npm - @atomicmail/agent-skill - Versions diffs - 0.1.0 → 0.2.1 - Mend

@atomicmail/agent-skill 0.1.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (64) hide show

package/README.md +91 -0
package/SKILL.md +53 -193
package/esm/_dnt.polyfills.d.ts +101 -0
package/esm/_dnt.polyfills.d.ts.map +1 -0
package/esm/_dnt.polyfills.js +127 -0
package/esm/{skill/scripts/lib/auth.d.ts → lib/agent/auth/agent-auth-http.d.ts} +1 -17
package/esm/lib/agent/auth/agent-auth-http.d.ts.map +1 -0
package/esm/lib/agent/auth/agent-auth-http.js +76 -0
package/esm/lib/agent/auth/agent-jwt.d.ts +14 -0
package/esm/lib/agent/auth/agent-jwt.d.ts.map +1 -0
package/esm/lib/agent/auth/agent-jwt.js +29 -0
package/esm/lib/agent/auth/agent-pow.d.ts +5 -0
package/esm/lib/agent/auth/agent-pow.d.ts.map +1 -0
package/esm/lib/agent/auth/agent-pow.js +49 -0
package/esm/lib/agent/jmap/agent-help-content.d.ts +4 -0
package/esm/lib/agent/jmap/agent-help-content.d.ts.map +1 -0
package/esm/lib/agent/jmap/agent-help-content.js +244 -0
package/esm/lib/agent/jmap/agent-jmap.d.ts +49 -0
package/esm/lib/agent/jmap/agent-jmap.d.ts.map +1 -0
package/esm/lib/agent/jmap/agent-jmap.js +174 -0
package/esm/lib/agent/jmap/agent-vars.d.ts +23 -0
package/esm/lib/agent/jmap/agent-vars.d.ts.map +1 -0
package/esm/lib/agent/jmap/agent-vars.js +65 -0
package/esm/{skill/scripts/lib/credentials.d.ts → lib/agent/session/agent-credentials-store.d.ts} +4 -1
package/esm/lib/agent/session/agent-credentials-store.d.ts.map +1 -0
package/esm/{skill/scripts/lib/credentials.js → lib/agent/session/agent-credentials-store.js} +28 -8
package/esm/lib/agent/session/agent-resolve-config.d.ts +24 -0
package/esm/lib/agent/session/agent-resolve-config.d.ts.map +1 -0
package/esm/lib/agent/session/agent-resolve-config.js +70 -0
package/esm/lib/agent/session/agent-session.d.ts +62 -0
package/esm/lib/agent/session/agent-session.d.ts.map +1 -0
package/esm/lib/agent/session/agent-session.js +206 -0
package/esm/lib/core/consts.d.ts.map +1 -0
package/esm/lib/core/types.d.ts +2 -0
package/esm/lib/core/types.d.ts.map +1 -0
package/esm/lib/core/types.js +1 -0
package/esm/lib/core/utils.d.ts +10 -0
package/esm/lib/core/utils.d.ts.map +1 -0
package/esm/lib/core/utils.js +28 -0
package/esm/lib/mod.d.ts +14 -0
package/esm/lib/mod.d.ts.map +1 -0
package/esm/lib/mod.js +13 -0
package/esm/lib/network/auth-client.d.ts +57 -0
package/esm/lib/network/auth-client.d.ts.map +1 -0
package/esm/lib/network/auth-client.js +188 -0
package/esm/skill/cli.d.ts +3 -0
package/esm/skill/cli.d.ts.map +1 -0
package/esm/skill/cli.js +306 -0
package/package.json +5 -6
package/presets/list_inbox.json +39 -0
package/presets/reply.json +75 -0
package/presets/send_mail.json +42 -0
package/esm/lib/src/consts.d.ts.map +0 -1
package/esm/skill/scripts/jmap_request.d.ts +0 -3
package/esm/skill/scripts/jmap_request.d.ts.map +0 -1
package/esm/skill/scripts/jmap_request.js +0 -265
package/esm/skill/scripts/lib/auth.d.ts.map +0 -1
package/esm/skill/scripts/lib/auth.js +0 -163
package/esm/skill/scripts/lib/credentials.d.ts.map +0 -1
package/esm/skill/scripts/signup.d.ts +0 -3
package/esm/skill/scripts/signup.d.ts.map +0 -1
package/esm/skill/scripts/signup.js +0 -170
/package/esm/lib/{src → core}/consts.d.ts +0 -0
/package/esm/lib/{src → core}/consts.js +0 -0

package/esm/lib/network/auth-client.d.ts ADDED Viewed

@@ -0,0 +1,57 @@
+export interface AuthClientOptions {
+    /** Base URL of auth-service, e.g. "http://localhost:8000". Trailing slashes are stripped. */
+    baseUrl: string;
+    /**
+     * PoW scrypt salt (hex string). When omitted, {@link DEFAULT_POW_SCRYPT_SALT_HEX}
+     * is used so clients match the bundled auth-service.
+     */
+    scryptSaltHex?: string;
+}
+export interface SignupResult {
+    /** Freshly minted API key. The server only returns it once — persist it. */
+    apiKey: string;
+    sessionJWT: string;
+}
+export interface LoginResult {
+    sessionJWT: string;
+}
+export interface RenewResult {
+    capabilityJWT: string;
+}
+/** Thrown for any non-2xx HTTP response or malformed payload. */
+export declare class AuthClientError extends Error {
+    status: number;
+    bodyText: string;
+    constructor(status: number, bodyText: string, message: string);
+}
+export declare class AuthClient {
+    private readonly baseUrl;
+    private readonly scryptSaltHex;
+    constructor(options: AuthClientOptions);
+    /**
+     * Register a new inbox under `username`. Returns the freshly minted API key
+     * (the server only ever returns it once — the caller MUST persist it) and
+     * a session JWT.
+     */
+    signup(username: string): Promise<SignupResult>;
+    /** Exchange an existing API key for a fresh session JWT. */
+    login(apiKey: string): Promise<LoginResult>;
+    /**
+     * Exchange a session JWT for a short-lived capability JWT (audience:
+     * api-service).
+     */
+    renew(sessionJWT: string): Promise<RenewResult>;
+    private fetchChallenge;
+    private postSession;
+    private parseJsonOrThrow;
+    /**
+     * Brute-force a PoW nonce. Mirrors `generatePow` in
+     * services/auth-service/src/crypto.ts: scrypt(`${challenge}:${nonce}`, salt,
+     * 64) until `difficulty` leading bits of the digest are zero.
+     *
+     * Expected work at the server's POW_DIFFICULTY=6 is ~2^6 = 64 attempts; well
+     * within the challenge JWT's 3-minute TTL.
+     */
+    private solvePoW;
+}
+//# sourceMappingURL=auth-client.d.ts.map

package/esm/lib/network/auth-client.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth-client.d.ts","sourceRoot":"","sources":["../../../src/lib/network/auth-client.ts"],"names":[],"mappings":"AAoBA,MAAM,WAAW,iBAAiB;IAChC,6FAA6F;IAC7F,OAAO,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,YAAY;IAC3B,4EAA4E;IAC5E,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,iEAAiE;AACjE,qBAAa,eAAgB,SAAQ,KAAK;IACxC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;gBAEL,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAM9D;AAOD,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;gBAE3B,OAAO,EAAE,iBAAiB;IAKtC;;;;OAIG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAwBrD,4DAA4D;IACtD,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IAqBjD;;;OAGG;IACG,KAAK,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;YAgBvC,cAAc;YAkCd,WAAW;YAeX,gBAAgB;IAuB9B;;;;;;;OAOG;YACW,QAAQ;CAgBvB"}

package/esm/lib/network/auth-client.js ADDED Viewed

@@ -0,0 +1,188 @@
+// auth-client
+//
+// Thin HTTP client for services/auth-service. Encapsulates the full PoW
+// challenge → session → capability flow so callers (integration tests, the
+// future agent skill, etc.) don't have to reimplement scrypt grinding.
+//
+// The PoW digest is scrypt-based and uses the SAME salt the auth-service
+// uses on the verify path (see services/auth-service/src/crypto.ts). The
+// client must therefore be configured with that salt — there is no public
+// hash function here, the salt is part of the protocol.
+import { scrypt } from "node:crypto";
+import { DEFAULT_POW_SCRYPT_SALT_HEX } from "../core/consts.js";
+// Mirror services/auth-service/src/crypto.ts exactly. Changing any of these
+// constants on either side breaks PoW interop.
+const SCRYPT_PARAMS = { N: 16384, r: 8, p: 1 };
+const POW_HASH_BYTES = 64;
+/** Thrown for any non-2xx HTTP response or malformed payload. */
+export class AuthClientError extends Error {
+    status;
+    bodyText;
+    constructor(status, bodyText, message) {
+        super(message);
+        this.name = "AuthClientError";
+        this.status = status;
+        this.bodyText = bodyText;
+    }
+}
+export class AuthClient {
+    baseUrl;
+    scryptSaltHex;
+    constructor(options) {
+        this.baseUrl = options.baseUrl.replace(/\/+$/, "");
+        this.scryptSaltHex = options.scryptSaltHex ?? DEFAULT_POW_SCRYPT_SALT_HEX;
+    }
+    /**
+     * Register a new inbox under `username`. Returns the freshly minted API key
+     * (the server only ever returns it once — the caller MUST persist it) and
+     * a session JWT.
+     */
+    async signup(username) {
+        const { challengeJWT, challenge, difficulty } = await this.fetchChallenge();
+        const { powHex, nonce } = await this.solvePoW(challenge, difficulty);
+        const data = await this.postSession({
+            challengeJWT,
+            powHex,
+            nonce: nonce.toString(),
+            username,
+        });
+        if (typeof data.apiKey !== "string" ||
+            typeof data.sessionJWT !== "string") {
+            throw new AuthClientError(200, JSON.stringify(data), "Signup response missing apiKey or sessionJWT.");
+        }
+        return { apiKey: data.apiKey, sessionJWT: data.sessionJWT };
+    }
+    /** Exchange an existing API key for a fresh session JWT. */
+    async login(apiKey) {
+        const { challengeJWT, challenge, difficulty } = await this.fetchChallenge();
+        const { powHex, nonce } = await this.solvePoW(challenge, difficulty);
+        const data = await this.postSession({
+            challengeJWT,
+            powHex,
+            nonce: nonce.toString(),
+            apiKey,
+        });
+        if (typeof data.sessionJWT !== "string") {
+            throw new AuthClientError(200, JSON.stringify(data), "Login response missing sessionJWT.");
+        }
+        return { sessionJWT: data.sessionJWT };
+    }
+    /**
+     * Exchange a session JWT for a short-lived capability JWT (audience:
+     * api-service).
+     */
+    async renew(sessionJWT) {
+        const res = await fetch(`${this.baseUrl}/api/v1/capability`, {
+            method: "POST",
+            headers: { Authorization: `Bearer ${sessionJWT}` },
+        });
+        const data = await this.parseJsonOrThrow(res, "capability");
+        if (typeof data.capabilityJWT !== "string") {
+            throw new AuthClientError(res.status, JSON.stringify(data), "Capability response missing capabilityJWT.");
+        }
+        return { capabilityJWT: data.capabilityJWT };
+    }
+    async fetchChallenge() {
+        const res = await fetch(`${this.baseUrl}/api/v1/challenge`, {
+            method: "POST",
+        });
+        const data = await this.parseJsonOrThrow(res, "challenge");
+        if (typeof data.challengeJWT !== "string") {
+            throw new AuthClientError(res.status, JSON.stringify(data), "Challenge response missing challengeJWT.");
+        }
+        const payload = decodeJwtPayload(data.challengeJWT);
+        if (typeof payload.jti !== "string" ||
+            typeof payload.difficulty !== "number") {
+            throw new AuthClientError(res.status, data.challengeJWT, "Challenge JWT payload is malformed (missing jti or difficulty).");
+        }
+        return {
+            challengeJWT: data.challengeJWT,
+            challenge: payload.jti,
+            difficulty: payload.difficulty,
+        };
+    }
+    async postSession(body) {
+        const res = await fetch(`${this.baseUrl}/api/v1/session`, {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify(body),
+        });
+        return await this.parseJsonOrThrow(res, "session");
+    }
+    async parseJsonOrThrow(res, endpoint) {
+        const text = await res.text();
+        if (!res.ok) {
+            throw new AuthClientError(res.status, text, `auth-service ${endpoint} returned ${res.status}: ${text}`);
+        }
+        try {
+            return JSON.parse(text);
+        }
+        catch {
+            throw new AuthClientError(res.status, text, `auth-service ${endpoint} returned non-JSON body.`);
+        }
+    }
+    /**
+     * Brute-force a PoW nonce. Mirrors `generatePow` in
+     * services/auth-service/src/crypto.ts: scrypt(`${challenge}:${nonce}`, salt,
+     * 64) until `difficulty` leading bits of the digest are zero.
+     *
+     * Expected work at the server's POW_DIFFICULTY=6 is ~2^6 = 64 attempts; well
+     * within the challenge JWT's 3-minute TTL.
+     */
+    async solvePoW(challenge, difficulty) {
+        let nonce = 0n;
+        while (true) {
+            const digest = await scryptHash(`${challenge}:${nonce}`, this.scryptSaltHex);
+            if (hasLeadingZeroBits(digest, difficulty)) {
+                return { powHex: bytesToHex(digest), nonce };
+            }
+            nonce++;
+        }
+    }
+}
+function scryptHash(data, salt) {
+    const bytes = new TextEncoder().encode(data);
+    return new Promise((resolve, reject) => {
+        scrypt(bytes, salt, POW_HASH_BYTES, SCRYPT_PARAMS, (err, derived) => {
+            if (err)
+                return reject(err);
+            resolve(new Uint8Array(derived));
+        });
+    });
+}
+function hasLeadingZeroBits(hash, bits) {
+    if (bits > hash.length * 8)
+        return false;
+    const fullBytes = Math.floor(bits / 8);
+    const remainingBits = bits % 8;
+    for (let i = 0; i < fullBytes; i++) {
+        if (hash[i] !== 0)
+            return false;
+    }
+    if (remainingBits > 0) {
+        const mask = (0xff << (8 - remainingBits)) & 0xff;
+        if ((hash[fullBytes] & mask) !== 0)
+            return false;
+    }
+    return true;
+}
+function bytesToHex(bytes) {
+    let hex = "";
+    for (let i = 0; i < bytes.length; i++) {
+        hex += bytes[i].toString(16).padStart(2, "0");
+    }
+    return hex;
+}
+function decodeJwtPayload(jwt) {
+    const parts = jwt.split(".");
+    if (parts.length < 2) {
+        throw new Error("Malformed JWT: expected at least 2 dot-separated segments.");
+    }
+    const payloadB64Url = parts[1];
+    const padLen = (4 - (payloadB64Url.length % 4)) % 4;
+    const base64 = payloadB64Url
+        .replace(/-/g, "+")
+        .replace(/_/g, "/")
+        .padEnd(payloadB64Url.length + padLen, "=");
+    return JSON.parse(atob(base64));
+}

package/esm/skill/cli.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+import "../_dnt.polyfills.js";
+//# sourceMappingURL=cli.d.ts.map

package/esm/skill/cli.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../../src/skill/cli.ts"],"names":[],"mappings":";AAEA,OAAO,sBAAsB,CAAC"}

package/esm/skill/cli.js ADDED Viewed

@@ -0,0 +1,306 @@
+#!/usr/bin/env node
+// Atomic Mail AgentSkill — register | jmap_request | help
+import "../_dnt.polyfills.js";
+import process from "node:process";
+import { parseArgs } from "node:util";
+import { resolve } from "node:path";
+import { homedir } from "node:os";
+import { AgentSession, DEFAULT_JMAP_USING, DEFAULT_POW_SCRYPT_SALT_HEX, defaultFilesFromOutDir, getHelp, persistLoginWithApiKey, readCredentials, readOpsFile, runJmapRequest, } from "../lib/mod.js";
+const USAGE = `Atomic Mail — AgentSkill
+Usage:
+  atomicmail <command> [options]
+Commands:
+  register       PoW signup or login with API key (writes credentials)
+  jmap_request   Send a JMAP batch (inline --ops or --ops-file preset)
+  help           Full documentation [--topic TOPIC]
+Examples:
+  atomicmail register --username alice
+  atomicmail register --api-key UUID
+  atomicmail jmap_request --credentials-dir ./.atomic-mail --ops-file fetch.json
+  atomicmail jmap_request --credentials-dir ./.atomic-mail --ops-file send.json --vars '{"TO":"a@b.com","SUBJECT":"Hi"}'
+  atomicmail help --topic presets
+Run  atomicmail <command> --help  for command-specific flags.
+`;
+function exitUsage(code = 0) {
+    process.stdout.write(USAGE);
+    process.exit(code);
+}
+function fail(message, code = 1) {
+    process.stderr.write(`Error: ${message}\n`);
+    process.exit(code);
+}
+function resolveCredentialDir(dir) {
+    const raw = dir ?? process.env.ATOMIC_MAIL_CREDENTIALS_DIR ?? "~/.atomicmail";
+    if (raw === "~")
+        return homedir();
+    return resolve(raw.replace(/^~\//, `${homedir()}/`));
+}
+async function cmdRegister(argv) {
+    let parsed;
+    try {
+        parsed = parseArgs({
+            args: argv,
+            options: {
+                "auth-url": { type: "string" },
+                "api-url": { type: "string" },
+                "scrypt-salt": { type: "string" },
+                username: { type: "string" },
+                "api-key": { type: "string" },
+                "credentials-dir": { type: "string" },
+                quiet: { type: "boolean" },
+                help: { type: "boolean", short: "h" },
+            },
+            strict: true,
+            allowPositionals: false,
+        });
+    }
+    catch (err) {
+        fail(err.message, 2);
+    }
+    if (parsed.values.help) {
+        process.stdout.write(`Usage: atomicmail register [OPTIONS]
+Register a new inbox (--username) or log in with an existing API key (--api-key).
+Options:
+  --auth-url URL       Auth-service base URL [env: ATOMIC_MAIL_AUTH_URL, default: https://auth.atomicmail.ai]
+  --api-url URL        API / JMAP base URL [env: ATOMIC_MAIL_API_URL, default: https://api.atomicmail.ai]
+  --scrypt-salt SALT   PoW salt override [env: ATOMIC_MAIL_SCRYPT_SALT]
+  --username NAME      New account (mutually exclusive with --api-key)
+  --api-key KEY        Existing API key (mutually exclusive with --username)
+  --credentials-dir DIR  Credential directory (default: ~/.atomicmail)
+  --quiet              Less stderr output
+  --help, -h           This message
+`);
+        process.exit(0);
+    }
+    const env = process.env;
+    const authUrl = parsed.values["auth-url"] ??
+        env.ATOMIC_MAIL_AUTH_URL ?? "https://auth.atomicmail.ai";
+    const apiUrl = parsed.values["api-url"] ??
+        env.ATOMIC_MAIL_API_URL ?? "https://api.atomicmail.ai";
+    const scryptSalt = parsed.values["scrypt-salt"] ??
+        env.ATOMIC_MAIL_SCRYPT_SALT ?? DEFAULT_POW_SCRYPT_SALT_HEX;
+    const dir = parsed.values["credentials-dir"];
+    const credentialDir = resolveCredentialDir(dir);
+    const username = parsed.values.username;
+    const apiKey = parsed.values["api-key"];
+    if (!!username === !!apiKey) {
+        fail("Provide exactly one of --username (new account) or --api-key (login).", 2);
+    }
+    const files = defaultFilesFromOutDir(credentialDir);
+    const log = (msg) => {
+        if (!parsed.values.quiet)
+            process.stderr.write(msg + "\n");
+    };
+    if (username) {
+        log(`Registering "${username}"...`);
+        const session = await AgentSession.create({
+            authUrl,
+            apiUrl,
+            scryptSalt,
+            credentialDir,
+            files,
+        });
+        const result = await session.register(username);
+        log(`Wrote credentials under ${credentialDir}`);
+        process.stdout.write(JSON.stringify(result, null, 2) + "\n");
+        return;
+    }
+    log("Logging in with API key...");
+    const { inboxId } = await persistLoginWithApiKey({
+        authUrl,
+        apiUrl,
+        scryptSalt,
+        apiKey: apiKey,
+        files,
+    });
+    log(`Wrote ${files.credentialsFile}`);
+    process.stdout.write(JSON.stringify({ inboxId }, null, 2) + "\n");
+}
+async function cmdJmapRequest(argv) {
+    let parsed;
+    try {
+        parsed = parseArgs({
+            args: argv,
+            options: {
+                "credentials-dir": { type: "string" },
+                "credentials-file": { type: "string" },
+                "session-file": { type: "string" },
+                "capability-file": { type: "string" },
+                ops: { type: "string" },
+                "ops-file": { type: "string" },
+                using: { type: "string" },
+                "dry-run": { type: "boolean" },
+                vars: { type: "string" },
+                help: { type: "boolean", short: "h" },
+            },
+            strict: true,
+            allowPositionals: false,
+        });
+    }
+    catch (err) {
+        fail(err.message, 2);
+    }
+    if (parsed.values.help) {
+        process.stdout.write(`Usage: atomicmail jmap_request [OPTIONS]
+Send a JMAP request using saved credentials.
+Options:
+  --credentials-dir DIR      Directory with credentials.json + JWTs (default: ~/.atomicmail)
+  --credentials-file PATH    Override credentials.json path
+  --session-file PATH        Override session.jwt path
+  --capability-file PATH     Override capability.jwt path
+  --ops JSON                 Inline JMAP JSON (methodCalls or envelope)
+  --ops-file PATH            Preset file ($VAR_NAME placeholders supported)
+  --vars JSON                JSON object { VAR_NAME: string } for $VAR_NAME in ops / ops-file
+  --using LIST               Comma-separated capability URNs (optional)
+  --dry-run                  Print resolved request only
+  --help, -h                 This message
+`);
+        process.exit(0);
+    }
+    const dir = parsed.values["credentials-dir"];
+    const credentialDir = resolveCredentialDir(dir);
+    const defaults = defaultFilesFromOutDir(credentialDir);
+    const credentialsFile = parsed.values["credentials-file"] ??
+        defaults.credentialsFile;
+    const sessionFile = parsed.values["session-file"] ??
+        defaults.sessionFile;
+    const capabilityFile = parsed.values["capability-file"] ??
+        defaults.capabilityFile;
+    const ops = parsed.values.ops;
+    const opsFile = parsed.values["ops-file"];
+    if (ops && opsFile) {
+        fail("--ops and --ops-file are mutually exclusive.", 2);
+    }
+    if (!ops && !opsFile) {
+        fail("Provide --ops or --ops-file.", 2);
+    }
+    const usingFlag = parsed.values.using;
+    const defaultUsing = usingFlag
+        ? usingFlag.split(",").map((s) => s.trim()).filter((s) => s.length > 0)
+        : [...DEFAULT_JMAP_USING];
+    let userVars;
+    const varsFlag = parsed.values.vars;
+    if (varsFlag !== undefined) {
+        let obj;
+        try {
+            obj = JSON.parse(varsFlag);
+        }
+        catch (err) {
+            fail(`--vars is not valid JSON: ${err.message}`, 2);
+        }
+        if (!obj || typeof obj !== "object" || Array.isArray(obj)) {
+            fail("--vars must be a JSON object of { VAR_NAME: string }.", 2);
+        }
+        for (const [k, v] of Object.entries(obj)) {
+            if (!/^[A-Z][A-Z0-9_]*$/.test(k)) {
+                fail(`--vars key '${k}' must match /^[A-Z][A-Z0-9_]*$/.`, 2);
+            }
+            if (typeof v !== "string") {
+                fail(`--vars value for '${k}' must be a string.`, 2);
+            }
+        }
+        userVars = obj;
+    }
+    const creds = await readCredentials(credentialsFile);
+    const files = {
+        credentialsFile,
+        sessionFile,
+        capabilityFile,
+    };
+    const session = await AgentSession.create({
+        authUrl: creds.authUrl,
+        apiUrl: creds.apiUrl,
+        scryptSalt: creds.scryptSalt,
+        apiKey: creds.apiKey,
+        inboxId: creds.inboxId,
+        credentialDir,
+        files,
+    });
+    let raw;
+    let sourceLabel;
+    if (opsFile) {
+        try {
+            raw = await readOpsFile(credentialDir, opsFile);
+        }
+        catch (err) {
+            fail(`Could not read --ops-file: ${err.message}`, 2);
+        }
+        sourceLabel = opsFile;
+    }
+    else {
+        raw = ops;
+        sourceLabel = "ops";
+    }
+    const { ok, status, bodyText } = await runJmapRequest({
+        session,
+        opsJson: raw,
+        defaultUsing,
+        sourceLabel,
+        dryRun: parsed.values["dry-run"] === true,
+        vars: userVars,
+    });
+    if (!ok) {
+        fail(`JMAP request failed (HTTP ${status}): ${bodyText}`, 1);
+    }
+    process.stdout.write(bodyText.endsWith("\n") ? bodyText : bodyText + "\n");
+}
+function cmdHelp(argv) {
+    let parsed;
+    try {
+        parsed = parseArgs({
+            args: argv,
+            options: {
+                topic: { type: "string" },
+                help: { type: "boolean", short: "h" },
+            },
+            strict: true,
+            allowPositionals: false,
+        });
+    }
+    catch (err) {
+        fail(err.message, 2);
+    }
+    if (parsed.values.help) {
+        process.stdout.write(`Usage: atomicmail help [--topic TOPIC]
+Topics include: overview, installation, auth, jmap_cheatsheet, tools, presets, troubleshooting.
+`);
+        process.exit(0);
+    }
+    const topic = parsed.values.topic;
+    process.stdout.write(getHelp(topic) + "\n");
+}
+async function main() {
+    const argv = process.argv.slice(2);
+    if (argv.length === 0 || argv[0] === "-h" || argv[0] === "--help") {
+        exitUsage(0);
+    }
+    const cmd = argv[0];
+    const rest = argv.slice(1);
+    switch (cmd) {
+        case "register":
+            await cmdRegister(rest);
+            break;
+        case "jmap_request":
+            await cmdJmapRequest(rest);
+            break;
+        case "help":
+            cmdHelp(rest);
+            break;
+        default:
+            process.stderr.write(`Unknown command: ${cmd}\n\n`);
+            process.stdout.write(USAGE);
+            process.exit(2);
+    }
+}
+main().catch((err) => {
+    fail(err instanceof Error ? err.message : String(err));
+});

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@atomicmail/agent-skill",
-  "version": "0.1.0",
-  "description": "Atomic Mail agent skill — PoW signup + JMAP request CLIs for AI agents.",
+  "version": "0.2.1",
+  "description": "Atomic Mail AgentSkill — register, jmap_request, and help CLI for AI agents.",
   "keywords": [
     "atomic-mail",
     "atomicmail",
@@ -16,16 +16,15 @@
   ],
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/atomic-mail/agentic-mail.git"
+    "url": "git+https://github.com/atomic-mail/agentic-clients.git"
   },
   "license": "MIT",
   "bugs": {
-    "url": "https://github.com/atomic-mail/agentic-mail/issues"
+    "url": "https://github.com/atomic-mail/agentic-clients/issues"
   },
   "scripts": {},
   "bin": {
-    "atomic-mail-signup": "./esm/skill/scripts/signup.js",
-    "atomic-mail-jmap": "./esm/skill/scripts/jmap_request.js"
+    "atomicmail": "./esm/skill/cli.js"
   },
   "engines": {
     "node": ">=20"

package/presets/list_inbox.json ADDED Viewed

@@ -0,0 +1,39 @@
+{
+  "using": [
+    "urn:ietf:params:jmap:core",
+    "urn:ietf:params:jmap:mail"
+  ],
+  "methodCalls": [
+    [
+      "Email/query",
+      {
+        "accountId": "$ACCOUNT_ID",
+        "filter": { "inMailbox": "$INBOX" },
+        "sort": [{ "property": "receivedAt", "isAscending": false }],
+        "limit": "$COUNT"
+      },
+      "q0"
+    ],
+    [
+      "Email/get",
+      {
+        "accountId": "$ACCOUNT_ID",
+        "#ids": {
+          "resultOf": "q0",
+          "name": "Email/query",
+          "path": "/ids"
+        },
+        "properties": [
+          "id",
+          "threadId",
+          "receivedAt",
+          "from",
+          "to",
+          "subject",
+          "preview"
+        ]
+      },
+      "g0"
+    ]
+  ]
+}