@ program.command("remove <name>").alias("rm").description("Remove an installed sk
 program.command("list").alias("ls").description("List installed skills").option("--json", "Output as JSON").action(async (options) => {
   await list({ json: options.json });
 });
-program.command("install").alias("i").description("Install all skills from lockfile").option("--frozen-lockfile", "Fail if lockfile is missing or outdated").option("--dir <path>", "Install skills to a specific directory").action(async (options, cmd) => {
-  const globalOptions = getGlobalOptions(cmd);
-  await install(
-    {
-      frozenLockfile: options.frozenLockfile,
-      dir: options.dir
-    },
-    globalOptions
-  );
+program.command("install").alias("i").description("Install all skills from lockfile").option("--frozen-lockfile", "Fail if lockfile is missing or outdated").option("--dir <path>", "Install skills to a specific directory").action(async (options) => {
+  await install({
+    frozenLockfile: options.frozenLockfile,
+    dir: options.dir
+  });
 });
-program.command("update").description("Update all skills to latest compatible versions").option("--dry-run", "Show what would be updated without making changes").action(async (options, cmd) => {
-  const globalOptions = getGlobalOptions(cmd);
-  await update({ dryRun: options.dryRun }, globalOptions);
+program.command("update").description("Update all skills to latest compatible versions").option("--dry-run", "Show what would be updated without making changes").action(async (options) => {
+  await update({ dryRun: options.dryRun });
 });
-program.command("publish").description("Publish current directory as a skill").option("--bump <level>", "Bump version (major, minor, patch)").option("--tag <tag>", "Tag for the release").action(async (options, cmd) => {
-  const globalOptions = getGlobalOptions(cmd);
-  await publishCommand(
-    {
-      bump: options.bump,
-      tag: options.tag
-    },
-    globalOptions
-  );
+program.command("publish").description("Publish current directory as a skill").option("--bump <level>", "Bump version (major, minor, patch)").option("--tag <tag>", "Tag for the release").action(async (options) => {
+  await publishCommand({
+    bump: options.bump,
+    tag: options.tag
+  });
 });
-program.command("unpublish <specifier>").description("Remove a published skill version").option("--force", "Confirm destructive action").action(async (specifier, options, cmd) => {
-  const globalOptions = getGlobalOptions(cmd);
-  await unpublish(specifier, { force: options.force }, globalOptions);
+program.command("unpublish <specifier>").description("Remove a published skill version").option("--force", "Confirm destructive action").action(async (specifier, options) => {
+  await unpublish(specifier, { force: options.force });
 });
 program.parse();
 //# sourceMappingURL=index.js.map